PSLoramyra: Technical Analysis of Fileless Malware Loader
Common Information
Type Value
UUID 48915d33-a5e4-4158-a9b4-ce50909cc6ac
Fingerprint 2c028980ad322b8a
Analysis status DONE
Considered CTI value 2
Text language
Published Nov. 27, 2024, 11:15 a.m.
Added to db Nov. 27, 2024, 12:42 p.m.
Last updated Dec. 4, 2024, 2:51 p.m.
Headline PSLoramyra: Technical Analysis of Fileless Malware Loader
Title PSLoramyra: Technical Analysis of Fileless Malware Loader
Detected Hints/Tags/Attributes 42/2/21
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 158 Malware Analysis, News and Indicators - Latest topics https://malware.news/latest.rss 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details Domain 1007
any.run
Details Domain 376
wscript.shell
Details Domain 5
newpe2.pe
Details Domain 3
ronymahmoud.casacam.net
Details File 5
roox.ps1
Details File 5
roox.bat
Details File 5
roox.vbs
Details File 74
regsvcs.exe
Details File 3
taskdefinition.settings
Details File 2
c:\users\public\roox.vbs
Details File 2
taskfolder.reg
Details File 42
aspnet_compiler.exe
Details File 2
c:\users\public\roox.bat
Details File 2
c:\users\public\roox.ps1
Details sha256 3
ac05a1ec83c7c36f77dec929781dd2dae7151e9ce00f0535f67fcdb92c4f81d9
Details sha256 3
9018a2f6018b6948fc134490c3fb93c945f10d89652db7d8491a98790d001c1e
Details sha256 3
d50cfca93637af25dc6720ebf40d54eec874004776b6bc385d544561748c2ffc
Details sha256 3
ef894d940115b4382997954bf79c1c8272b24ee479efc93d1b0b649133a457cb
Details IPv4 2
3.145.156.44
Details Url 2
https://gchq.github.io/cyberchef/#recipe=find_
Details Url 1
https://intelligence.any.run/analysis/lookup/?utm_source=anyrunblog&utm_medium=article&utm_campaign=psloryama_analysis&utm_term=271124&utm_content=linktolookup#{%22query%22:%22commandline:%5c%22c:%5c%5c%5c%5cusers%5c%5c%5c%5cpublic%5c%5c%5c%5c*.vbs%5c%22%20and%20commandline:%5c%22c:%5c%5c%5c%5cusers%5c%5c%5c%5cpublic%5c%5c%5c%5c*.bat%5c%22%20and%20commandline:%5c%22c:%5c%5c%5c%5cusers%5c%5c%5c%5cpublic%5c%5c%5c%5c*.ps1