Extracted

• • Target

    8c06ae3bb8173ee779dc548b1c8210fae5692fe209b9dcee6a7d9a9500523537

  • Size

    46KB

  • MD5

    93313463d5535a1d7c8c0d394b842259

  • SHA1

    243adf8df383fd06307d34244e31c388618de540

  • SHA256

    8c06ae3bb8173ee779dc548b1c8210fae5692fe209b9dcee6a7d9a9500523537

  • SHA512

    2e630df9f475e6913251b7d4c161a832d5ad5502456832abd61bc9dfaa7cf3613c5e789c3957c8dcf5c941c14806c2b9279c312ff7a03516287302cc6f0cfcaf

  • SSDEEP

    768:B4SFsv66g3KnF439NKC54kkGfn+cL2XdA8YRtukODXwXqt7sNAQYzKEm8ZRu9Uzp:+SFsv66g3KnF439NKC54kkGfn+cL2Xd+

  Score

  10^/10

  sliverbackdoordiscoveryexecutiontrojan

  • Process spawned unexpected child process

    This typically indicates the parent process was compromised via an exploit or macro.

  • Sliver RAT v2

  • Sliver family

    sliver

  • SliverRAT

    SliverRAT is an open source Adversary Emulation Framework.

    trojanbackdoorsliver

  • Blocklisted process makes network request

  • Command and Scripting Interpreter: PowerShell

    Run Powershell and hide display window.

    execution
  behavioral1behavioral2