Overview

overview

3

Static

static

1

powershell.vb

windows7-x64

3

powershell.vb

windows10-2004-x64

3

Analysis

  • max time kernel
    120s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    10/10/2024, 03:25

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    powershell.vb

  • Size

    129KB

  • MD5

    a07fcb39b340ad8dea993a5f5c4d9064

  • SHA1

    77d0f76618142be56abd231b1296277f3e797dc9

  • SHA256

    eeb86bdd38dc4fa93046f3cc0e443018518b81828d34e5d1e75f3bd9aab0f8a7

  • SHA512

    3a4bfac095b40d6ef901f328dd8a807a053190c6812cba4c1a768d9a7256e8635cd187ff3054bfc951df18d0e0cd8941e1fae786650ae98a30447109f76eabe6

  • SSDEEP

    1536:q27LdLC0AeKaT08u2DP1Znt1NGuOD4chchVLC2D:qA1DfVHOD4chchV+i

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies registry class 1 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c C:\Users\Admin\AppData\Local\Temp\powershell.vb
    1⤵
    • Modifies registry class
    PID:2640

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads