Analysis
-
max time kernel
28s -
max time network
30s -
platform
windows7_x64 -
resource
win7-20230220-en -
resource tags
arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system -
submitted
30/05/2023, 07:27
Static task
static1
Behavioral task
behavioral1
Sample
ged.ps1
Resource
win7-20230220-en
2 signatures
150 seconds
Behavioral task
behavioral2
Sample
ged.ps1
Resource
win10v2004-20230220-en
7 signatures
150 seconds
General
-
Target
ged.ps1
-
Size
659B
-
MD5
1fd68f9a08b4bb1d729209b8f2ac2f88
-
SHA1
fc3ae0b71f63eff2d2b640aa5e3238b81dff4ffd
-
SHA256
76df6e227d710685cefd5b68a320f8d99129609103d881d4d1ebd9413c8eb2a2
-
SHA512
e72f9dd46d14e37a278c49e80f8a605e93c902d0f8161dd713a15389ae1eb5938b63e3c330ee166967aa1d85c159dbee2012df060525b811f59d873b74f63c74
Score
1/10
Malware Config
Signatures
-
Suspicious behavior: EnumeratesProcesses 1 IoCs
pid Process 2032 powershell.exe -
Suspicious use of AdjustPrivilegeToken 1 IoCs
description pid Process Token: SeDebugPrivilege 2032 powershell.exe