General
-
Target
payload_1.ps1
-
Size
3KB
-
Sample
230406-2wpewahe3w
-
MD5
7289408b9b66d927f94012ccc7c9e97f
-
SHA1
59f77a73a599f8d0b309a21bd3c8957f88d93a47
-
SHA256
7184b3f7a03f954afff9d967a7b6d0656f1b04a47ab39af495d373fc0f37c5b5
-
SHA512
0b07bf2d80e2dd08c7ef94ee091fd241cbbadc3fdc000b148c2e0c0f54a158c758ad8431238991a5680b9ccd0769be97417b6b3378a95d4b09fceda5e539bfbe
Behavioral task
behavioral1
Sample
payload_1.ps1
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
payload_1.ps1
Resource
win10v2004-20230220-en
Malware Config
Extracted
cobaltstrike
http://81.68.103.253:88/INPv
-
user_agent
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Targets
-
-
Target
payload_1.ps1
-
Size
3KB
-
MD5
7289408b9b66d927f94012ccc7c9e97f
-
SHA1
59f77a73a599f8d0b309a21bd3c8957f88d93a47
-
SHA256
7184b3f7a03f954afff9d967a7b6d0656f1b04a47ab39af495d373fc0f37c5b5
-
SHA512
0b07bf2d80e2dd08c7ef94ee091fd241cbbadc3fdc000b148c2e0c0f54a158c758ad8431238991a5680b9ccd0769be97417b6b3378a95d4b09fceda5e539bfbe
Score10/10-
Blocklisted process makes network request
-