Overview

overview

10

Static

static

10

filesteal.ps1

windows11-21h2-x64

8

filesteal.ps1

windows7-x64

3

filesteal.ps1

windows10-1703-x64

8

filesteal.ps1

windows10-2004-x64

8

filesteal.ps1

windows11-21h2-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    filesteal.ps1

  • Size

    5KB

  • Sample

    240907-sr5rmascnh

  • MD5

    fd5ac42fa62d02583c359425d6e0b936

  • SHA1

    672b83d922c11eaa988c084c10a3ff95d069a04b

  • SHA256

    ca794b1a6e0ae4f2ea1c38a8cce44d5650409f76c3b2535c20f86c0b5a5a3e36

  • SHA512

    fd355452330c04dad893b7b44cf46cd9559cfbe59504f8e61530089de4de35a7a693a20d634f53a0fb5bfce11587891d14e45107bddfe070bf30088de4b5f2b1

  • SSDEEP

    96:pZOo22dQV93iXIN7eGy8M0OvfhqXPj2+QZCj2Nc8G:L22dQV9i4ltAvfhMj2+ECihG

Score
10/10
execution

Malware Config

Extracted

Language
ps1
Source
URLs
exe.dropper

https://store1.gofile.io/uploadFile

Targets

    • Target

      filesteal.ps1

    • Size

      5KB

    • MD5

      fd5ac42fa62d02583c359425d6e0b936

    • SHA1

      672b83d922c11eaa988c084c10a3ff95d069a04b

    • SHA256

      ca794b1a6e0ae4f2ea1c38a8cce44d5650409f76c3b2535c20f86c0b5a5a3e36

    • SHA512

      fd355452330c04dad893b7b44cf46cd9559cfbe59504f8e61530089de4de35a7a693a20d634f53a0fb5bfce11587891d14e45107bddfe070bf30088de4b5f2b1

    • SSDEEP

      96:pZOo22dQV93iXIN7eGy8M0OvfhqXPj2+QZCj2Nc8G:L22dQV9i4ltAvfhMj2+ECihG

    Score
    8/10
    execution

    • Blocklisted process makes network request

    behavioral1behavioral2behavioral3behavioral4behavioral5

MITRE ATT&CK Enterprise v15

Tasks