Analysis
-
max time kernel
46s -
max time network
49s -
platform
windows7_x64 -
resource
win7-20220812-en -
resource tags
-
submitted
23-09-2022 06:59
General
-
Target
command":["\"C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe\" ","\"C:\\Program Files\\Go.ps1
-
Size
551B
-
MD5
0e6c38286f2b07ba48f545189e34bc4a
-
SHA1
6228334f37ba8fbdb7121ba3df0087a18e41c07c
-
SHA256
69e882f666292763b83e44d3c044644a9b2b807964db3bf36ed715d004a24fe3
-
SHA512
1b67a3979e81b4984690223ab57b89cf94deeca348275125d3611e6064a27d25cdb069ae20967bb92b559752010755c64c74c2a2e9b3e61cdfb111dfd25a2f51
Score
1/10
Malware Config
Signatures
-
Suspicious behavior: EnumeratesProcesses 1 IoCs
-
Suspicious use of AdjustPrivilegeToken 1 IoCs
Processes
-
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exepowershell.exe -ExecutionPolicy bypass -File "C:\Users\Admin\AppData\Local\Temp\command__[_\_C_\Program Files\Google\Chrome\Application\chrome.exe\_ _,_\_C_\Program Files\Go.ps1"1⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/1996-54-0x000007FEFB741000-0x000007FEFB743000-memory.dmpFilesize
8KB
-
memory/1996-55-0x000007FEF33C0000-0x000007FEF3DE3000-memory.dmpFilesize
10.1MB
-
memory/1996-56-0x000007FEF2860000-0x000007FEF33BD000-memory.dmpFilesize
11.4MB
-
memory/1996-57-0x0000000002704000-0x0000000002707000-memory.dmpFilesize
12KB
-
memory/1996-58-0x000000001B810000-0x000000001BB0F000-memory.dmpFilesize
3.0MB
-
memory/1996-59-0x0000000002704000-0x0000000002707000-memory.dmpFilesize
12KB
-
memory/1996-60-0x000000000270B000-0x000000000272A000-memory.dmpFilesize
124KB