Analysis
-
max time kernel
30s -
max time network
33s -
platform
windows7_x64 -
resource
win7-20221111-en -
resource tags
arch:x64arch:x86image:win7-20221111-enlocale:en-usos:windows7-x64system -
submitted
19/01/2023, 17:09
Static task
static1
Behavioral task
behavioral1
Sample
ss.ps1
Resource
win7-20221111-en
2 signatures
150 seconds
General
-
Target
ss.ps1
-
Size
5.1MB
-
MD5
970aca768e68faa580f758a1a379686b
-
SHA1
6a93921485cbd83382eb5a47315b1f0a67bcf684
-
SHA256
6c1e62385d660ca43e024d461154fbb4805e429cdf7850d19510d7f69533739e
-
SHA512
66dd4c5b17978e68c8e0cd2bc4fd35ba5d519447ff34259ec77d11e4253cbfc9955a43915ed3c343f41dc04d97f4302ab6922a823b0e0da44e8893d29ec7cf0f
-
SSDEEP
49152:CY1wOeTfeinwRg0Yd0YtWdR2++BqkPiblNmBZOqsHtL3rdyW6JKHINYMpnkq/3+s:E
Score
1/10
Malware Config
Signatures
-
Suspicious behavior: EnumeratesProcesses 1 IoCs
pid Process 1936 powershell.exe -
Suspicious use of AdjustPrivilegeToken 1 IoCs
description pid Process Token: SeDebugPrivilege 1936 powershell.exe