General
-
Target
file01.ps1
-
Size
350B
-
Sample
240809-zjvd9aybmm
-
MD5
87c38dbe027bf817cdd4d164709f17f4
-
SHA1
92d099cf04ecfa87dd4f87e7bc145fc751bfd818
-
SHA256
6d0afcf0e9c77bb643a63c643387a10ff4a9a1cfd77e42b508fbab8e3746ff5e
-
SHA512
607aba153b38bc98a4c11c2ac74cf83f98193ba2df551c897703320a2d36fe59ccf8b9d28edba8dbbae9f9d5c4b8fd3e52ff0d2888dcbaf2f3029b4d3d5b8dc6
Static task
static1
Behavioral task
behavioral1
Sample
file01.ps1
Resource
win7-20240705-en
Malware Config
Targets
-
-
Target
file01.ps1
-
Size
350B
-
MD5
87c38dbe027bf817cdd4d164709f17f4
-
SHA1
92d099cf04ecfa87dd4f87e7bc145fc751bfd818
-
SHA256
6d0afcf0e9c77bb643a63c643387a10ff4a9a1cfd77e42b508fbab8e3746ff5e
-
SHA512
607aba153b38bc98a4c11c2ac74cf83f98193ba2df551c897703320a2d36fe59ccf8b9d28edba8dbbae9f9d5c4b8fd3e52ff0d2888dcbaf2f3029b4d3d5b8dc6
-
Possible privilege escalation attempt
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Modifies file permissions
-
Drops file in System32 directory
-