4fd31e88caeb28cfeca2e8b2201473c4faefdd90ede556c62faee7c6bd2f3a08 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ap-file-vaultFile10607510529757527094.vol-2098683780.zip
Size

944B
Sample

240611-spz4cssbkl
MD5

bad47ef8a3b147a4e160f7ae6733feec
SHA1

bcfc51968d819642fccfd79c2aa106c85c5ab413
SHA256

4fd31e88caeb28cfeca2e8b2201473c4faefdd90ede556c62faee7c6bd2f3a08
SHA512

7fc51780285abd99d105d86e5eded52c6ab4e2189238a719d6053622467f8ed47d168b8f12459ccf52761ae6f34540f46d3d7c1bd84bf6ef76e84c0150ef3ac4

Score

10^/10

execution

Malware Config

Extracted

Language

ps1

Source

URLs

ps1.dropper

http://146.70.115.7:8081/uigvhewrSEDIUJORVGYHws987iovgeu/64.ps1

Targets

- Target
  
  vaultFile10607510529757527094.vol
- Size
  
  298B
- MD5
  
  e13b80f3203f2bd1a879a3898394e614
- SHA1
  
  4eddf7f187814e4dde5b3670bc80ec3675de0c60
- SHA256
  
  6179596b20ea3abea5ef7c66b0b22f963d8e1435226f9e73180bbaada93b3a8d
- SHA512
  
  b31722692e0a28c7a5db27dee86231cac148aaaa8cbfa7a339ec7e3468e38d64571c189a3722df852fd92776b85b1e44faaa8f5039baf555a2e5df7f82a5db96
Score

8^/10

execution
- Blocklisted process makes network request
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2