Static task
static1
General
-
Target
powershell.exe
-
Size
5KB
-
MD5
bfeba9ab1b68cd3487225ea72ed3f62a
-
SHA1
da387632cdea0e911a2872e64b3cc0b5f7963bea
-
SHA256
bbf73ff62908e63fecd60688acc154e48787e5dbac0116d557d15253b79f8284
-
SHA512
cc1f3c8a0c692f1a3866cddc521e5d4e98305333a27f3400cc6dc08ee910b422ccd61599bfcb20e092e08fb76ecb1b490dbbe406b4ffe35c7f6a817e7d6827a7
-
SSDEEP
48:6Sy5LIBaK+rzWKwW2j6PJb1UfQjFYi5YBlvdcTNOulJj+68qXSfbNtm:3+LSary7YU4jFYi5YTCTT7j+6MzNt
Malware Config
Signatures
Files
-
powershell.exe.exe windows x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ