General
-
Target
https://zip-store.oss-ap-southeast-1.aliyuncs.com/updated%20file/getup.txt
-
Sample
241107-zqn6taxqet
Score
10/10
Static task
static1
URLScan task
urlscan1
Behavioral task
behavioral1
Sample
https://zip-store.oss-ap-southeast-1.aliyuncs.com/updated%20file/getup.txt
Resource
win10v2004-20241007-en
18 signatures
150 seconds
Malware Config
Extracted
Language
ps1
Deobfuscated
URLs
exe.dropper
https://zip-store.oss-ap-southeast-1.aliyuncs.com/v2-sep-baba.txt
Targets
-
-
Target
https://zip-store.oss-ap-southeast-1.aliyuncs.com/updated%20file/getup.txt
Score10/10-
Blocklisted process makes network request
-
Executes dropped EXE
-
Adds Run key to start application
-
Drops file in System32 directory
-
Suspicious use of SetThreadContext
-