Analysis
-
max time kernel
15s -
max time network
17s -
platform
windows7_x64 -
resource
win7-20240729-en -
resource tags
-
submitted
13-09-2024 20:19
General
-
Target
tile2_2.ps1
-
Size
3.0MB
-
MD5
40f7eca6248187e832a52b379d088ace
-
SHA1
f381d2b44cef38e51cc6e9422139449f8609e5fd
-
SHA256
44db3f71eb68d95ed4c49861bcbbfd251cddd048031a4b7b379f362730ae27d0
-
SHA512
c28ed0b74c24cec3c7d8071e40ec8dd07b76c9d15defb22de3891e1d68ac552884b69b060b02d940e1f2e9ee7ffbd317f8e3f66b8426b8306835dcc5b430d5fe
-
SSDEEP
24576:bT5Szz7mXqU1JhkMYnY9YURrrDlmJQO5YDaJOynT1/00ivlV3i+nHz4f188j2ug:bT5QmxLhKmJk5Y0tulVX06Mzg
Score
3/10
Malware Config
Signatures
-
Command and Scripting Interpreter: PowerShell 1 TTPs 1 IoCs
Using powershell.exe command.
-
Suspicious behavior: EnumeratesProcesses 1 IoCs
-
Suspicious use of AdjustPrivilegeToken 1 IoCs
Processes
-
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exepowershell.exe -ExecutionPolicy bypass -File C:\Users\Admin\AppData\Local\Temp\tile2_2.ps11⤵
- Command and Scripting Interpreter: PowerShell
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
4KB
-
Filesize
2.9MB
-
Filesize
32KB
-
Filesize
9.6MB
-
Filesize
9.6MB
-
Filesize
9.6MB
-
Filesize
9.6MB
-
Filesize
9.6MB
-
Filesize
9.6MB