d006ed068aa21cbe7e34f6a2431da12e069529a53908cb965c0798c9fd9a98de

General

Target

ps1008.ps1
Size

848KB
Sample

241122-j6958atkbp
MD5

54e842d329c2946cc0cf528af06f1a86
SHA1

4d0478ebcbcbb2f50964e64d3f1c748902434f93
SHA256

d006ed068aa21cbe7e34f6a2431da12e069529a53908cb965c0798c9fd9a98de
SHA512

7922586903b6a26d026c49d71c2e113928d8a9393ec100d7d232d8cec171f5c97cdc4303e75eec38b4c6005e765adeb18c7f9b3d58153c47e5a3cf7a7abd534f
SSDEEP

12288:8i6UD4ZwdWZ097bfm46LAC3pbFsh86rbckFv1ljUdNWqE63ZVHNta2vjpZx1MF5m:jMe7bPMS5bcGvjjsNY6LHLjpdo9rY31

Score

10^/10

execution

Malware Config

Extracted

Language

ps1

Deobfuscated

URLs

exe.dropper

http://habarimoto24.com/nh

exe.dropper

http://fenett2018.com/dobgx

exe.dropper

http://eastend.jp/bl5kfa

exe.dropper

http://bemnyc.com/u8erijeq

exe.dropper

http://abakus-biuro.net//a9zqemm

exe.dropper

http://yourmother4cancer.info/Nereidae/ZdDZ/umping?HGn3Nw=1932-05-23

Targets

- Target
  
  ps1008.ps1
- Size
  
  848KB
- MD5
  
  54e842d329c2946cc0cf528af06f1a86
- SHA1
  
  4d0478ebcbcbb2f50964e64d3f1c748902434f93
- SHA256
  
  d006ed068aa21cbe7e34f6a2431da12e069529a53908cb965c0798c9fd9a98de
- SHA512
  
  7922586903b6a26d026c49d71c2e113928d8a9393ec100d7d232d8cec171f5c97cdc4303e75eec38b4c6005e765adeb18c7f9b3d58153c47e5a3cf7a7abd534f
- SSDEEP
  
  12288:8i6UD4ZwdWZ097bfm46LAC3pbFsh86rbckFv1ljUdNWqE63ZVHNta2vjpZx1MF5m:jMe7bPMS5bcGvjjsNY6LHLjpdo9rY31
Score

8^/10

execution
- Blocklisted process makes network request
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

1

T1059

PowerShell

1

T1059.001

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Blocklisted process makes network request

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2