Behavioral task
behavioral1
Sample
eryao7.ps1
Resource
win7-20230220-en
windows7-x64
4 signatures
150 seconds
Behavioral task
behavioral2
Sample
eryao7.ps1
Resource
win10v2004-20230221-en
windows10-2004-x64
4 signatures
150 seconds
General
-
Target
eryao7.ps1
-
Size
3KB
-
MD5
9b4603598d8cf6ba5ba825eef6959d1a
-
SHA1
a18b3ad6fe110be28b0244a4e1564c82a2cbaac4
-
SHA256
988fc1896c09a10ceb4b77e9dd64e3797db0bfdffe3696f36de0210f5a6d5d80
-
SHA512
6c7868da95b56c0e38886138be2d16e78684401db656b8f588618e4d5ada7146e1f9a53e970d1012a5ad03a0cccf3e9fe1fa57608e053f878cf0ca58923dc307
Score
10/10
Malware Config
Extracted
Family
cobaltstrike
C2
http://123.56.82.231:8080/4nyB
Attributes
-
user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; WOW64; Trident/6.0)
Signatures
-
Cobaltstrike family
Files
-
eryao7.ps1.ps1