Overview

overview

8

Static

static

1

84239jfidso.ps1

windows10-1703-x64

8

84239jfidso.ps1

windows10-2004-x64

8

84239jfidso.ps1

windows11-21h2-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    84239jfidso.ps1

  • Size

    391B

  • Sample

    240725-knqjjasamh

  • MD5

    66247c78d156ea0ecaf37092a3a43e96

  • SHA1

    bd80441d98b7e76565375301460ab8a15f82534b

  • SHA256

    a84ef5c3011fe9ea524bff400e183728937faf314acfed1d3677a1b0d81e3c39

  • SHA512

    8aed4a8681b74ede52dec60fafb4fa0cd7da5901a57147678c1381b75099702a3ee2734a83071691b8e9810c2543b0756ebe23a1d8964ac9ee2ffdfb6935b692

Score
8/10
execution

Malware Config

Targets

    • Target

      84239jfidso.ps1

    • Size

      391B

    • MD5

      66247c78d156ea0ecaf37092a3a43e96

    • SHA1

      bd80441d98b7e76565375301460ab8a15f82534b

    • SHA256

      a84ef5c3011fe9ea524bff400e183728937faf314acfed1d3677a1b0d81e3c39

    • SHA512

      8aed4a8681b74ede52dec60fafb4fa0cd7da5901a57147678c1381b75099702a3ee2734a83071691b8e9810c2543b0756ebe23a1d8964ac9ee2ffdfb6935b692

    Score
    8/10
    execution

    • Blocklisted process makes network request

    • Executes dropped EXE

    • Loads dropped DLL

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1behavioral2behavioral3

MITRE ATT&CK Enterprise v15

Tasks