Behavioral task
behavioral1
Sample
payload.ps1
Resource
win7-20230831-en
6 signatures
150 seconds
Behavioral task
behavioral2
Sample
payload.ps1
Resource
win10v2004-20230915-en
6 signatures
150 seconds
General
-
Target
payload.ps1
-
Size
3KB
-
MD5
d79b65346b6e1435d7fd66e1a37646fb
-
SHA1
974602784f1e4f17b71ddd7cb11527a4464c4198
-
SHA256
2a44af35c9371b6a6bc6341d2799ca1d244c93522f34370302b312970e2814e5
-
SHA512
fd7dd6511c1d0e92b1e7a5513aca070800b72c99b3d63ff001b1de0befd54a50fc0977da5997ff74a6797739d277d60ed5cad9eb4b24c72ef7a5c2ead77daebd
Score
10/10
Malware Config
Extracted
Family
metasploit
Version
windows/download_exec
C2
http://124.221.0.93:7080/wDQP
Attributes
- headers User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.2; Trident/4.0; .NET CLR 2.0.50727)
Signatures
-
Metasploit family
Files
-
payload.ps1.ps1