Analysis
-
max time kernel
50s -
max time network
180s -
platform
windows10-1703_x64 -
resource
win10-20220812-es -
resource tags
-
submitted
04-01-2023 13:57
General
-
Target
SpotX-Win-main/scripts/cache/cache_spotify_ru.ps1
-
Size
2KB
-
MD5
622a75c740377ff2cda94e9fd4a43eea
-
SHA1
455722dac9b65bc4146e1b7c8ed5afea61054186
-
SHA256
a703f22c53d8d53280eb3a15c78f80781b586e74ffd811a44e99f94f59b1fff2
-
SHA512
93381c64d8e39db0dfc33f57c86c0c4ca25f9803608180a799ae036d37437b6be06531888a2050393f75952b411a7d2d78e54fe7559d3081c2edd123c729492b
Score
1/10
Malware Config
Signatures
-
Suspicious behavior: EnumeratesProcesses 3 IoCs
-
Suspicious use of AdjustPrivilegeToken 1 IoCs
Processes
-
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exepowershell.exe -ExecutionPolicy bypass -File C:\Users\Admin\AppData\Local\Temp\SpotX-Win-main\scripts\cache\cache_spotify_ru.ps11⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
520KB
-
Filesize
136KB
-
Filesize
64KB
-
Filesize
1.0MB
-
Filesize
472KB