Overview

overview

10

Static

static

10

powr.exe

windows7-x64

1

powr.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    powr.exe

  • Size

    4.5MB

  • Sample

    250110-qxzfpaxqcm

  • MD5

    f65b789211ab3821e1864f01bc9cacb3

  • SHA1

    b5ac7b515e839a06844a39a5218b4e10d5513c39

  • SHA256

    0c734b30df8049aba666a808f802c5daf9bbde44c05048fd6ed1a120fd351c59

  • SHA512

    da134992d45e3ee76d69b6f6dcb05c0eec4f56d183bc4a3374d5543c5f6c9ad9be51fee5a9989b505d278767f54024789765430b97b550e57b715eaa7cf29c81

  • SSDEEP

    49152:rX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe85QJvj:rlRsZ47/QXoHUOfAoj1x6l

Score
10/10
meshagenttest

Malware Config

Extracted

Family

meshagent

Version

2

Botnet

Test

Attributes
  • mesh_id

    0x8CB76603DCB9DA0DB5FB70A9571D978892BFE179ADA4BC14DF6C2F1EA1400A4762425981946F04C44AEC17BC68DF3097

  • server_id

    5CBB4140F1C76ABA247DA39131969AD78837692B03E9B5DFCF7ACE025E18FF9408A258EAB9F2ADA2AE954901D5CDABB6

  • wss

    localhost

Targets

    • Target

      powr.exe

    • Size

      4.5MB

    • MD5

      f65b789211ab3821e1864f01bc9cacb3

    • SHA1

      b5ac7b515e839a06844a39a5218b4e10d5513c39

    • SHA256

      0c734b30df8049aba666a808f802c5daf9bbde44c05048fd6ed1a120fd351c59

    • SHA512

      da134992d45e3ee76d69b6f6dcb05c0eec4f56d183bc4a3374d5543c5f6c9ad9be51fee5a9989b505d278767f54024789765430b97b550e57b715eaa7cf29c81

    • SSDEEP

      49152:rX3YnLOQYsZfQ74C6SkgSbXP31+frjUYuHi7nT8poTMFvfuJ1kZ7NrjHQe85QJvj:rlRsZ47/QXoHUOfAoj1x6l

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks