Overview

overview

7

Static

static

7

dolphin-ma...68.apk

android-11-x64

1

G3YP52.ps1

windows7-x64

1

G3YP52.ps1

windows10-2004-x64

1

GALE01r2.ps1

windows7-x64

1

GALE01r2.ps1

windows10-2004-x64

1

GCCE01.ps1

windows7-x64

1

GCCE01.ps1

windows10-2004-x64

1

GCCJGC.ps1

windows7-x64

1

GCCJGC.ps1

windows10-2004-x64

1

GCCP01.ps1

windows7-x64

1

GCCP01.ps1

windows10-2004-x64

1

GDREAF.ps1

windows7-x64

1

GDREAF.ps1

windows10-2004-x64

1

GDRP69.ps1

windows7-x64

1

GDRP69.ps1

windows10-2004-x64

1

GFZE01.ps1

windows7-x64

1

GFZE01.ps1

windows10-2004-x64

1

GFZJ01.ps1

windows7-x64

1

GFZJ01.ps1

windows10-2004-x64

1

GFZP01.ps1

windows7-x64

1

GFZP01.ps1

windows10-2004-x64

1

GGVD78.ps1

windows7-x64

1

GGVD78.ps1

windows10-2004-x64

1

GGVE78.ps1

windows7-x64

1

GGVE78.ps1

windows10-2004-x64

1

GGVP78.ps1

windows7-x64

1

GGVP78.ps1

windows10-2004-x64

1

GGVX78.ps1

windows7-x64

1

GGVX78.ps1

windows10-2004-x64

1

GHAE08.ps1

windows7-x64

1

GHAE08.ps1

windows10-2004-x64

1

GHAJ08.ps1

windows7-x64

1

Analysis

  • max time kernel
    29s
  • max time network
    34s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    03/06/2023, 17:21

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    GCCJGC.ps1

  • Size

    677B

  • MD5

    26423a5438271d30e4febd146c28c3f3

  • SHA1

    985f4104025e7838400272e5ebabd6442fa089f5

  • SHA256

    0b0d80c95e95520bf4d2e67f2520cc0b2377540d85790e84827ecdbc1ec30bbd

  • SHA512

    d5c1353d2231e671287b2d6fc97138f257a0cdcf96cb910709da76cab90bbb6745906942d293af9856b896055068def7a17177e8a7a0230e1f3bc3c837d89115

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
    powershell.exe -ExecutionPolicy bypass -File C:\Users\Admin\AppData\Local\Temp\GCCJGC.ps1
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:928

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/928-58-0x000000001B390000-0x000000001B672000-memory.dmp

    Filesize

    2.9MB

    Download

  • memory/928-59-0x0000000002450000-0x0000000002458000-memory.dmp

    Filesize

    32KB

    Download

  • memory/928-60-0x00000000028D0000-0x0000000002950000-memory.dmp

    Filesize

    512KB

    Download

  • memory/928-61-0x00000000028D0000-0x0000000002950000-memory.dmp

    Filesize

    512KB

    Download

  • memory/928-62-0x00000000028D0000-0x0000000002950000-memory.dmp

    Filesize

    512KB

    Download

  • memory/928-63-0x00000000028DB000-0x0000000002912000-memory.dmp

    Filesize

    220KB

    Download