057c37c1975da552b51af355bde6b5dbeacd5064711a4c591d2dabe0dcb421a0

General

Target

057c37c1975da552b51af355bde6b5dbeacd5064711a4c591d2dabe0dcb421a0
Size

1KB
Sample

240520-2jjzmaaf3t
MD5

9a5d69137c2624b57557b6d2c799264b
SHA1

1e28c8b829564cc35b56e81787af150e3cf7c7bc
SHA256

057c37c1975da552b51af355bde6b5dbeacd5064711a4c591d2dabe0dcb421a0
SHA512

62b2376cf921ed4b4166aaa69d85c7894f1ae9ac4c8fc69fb8bae89b6d1ac01749b9b2a6115f78e768bcf44fbd1469055831f5978d75539911f081e7c86cd199

Score

10^/10

execution

Malware Config

Extracted

Language

ps1

Source

URLs

exe.dropper

https://raw.githubusercontent.com/massgravel/Microsoft-Activation-Scripts/36f7291963f4264a9e5c9b8d82740ed5d625152a/MAS/All-In-One-Version/MAS_AIO-CRC32_C67E873E.cmd

exe.dropper

https://bitbucket.org/WindowsAddict/microsoft-activation-scripts/raw/36f7291963f4264a9e5c9b8d82740ed5d625152a/MAS/All-In-One-Version/MAS_AIO-CRC32_C67E873E.cmd

Targets

- Target
  
  057c37c1975da552b51af355bde6b5dbeacd5064711a4c591d2dabe0dcb421a0
- Size
  
  1KB
- MD5
  
  9a5d69137c2624b57557b6d2c799264b
- SHA1
  
  1e28c8b829564cc35b56e81787af150e3cf7c7bc
- SHA256
  
  057c37c1975da552b51af355bde6b5dbeacd5064711a4c591d2dabe0dcb421a0
- SHA512
  
  62b2376cf921ed4b4166aaa69d85c7894f1ae9ac4c8fc69fb8bae89b6d1ac01749b9b2a6115f78e768bcf44fbd1469055831f5978d75539911f081e7c86cd199
Score

8^/10

execution
- Blocklisted process makes network request
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2