PS.ps1

General
Target

PS.ps1

Size

490B

Sample

210504-v1wpxgn39j

Score
8 /10
MD5

a09dc5b1b69075b7b82d656cc0766e30

SHA1

a3a060e7ab02cecfdd115ab415da947146e37193

SHA256

0ab6b8351024ac1bd5a7852563a5039135e32c68b528e5d1061722f5d3650999

SHA512

49dc33d8b67ab387fe2859325cfc47b77f62ba745ca91b0104f23ca3162c4071d3c85e04c119a09cc0ca31a30545a81b1e8ae173f4ccfba5bf4af45ada4d68df

Malware Config
Targets
Target

PS.ps1

MD5

a09dc5b1b69075b7b82d656cc0766e30

Filesize

490B

Score
8 /10
SHA1

a3a060e7ab02cecfdd115ab415da947146e37193

SHA256

0ab6b8351024ac1bd5a7852563a5039135e32c68b528e5d1061722f5d3650999

SHA512

49dc33d8b67ab387fe2859325cfc47b77f62ba745ca91b0104f23ca3162c4071d3c85e04c119a09cc0ca31a30545a81b1e8ae173f4ccfba5bf4af45ada4d68df

Signatures

  • Blocklisted process makes network request

  • Downloads MZ/PE file

  • Executes dropped EXE

  • Suspicious use of NtSetInformationThreadHideFromDebugger

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
          Execution
            Exfiltration
              Impact
                Initial Access
                  Lateral Movement
                    Persistence
                      Privilege Escalation
                        Tasks

                        static1

                        behavioral1

                        8/10

                        behavioral2

                        8/10