» internet_explorerpatch.hta
Overview
Analysis
File Details
Downloads (1)

internet_explorerpatch.hta

The file internet_explorerpatch.hta has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. The file has been seen being downloaded from 527.b9bajo-zh.aitainetfirms.org.

File name:

MD5:

d0a42a1c19cda5783d7c86355fa5d273

SHA-1:

3826949bfb654d88e9f3547161de4d56147686df

SHA-256:

ec2d09d2befbaa8c1927dec63ff216b86b81aeb12e5e23b2e7339a91cc02f0ea

Scanner detections:

1 / 68

Status:

Potentially unwanted

Analysis date:

5/13/2024 4:44:02 AM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

PUP.Downloader.Meta (M)

16.1.24.7

File size:

570 Bytes

Common path:

C:\users\{user}\appdata\local\microsoft\windows\temporary internet files\content.ie5\{random}\internet_explorerpatch.hta

File PE Metadata

OS bitness:

Win64

CTPH (ssdeep):

12:7amQtf3qnkcbBdS7hEL0YgRIMimngd3pokz1QhUcTQUkaTu4a4cWJW0J78OMa:7amilc0WLbgtr2ehFrTJYOMa

The file internet_explorerpatch.hta has been seen being distributed by the following URL.

http://527.b9bajo-zh.aitainetfirms.org/3441650275670/.../Internet_ExplorerPatch.hta

Remove internet_explorerpatch.hta - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.