.. /.Hta

Executable
Script
Native
Double Click

Author:

mr.d0x

Description:

HTA or HTML Application is a Windows program that consists of HTML and a scripting language suppported by Internet Explorer (e.g. VBScript).

OS:

Windows

Recommendation:

Block all HTA files from being downloaded or executed. Alternatively, change the default application for HTA files to a text editor such as Notepad.

Resources:

https://blog.malwarebytes.com/cybercrime/2016/09/surfacing-hta-infections/

File Samples:

https://www.joesandbox.com/analysis/84810/0/html
https://www.hybrid-analysis.com/sample/b706abb571f4efe5dcb3c9a0e39dd27de84c88fa83f456e39848c1d44ee7d4d9/5cd05d1802883869072180d3

Contributions: