Analysis
-
max time kernel
18s -
max time network
44s -
platform
windows7_x64 -
resource
win7-20220414-en -
submitted
15-04-2022 12:26
Static task
static1
Behavioral task
behavioral1
Sample
mevlbkxshp.ps1
Resource
win7-20220414-en
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
mevlbkxshp.ps1
Resource
win10v2004-20220414-en
windows10-2004_x64
0 signatures
0 seconds
General
-
Target
mevlbkxshp.ps1
-
Size
119KB
-
MD5
cc55cf5d17726a6137c51fecff65659f
-
SHA1
039339bd25e0a3a6183d1c848007377f939eeb04
-
SHA256
2d97a2fb3bb70289266079670be42efa882a361e922dee6a109884222b3336d6
-
SHA512
8df91c615f07b9b722616a4e43a6869ce701d4eb82be43c2e7eaee43845f5b61e657c918d741d65459b7fe9c96ebde4ff6811398f1e63e57d205e9411bfb905a
Score
1/10
Malware Config
Signatures
-
Suspicious behavior: EnumeratesProcesses 1 IoCs
pid Process 1944 powershell.exe -
Suspicious use of AdjustPrivilegeToken 1 IoCs
description pid Process Token: SeDebugPrivilege 1944 powershell.exe