General
-
Target
file01.ps1
-
Size
7KB
-
Sample
220727-zzct5sdda2
-
MD5
eaff783094403dbfc4ef8419b18106b3
-
SHA1
a63c6f4e944afb5ae9794d4a5881dd8bc7b11fd2
-
SHA256
98ed106214691f992cd498dcc9e8c38fada04df2ce6b91fd1a42247427d33e71
-
SHA512
bac74535e269410b3e4b5b5fff43729228751d26c6508d0b6b9c4d9422c1a7896cae12828a20f43383492dc4d800fb36319920f648568371cd12f36e29164ed9
Static task
static1
Behavioral task
behavioral1
Sample
file01.ps1
Resource
win7-20220715-en
Behavioral task
behavioral2
Sample
file01.ps1
Resource
win10v2004-20220721-en
Malware Config
Extracted
metasploit
windows/reverse_http
http://52.162.84.224:443/LR43K5ZE-D1bNlo3OgaerQHveFyLk
Targets
-
-
Target
file01.ps1
-
Size
7KB
-
MD5
eaff783094403dbfc4ef8419b18106b3
-
SHA1
a63c6f4e944afb5ae9794d4a5881dd8bc7b11fd2
-
SHA256
98ed106214691f992cd498dcc9e8c38fada04df2ce6b91fd1a42247427d33e71
-
SHA512
bac74535e269410b3e4b5b5fff43729228751d26c6508d0b6b9c4d9422c1a7896cae12828a20f43383492dc4d800fb36319920f648568371cd12f36e29164ed9
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Blocklisted process makes network request
-