Overview

overview

10

Static

static

Unlimited.ps1

windows7_x64

1

Unlimited.ps1

windows10-2004_x64

10

Analysis

  • max time kernel
    44s
  • max time network
    49s
  • platform
    windows7_x64
  • resource
    win7-20220414-en
  • submitted
    01-07-2022 04:55

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Unlimited.ps1

  • Size

    241KB

  • MD5

    e9dd6ae79fddbcabe2aa76e8fddd0244

  • SHA1

    7ba6c74d36634c6b673ecd05d69a22038e171c6f

  • SHA256

    5227ed40f5ee2c8d976365582e7550bf43e1cedaca4ffdbf3f6993d78826ac47

  • SHA512

    bbffbc363bbd1b97a21b8651f39998de6e7c9c8212e0a8c8ef4e9990b1af18a9b78e835bc2b41f87c5993e82e407d44f09009a6f6cb634d8dec06c9fa0b46244

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
    powershell.exe -ExecutionPolicy bypass -File C:\Users\Admin\AppData\Local\Temp\Unlimited.ps1
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:1808

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1808-54-0x000007FEFB671000-0x000007FEFB673000-memory.dmp
    Filesize

    8KB

    Download
  • memory/1808-55-0x000007FEF3310000-0x000007FEF3D33000-memory.dmp
    Filesize

    10.1MB

    Download
  • memory/1808-56-0x000007FEF27B0000-0x000007FEF330D000-memory.dmp
    Filesize

    11.4MB

    Download
  • memory/1808-57-0x0000000002A24000-0x0000000002A27000-memory.dmp
    Filesize

    12KB

    Download
  • memory/1808-58-0x000000001B890000-0x000000001BB8F000-memory.dmp
    Filesize

    3.0MB

    Download
  • memory/1808-59-0x0000000002A24000-0x0000000002A27000-memory.dmp
    Filesize

    12KB

    Download
  • memory/1808-60-0x0000000002A2B000-0x0000000002A4A000-memory.dmp
    Filesize

    124KB

    Download