Overview

overview

1

Static

static

39b433e124...31.ps1

windows7-x64

1

39b433e124...31.ps1

windows10-2004-x64

1

Analysis

  • max time kernel
    40s
  • max time network
    46s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    25/11/2022, 23:25

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    39b433e12418034013847b546bbb6d7ac096567d7fef3875727fbbbf76795231.ps1

  • Size

    3KB

  • MD5

    be3f300623c6056902b9234cfc748bc9

  • SHA1

    27f4741cc72a117feed618038c1baad862ba3e73

  • SHA256

    39b433e12418034013847b546bbb6d7ac096567d7fef3875727fbbbf76795231

  • SHA512

    66e905880f27d3ac15c91934dbea91e1d23a342c918da380dd429a0b96349a2a6e800bc8f15abe0bfd6b25b7a8f18723bb927b544ac70c09f4529f92213066f4

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
    powershell.exe -ExecutionPolicy bypass -File C:\Users\Admin\AppData\Local\Temp\39b433e12418034013847b546bbb6d7ac096567d7fef3875727fbbbf76795231.ps1
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:1920

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • memory/1920-54-0x000007FEFC1F1000-0x000007FEFC1F3000-memory.dmp

          Filesize

          8KB

          Download

        • memory/1920-55-0x000007FEF3E90000-0x000007FEF48B3000-memory.dmp

          Filesize

          10.1MB

          Download

        • memory/1920-56-0x000007FEF3330000-0x000007FEF3E8D000-memory.dmp

          Filesize

          11.4MB

          Download

        • memory/1920-57-0x0000000002404000-0x0000000002407000-memory.dmp

          Filesize

          12KB

          Download

        • memory/1920-58-0x000000001B770000-0x000000001BA6F000-memory.dmp

          Filesize

          3.0MB

          Download

        • memory/1920-59-0x0000000002404000-0x0000000002407000-memory.dmp

          Filesize

          12KB

          Download

        • memory/1920-60-0x000000000240B000-0x000000000242A000-memory.dmp

          Filesize

          124KB

          Download