Overview

overview

10

Static

static

10

0ZyLuMsm.ps1

windows7-x64

8

0ZyLuMsm.ps1

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    0ZyLuMsm.posh

  • Size

    3KB

  • Sample

    220826-tdnfvseehq

  • MD5

    236285a8cc63669302f69d8087edb66e

  • SHA1

    8581592c092100505a15f701697584809cf33ccf

  • SHA256

    454add1bfdc98b944ed97984f1771ec09c9a4c869e3fb6936573d0db8a83ac30

  • SHA512

    c36bb0f60610531b4d6704baeb193fce0ad97f4915e02a2a17daa54a12ffd4777c5ac2240fe00ede18b82da92afa263ae364e0dfbae9abbb0152ed33cfc7e088

Score
10/10
metasploit

Malware Config

Extracted

Family

metasploit

Version

metasploit_stager

C2

82.2.66.222:21

Targets

    • Target

      0ZyLuMsm.posh

    • Size

      3KB

    • MD5

      236285a8cc63669302f69d8087edb66e

    • SHA1

      8581592c092100505a15f701697584809cf33ccf

    • SHA256

      454add1bfdc98b944ed97984f1771ec09c9a4c869e3fb6936573d0db8a83ac30

    • SHA512

      c36bb0f60610531b4d6704baeb193fce0ad97f4915e02a2a17daa54a12ffd4777c5ac2240fe00ede18b82da92afa263ae364e0dfbae9abbb0152ed33cfc7e088

    Score
    8/10

    • Blocklisted process makes network request

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks