1ad71e3cee2df332e018c946e6c3963193c46592564210339bae445911081905 | Triage

Sharing

General

Target

code.ps1
Size

3KB
Sample

240829-tscynszglg
MD5

6b2fbc88a1887a155e43416ac9d9412d
SHA1

0c003d757befa7df1c0a4521226aa024bd9f02fe
SHA256

1ad71e3cee2df332e018c946e6c3963193c46592564210339bae445911081905
SHA512

0a51e1e5e4003c2596f694b08ed74eb0aa915b75d709f03b7f91b5d9824a029d619e6d15c744d255524a0071f82a5766f121e9d6e47abc4e2f8fa65969871d4f

Score

8^/10

execution

Malware Config

Targets

- Target
  
  code.ps1
- Size
  
  3KB
- MD5
  
  6b2fbc88a1887a155e43416ac9d9412d
- SHA1
  
  0c003d757befa7df1c0a4521226aa024bd9f02fe
- SHA256
  
  1ad71e3cee2df332e018c946e6c3963193c46592564210339bae445911081905
- SHA512
  
  0a51e1e5e4003c2596f694b08ed74eb0aa915b75d709f03b7f91b5d9824a029d619e6d15c744d255524a0071f82a5766f121e9d6e47abc4e2f8fa65969871d4f
Score

8^/10

execution
- Blocklisted process makes network request
- Drops file in Drivers directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2