General
-
Target
getmyfirstone.ps1
-
Size
563KB
-
Sample
240313-1azhaabe78
-
MD5
c7a48741b57cfb00da654804801840bd
-
SHA1
ea6373dcdf09db29b5e740990f77a47507b47571
-
SHA256
e9dbe17727323427dd4889016fe1cc882aeb087e94ff043d819e7eca567d0aac
-
SHA512
050b0f392cdbcbe4c4922fbe45e212eb07823d83ae81501ebc77e5ffe9b4a38efb60c3231ca81a5d2169e8e212d3ad375ec0b76f564621b770141fa67b82a186
-
SSDEEP
6144:XTDEaWyxWqyGSbdJIbhhxUQBcFr2JHe57Dyoyz/CspqV7NapPaZo0CtGBod/wN0r:XTDEarxWqyi
Static task
static1
Behavioral task
behavioral1
Sample
getmyfirstone.ps1
Resource
win7-20240215-en
Malware Config
Extracted
asyncrat
AWS | 3Losh
newboom
fat7e007707.ddns.net:6666
AsyncMutex_FgOyihd6bmvc
-
delay
3
-
install
false
-
install_folder
%AppData%
Targets
-
-
Target
getmyfirstone.ps1
-
Size
563KB
-
MD5
c7a48741b57cfb00da654804801840bd
-
SHA1
ea6373dcdf09db29b5e740990f77a47507b47571
-
SHA256
e9dbe17727323427dd4889016fe1cc882aeb087e94ff043d819e7eca567d0aac
-
SHA512
050b0f392cdbcbe4c4922fbe45e212eb07823d83ae81501ebc77e5ffe9b4a38efb60c3231ca81a5d2169e8e212d3ad375ec0b76f564621b770141fa67b82a186
-
SSDEEP
6144:XTDEaWyxWqyGSbdJIbhhxUQBcFr2JHe57Dyoyz/CspqV7NapPaZo0CtGBod/wN0r:XTDEarxWqyi
-
Detect ZGRat V1
-
Suspicious use of SetThreadContext
-