Overview

overview

1

Static

static

1

91d42a959c...86.ps1

windows7-x64

1

91d42a959c...86.ps1

windows10-2004-x64

1

Analysis

  • max time kernel
    28s
  • max time network
    31s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    16/06/2023, 06:52

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    91d42a959c5e4523714cc589b426fa83aaeb9228364218046f36ff10c4834b86.ps1

  • Size

    3KB

  • MD5

    371c4edcbd643e40221d640cf6f86a7a

  • SHA1

    9119f32780847d3d8a800fe9b2fa2d5d40c02bfb

  • SHA256

    91d42a959c5e4523714cc589b426fa83aaeb9228364218046f36ff10c4834b86

  • SHA512

    c9a7aa30cf755cc7075fa76fbf8dc575e3be823acf27a289558ca303e33d5023b4cc6d721bbbc970ab94091360575c065f8da5803e66c18c6722a1989c31adba

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
    powershell.exe -ExecutionPolicy bypass -File C:\Users\Admin\AppData\Local\Temp\91d42a959c5e4523714cc589b426fa83aaeb9228364218046f36ff10c4834b86.ps1
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:848

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/848-58-0x000000001B1A0000-0x000000001B482000-memory.dmp

    Filesize

    2.9MB

    Download

  • memory/848-59-0x0000000002510000-0x0000000002518000-memory.dmp

    Filesize

    32KB

    Download

  • memory/848-60-0x0000000002480000-0x0000000002500000-memory.dmp

    Filesize

    512KB

    Download

  • memory/848-61-0x0000000002480000-0x0000000002500000-memory.dmp

    Filesize

    512KB

    Download

  • memory/848-62-0x0000000002480000-0x0000000002500000-memory.dmp

    Filesize

    512KB

    Download

  • memory/848-63-0x000000000248B000-0x00000000024C2000-memory.dmp

    Filesize

    220KB

    Download