Overview
overview
3Static
static
3AuthorSyst...ex.ps1
windows7-x64
1AuthorSyst...ex.ps1
windows10-2004-x64
1AuthorSyst...ex.ps1
windows7-x64
1AuthorSyst...ex.ps1
windows10-2004-x64
1AuthorSyst...d49.js
windows7-x64
1AuthorSyst...d49.js
windows10-2004-x64
1AuthorSyst...b47.js
windows7-x64
1AuthorSyst...b47.js
windows10-2004-x64
1AuthorSyst...161.js
windows7-x64
1AuthorSyst...161.js
windows10-2004-x64
1AuthorSyst...30a.js
windows7-x64
1AuthorSyst...30a.js
windows10-2004-x64
1AuthorSyst...cba.js
windows7-x64
1AuthorSyst...cba.js
windows10-2004-x64
1AuthorSyst...48a.js
windows7-x64
1AuthorSyst...48a.js
windows10-2004-x64
1AuthorSyst...d4e.js
windows7-x64
1AuthorSyst...d4e.js
windows10-2004-x64
1AuthorSyst...6a5.js
windows7-x64
1AuthorSyst...6a5.js
windows10-2004-x64
1AuthorSyst...e22.js
windows7-x64
1AuthorSyst...e22.js
windows10-2004-x64
1AuthorSyst...196.js
windows7-x64
1AuthorSyst...196.js
windows10-2004-x64
1AuthorSyst...0de.js
windows7-x64
1AuthorSyst...0de.js
windows10-2004-x64
1AuthorSyst...c4d.js
windows7-x64
1AuthorSyst...c4d.js
windows10-2004-x64
1AuthorSyst...e62.js
windows7-x64
1AuthorSyst...e62.js
windows10-2004-x64
1AuthorSyst...13e.js
windows7-x64
1AuthorSyst...13e.js
windows10-2004-x64
1Analysis
-
max time kernel
117s -
max time network
155s -
platform
windows10-2004_x64 -
resource
win10v2004-20240412-en -
resource tags
arch:x64arch:x86image:win10v2004-20240412-enlocale:en-usos:windows10-2004-x64system -
submitted
20-04-2024 10:16
Behavioral task
behavioral1
Sample
AuthorSystem-0.0.4/app/check/controller/Index.ps1
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
AuthorSystem-0.0.4/app/check/controller/Index.ps1
Resource
win10v2004-20240412-en
Behavioral task
behavioral3
Sample
AuthorSystem-0.0.4/app/order/controller/Index.ps1
Resource
win7-20240221-en
Behavioral task
behavioral4
Sample
AuthorSystem-0.0.4/app/order/controller/Index.ps1
Resource
win10v2004-20240412-en
Behavioral task
behavioral5
Sample
AuthorSystem-0.0.4/public/assets/assets/404-9cb17d49.js
Resource
win7-20240215-en
Behavioral task
behavioral6
Sample
AuthorSystem-0.0.4/public/assets/assets/404-9cb17d49.js
Resource
win10v2004-20240412-en
Behavioral task
behavioral7
Sample
AuthorSystem-0.0.4/public/assets/assets/App-908f1b47.js
Resource
win7-20240221-en
Behavioral task
behavioral8
Sample
AuthorSystem-0.0.4/public/assets/assets/App-908f1b47.js
Resource
win10v2004-20240412-en
Behavioral task
behavioral9
Sample
AuthorSystem-0.0.4/public/assets/assets/Dashboard-e2b75161.js
Resource
win7-20240221-en
Behavioral task
behavioral10
Sample
AuthorSystem-0.0.4/public/assets/assets/Dashboard-e2b75161.js
Resource
win10v2004-20240412-en
Behavioral task
behavioral11
Sample
AuthorSystem-0.0.4/public/assets/assets/Encryption-c3b2030a.js
Resource
win7-20240221-en
Behavioral task
behavioral12
Sample
AuthorSystem-0.0.4/public/assets/assets/Encryption-c3b2030a.js
Resource
win10v2004-20240412-en
Behavioral task
behavioral13
Sample
AuthorSystem-0.0.4/public/assets/assets/Footer-320a1cba.js
Resource
win7-20240215-en
Behavioral task
behavioral14
Sample
AuthorSystem-0.0.4/public/assets/assets/Footer-320a1cba.js
Resource
win10v2004-20240412-en
Behavioral task
behavioral15
Sample
AuthorSystem-0.0.4/public/assets/assets/Legal-f49e648a.js
Resource
win7-20240221-en
Behavioral task
behavioral16
Sample
AuthorSystem-0.0.4/public/assets/assets/Legal-f49e648a.js
Resource
win10v2004-20240412-en
Behavioral task
behavioral17
Sample
AuthorSystem-0.0.4/public/assets/assets/LogoCollapse-320d4d4e.js
Resource
win7-20240221-en
Behavioral task
behavioral18
Sample
AuthorSystem-0.0.4/public/assets/assets/LogoCollapse-320d4d4e.js
Resource
win10v2004-20240412-en
Behavioral task
behavioral19
Sample
AuthorSystem-0.0.4/public/assets/assets/Manage-d491d6a5.js
Resource
win7-20240221-en
Behavioral task
behavioral20
Sample
AuthorSystem-0.0.4/public/assets/assets/Manage-d491d6a5.js
Resource
win10v2004-20240412-en
Behavioral task
behavioral21
Sample
AuthorSystem-0.0.4/public/assets/assets/Myself-2999fe22.js
Resource
win7-20231129-en
Behavioral task
behavioral22
Sample
AuthorSystem-0.0.4/public/assets/assets/Myself-2999fe22.js
Resource
win10v2004-20240412-en
Behavioral task
behavioral23
Sample
AuthorSystem-0.0.4/public/assets/assets/Myself-82e40196.js
Resource
win7-20240221-en
Behavioral task
behavioral24
Sample
AuthorSystem-0.0.4/public/assets/assets/Myself-82e40196.js
Resource
win10v2004-20240412-en
Behavioral task
behavioral25
Sample
AuthorSystem-0.0.4/public/assets/assets/Notice-922110de.js
Resource
win7-20240221-en
Behavioral task
behavioral26
Sample
AuthorSystem-0.0.4/public/assets/assets/Notice-922110de.js
Resource
win10v2004-20240412-en
Behavioral task
behavioral27
Sample
AuthorSystem-0.0.4/public/assets/assets/Order-b6061c4d.js
Resource
win7-20240221-en
Behavioral task
behavioral28
Sample
AuthorSystem-0.0.4/public/assets/assets/Order-b6061c4d.js
Resource
win10v2004-20240412-en
Behavioral task
behavioral29
Sample
AuthorSystem-0.0.4/public/assets/assets/Order-f71a2e62.js
Resource
win7-20240220-en
Behavioral task
behavioral30
Sample
AuthorSystem-0.0.4/public/assets/assets/Order-f71a2e62.js
Resource
win10v2004-20240412-en
Behavioral task
behavioral31
Sample
AuthorSystem-0.0.4/public/assets/assets/PaySet-edce313e.js
Resource
win7-20240221-en
Behavioral task
behavioral32
Sample
AuthorSystem-0.0.4/public/assets/assets/PaySet-edce313e.js
Resource
win10v2004-20240412-en
General
-
Target
AuthorSystem-0.0.4/app/order/controller/Index.ps1
-
Size
4KB
-
MD5
06b6b39ec348c02a8f5b4873c05f8047
-
SHA1
e5d05469ff5078ba7815991034a4f371732c5dca
-
SHA256
391aab32ae93f9196291c84257ec8b9b6664bcd787fb2c99f668ea1821964806
-
SHA512
b4214b866c52c96c6b8a4a6cbf0d0c973ca306e6b3ad8fb6f7cb2f42822daa1043effd7daa259213dec4452596bb83cf887fb2e37d5c9fed99822b550161c652
-
SSDEEP
96:serYbeRDija5gCFIJCNFVJ4EeTFAUCWuhWxwRCfdCFkbOlWFqVMU0Sg0Kjy:s0zijd+IJsVJYxCWuewRCl+Vlayj0Som
Malware Config
Signatures
-
Suspicious behavior: EnumeratesProcesses 2 IoCs
Processes:
powershell.exepid process 4352 powershell.exe 4352 powershell.exe -
Suspicious use of AdjustPrivilegeToken 1 IoCs
Processes:
powershell.exedescription pid process Token: SeDebugPrivilege 4352 powershell.exe
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
60B
MD5d17fe0a3f47be24a6453e9ef58c94641
SHA16ab83620379fc69f80c0242105ddffd7d98d5d9d
SHA25696ad1146eb96877eab5942ae0736b82d8b5e2039a80d3d6932665c1a4c87dcf7
SHA5125b592e58f26c264604f98f6aa12860758ce606d1c63220736cf0c779e4e18e3cec8706930a16c38b20161754d1017d1657d35258e58ca22b18f5b232880dec82