9a9150b442ee5251ef96117c30c32430fd77fada295bba515f1373647eee39ea

Analysis

max time kernel
26s
max time network
32s
platform
windows7_x64
resource
win7-20230703-en
resource tags

arch:x64arch:x86image:win7-20230703-enlocale:en-usos:windows7-x64system
submitted
12/07/2023, 03:44

Target

MIO.ps1
Size

177KB
MD5

f684a1986bcf0eb7504c5d2e048a58fa
SHA1

a19b86a28274cf7efb3569697ff2ac78600d6b81
SHA256

9a9150b442ee5251ef96117c30c32430fd77fada295bba515f1373647eee39ea
SHA512

eb6bede4d57dedb7f0cd52dbb6c1e74ddc94c27414bb72f0a1544541c1793c08d350d69e57fab01a9af010f12504d4363007d9841acf8cb0d266723e8c1fa54f
SSDEEP

1536:kscTU34eFxLzB+YTsqt1O8Jhfes/bBXEXSQuMjKYzKp/7Kf8vQfR315bMt53AplQ:iiJlKVfR315O3ApcXmTWX

Score

1^/10

Suspicious behavior: EnumeratesProcesses 1 IoCs

pid	Process
2284	powershell.exe

Suspicious use of AdjustPrivilegeToken 1 IoCs

description	pid	Process
Token: SeDebugPrivilege	2284	powershell.exe

memory/2284-58-0x000000001B200000-0x000000001B4E2000-memory.dmp

Filesize
2.9MB

Download
memory/2284-59-0x00000000020A0000-0x0000000002120000-memory.dmp

Filesize
512KB

Download
memory/2284-61-0x00000000020A0000-0x0000000002120000-memory.dmp

Filesize
512KB

Download
memory/2284-60-0x0000000001F40000-0x0000000001F48000-memory.dmp

Filesize
32KB

Download
memory/2284-62-0x00000000020AB000-0x00000000020E2000-memory.dmp

Filesize
220KB

Download