PSLoramyra: Technical Analysis of Fileless Malware Loader - ANY.RUN's Cybersecurity Blog
Common Information
Type Value
UUID 5f10aeee-22ec-4096-8f50-495d33195211
Fingerprint 2c0289a0ad3a2b8a
Analysis status DONE
Considered CTI value 2
Text language
Published Nov. 27, 2024, 11:09 a.m.
Added to db Nov. 27, 2024, 12:46 p.m.
Last updated Dec. 4, 2024, 2:51 p.m.
Headline PSLoramyra: Technical Analysis of Fileless Malware Loader
Title PSLoramyra: Technical Analysis of Fileless Malware Loader - ANY.RUN's Cybersecurity Blog
Detected Hints/Tags/Attributes 38/2/19
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 14 ANY.RUN's Cybersecurity Blog https://any.run/cybersecurity-blog/feed/ 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details Domain 1007
any.run
Details Domain 376
wscript.shell
Details Domain 5
newpe2.pe
Details Domain 3
ronymahmoud.casacam.net
Details File 5
roox.ps1
Details File 5
roox.bat
Details File 5
roox.vbs
Details File 74
regsvcs.exe
Details File 3
taskdefinition.settings
Details File 2
c:\users\public\roox.vbs
Details File 2
taskfolder.reg
Details File 42
aspnet_compiler.exe
Details File 2
c:\users\public\roox.bat
Details File 2
c:\users\public\roox.ps1
Details sha256 3
ac05a1ec83c7c36f77dec929781dd2dae7151e9ce00f0535f67fcdb92c4f81d9
Details sha256 3
9018a2f6018b6948fc134490c3fb93c945f10d89652db7d8491a98790d001c1e
Details sha256 3
d50cfca93637af25dc6720ebf40d54eec874004776b6bc385d544561748c2ffc
Details sha256 3
ef894d940115b4382997954bf79c1c8272b24ee479efc93d1b0b649133a457cb
Details IPv4 2
3.145.156.44