8376b121ce71d7ffc73995ff4de043d94bd4c92de316ef19f57f10ec7ab2cd5f | Triage

Sharing

General

Target

8723c90f2b4b98928e0f19d75d8a5c00
Size

7KB
Sample

240201-rzz1nshehk
MD5

8723c90f2b4b98928e0f19d75d8a5c00
SHA1

6005c897e6262d58c9c30566452913eaa7ed4ef1
SHA256

8376b121ce71d7ffc73995ff4de043d94bd4c92de316ef19f57f10ec7ab2cd5f
SHA512

c377b5e224eabf1f565f9e75ca1b26a04d5587b6426e648b8220e50011a6947bbacc3b03317130c31a7f028bf38267b946aac11cc306f6413c0b09cbec686983
SSDEEP

96:fo2G2uxLh2S2FsGdci4J581WMt1XJPCxZzNt:w2aOshiH1Sb

Score

10^/10

discovery

Malware Config

Extracted

Language

ps1

Source

URLs

ps1.dropper

https://community.chocolatey.org/install.ps1

Targets

- Target
  
  8723c90f2b4b98928e0f19d75d8a5c00
- Size
  
  7KB
- MD5
  
  8723c90f2b4b98928e0f19d75d8a5c00
- SHA1
  
  6005c897e6262d58c9c30566452913eaa7ed4ef1
- SHA256
  
  8376b121ce71d7ffc73995ff4de043d94bd4c92de316ef19f57f10ec7ab2cd5f
- SHA512
  
  c377b5e224eabf1f565f9e75ca1b26a04d5587b6426e648b8220e50011a6947bbacc3b03317130c31a7f028bf38267b946aac11cc306f6413c0b09cbec686983
- SSDEEP
  
  96:fo2G2uxLh2S2FsGdci4J581WMt1XJPCxZzNt:w2aOshiH1Sb
Score

10^/10

discovery
- Blocklisted process makes network request
- Executes dropped EXE
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2