Scambaitedtargz_JC[.]gz | Triage

Submit
Reports

Overview

overview

Static

static

sample.tar

windows7-x64

3

sample.tar

windows10-2004-x64

3

Scam_uac/Uac_main.ps1

windows7-x64

8

Scam_uac/Uac_main.ps1

windows10-2004-x64

8

Scam_uac/U...ge.ps1

windows7-x64

8

Scam_uac/U...ge.ps1

windows10-2004-x64

8

Scam_uac/U...gen.py

windows7-x64

3

Scam_uac/U...gen.py

windows10-2004-x64

3

Scam_uac/amsi.ps1

windows7-x64

1

Scam_uac/amsi.ps1

windows10-2004-x64

1

Scam_uac/command.ps1

windows7-x64

1

Scam_uac/command.ps1

windows10-2004-x64

1

Scam_uac/down.ps1

windows7-x64

8

Scam_uac/down.ps1

windows10-2004-x64

8

Scam_uac/p...tn.ps1

windows7-x64

1

Scam_uac/p...tn.ps1

windows10-2004-x64

1

Scam_uac/p...6v.ps1

windows7-x64

1

Scam_uac/p...6v.ps1

windows10-2004-x64

1

Scam_uac/p...all.sh

windows7-x64

3

Scam_uac/p...all.sh

windows10-2004-x64

3

Scam_uac/uac.ps1

windows7-x64

1

Scam_uac/uac.ps1

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

sample.tar

Resource

win7-20230712-en

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

sample.tar

Resource

win10v2004-20230703-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral3

Sample

Scam_uac/Uac_main.ps1

Resource

win7-20230712-en

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral4

Sample

Scam_uac/Uac_main.ps1

Resource

win10v2004-20230703-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral5

Sample

Scam_uac/Uac_stage.ps1

Resource

win7-20230712-en

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral6

Sample

Scam_uac/Uac_stage.ps1

Resource

win10v2004-20230703-en

windows10-2004-x64

4 signatures

150 seconds

Behavioral task

behavioral7

Sample

Scam_uac/Uac_stage_gen.py

Resource

win7-20230712-en

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral8

Sample

Scam_uac/Uac_stage_gen.py

Resource

win10v2004-20230703-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral9

Sample

Scam_uac/amsi.ps1

Resource

win7-20230712-en

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral10

Sample

Scam_uac/amsi.ps1

Resource

win10v2004-20230703-en

windows10-2004-x64

5 signatures

150 seconds

Behavioral task

behavioral11

Sample

Scam_uac/command.ps1

Resource

win7-20230712-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral12

Sample

Scam_uac/command.ps1

Resource

win10v2004-20230703-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral13

Sample

Scam_uac/down.ps1

Resource

win7-20230712-en

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral14

Sample

Scam_uac/down.ps1

Resource

win10v2004-20230703-en

windows10-2004-x64

4 signatures

150 seconds

Behavioral task

behavioral15

Sample

Scam_uac/payloads/efq68mtn.ps1

Resource

win7-20230712-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral16

Sample

Scam_uac/payloads/efq68mtn.ps1

Resource

win10v2004-20230703-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral17

Sample

Scam_uac/payloads/n566c66v.ps1

Resource

win7-20230712-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral18

Sample

Scam_uac/payloads/n566c66v.ps1

Resource

win10v2004-20230703-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral19

Sample

Scam_uac/payloads/remove_all.sh

Resource

win7-20230712-en

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral20

Sample

Scam_uac/payloads/remove_all.sh

Resource

win10v2004-20230703-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral21

Sample

Scam_uac/uac.ps1

Resource

win7-20230712-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral22

Sample

Scam_uac/uac.ps1

Resource

win10v2004-20230703-en

windows10-2004-x64

2 signatures

150 seconds

General

Target

Scambaitedtargz_JC.gz
Size

5KB
MD5

9b90c5f6bdcb0bacbd584715e1e8b000
SHA1

467084957fb3c310ae4d02717a80b9aa50791381
SHA256

d71347bb384590c0b7d6869d3f22d35592bab5bcc21347150800b8eb95ee1db9
SHA512

90a13fc492c9c6998e3bb45296d39bf2708ad1de711eecfd81a164ff5f7e47c5b78c19322e4490e839f5ee0e2e9308df6a9bd7df1d88d8532dffb3dec5546b7d
SSDEEP

96:yjY+Y2mO/hIHGLRIAapDK/vxoYGEWumjR1GFS3nbjRxZttJArcAEXcrgtqVgoK:IZh5GT5KSBE5o1sS3XRxBLUgoK

Score

10^/10

Malware Config

Extracted

Language

ps1

Deobfuscated

URLs

ps1.dropper

http://54.208.157.120:80/Scam_uac/amsi.ps1

ps1.dropper

http://54.208.157.120:80/Scam_uac/uac.ps1

ps1.dropper

http://54.208.157.120:80/Scam_uac/command.ps1

ps1.dropper

http://54.208.157.120:80/Scam_uac/down.ps1

Extracted

Language

ps1

Source

URLs

exe.dropper

http://54.208.157.120:80/Scam_uac/Uac_main.ps1

exe.dropper

http://54.208.157.120:80/Scam_uac/payloads/efq68mtn.ps1

Extracted

Language

ps1

Deobfuscated

URLs

exe.dropper

http://54.208.157.120:80/password.exe

Signatures

Files

Scambaitedtargz_JC.gz
.gz
sample
.tar .ps1
Scam_uac/Uac_main.ps1
Scam_uac/Uac_stage.ps1
.ps1
Scam_uac/Uac_stage_gen.py
.py .ps1
Scam_uac/amsi.ps1
.ps1
Scam_uac/command.ps1
Scam_uac/down.ps1
.ps1
Scam_uac/payloads/efq68mtn.ps1
Scam_uac/payloads/n566c66v.ps1
Scam_uac/payloads/remove_all.sh
Scam_uac/uac.ps1
.ps1

© 2018-2025

Terms | Privacy