c714df0154f2b6fc8a82aa35281836c664bd3fbf4be3efc7e8b5b94ac87fc0a6 | Triage

Resubmissions

08/06/2024, 10:45

240608-mtjpaabg98 10

01/06/2024, 18:22

240601-w1dlaabf49 10

Sharing

Copy URL Twitter E-mail

General

Target

c714df0154f2b6fc8a82aa35281836c664bd3fbf4be3efc7e8b5b94ac87fc0a6.ps1
Size

1KB
Sample

240601-w1dlaabf49
MD5

b5b20e03ae941e9f21c444bd50225c41
SHA1

b27d291596cc890d283e0d3a3e08907c47e3d1cc
SHA256

c714df0154f2b6fc8a82aa35281836c664bd3fbf4be3efc7e8b5b94ac87fc0a6
SHA512

d3c1c01667de2f56f3017ce4d57c3cadd3a32c4df2c38da4565668840d59f7f42a3a0446893493bf4ba2013ef16f3c7901811677de2688951977e5518d02fa93

Score

10^/10

execution

Malware Config

Extracted

Language

ps1

Deobfuscated

URLs

exe.dropper

http://185.73.125.6/application/ld.exe

Targets

- Target
  
  c714df0154f2b6fc8a82aa35281836c664bd3fbf4be3efc7e8b5b94ac87fc0a6.ps1
- Size
  
  1KB
- MD5
  
  b5b20e03ae941e9f21c444bd50225c41
- SHA1
  
  b27d291596cc890d283e0d3a3e08907c47e3d1cc
- SHA256
  
  c714df0154f2b6fc8a82aa35281836c664bd3fbf4be3efc7e8b5b94ac87fc0a6
- SHA512
  
  d3c1c01667de2f56f3017ce4d57c3cadd3a32c4df2c38da4565668840d59f7f42a3a0446893493bf4ba2013ef16f3c7901811677de2688951977e5518d02fa93
Score

5^/10

execution
- Command and Scripting Interpreter: PowerShell
  Using powershell.exe command.
  execution
- Command and Scripting Interpreter: PowerShell
  Start PowerShell.
  execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2