43a2879fc6050e8d6d6d31dc5f0c6434ed7ab1ee1148df691a50a1a51325a7b9 | Triage

Sharing

General

Target

SnapshotPc.ps1
Size

2KB
Sample

241120-scqzxsygjk
MD5

0a723f0e0d26a96442381dfcc7d99687
SHA1

dec7dcd904d50e24ce711d4a4a62516803859d6f
SHA256

43a2879fc6050e8d6d6d31dc5f0c6434ed7ab1ee1148df691a50a1a51325a7b9
SHA512

aef10e39398bc9a8f15dac4aad49627e2c8a8d46b980e844206725254c3dc1ba6704e8004513708afe2ab30bda74e6fa294130637636885f4b8b097c97ed6985

Score

8^/10

execution

Malware Config

Targets

- Target
  
  SnapshotPc.ps1
- Size
  
  2KB
- MD5
  
  0a723f0e0d26a96442381dfcc7d99687
- SHA1
  
  dec7dcd904d50e24ce711d4a4a62516803859d6f
- SHA256
  
  43a2879fc6050e8d6d6d31dc5f0c6434ed7ab1ee1148df691a50a1a51325a7b9
- SHA512
  
  aef10e39398bc9a8f15dac4aad49627e2c8a8d46b980e844206725254c3dc1ba6704e8004513708afe2ab30bda74e6fa294130637636885f4b8b097c97ed6985
Score

8^/10

execution
- Blocklisted process makes network request
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2