General
-
Target
script.ps1
-
Size
3KB
-
Sample
220816-afcycscca7
-
MD5
b76eaa56add03e68ff85fe826d3c613c
-
SHA1
efcf463aac56b459561b4cd6c8e0b06cf3f001c3
-
SHA256
43173f4b9444300961120fa5b3ab3bb9e893816ec9060cbf7144538e2ad177f6
-
SHA512
61f1ff4fc51ae18b704130f088a28e08195001dda22af3254967ae8dd9b65d9521afd8751070c3baeed2ad8377e7fa5597791c2c3a41ad58c4c4ba1e9bc36b31
Static task
static1
Behavioral task
behavioral1
Sample
script.ps1
Resource
win7-20220812-en
Malware Config
Extracted
vjw0rm
http://185.81.157.47:9405
Targets
-
-
Target
script.ps1
-
Size
3KB
-
MD5
b76eaa56add03e68ff85fe826d3c613c
-
SHA1
efcf463aac56b459561b4cd6c8e0b06cf3f001c3
-
SHA256
43173f4b9444300961120fa5b3ab3bb9e893816ec9060cbf7144538e2ad177f6
-
SHA512
61f1ff4fc51ae18b704130f088a28e08195001dda22af3254967ae8dd9b65d9521afd8751070c3baeed2ad8377e7fa5597791c2c3a41ad58c4c4ba1e9bc36b31
-
Blocklisted process makes network request
-
Drops startup file
-