Overview

overview

8

Static

static

1

abc.ps1

windows10-1703-x64

8

abc.ps1

windows10-2004-x64

8

abc.ps1

windows11-21h2-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    abc.ps1

  • Size

    391B

  • Sample

    240724-jhez6sxgre

  • MD5

    95f237060c89ab71980144432f9d166d

  • SHA1

    c1cd06708c4987ab980160921b5b7edebab8394b

  • SHA256

    be7c58e49a6acf03fd3424d626eb6726fdc7bc9f0fdaec40cd8899959d196a1a

  • SHA512

    f8d060f68325a6b3c9b3d1e88df47c1cae6a3b5729abeb1b8c914e2f5731a4a0dad012d4e08b72221793cf14c92595c018c1c2e7def7ae911231fca9df884d24

Score
8/10
execution

Malware Config

Targets

    • Target

      abc.ps1

    • Size

      391B

    • MD5

      95f237060c89ab71980144432f9d166d

    • SHA1

      c1cd06708c4987ab980160921b5b7edebab8394b

    • SHA256

      be7c58e49a6acf03fd3424d626eb6726fdc7bc9f0fdaec40cd8899959d196a1a

    • SHA512

      f8d060f68325a6b3c9b3d1e88df47c1cae6a3b5729abeb1b8c914e2f5731a4a0dad012d4e08b72221793cf14c92595c018c1c2e7def7ae911231fca9df884d24

    Score
    8/10
    execution

    • Blocklisted process makes network request

    • Executes dropped EXE

    • Loads dropped DLL

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1behavioral2behavioral3

MITRE ATT&CK Enterprise v15

Tasks