Analysis
-
max time kernel
44s -
max time network
48s -
platform
windows7_x64 -
resource
win7-20220414-en -
submitted
07/05/2022, 17:14
Static task
static1
Behavioral task
behavioral1
Sample
NGBDNGIICPYAAHTTNHEHNQ.ps1
Resource
win7-20220414-en
0 signatures
0 seconds
General
-
Target
NGBDNGIICPYAAHTTNHEHNQ.ps1
-
Size
3.1MB
-
MD5
a3aa56ea0d055b327db1ccca22fc6bfc
-
SHA1
c8e62b37c9b96b7cf32ba5843b6f9242fdef6075
-
SHA256
f1aea885141ff01f8db0c1eeea40190915f79a43d033c2e0f58784d87d540bad
-
SHA512
2fc2e9870f30cae5dd2f63dda167a3c60f611220fa60ab281e7999870dadaba6d9854f4cdc8bf96bb4911a82b45f8ed99d23a76fd841f87f6cc67a1fbe71b724
Score
1/10
Malware Config
Signatures
-
Suspicious behavior: EnumeratesProcesses 1 IoCs
pid Process 1668 powershell.exe -
Suspicious use of AdjustPrivilegeToken 1 IoCs
description pid Process Token: SeDebugPrivilege 1668 powershell.exe