Analysis
-
max time kernel
118s -
max time network
124s -
platform
windows7_x64 -
resource
win7-20240708-en -
resource tags
-
submitted
01/09/2024, 17:22
General
-
Target
Dolphin-x64/Sys/GameSettings/GCCE01.ps1
-
Size
8KB
-
MD5
6cf67a3886bfbbea50eaef7e4e6cb9b8
-
SHA1
c3e409bbdc44bfb7913f065ab23364e46c5d9e08
-
SHA256
17daa1ad21c59c38cae9c5cd0d7283e7e6bc69dadc80142cba4012fe3d658e15
-
SHA512
ae6f6c9cde7ac4c7ef6bc7559aaf24ab2cbb29f7eb734a75c5a30e927f1d97e85dc7a7c08c596afb902f48fa37eb6737404190c4a1a072c648554726f8b37d49
-
SSDEEP
96:ZoLjcas9uykiSY8wbd0t77egpsgFWfadIhb:ZoLjcap9Yq9dQawb
Score
6/10
Malware Config
Signatures
-
Command and Scripting Interpreter: PowerShell 1 TTPs 1 IoCs
Using powershell.exe command.
-
Suspicious behavior: EnumeratesProcesses 1 IoCs
-
Suspicious use of AdjustPrivilegeToken 1 IoCs
Processes
-
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exepowershell.exe -ExecutionPolicy bypass -File C:\Users\Admin\AppData\Local\Temp\Dolphin-x64\Sys\GameSettings\GCCE01.ps11⤵
- Command and Scripting Interpreter: PowerShell
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
4KB
-
Filesize
2.9MB
-
Filesize
9.6MB
-
Filesize
32KB
-
Filesize
9.6MB
-
Filesize
9.6MB
-
Filesize
9.6MB
-
Filesize
9.6MB
-
Filesize
9.6MB