Analysis
-
max time kernel
91s -
max time network
148s -
platform
windows10-2004_x64 -
resource
win10v2004-20220901-en -
resource tags
-
submitted
25/11/2022, 23:23
General
-
Target
54b161f316f291412daf8a71ff75ea9ba2334470658df8ef3fc74ae7479b8409.ps1
-
Size
15KB
-
MD5
921eb7eecf44c7fbc1c5904c4b3c6b60
-
SHA1
af2b5ab2de0b5d56adfc503c701cdb0bfbf6e60d
-
SHA256
54b161f316f291412daf8a71ff75ea9ba2334470658df8ef3fc74ae7479b8409
-
SHA512
614b79a82b048fdd84fe7c1beb48a2230e3679d7606d2a2a9b4f91efb14547eb3d4c107f07c6c2743fcbbcc66e38d41f42f32749e1d36f96cf964a91ef8e2994
-
SSDEEP
192:zMoUFj5M/I2stddyqmc0ugqcm+dYmemhqN2uHewJuaifVTfixrBVod2n3whga80k:O5M/IBAq3grja2gyfNfix3623whgAnk
Score
1/10
Malware Config
Signatures
-
Suspicious behavior: EnumeratesProcesses 2 IoCs
-
Suspicious use of AdjustPrivilegeToken 1 IoCs
Processes
-
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exepowershell.exe -ExecutionPolicy bypass -File C:\Users\Admin\AppData\Local\Temp\54b161f316f291412daf8a71ff75ea9ba2334470658df8ef3fc74ae7479b8409.ps11⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
136KB
-
Filesize
10.8MB
-
Filesize
10.8MB