Overview

overview

10

Static

static

10

4f83fcc475...d3.ps1

windows7-x64

10

4f83fcc475...d3.ps1

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    4f83fcc475efea49edeeec23943812339ce46bf9ce17d173f9b56925acca19d3

  • Size

    62KB

  • MD5

    c16f77a31ed223b029bbbdea39c1b9a1

  • SHA1

    1fb6b0ebbbed286b4d79f3a2e94491765fed24bd

  • SHA256

    4f83fcc475efea49edeeec23943812339ce46bf9ce17d173f9b56925acca19d3

  • SHA512

    d73c703d5032ae7c807244f54073db197ba6a464565aaa4eb9cc484567fb9329f595e38ab1f7e8f73f19ddc167f2d72abe5b3b1253dcd70008c36288ab5196f6

  • SSDEEP

    1536:eZ5B4yEalbSBYScextxJd2GFIRnCDLlSWewY:eZ5B4yEjtcQxJdvIRnYlSWewY

Score
10/10

Malware Config

Extracted

Language
ps1
Source
URLs
ps1.dropper

https://raw.githubusercontent.com/SimXHub/TrickyToken/main/frontend-src/injection.js
exe.dropper

https://discord.com/api/webhooks/1273250445632213025/AGQ8gtqPLHAMaBLi5CpwSLLdo30q_hIUE8L9vTfEA98J8NkHkad6vMK8bZz9kg-uxW40
exe.dropper

https://i.imgur.com/DOIYOtp.gif
exe.dropper

https://raw.githubusercontent.com/SimXHub/TrickyToken/main/frontend-src/blockhosts.ps1
exe.dropper

https://raw.githubusercontent.com/SimXHub/TrickyToken/main/frontend-src/antivm.ps1
exe.dropper

http://ip-api.com/json
exe.dropper

https://raw.githubusercontent.com/SimXHub/TrickyToken/main/frontend-src/webcam.ps1
exe.dropper

https://raw.githubusercontent.com/SimXHub/TrickyToken/main/frontend-src/kematian_shellcode.ps1

Signatures

Files

  • 4f83fcc475efea49edeeec23943812339ce46bf9ce17d173f9b56925acca19d3
    .ps1