d38d89481f51a1a5d1d5aabf40f720fefab009a585f6c03f72256ed248ec6e8f | Triage

Sharing

General

Target

trigger.ps1
Size

750B
Sample

241121-htlfnaygrb
MD5

f5a5a9e0884cfc478ad13dc7c5335e58
SHA1

988bd91eb97d3b9f35c185122ff4677006279511
SHA256

d38d89481f51a1a5d1d5aabf40f720fefab009a585f6c03f72256ed248ec6e8f
SHA512

2ab1b98d82b4eacdab2b46dca31f892eee7a4bf88b9892079d7f14dfc7f5a497c1849f12b72efbc54062a4f389a4eea43fddce300466f50798a4e5968eda99e7

Score

10^/10

execution

Malware Config

Extracted

Language

ps1

Deobfuscated

URLs

exe.dropper

https://fixedzip.oss-ap-southeast-5.aliyuncs.com/run.zip

Targets

- Target
  
  trigger.ps1
- Size
  
  750B
- MD5
  
  f5a5a9e0884cfc478ad13dc7c5335e58
- SHA1
  
  988bd91eb97d3b9f35c185122ff4677006279511
- SHA256
  
  d38d89481f51a1a5d1d5aabf40f720fefab009a585f6c03f72256ed248ec6e8f
- SHA512
  
  2ab1b98d82b4eacdab2b46dca31f892eee7a4bf88b9892079d7f14dfc7f5a497c1849f12b72efbc54062a4f389a4eea43fddce300466f50798a4e5968eda99e7
Score

3^/10

execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2