Overview

overview

1

Static

static

1

trigger.ps1

windows7-x64

1

trigger.ps1

windows10-2004-x64

1

Analysis

  • max time kernel
    119s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20231201-en
  • resource tags

    arch:x64arch:x86image:win7-20231201-enlocale:en-usos:windows7-x64system
  • submitted
    12/12/2023, 02:04

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    trigger.ps1

  • Size

    31B

  • MD5

    b46806e4681df55f7e35128fab85dfe7

  • SHA1

    13729b41c553e9decf03b858f4c92515e4fbbb16

  • SHA256

    516c3e761bbd5db787b7f63853e3abde01bce7b8aa601cc3d4acaf9d6344c552

  • SHA512

    aa4cd6ea6f2eff5dc23a9c1197c86fed6f140c8bb1beb7e5210e7a47092f1556e60ef3d64ab3e40df96ebb84ee78e95918cf68cfc08ee3f7d26227918faa5d1c

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
    powershell.exe -ExecutionPolicy bypass -File C:\Users\Admin\AppData\Local\Temp\trigger.ps1
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:2044

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2044-4-0x000000001B540000-0x000000001B822000-memory.dmp

    Filesize

    2.9MB

    Download

  • memory/2044-5-0x0000000002340000-0x0000000002348000-memory.dmp

    Filesize

    32KB

    Download

  • memory/2044-6-0x000007FEF5EF0000-0x000007FEF688D000-memory.dmp

    Filesize

    9.6MB

    Download

  • memory/2044-7-0x0000000002BF0000-0x0000000002C70000-memory.dmp

    Filesize

    512KB

    Download

  • memory/2044-8-0x000007FEF5EF0000-0x000007FEF688D000-memory.dmp

    Filesize

    9.6MB

    Download

  • memory/2044-10-0x0000000002BF4000-0x0000000002BF7000-memory.dmp

    Filesize

    12KB

    Download

  • memory/2044-9-0x0000000002BF0000-0x0000000002C70000-memory.dmp

    Filesize

    512KB

    Download

  • memory/2044-11-0x0000000002BF0000-0x0000000002C70000-memory.dmp

    Filesize

    512KB

    Download

  • memory/2044-12-0x000007FEF5EF0000-0x000007FEF688D000-memory.dmp

    Filesize

    9.6MB

    Download