7d91a26a17888f1c9e9ebac3b1f215bee1ababc4d54821f75c30d450e897449f | Triage

Sharing

General

Target

target.ps1
Size

170B
Sample

240220-w1dahsdd64
MD5

8a5cd2b3c4f1010a0d2d1262c7b29a78
SHA1

a3fabce7154e66bdce25f921db0bbe286974d0d8
SHA256

7d91a26a17888f1c9e9ebac3b1f215bee1ababc4d54821f75c30d450e897449f
SHA512

1252a3158091520597800f90938566c2193451a28d1856ab5c28123d0c8f28aab2f39512bc22df090396578ae867486d00a4fa7aee12c418bde6c1d5a795f929

Score

10^/10

Malware Config

Extracted

Language

ps1

Deobfuscated

URLs

ps1.dropper

https://170.130.55.117:8080/loader/LHMEsU0=

Targets

- Target
  
  target.ps1
- Size
  
  170B
- MD5
  
  8a5cd2b3c4f1010a0d2d1262c7b29a78
- SHA1
  
  a3fabce7154e66bdce25f921db0bbe286974d0d8
- SHA256
  
  7d91a26a17888f1c9e9ebac3b1f215bee1ababc4d54821f75c30d450e897449f
- SHA512
  
  1252a3158091520597800f90938566c2193451a28d1856ab5c28123d0c8f28aab2f39512bc22df090396578ae867486d00a4fa7aee12c418bde6c1d5a795f929
Score

8^/10
- Blocklisted process makes network request
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1