Overview

overview

10

Static

static

10

file01.ps1

windows7-x64

8

file01.ps1

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    file01.ps1

  • Size

    108B

  • Sample

    220912-wb4feadgc5

  • MD5

    acfaea42a91501a4385600127e5cca07

  • SHA1

    8f0fc117fc1ec00a1447be7b46626e732cb72687

  • SHA256

    a6b3df0aa176236e3b7504d407400538d51f1449f11bbe75c81b265bc298d984

  • SHA512

    dae5369e0f7bcda377eeca73db8d8b40eb9e1764a5ebacb1b54ff9fae213aead3d1ebb62a4f3d0d379b4b5701d62eed72467f7e8512f6bf79e9312ef674cec1e

Score
10/10

Malware Config

Extracted

Language
ps1
Deobfuscated
URLs
ps1.dropper

http://groups.us.to:69/d

Targets

    • Target

      file01.ps1

    • Size

      108B

    • MD5

      acfaea42a91501a4385600127e5cca07

    • SHA1

      8f0fc117fc1ec00a1447be7b46626e732cb72687

    • SHA256

      a6b3df0aa176236e3b7504d407400538d51f1449f11bbe75c81b265bc298d984

    • SHA512

      dae5369e0f7bcda377eeca73db8d8b40eb9e1764a5ebacb1b54ff9fae213aead3d1ebb62a4f3d0d379b4b5701d62eed72467f7e8512f6bf79e9312ef674cec1e

    Score
    8/10

    • Blocklisted process makes network request

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks