Overview

overview

8

Static

static

1

triage.ps1

windows10-1703-x64

8

triage.ps1

windows10-2004-x64

8

triage.ps1

windows11-21h2-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    triage.ps1

  • Size

    467B

  • Sample

    240714-k1emsswhke

  • MD5

    aae1595f3056ad7c3cfb1b9933bbac37

  • SHA1

    7971fb05429f8498089dbfcc77f3e9d0437d988c

  • SHA256

    07800eface9e868f64c1f87f28723d3429b8f7bd30766212306606e4ecdc2769

  • SHA512

    b09c73c60d494f22ebcdf0bffa1b285465e53853865bc71c0ea707ff133a38220435c5fa713cac10b84b8fe571f6f73824f8445b8eb4b77494378bd85941b15c

Score
8/10
execution

Malware Config

Targets

    • Target

      triage.ps1

    • Size

      467B

    • MD5

      aae1595f3056ad7c3cfb1b9933bbac37

    • SHA1

      7971fb05429f8498089dbfcc77f3e9d0437d988c

    • SHA256

      07800eface9e868f64c1f87f28723d3429b8f7bd30766212306606e4ecdc2769

    • SHA512

      b09c73c60d494f22ebcdf0bffa1b285465e53853865bc71c0ea707ff133a38220435c5fa713cac10b84b8fe571f6f73824f8445b8eb4b77494378bd85941b15c

    Score
    8/10
    execution

    • Blocklisted process makes network request

    • Executes dropped EXE

    • Legitimate hosting services abused for malware hosting/C2

    behavioral1behavioral2behavioral3

MITRE ATT&CK Enterprise v15

Tasks