General

  • Target

    ps1006.ps1

  • Size

    783KB

  • Sample

    241122-j6958axlcv

  • MD5

    c538cd6483e9cf1510943d965f890777

  • SHA1

    4dd880286916a54f6b0b3ed74e85135d1b2fc032

  • SHA256

    8d09f0aa9a5d675e1f28dd31f6c982d33924c58d7b9b873d5cc90f3ddea5b491

  • SHA512

    a13b2df4a31a587d54f1b5ae9d0d0aa2d89bf9562632b40730c741273811fb769003a8e6740035ef2dbf2740273f1a8b46d882b59983fa5dd885926d29e5976e

  • SSDEEP

    12288:8ppYXT60Mv5a8kebcetZ3Aq74GA19Td1JplTmu5jP+D/43EeI1gZEtd14Q2fb5C:fXWZ5Pbcq92zjP+sjI10+r4Q2D5C

Score
10/10

Malware Config

Extracted

Language
ps1
Deobfuscated
URLs
exe.dropper

http://habarimoto24.com/nh

exe.dropper

http://fenett2018.com/dobgx

exe.dropper

http://eastend.jp/bl5kfa

exe.dropper

http://bemnyc.com/u8erijeq

exe.dropper

http://abakus-biuro.net//a9zqemm

exe.dropper

http://yourmother4cancer.info/Nereidae/ZdDZ/umping?HGn3Nw=1932-05-23

Targets

    • Target

      ps1006.ps1

    • Size

      783KB

    • MD5

      c538cd6483e9cf1510943d965f890777

    • SHA1

      4dd880286916a54f6b0b3ed74e85135d1b2fc032

    • SHA256

      8d09f0aa9a5d675e1f28dd31f6c982d33924c58d7b9b873d5cc90f3ddea5b491

    • SHA512

      a13b2df4a31a587d54f1b5ae9d0d0aa2d89bf9562632b40730c741273811fb769003a8e6740035ef2dbf2740273f1a8b46d882b59983fa5dd885926d29e5976e

    • SSDEEP

      12288:8ppYXT60Mv5a8kebcetZ3Aq74GA19Td1JplTmu5jP+D/43EeI1gZEtd14Q2fb5C:fXWZ5Pbcq92zjP+sjI10+r4Q2D5C

    Score
    8/10
    • Blocklisted process makes network request

MITRE ATT&CK Enterprise v15

Tasks