General
Static task
static1
URLScan task
urlscan1
Malware Config
Targets
-
-
Target
https://transactcampus-my.sharepoint.com/:u:/p/jermaine_moore/EQbfFMyPxglIh3K27rqw79UB54icqYO6Gbq92vFUX91rZQ?e=nXkXAx
-
Command and Scripting Interpreter: PowerShell
Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.
-
Possible privilege escalation attempt
-
Modifies file permissions
-
Drops file in System32 directory
-