General
-
Target
GOLGAPORA.PS1
-
Size
1.1MB
-
Sample
221003-g6em7sbcf3
-
MD5
603bffe09d8f6c58499a83212f5febac
-
SHA1
f6616cdfbe8b06b5ee4f95cfee0ed15b74b59466
-
SHA256
d7fe1e3c8d18c2f992dfad7fabfb8f9907786eaca269dbc73593801c7474bd13
-
SHA512
788b7cd546c4557fdbbab8a5048f62838106e592836a9616f19cf82759b6486207912f8787ddf5465a4d5ec4d567776cab701b2c1e5b63980c9245ee51884346
-
SSDEEP
12288:WViPI6z8ay43NxSz0kmLoL2xfZe0I8nU8ECxKFajP:iINi0kmLF5I8P
Static task
static1
Behavioral task
behavioral1
Sample
GOLGAPORA.ps1
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
GOLGAPORA.ps1
Resource
win10v2004-20220901-en
Malware Config
Extracted
Protocol: ftp- Host:
107.182.129.168 - Port:
21 - Username:
ashgdhfg3 - Password:
jfghfjgh545
Targets
-
-
Target
GOLGAPORA.PS1
-
Size
1.1MB
-
MD5
603bffe09d8f6c58499a83212f5febac
-
SHA1
f6616cdfbe8b06b5ee4f95cfee0ed15b74b59466
-
SHA256
d7fe1e3c8d18c2f992dfad7fabfb8f9907786eaca269dbc73593801c7474bd13
-
SHA512
788b7cd546c4557fdbbab8a5048f62838106e592836a9616f19cf82759b6486207912f8787ddf5465a4d5ec4d567776cab701b2c1e5b63980c9245ee51884346
-
SSDEEP
12288:WViPI6z8ay43NxSz0kmLoL2xfZe0I8nU8ECxKFajP:iINi0kmLF5I8P
Score10/10-
Drops file in Drivers directory
-
Accesses Microsoft Outlook profiles
-
Suspicious use of SetThreadContext
-