Overview

overview

10

Static

static

10

toto.ps1

windows11-21h2-x64

8

Resubmissions

11-01-2025 14:25

250111-rq9hra1mds 10

11-01-2025 14:22

250111-rpm85a1maz 10

11-01-2025 14:21

250111-rn6n3stmdj 10

11-01-2025 14:20

250111-rnmk7stmcm 10

11-01-2025 14:15

250111-rkwppstlfp 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    toto.txt

  • Size

    499B

  • Sample

    250111-rq9hra1mds

  • MD5

    a54ada657efbbe1395598aae1bdac1f9

  • SHA1

    a7887658eebba20bd97e43010ac5ffd5b972a273

  • SHA256

    fa9cf901bd2c9359d2efc09f8adb1baa12ae56b841ba06dd057cefd58c778316

  • SHA512

    f78a115a61450bd156959371572730c7c6a262907ae6dfc33fbafe77660cc5c5db0e9ca2795750f069efdce8d5f0f033d61aed50097fe89e94d59e3c89e1184b

Score
10/10
discoveryexecution

Malware Config

Extracted

Language
ps1
Deobfuscated
URLs
exe.dropper

https://human-cldf.com/gamdos.zip

Targets

    • Target

      toto.txt

    • Size

      499B

    • MD5

      a54ada657efbbe1395598aae1bdac1f9

    • SHA1

      a7887658eebba20bd97e43010ac5ffd5b972a273

    • SHA256

      fa9cf901bd2c9359d2efc09f8adb1baa12ae56b841ba06dd057cefd58c778316

    • SHA512

      f78a115a61450bd156959371572730c7c6a262907ae6dfc33fbafe77660cc5c5db0e9ca2795750f069efdce8d5f0f033d61aed50097fe89e94d59e3c89e1184b

    Score
    8/10
    discoveryexecution

    • Blocklisted process makes network request

    • Executes dropped EXE

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks