Overview

overview

10

Static

static

4

Powershell...19.pdf

windows7-x64

3

Powershell...19.pdf

windows10-2004-x64

3

Powershell...il.bat

windows7-x64

8

Powershell...il.bat

windows10-2004-x64

8

Powershell...il.ps1

windows7-x64

10

Powershell...il.ps1

windows10-2004-x64

10

Powershell...il.vbs

windows7-x64

3

Powershell...il.vbs

windows10-2004-x64

3

Powershell...RAT.py

ubuntu-18.04-amd64

1

Powershell...RAT.py

debian-9-armhf

1

Powershell...RAT.py

debian-9-mips

1

Powershell...RAT.py

debian-9-mipsel

1

Powershell...ot.bat

windows7-x64

8

Powershell...ot.bat

windows10-2004-x64

8

Powershell...ot.ps1

windows7-x64

3

Powershell...ot.ps1

windows10-2004-x64

3

Powershell...ot.vbs

windows7-x64

3

Powershell...ot.vbs

windows10-2004-x64

3

Powershell...ot.bat

windows7-x64

8

Powershell...ot.bat

windows10-2004-x64

8

Powershell...ot.ps1

windows7-x64

3

Powershell...ot.ps1

windows10-2004-x64

3

Powershell...ot.vbs

windows7-x64

3

Powershell...ot.vbs

windows10-2004-x64

3

Analysis

  • max time kernel
    0s
  • max time network
    128s
  • platform
    ubuntu-18.04_amd64
  • resource
    ubuntu1804-amd64-20240611-en
  • resource tags

    arch:amd64arch:i386image:ubuntu1804-amd64-20240611-enkernel:4.15.0-213-genericlocale:en-usos:ubuntu-18.04-amd64system
  • submitted
    13/08/2024, 21:43

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Powershell-RAT-master/PowershellRAT.py

  • Size

    4KB

  • MD5

    c64564ea536ccc08944e3630817c662c

  • SHA1

    c5e9857eaf0dd7eeb23e978576082a98341e2ba3

  • SHA256

    cba0ad91d458531a6eeabd5357b59883717635d19ddbec03a5ac59748fac04b6

  • SHA512

    1b3a850f3818da05bcc35406ba1e77f46fe4bb8735e7ef0c985c6f9008d28857edce861a56d969665c93ca78367694ccc6218018bcc3c5812d7ddd53216883e2

  • SSDEEP

    96:ajRE1111111DXPEf0HixNcXx9fTekE3PZFDyWIsFyxYsws+KMn2sWL6EioS1DVyH:p1111111DXPm+xnuDFq0nF86JoS3Fep

Score
1/10

Malware Config

Signatures

Processes

  • /tmp/Powershell-RAT-master/PowershellRAT.py
    /tmp/Powershell-RAT-master/PowershellRAT.py
    1⤵
      PID:1523
    • /usr/local/sbin/python3
      "python3 " /tmp/Powershell-RAT-master/PowershellRAT.py
      1⤵
        PID:1523
      • /usr/local/bin/python3
        "python3 " /tmp/Powershell-RAT-master/PowershellRAT.py
        1⤵
          PID:1523
        • /usr/sbin/python3
          "python3 " /tmp/Powershell-RAT-master/PowershellRAT.py
          1⤵
            PID:1523
          • /usr/bin/python3
            "python3 " /tmp/Powershell-RAT-master/PowershellRAT.py
            1⤵
              PID:1523
            • /sbin/python3
              "python3 " /tmp/Powershell-RAT-master/PowershellRAT.py
              1⤵
                PID:1523
              • /bin/python3
                "python3 " /tmp/Powershell-RAT-master/PowershellRAT.py
                1⤵
                  PID:1523
                • /snap/bin/python3
                  "python3 " /tmp/Powershell-RAT-master/PowershellRAT.py
                  1⤵
                    PID:1523

                  Network

                  MITRE ATT&CK Matrix

                  Replay Monitor

                  Loading Replay Monitor...

                  Downloads