Files
File Path
|
Type
|
Category
|
Malicious
|
|
---|---|---|---|---|
SimpleLapsGui_v1.2_Exe.zip
|
Zip archive data, at least v2.0 to extract, compression method=deflate
|
initial sample
|
||
C:\Users\user\AppData\Local\Temp\n0thihp0.cmdline
|
Unicode text, UTF-8 (with BOM) text, with very long lines (346), with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\nqvspln._SimpleLapsGui.ps1
|
ASCII text, with very long lines (33496), with CRLF line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_dbobnfje.qtv.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\autA745.tmp
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\n0thihp0.0.cs
|
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
|
dropped
|
IPs
IP
|
Domain
|
Country
|
Malicious
|
|
---|---|---|---|---|
23.55.253.34
|
unknown
|
United States
|
||
127.0.0.1
|
unknown
|
unknown
|