General
-
Target
weJNgSX4.posh
-
Size
3KB
-
Sample
220826-s3887aedel
-
MD5
1fec6fbbfaf055b9f9809e578c9c7d43
-
SHA1
9b360a23ed930cdaf1a22600fad13adf87a51fef
-
SHA256
1da0ce0810952354a5e288a3dd6690338228933c5ff726d317c4748a4322e6dd
-
SHA512
0505ee6f3d6d67367d78f378a11c79d2a325e420bb6fc9bd6912d1c7d7b946aeed3ed45b2d0f7f8c2ae5ce3ea78618c6c1ed237313e8a23f1aa7d940ce22e6ed
Behavioral task
behavioral1
Sample
weJNgSX4.ps1
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
weJNgSX4.ps1
Resource
win10v2004-20220812-en
Malware Config
Extracted
metasploit
metasploit_stager
82.2.66.222:4444
Targets
-
-
Target
weJNgSX4.posh
-
Size
3KB
-
MD5
1fec6fbbfaf055b9f9809e578c9c7d43
-
SHA1
9b360a23ed930cdaf1a22600fad13adf87a51fef
-
SHA256
1da0ce0810952354a5e288a3dd6690338228933c5ff726d317c4748a4322e6dd
-
SHA512
0505ee6f3d6d67367d78f378a11c79d2a325e420bb6fc9bd6912d1c7d7b946aeed3ed45b2d0f7f8c2ae5ce3ea78618c6c1ed237313e8a23f1aa7d940ce22e6ed
Score8/10-
Blocklisted process makes network request
-