Overview

overview

8

Static

static

lg30.ps1

windows7-x64

1

lg30.ps1

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    lg30.ps1

  • Size

    2.2MB

  • Sample

    230131-tb7rqaag9y

  • MD5

    a6eb5da8a7d233b137c7214ad7704d80

  • SHA1

    bdc3992db4b6f346eb42df7ae8991ba26c4b528a

  • SHA256

    220643466b3b056319813f6a504726baf236e866d32dace4290bab262f8f455f

  • SHA512

    6e97afc6edb1446ae471da7f1db1d88a6e890d816638d77573e3440d2584209f8130cff2e3762ecba739e89ddad569ce590515e48e3cfe890468cc28a666f114

  • SSDEEP

    24576:dWbYatYxIQarFTuO/GeO+QgfAIAdQ3z/PEMfm96mwo4hWwVEqXrxwVe1pHCRGW6H:80AYsdyQDHEKxo/wVZ9R

Score
8/10

Malware Config

Targets

    • Target

      lg30.ps1

    • Size

      2.2MB

    • MD5

      a6eb5da8a7d233b137c7214ad7704d80

    • SHA1

      bdc3992db4b6f346eb42df7ae8991ba26c4b528a

    • SHA256

      220643466b3b056319813f6a504726baf236e866d32dace4290bab262f8f455f

    • SHA512

      6e97afc6edb1446ae471da7f1db1d88a6e890d816638d77573e3440d2584209f8130cff2e3762ecba739e89ddad569ce590515e48e3cfe890468cc28a666f114

    • SSDEEP

      24576:dWbYatYxIQarFTuO/GeO+QgfAIAdQ3z/PEMfm96mwo4hWwVEqXrxwVe1pHCRGW6H:80AYsdyQDHEKxo/wVZ9R

    Score
    8/10

    • Blocklisted process makes network request

    • Suspicious use of NtCreateThreadExHideFromDebugger

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks