Static

static

10

Resubmissions

26/04/2023, 19:35

230426-ya1dgadc9t 10

Sharing

Copy URL Twitter E-mail

General

  • Target

    ff.ps1

  • Size

    4KB

  • MD5

    b797fbaa55a6d84748576ffd3fe60224

  • SHA1

    616ba75d8532435da799604919e1b5ddaf66efe4

  • SHA256

    2a15118ca8c0fcf630753f742c10e292ebe09f88994b3ba282d7656e6033b703

  • SHA512

    1d3ec9b79c55e91839491e8d784c8c819e86e516d46ba26fb11e3f9f3fd22e15c6695eda74b1cfbd68c35d6cadab8ba2f7654e9e31fc72767bbf65bfa535941d

  • SSDEEP

    96:lGqZrGY3c2w0sITNRXRuCn0bYab13a9EO4sZ7QVrFOU6:lGOGY39fsYNRXNuYbl4sBuF+

Score
10/10

Malware Config

Extracted

Language
ps1
Deobfuscated
URLs
ps1.dropper

https://github.com/witnessstrong/OneDriveUpdater/raw/main/install.ps1
exe.dropper

https://github.com/witnessstrong/OneDriveUpdater/raw/main/OneDriveStandaloneUpdater.exe
exe.dropper

https://github.com/witnessstrong/OneDriveUpdater/raw/main/version.dll
exe.dropper

https://github.com/witnessstrong/OneDriveUpdater/raw/main/verslon.dll

Signatures

Files

  • ff.ps1