Analysis
-
max time kernel
122s -
max time network
117s -
platform
windows10_x64 -
resource
win10 -
submitted
13-07-2020 09:39
Static task
static1
Behavioral task
behavioral1
Sample
bDwbcJgZ.ps1
Resource
win7v200430
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
bDwbcJgZ.ps1
Resource
win10
windows10_x64
0 signatures
0 seconds
General
-
Target
bDwbcJgZ.ps1
-
Size
10KB
-
MD5
87ead981b3a26e0aad8b780a6f4de511
-
SHA1
05d8b754617e1972671ce2099e3afdf6efd210d0
-
SHA256
27b7acae44aa6de830142fecb1704064e8c681668a1e8fcbda2912f092c6d3eb
-
SHA512
00e38b6bc634e3f68b7e47f6d1adcdebee288d12688c74af6c18496cddbd0e74ecbc5cbcfd73bda8566842c9094d86a90484d406ee48d117561e833ab2521363
Score
1/10
Malware Config
Signatures
-
Suspicious use of AdjustPrivilegeToken 1 IoCs
Processes:
powershell.exedescription pid process Token: SeDebugPrivilege 3236 powershell.exe -
Suspicious behavior: EnumeratesProcesses 3 IoCs
Processes:
powershell.exepid process 3236 powershell.exe 3236 powershell.exe 3236 powershell.exe