Overview

overview

8

Static

static

1

f6a70bc601...c5.ps1

windows7-x64

8

f6a70bc601...c5.ps1

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f6a70bc601f531166a509f2b2ac997a710e2deaeb829f5463dbb9a91c12216c5.ps1

  • Size

    3KB

  • Sample

    241119-sfnnzayaqn

  • MD5

    e072e92783739144aa542421742e5f92

  • SHA1

    edf3b44fb27efa3140527f6cb63dd1759375e648

  • SHA256

    f6a70bc601f531166a509f2b2ac997a710e2deaeb829f5463dbb9a91c12216c5

  • SHA512

    c218adbfe35dc460de092b849b0a5e47c19a41d5c7af37c2fe5c3bdb7a1a87dee42992294c011ba501a25e1c3c550dd7b02a2096c682186d554a4845440df737

Score
8/10
execution

Malware Config

Targets

    • Target

      f6a70bc601f531166a509f2b2ac997a710e2deaeb829f5463dbb9a91c12216c5.ps1

    • Size

      3KB

    • MD5

      e072e92783739144aa542421742e5f92

    • SHA1

      edf3b44fb27efa3140527f6cb63dd1759375e648

    • SHA256

      f6a70bc601f531166a509f2b2ac997a710e2deaeb829f5463dbb9a91c12216c5

    • SHA512

      c218adbfe35dc460de092b849b0a5e47c19a41d5c7af37c2fe5c3bdb7a1a87dee42992294c011ba501a25e1c3c550dd7b02a2096c682186d554a4845440df737

    Score
    8/10
    execution

    • Blocklisted process makes network request

    • Command and Scripting Interpreter: PowerShell

      Using powershell.exe command.

      execution

    • Command and Scripting Interpreter: PowerShell

      Run Powershell and hide display window.

      execution
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks