6e1543e7b97c225182680bac52f31ad86d2243979c30b37d8a932b9311c214c8 | Triage

Sharing

General

Target

windows-solo.ps1
Size

511B
Sample

240714-yq1zyatajl
MD5

2b15e6dd22a7a73c8a72739110467e25
SHA1

1f93f8a881358cc8fc61b84bab504cb94cb7a294
SHA256

6e1543e7b97c225182680bac52f31ad86d2243979c30b37d8a932b9311c214c8
SHA512

efb67124e5f22e6f889c3da0feee4a1429db80a4c5c8a67ed04904a2415c4b27b3c200c5e7063ae32a4e40e1aa80fa69d80d64ec2ceef4312e73b207a0c239fe

Score

8^/10

execution

Malware Config

Targets

- Target
  
  windows-solo.ps1
- Size
  
  511B
- MD5
  
  2b15e6dd22a7a73c8a72739110467e25
- SHA1
  
  1f93f8a881358cc8fc61b84bab504cb94cb7a294
- SHA256
  
  6e1543e7b97c225182680bac52f31ad86d2243979c30b37d8a932b9311c214c8
- SHA512
  
  efb67124e5f22e6f889c3da0feee4a1429db80a4c5c8a67ed04904a2415c4b27b3c200c5e7063ae32a4e40e1aa80fa69d80d64ec2ceef4312e73b207a0c239fe
Score

8^/10

execution
- Blocklisted process makes network request
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3