d2d630ebb69161154677e30950d6e240b7c46ad17e2fe46196fd5119cfbb1e96

Submit
Reports

Overview

overview

Static

static

wpai-wooco...ort.js

windows7-x64

wpai-wooco...ort.js

windows10-2004-x64

wpai-wooco...ig.ps1

windows7-x64

wpai-wooco...ig.ps1

windows10-2004-x64

wpai-wooco...er.ps1

windows7-x64

wpai-wooco...er.ps1

windows10-2004-x64

wpai-wooco...er.ps1

windows7-x64

wpai-wooco...er.ps1

windows10-2004-x64

wpai-wooco...es.ps1

windows7-x64

wpai-wooco...es.ps1

windows10-2004-x64

wpai-wooco...ys.ps1

windows7-x64

wpai-wooco...ys.ps1

windows10-2004-x64

wpai-wooco...in.pot

windows7-x64

wpai-wooco...in.pot

windows10-2004-x64

wpai-wooco...rd.ps1

windows7-x64

wpai-wooco...rd.ps1

windows10-2004-x64

wpai-wooco...el.ps1

windows7-x64

wpai-wooco...el.ps1

windows10-2004-x64

wpai-wooco...st.ps1

windows7-x64

wpai-wooco...st.ps1

windows10-2004-x64

wpai-wooco...rd.ps1

windows7-x64

wpai-wooco...rd.ps1

windows10-2004-x64

wpai-wooco...ice.js

windows7-x64

wpai-wooco...ice.js

windows10-2004-x64

wpai-wooco...er.ps1

windows7-x64

wpai-wooco...er.ps1

windows10-2004-x64

wpai-wooco...ils.js

windows7-x64

wpai-wooco...ils.js

windows10-2004-x64

wpai-wooco...se.ps1

windows7-x64

wpai-wooco...se.ps1

windows10-2004-x64

wpai-wooco...ms.ps1

windows7-x64

wpai-wooco...ms.ps1

windows10-2004-x64

Analysis

max time kernel
91s
max time network
177s
platform
windows10-2004_x64
resource
win10v2004-20220812-en
resource tags

arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
submitted
28/10/2022, 16:02

Sharing

Copy URL

Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

wpai-woocommerce-add-on/actions/pmxi_after_xml_import.js

Resource

win7-20220901-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

wpai-woocommerce-add-on/actions/pmxi_after_xml_import.js

Resource

win10v2004-20220812-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral3

Sample

wpai-woocommerce-add-on/classes/config.ps1

Resource

win7-20220812-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral4

Sample

wpai-woocommerce-add-on/classes/config.ps1

Resource

win10v2004-20220812-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral5

Sample

wpai-woocommerce-add-on/classes/helper.ps1

Resource

win7-20220901-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral6

Sample

wpai-woocommerce-add-on/classes/helper.ps1

Resource

win10v2004-20220812-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral7

Sample

wpai-woocommerce-add-on/controllers/controller.ps1

Resource

win7-20220812-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral8

Sample

wpai-woocommerce-add-on/controllers/controller.ps1

Resource

win10v2004-20220901-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral9

Sample

wpai-woocommerce-add-on/filters/pmxi_custom_types.ps1

Resource

win7-20220812-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral10

Sample

wpai-woocommerce-add-on/filters/pmxi_custom_types.ps1

Resource

win10v2004-20220812-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral11

Sample

wpai-woocommerce-add-on/filters/wp_all_import_existing_meta_keys.ps1

Resource

win7-20220812-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral12

Sample

wpai-woocommerce-add-on/filters/wp_all_import_existing_meta_keys.ps1

Resource

win10v2004-20220901-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral13

Sample

wpai-woocommerce-add-on/i18n/languages/wpai_woocommerce_addon_plugin.pot

Resource

win7-20220812-en

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral14

Sample

wpai-woocommerce-add-on/i18n/languages/wpai_woocommerce_addon_plugin.pot

Resource

win10v2004-20220812-en

windows10-2004-x64

4 signatures

150 seconds

Behavioral task

behavioral15

Sample

wpai-woocommerce-add-on/models/import/record.ps1

Resource

win7-20220812-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral16

Sample

wpai-woocommerce-add-on/models/import/record.ps1

Resource

win10v2004-20220901-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral17

Sample

wpai-woocommerce-add-on/models/model.ps1

Resource

win7-20220812-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral18

Sample

wpai-woocommerce-add-on/models/model.ps1

Resource

win10v2004-20220812-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral19

Sample

wpai-woocommerce-add-on/models/model/list.ps1

Resource

win7-20220901-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral20

Sample

wpai-woocommerce-add-on/models/model/list.ps1

Resource

win10v2004-20220812-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral21

Sample

wpai-woocommerce-add-on/models/model/record.ps1

Resource

win7-20220812-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral22

Sample

wpai-woocommerce-add-on/models/model/record.ps1

Resource

win10v2004-20220812-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral23

Sample

wpai-woocommerce-add-on/src/XmlImportWooCommerceService.js

Resource

win7-20220901-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral24

Sample

wpai-woocommerce-add-on/src/XmlImportWooCommerceService.js

Resource

win10v2004-20220812-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral25

Sample

wpai-woocommerce-add-on/src/importer/OrdersImporter.ps1

Resource

win7-20220812-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral26

Sample

wpai-woocommerce-add-on/src/importer/OrdersImporter.ps1

Resource

win10v2004-20220812-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral27

Sample

wpai-woocommerce-add-on/src/importer/orders/ImportOrderDetails.js

Resource

win7-20220812-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral28

Sample

wpai-woocommerce-add-on/src/importer/orders/ImportOrderDetails.js

Resource

win10v2004-20220812-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral29

Sample

wpai-woocommerce-add-on/src/importer/orders/ImportOrderItemsBase.ps1

Resource

win7-20220812-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral30

Sample

wpai-woocommerce-add-on/src/importer/orders/ImportOrderItemsBase.ps1

Resource

win10v2004-20220901-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral31

Sample

wpai-woocommerce-add-on/src/importer/orders/items/ImportOrderProductItems.ps1

Resource

win7-20220812-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral32

Sample

wpai-woocommerce-add-on/src/importer/orders/items/ImportOrderProductItems.ps1

Resource

win10v2004-20220812-en

windows10-2004-x64

2 signatures

150 seconds

Report Analysis Logs

General

Target

wpai-woocommerce-add-on/classes/config.ps1
Size

2KB
MD5

170aabbc9fe1771cde4f49e599197a57
SHA1

d3dce0a7b0d5a54ad03c3677e28121bf055758b1
SHA256

cd359add3eddfdd6f8844aaa0d2b1883bd32c9498e1a3bd718e68dbfb21b185b
SHA512

20f04a39e8908499a54d0f6e1dc2593155a17fd6fdf33af2f96316e466fc2b2ddb940f55ce4e358438fd7b0dec89afa41789795e2b3108b7c488562e2312aee7

Score

1^/10

Malware Config

Signatures

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
628	powershell.exe
628	powershell.exe

Suspicious use of AdjustPrivilegeToken 1 IoCs

description	pid	Process
Token: SeDebugPrivilege	628	powershell.exe

Processes

C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell.exe -ExecutionPolicy bypass -File C:\Users\Admin\AppData\Local\Temp\wpai-woocommerce-add-on\classes\config.ps1
1⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
PID:628

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/628-132-0x000001AABF4B0000-0x000001AABF4D2000-memory.dmp

Filesize
136KB

Download
memory/628-133-0x00007FFAE4750000-0x00007FFAE5211000-memory.dmp

Filesize
10.8MB

Download
memory/628-134-0x00007FFAE4750000-0x00007FFAE5211000-memory.dmp

Filesize
10.8MB

Download