Overview

overview

10

Static

static

10

vicuna.ps1

windows7-x64

1

vicuna.ps1

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    vicuna.ps1

  • Size

    8KB

  • Sample

    230412-rn1g3acg97

  • MD5

    977467da6fd65a523382b2dbaf797166

  • SHA1

    bf29aa1e497b51e1e24958b109a5e4461c069b14

  • SHA256

    4056a66a6f0aedc14f62c3287c8e77e0c002f55b50eacf647f15d6a709f1a5bd

  • SHA512

    a4a0a69ec2e5c10d0a715a7f7313dd446a7c177c5d2f5bad6eaebd1b2c8db9f4d632beaa2ad90ca0dc72813c4369137baf987dc1c411262c33736e0173514e90

  • SSDEEP

    192:80DdDd6q5tQQVTJ4HHEjCH7dD3N2vFXRYYMW7UAmj/GwZul:80DJXtQITJ4HHEpV5

Score
10/10

Malware Config

Extracted

Language
ps1
Source
URLs
exe.dropper

https://huggingface.co/eachadea/ggml-vicuna-13b-4bit/resolve/main/ggml-vicuna-13b-4bit-rev1.bin
exe.dropper

https://huggingface.co/anon8231489123/vicuna-13b-GPTQ-4bit-128g/resolve/main

Targets

    • Target

      vicuna.ps1

    • Size

      8KB

    • MD5

      977467da6fd65a523382b2dbaf797166

    • SHA1

      bf29aa1e497b51e1e24958b109a5e4461c069b14

    • SHA256

      4056a66a6f0aedc14f62c3287c8e77e0c002f55b50eacf647f15d6a709f1a5bd

    • SHA512

      a4a0a69ec2e5c10d0a715a7f7313dd446a7c177c5d2f5bad6eaebd1b2c8db9f4d632beaa2ad90ca0dc72813c4369137baf987dc1c411262c33736e0173514e90

    • SSDEEP

      192:80DdDd6q5tQQVTJ4HHEjCH7dD3N2vFXRYYMW7UAmj/GwZul:80DJXtQITJ4HHEpV5

    Score
    8/10

    • Blocklisted process makes network request

    • Downloads MZ/PE file

    • Executes dropped EXE

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks