General
-
Target
haywood.ps1
-
Size
1.4MB
-
Sample
200826-ar6n6hhgej
-
MD5
d87fcd8d2bf450b0056a151e9a116f72
-
SHA1
48cb6bdbe092e5a90c778114b2dda43ce3221c9f
-
SHA256
3090bff3d16b0b150444c3bfb196229ba0ab0b6b826fa306803de0192beddb80
-
SHA512
61a636aca3d224dcd2ed29ca000cf0ecf88f51ffd7cb5182ea4599c9e889cb74b78824d93c7383457bd6d591506202527d44c6a15c93a9ab9cfc8230faddd04b
Static task
static1
Behavioral task
behavioral1
Sample
haywood.ps1
Resource
win7
Behavioral task
behavioral2
Sample
haywood.ps1
Resource
win10v200722
Malware Config
Targets
-
-
Target
haywood.ps1
-
Size
1.4MB
-
MD5
d87fcd8d2bf450b0056a151e9a116f72
-
SHA1
48cb6bdbe092e5a90c778114b2dda43ce3221c9f
-
SHA256
3090bff3d16b0b150444c3bfb196229ba0ab0b6b826fa306803de0192beddb80
-
SHA512
61a636aca3d224dcd2ed29ca000cf0ecf88f51ffd7cb5182ea4599c9e889cb74b78824d93c7383457bd6d591506202527d44c6a15c93a9ab9cfc8230faddd04b
Score10/10-
Chimera
Ransomware which infects local and network files, often distributed via Dropbox links.
-
Blacklisted process makes network request
-
Drops startup file
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Modifies service
-