Overview

overview

1

Static

static

1

inc/class/...per.js

windows7-x64

1

inc/class/...per.js

windows10-2004-x64

1

inc/class/...ss.ps1

windows7-x64

1

inc/class/...ss.ps1

windows10-2004-x64

1

inc/class/...ass.js

windows7-x64

1

inc/class/...ass.js

windows10-2004-x64

1

inc/class/...ass.js

windows7-x64

1

inc/class/...ass.js

windows10-2004-x64

1

inc/codest...erg.js

windows7-x64

1

inc/codest...erg.js

windows10-2004-x64

1

inc/codest...ain.js

windows7-x64

1

inc/codest...ain.js

windows10-2004-x64

1

inc/codest...min.js

windows7-x64

1

inc/codest...min.js

windows10-2004-x64

1

inc/codest...ins.js

windows7-x64

1

inc/codest...ins.js

windows10-2004-x64

1

inc/codest...min.js

windows7-x64

1

inc/codest...min.js

windows10-2004-x64

1

inc/codest...ss.ps1

windows7-x64

1

inc/codest...ss.ps1

windows10-2004-x64

1

inc/codest...ss.ps1

windows7-x64

1

inc/codest...ss.ps1

windows10-2004-x64

1

inc/codest...ss.ps1

windows7-x64

1

inc/codest...ss.ps1

windows10-2004-x64

1

inc/codest...ss.ps1

windows7-x64

1

inc/codest...ss.ps1

windows10-2004-x64

1

inc/codest...ss.ps1

windows7-x64

1

inc/codest...ss.ps1

windows10-2004-x64

1

inc/codest...ct.ps1

windows7-x64

1

inc/codest...ct.ps1

windows10-2004-x64

1

inc/codest...le.ps1

windows7-x64

1

inc/codest...le.ps1

windows10-2004-x64

1

Analysis

  • max time kernel
    118s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20231020-en
  • resource tags

    arch:x64arch:x86image:win7-20231020-enlocale:en-usos:windows7-x64system
  • submitted
    13/11/2023, 14:59 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    inc/codestar-framework/classes/widget-options.class.ps1

  • Size

    3KB

  • MD5

    92764eb044b6e4f51f87d844dbc65a2b

  • SHA1

    aa52c647d6cf9954d018ae58e92a9717d4300338

  • SHA256

    4f1b0cbf7b18c675f3555cc182a068abc8719324734dfd90bb236b62f356e9c1

  • SHA512

    35689819c4fdea7bdf9d455d1463b481faa50939ecf6a58c4666e4cc80e1115d300b96708882557a06b794a558d284241325d1f0834b6a829c114f9e6d67c853

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
    powershell.exe -ExecutionPolicy bypass -File C:\Users\Admin\AppData\Local\Temp\inc\codestar-framework\classes\widget-options.class.ps1
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:2676

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2676-4-0x000000001B330000-0x000000001B612000-memory.dmp

    Filesize

    2.9MB

    Download

  • memory/2676-5-0x0000000002040000-0x0000000002048000-memory.dmp

    Filesize

    32KB

    Download

  • memory/2676-6-0x000007FEF5920000-0x000007FEF62BD000-memory.dmp

    Filesize

    9.6MB

    Download

  • memory/2676-7-0x000007FEF5920000-0x000007FEF62BD000-memory.dmp

    Filesize

    9.6MB

    Download

  • memory/2676-8-0x00000000021C0000-0x0000000002240000-memory.dmp

    Filesize

    512KB

    Download

  • memory/2676-9-0x00000000021C0000-0x0000000002240000-memory.dmp

    Filesize

    512KB

    Download

  • memory/2676-10-0x00000000021C0000-0x0000000002240000-memory.dmp

    Filesize

    512KB

    Download

  • memory/2676-11-0x00000000021C0000-0x0000000002240000-memory.dmp

    Filesize

    512KB

    Download

  • memory/2676-12-0x00000000021C0000-0x0000000002240000-memory.dmp

    Filesize

    512KB

    Download

  • memory/2676-13-0x000007FEF5920000-0x000007FEF62BD000-memory.dmp

    Filesize

    9.6MB

    Download

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.