Overview

overview

8

Static

static

1

mq.ps1

windows10-1703-x64

8

Resubmissions

12/12/2023, 06:21

231212-g4r6hsgbcj 8

Sharing

Copy URL Twitter E-mail

General

  • Target

    mq.ps1

  • Size

    3KB

  • Sample

    231212-g4r6hsgbcj

  • MD5

    24326ab1c24d34fd12effaf8f8b8d059

  • SHA1

    af932ab0e35c0ff68f01e4855f1eeb1ec99328dc

  • SHA256

    97c23ea238204d40737ed5e7249f88470bc3a7b2944c91e5c6ad1666a40cf188

  • SHA512

    36483542c12dda14d0400ab6cd7d151bd5b39ef607b1639901f39cf469c515149f61c22f30ce8f41857fc8aadc7114c4b9144796465d5ced7676c9c7d120fe6b

Score
8/10
evasion

Malware Config

Targets

    • Target

      mq.ps1

    • Size

      3KB

    • MD5

      24326ab1c24d34fd12effaf8f8b8d059

    • SHA1

      af932ab0e35c0ff68f01e4855f1eeb1ec99328dc

    • SHA256

      97c23ea238204d40737ed5e7249f88470bc3a7b2944c91e5c6ad1666a40cf188

    • SHA512

      36483542c12dda14d0400ab6cd7d151bd5b39ef607b1639901f39cf469c515149f61c22f30ce8f41857fc8aadc7114c4b9144796465d5ced7676c9c7d120fe6b

    Score
    8/10
    evasion

    • Blocklisted process makes network request

    • Sets file to hidden

      Modifies file attributes to stop it showing in Explorer etc.

      evasion

    • Legitimate hosting services abused for malware hosting/C2

    • Drops file in System32 directory

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks