Analysis
-
max time kernel
41s -
max time network
44s -
platform
windows7_x64 -
resource
win7-20220414-en -
submitted
03-06-2022 12:15
Static task
static1
Behavioral task
behavioral1
Sample
1127.ps1
Resource
win7-20220414-en
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
1127.ps1
Resource
win10v2004-20220414-en
windows10-2004_x64
0 signatures
0 seconds
Behavioral task
behavioral3
Sample
Scan_660.jpg.lnk
Resource
win7-20220414-en
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral4
Sample
Scan_660.jpg.lnk
Resource
win10v2004-20220414-en
windows10-2004_x64
0 signatures
0 seconds
General
-
Target
1127.ps1
-
Size
144KB
-
MD5
c81a105cc43cfc5cf1235ecd00f13ba2
-
SHA1
24fc2bb78929f8060894c6db3eb59f14bcfc6ccd
-
SHA256
aa165be74685672c97476ffb5f1536bcf23269db4bde4537206b49fd61805d97
-
SHA512
57641cab24cc922012a15ded50c977c6c3813ac5320a93883c33a4364073a1c410d9b3b6924d9f383d4262e244e3876d35624dd2435016820394bd005660d938
Score
1/10
Malware Config
Signatures
-
Suspicious behavior: EnumeratesProcesses 1 IoCs
pid Process 2008 powershell.exe -
Suspicious use of AdjustPrivilegeToken 1 IoCs
description pid Process Token: SeDebugPrivilege 2008 powershell.exe