Analysis
-
max time kernel
120s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system -
submitted
22-11-2024 05:14
Static task
static1
Behavioral task
behavioral1
Sample
aaaa.ps1
Resource
win7-20240903-en
windows7-x64
3 signatures
150 seconds
General
-
Target
aaaa.ps1
-
Size
451B
-
MD5
9a6ccc9afb164bff29d969bb8e6b5624
-
SHA1
79e602dee0b7a411e5db13739b43fae1ac2c0dd3
-
SHA256
b9f126c04bb56be08519685eb906a650027fc68931015b7202e09373766155ea
-
SHA512
03faa5b073947f90fbba90f2292537442dc91b89c9778c3cc4ee81c5e7cc5b662558c6b30284f7fbc16ea8af7ec80ea6990b4f22f5f5620037a76789fbde11b6
Score
3/10
Malware Config
Signatures
-
pid Process 2408 powershell.exe -
Suspicious behavior: EnumeratesProcesses 1 IoCs
pid Process 2408 powershell.exe -
Suspicious use of AdjustPrivilegeToken 1 IoCs
description pid Process Token: SeDebugPrivilege 2408 powershell.exe