31c20d8ef052334c3e2d3bf165c02f20eb3ae7fdc0cb92981d4ba77c29007cf8 | Triage

Submit
Reports

Overview

overview

Static

static

1

quZtuaf0.ps1

windows7-x64

1

quZtuaf0.ps1

windows10-2004-x64

Sharing

General

Target

quZtuaf0.posh
Size

3KB
Sample

230329-yx3r4shg33
MD5

ff1ef674dd573524d0a0f1eb025f6eb3
SHA1

63c60b274b4c3eeab1733620f8a229c9a1472f56
SHA256

31c20d8ef052334c3e2d3bf165c02f20eb3ae7fdc0cb92981d4ba77c29007cf8
SHA512

b2d85237bb3ec304544387283d0b6b6da737c1f461b7c49df5b0c61d417fa8411ec3365136630e1f27abf6de99e6023fa2c9ab834196611d0b95482316afef27

Score

10^/10

Static task

static1

Behavioral task

behavioral1

Sample

quZtuaf0.ps1

Resource

win7-20230220-en

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

quZtuaf0.ps1

Resource

win10v2004-20230221-en

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Extracted

Credentials

Protocol: smtp
Host:
smtp.mail.com
Port:
587
Username:
[email protected]
Password:
korn0809130096

Targets

- Target
  
  quZtuaf0.posh
- Size
  
  3KB
- MD5
  
  ff1ef674dd573524d0a0f1eb025f6eb3
- SHA1
  
  63c60b274b4c3eeab1733620f8a229c9a1472f56
- SHA256
  
  31c20d8ef052334c3e2d3bf165c02f20eb3ae7fdc0cb92981d4ba77c29007cf8
- SHA512
  
  b2d85237bb3ec304544387283d0b6b6da737c1f461b7c49df5b0c61d417fa8411ec3365136630e1f27abf6de99e6023fa2c9ab834196611d0b95482316afef27
Score

10^/10
- Blocklisted process makes network request
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy