Summary | ZeroBOX

DON.ps1

Hide_EXE Generic Malware Antivirus
Category Machine Started Completed
FILE s1_win7_x6401 Dec. 16, 2024, 6:21 p.m. Dec. 16, 2024, 6:39 p.m.
Size 335.5KB
Type ASCII text, with very long lines, with CRLF line terminators
MD5 653067d2d3176ff5d92fb98c03cef517
SHA256 2546367ac2a5ead920e3e4af8b570ac16754145a610c0da5dcd4ad6f17f18529
CRC32 C08F4CE6
ssdeep 6144:hz19opa4iOZE0/s0j9b4EB+Q6YVs87OjzsQ1fVSOEqkUk:hLopahOZEaHj9bH6in7Ojz7EOEqkX
Yara
  • hide_executable_file - Hide executable file

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
164.124.101.2 Active Moloch

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

Skyhigh BehavesLike.PS.Dropper.fn
Symantec ML.Attribute.HighConfidence
ESET-NOD32 PowerShell/TrojanDropper.Agent.AFG
Avast Other:Malware-gen [Trj]
Kaspersky UDS:DangerousObject.Multi.Generic
Rising Dropper.Agent/PS!8.111A0 (TOPIS:E0:0rBVeG09wgR)
Ikarus Trojan-Dropper.PowerShell.Agent
Google Detected
Kingsoft Script.Ks.Malware.9344
Microsoft Trojan:Script/Wacatac.B!ml
GData Script.Trojan.Agent.POXAHX
Tencent Win32.Trojan.Generic.Htgl
huorong Trojan/PS.Encpe.a
AVG Other:Malware-gen [Trj]
alibabacloud Trojan[dropper]:Win/Wacatac.B9nj