Overview

overview

1

Static

static

1

script.ps1

windows7-x64

1

script.ps1

windows10-2004-x64

1

Analysis

  • max time kernel
    121s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    13/03/2024, 11:32

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    script.ps1

  • Size

    857B

  • MD5

    ae777fcc62e0c221080fa9bce031f5b5

  • SHA1

    94bf88ab6d1b57cf460928d30d282d54383569a7

  • SHA256

    377e6392ea6f9610811f722e21f4a3031ddcea04720c46eee9881aa852e17c03

  • SHA512

    9c8815a6d32c267f48188481448633348d9770a2bf9c8837e06a7281032d37ca814247fa15490a2509fff2b275bc1ff3d124574ef54ba76bd9e82fbdb23a5e49

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
    powershell.exe -ExecutionPolicy bypass -File C:\Users\Admin\AppData\Local\Temp\script.ps1
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:2696

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2696-4-0x000000001B580000-0x000000001B862000-memory.dmp

    Filesize

    2.9MB

    Download

  • memory/2696-5-0x00000000028E0000-0x00000000028E8000-memory.dmp

    Filesize

    32KB

    Download

  • memory/2696-6-0x000007FEF5940000-0x000007FEF62DD000-memory.dmp

    Filesize

    9.6MB

    Download

  • memory/2696-7-0x0000000002920000-0x00000000029A0000-memory.dmp

    Filesize

    512KB

    Download

  • memory/2696-8-0x000007FEF5940000-0x000007FEF62DD000-memory.dmp

    Filesize

    9.6MB

    Download

  • memory/2696-9-0x0000000002920000-0x00000000029A0000-memory.dmp

    Filesize

    512KB

    Download

  • memory/2696-10-0x0000000002920000-0x00000000029A0000-memory.dmp

    Filesize

    512KB

    Download

  • memory/2696-11-0x0000000002920000-0x00000000029A0000-memory.dmp

    Filesize

    512KB

    Download

  • memory/2696-12-0x000007FEF5940000-0x000007FEF62DD000-memory.dmp

    Filesize

    9.6MB

    Download

  • memory/2696-13-0x0000000002920000-0x00000000029A0000-memory.dmp

    Filesize

    512KB

    Download

  • memory/2696-14-0x0000000002920000-0x00000000029A0000-memory.dmp

    Filesize

    512KB

    Download

  • memory/2696-15-0x0000000002920000-0x00000000029A0000-memory.dmp

    Filesize

    512KB

    Download

  • memory/2696-16-0x0000000002920000-0x00000000029A0000-memory.dmp

    Filesize

    512KB

    Download

  • memory/2696-19-0x000007FEF5940000-0x000007FEF62DD000-memory.dmp

    Filesize

    9.6MB

    Download