Analysis
-
max time kernel
145s -
max time network
150s -
platform
windows10-2004_x64 -
resource
win10v2004-20220812-en -
resource tags
-
submitted
11/10/2022, 15:11
General
-
Target
f120d685d330182fd55233e36822fdd64f79fd8029934f550e6a0d956a5aaf08.ps1
-
Size
317KB
-
MD5
6a806d614dba55b2d846da726500a30a
-
SHA1
175ac20b4c5dd670990aa777d2d8c09efd7cda78
-
SHA256
f120d685d330182fd55233e36822fdd64f79fd8029934f550e6a0d956a5aaf08
-
SHA512
829422d5b241642534c654e7c728bb9f9127dbadd14de843fb2a65b6f54dd911b631339612b256d2bd2d8cc4befb2ca71ab05222e53a93acf6a9d3662b2ae000
-
SSDEEP
3072:F/gd+iBRIri+L7902tl1TT+3rjHH6ZIz/3w8Qp:wRIW+Lp023orjHHQE/3w8i
Score
1/10
Malware Config
Signatures
-
Suspicious behavior: EnumeratesProcesses 2 IoCs
-
Suspicious use of AdjustPrivilegeToken 1 IoCs
Processes
-
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exepowershell.exe -ExecutionPolicy bypass -File C:\Users\Admin\AppData\Local\Temp\f120d685d330182fd55233e36822fdd64f79fd8029934f550e6a0d956a5aaf08.ps11⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
136KB
-
Filesize
10.8MB
-
Filesize
10.8MB
-
Filesize
10.8MB