e610c9fc6ae3dd1c640c89775bcffd73f8a76ddbbf152790c45a7a903388a3b5 | Triage

Sharing

General

Target

e610c9fc6ae3dd1c640c89775bcffd73f8a76ddbbf152790c45a7a903388a3b5
Size

150KB
Sample

230312-2gb61ahg5s
MD5

f1b7edcb3ceb0d3c7dbbbeecf5656271
SHA1

85d36368a2381f03824954e19b60f001eb25fb62
SHA256

e610c9fc6ae3dd1c640c89775bcffd73f8a76ddbbf152790c45a7a903388a3b5
SHA512

2c47bb87b786df0b562a33481bd1daaed5537c0052c44fd9d02df26bdd99f5d1b4ce6916718f21b2f7845a274691da28127ffd31d9bf1c2228e8b77822710865
SSDEEP

3072:GSFb9MUFNlW8wJT3PM0VqSHDYEvn86NrPvPPhNWBjh0khuYGCClLqsFM8Tt6:4NrPfhNINyGsa8B6

Score

10^/10

Malware Config

Extracted

Language

ps1

Deobfuscated

URLs

ps1.dropper

https://aszfiltration.com/storage/files/debug2.ps1

Targets

- Target
  
  e610c9fc6ae3dd1c640c89775bcffd73f8a76ddbbf152790c45a7a903388a3b5
- Size
  
  150KB
- MD5
  
  f1b7edcb3ceb0d3c7dbbbeecf5656271
- SHA1
  
  85d36368a2381f03824954e19b60f001eb25fb62
- SHA256
  
  e610c9fc6ae3dd1c640c89775bcffd73f8a76ddbbf152790c45a7a903388a3b5
- SHA512
  
  2c47bb87b786df0b562a33481bd1daaed5537c0052c44fd9d02df26bdd99f5d1b4ce6916718f21b2f7845a274691da28127ffd31d9bf1c2228e8b77822710865
- SSDEEP
  
  3072:GSFb9MUFNlW8wJT3PM0VqSHDYEvn86NrPvPPhNWBjh0khuYGCClLqsFM8Tt6:4NrPfhNINyGsa8B6
Score

10^/10
- Blocklisted process makes network request
- Deletes itself
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Remote System Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2