triage_data.json

{"ps1_files": [{"sample": "230601-l83j9seb4w", "created": "2023-06-01 10:13:03.803718 +0000 +0000", "kind": "file", "filename": "eua.ps1", "tags": "family:guloader,downloader", "score": 10, "sha256": "7ce62c06be515c4e3e45f855d4ffd3d03cb6f9d78d7387e397881f5cedeb6ce5"}, {"sample": "230601-l83j9seb4v", "created": "2023-06-01 10:13:03.730372 +0000 +0000", "kind": "file", "filename": "mx.ps1", "tags": "family:guloader,downloader", "score": 10, "sha256": "2d336ee677f040b0c8138cf4a69b78d4e3ae1f99dbd83327f013df6a1d28fe8a"}, {"sample": "230601-l83j9seb4t", "created": "2023-06-01 10:13:03.657647 +0000 +0000", "kind": "file", "filename": "zk.ps1", "tags": "family:guloader,downloader", "score": 10, "sha256": "5921fbf975020277efb4018858252ba81765a3bbeedf1b67061691faf6f4f6da"}, {"sample": "230601-l83j9sdf77", "created": "2023-06-01 10:13:03.553066 +0000 +0000", "kind": "file", "filename": "zp.ps1", "tags": "", "score": 8, "sha256": "e6268aa465a623be3d90f4bebd5719954a9bfb7bdbb2fdb06607221bb548521c"}, {"sample": "230601-kd5kpsdg5s", "created": "2023-06-01 08:30:03.676612 +0000 +0000", "kind": "file", "filename": "as.ps1", "tags": "family:guloader,downloader", "score": 10, "sha256": "0d1a4d7fdcd37c668098fc670df26259fbe0436ffd26a43b74c46fa61c93a134"}, {"sample": "230601-g71basdd91", "created": "2023-06-01 06:27:29.665583 +0000 +0000", "kind": "file", "filename": "test.ps1", "tags": "", "score": 4, "sha256": "a016a05d13922dee685aa0f95e56db95a4842495a58315e180ff53446a07ab5b"}, {"sample": "230601-bdd83scc5s", "created": "2023-06-01 01:01:23.775287 +0000 +0000", "kind": "file", "filename": "docse.php.ps1", "tags": "family:netsupport,persistence,rat", "score": 10, "sha256": "84fc45f83b2b529e9f1d0a94b27e37fbeeb42337dce4979cc09dcf3d826d4a68"}, {"sample": "230601-aqdyeacb5v", "created": "2023-06-01 00:24:40.203981 +0000 +0000", "kind": "file", "filename": "__PSScriptPolicyTest_siktbx1d.shp.ps1", "tags": "", "score": 1, "sha256": "96ad1146eb96877eab5942ae0736b82d8b5e2039a80d3d6932665c1a4c87dcf7"}, {"sample": "230531-3pe4asbe96", "created": "2023-05-31 23:41:05.844359 +0000 +0000", "kind": "file", "filename": "docse.php.ps1", "tags": "family:netsupport,persistence,rat", "score": 10, "sha256": "84fc45f83b2b529e9f1d0a94b27e37fbeeb42337dce4979cc09dcf3d826d4a68"}, {"sample": "230531-ykppqabb6v", "created": "2023-05-31 19:50:52.595871 +0000 +0000", "kind": "file", "filename": "04233599.ps1", "tags": "discovery,persistence", "score": 8, "sha256": "a2551da1b0b0d092bf330b4db83755c7ed6147c5d56bd0715f86659abafc1b5d"}, {"sample": "230531-xqwvjshh89", "created": "2023-05-31 19:04:01.709799 +0000 +0000", "kind": "file", "filename": "setup-win.ps1", "tags": "discovery,persistence", "score": 8, "sha256": "a2551da1b0b0d092bf330b4db83755c7ed6147c5d56bd0715f86659abafc1b5d"}, {"sample": "230531-xqwjsahh86", "created": "2023-05-31 19:04:00.149239 +0000 +0000", "kind": "file", "filename": "install_4.ps1", "tags": "", "score": 1, "sha256": "573cec1d6f13a787a56298512f3778304db3890eb2059b4103a7de9d89de4f37"}, {"sample": "230531-xqv81shh85", "created": "2023-05-31 19:03:59.937469 +0000 +0000", "kind": "file", "filename": "install_3.ps1", "tags": "", "score": 1, "sha256": "573cec1d6f13a787a56298512f3778304db3890eb2059b4103a7de9d89de4f37"}, {"sample": "230531-xqv81sad3w", "created": "2023-05-31 19:03:59.728741 +0000 +0000", "kind": "file", "filename": "install_2.ps1", "tags": "", "score": 1, "sha256": "573cec1d6f13a787a56298512f3778304db3890eb2059b4103a7de9d89de4f37"}, {"sample": "230531-xqv81sad3v", "created": "2023-05-31 19:03:59.510179 +0000 +0000", "kind": "file", "filename": "install_1.ps1", "tags": "", "score": 1, "sha256": "573cec1d6f13a787a56298512f3778304db3890eb2059b4103a7de9d89de4f37"}, {"sample": "230531-xqv81sad3t", "created": "2023-05-31 19:03:59.281979 +0000 +0000", "kind": "file", "filename": "install.ps1", "tags": "", "score": 1, "sha256": "47f849d67b7df54f46ec7bca30a8b2767208ebad475804c2d5e8087e9c2878cc"}, {"sample": "230531-xqvx9aad3s", "created": "2023-05-31 19:03:58.00383 +0000 +0000", "kind": "file", "filename": "init.ps1", "tags": "", "score": 1, "sha256": "9f3bf732d7ff4b8f518dd969dcce0337d49c6d93243b21be7a49a1e6a1cdec2a"}, {"sample": "230531-xqhb6aac6s", "created": "2023-05-31 19:03:20.479136 +0000 +0000", "kind": "file", "filename": "EntityFramework.psm1", "tags": "", "score": 1, "sha256": "a46e551c1aba904f1f66059ee491ae088f6952389dfbdc8571ac5080ec11d137"}, {"sample": "230531-xqhb6ahh26", "created": "2023-05-31 19:03:20.233673 +0000 +0000", "kind": "file", "filename": "EntityFramework.psd1", "tags": "", "score": 1, "sha256": "68b1c7978b6a480a686da90122f55f28df2a286468474dc9995ce9530c342387"}, {"sample": "230531-w9dbwahf9z", "created": "2023-05-31 18:36:54.97549 +0000 +0000", "kind": "file", "filename": "download_exe.ps1", "tags": "pyinstaller,spyware,stealer", "score": 10, "sha256": "74f332a1a8dc9086d1286c22a4d571163d5375b3876c6d95d6877d2221cb3c9d"}, {"sample": "230531-wzj2nshd4z", "created": "2023-05-31 18:21:29.276511 +0000 +0000", "kind": "url", "filename": "https://winteriscoming.com/redwitch/redmagic/nastyshell.ps1", "tags": "", "score": 3, "sha256": ""}, {"sample": "230531-ww6fhagh59", "created": "2023-05-31 18:17:18.071675 +0000 +0000", "kind": "file", "filename": "uninstall.ps1", "tags": "", "score": 1, "sha256": "31a94177dce7b3fed1d2260d0d4fd7872bb1f2177e915fe8a00d126e63821fca"}, {"sample": "230531-ww5tzahc8x", "created": "2023-05-31 18:17:16.767333 +0000 +0000", "kind": "file", "filename": "install_5.ps1", "tags": "", "score": 1, "sha256": "573cec1d6f13a787a56298512f3778304db3890eb2059b4103a7de9d89de4f37"}, {"sample": "230531-ww5tzahc8w", "created": "2023-05-31 18:17:16.543377 +0000 +0000", "kind": "file", "filename": "install_4.ps1", "tags": "", "score": 1, "sha256": "573cec1d6f13a787a56298512f3778304db3890eb2059b4103a7de9d89de4f37"}, {"sample": "230531-ww5tzagh56", "created": "2023-05-31 18:17:16.254785 +0000 +0000", "kind": "file", "filename": "install_3.ps1", "tags": "", "score": 1, "sha256": "573cec1d6f13a787a56298512f3778304db3890eb2059b4103a7de9d89de4f37"}, {"sample": "230531-ww5tzagh55", "created": "2023-05-31 18:17:15.995144 +0000 +0000", "kind": "file", "filename": "install_2.ps1", "tags": "", "score": 1, "sha256": "573cec1d6f13a787a56298512f3778304db3890eb2059b4103a7de9d89de4f37"}, {"sample": "230531-ww5h7shc8v", "created": "2023-05-31 18:17:15.778273 +0000 +0000", "kind": "file", "filename": "install_1.ps1", "tags": "", "score": 1, "sha256": "cd2bbf329f8da8eb73c1e267c61c74e194e74fe81f685da9939af4cc4b1b2e5a"}, {"sample": "230531-ww5h7shc8t", "created": "2023-05-31 18:17:15.557504 +0000 +0000", "kind": "file", "filename": "install.ps1", "tags": "", "score": 1, "sha256": "e02f2aa7776dace851b3c15e5c70b168ca3eb3d61a06d3cb08c4141c17ce1b8e"}, {"sample": "230531-ww5h7sgh54", "created": "2023-05-31 18:17:15.359581 +0000 +0000", "kind": "file", "filename": "init.ps1", "tags": "", "score": 1, "sha256": "3f92666a9cbb9c1e41d2fca366b99aca664fb4b62712c595abba49fc9474c9d4"}, {"sample": "230531-ww3dvagh42", "created": "2023-05-31 18:17:08.38255 +0000 +0000", "kind": "file", "filename": "common.ps1", "tags": "", "score": 1, "sha256": "e8bf56156bbf66e52c28641ead217f80d1541e054e5693a09dbe7cdcb6c9da9f"}, {"sample": "230531-wv462sgf72", "created": "2023-05-31 18:15:29.856688 +0000 +0000", "kind": "file", "filename": "EntityFramework6.psm1", "tags": "", "score": 1, "sha256": "686dfd4531cd22f4f6962081d96eb0bf505ec257f911c5c1b5dbdcba0e96bb45"}, {"sample": "230531-wv462sha8y", "created": "2023-05-31 18:15:29.619569 +0000 +0000", "kind": "file", "filename": "EntityFramework6.psd1", "tags": "", "score": 1, "sha256": "73b8b69494a6b6a752cbba46a50673e380b8f7f38e37962c6dc2fabc95b57c31"}, {"sample": "230531-wv462sha8x", "created": "2023-05-31 18:15:29.429326 +0000 +0000", "kind": "file", "filename": "EntityFramework6.PS2.psm1", "tags": "", "score": 1, "sha256": "44f95244dc84f32e40702de5c9385f8d7bd9cddf8d0d91227e08b242919fee2e"}, {"sample": "230531-wv462sha8w", "created": "2023-05-31 18:15:29.22627 +0000 +0000", "kind": "file", "filename": "EntityFramework6.PS2.psd1", "tags": "", "score": 1, "sha256": "70aaf3db3d911c8d33ceda1d59c67a45665aed45e6846463f38ac9d21ada120a"}, {"sample": "230531-tweaxage21", "created": "2023-05-31 16:24:08.221154 +0000 +0000", "kind": "file", "filename": "hollandaise.ps1", "tags": "", "score": 1, "sha256": "1eabb76785323fe143f18c19e0840680c41ae118a94519a2267b2907ded860d1"}, {"sample": "230531-qym42sfg31", "created": "2023-05-31 13:40:17.633854 +0000 +0000", "kind": "file", "filename": "snappyshop.ps1", "tags": "family:netsupport,persistence,rat", "score": 10, "sha256": "05839e62e09d4d68c3a789931cc6f68c68bbe7df11d15e36cce96cd0b3e6c1fd"}, {"sample": "230531-nfezlseh7x", "created": "2023-05-31 11:20:05.534565 +0000 +0000", "kind": "file", "filename": "05019999.ps1", "tags": "family:metasploit,backdoor,trojan", "score": 10, "sha256": "785b5a5a7e290b1a00edf82a373b05dda47f252ec91ec64659b64eb98f9cba7a"}, {"sample": "230531-nfezlsee77", "created": "2023-05-31 11:20:05.270872 +0000 +0000", "kind": "file", "filename": "04491599.ps1", "tags": "family:metasploit,backdoor,trojan", "score": 10, "sha256": "7f5b0d5a1a15c2fd6534803134d1995958ad487fc718b5ef54314c3a8de1724d"}, {"sample": "230531-ne3paaee75", "created": "2023-05-31 11:19:28.550731 +0000 +0000", "kind": "file", "filename": "05019999.ps1", "tags": "family:metasploit,backdoor,trojan", "score": 10, "sha256": "785b5a5a7e290b1a00edf82a373b05dda47f252ec91ec64659b64eb98f9cba7a"}, {"sample": "230531-newkzaee73", "created": "2023-05-31 11:19:08.390571 +0000 +0000", "kind": "file", "filename": "04491599.ps1", "tags": "family:metasploit,backdoor,trojan", "score": 10, "sha256": "7f5b0d5a1a15c2fd6534803134d1995958ad487fc718b5ef54314c3a8de1724d"}, {"sample": "230531-nevcxaee69", "created": "2023-05-31 11:19:04.120548 +0000 +0000", "kind": "file", "filename": "03683699.ps1", "tags": "family:metasploit,backdoor,trojan", "score": 10, "sha256": "b1f32e797d0ff51fd926834b89167ba45c3ca8a75f2cfe8cda7dbb1c9fdc6775"}, {"sample": "230531-nerl1see68", "created": "2023-05-31 11:18:55.86919 +0000 +0000", "kind": "file", "filename": "03683699.ps1", "tags": "family:metasploit,backdoor,trojan", "score": 10, "sha256": "b1f32e797d0ff51fd926834b89167ba45c3ca8a75f2cfe8cda7dbb1c9fdc6775"}, {"sample": "230531-mqgeraec79", "created": "2023-05-31 10:39:58.464992 +0000 +0000", "kind": "file", "filename": "bacon.ps1", "tags": "family:metasploit,backdoor,trojan", "score": 10, "sha256": "b1f32e797d0ff51fd926834b89167ba45c3ca8a75f2cfe8cda7dbb1c9fdc6775"}, {"sample": "230531-mby19aef2v", "created": "2023-05-31 10:18:06.66169 +0000 +0000", "kind": "file", "filename": "bostongurka.ps1", "tags": "family:metasploit,backdoor,trojan", "score": 10, "sha256": "785b5a5a7e290b1a00edf82a373b05dda47f252ec91ec64659b64eb98f9cba7a"}, {"sample": "230531-lmksbsea36", "created": "2023-05-31 09:38:59.8663 +0000 +0000", "kind": "file", "filename": "dressing.ps1", "tags": "family:metasploit,backdoor,trojan", "score": 10, "sha256": "7f5b0d5a1a15c2fd6534803134d1995958ad487fc718b5ef54314c3a8de1724d"}, {"sample": "230531-kx9zjadh44", "created": "2023-05-31 09:00:00.96821 +0000 +0000", "kind": "file", "filename": "senap.ps1", "tags": "family:metasploit,backdoor,trojan", "score": 10, "sha256": "3430a2524562462081821d4a8a2740959f646a77c6ccc3dcc803b03b645cb2ea"}, {"sample": "230531-kn9x6sec7v", "created": "2023-05-31 08:46:01.516444 +0000 +0000", "kind": "file", "filename": "Nuevo documento de texto.ps1", "tags": "", "score": 1, "sha256": "e44a89717af34df99ce0645f50697b8d6d5695836b68cc2309ca8ca0128a65a0"}, {"sample": "230531-jyn8saeb2y", "created": "2023-05-31 08:04:48.424843 +0000 +0000", "kind": "file", "filename": "mayo.ps1", "tags": "family:metasploit,backdoor,trojan", "score": 10, "sha256": "2add1258cf750d94d4f77afbaf48d92f195e09bce1757bf9dc20e3b506be9977"}, {"sample": "230531-hcshmsdc89", "created": "2023-05-31 06:35:51.158093 +0000 +0000", "kind": "file", "filename": "ketchup.ps1", "tags": "", "score": 1, "sha256": "689ef586030f08e6211a2d41774c754ea79cf70c02c33e41c85902675811e45e"}, {"sample": "230531-g88n3adf8y", "created": "2023-05-31 06:29:38.450536 +0000 +0000", "kind": "file", "filename": "test.ps1", "tags": "ransomware,spyware,stealer", "score": 8, "sha256": "e5429f2e44990b3d4e249c566fbf19741e671c0e40b809f87248d9ec9114bef9"}, {"sample": "230531-cjzyeach4s", "created": "2023-05-31 02:07:04.83336 +0000 +0000", "kind": "file", "filename": "file.ps1", "tags": "", "score": 8, "sha256": "9d1582c69b56d7279f4962a9648524d9c57613b8fc2f7ad74fc2fd55f748e200"}, {"sample": "230530-yv6qzsbe82", "created": "2023-05-30 20:07:25.785513 +0000 +0000", "kind": "file", "filename": "asd.ps1.ps1", "tags": "", "score": 1, "sha256": "d51e34a47a79465a0ef3916fe01fe667e8e4281ef3b676569e6a1a33419e51ea"}, {"sample": "230530-xn996abf5s", "created": "2023-05-30 19:01:12.721014 +0000 +0000", "kind": "file", "filename": "ps-2.ps1", "tags": "", "score": 8, "sha256": "9d1582c69b56d7279f4962a9648524d9c57613b8fc2f7ad74fc2fd55f748e200"}, {"sample": "230530-xk4yzabb99", "created": "2023-05-30 18:55:40.292791 +0000 +0000", "kind": "file", "filename": "ps-2.ps1", "tags": "", "score": 8, "sha256": "9d1582c69b56d7279f4962a9648524d9c57613b8fc2f7ad74fc2fd55f748e200"}, {"sample": "230530-xeag6sbb78", "created": "2023-05-30 18:45:29.497284 +0000 +0000", "kind": "file", "filename": "sdfzw.php.ps1", "tags": "", "score": 8, "sha256": "0cde883c63b72ede2bdb005cf75629b8d7ebefe4c7571a4741ddae910ec60c9f"}, {"sample": "230530-vsrbqsbc31", "created": "2023-05-30 17:15:25.567313 +0000 +0000", "kind": "file", "filename": "sdfzw.php.ps1", "tags": "", "score": 8, "sha256": "0cde883c63b72ede2bdb005cf75629b8d7ebefe4c7571a4741ddae910ec60c9f"}, {"sample": "230530-vsnwlsbc3z", "created": "2023-05-30 17:15:17.212859 +0000 +0000", "kind": "file", "filename": "rt.php.ps1", "tags": "family:netsupport,persistence,rat", "score": 10, "sha256": "8347464802fc276d09848d28162f8802566f8795a07521c535c693fdfdaa4c3d"}, {"sample": "230530-vskh7aah39", "created": "2023-05-30 17:15:06.599532 +0000 +0000", "kind": "file", "filename": "sdfzw.php.ps1", "tags": "", "score": 8, "sha256": "0cde883c63b72ede2bdb005cf75629b8d7ebefe4c7571a4741ddae910ec60c9f"}, {"sample": "230530-vsf6rsah38", "created": "2023-05-30 17:14:55.828948 +0000 +0000", "kind": "file", "filename": "rt.php.ps1", "tags": "family:netsupport,persistence,rat", "score": 10, "sha256": "8347464802fc276d09848d28162f8802566f8795a07521c535c693fdfdaa4c3d"}, {"sample": "230530-thxkbsae77", "created": "2023-05-30 16:04:03.123394 +0000 +0000", "kind": "file", "filename": "main.ps1", "tags": "pyinstaller,spyware,stealer", "score": 8, "sha256": "ac05a79ddadef4cf85eb4beb4454f8bc9a509b0aab58ac33d0ba764c8e6f95c6"}, {"sample": "230530-thmecsae74", "created": "2023-05-30 16:03:33.063813 +0000 +0000", "kind": "file", "filename": "main.ps1", "tags": "pyinstaller,spyware,stealer", "score": 8, "sha256": "ac05a79ddadef4cf85eb4beb4454f8bc9a509b0aab58ac33d0ba764c8e6f95c6"}, {"sample": "230530-thjcpsae69", "created": "2023-05-30 16:03:23.942239 +0000 +0000", "kind": "file", "filename": "functions.ps1", "tags": "", "score": 1, "sha256": "1cb5c1e30fb14555fc52b5f9b653f741b6a3255ffb16bf5007c7fc104cb4936a"}, {"sample": "230530-thhfeaah8x", "created": "2023-05-30 16:03:20.914427 +0000 +0000", "kind": "file", "filename": "builder.ps1", "tags": "", "score": 10, "sha256": "1fd1c24e0d7b98c60eb5f7380223d0b83abad7ddfa5f0d737e452675f55e5e93"}, {"sample": "230530-tg87qsae59", "created": "2023-05-30 16:02:53.578873 +0000 +0000", "kind": "file", "filename": "PSScriptAnalyzerSettings.psd1", "tags": "", "score": 1, "sha256": "fc94f5efd715e709ef5b5e32fcf3a66786db2808bf7eb773f9dadbf628017f2e"}, {"sample": "230530-m188hshb86", "created": "2023-05-30 10:57:03.594668 +0000 +0000", "kind": "file", "filename": "cd.ps1", "tags": "persistence", "score": 10, "sha256": "6183d84a258d638359377728ad296ea99e8b99d5f37f1917b6afe9b425128ab2"}, {"sample": "230530-mzy16ahb82", "created": "2023-05-30 10:54:48.876542 +0000 +0000", "kind": "file", "filename": "target.ps1", "tags": "", "score": 1, "sha256": "dcd1d5f4c4693ad518f44cf0103b92204afa4292470c73ac0d5ab71da2587407"}, {"sample": "230530-mpdbpshb24", "created": "2023-05-30 10:38:03.68519 +0000 +0000", "kind": "file", "filename": "script.ps1", "tags": "", "score": 1, "sha256": "97c5b6e1b2f3641c648d5623e64bd0e9748e4133eae64a545ac3be5b8bce810f"}, {"sample": "230530-k4sc3agf79", "created": "2023-05-30 09:09:38.569102 +0000 +0000", "kind": "file", "filename": "cff66d_7302ee5aad5a4b9ebf97643e2f8670b0.ps1", "tags": "collection,persistence", "score": 7, "sha256": "2414df906accc57afd909c2167670dcb73e2ebeacfba4c2ac3d98fc8138fe3bc"}, {"sample": "230530-j1fz7agg2y", "created": "2023-05-30 08:07:53.988489 +0000 +0000", "kind": "file", "filename": "download.dat (1).ps1", "tags": "", "score": 8, "sha256": "e256710a69172b77abe095ad5dc4b7b900f306da16c8a34f994b51d503037c68"}, {"sample": "230530-jtf2lsgf6v", "created": "2023-05-30 07:57:25.083356 +0000 +0000", "kind": "file", "filename": "09698999.ps1", "tags": "family:netsupport,rat", "score": 10, "sha256": "76df6e227d710685cefd5b68a320f8d99129609103d881d4d1ebd9413c8eb2a2"}, {"sample": "230530-h93pwagd6x", "created": "2023-05-30 07:27:02.418232 +0000 +0000", "kind": "file", "filename": "ged.ps1", "tags": "family:netsupport,rat", "score": 10, "sha256": "76df6e227d710685cefd5b68a320f8d99129609103d881d4d1ebd9413c8eb2a2"}, {"sample": "230529-2fln2sdg78", "created": "2023-05-29 22:31:29.340278 +0000 +0000", "kind": "file", "filename": "trigger.ps1", "tags": "", "score": 1, "sha256": "b540bd6d7465f09ba0dc1b4d00669d7a2bd0c1bbd51504ca3d81c6be30b519ec"}, {"sample": "230529-2b72gsdg67", "created": "2023-05-29 22:25:33.614098 +0000 +0000", "kind": "file", "filename": "run.ps1", "tags": "persistence", "score": 8, "sha256": "21851303a344f1c0df701b10a6885a6a7bd2cea8554e00fcd9a9cc1bbf882d07"}, {"sample": "230529-zzapsadh9t", "created": "2023-05-29 21:08:48.044131 +0000 +0000", "kind": "file", "filename": "bypass2.ps1", "tags": "", "score": 1, "sha256": "84c666cb4796377873c1392e1e531a9a58907a94e12733e36e6a3233dd8be8a7"}, {"sample": "230529-zvkdesde74", "created": "2023-05-29 21:02:17.809277 +0000 +0000", "kind": "file", "filename": "take_process_data.ps1.ps1", "tags": "family:metasploit,backdoor,trojan", "score": 10, "sha256": "84e923d7764b95d8896502889cf36e53f9c7f89f5dd609c1a9c9cc60a2fa804d"}, {"sample": "230529-yhs95adc92", "created": "2023-05-29 19:47:34.086887 +0000 +0000", "kind": "file", "filename": "1.ps1", "tags": "", "score": 1, "sha256": "b42f61959253173cf1b259ff451241cae45f25af23ac881857fa6b0e7112af8c"}, {"sample": "230529-rpddxscb84", "created": "2023-05-29 14:21:45.728848 +0000 +0000", "kind": "file", "filename": "file.ps1.ps1", "tags": "family:metasploit,backdoor,trojan", "score": 10, "sha256": "e89b596f989783afc3ae2b907c22e92f6f38ac9ba43dca5693bbf1f3711acdec"}, {"sample": "230529-kjb6cabc6t", "created": "2023-05-29 08:37:24.283306 +0000 +0000", "kind": "file", "filename": "ShareX.Libs.G.ps1", "tags": "", "score": 1, "sha256": "726e4a3b07c02934c10b764f1cc1bd2cfc872d4fe6ef3a603f962f2aa9044c04"}, {"sample": "230529-f29r4sac2t", "created": "2023-05-29 05:23:17.337725 +0000 +0000", "kind": "file", "filename": "6471bc8dac218.ps1", "tags": "persistence", "score": 10, "sha256": "b146dd7f30d4ed7536f62fae414f34f45ca32173224ad3b4bc0a14651108b1ba"}, {"sample": "230529-drnqsahd48", "created": "2023-05-29 03:14:40.990298 +0000 +0000", "kind": "file", "filename": "command.ps1", "tags": "", "score": 1, "sha256": "267664dc02eed4515fef26ea374e818fb95839e156c42996d619a3855ec8b1b2"}, {"sample": "230529-bf4xhsha63", "created": "2023-05-29 01:06:07.460161 +0000 +0000", "kind": "file", "filename": "script.ps1", "tags": "", "score": 1, "sha256": "3a29ed377e34fc5ade5d347ae37d7599ad38e9ead7fccf3cb248684ed956f4b1"}, {"sample": "230528-wttzpagb23", "created": "2023-05-28 18:13:14.311001 +0000 +0000", "kind": "file", "filename": "trigger.ps1", "tags": "", "score": 8, "sha256": "93a790e0a65d0a47a7988e81f069c4c7044802c50848735dcaf0f6b0ef921dcd"}, {"sample": "230528-vmqg9agd2y", "created": "2023-05-28 17:06:38.133284 +0000 +0000", "kind": "file", "filename": "t5.ps1", "tags": "", "score": 1, "sha256": "278e1b466cd1438507cebef94f83981883be639a9a2e1aae63e8bff32c6f5569"}, {"sample": "230528-vkjlxsfh54", "created": "2023-05-28 17:02:49.597401 +0000 +0000", "kind": "file", "filename": "t5.ps1", "tags": "", "score": 1, "sha256": "278e1b466cd1438507cebef94f83981883be639a9a2e1aae63e8bff32c6f5569"}, {"sample": "230528-tfvb7afh8y", "created": "2023-05-28 16:00:26.380852 +0000 +0000", "kind": "file", "filename": "file.ps1", "tags": "family:metasploit,backdoor,trojan", "score": 10, "sha256": "194c81b01bf4b3d97e3ba6f9791109573f4a1e1ffc2d112f1e80b5b8d384d883"}, {"sample": "230528-sbaxbafd42", "created": "2023-05-28 14:56:34.150324 +0000 +0000", "kind": "file", "filename": "script.ps1", "tags": "family:metasploit,backdoor,trojan", "score": 10, "sha256": "247370bc28e744bf39529269d78125ea16973d51b633e1c197d764030800dc79"}, {"sample": "230528-q21jjsfb98", "created": "2023-05-28 13:46:09.602223 +0000 +0000", "kind": "file", "filename": "t2.ps1", "tags": "", "score": 10, "sha256": "f1f2958356c98c4d296a747490c067cc11cd53b2812e5d69846069aef6d9adb6"}, {"sample": "230528-mb5h2afc8s", "created": "2023-05-28 10:18:24.180422 +0000 +0000", "kind": "file", "filename": "__PSScriptPolicyTest_x33cry00.nn4.ps1", "tags": "", "score": 1, "sha256": "6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b"}, {"sample": "230528-l9zj1afc7w", "created": "2023-05-28 10:14:38.291568 +0000 +0000", "kind": "file", "filename": "t4.ps1", "tags": "", "score": 1, "sha256": "283b476fcfb95711b116f4f763d63464756e2956f35cbb081f705acc82314279"}, {"sample": "230528-belpjseb5x", "created": "2023-05-28 01:03:29.596478 +0000 +0000", "kind": "file", "filename": "get.ps1", "tags": "", "score": 10, "sha256": "4b9a3b3305a047b1cf5aa0e0cc6eae765501830904ee70d48ec28124364ee973"}, {"sample": "230527-xxcp9adc6x", "created": "2023-05-27 19:13:34.212559 +0000 +0000", "kind": "file", "filename": "__PSScriptPolicyTest_1ogijfk5.dbr.ps1", "tags": "", "score": 1, "sha256": "96ad1146eb96877eab5942ae0736b82d8b5e2039a80d3d6932665c1a4c87dcf7"}, {"sample": "230527-xq4v6ach28", "created": "2023-05-27 19:04:24.062566 +0000 +0000", "kind": "file", "filename": "t4.ps1", "tags": "", "score": 1, "sha256": "283b476fcfb95711b116f4f763d63464756e2956f35cbb081f705acc82314279"}, {"sample": "230527-xjfjzsdc2x", "created": "2023-05-27 18:52:45.841396 +0000 +0000", "kind": "file", "filename": "t4.ps1", "tags": "", "score": 1, "sha256": "283b476fcfb95711b116f4f763d63464756e2956f35cbb081f705acc82314279"}, {"sample": "230527-xe1z5adb9w", "created": "2023-05-27 18:46:46.467928 +0000 +0000", "kind": "file", "filename": "command.ps1", "tags": "", "score": 1, "sha256": "278e1b466cd1438507cebef94f83981883be639a9a2e1aae63e8bff32c6f5569"}, {"sample": "230527-xedjtsdb9t", "created": "2023-05-27 18:45:39.409644 +0000 +0000", "kind": "file", "filename": "command.ps1", "tags": "", "score": 1, "sha256": "278e1b466cd1438507cebef94f83981883be639a9a2e1aae63e8bff32c6f5569"}, {"sample": "230527-w9vwxsdb7t", "created": "2023-05-27 18:37:45.986723 +0000 +0000", "kind": "file", "filename": "command.ps1", "tags": "", "score": 1, "sha256": "278e1b466cd1438507cebef94f83981883be639a9a2e1aae63e8bff32c6f5569"}, {"sample": "230527-w4rbjscg56", "created": "2023-05-27 18:28:49.374585 +0000 +0000", "kind": "file", "filename": "t4.ps1", "tags": "", "score": 1, "sha256": "283b476fcfb95711b116f4f763d63464756e2956f35cbb081f705acc82314279"}, {"sample": "230527-ktwyhabc96", "created": "2023-05-27 08:54:06.739489 +0000 +0000", "kind": "file", "filename": "01132899.ps1", "tags": "family:cobaltstrike,botnet:391144938,backdoor,trojan", "score": 10, "sha256": "17936701708c6afcd07fa143b04aba96d4e91ed88e3a738d09eb2eaab2665e5b"}, {"sample": "230527-jhzdtabe3v", "created": "2023-05-27 07:40:50.704978 +0000 +0000", "kind": "url", "filename": "https://r2.kashin.dev/1.ps1", "tags": "", "score": 3, "sha256": ""}, {"sample": "230527-hp427sbd5x", "created": "2023-05-27 06:55:38.992244 +0000 +0000", "kind": "file", "filename": "evil.ps1", "tags": "family:cobaltstrike,botnet:391144938,backdoor,trojan", "score": 10, "sha256": "17936701708c6afcd07fa143b04aba96d4e91ed88e3a738d09eb2eaab2665e5b"}, {"sample": "230527-hhfq2aba47", "created": "2023-05-27 06:44:00.70037 +0000 +0000", "kind": "url", "filename": "https://r2.kashin.dev/1.ps1", "tags": "", "score": 1, "sha256": ""}, {"sample": "230527-gndm7abc21", "created": "2023-05-27 05:56:42.539784 +0000 +0000", "kind": "file", "filename": "problem.ps1", "tags": "", "score": 1, "sha256": "85f90a508f193c205e8c928134a01126908fc6246cae69533e71cae27f3a05c7"}, {"sample": "230526-2h7pashd92", "created": "2023-05-26 22:36:01.214633 +0000 +0000", "kind": "file", "filename": "dateagent.ps1", "tags": "", "score": 1, "sha256": "7e491f0976e633357358f72543dded45a3b49cc9c2c464495f0a8cb2a7d79970"}, {"sample": "230526-w1999ahb8y", "created": "2023-05-26 18:24:30.837003 +0000 +0000", "kind": "file", "filename": "file.ps1", "tags": "discovery,persistence", "score": 8, "sha256": "acba25512100f80b56fc3ccd14c65be55d94800cda77585c5f41a887e398f9be"}, {"sample": "230526-scn6bsga54", "created": "2023-05-26 14:58:59.112166 +0000 +0000", "kind": "file", "filename": "rt.php.ps1", "tags": "family:netsupport,persistence,rat", "score": 10, "sha256": "c464db92b9cdb0069156187fd9320829452bd71b2fc2907fb1215a4d133ae79c"}, {"sample": "230526-schcsaga52", "created": "2023-05-26 14:58:40.120077 +0000 +0000", "kind": "file", "filename": "rt.php.ps1", "tags": "family:netsupport,persistence,rat", "score": 10, "sha256": "c464db92b9cdb0069156187fd9320829452bd71b2fc2907fb1215a4d133ae79c"}, {"sample": "230526-rnc2rsgc9w", "created": "2023-05-26 14:19:59.878163 +0000 +0000", "kind": "file", "filename": "file.ps1", "tags": "", "score": 1, "sha256": "77e6f78af45f649c5f3b8ebe484a91a144eb203a34a89c8dc5b1c4ca87bc6f71"}, {"sample": "230526-rbvq2sfg53", "created": "2023-05-26 14:01:37.727393 +0000 +0000", "kind": "file", "filename": "dateagent.ps1", "tags": "", "score": 1, "sha256": "7e491f0976e633357358f72543dded45a3b49cc9c2c464495f0a8cb2a7d79970"}, {"sample": "230526-h71gqsec88", "created": "2023-05-26 07:23:25.91961 +0000 +0000", "kind": "file", "filename": "02084799.ps1", "tags": "family:netsupport,persistence,rat", "score": 10, "sha256": "a327e8a5d5a9d9a0384555b354d2a7d4532f078dc1884706d2e2b4e524042982"}, {"sample": "230526-hqx1aaeg7t", "created": "2023-05-26 06:57:04.730347 +0000 +0000", "kind": "file", "filename": "64704bebce64f.ps1", "tags": "family:netsupport,persistence,rat", "score": 10, "sha256": "a327e8a5d5a9d9a0384555b354d2a7d4532f078dc1884706d2e2b4e524042982"}, {"sample": "230526-glw2raea67", "created": "2023-05-26 05:54:06.095609 +0000 +0000", "kind": "file", "filename": "icbt11801_64refl.ps1", "tags": "", "score": 8, "sha256": "beb543e25cf0a9df7b6600bb03626df66f46f88cfe83edd7edc5049394dc062a"}, {"sample": "230526-gf1gzsef3v", "created": "2023-05-26 05:45:33.678739 +0000 +0000", "kind": "file", "filename": "icsnd16_64refl.ps1", "tags": "", "score": 8, "sha256": "16daecf77f7537b525c3488108cedb1827a30e65867caff330be6fa4a7d3fa38"}, {"sample": "230526-ccdrlaea3z", "created": "2023-05-26 01:55:32.22634 +0000 +0000", "kind": "file", "filename": "__PSScriptPolicyTest_nyk5sr2y.c2i.ps1", "tags": "", "score": 1, "sha256": "96ad1146eb96877eab5942ae0736b82d8b5e2039a80d3d6932665c1a4c87dcf7"}, {"sample": "230526-a47smsda94", "created": "2023-05-26 00:47:03.512031 +0000 +0000", "kind": "file", "filename": "test.ps1", "tags": "", "score": 10, "sha256": "505c8df0033a7f944eeebe6635f678f5c9a12839e39598c2269afa5d275b6be0"}, {"sample": "230525-zv75gscd48", "created": "2023-05-25 21:03:25.352029 +0000 +0000", "kind": "file", "filename": "target.ps1", "tags": "", "score": 1, "sha256": "a874d111d07537b49f8801232dede4e859fcaf8f42cf633a16d3681563a29e53"}, {"sample": "230525-zlzfzsda5w", "created": "2023-05-25 20:49:01.703109 +0000 +0000", "kind": "file", "filename": "hi.ps1", "tags": "", "score": 1, "sha256": "a874d111d07537b49f8801232dede4e859fcaf8f42cf633a16d3681563a29e53"}, {"sample": "230525-zlfzmscc97", "created": "2023-05-25 20:48:07.038027 +0000 +0000", "kind": "file", "filename": "hello.ps1.ps1", "tags": "", "score": 1, "sha256": "a874d111d07537b49f8801232dede4e859fcaf8f42cf633a16d3681563a29e53"}, {"sample": "230525-zkwnpsda5s", "created": "2023-05-25 20:47:07.12437 +0000 +0000", "kind": "file", "filename": "go.ps1.ps1", "tags": "", "score": 1, "sha256": "a874d111d07537b49f8801232dede4e859fcaf8f42cf633a16d3681563a29e53"}, {"sample": "230525-wjpl8abf28", "created": "2023-05-25 17:57:16.362372 +0000 +0000", "kind": "file", "filename": "target.ps1", "tags": "persistence", "score": 6, "sha256": "a6f3ea463e46b7c87ac804ca200f3c1b96fc7de7ed82221088db91b3ecc56901"}, {"sample": "230525-wgrc2abf22", "created": "2023-05-25 17:53:52.679042 +0000 +0000", "kind": "file", "filename": ",..ps1", "tags": "", "score": 1, "sha256": "1b16b1df538ba12dc3f97edbb85caa7050d46c148134290feba80f8236c83db9"}, {"sample": "230525-vmbn4abd57", "created": "2023-05-25 17:05:56.389007 +0000 +0000", "kind": "file", "filename": "script.ps1", "tags": "", "score": 8, "sha256": "ca978112ca1bbdcafac231b39a23dc4da786eff8147c4e72b9807785afee48bb"}, {"sample": "230525-vjbjxsbd47", "created": "2023-05-25 17:00:41.014926 +0000 +0000", "kind": "file", "filename": "code.ps1", "tags": "", "score": 1, "sha256": "1b16b1df538ba12dc3f97edbb85caa7050d46c148134290feba80f8236c83db9"}, {"sample": "230525-rq5vkaaf83", "created": "2023-05-25 14:24:50.264694 +0000 +0000", "kind": "file", "filename": "test.ps1", "tags": "", "score": 1, "sha256": "89f14c51a6748e3b35c17b64dc0e173a62ac966b0f1ec7840679381813027428"}, {"sample": "230525-j2xz4agh25", "created": "2023-05-25 08:10:28.541212 +0000 +0000", "kind": "file", "filename": "stager2 - Copy.ps1", "tags": "", "score": 10, "sha256": "83351d463f5414b00bd997464742a7d8cba32c86b4013fe0a1d98bf33aa4cb75"}, {"sample": "230525-jvkq7ahc4x", "created": "2023-05-25 07:59:22.237375 +0000 +0000", "kind": "file", "filename": "stager2 - Copy - Copy.ps1", "tags": "", "score": 10, "sha256": "a01668a0b87e9350f6c55115132311166694e1bc7fe62f9c8cc25fdda19fcdc4"}, {"sample": "230525-jlxz6agg52", "created": "2023-05-25 07:46:00.147578 +0000 +0000", "kind": "file", "filename": "stager2 - Copy.ps1", "tags": "", "score": 10, "sha256": "a01668a0b87e9350f6c55115132311166694e1bc7fe62f9c8cc25fdda19fcdc4"}, {"sample": "230525-a61r4sfh8x", "created": "2023-05-25 00:50:13.078095 +0000 +0000", "kind": "file", "filename": "f92f718c1919fe8ad542298575d641fd.ps1", "tags": "", "score": 8, "sha256": "9f069635a0a5dda8ea002b857a5e5a3d61752d8131c3a82988ea6a2e2439af84"}, {"sample": "230525-a3nndafe23", "created": "2023-05-25 00:44:22.524138 +0000 +0000", "kind": "file", "filename": "7cd7b97fb5edd2a44b9df8b318231a1b.ps1", "tags": "", "score": 8, "sha256": "0352f8641a0a894364b873dccc2738ef9fa6dd606c95fc9db08392238cffe899"}, {"sample": "230524-zm1qfafc51", "created": "2023-05-24 20:50:50.278726 +0000 +0000", "kind": "file", "filename": "code.ps1", "tags": "", "score": 8, "sha256": "685ef62b2f0e4c0fabf9b6b8a3a158218e8c8c0c074269c767b44a3e93bdbcad"}, {"sample": "230524-y9dzhsfc2s", "created": "2023-05-24 20:28:47.85001 +0000 +0000", "kind": "file", "filename": "code.ps1", "tags": "persistence", "score": 8, "sha256": "685ef62b2f0e4c0fabf9b6b8a3a158218e8c8c0c074269c767b44a3e93bdbcad"}, {"sample": "230524-y8d8wseg74", "created": "2023-05-24 20:27:03.646859 +0000 +0000", "kind": "file", "filename": "update.ps1", "tags": "", "score": 8, "sha256": "0352f8641a0a894364b873dccc2738ef9fa6dd606c95fc9db08392238cffe899"}, {"sample": "230524-y8d8wsfb9t", "created": "2023-05-24 20:27:03.573218 +0000 +0000", "kind": "file", "filename": "2.ps1", "tags": "", "score": 8, "sha256": "9f069635a0a5dda8ea002b857a5e5a3d61752d8131c3a82988ea6a2e2439af84"}, {"sample": "230524-y38kjsfb8w", "created": "2023-05-24 20:19:45.781076 +0000 +0000", "kind": "file", "filename": "update.ps1", "tags": "", "score": 8, "sha256": "0352f8641a0a894364b873dccc2738ef9fa6dd606c95fc9db08392238cffe899"}, {"sample": "230524-y323rsfb8v", "created": "2023-05-24 20:19:27.467376 +0000 +0000", "kind": "file", "filename": "lf.ps1", "tags": "", "score": 1, "sha256": "78f62778aaa22a83a695da577d7323506c6218db9e90ed8ed320edbf9b0cd285"}, {"sample": "230524-y3xs2seg65", "created": "2023-05-24 20:19:13.438202 +0000 +0000", "kind": "file", "filename": "2.ps1", "tags": "", "score": 8, "sha256": "9f069635a0a5dda8ea002b857a5e5a3d61752d8131c3a82988ea6a2e2439af84"}, {"sample": "230524-v2wyksdg44", "created": "2023-05-24 17:29:39.184471 +0000 +0000", "kind": "file", "filename": "code.ps1", "tags": "", "score": 1, "sha256": "2e96f24dd7ec59a661fb0eaa75eca7c5d4fa62392f62624d1511a774bc5149a8"}, {"sample": "230524-r4s3xsch87", "created": "2023-05-24 14:45:13.317961 +0000 +0000", "kind": "file", "filename": "code.ps1", "tags": "", "score": 1, "sha256": "293b4d933f5b04545f4bf2686a06b54445a0fb92c20d44aa8cca0b668c8aebc1"}, {"sample": "230524-mht1waca57", "created": "2023-05-24 10:28:22.892918 +0000 +0000", "kind": "file", "filename": "__PSScriptPolicyTest_1jpobfym.2bh.ps1", "tags": "", "score": 1, "sha256": "96ad1146eb96877eab5942ae0736b82d8b5e2039a80d3d6932665c1a4c87dcf7"}, {"sample": "230524-l3rwksce4v", "created": "2023-05-24 10:03:47.916973 +0000 +0000", "kind": "file", "filename": "__PSScriptPolicyTest_1tk5y5mw.plf.ps1", "tags": "", "score": 1, "sha256": "96ad1146eb96877eab5942ae0736b82d8b5e2039a80d3d6932665c1a4c87dcf7"}, {"sample": "230523-zcklgahd27", "created": "2023-05-23 20:34:20.593923 +0000 +0000", "kind": "file", "filename": "LOLA.ps1", "tags": "", "score": 1, "sha256": "7627cb4f5df7dda840a7b3d5f240f82c911d2e607fd7cfd8820b6d020e28fd6f"}, {"sample": "230523-xh2qtshe8s", "created": "2023-05-23 18:52:03.404992 +0000 +0000", "kind": "file", "filename": "33142.ps1", "tags": "family:netsupport,persistence,rat", "score": 10, "sha256": "b41a4eb5971f4dd7b443bd68f92f6af92735d6db5a258e372d57b499882c866a"}, {"sample": "230523-xhelashe7x", "created": "2023-05-23 18:50:57.384391 +0000 +0000", "kind": "file", "filename": "33142.ps1", "tags": "family:netsupport,persistence,rat", "score": 10, "sha256": "b41a4eb5971f4dd7b443bd68f92f6af92735d6db5a258e372d57b499882c866a"}, {"sample": "230523-w1f2eahe2w", "created": "2023-05-23 18:23:04.301842 +0000 +0000", "kind": "file", "filename": "rt.php.ps1", "tags": "family:netsupport,persistence,rat", "score": 10, "sha256": "b41a4eb5971f4dd7b443bd68f92f6af92735d6db5a258e372d57b499882c866a"}, {"sample": "230523-wf6rbshc8v", "created": "2023-05-23 17:52:51.107964 +0000 +0000", "kind": "file", "filename": "rt.php.ps1", "tags": "family:netsupport,persistence,rat", "score": 10, "sha256": "b41a4eb5971f4dd7b443bd68f92f6af92735d6db5a258e372d57b499882c866a"}, {"sample": "230523-svdgjsgg5y", "created": "2023-05-23 15:26:25.728452 +0000 +0000", "kind": "file", "filename": "Malware-js.ps1", "tags": "", "score": 1, "sha256": "3a08d61385cfac7fff6c6254f50cc9eeedb3edb4d9bd812d52d950d53250cb51"}, {"sample": "230523-r9l7kagf6t", "created": "2023-05-23 14:53:38.271081 +0000 +0000", "kind": "file", "filename": "malware-ps-skript.ps1", "tags": "", "score": 1, "sha256": "3a08d61385cfac7fff6c6254f50cc9eeedb3edb4d9bd812d52d950d53250cb51"}, {"sample": "230523-rde4dagd8z", "created": "2023-05-23 14:04:22.174818 +0000 +0000", "kind": "file", "filename": "__PSScriptPolicyTest_lkelommx.s2m.ps1", "tags": "", "score": 1, "sha256": "96ad1146eb96877eab5942ae0736b82d8b5e2039a80d3d6932665c1a4c87dcf7"}, {"sample": "230523-ptefnsgb71", "created": "2023-05-23 12:36:57.386753 +0000 +0000", "kind": "file", "filename": "huh.ps1", "tags": "family:asyncrat,botnet:oso_neew,rat", "score": 10, "sha256": "ac1bdd0a6805d540ab7f6c1b97a13e75481cf6f34fc29fedec7fdae985c84f84"}, {"sample": "230522-zfjtcadd3w", "created": "2023-05-22 20:39:32.49726 +0000 +0000", "kind": "file", "filename": "s.py.ps1", "tags": "", "score": 1, "sha256": "ce9a0957dca3dfb7c6b78b5892c0a285ba37e716cb239142c65035388c55463c"}, {"sample": "230522-yf88kacc49", "created": "2023-05-22 19:44:50.872878 +0000 +0000", "kind": "file", "filename": "f2afd46cfef3883fc858ca7b7730d4d6ee56a7aedbdb1b1f7bda7dba054f489e.ps1", "tags": "", "score": 8, "sha256": "f2afd46cfef3883fc858ca7b7730d4d6ee56a7aedbdb1b1f7bda7dba054f489e"}, {"sample": "230522-w4ww2acg3s", "created": "2023-05-22 18:29:04.288199 +0000 +0000", "kind": "file", "filename": "soc.ps1", "tags": "", "score": 8, "sha256": "f2afd46cfef3883fc858ca7b7730d4d6ee56a7aedbdb1b1f7bda7dba054f489e"}, {"sample": "230522-r88deabg7x", "created": "2023-05-22 14:52:56.305193 +0000 +0000", "kind": "file", "filename": "file.ps1", "tags": "", "score": 1, "sha256": "0b667369fb5f3ad13542b0f3b0cf08e1d4eefe20ae358aaa42509e2b64972b10"}, {"sample": "230522-labnwsfd25", "created": "2023-05-22 09:19:19.636019 +0000 +0000", "kind": "file", "filename": "__PSScriptPolicyTest_mifydbrx.2f4.ps1", "tags": "", "score": 1, "sha256": "96ad1146eb96877eab5942ae0736b82d8b5e2039a80d3d6932665c1a4c87dcf7"}, {"sample": "230522-jzqg8shf8y", "created": "2023-05-22 08:06:37.105327 +0000 +0000", "kind": "file", "filename": "target.ps1", "tags": "", "score": 1, "sha256": "3a3d5f94e674f250dd8fa5d07d0092bea64aab5875a636207e7df0e87bdacb8a"}, {"sample": "230522-jvrjqseh75", "created": "2023-05-22 07:59:41.160867 +0000 +0000", "kind": "file", "filename": "f2.ps1", "tags": "", "score": 1, "sha256": "bba814c531b3652a8ea9eb61691cb6a23309db1ab3de7b8e2f357d51320ac10b"}, {"sample": "230522-gg227sec67", "created": "2023-05-22 05:47:23.838578 +0000 +0000", "kind": "file", "filename": "trigger.ps1", "tags": "", "score": 1, "sha256": "6e65236bf69dd6c3259ebfe21ad382a5957703a5ba7aae9f34fd65a080b50712"}, {"sample": "230521-2fxrbacg39", "created": "2023-05-21 22:32:02.863357 +0000 +0000", "kind": "file", "filename": "powershell.ps1", "tags": "", "score": 8, "sha256": "0c044ef3f9fc8ab3ae19b37dec522788e2e5a389c0bfa64165438649f6f29ef0"}, {"sample": "230521-n4x54acf9y", "created": "2023-05-21 11:57:40.209219 +0000 +0000", "kind": "file", "filename": "ea9f9ad9b20197ecbb4226b09ca1cb98cc5505a5f7fe5a74b232dc701d928ff6.ps1", "tags": "", "score": 8, "sha256": "ea9f9ad9b20197ecbb4226b09ca1cb98cc5505a5f7fe5a74b232dc701d928ff6"}, {"sample": "230521-nrah9scf6v", "created": "2023-05-21 11:37:19.335264 +0000 +0000", "kind": "file", "filename": "5b413edd2a06f981438a8c646015936e2949c28d000c7b0b76e4c56b138a5aed.ps1", "tags": "", "score": 1, "sha256": "5b413edd2a06f981438a8c646015936e2949c28d000c7b0b76e4c56b138a5aed"}, {"sample": "230520-fab2rsae53", "created": "2023-05-20 04:39:43.138346 +0000 +0000", "kind": "file", "filename": "trial2.ps1", "tags": "", "score": 8, "sha256": "b946ddcdde8348a74a47ffca60160ff81f34614e7616082c21ea372139effff1"}, {"sample": "230520-dkxp4sab63", "created": "2023-05-20 03:04:37.709051 +0000 +0000", "kind": "file", "filename": "target.ps1", "tags": "", "score": 1, "sha256": "c4cc388ae37677ac652193eec9abca9373951987ced25fe2dcec02326b096bd4"}, {"sample": "230519-z2d5zsgc49", "created": "2023-05-19 21:12:29.982563 +0000 +0000", "kind": "file", "filename": "target.ps1", "tags": "", "score": 6, "sha256": "e596899f114b5162402325dfb31fdaa792fabed718628336cc7a35a24f38eaa9"}, {"sample": "230519-thaesshd2x", "created": "2023-05-19 16:02:57.057687 +0000 +0000", "kind": "file", "filename": "ps1.ps1.ps1", "tags": "", "score": 1, "sha256": "b19b86c5757f48a36f217ebee7de0c07602a2954d61e1ad0130256c188ad0ea1"}, {"sample": "230519-gnrvtaeb9v", "created": "2023-05-19 05:57:22.778243 +0000 +0000", "kind": "file", "filename": "file01.ps1", "tags": "", "score": 1, "sha256": "7e9feda6e593b6d7e3c15032edb0cd3e2d1ec585d8f5691e951ac70059ce4240"}, {"sample": "230518-ywgs9adg55", "created": "2023-05-18 20:07:58.296575 +0000 +0000", "kind": "file", "filename": "DebugUIObv.py.ps1", "tags": "", "score": 1, "sha256": "998622cf4363f8df133326bee43e34389ebcc90292c245b7471426129e95a1df"}, {"sample": "230518-xbemqacc9t", "created": "2023-05-18 18:40:27.999243 +0000 +0000", "kind": "file", "filename": "rt.php.ps1", "tags": "family:netsupport,persistence,rat", "score": 10, "sha256": "13448857262015eceddd5d70ad3a11f1fd231921b1176f2162b051440a4c52fc"}, {"sample": "230518-tv77lada29", "created": "2023-05-18 16:23:48.975803 +0000 +0000", "kind": "file", "filename": "script.ps1", "tags": "", "score": 1, "sha256": "b7aa0ef0665b968505712f71f7a1479b06ba45f7d26dea138689d92075b3c4ac"}, {"sample": "230518-raryrscb29", "created": "2023-05-18 13:59:43.717686 +0000 +0000", "kind": "file", "filename": "ddba8b595c8da453bd7a36a375941a66.ps1", "tags": "", "score": 8, "sha256": "4cafdfe89c79a40b0ffbe66c48c190fa0123277cbe0d2e670a1e65509c0fc937"}, {"sample": "230518-qzse6abc27", "created": "2023-05-18 13:42:16.742115 +0000 +0000", "kind": "file", "filename": "1.ps1", "tags": "family:xmrig,miner", "score": 10, "sha256": "f5970eabcdd2c6d2412e69a5a5bb83a78973fb08434719a3aba900028c376e98"}, {"sample": "230518-qyyksaab2x", "created": "2023-05-18 13:40:48.107522 +0000 +0000", "kind": "file", "filename": "1.ps1", "tags": "family:xmrig,miner", "score": 10, "sha256": "f5970eabcdd2c6d2412e69a5a5bb83a78973fb08434719a3aba900028c376e98"}, {"sample": "230518-qmskdshg8v", "created": "2023-05-18 13:23:03.418388 +0000 +0000", "kind": "file", "filename": "runlastrun.ps1", "tags": "", "score": 10, "sha256": "514cd71508ca9b3f35afe09a943e97c547e9caeda12cd9083b1d3982068d692b"}, {"sample": "230518-mx4hvsad94", "created": "2023-05-18 10:51:33.968207 +0000 +0000", "kind": "file", "filename": "__PSScriptPolicyTest_jyaazavv.wop.ps1", "tags": "", "score": 1, "sha256": "96ad1146eb96877eab5942ae0736b82d8b5e2039a80d3d6932665c1a4c87dcf7"}, {"sample": "230518-mxv7gsad92", "created": "2023-05-18 10:51:08.990486 +0000 +0000", "kind": "file", "filename": "__PSScriptPolicyTest_jyaazavv.wop.ps1", "tags": "", "score": 1, "sha256": "96ad1146eb96877eab5942ae0736b82d8b5e2039a80d3d6932665c1a4c87dcf7"}, {"sample": "230518-h6nfsaha5v", "created": "2023-05-18 07:21:04.252821 +0000 +0000", "kind": "file", "filename": "ddba8b595c8da453bd7a36a375941a66.ps1", "tags": "", "score": 8, "sha256": "4cafdfe89c79a40b0ffbe66c48c190fa0123277cbe0d2e670a1e65509c0fc937"}, {"sample": "230518-d1hwwshf28", "created": "2023-05-18 03:28:23.29295 +0000 +0000", "kind": "file", "filename": "file3.ps1", "tags": "", "score": 1, "sha256": "2eeb0681255ab4ec06e8434acd39da0ed7188a6f33fc352bca45bdab44c5f844"}, {"sample": "230518-czcg2shd49", "created": "2023-05-18 02:30:25.469747 +0000 +0000", "kind": "file", "filename": "1.ps1", "tags": "family:xmrig,miner", "score": 10, "sha256": "f5970eabcdd2c6d2412e69a5a5bb83a78973fb08434719a3aba900028c376e98"}, {"sample": "230517-3xvhysfg6x", "created": "2023-05-17 23:54:03.049698 +0000 +0000", "kind": "file", "filename": "ps.ps1", "tags": "", "score": 1, "sha256": "779475904292505f5062d51635f1bf3bf674ede9ac27fff303c2d371930c70f9"}, {"sample": "230517-z91zqagd93", "created": "2023-05-17 21:25:48.158285 +0000 +0000", "kind": "file", "filename": "ping.ps1.ps1", "tags": "", "score": 1, "sha256": "df7bb29f9681911d62ebd8a6de1074351865de9f3a03b3a46463babc3f903407"}, {"sample": "230517-z8kw4sgd88", "created": "2023-05-17 21:23:17.44516 +0000 +0000", "kind": "file", "filename": "test.ps1.ps1", "tags": "", "score": 1, "sha256": "00f5665a4618bee490de3aeb5ad0a7a896fcbf215095f89028c56c5b2a27c0f4"}, {"sample": "230517-w4babsga88", "created": "2023-05-17 18:28:03.43894 +0000 +0000", "kind": "file", "filename": "run.ps1", "tags": "family:asyncrat,botnet:may_1,persistence,rat", "score": 10, "sha256": "fa9fe798ce4705a1ccbb22f8cb813c84e4abce585413eb7e26f0934443e75dbd"}, {"sample": "230517-wrb14aga72", "created": "2023-05-17 18:08:52.815277 +0000 +0000", "kind": "file", "filename": "run.ps1", "tags": "family:asyncrat,botnet:may_1,persistence,rat", "score": 10, "sha256": "fa9fe798ce4705a1ccbb22f8cb813c84e4abce585413eb7e26f0934443e75dbd"}, {"sample": "230517-wgyr4sfa9s", "created": "2023-05-17 17:54:12.998242 +0000 +0000", "kind": "file", "filename": "download.ps1", "tags": "", "score": 8, "sha256": "948117c2a6d68251997d49f7cdb833272e79f44093e2efcb9212d49f9d8591a8"}, {"sample": "230517-tf394aeg2z", "created": "2023-05-17 16:00:52.562698 +0000 +0000", "kind": "file", "filename": "f2.ps1", "tags": "persistence", "score": 10, "sha256": "89c11a89afd7118dbad1b6a987dfb771108648a842c47d81fb489d15a72bbdb8"}, {"sample": "230517-sgkzgaee3z", "created": "2023-05-17 15:05:48.015395 +0000 +0000", "kind": "file", "filename": "nnote.ps1", "tags": "family:xworm,rat,trojan", "score": 10, "sha256": "93d1bebb555236a4aaf3eab6ed0a49a483e29a4c08de3b13a2695996e94407b0"}, {"sample": "230517-sbvaysfd82", "created": "2023-05-17 14:57:31.470743 +0000 +0000", "kind": "file", "filename": "in3.ps1", "tags": "family:xmrig,miner", "score": 10, "sha256": "7e6ad32ab7a31d887bb3d081c59f144713fc631aa0bf942abd1ec4242ed96216"}, {"sample": "230517-sakecsfd78", "created": "2023-05-17 14:55:17.770224 +0000 +0000", "kind": "file", "filename": "in6.ps1", "tags": "family:xmrig,miner", "score": 10, "sha256": "c684672969031beae4460d4e241410c5f4eee42faebd5b93395bca26d19d2eab"}, {"sample": "230517-pz7dmseb2s", "created": "2023-05-17 12:47:03.486038 +0000 +0000", "kind": "file", "filename": "f2.ps1", "tags": "persistence", "score": 10, "sha256": "d885b84d8d8059451a119b32d164280284d428350d2bfcfaf7b84f1b2223a42a"}, {"sample": "230517-n2vxysdh81", "created": "2023-05-17 11:54:03.247899 +0000 +0000", "kind": "file", "filename": "file2.ps1", "tags": "family:netsupport,persistence,rat", "score": 10, "sha256": "368d74adbbf7fc8398d9bebe64f10275c0caac68703ccdb1c3cbef52fe7db900"}, {"sample": "230517-m1n8cadg7s", "created": "2023-05-17 10:56:04.775079 +0000 +0000", "kind": "file", "filename": "code.ps1", "tags": "", "score": 1, "sha256": "31b25869b39f1baa9e7fc279255901b696c36629e57294d4455f479534139852"}, {"sample": "230517-m1n8cadg61", "created": "2023-05-17 10:56:04.011721 +0000 +0000", "kind": "file", "filename": "install.ps1", "tags": "", "score": 8, "sha256": "45014ac94baaa135449d73da9f4760acdae4c8943fa9998a47b74d0bba8a5295"}, {"sample": "230517-mk9t4sef84", "created": "2023-05-17 10:32:37.424666 +0000 +0000", "kind": "file", "filename": "4143f0ec68dd1ffa3876e7da68632c00489f6f5caf6d8d5320ace262617ba853.ps1", "tags": "", "score": 1, "sha256": "4143f0ec68dd1ffa3876e7da68632c00489f6f5caf6d8d5320ace262617ba853"}, {"sample": "230517-mjg3psef79", "created": "2023-05-17 10:29:31.943955 +0000 +0000", "kind": "file", "filename": "4143f0ec68dd1ffa3876e7da68632c00489f6f5caf6d8d5320ace262617ba853.ps1", "tags": "", "score": 1, "sha256": "4143f0ec68dd1ffa3876e7da68632c00489f6f5caf6d8d5320ace262617ba853"}, {"sample": "230517-l6sbhsdf71", "created": "2023-05-17 10:09:03.89121 +0000 +0000", "kind": "file", "filename": "f1.ps1", "tags": "family:netsupport,persistence,rat", "score": 10, "sha256": "586e43521ce91313e492debe70701ba243a53de4b107845a898b49d196482b9e"}, {"sample": "230517-lnyetaee69", "created": "2023-05-17 09:41:22.649398 +0000 +0000", "kind": "file", "filename": "4143f0ec68dd1ffa3876e7da68632c00489f6f5caf6d8d5320ace262617ba853.ps1", "tags": "", "score": 1, "sha256": "4143f0ec68dd1ffa3876e7da68632c00489f6f5caf6d8d5320ace262617ba853"}, {"sample": "230516-xkyrysbc3t", "created": "2023-05-16 18:55:23.777112 +0000 +0000", "kind": "file", "filename": "rt.php.ps1", "tags": "family:netsupport,persistence,rat", "score": 10, "sha256": "b51ceb37db5a9fdafa91ebe1a531da060af46992c24304bf0a3cf304c211a7b8"}, {"sample": "230516-xa5shsca67", "created": "2023-05-16 18:39:59.622092 +0000 +0000", "kind": "file", "filename": "rt.php.ps1", "tags": "family:netsupport,persistence,rat", "score": 10, "sha256": "024ed52afb1d8f7ff34f713ed68f0c0c033c5ea0cc06368662e00f6c43013025"}, {"sample": "230516-sr8hhsad81", "created": "2023-05-16 15:22:39.734884 +0000 +0000", "kind": "file", "filename": "config_40.ps1", "tags": "", "score": 1, "sha256": "d1ce98a83d2e14dc99f340a3ca796a2ccb7b1f8f30f1d2e6fa3419ce0c0c0fd4"}, {"sample": "230516-smhfjabd24", "created": "2023-05-16 15:14:24.81123 +0000 +0000", "kind": "file", "filename": "debug2.ps1", "tags": "", "score": 1, "sha256": "9b368cea2913eb1695773f088fe3409964611360cca2d267cd367a7a02348c62"}, {"sample": "230516-skvyvaad7s", "created": "2023-05-16 15:11:32.752299 +0000 +0000", "kind": "file", "filename": "install.ps1", "tags": "", "score": 8, "sha256": "45014ac94baaa135449d73da9f4760acdae4c8943fa9998a47b74d0bba8a5295"}, {"sample": "230516-r5vm5sac91", "created": "2023-05-16 14:47:03.657719 +0000 +0000", "kind": "file", "filename": "debug2.ps1", "tags": "", "score": 1, "sha256": "a8a284f377cb9f21c53e5553234ecb693dc4c2c38f3306b6cde4aead5e05e913"}, {"sample": "230516-rtbe5aac51", "created": "2023-05-16 14:28:38.514849 +0000 +0000", "kind": "file", "filename": "debug2.ps1", "tags": "", "score": 8, "sha256": "86328ee9d0456fd86bf4fff28cd53944043a53654d36d312506b08d807fc03df"}, {"sample": "230516-pg9faahg7s", "created": "2023-05-16 12:19:12.149163 +0000 +0000", "kind": "file", "filename": "o.ps1", "tags": "", "score": 10, "sha256": "57444d33e423ceed45e79f12208fa085e3cb041e3deb904f1c5404f4774cf20e"}, {"sample": "230516-pfevaahg5y", "created": "2023-05-16 12:16:00.44945 +0000 +0000", "kind": "file", "filename": "file..ps1", "tags": "evasion", "score": 10, "sha256": "c6f45b067c9f5bba639df001aefe8f306b058331a40411136b27105c14ddc2e7"}, {"sample": "230516-byhr1aba37", "created": "2023-05-16 01:33:02.845413 +0000 +0000", "kind": "file", "filename": "ca26ba4682518b0c893a42fbc9f8c11e.ps1", "tags": "family:cobaltstrike,botnet:0,botnet:1234567890,backdoor,trojan", "score": 10, "sha256": "0749c57fa5774132e6218a35182fdb0d52a0f06fcd6d740dffa31342e43554eb"}, {"sample": "230515-169ccsgh5t", "created": "2023-05-15 22:16:53.078368 +0000 +0000", "kind": "file", "filename": "spicetify.ps1", "tags": "", "score": 8, "sha256": "991503c6ea14ddfe93cc18b993cb416ea2917db6e6ddd9b207fe813b5eb626b3"}, {"sample": "230515-16mtcsad59", "created": "2023-05-15 22:15:49.075157 +0000 +0000", "kind": "file", "filename": "__PSScriptPolicyTest_22btvaly.kqu.ps1", "tags": "", "score": 1, "sha256": "6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b"}, {"sample": "230515-15b1gaad48", "created": "2023-05-15 22:13:32.81746 +0000 +0000", "kind": "file", "filename": "spicetify.ps1", "tags": "", "score": 8, "sha256": "991503c6ea14ddfe93cc18b993cb416ea2917db6e6ddd9b207fe813b5eb626b3"}, {"sample": "230515-1fqsbsac65", "created": "2023-05-15 21:35:47.052318 +0000 +0000", "kind": "file", "filename": "iwick.ps1", "tags": "", "score": 6, "sha256": "aee2a98791714e42dcf8310550e2af6cb5cfc9b0e84ad1269aa84069ea90a193"}, {"sample": "230515-1exjgsgg4v", "created": "2023-05-15 21:34:21.669203 +0000 +0000", "kind": "file", "filename": "iwick.ps1", "tags": "", "score": 6, "sha256": "aee2a98791714e42dcf8310550e2af6cb5cfc9b0e84ad1269aa84069ea90a193"}, {"sample": "230515-yztl8ahc29", "created": "2023-05-15 20:13:48.890348 +0000 +0000", "kind": "file", "filename": "spicetify.ps1", "tags": "", "score": 8, "sha256": "991503c6ea14ddfe93cc18b993cb416ea2917db6e6ddd9b207fe813b5eb626b3"}, {"sample": "230515-yqlj9ahb87", "created": "2023-05-15 19:59:26.794401 +0000 +0000", "kind": "file", "filename": "spicetify.ps1", "tags": "", "score": 8, "sha256": "991503c6ea14ddfe93cc18b993cb416ea2917db6e6ddd9b207fe813b5eb626b3"}, {"sample": "230515-w2ff9sgh22", "created": "2023-05-15 18:24:47.906881 +0000 +0000", "kind": "file", "filename": "f1.ps1", "tags": "persistence", "score": 10, "sha256": "8444bbf0d0f56b58079a8c83f3c6fc8c7fc1ad7a62867681a09b0609354f6a6f"}, {"sample": "230515-wg4clagg39", "created": "2023-05-15 17:54:28.261953 +0000 +0000", "kind": "file", "filename": "malvbs.ps1", "tags": "", "score": 1, "sha256": "ee4b6a8374dd421f9132e13d392843138b29e2bcd133715afd14857ebbeb2b39"}, {"sample": "230515-v1j8dsfb4t", "created": "2023-05-15 17:27:19.945152 +0000 +0000", "kind": "file", "filename": "f2.ps1", "tags": "persistence", "score": 10, "sha256": "89c11a89afd7118dbad1b6a987dfb771108648a842c47d81fb489d15a72bbdb8"}, {"sample": "230515-ssftwsgb49", "created": "2023-05-15 15:23:03.894898 +0000 +0000", "kind": "file", "filename": "563d84d8_0c79ad0f738bdbcb2b761295a25a2c9a66aa2ca96eba8e6b8913d3168e9dacbc.ps1", "tags": "", "score": 1, "sha256": "0c79ad0f738bdbcb2b761295a25a2c9a66aa2ca96eba8e6b8913d3168e9dacbc"}, {"sample": "230515-qv4bvsff52", "created": "2023-05-15 13:35:49.553738 +0000 +0000", "kind": "file", "filename": "rt.php.ps1", "tags": "family:netsupport,persistence,rat", "score": 10, "sha256": "ac44717fbb68a8a19cb5056c50cb99289f4b41e8b4ea17b3fde12a7077849015"}, {"sample": "230515-qvx5vaff49", "created": "2023-05-15 13:35:32.835196 +0000 +0000", "kind": "file", "filename": "rt.php.ps1", "tags": "family:netsupport,persistence,rat", "score": 10, "sha256": "ac44717fbb68a8a19cb5056c50cb99289f4b41e8b4ea17b3fde12a7077849015"}, {"sample": "230515-p23s8sfd74", "created": "2023-05-15 12:50:21.245311 +0000 +0000", "kind": "file", "filename": "adobe_update.ps1", "tags": "", "score": 1, "sha256": "a3e3624464c2c70c5d5897f71553ff3fd2629249cd3a65eabcd3d0ea3adfde16"}, {"sample": "230515-n9qm7sfc38", "created": "2023-05-15 12:06:03.463586 +0000 +0000", "kind": "file", "filename": "PowerShell .txt.ps1", "tags": "", "score": 1, "sha256": "dbb80ac555af343629e99b423eae2aa8923862984da0f0bee5fb758723386a7e"}, {"sample": "230515-gtx9sahc7t", "created": "2023-05-15 06:06:24.804426 +0000 +0000", "kind": "file", "filename": "2.ps1", "tags": "", "score": 8, "sha256": "4c7be8e68c7575855d335002856e3be843f61f17d1400f99c449d985558410f3"}, {"sample": "230514-2cyjfadg62", "created": "2023-05-14 22:26:50.743946 +0000 +0000", "kind": "file", "filename": "loc.ps1", "tags": "persistence", "score": 10, "sha256": "5f5f8f102490525c22deed33b94fa01b52289e7166eedccd04cfece900958669"}, {"sample": "230514-ydqcnsff3t", "created": "2023-05-14 19:40:25.137605 +0000 +0000", "kind": "file", "filename": "oof!.ps1", "tags": "", "score": 1, "sha256": "a874d111d07537b49f8801232dede4e859fcaf8f42cf633a16d3681563a29e53"}, {"sample": "230514-yaszdsfe9y", "created": "2023-05-14 19:35:19.901949 +0000 +0000", "kind": "file", "filename": "oof!.ps1", "tags": "", "score": 1, "sha256": "a874d111d07537b49f8801232dede4e859fcaf8f42cf633a16d3681563a29e53"}, {"sample": "230514-yacbmsdd52", "created": "2023-05-14 19:34:31.931517 +0000 +0000", "kind": "file", "filename": "oof!.ps1", "tags": "", "score": 1, "sha256": "a874d111d07537b49f8801232dede4e859fcaf8f42cf633a16d3681563a29e53"}, {"sample": "230514-x9gvqsdd46", "created": "2023-05-14 19:33:01.252607 +0000 +0000", "kind": "file", "filename": "oof!.ps1", "tags": "", "score": 1, "sha256": "a874d111d07537b49f8801232dede4e859fcaf8f42cf633a16d3681563a29e53"}, {"sample": "230514-x475qsfe8s", "created": "2023-05-14 19:25:33.424724 +0000 +0000", "kind": "file", "filename": "oof!.ps1", "tags": "", "score": 1, "sha256": "bdb9a8832070ec837d1cbc9a3c72138e0b1edc3c5f08a07569c8f21fa67346ac"}, {"sample": "230514-xcn8jsfd6w", "created": "2023-05-14 18:42:41.888678 +0000 +0000", "kind": "file", "filename": "test.ps1", "tags": "family:njrat,botnet:fr,evasion,persistence,trojan", "score": 10, "sha256": "fa76399ee63b8579dcfb51ede098fbe6a09ed34d149dcbc4bee353fdd15aeddd"}, {"sample": "230514-pfj41aeb7t", "created": "2023-05-14 12:16:14.355761 +0000 +0000", "kind": "file", "filename": "1.ps1", "tags": "", "score": 1, "sha256": "d50a7d93e56ffd08a7dfd8d31c3c0239a1efe7467d996489257c54be7564a512"}, {"sample": "230514-fa4f1sda31", "created": "2023-05-14 04:41:03.8157 +0000 +0000", "kind": "file", "filename": "f21615f433a0e25b5c635046c6196372.ps1", "tags": "family:cobaltstrike,botnet:0,backdoor,trojan", "score": 10, "sha256": "ed61867a9878f644cdecf432805c8560bfa39b9191be013067eb875500a80f53"}, {"sample": "230514-d5qgjaae78", "created": "2023-05-14 03:35:44.131837 +0000 +0000", "kind": "file", "filename": "test.ps1", "tags": "family:njrat,botnet:fr,evasion,persistence,trojan", "score": 10, "sha256": "fa76399ee63b8579dcfb51ede098fbe6a09ed34d149dcbc4bee353fdd15aeddd"}, {"sample": "230513-rszfkaag2y", "created": "2023-05-13 14:28:02.839902 +0000 +0000", "kind": "file", "filename": "1.ps1", "tags": "family:metasploit,backdoor,trojan", "score": 10, "sha256": "232940153e174d0234d92d1764bfce3b6a72133f4312d80101df5653adaebb42"}, {"sample": "230513-rrmqdagd52", "created": "2023-05-13 14:25:42.865653 +0000 +0000", "kind": "file", "filename": "1.ps1", "tags": "family:metasploit,backdoor,trojan", "score": 10, "sha256": "232940153e174d0234d92d1764bfce3b6a72133f4312d80101df5653adaebb42"}, {"sample": "230513-qnx69sgc44", "created": "2023-05-13 13:25:03.508245 +0000 +0000", "kind": "file", "filename": "6dea03b74f33d78a1dc1deea989c4ba5.ps1", "tags": "family:cobaltstrike,botnet:0,botnet:100000,backdoor,trojan", "score": 10, "sha256": "9955ffce43705c8f12e999a2cc6848db65b1eabe7367350d6959047210ed21e5"}, {"sample": "230513-lb8p1sfh67", "created": "2023-05-13 09:22:39.824773 +0000 +0000", "kind": "file", "filename": "next.ps1", "tags": "family:njrat,botnet:fr,evasion,persistence,trojan", "score": 10, "sha256": "72c83c7b3d29371e93c8180520c25ca54da0cc661f37cf7a44f54990f21effe6"}, {"sample": "230513-e9gwmafe55", "created": "2023-05-13 04:38:13.993886 +0000 +0000", "kind": "file", "filename": "main.py.ps1", "tags": "", "score": 1, "sha256": "e7ce66cab6c7db53530c83760598eab5877e7e2f2119c8e4487e56be955230c4"}, {"sample": "230512-yhk9hsge6t", "created": "2023-05-12 19:47:11.152591 +0000 +0000", "kind": "file", "filename": "file.ps1", "tags": "", "score": 10, "sha256": "9f6ecee68848f1641c39af71213150b5481d2a710fdf4460a46cc48aaebc3217"}, {"sample": "230512-sccsasff9y", "created": "2023-05-12 14:58:25.741234 +0000 +0000", "kind": "file", "filename": "a.bat.ps1", "tags": "", "score": 7, "sha256": "5acf9bc16d9ba595ac8d518599a839d2d9ec11711c4bee8ce4d171c8e199d01c"}, {"sample": "230512-pl6vysda79", "created": "2023-05-12 12:26:03.796042 +0000 +0000", "kind": "file", "filename": "file3.ps1", "tags": "family:netsupport,persistence,rat", "score": 10, "sha256": "a7b0e2d3354a350f9652e570b3bc0a5223dbf7f250dd772900beddecdb749929"}, {"sample": "230512-nl5gfsch45", "created": "2023-05-12 11:30:03.886656 +0000 +0000", "kind": "file", "filename": "file4.ps1", "tags": "family:netsupport,persistence,rat", "score": 10, "sha256": "bad8dd8a1fc90352747ebc4c70c7017f39c42df06016f8ddd8b59e49b5586969"}, {"sample": "230512-mty4zacg37", "created": "2023-05-12 10:46:04.969656 +0000 +0000", "kind": "file", "filename": "file1.ps1", "tags": "family:netsupport,persistence,rat", "score": 10, "sha256": "8d6c081ac54baaa002cff13ce739d3f7745dc646d021f103a0b59807db5143b7"}, {"sample": "230512-e77z2abg57", "created": "2023-05-12 04:36:00.972063 +0000 +0000", "kind": "file", "filename": "__PSScriptPolicyTest_ppruvto1.duo.ps1", "tags": "", "score": 1, "sha256": "96ad1146eb96877eab5942ae0736b82d8b5e2039a80d3d6932665c1a4c87dcf7"}, {"sample": "230512-e7k59sbg53", "created": "2023-05-12 04:34:55.306531 +0000 +0000", "kind": "file", "filename": "__PSScriptPolicyTest_2e2b42l0.qw3.ps1", "tags": "", "score": 1, "sha256": "96ad1146eb96877eab5942ae0736b82d8b5e2039a80d3d6932665c1a4c87dcf7"}, {"sample": "230512-e6rxesea51", "created": "2023-05-12 04:33:29.426006 +0000 +0000", "kind": "file", "filename": "__PSScriptPolicyTest_cbvesmlu.znf.ps1", "tags": "", "score": 1, "sha256": "96ad1146eb96877eab5942ae0736b82d8b5e2039a80d3d6932665c1a4c87dcf7"}, {"sample": "230512-c56m3sbd87", "created": "2023-05-12 02:40:35.176393 +0000 +0000", "kind": "file", "filename": "rt.php.ps1", "tags": "family:netsupport,persistence,rat", "score": 10, "sha256": "b22b475cd428d471ae53da908f18a5c98c5c00a685c22906d4cd802f2a4f29dd"}, {"sample": "230512-cmt7bsbd42", "created": "2023-05-12 02:12:03.804522 +0000 +0000", "kind": "file", "filename": "rt.php.ps1", "tags": "family:netsupport,persistence,rat", "score": 10, "sha256": "b22b475cd428d471ae53da908f18a5c98c5c00a685c22906d4cd802f2a4f29dd"}, {"sample": "230511-yfkvzacf4y", "created": "2023-05-11 19:43:40.110052 +0000 +0000", "kind": "file", "filename": "Chat.ps1", "tags": "family:redline,infostealer", "score": 10, "sha256": "35f003c6ee4b9261caac262983739bceabc65c859b01414d170942cfd92de495"}, {"sample": "230511-r1vgksea65", "created": "2023-05-11 14:40:03.36176 +0000 +0000", "kind": "file", "filename": "abcedfgh.ps1", "tags": "", "score": 1, "sha256": "174c9eb9cd6d644135c21be8bddad392815981eacd5cb9ab980b25d5309ced82"}, {"sample": "230511-qhl7tadd68", "created": "2023-05-11 13:15:46.922553 +0000 +0000", "kind": "file", "filename": "server.ps1", "tags": "family:redline,infostealer,stealer", "score": 10, "sha256": "015d7111daee1cd93cf53acdcaa498bee08ab3c7ae767534f71519bc92192fd7"}, {"sample": "230511-l416mseg21", "created": "2023-05-11 10:05:59.606667 +0000 +0000", "kind": "file", "filename": "server.ps1", "tags": "", "score": 8, "sha256": "015d7111daee1cd93cf53acdcaa498bee08ab3c7ae767534f71519bc92192fd7"}, {"sample": "230511-l4rl7seg2z", "created": "2023-05-11 10:05:31.426229 +0000 +0000", "kind": "file", "filename": "server.ps1", "tags": "family:redline,infostealer,stealer", "score": 10, "sha256": "015d7111daee1cd93cf53acdcaa498bee08ab3c7ae767534f71519bc92192fd7"}, {"sample": "230511-l4le7aeg2y", "created": "2023-05-11 10:05:14.891084 +0000 +0000", "kind": "file", "filename": "server.ps1", "tags": "family:redline,infostealer,stealer", "score": 10, "sha256": "015d7111daee1cd93cf53acdcaa498bee08ab3c7ae767534f71519bc92192fd7"}, {"sample": "230511-l2p1laef9v", "created": "2023-05-11 10:01:56.690869 +0000 +0000", "kind": "file", "filename": "1.ps1", "tags": "family:redline,infostealer,stealer", "score": 10, "sha256": "f144d9c5826fb3441d39a5a648ed00210867ddd4845398a488058c211286e6fa"}, {"sample": "230511-lwpgwaef6t", "created": "2023-05-11 09:53:10.00471 +0000 +0000", "kind": "file", "filename": "1.ps1", "tags": "", "score": 10, "sha256": "f144d9c5826fb3441d39a5a648ed00210867ddd4845398a488058c211286e6fa"}, {"sample": "230511-lwdelsch57", "created": "2023-05-11 09:52:37.805369 +0000 +0000", "kind": "file", "filename": "1.ps1", "tags": "family:redline,infostealer,stealer", "score": 10, "sha256": "f144d9c5826fb3441d39a5a648ed00210867ddd4845398a488058c211286e6fa"}, {"sample": "230510-1223gsae73", "created": "2023-05-10 22:09:33.725964 +0000 +0000", "kind": "file", "filename": "__PSScriptPolicyTest_e2wrp1zp.r14.ps1", "tags": "", "score": 1, "sha256": "96ad1146eb96877eab5942ae0736b82d8b5e2039a80d3d6932665c1a4c87dcf7"}, {"sample": "230510-yz1ersab66", "created": "2023-05-10 20:14:07.019656 +0000 +0000", "kind": "file", "filename": "stage1.ps1", "tags": "", "score": 5, "sha256": "d49144b6e8b96f4b12d37225b7adf6fd657dc663f83303e4c59271e3c6ed6bc8"}, {"sample": "230510-xg1gdahg97", "created": "2023-05-10 18:50:14.051028 +0000 +0000", "kind": "file", "filename": "target.ps1", "tags": "family:njrat,adware,discovery,evasion,persistence,spyware,stealer,trojan", "score": 10, "sha256": "ca978112ca1bbdcafac231b39a23dc4da786eff8147c4e72b9807785afee48bb"}, {"sample": "230510-xgke6ahg96", "created": "2023-05-10 18:49:28.568456 +0000 +0000", "kind": "file", "filename": "file01.ps1", "tags": "evasion,ransomware", "score": 8, "sha256": "aaa9402664f1a41f40ebbc52c9993eb66aeb366602958fdfaa283b71e64db123"}, {"sample": "230510-xc5kjabe3y", "created": "2023-05-10 18:43:28.773591 +0000 +0000", "kind": "file", "filename": "target.ps1", "tags": "persistence", "score": 7, "sha256": "15a6759494aeeddcf57b8a8886dc4cc38bfe8b14ca698d9e3065473837ffb060"}, {"sample": "230510-wnp4jsbd21", "created": "2023-05-10 18:04:17.962049 +0000 +0000", "kind": "file", "filename": "target.ps1", "tags": "", "score": 1, "sha256": "ca978112ca1bbdcafac231b39a23dc4da786eff8147c4e72b9807785afee48bb"}, {"sample": "230510-vt49zsbb3y", "created": "2023-05-10 17:17:49.098116 +0000 +0000", "kind": "file", "filename": "trigger.ps1", "tags": "brand:microsoft,discovery,persistence,phishing", "score": 8, "sha256": "ca978112ca1bbdcafac231b39a23dc4da786eff8147c4e72b9807785afee48bb"}, {"sample": "230510-vtwb3shd86", "created": "2023-05-10 17:17:23.268955 +0000 +0000", "kind": "file", "filename": "file01.ps1", "tags": "", "score": 1, "sha256": "ca978112ca1bbdcafac231b39a23dc4da786eff8147c4e72b9807785afee48bb"}, {"sample": "230510-vm5l6shc98", "created": "2023-05-10 17:07:21.072332 +0000 +0000", "kind": "file", "filename": "run.ps1", "tags": "discovery,persistence", "score": 7, "sha256": "ca978112ca1bbdcafac231b39a23dc4da786eff8147c4e72b9807785afee48bb"}, {"sample": "230510-g4w5gage2y", "created": "2023-05-10 06:22:04.567443 +0000 +0000", "kind": "file", "filename": "mememan.ps1", "tags": "collection", "score": 7, "sha256": "d06968313a2c815f0f1c2e940e08326c14d4d1a3257ad88b26954eb9952b170f"}, {"sample": "230510-afgxbadd63", "created": "2023-05-10 00:09:06.148915 +0000 +0000", "kind": "file", "filename": "rt.php.ps1", "tags": "family:netsupport,persistence,rat", "score": 10, "sha256": "842354e08fda3c3dd8320842b213e5fc2413921efd07a778994bac8790f384d4"}, {"sample": "230509-3hmjssfc2s", "created": "2023-05-09 23:30:57.284062 +0000 +0000", "kind": "file", "filename": "rt.php.ps1", "tags": "family:netsupport,persistence,rat", "score": 10, "sha256": "842354e08fda3c3dd8320842b213e5fc2413921efd07a778994bac8790f384d4"}, {"sample": "230509-3hgzbadc86", "created": "2023-05-09 23:30:42.504711 +0000 +0000", "kind": "file", "filename": "rt.php.ps1", "tags": "family:netsupport,persistence,rat", "score": 10, "sha256": "842354e08fda3c3dd8320842b213e5fc2413921efd07a778994bac8790f384d4"}, {"sample": "230509-tryhzseg2v", "created": "2023-05-09 16:18:05.273506 +0000 +0000", "kind": "file", "filename": "a.ps1", "tags": "family:cobaltstrike,botnet:0,botnet:100000,backdoor,trojan", "score": 10, "sha256": "9c9e8841d706406bc23d05589f77eec6f8df6d5e4076bc6a762fdb423bfe8c24"}, {"sample": "230509-sk93rsed3t", "created": "2023-05-09 15:12:15.088725 +0000 +0000", "kind": "file", "filename": "primer.ps1", "tags": "", "score": 8, "sha256": "7e0cf97be0aedc6b6ea4c0c83ca6e637d383947a2434f38bee11c600e35956fe"}, {"sample": "230509-sdlftsdc5w", "created": "2023-05-09 15:00:35.360479 +0000 +0000", "kind": "file", "filename": "primer.ps1", "tags": "", "score": 8, "sha256": "e53d094eb92d8fff075cd9d54f40586df92a8c04b7b4f7fba3d9a78be7fd4dc9"}, {"sample": "230509-nvy12aff45", "created": "2023-05-09 11:43:44.779552 +0000 +0000", "kind": "file", "filename": "__PSScriptPolicyTest_v25c2aul.34j.ps1", "tags": "", "score": 1, "sha256": "96ad1146eb96877eab5942ae0736b82d8b5e2039a80d3d6932665c1a4c87dcf7"}, {"sample": "230509-cz9sjsdh87", "created": "2023-05-09 02:32:01.901024 +0000 +0000", "kind": "file", "filename": "bdda44318119236174b9499616434dc0ddf2651bccae2f86ed34bc1f25f57cfa.ps1", "tags": "", "score": 1, "sha256": "bdda44318119236174b9499616434dc0ddf2651bccae2f86ed34bc1f25f57cfa"}, {"sample": "230509-blkqtsfe4t", "created": "2023-05-09 01:13:55.241184 +0000 +0000", "kind": "file", "filename": "file.ps1", "tags": "", "score": 1, "sha256": "78cc16ca81878ac28be3ac5d8bc5eeea455f455cc4ee56e137fbbf4a7caf68b3"}, {"sample": "230508-y14htace74", "created": "2023-05-08 20:16:02.330869 +0000 +0000", "kind": "file", "filename": "a.ps1", "tags": "", "score": 1, "sha256": "12c7cbf78d296ce5d51cf1f36b96c7ed6bcecf22eb400e6cf172f792ccff0838"}, {"sample": "230508-x81w8aeb6t", "created": "2023-05-08 19:32:12.651472 +0000 +0000", "kind": "file", "filename": "rt.php.ps1", "tags": "family:netsupport,persistence,rat", "score": 10, "sha256": "30633418da6249c8335bfabca3554a9bd3db4951fe312be32191f76c43b1d9f0"}, {"sample": "230508-x8xjsscd66", "created": "2023-05-08 19:32:01.646583 +0000 +0000", "kind": "file", "filename": "rt.php.ps1", "tags": "family:netsupport,persistence,rat", "score": 10, "sha256": "30633418da6249c8335bfabca3554a9bd3db4951fe312be32191f76c43b1d9f0"}, {"sample": "230508-te2d4sdc2t", "created": "2023-05-08 15:59:01.612065 +0000 +0000", "kind": "file", "filename": "test.ps1", "tags": "", "score": 1, "sha256": "aad1757cd5d6fb4183af6e75512676f1b8dafb157c50ceec1983020455cd761c"}, {"sample": "230508-q5s9msah82", "created": "2023-05-08 13:51:03.649314 +0000 +0000", "kind": "file", "filename": "32a084421d796d7059cb71d81ee59779b55bf556e82ab8d5cb5389fea36d1f33 .ps1", "tags": "family:asyncrat,botnet:default,rat", "score": 10, "sha256": "32a084421d796d7059cb71d81ee59779b55bf556e82ab8d5cb5389fea36d1f33"}, {"sample": "230508-q4f8pacf9s", "created": "2023-05-08 13:48:42.426298 +0000 +0000", "kind": "file", "filename": "32a084421d796d7059cb71d81ee59779b55bf556e82ab8d5cb5389fea36d1f33 .ps1", "tags": "family:asyncrat,botnet:default,rat", "score": 10, "sha256": "32a084421d796d7059cb71d81ee59779b55bf556e82ab8d5cb5389fea36d1f33"}, {"sample": "230507-yn4caahd8t", "created": "2023-05-07 19:56:48.707843 +0000 +0000", "kind": "file", "filename": "updater.ps1", "tags": "", "score": 8, "sha256": "f710eb7ce55cd5f5643eac91cf04a253f1f680434c55768c6115f270862420e8"}, {"sample": "230507-x4dacsfe89", "created": "2023-05-07 19:24:05.424319 +0000 +0000", "kind": "file", "filename": "target.ps1", "tags": "", "score": 1, "sha256": "ed677a02220d5b8643f095b9cf83ac8fc5e3395bb216a6940ef58e5860f8f8c4"}, {"sample": "230507-srw5gsgg8s", "created": "2023-05-07 15:22:05.797658 +0000 +0000", "kind": "file", "filename": "trigger.ps1", "tags": "", "score": 1, "sha256": "10ec57b18a16184f77783a79a4ef44b88b73a0232799bd4ee40683e933ce1c5a"}, {"sample": "230507-lcnfgaeb35", "created": "2023-05-07 09:23:24.943534 +0000 +0000", "kind": "file", "filename": "wall.ps1", "tags": "family:redline,discovery,evasion,exploit,infostealer,stealer,trojan", "score": 10, "sha256": "3398f693069b6126e9c44d6a3f03beea1b998f6da909145de0e92259084bb2ed"}, {"sample": "230507-lbag8afh2y", "created": "2023-05-07 09:21:00.483037 +0000 +0000", "kind": "file", "filename": "test.ps1.ps1", "tags": "family:redline,infostealer,stealer", "score": 10, "sha256": "758a7f8168ce5bee94ab3be7b0f49094ebbda49b29bdbf2ddc2fffe9ce00875d"}, {"sample": "230507-k8bk4sdg29", "created": "2023-05-07 09:15:49.621752 +0000 +0000", "kind": "file", "filename": "RainbowSix.ps1", "tags": "family:cobaltstrike,family:metasploit,family:redline,botnet:391144938,backdoor,infostealer,stealer,trojan", "score": 10, "sha256": "9b0a96da447a36e72d1d89ca4b1aec82ff0df3d9ffa9c712b8613f790f340aec"}, {"sample": "230507-jxtrwaad6x", "created": "2023-05-07 08:03:18.4408 +0000 +0000", "kind": "file", "filename": "e8ba5871d6005a6b63ec510869baab3e2a485e3d63d7526f19a38af0eac834ac.ps1", "tags": "family:njrat,family:redline,botnet:nyan cat,infostealer,stealer,trojan", "score": 10, "sha256": "e8ba5871d6005a6b63ec510869baab3e2a485e3d63d7526f19a38af0eac834ac"}, {"sample": "230507-ghtr8aff9y", "created": "2023-05-07 05:48:44.87986 +0000 +0000", "kind": "file", "filename": "b0119ddb0e07fb00860377ccdef2b7c49509e58118454961675eac0cef3757b4.ps1", "tags": "family:cobaltstrike,family:redline,botnet:666,backdoor,infostealer,stealer,trojan", "score": 10, "sha256": "b0119ddb0e07fb00860377ccdef2b7c49509e58118454961675eac0cef3757b4"}, {"sample": "230507-e92wssge28", "created": "2023-05-07 04:39:13.054675 +0000 +0000", "kind": "file", "filename": "94137cbe1455e824d25c59e3c5a0daf2b9274b055cf6e20800efa7713d10c1ac.ps1", "tags": "family:redline,family:revengerat,botnet:nyancatrevenge,infostealer,stealer,trojan", "score": 10, "sha256": "94137cbe1455e824d25c59e3c5a0daf2b9274b055cf6e20800efa7713d10c1ac"}, {"sample": "230506-1x98asae46", "created": "2023-05-06 22:02:57.136265 +0000 +0000", "kind": "file", "filename": "run.ps1", "tags": "", "score": 1, "sha256": "346eaf13cbd8ca00a76502c1d98a4d3d912c6bdaa2a018458abcf9f906740d29"}, {"sample": "230506-xe5cjsac73", "created": "2023-05-06 18:46:57.25403 +0000 +0000", "kind": "file", "filename": "file.ps1", "tags": "", "score": 6, "sha256": "3f79bb7b435b05321651daefd374cdc681dc06faa65e374e38337b88ca046dea"}, {"sample": "230506-wr4q4sab93", "created": "2023-05-06 18:10:13.641461 +0000 +0000", "kind": "file", "filename": "OneDriveUpdater.ps1", "tags": "discovery,persistence", "score": 10, "sha256": "bf07cccf18fff803ac1fe3cf301fd43bf76a0993dc07c691f4ab9ed40d3d809c"}, {"sample": "230506-t7tjzacb6t", "created": "2023-05-06 16:42:20.302464 +0000 +0000", "kind": "file", "filename": "Harden-Windows-Security.ps1", "tags": "family:redline,infostealer,stealer", "score": 10, "sha256": "d31f0082e10b00bf5b5aac589669a36335f5148b144cfb4d8664b915b4f217c3"}, {"sample": "230506-t57c2shh92", "created": "2023-05-06 16:39:29.543284 +0000 +0000", "kind": "file", "filename": "Harden-Windows-Security.ps1", "tags": "family:redline,infostealer,stealer", "score": 10, "sha256": "d31f0082e10b00bf5b5aac589669a36335f5148b144cfb4d8664b915b4f217c3"}, {"sample": "230506-mp2pasgg94", "created": "2023-05-06 10:39:13.934771 +0000 +0000", "kind": "file", "filename": "wall.ps1", "tags": "discovery,evasion,exploit,trojan", "score": 10, "sha256": "3398f693069b6126e9c44d6a3f03beea1b998f6da909145de0e92259084bb2ed"}, {"sample": "230506-mlwnwagg68", "created": "2023-05-06 10:33:42.043876 +0000 +0000", "kind": "file", "filename": "2.ps1", "tags": "evasion", "score": 8, "sha256": "7bc827c5ae47f5472a574407faeec1dc8bc7123602444ea07cbf8805b5f0683b"}, {"sample": "230505-w44xmsdd56", "created": "2023-05-05 18:29:27.703178 +0000 +0000", "kind": "file", "filename": "target.ps1", "tags": "", "score": 1, "sha256": "4f51e7676a4d54c1962760ca0ac81beb28008451511af96652c31f4f40e8eb8e"}, {"sample": "230505-w2fr2afa6x", "created": "2023-05-05 18:24:48.886182 +0000 +0000", "kind": "url", "filename": "https://github.com/FuzzySecurity/PowerShell-Suite/blob/master/Bypass-UAC/Bypass-UAC.ps1", "tags": "", "score": 1, "sha256": ""}, {"sample": "230505-vjydpabe83", "created": "2023-05-05 17:01:46.798061 +0000 +0000", "kind": "file", "filename": "bdda44318119236174b9499616434dc0ddf2651bccae2f86ed34bc1f25f57cfa.ps1", "tags": "", "score": 1, "sha256": "bdda44318119236174b9499616434dc0ddf2651bccae2f86ed34bc1f25f57cfa"}, {"sample": "230505-p7t4aace8v", "created": "2023-05-05 12:58:40.856403 +0000 +0000", "kind": "file", "filename": "bfdfgd.ps1", "tags": "", "score": 1, "sha256": "81d2b2c5aaa02db65083d42a1e7b959c0ef083247ba1518d3ecb8665c2905aa3"}, {"sample": "230505-p7t4aaaf74", "created": "2023-05-05 12:58:40.565096 +0000 +0000", "kind": "file", "filename": "vd.ps1", "tags": "", "score": 1, "sha256": "ae6e21901ced549e39087ba03abf3c792c1e897f0f7f50fc2bb2d908d43cd8d7"}, {"sample": "230505-pbxvasac46", "created": "2023-05-05 12:09:53.199119 +0000 +0000", "kind": "file", "filename": "YATZTASHQx6187Z.ps1", "tags": "", "score": 1, "sha256": "b19463cb9b847bdfc7dbf8133d9702d0a0ecc4175335c4a75db211e0196f84b3"}, {"sample": "230505-pbwl8sac44", "created": "2023-05-05 12:09:49.139839 +0000 +0000", "kind": "file", "filename": "exclusion.ps1", "tags": "", "score": 1, "sha256": "8abf3ca4ea2059e586c142a28bb7928b6879512291e0335b672e6a631c802392"}, {"sample": "230505-pbwbgaac43", "created": "2023-05-05 12:09:48.302428 +0000 +0000", "kind": "file", "filename": "testingexclu.ps1", "tags": "", "score": 10, "sha256": "269d8ce9253cfbba3d498bbced1125482014a2298d89ca69472b77255bbeb3be"}, {"sample": "230505-pbv1pscb6x", "created": "2023-05-05 12:09:47.907376 +0000 +0000", "kind": "file", "filename": "testingexclu.ps1", "tags": "", "score": 10, "sha256": "ea3e2f17b0bf20818c4c759f91fd35d656cad379f4564ba9bbde6a5347cf2d23"}, {"sample": "230505-nzah8sab34", "created": "2023-05-05 11:49:33.379858 +0000 +0000", "kind": "file", "filename": "ngQsFaLZBvYK.ps1", "tags": "", "score": 1, "sha256": "7515bf959b73b956ceb967351c7e299cbb3668a53d35f9c770eb72e00d93ced6"}, {"sample": "230505-ny98gaab33", "created": "2023-05-05 11:49:32.381204 +0000 +0000", "kind": "file", "filename": "main.ps1", "tags": "", "score": 1, "sha256": "7515bf959b73b956ceb967351c7e299cbb3668a53d35f9c770eb72e00d93ced6"}, {"sample": "230504-15l6fahc51", "created": "2023-05-04 22:14:02.938823 +0000 +0000", "kind": "file", "filename": "b0119ddb0e07fb00860377ccdef2b7c49509e58118454961675eac0cef3757b4.ps1", "tags": "family:cobaltstrike,botnet:666,backdoor,trojan", "score": 10, "sha256": "b0119ddb0e07fb00860377ccdef2b7c49509e58118454961675eac0cef3757b4"}, {"sample": "230504-xeglgsgc6z", "created": "2023-05-04 18:45:49.74529 +0000 +0000", "kind": "file", "filename": "rt.php.ps1", "tags": "family:netsupport,persistence,rat", "score": 10, "sha256": "2eb1014d45eed0b25e13dd7efa3919f7ea88ac4e6f0221406b52c82044ee620e"}, {"sample": "230504-twvmwsdf99", "created": "2023-05-04 16:24:55.749137 +0000 +0000", "kind": "file", "filename": "code.ps1", "tags": "", "score": 7, "sha256": "c33f58730effff58f7768a19ded3524954fb50067a069026b5869fa664624224"}, {"sample": "230504-s115ssdd55", "created": "2023-05-04 15:36:17.278549 +0000 +0000", "kind": "file", "filename": "529f38_901d2a7f7b5046d1907ef2b4c6d3c807.ps1", "tags": "", "score": 1, "sha256": "d67ee8c031e50860e2e5fce7a5bc68fa4e16c823b8358a5b4b9b736c47dc60b1"}, {"sample": "230504-s1k4ksdd52", "created": "2023-05-04 15:35:31.707386 +0000 +0000", "kind": "file", "filename": "529f38_901d2a7f7b5046d1907ef2b4c6d3c807.ps1", "tags": "", "score": 1, "sha256": "d67ee8c031e50860e2e5fce7a5bc68fa4e16c823b8358a5b4b9b736c47dc60b1"}, {"sample": "230504-rctv5sch26", "created": "2023-05-04 14:03:19.298413 +0000 +0000", "kind": "file", "filename": "run.ps1", "tags": "", "score": 1, "sha256": "a8466420ed7171fa77eaa454c7065ead1145b71754bacc289c40fce4965dbc0d"}, {"sample": "230504-q89e2aef4w", "created": "2023-05-04 13:57:04.577024 +0000 +0000", "kind": "file", "filename": "C.jpg.ps1", "tags": "family:asyncrat,botnet:coffee,rat", "score": 10, "sha256": "296389b0339e15e62f5790d00ed58c9da8dd7ed8d8ac817667295e5306db30da"}, {"sample": "230504-q89e2aef4v", "created": "2023-05-04 13:57:04.446139 +0000 +0000", "kind": "file", "filename": "B.jpg.ps1", "tags": "family:asyncrat,botnet:coffee,rat", "score": 10, "sha256": "df3d882332ccedd588c8bd095b4693cffb9d1a3b8359e6f005e16a9ebdce16aa"}, {"sample": "230504-q89e2aef4t", "created": "2023-05-04 13:57:04.287517 +0000 +0000", "kind": "file", "filename": "A.jpg.ps1", "tags": "family:asyncrat,botnet:coffee,rat", "score": 10, "sha256": "ad2d9acbedafbab48db73b94a4274784df7c51fb015beefbf34a64504f791dc3"}, {"sample": "230504-q89e2aef4s", "created": "2023-05-04 13:57:04.181595 +0000 +0000", "kind": "file", "filename": "Final.txt.ps1", "tags": "family:asyncrat,botnet:coffee,rat", "score": 10, "sha256": "25602fcedc578641e99eb96b67920bab6221be5e943fab2b55be16ae9e38e9f5"}, {"sample": "230504-pnppfseb3v", "created": "2023-05-04 12:28:43.085936 +0000 +0000", "kind": "file", "filename": "launcher.ps1", "tags": "", "score": 8, "sha256": "dd218b6d3d2d6ddd595ac99fde47a0cd9fe691a950d4137243fed67b2542576c"}, {"sample": "230504-nz5dlsdh6v", "created": "2023-05-04 11:51:01.778667 +0000 +0000", "kind": "file", "filename": "12.ps1", "tags": "family:netsupport,persistence,rat", "score": 10, "sha256": "3bfc8c8fd3e67f4c8e3f3dd06073ec6452e57204f30f903dd96389753ad69522"}, {"sample": "230504-ns8gpadh2y", "created": "2023-05-04 11:40:42.717752 +0000 +0000", "kind": "file", "filename": "12.ps1", "tags": "family:netsupport,persistence,rat", "score": 10, "sha256": "3bfc8c8fd3e67f4c8e3f3dd06073ec6452e57204f30f903dd96389753ad69522"}, {"sample": "230504-k7tejadb2y", "created": "2023-05-04 09:14:56.112897 +0000 +0000", "kind": "file", "filename": "__PSScriptPolicyTest_xkijj3r5.nht.ps1", "tags": "", "score": 1, "sha256": "96ad1146eb96877eab5942ae0736b82d8b5e2039a80d3d6932665c1a4c87dcf7"}, {"sample": "230504-kwszmabb77", "created": "2023-05-04 08:57:26.194387 +0000 +0000", "kind": "file", "filename": "__PSScriptPolicyTest_rrarrrvp.dw3.ps1", "tags": "", "score": 1, "sha256": "96ad1146eb96877eab5942ae0736b82d8b5e2039a80d3d6932665c1a4c87dcf7"}, {"sample": "230504-j4jkgscg8y", "created": "2023-05-04 08:13:17.441794 +0000 +0000", "kind": "file", "filename": "test.ps1", "tags": "", "score": 1, "sha256": "5500275416891f62ec31a6683ecb60945d9d2f6eab6745c7952ecf66eaef2c5c"}, {"sample": "230504-j31glsah59", "created": "2023-05-04 08:12:21.2093 +0000 +0000", "kind": "file", "filename": "test.ps1", "tags": "", "score": 1, "sha256": "5500275416891f62ec31a6683ecb60945d9d2f6eab6745c7952ecf66eaef2c5c"}, {"sample": "230504-j2y76aah54", "created": "2023-05-04 08:10:32.101985 +0000 +0000", "kind": "file", "filename": "test.ps1", "tags": "", "score": 1, "sha256": "5500275416891f62ec31a6683ecb60945d9d2f6eab6745c7952ecf66eaef2c5c"}, {"sample": "230504-hpfdvaad89", "created": "2023-05-04 06:54:28.220939 +0000 +0000", "kind": "file", "filename": "trigger.ps1", "tags": "", "score": 1, "sha256": "4d0c2ad71b57812aefe9080167f549803e0ba0cb17dd48941dacb5527a80d875"}, {"sample": "230504-bghqnshd58", "created": "2023-05-04 01:06:49.863857 +0000 +0000", "kind": "file", "filename": "file.png.ps1", "tags": "spyware,stealer", "score": 8, "sha256": "82b8df2997ae0418ab2740d6c7cc9efb1ce344d76a782ae54d62456ddcbcb730"}, {"sample": "230503-z8vfjsgf47", "created": "2023-05-03 21:23:45.316159 +0000 +0000", "kind": "url", "filename": "https://yousefjameh.com/new/sets.ps1", "tags": "", "score": 1, "sha256": ""}, {"sample": "230503-z8dg2agf44", "created": "2023-05-03 21:22:56.580236 +0000 +0000", "kind": "url", "filename": "https://yousefjameh.com/new/sets.ps1", "tags": "", "score": 1, "sha256": ""}, {"sample": "230503-zhgrrsge22", "created": "2023-05-03 20:42:55.729919 +0000 +0000", "kind": "file", "filename": "file01.ps1", "tags": "", "score": 7, "sha256": "62bb3e351950d9f5d7f8ed10bfae6fa61dddb02dcfbaa1a5a27f805d3c861df9"}, {"sample": "230503-v39wtsff56", "created": "2023-05-03 17:32:03.464844 +0000 +0000", "kind": "file", "filename": "win64.ps1", "tags": "", "score": 10, "sha256": "e8c4ec795a14587d3b3ce34b73eca090ea9d9957fb612300abc6239ec293eb26"}, {"sample": "230503-va1sfshd2w", "created": "2023-05-03 16:47:55.967233 +0000 +0000", "kind": "file", "filename": "script.ps1", "tags": "", "score": 1, "sha256": "85103a5a0773cba538f5ee1d5734c9619eb5a3b076e930b4b631ded853e1ceaa"}, {"sample": "230503-tvb46afc79", "created": "2023-05-03 16:22:16.570645 +0000 +0000", "kind": "file", "filename": "uwu.ps1", "tags": "", "score": 10, "sha256": "1a2d540d0b1df9c28285fa09638cef94ff58a65646f7cc60f9e6d307e0b3faf0"}, {"sample": "230503-st24hsha6v", "created": "2023-05-03 15:25:51.831774 +0000 +0000", "kind": "file", "filename": "ps1.ps1.ps1", "tags": "", "score": 8, "sha256": "3be48d4c420c6391f72bfe4c0122f6fbb1d2a0ee0f95dc9e916828ee12540442"}, {"sample": "230503-skstgsfb28", "created": "2023-05-03 15:11:25.681025 +0000 +0000", "kind": "file", "filename": "rt.php.ps1", "tags": "family:netsupport,persistence,rat", "score": 10, "sha256": "1dce41709afb5b3f6bf107b81fc35bdba4664796c99b0d8b478fd05512395551"}, {"sample": "230503-r64bnsgh51", "created": "2023-05-03 14:49:12.998018 +0000 +0000", "kind": "file", "filename": "netsprtmay3ver2.ps1", "tags": "", "score": 1, "sha256": "33b8a4417c6b5bc3f732194b05e74eb71c72d2455d72bef30ec5e365ec0f35ca"}, {"sample": "230503-r5l11agh41", "created": "2023-05-03 14:46:38.866792 +0000 +0000", "kind": "file", "filename": "ntsprt_3_may.ps1", "tags": "", "score": 1, "sha256": "33b8a4417c6b5bc3f732194b05e74eb71c72d2455d72bef30ec5e365ec0f35ca"}, {"sample": "230503-mmxybsec84", "created": "2023-05-03 10:35:31.560646 +0000 +0000", "kind": "file", "filename": "31.13.71.7:443.ps1", "tags": "", "score": 1, "sha256": "de3bbd0fd7945e42581643b18cdf28dd3ed61d9c3d541b7b016081564b65a3f3"}, {"sample": "230503-g8bz4aff6w", "created": "2023-05-03 06:28:04.222269 +0000 +0000", "kind": "file", "filename": "P78.ps1", "tags": "", "score": 1, "sha256": "70643fdf0ada7130ac0c7eeb0a9df30eb8ab15a9094dcafa9ee360d53e570be5"}, {"sample": "230503-d5b9xafd6z", "created": "2023-05-03 03:35:04.178326 +0000 +0000", "kind": "file", "filename": "LBB_PS1_obfuscated.ps1", "tags": "family:lockbit,ransomware", "score": 10, "sha256": "925191be26b5087f04a6616fae9fbb71b8e09f80591cf4608d49076a5c0015ca"}, {"sample": "230502-194ahscg93", "created": "2023-05-02 22:21:51.405676 +0000 +0000", "kind": "file", "filename": "gb.php.ps1", "tags": "collection,evasion", "score": 8, "sha256": "b22a7e5d078997aa1144b6fe13f2943cfc7a1638fc8ae1e061b96bb14758770e"}, {"sample": "230502-19zbkaee8y", "created": "2023-05-02 22:21:38.056028 +0000 +0000", "kind": "file", "filename": "decoded-1.ps1", "tags": "", "score": 1, "sha256": "52bdd4653e1cbaa1d004da2095b163282fab99a7646192c53a941aa5fa6b04bc"}, {"sample": "230502-19grhscg89", "created": "2023-05-02 22:20:47.219854 +0000 +0000", "kind": "file", "filename": "gb.php.ps1", "tags": "collection,evasion", "score": 8, "sha256": "b22a7e5d078997aa1144b6fe13f2943cfc7a1638fc8ae1e061b96bb14758770e"}, {"sample": "230502-13ezcacg45", "created": "2023-05-02 22:10:12.550479 +0000 +0000", "kind": "file", "filename": "Get-Azure.ps1", "tags": "", "score": 1, "sha256": "8486152be53e5af0413e0eb4cd4fb085ea91bc6966c4ade0ef78ce7b10135bf7"}, {"sample": "230502-z2w1ssed31", "created": "2023-05-02 21:13:21.269713 +0000 +0000", "kind": "file", "filename": "Beslutningens.ps1", "tags": "", "score": 1, "sha256": "bf7c6fa6b6e79bd50d3e2d2dbbfd1ee68ada1d147323324f370c650b98f3a169"}, {"sample": "230502-w8brnacb23", "created": "2023-05-02 18:35:04.732046 +0000 +0000", "kind": "file", "filename": "rt.php.ps1", "tags": "family:netsupport,persistence,rat", "score": 10, "sha256": "4eb2259d009b63778d7857de4d2d0753a47e2549abe6994647d9bafa4a663113"}, {"sample": "230502-qz9dnsda9w", "created": "2023-05-02 13:43:05.973251 +0000 +0000", "kind": "file", "filename": "LBB_PS1_obfuscated.ps1", "tags": "family:lockbit,ransomware", "score": 10, "sha256": "925191be26b5087f04a6616fae9fbb71b8e09f80591cf4608d49076a5c0015ca"}, {"sample": "230502-kdd3raca8y", "created": "2023-05-02 08:28:46.727367 +0000 +0000", "kind": "file", "filename": "malv.ps1", "tags": "discovery,persistence", "score": 10, "sha256": "6d779df409a6dcb2d94d8757c4bfae82f7fdcabe7ed51db81f4e6cd7dc69f023"}, {"sample": "230501-3p7tbaah7y", "created": "2023-05-01 23:42:26.692652 +0000 +0000", "kind": "file", "filename": "414E7993B94A9867.ps1", "tags": "", "score": 10, "sha256": "5c5649ac19b99acf4386afc2d74b95f5901d8302bcf45d9024848b8007577124"}, {"sample": "230501-2fjjpagh88", "created": "2023-05-01 22:31:22.599549 +0000 +0000", "kind": "file", "filename": "file01.ps1", "tags": "", "score": 1, "sha256": "50512b0b8603be62fd3ff404b658afce48729543217b9c7db207c9f7b86c994d"}, {"sample": "230501-z7cjcaaf3s", "created": "2023-05-01 21:21:08.049909 +0000 +0000", "kind": "file", "filename": "089dfe5e-0f5f-41b3-b545-2ffaca06a599-dom.ps1", "tags": "", "score": 1, "sha256": "5e44991f8b5ba10f0f34fcdf331b2ee24bd1d1c958f88ef38a8c77dd63385e46"}, {"sample": "230501-z5vbdaaf2x", "created": "2023-05-01 21:18:30.548995 +0000 +0000", "kind": "file", "filename": "089dfe5e-0f5f-41b3-b545-2ffaca06a599-dom.ps1", "tags": "", "score": 1, "sha256": "5e44991f8b5ba10f0f34fcdf331b2ee24bd1d1c958f88ef38a8c77dd63385e46"}, {"sample": "230501-z3tbasae9z", "created": "2023-05-01 21:14:57.466299 +0000 +0000", "kind": "file", "filename": "089dfe5e-0f5f-41b3-b545-2ffaca06a599-dom.ps1", "tags": "", "score": 1, "sha256": "5e44991f8b5ba10f0f34fcdf331b2ee24bd1d1c958f88ef38a8c77dd63385e46"}, {"sample": "230501-zxyntsgg23", "created": "2023-05-01 21:06:27.414813 +0000 +0000", "kind": "file", "filename": "ss.ps1", "tags": "family:redline,infostealer,stealer", "score": 10, "sha256": "79b91f477ba1500cddd5861b7db855d90d4a10c6fbd5857f22d51c9cfe9020ec"}, {"sample": "230501-zsbcqsae6t", "created": "2023-05-01 20:58:21.719207 +0000 +0000", "kind": "file", "filename": "script.ps1", "tags": "", "score": 1, "sha256": "18ac3e7343f016890c510e93f935261169d9e3f565436429830faf0934f4f8e4"}, {"sample": "230501-znvwksgf76", "created": "2023-05-01 20:52:19.732896 +0000 +0000", "kind": "file", "filename": "script.ps1", "tags": "macos", "score": 1, "sha256": "18ac3e7343f016890c510e93f935261169d9e3f565436429830faf0934f4f8e4"}, {"sample": "230501-zl1n2sgf72", "created": "2023-05-01 20:49:05.337683 +0000 +0000", "kind": "file", "filename": "code.ps1", "tags": "", "score": 1, "sha256": "18ac3e7343f016890c510e93f935261169d9e3f565436429830faf0934f4f8e4"}, {"sample": "230501-zk8chagf69", "created": "2023-05-01 20:47:42.081608 +0000 +0000", "kind": "file", "filename": "target.ps1", "tags": "", "score": 1, "sha256": "a7f4c72c2c6c5ec5aa04cc2778dfe34b2a5f055ad73b89cb95de20ec8917d1a3"}, {"sample": "230501-x8j9gafg68", "created": "2023-05-01 19:31:24.297228 +0000 +0000", "kind": "file", "filename": "DetectionScript.ps1", "tags": "", "score": 10, "sha256": "75fac86d6599706fed56e03491268d34ac6fb75ef698c75019267399e1f18120"}, {"sample": "230501-sbdyzagb27", "created": "2023-05-01 14:56:44.683154 +0000 +0000", "kind": "file", "filename": "rt.php.ps1", "tags": "family:netsupport,persistence,rat", "score": 10, "sha256": "b7ab0fa3c0a05db85320a477eebfd7874790839ead4b63f268964e237593b9b6"}, {"sample": "230501-qd9sbafe87", "created": "2023-05-01 13:09:54.802249 +0000 +0000", "kind": "file", "filename": "4cda73d646e70285b57271a70147ce94eb6d9a12.ps1", "tags": "family:lockbit,ransomware", "score": 10, "sha256": "925191be26b5087f04a6616fae9fbb71b8e09f80591cf4608d49076a5c0015ca"}, {"sample": "230501-j9kdzaeg74", "created": "2023-05-01 08:22:04.201686 +0000 +0000", "kind": "file", "filename": "B.PNG.ps1", "tags": "family:asyncrat,botnet:default,rat", "score": 10, "sha256": "e2e4ce0315ef9f241c5d3ab09ccc9de3f8bd71f5388d8a4dd7fadd0a1110f266"}, {"sample": "230501-j9kdzaeg73", "created": "2023-05-01 08:22:04.108852 +0000 +0000", "kind": "file", "filename": "t.png.ps1", "tags": "family:asyncrat,botnet:default,rat", "score": 10, "sha256": "6e39cc4bf7d911b9b6b47d0ca860df4b405386a8232943cd9e4a7f03d2027c0c"}, {"sample": "230501-j9j37seg72", "created": "2023-05-01 08:22:03.961048 +0000 +0000", "kind": "file", "filename": "t.png.ps1", "tags": "family:asyncrat,botnet:default,rat", "score": 10, "sha256": "bf2d33230f6da074a70938e96042a56f340d26b34511ddd254e10a0293f746b6"}, {"sample": "230501-hft6msgf2w", "created": "2023-05-01 06:41:11.583211 +0000 +0000", "kind": "file", "filename": "28db73fc1d832083d326fa36f30f26722e27548bfae052557d587ddbc213f9f5.ps1", "tags": "", "score": 1, "sha256": "28db73fc1d832083d326fa36f30f26722e27548bfae052557d587ddbc213f9f5"}, {"sample": "230430-qnrz9ahg66", "created": "2023-04-30 13:24:46.219433 +0000 +0000", "kind": "file", "filename": "Malware.ps1.ps1", "tags": "", "score": 10, "sha256": "0220bf32101cc55023f8821a74e89d82796fe743e79973e588c448819939507b"}, {"sample": "230430-nhfnxsbc8w", "created": "2023-04-30 11:23:37.708029 +0000 +0000", "kind": "file", "filename": "LBB_PS1_obfuscated.ps1", "tags": "family:lockbit,ransomware", "score": 10, "sha256": "925191be26b5087f04a6616fae9fbb71b8e09f80591cf4608d49076a5c0015ca"}, {"sample": "230430-ndvmaahe59", "created": "2023-04-30 11:17:20.657238 +0000 +0000", "kind": "file", "filename": "LBB_PS1_obfuscated.ps1", "tags": "family:lockbit,ransomware", "score": 10, "sha256": "925191be26b5087f04a6616fae9fbb71b8e09f80591cf4608d49076a5c0015ca"}, {"sample": "230430-nblatshe58", "created": "2023-04-30 11:13:23.62303 +0000 +0000", "kind": "file", "filename": "LBB_PS1_obfuscated.ps1", "tags": "", "score": 5, "sha256": "925191be26b5087f04a6616fae9fbb71b8e09f80591cf4608d49076a5c0015ca"}, {"sample": "230430-mqqnesbb6z", "created": "2023-04-30 10:40:25.284448 +0000 +0000", "kind": "file", "filename": "target.ps1", "tags": "", "score": 1, "sha256": "9851d93cc23bbbd3cfbf8d02e0e3ca7001e95d2f97d9247bf3cc34e48e85478e"}, {"sample": "230430-l2jhtahd29", "created": "2023-04-30 10:01:38.491246 +0000 +0000", "kind": "file", "filename": "target.ps1", "tags": "", "score": 1, "sha256": "0d426e83b0357558644122eb0447e5837d26bd8c95b5a2fb682053a36b25bee1"}, {"sample": "230430-lze3lshd27", "created": "2023-04-30 09:57:57.920907 +0000 +0000", "kind": "file", "filename": "target.ps1", "tags": "", "score": 1, "sha256": "d177a2765ec530239c27a6540ad9ac849bc3e33be621d4512cdd77ff5325f255"}, {"sample": "230430-geetwsgg58", "created": "2023-04-30 05:42:47.394983 +0000 +0000", "kind": "file", "filename": "16daecf77f7537b525c3488108cedb1827a30e65867caff330be6fa4a7d3fa38.ps1", "tags": "", "score": 8, "sha256": "16daecf77f7537b525c3488108cedb1827a30e65867caff330be6fa4a7d3fa38"}, {"sample": "230430-e4xpwsad5w", "created": "2023-04-30 04:30:15.577729 +0000 +0000", "kind": "file", "filename": "hegel.ps1", "tags": "", "score": 1, "sha256": "4cafad8aaf70c8b4295ccb81efa1c71cbc094b4cb8869a5a1e96e5acefdbded4"}, {"sample": "230428-yx72tsaa61", "created": "2023-04-28 20:10:58.995626 +0000 +0000", "kind": "file", "filename": "__PSScriptPolicyTest_epv5gyyw.t3z.ps1", "tags": "", "score": 1, "sha256": "96ad1146eb96877eab5942ae0736b82d8b5e2039a80d3d6932665c1a4c87dcf7"}, {"sample": "230428-qpzrgsgb5z", "created": "2023-04-28 13:26:53.105727 +0000 +0000", "kind": "file", "filename": "sample.ps1.ps1", "tags": "family:netsupport,persistence,rat", "score": 10, "sha256": "6d5447309aa65dbb479d8094d7576aed61a53225291445d34daea4c108af3440"}, {"sample": "230428-nd1hjadf29", "created": "2023-04-28 11:17:36.243968 +0000 +0000", "kind": "file", "filename": "run.ps1", "tags": "", "score": 1, "sha256": "f733d194ed777d6265f1335e2d96edeb84cc1c30bb72e4105a6948b4c2ff617a"}, {"sample": "230428-lebvfsfa51", "created": "2023-04-28 09:26:19.919644 +0000 +0000", "kind": "file", "filename": "script.ps1", "tags": "discovery,persistence", "score": 10, "sha256": "6d779df409a6dcb2d94d8757c4bfae82f7fdcabe7ed51db81f4e6cd7dc69f023"}, {"sample": "230427-tardcaae9t", "created": "2023-04-27 15:51:32.759638 +0000 +0000", "kind": "file", "filename": "rt.php.ps1", "tags": "family:netsupport,persistence,rat", "score": 10, "sha256": "0c5131c52c7bc83bf9bdb665aa0db9d9c8829af680f963f5e25d72dc26c568dc"}, {"sample": "230427-sxzskagd69", "created": "2023-04-27 15:30:58.172938 +0000 +0000", "kind": "file", "filename": "rt.php.ps1", "tags": "family:netsupport,persistence,rat", "score": 10, "sha256": "0c5131c52c7bc83bf9bdb665aa0db9d9c8829af680f963f5e25d72dc26c568dc"}, {"sample": "230427-kqqmbagf2w", "created": "2023-04-27 08:48:34.852149 +0000 +0000", "kind": "url", "filename": "https://img.qyinter.cn/xt.ps1", "tags": "", "score": 8, "sha256": ""}, {"sample": "230426-yd3m1abe25", "created": "2023-04-26 19:41:02.801159 +0000 +0000", "kind": "file", "filename": "prob.ps1.txt.ps1", "tags": "", "score": 8, "sha256": "be2a8300c0e53a9e742c6bf62b97626fd047ae872bb836bfd02bdc597d3b08c2"}, {"sample": "230426-ya1dgadc9t", "created": "2023-04-26 19:35:40.955376 +0000 +0000", "kind": "file", "filename": "ff.ps1", "tags": "", "score": 10, "sha256": "2a15118ca8c0fcf630753f742c10e292ebe09f88994b3ba282d7656e6033b703"}, {"sample": "230426-v1m92scf7s", "created": "2023-04-26 17:27:29.333203 +0000 +0000", "kind": "file", "filename": "doc.ps1", "tags": "persistence", "score": 10, "sha256": "2ba36fbdb1ade985521f651d2fef8667b788658b87423297fddb88f70fbbd411"}, {"sample": "230426-tzhgqsae59", "created": "2023-04-26 16:29:33.435937 +0000 +0000", "kind": "file", "filename": "ff.ps1", "tags": "discovery", "score": 10, "sha256": "2a15118ca8c0fcf630753f742c10e292ebe09f88994b3ba282d7656e6033b703"}, {"sample": "230426-qhlahsbd7x", "created": "2023-04-26 13:15:43.867438 +0000 +0000", "kind": "file", "filename": "OneDriveUpdater.ps1", "tags": "discovery,persistence", "score": 10, "sha256": "bf07cccf18fff803ac1fe3cf301fd43bf76a0993dc07c691f4ab9ed40d3d809c"}, {"sample": "230426-nwznysah5s", "created": "2023-04-26 11:45:31.002826 +0000 +0000", "kind": "file", "filename": "OneDriveUpdater.ps1", "tags": "discovery,persistence", "score": 10, "sha256": "bf07cccf18fff803ac1fe3cf301fd43bf76a0993dc07c691f4ab9ed40d3d809c"}, {"sample": "230426-m4jf9sgg96", "created": "2023-04-26 11:01:03.07663 +0000 +0000", "kind": "file", "filename": "doc.ps1", "tags": "family:netsupport,persistence,rat", "score": 10, "sha256": "2ba36fbdb1ade985521f651d2fef8667b788658b87423297fddb88f70fbbd411"}, {"sample": "230426-hj7k5sff29", "created": "2023-04-26 06:47:03.362554 +0000 +0000", "kind": "file", "filename": "st.ps1", "tags": "", "score": 8, "sha256": "7f5fb027de46a8cf2436d2e7a768150d63154cb02379ef34f504367cf3bb9cf4"}, {"sample": "230426-gmwsdafd49", "created": "2023-04-26 05:55:50.125964 +0000 +0000", "kind": "file", "filename": "35fb99c59c455149681bf4f4ee45db416d45488a7451ac353b0758ab5793d0dc.ps1", "tags": "", "score": 1, "sha256": "35fb99c59c455149681bf4f4ee45db416d45488a7451ac353b0758ab5793d0dc"}, {"sample": "230425-w57pxscc55", "created": "2023-04-25 18:31:21.398979 +0000 +0000", "kind": "file", "filename": "non.ps1", "tags": "", "score": 10, "sha256": "1cf5a0063f76369b9c23a6c1c64825eb7f4b0ed1ca465ec09ffa04ab0cb24ffb"}, {"sample": "230425-w1gb6scc26", "created": "2023-04-25 18:23:05.576002 +0000 +0000", "kind": "file", "filename": "non.ps1", "tags": "", "score": 10, "sha256": "1cf5a0063f76369b9c23a6c1c64825eb7f4b0ed1ca465ec09ffa04ab0cb24ffb"}, {"sample": "230425-wwhdnscb87", "created": "2023-04-25 18:16:09.003989 +0000 +0000", "kind": "file", "filename": "oui.ps1", "tags": "evasion", "score": 10, "sha256": "f955f82c4df93b8891632b5aaddb7aea5d91fc55b134a38dc32238b0fab4efad"}, {"sample": "230425-wrlwascb65", "created": "2023-04-25 18:09:21.831005 +0000 +0000", "kind": "file", "filename": "oui.ps1", "tags": "evasion", "score": 10, "sha256": "9621c8923e0f953c6f01c646d05e235fe7e227edb61b643528ccf26dd40562d0"}, {"sample": "230425-wppt6sea3t", "created": "2023-04-25 18:06:01.063387 +0000 +0000", "kind": "file", "filename": "oui.ps1", "tags": "evasion", "score": 10, "sha256": "391b4df69632989f15a9ca325486be615f30de2c77f20f3e7488dc7999ec2744"}, {"sample": "230425-wn795aea2w", "created": "2023-04-25 18:05:10.679276 +0000 +0000", "kind": "file", "filename": "oui.ps1", "tags": "", "score": 10, "sha256": "fbd3dfda39a4436d59f05601f38246ac3b86b2c825d5d2d46e6572aa088190f2"}, {"sample": "230425-wm6d5sdh91", "created": "2023-04-25 18:03:19.128984 +0000 +0000", "kind": "file", "filename": "oui.ps1", "tags": "evasion", "score": 10, "sha256": "796a3460598aeb87c3d019533b59a5a77f8295e97d7e65f7d56c75a531d5ddf9"}, {"sample": "230425-vqgphsdf4t", "created": "2023-04-25 17:11:27.372431 +0000 +0000", "kind": "file", "filename": "rt.php.ps1", "tags": "family:netsupport,persistence,rat", "score": 10, "sha256": "10f148de0455447160996854eaf8539173b64fabe239d099b096a6474ae7a314"}, {"sample": "230425-t867fsdd8t", "created": "2023-04-25 16:44:43.973761 +0000 +0000", "kind": "file", "filename": "netsupport_sample.ps1", "tags": "family:netsupport,persistence,rat", "score": 10, "sha256": "86cad91068737e6df44bef19e2718b165e91f98156618f433f588cfd349a50c1"}, {"sample": "230425-tv38msbd94", "created": "2023-04-25 16:23:35.492311 +0000 +0000", "kind": "file", "filename": "rt.php.ps1", "tags": "family:netsupport,persistence,rat", "score": 10, "sha256": "10f148de0455447160996854eaf8539173b64fabe239d099b096a6474ae7a314"}, {"sample": "230425-tc1d2abc77", "created": "2023-04-25 15:55:28.89922 +0000 +0000", "kind": "file", "filename": "tryme.ps1", "tags": "", "score": 1, "sha256": "fc9da60ea75819923b8a947dfe2ac25422bc534ae45b680bb8b177cb2e90415d"}, {"sample": "230425-rwsgescf6z", "created": "2023-04-25 14:32:57.56526 +0000 +0000", "kind": "file", "filename": "trigger.ps1", "tags": "family:netsupport,persistence,rat", "score": 10, "sha256": "db25d074d26fbeac410fe497a3f1ccd3fa6e3a6e5c718a7ddc9d734e3e8cfa4c"}, {"sample": "230425-rlbqxscf2t", "created": "2023-04-25 14:16:25.986715 +0000 +0000", "kind": "file", "filename": "script.ps1", "tags": "", "score": 1, "sha256": "3ddc540b350eff5dc0411ffd276d891bcefc5ea6e27c8913cbf06aaa396cf3a5"}, {"sample": "230425-rkdtwsag66", "created": "2023-04-25 14:14:47.459901 +0000 +0000", "kind": "file", "filename": "file01.ps1", "tags": "", "score": 1, "sha256": "3ddc540b350eff5dc0411ffd276d891bcefc5ea6e27c8913cbf06aaa396cf3a5"}, {"sample": "230425-rjttqace9t", "created": "2023-04-25 14:13:48.900994 +0000 +0000", "kind": "file", "filename": "trigger.ps1", "tags": "", "score": 1, "sha256": "3ddc540b350eff5dc0411ffd276d891bcefc5ea6e27c8913cbf06aaa396cf3a5"}, {"sample": "230425-hdhd3aag5w", "created": "2023-04-25 06:37:06.192096 +0000 +0000", "kind": "file", "filename": "i.png.ps1", "tags": "family:asyncrat,botnet:default,rat", "score": 10, "sha256": "cd635790fc3913e2133384ead8cd99fa23e22752d24614b2eab2d8e270ea8aa7"}, {"sample": "230425-hcxglagh64", "created": "2023-04-25 06:36:04.014334 +0000 +0000", "kind": "file", "filename": "t.png.ps1", "tags": "family:asyncrat,botnet:forward,rat", "score": 10, "sha256": "93e0f9029314355c2bbf3c4698d3f635472b80893851456f95ac7a95309ebff1"}, {"sample": "230425-dd4j3shh4v", "created": "2023-04-25 02:54:27.390587 +0000 +0000", "kind": "file", "filename": "cc789c2b418cf62305d9e1bdb159f4ae.ps1", "tags": "family:asyncrat,botnet:default,rat", "score": 10, "sha256": "295f4242ed4bebbbc2d8f1e602a9bb4c66a987d7c6e6522590327da91fc40279"}, {"sample": "230424-3yqw6aha8z", "created": "2023-04-24 23:55:36.485558 +0000 +0000", "kind": "file", "filename": "oui.ps1", "tags": "discovery,evasion,persistence", "score": 10, "sha256": "bf07cccf18fff803ac1fe3cf301fd43bf76a0993dc07c691f4ab9ed40d3d809c"}, {"sample": "230424-3g28vsfc34", "created": "2023-04-24 23:29:57.659262 +0000 +0000", "kind": "file", "filename": "rt.php.ps1", "tags": "family:netsupport,persistence,rat", "score": 10, "sha256": "9da8511aec92738a1a1c4b3c505c0a5701f5a3f6fb5aa7fd1c80dadc68b25bc9"}, {"sample": "230424-3f1zeagh7z", "created": "2023-04-24 23:28:08.137101 +0000 +0000", "kind": "file", "filename": "file.ps1", "tags": "", "score": 1, "sha256": "b18f33e994e6504989cc758bf39a17dff4015e7a61fea2db198c5f265b1556c0"}, {"sample": "230424-srbhsacg28", "created": "2023-04-24 15:21:04.596942 +0000 +0000", "kind": "file", "filename": "out.ps1", "tags": "", "score": 1, "sha256": "1fd3e6c6962de0d40f882ed6b011656348ca3ee07d2c5b80acf497881d70ab66"}, {"sample": "230424-p7g4qade7y", "created": "2023-04-24 12:58:04.27155 +0000 +0000", "kind": "file", "filename": "file_deleter.ps1", "tags": "", "score": 1, "sha256": "35fb99c59c455149681bf4f4ee45db416d45488a7451ac353b0758ab5793d0dc"}, {"sample": "230424-lysbjscg5y", "created": "2023-04-24 09:56:49.251926 +0000 +0000", "kind": "file", "filename": "94137cbe1455e824d25c59e3c5a0daf2b9274b055cf6e20800efa7713d10c1ac.ps1", "tags": "family:revengerat,botnet:nyancatrevenge,trojan", "score": 10, "sha256": "94137cbe1455e824d25c59e3c5a0daf2b9274b055cf6e20800efa7713d10c1ac"}, {"sample": "230424-j7mfjscd4v", "created": "2023-04-24 08:18:41.815787 +0000 +0000", "kind": "file", "filename": "__PSScriptPolicyTest_1odyptez.xr0.ps1", "tags": "", "score": 1, "sha256": "96ad1146eb96877eab5942ae0736b82d8b5e2039a80d3d6932665c1a4c87dcf7"}, {"sample": "230423-3jtz9sge74", "created": "2023-04-23 23:33:03.770723 +0000 +0000", "kind": "file", "filename": "virus.ps1", "tags": "", "score": 8, "sha256": "684147202a39ef834c31b2c43e5ffda049b9b44056724ebb202787dec74050e6"}, {"sample": "230423-3g7hksge63", "created": "2023-04-23 23:30:11.587964 +0000 +0000", "kind": "file", "filename": "virus.ps1.ps1", "tags": "", "score": 1, "sha256": "3be334c407ad5bec8170103d14f79a314211c8e5da7fca6f2bc797a9b48828da"}, {"sample": "230423-3f585aaa9s", "created": "2023-04-23 23:28:22.339339 +0000 +0000", "kind": "file", "filename": "tools.ps1.ps1", "tags": "", "score": 1, "sha256": "3d300c7798f58e3507141319b4506d098a671f9a07d1b7e21cb123eadac3da3d"}, {"sample": "230423-s6xdssec84", "created": "2023-04-23 15:44:49.684654 +0000 +0000", "kind": "file", "filename": "trigger.ps1", "tags": "", "score": 1, "sha256": "15a6759494aeeddcf57b8a8886dc4cc38bfe8b14ca698d9e3065473837ffb060"}, {"sample": "230423-hhgnbsdc9z", "created": "2023-04-23 06:44:03.486192 +0000 +0000", "kind": "file", "filename": "06af27505fccf3ed9388e0d3beb43160d67917f3c6d02e2e2cc6994938907bdb.ps1", "tags": "", "score": 7, "sha256": "06af27505fccf3ed9388e0d3beb43160d67917f3c6d02e2e2cc6994938907bdb"}, {"sample": "230422-mbebvaec68", "created": "2023-04-22 10:17:08.091705 +0000 +0000", "kind": "file", "filename": "code.ps1", "tags": "", "score": 7, "sha256": "f18c5664b3d1edf039ab122026d68411d2e71c0b88ecbbaadd11bfaf4b7ac642"}, {"sample": "230422-mavbnsga6v", "created": "2023-04-22 10:16:09.371682 +0000 +0000", "kind": "file", "filename": "code.ps1", "tags": "", "score": 7, "sha256": "3218a1ee32aaa4b7d1fae29b715faa1e5d649eb1b56849c49c9b590fed4c0707"}, {"sample": "230422-l8994sga5y", "created": "2023-04-22 10:13:25.051254 +0000 +0000", "kind": "file", "filename": "target.ps1", "tags": "", "score": 7, "sha256": "2509f6198def0a510bfb92800b3b7c6879ab0459dd756c2eb17a5b72cf67a564"}, {"sample": "230422-l6rd8aga4v", "created": "2023-04-22 10:09:00.06498 +0000 +0000", "kind": "file", "filename": "file.ps1", "tags": "", "score": 1, "sha256": "392d7a12bc4c40428ce9ca2adb98879846012e982dea6682b2398c7623a59dec"}, {"sample": "230422-l5fw4aec48", "created": "2023-04-22 10:06:44.58707 +0000 +0000", "kind": "file", "filename": "run.ps1", "tags": "", "score": 1, "sha256": "1ccf3c4b802b4f0ec9c5a7c2379dca4b96ac8d0619e6b7fd8959a2216139728f"}, {"sample": "230422-l4f6gaec46", "created": "2023-04-22 10:05:00.267391 +0000 +0000", "kind": "file", "filename": "file.ps1", "tags": "", "score": 8, "sha256": "ac91ef5e5f671bbee958a94cf3c41a85111e76efc6335da9b457db4b7856a04b"}, {"sample": "230422-l3m8dsec43", "created": "2023-04-22 10:03:35.124192 +0000 +0000", "kind": "file", "filename": "file01.ps1", "tags": "", "score": 1, "sha256": "6af1ec13f28434025851f505490325cf3cc06f8d26238b7550e932a7a1a14625"}, {"sample": "230422-l21r4aec39", "created": "2023-04-22 10:02:28.510732 +0000 +0000", "kind": "file", "filename": "file01.ps1", "tags": "", "score": 1, "sha256": "b58ce9d59838b3285a19257e04260f0a89f29adefc2f465608368b6a6407395b"}, {"sample": "230422-l19cvaec37", "created": "2023-04-22 10:01:08.144953 +0000 +0000", "kind": "file", "filename": "run.ps1", "tags": "", "score": 1, "sha256": "0d3df3fafff79f8a2ae321b4244d57e4a07e783f3723ae2d7c9712e0de5a58c7"}, {"sample": "230422-lybnssec25", "created": "2023-04-22 09:56:01.15985 +0000 +0000", "kind": "file", "filename": "file01.ps1", "tags": "", "score": 1, "sha256": "a8681341ea348f7e3a535bd96296b8ade436cb92fef05d473963492e97fd6b67"}, {"sample": "230421-g4pemagd6y", "created": "2023-04-21 06:21:42.545752 +0000 +0000", "kind": "file", "filename": "test.ps1.ps1", "tags": "family:icedid,campaign:2120215998,banker,loader,trojan", "score": 10, "sha256": "758a7f8168ce5bee94ab3be7b0f49094ebbda49b29bdbf2ddc2fffe9ce00875d"}, {"sample": "230421-d6jelsdh74", "created": "2023-04-21 03:37:09.90768 +0000 +0000", "kind": "file", "filename": "disable_defender.ps1", "tags": "", "score": 1, "sha256": "51c5e2844ff3c658af02d2a30a35cc1a0b8d6528df49475e1d2b4ada0f863d5b"}, {"sample": "230421-d6jelsfh3w", "created": "2023-04-21 03:37:09.584806 +0000 +0000", "kind": "file", "filename": "ShareFinder.ps1", "tags": "", "score": 1, "sha256": "8555173299638a42c9348d713ae9a02703fde6fc84907e467fafc296509e07f8"}, {"sample": "230421-c2vreadf95", "created": "2023-04-21 02:34:48.803309 +0000 +0000", "kind": "file", "filename": "run.ps1", "tags": "", "score": 1, "sha256": "3ff596d1a7f5b0b703cb3d7e9cc31a9ee4bb60d4a17ea51e8e9d551c6a8abbf6"}, {"sample": "230421-aly3sadb32", "created": "2023-04-21 00:18:40.78084 +0000 +0000", "kind": "file", "filename": "trigger.ps1", "tags": "", "score": 8, "sha256": "d6a93e0e6851cc68e6a698ffae603052262deb5c44474db3150d180cf56b7cf8"}, {"sample": "230420-zxdcwscd23", "created": "2023-04-20 21:05:27.005977 +0000 +0000", "kind": "file", "filename": "RainbowSix.ps1", "tags": "family:metasploit,backdoor,trojan", "score": 10, "sha256": "9b0a96da447a36e72d1d89ca4b1aec82ff0df3d9ffa9c712b8613f790f340aec"}, {"sample": "230420-zrjmqaec4t", "created": "2023-04-20 20:57:00.809402 +0000 +0000", "kind": "file", "filename": "RainbowSix.ps1", "tags": "family:metasploit,backdoor,trojan", "score": 10, "sha256": "9b0a96da447a36e72d1d89ca4b1aec82ff0df3d9ffa9c712b8613f790f340aec"}, {"sample": "230420-zlz3hsec2y", "created": "2023-04-20 20:49:03.268279 +0000 +0000", "kind": "file", "filename": "RainbowSix.ps1", "tags": "", "score": 1, "sha256": "3df5db8c2ff81ab8bcb7cad032948e7fde261022a859eac4241b72070ab320c9"}, {"sample": "230420-zepm7scc32", "created": "2023-04-20 20:38:03.490244 +0000 +0000", "kind": "file", "filename": "5a0976fef89e32ddcf62c790f9bb4c174a79004e627c3521604f46bf5cc7bea2.ps1", "tags": "", "score": 1, "sha256": "5a0976fef89e32ddcf62c790f9bb4c174a79004e627c3521604f46bf5cc7bea2"}, {"sample": "230420-xjzb4adf8w", "created": "2023-04-20 18:53:40.071219 +0000 +0000", "kind": "file", "filename": "e8ba5871d6005a6b63ec510869baab3e2a485e3d63d7526f19a38af0eac834ac.ps1", "tags": "family:njrat,botnet:nyan cat,trojan", "score": 10, "sha256": "e8ba5871d6005a6b63ec510869baab3e2a485e3d63d7526f19a38af0eac834ac"}, {"sample": "230420-r4f4csae55", "created": "2023-04-20 14:44:37.279327 +0000 +0000", "kind": "file", "filename": "__PSScriptPolicyTest_iw12mv3h.iho.ps1", "tags": "", "score": 1, "sha256": "96ad1146eb96877eab5942ae0736b82d8b5e2039a80d3d6932665c1a4c87dcf7"}, {"sample": "230420-qyhvbsab98", "created": "2023-04-20 13:40:03.411195 +0000 +0000", "kind": "file", "filename": "mal.ps1", "tags": "", "score": 8, "sha256": "e35b56d5f5d582028fb928ede2d82386954a2d21eb00b3209b47e2ff32817762"}, {"sample": "230420-qwgt9acb4v", "created": "2023-04-20 13:36:30.118459 +0000 +0000", "kind": "file", "filename": "mal.ps1", "tags": "", "score": 8, "sha256": "e35b56d5f5d582028fb928ede2d82386954a2d21eb00b3209b47e2ff32817762"}, {"sample": "230420-phstxshg67", "created": "2023-04-20 12:20:09.502708 +0000 +0000", "kind": "file", "filename": "icedid.ps1", "tags": "", "score": 1, "sha256": "0112ff879cb9eb851adfbd611193ad8dabaf131bd450d88f7903a98bfc8d52b4"}, {"sample": "230420-cwpyzaha41", "created": "2023-04-20 02:25:48.220318 +0000 +0000", "kind": "url", "filename": "https://raw.githubusercontent.com/ansible/ansible/devel/examples/scripts/ConfigureRemotingForAnsible.ps1", "tags": "", "score": 1, "sha256": ""}, {"sample": "230420-b72w8seg66", "created": "2023-04-20 01:47:57.77784 +0000 +0000", "kind": "file", "filename": "decoded-1.ps1", "tags": "", "score": 1, "sha256": "90073feea947bc95399274d0ead4c651e7b43c42afdea3cb55e3268033e47be5"}, {"sample": "230420-ajabmsgb61", "created": "2023-04-20 00:13:59.467139 +0000 +0000", "kind": "file", "filename": "dateagent.ps1", "tags": "", "score": 1, "sha256": "e8721092085775acaee94a91ab8341bdb452851aa0564411430633e6a69ee87c"}, {"sample": "230419-3lphkaea44", "created": "2023-04-19 23:36:17.995411 +0000 +0000", "kind": "file", "filename": "decoded-1.ps1", "tags": "", "score": 3, "sha256": "90073feea947bc95399274d0ead4c651e7b43c42afdea3cb55e3268033e47be5"}, {"sample": "230419-23c1esfg91", "created": "2023-04-19 23:06:01.911806 +0000 +0000", "kind": "file", "filename": "gb.php.ps1", "tags": "collection,evasion", "score": 8, "sha256": "e73dd0185cd87f286df42d4396391044be1ff2312aef15415271b17beabcfe12"}, {"sample": "230419-1f3f5afe2v", "created": "2023-04-19 21:36:22.760502 +0000 +0000", "kind": "file", "filename": "3.ps1", "tags": "", "score": 7, "sha256": "a558ff9e48d911856bbe10ec93e46918228f4c23a0519419a566684346ba74bc"}, {"sample": "230419-z7c5wade45", "created": "2023-04-19 21:21:10.282821 +0000 +0000", "kind": "file", "filename": "Get-Azure.ps1", "tags": "", "score": 1, "sha256": "756c2c3ddceac0302345c61b2ffa1b40041bc13753811f0d1d17830d738d3d7a"}, {"sample": "230419-z3ne2sfd2z", "created": "2023-04-19 21:14:41.795673 +0000 +0000", "kind": "file", "filename": "8f9fa90f6de669f9492a1a524fbefdda74499f4a047539b0388575f07f14f909.ps1", "tags": "", "score": 1, "sha256": "8f9fa90f6de669f9492a1a524fbefdda74499f4a047539b0388575f07f14f909"}, {"sample": "230419-zlnpgsdd23", "created": "2023-04-19 20:48:29.382056 +0000 +0000", "kind": "file", "filename": "Get-Azure.ps1", "tags": "", "score": 1, "sha256": "756c2c3ddceac0302345c61b2ffa1b40041bc13753811f0d1d17830d738d3d7a"}, {"sample": "230419-x4rgzseg9x", "created": "2023-04-19 19:24:45.5714 +0000 +0000", "kind": "file", "filename": "Get-Azure.ps1", "tags": "", "score": 1, "sha256": "756c2c3ddceac0302345c61b2ffa1b40041bc13753811f0d1d17830d738d3d7a"}, {"sample": "230419-xqzw7seg2s", "created": "2023-04-19 19:04:11.51489 +0000 +0000", "kind": "file", "filename": "ps-2.ps1", "tags": "", "score": 1, "sha256": "8f9fa90f6de669f9492a1a524fbefdda74499f4a047539b0388575f07f14f909"}, {"sample": "230419-xp69wsef8w", "created": "2023-04-19 19:02:47.252442 +0000 +0000", "kind": "file", "filename": "ps-2.ps1", "tags": "", "score": 1, "sha256": "8f9fa90f6de669f9492a1a524fbefdda74499f4a047539b0388575f07f14f909"}, {"sample": "230419-xkwbtsef51", "created": "2023-04-19 18:55:15.588109 +0000 +0000", "kind": "file", "filename": "rt.php.ps1", "tags": "family:netsupport,persistence,rat", "score": 10, "sha256": "c5ff180d3cccca7cb3f35c52e9a7a337be64fa30d1fc0fdc9220bfa8b2a6b393"}, {"sample": "230419-twc3vabh73", "created": "2023-04-19 16:24:04.102844 +0000 +0000", "kind": "file", "filename": "RainbowSix.ps1", "tags": "family:cobaltstrike,family:metasploit,botnet:391144938,backdoor,trojan", "score": 10, "sha256": "9b0a96da447a36e72d1d89ca4b1aec82ff0df3d9ffa9c712b8613f790f340aec"}, {"sample": "230419-sz9qjsbd82", "created": "2023-04-19 15:34:57.864117 +0000 +0000", "kind": "file", "filename": "rt.php.ps1", "tags": "family:netsupport,persistence,rat", "score": 10, "sha256": "c5ff180d3cccca7cb3f35c52e9a7a337be64fa30d1fc0fdc9220bfa8b2a6b393"}, {"sample": "230419-szsf9sbd76", "created": "2023-04-19 15:34:07.181858 +0000 +0000", "kind": "file", "filename": "4556QdxEcRRwaanOcwMUbPLadtPY.ps1", "tags": "family:netsupport,persistence,rat", "score": 10, "sha256": "23ec97b573fa3a2ff88e5689622b8b3b5406e09e77861c50665fd01067e2717e"}, {"sample": "230419-r49qnsbb67", "created": "2023-04-19 14:46:01.334391 +0000 +0000", "kind": "file", "filename": "totallysafe.ps1", "tags": "", "score": 3, "sha256": "f9a2b7fad1b59c274188ba5f3a9a15a771540cd4835caec67a5b89f76adb590f"}, {"sample": "230419-r4dcgabb63", "created": "2023-04-19 14:44:28.599054 +0000 +0000", "kind": "file", "filename": "totallysafe.ps1", "tags": "", "score": 1, "sha256": "045fbe1653f85ae22751b118a9d991fdd815b9dd4991d9e519bfc219da7a7cb6"}, {"sample": "230419-q7kqaaah46", "created": "2023-04-19 13:54:08.744143 +0000 +0000", "kind": "file", "filename": "RainbowSix.ps1", "tags": "family:cobaltstrike,family:metasploit,botnet:391144938,backdoor,trojan", "score": 10, "sha256": "9b0a96da447a36e72d1d89ca4b1aec82ff0df3d9ffa9c712b8613f790f340aec"}, {"sample": "230419-qjlyface7v", "created": "2023-04-19 13:17:30.577216 +0000 +0000", "kind": "file", "filename": "RainbowSix.ps1", "tags": "family:cobaltstrike,family:metasploit,botnet:391144938,backdoor,trojan", "score": 10, "sha256": "9b0a96da447a36e72d1d89ca4b1aec82ff0df3d9ffa9c712b8613f790f340aec"}, {"sample": "230419-nzr4aaac54", "created": "2023-04-19 11:50:24.675985 +0000 +0000", "kind": "file", "filename": "target.ps1", "tags": "", "score": 1, "sha256": "781f1035977b7485f1d8d9aee0e9928e929aa8055d341834c81a3973f1f608ab"}, {"sample": "230419-kf2ltsbb8y", "created": "2023-04-19 08:33:23.400205 +0000 +0000", "kind": "file", "filename": "trigger.ps1", "tags": "", "score": 8, "sha256": "c304d09d544389d3cf8189c31626aa7f8cd0309af4633bf50f7f257410d68d0e"}, {"sample": "230418-1ane1sed93", "created": "2023-04-18 21:26:55.906693 +0000 +0000", "kind": "file", "filename": "Hjkjhgue.ps1", "tags": "family:agenttesla,collection,keylogger,spyware,stealer,trojan", "score": 10, "sha256": "5cdf24e3526a5ff62b5281fafff7a2ebf2f6325b7e8d617fd851b10d180a728f"}, {"sample": "230418-ythmrsff6z", "created": "2023-04-18 20:04:31.420777 +0000 +0000", "kind": "file", "filename": "1.ps1", "tags": "", "score": 1, "sha256": "e3490431cb2b38259a592918a8f0fda400ef4576a4228e937bb71b3d58c2d61c"}, {"sample": "230418-wr6kpseh7x", "created": "2023-04-18 18:10:19.786791 +0000 +0000", "kind": "file", "filename": "rt.php.ps1", "tags": "family:netsupport,persistence,rat", "score": 10, "sha256": "036a01e9618248f88931e4c5bb1f9cce1c45860ea6d93a231efdf6dd572f8bfb"}, {"sample": "230418-teng9aec4x", "created": "2023-04-18 15:58:22.911199 +0000 +0000", "kind": "file", "filename": "dodgy.ps1", "tags": "", "score": 3, "sha256": "7cab531f9e9f218a5d0c0394a0a989623225738f0c1c578b85cb7357031ea3f3"}, {"sample": "230418-tdhwdace33", "created": "2023-04-18 15:56:22.485666 +0000 +0000", "kind": "file", "filename": "dodgy.ps1", "tags": "", "score": 3, "sha256": "59884950d4f342f15ef607d750b4cecd2612604d83e9008c965331bf5228a73c"}, {"sample": "230418-s9bw9seb9x", "created": "2023-04-18 15:49:03.81712 +0000 +0000", "kind": "file", "filename": "peloader.ps1", "tags": "", "score": 3, "sha256": "d25075fd69a9652269c4fed38ce93a58bcac803f6fff76ffe8b765eb10a94c83"}, {"sample": "230418-s8c3yacd78", "created": "2023-04-18 15:47:22.054209 +0000 +0000", "kind": "file", "filename": "suckyermum - Copy.ps1", "tags": "", "score": 3, "sha256": "e8dda8305bf31e3cfc1e0fe176c4972658aa9c7cdcf02853b44b1af8fe418142"}, {"sample": "230418-s5t72seb7x", "created": "2023-04-18 15:42:57.767549 +0000 +0000", "kind": "file", "filename": "suckyermum.ps1", "tags": "", "score": 3, "sha256": "d25075fd69a9652269c4fed38ce93a58bcac803f6fff76ffe8b765eb10a94c83"}, {"sample": "230418-s46jpacd56", "created": "2023-04-18 15:41:46.051289 +0000 +0000", "kind": "file", "filename": "suckyermum.ps1", "tags": "", "score": 3, "sha256": "1b9062bdfbc4209b483b4de3e3bb83c253494923d3f3481baa515e501e0b135e"}, {"sample": "230418-s32t4seb61", "created": "2023-04-18 15:39:49.826518 +0000 +0000", "kind": "file", "filename": "suckyermum.ps1", "tags": "", "score": 1, "sha256": "7782e795721809fa12b4b3b02df536b61e07b2b61f28b35d90536da29b459d44"}, {"sample": "230418-s3lg5aeb6w", "created": "2023-04-18 15:39:02.318443 +0000 +0000", "kind": "file", "filename": "suckyermum.ps1", "tags": "", "score": 1, "sha256": "a9762c8a195b8c640605f4fa534a014578d85469fb8e6b1c785d68fee0c8dc8f"}, {"sample": "230418-s1y1faeb5y", "created": "2023-04-18 15:36:10.355548 +0000 +0000", "kind": "file", "filename": "suckyermum.ps1", "tags": "", "score": 1, "sha256": "7968836c036a5d5487d52317f13124895a05f23d6528a61a1697d05da87ddd6b"}, {"sample": "230418-rpj7gadg2w", "created": "2023-04-18 14:22:04.570068 +0000 +0000", "kind": "file", "filename": "encoded.ps1", "tags": "", "score": 1, "sha256": "5d7ba2b775cdd1c1b2f4f468e2f06bf0f16d9738b433cd31d406608e537ca927"}, {"sample": "230418-rjz1qsdf8s", "created": "2023-04-18 14:14:05.455002 +0000 +0000", "kind": "file", "filename": "dodge.ps1", "tags": "", "score": 1, "sha256": "006c9b4aed832f042911a10dc68210b978d27c0dde36330b2a1641f289108162"}, {"sample": "230418-rfn43abh53", "created": "2023-04-18 14:08:18.104284 +0000 +0000", "kind": "file", "filename": "dodge.ps1", "tags": "", "score": 1, "sha256": "006c9b4aed832f042911a10dc68210b978d27c0dde36330b2a1641f289108162"}, {"sample": "230418-pls9vsda9s", "created": "2023-04-18 12:25:25.318052 +0000 +0000", "kind": "file", "filename": "explorer.ps1", "tags": "", "score": 1, "sha256": "809c76fa535ae6532ce29d85d8ca042036f4d0c3f4a536efecdf78e5b85e9c5b"}, {"sample": "230417-2rsxhagd56", "created": "2023-04-17 22:49:18.564054 +0000 +0000", "kind": "file", "filename": "target.ps1", "tags": "", "score": 1, "sha256": "090d5b7e91f027656a4e318e74446fd4ca19ab03cb5f9f41bde6ee3060c83dfe"}, {"sample": "230417-zbfwwsga27", "created": "2023-04-17 20:32:23.943197 +0000 +0000", "kind": "file", "filename": "rt.php.ps1", "tags": "family:netsupport,persistence,rat", "score": 10, "sha256": "b558ec1d6ceff2580c0b0606d4e96266aa7a4923573dfdc789d99fe436def8c2"}, {"sample": "230417-sqpn1sgd51", "created": "2023-04-17 15:19:59.119097 +0000 +0000", "kind": "file", "filename": "curriculum-vitae (4).ps1", "tags": "persistence", "score": 8, "sha256": "2a79e792091dc3aafe657efa3e4feacd5ddc10fecae3f39fabf8aa2cbefa6fcc"}, {"sample": "230416-3vq3racd84", "created": "2023-04-16 23:50:22.834198 +0000 +0000", "kind": "file", "filename": "target.ps1", "tags": "", "score": 6, "sha256": "517c0bd610ba1c153c726674fa561f9f5a1fd6aecbc38e5f236454d8efdea0aa"}, {"sample": "230416-w13v6scf6t", "created": "2023-04-16 18:24:09.933661 +0000 +0000", "kind": "file", "filename": "a.ps1", "tags": "", "score": 8, "sha256": "94601fc7759612cc1ce13844d6c26cd3ac2e547a1c96e87ae4e2b87a1c2c57e1"}, {"sample": "230416-wztacaah59", "created": "2023-04-16 18:21:56.550219 +0000 +0000", "kind": "file", "filename": "f.ps1", "tags": "", "score": 8, "sha256": "417a0be8ef6073897f81fa6912d3a203a9aea432e16af30fe32376671cfa0d44"}, {"sample": "230416-wpwygscf2w", "created": "2023-04-16 18:06:21.89638 +0000 +0000", "kind": "file", "filename": "submit.ps1", "tags": "", "score": 1, "sha256": "66659baf23dc428c101119241951ffc240b05ea4852c0ba2fa30071a990de925"}, {"sample": "230416-qb6b4sbh4z", "created": "2023-04-16 13:06:13.807975 +0000 +0000", "kind": "file", "filename": "decrypted.ps1", "tags": "", "score": 1, "sha256": "f5215c0f66e92448ebcf883ce76f29ea3898c47601f85242c64f2bbfaca09924"}, {"sample": "230416-kjydkshe68", "created": "2023-04-16 08:38:27.311983 +0000 +0000", "kind": "file", "filename": "run.ps1", "tags": "", "score": 1, "sha256": "bf53abc91f3ced1ab18d1eddee027e002f55bd65df76390c34008ab56d7c04b4"}, {"sample": "230416-jbarwaba5t", "created": "2023-04-16 07:29:10.9551 +0000 +0000", "kind": "file", "filename": "target.ps1", "tags": "", "score": 8, "sha256": "b4745d30d6c03cd69e890949be03ad17498d3062939991cc8650a0ad14a99c4b"}, {"sample": "230416-hsnjmahd24", "created": "2023-04-16 07:00:06.003827 +0000 +0000", "kind": "file", "filename": "run.ps1", "tags": "", "score": 7, "sha256": "53d3f95350b9f6353d9520fcc4675c4fea8c0ede00316d508fab0764af4e4f83"}, {"sample": "230416-cn2b2aab4y", "created": "2023-04-16 02:14:08.584231 +0000 +0000", "kind": "file", "filename": "new.ps1", "tags": "", "score": 1, "sha256": "5b30714e29810d3d798c2f537b390013ddf2119027d4e15cba1ad503380bdba1"}, {"sample": "230416-ck95rsge87", "created": "2023-04-16 02:09:19.601414 +0000 +0000", "kind": "file", "filename": "ya.ps1", "tags": "", "score": 1, "sha256": "8b5014a82242be12f57feb30b6bb68e9670eb2619d789b6332a7a8ee8e5b7dbe"}, {"sample": "230416-ckp5laab4s", "created": "2023-04-16 02:08:20.624492 +0000 +0000", "kind": "file", "filename": "ya.ps1", "tags": "", "score": 1, "sha256": "8b5014a82242be12f57feb30b6bb68e9670eb2619d789b6332a7a8ee8e5b7dbe"}, {"sample": "230416-aqejyahh6s", "created": "2023-04-16 00:24:42.462964 +0000 +0000", "kind": "file", "filename": "yeni.ps1", "tags": "", "score": 1, "sha256": "3446f3898a787c9feeb2d3acdc3f543356c115877bf276f9230ad466e5f7dc08"}, {"sample": "230415-ynenxsfe26", "created": "2023-04-15 19:55:37.643452 +0000 +0000", "kind": "file", "filename": "target.ps1", "tags": "", "score": 1, "sha256": "4fe40883ca43c494ea64b4a08b42aa2758a2d09e239a9d256f33e53a00d16b0d"}, {"sample": "230415-ymx4waha7x", "created": "2023-04-15 19:54:46.417846 +0000 +0000", "kind": "file", "filename": "file01.ps1", "tags": "", "score": 1, "sha256": "0f9909a6d024c263acdf095840eefe1930a1a9cb0731fef264055acdea3113d1"}, {"sample": "230415-ph6e1sff2v", "created": "2023-04-15 12:20:47.950613 +0000 +0000", "kind": "file", "filename": "Windows10DebloaterGUI.ps1.ps1", "tags": "discovery,exploit,persistence,pyinstaller", "score": 8, "sha256": "255dc16eef14b8c5174190ac555c5e0ba00ec2048eac74e6bd4848dd75136054"}, {"sample": "230415-gy8lbaeg7t", "created": "2023-04-15 06:13:54.165859 +0000 +0000", "kind": "file", "filename": "target.ps1", "tags": "", "score": 1, "sha256": "92196fa669a6ced134e8956e9eb42a17ac54266539ce4899f114b9a9adf10b4b"}, {"sample": "230415-dvrxlsed4y", "created": "2023-04-15 03:20:05.636202 +0000 +0000", "kind": "file", "filename": "b0471a55b4f76bdac67acf88eaaed2335198732afbbb5e37adec4c4346cc1edf.ps1", "tags": "persistence", "score": 10, "sha256": "b0471a55b4f76bdac67acf88eaaed2335198732afbbb5e37adec4c4346cc1edf"}, {"sample": "230414-1dd1rade31", "created": "2023-04-14 21:31:42.742982 +0000 +0000", "kind": "file", "filename": "run.ps1", "tags": "", "score": 1, "sha256": "37e8d39c1fd1a1a1e91b85cd9d774d2e63bf3ed35fef7b07fad481aee10df7a5"}, {"sample": "230414-wmb6asce5w", "created": "2023-04-14 18:01:53.908574 +0000 +0000", "kind": "file", "filename": "reg.ps1", "tags": "family:netsupport,persistence,rat", "score": 10, "sha256": "3bc51d0eb9495a451ad6019d589f826ba6f4aac8e5e0b690fba96a2bcb2f4898"}, {"sample": "230414-vkw71scc7z", "created": "2023-04-14 17:03:27.272197 +0000 +0000", "kind": "file", "filename": "fwv.ps1", "tags": "family:netsupport,persistence,rat", "score": 10, "sha256": "48983ecec65744264b3703a7f796c9fc15df2bc6a0e68141e0f8c871e6cfa11f"}, {"sample": "230414-t3vapsaf55", "created": "2023-04-14 16:35:23.982807 +0000 +0000", "kind": "file", "filename": "SysHost.ps1", "tags": "", "score": 8, "sha256": "57d51b122c3520b4890cf64b49ec117602c6c9b33052fa07669fbdb8cc0a6214"}, {"sample": "230414-t3s3msaf54", "created": "2023-04-14 16:35:19.115815 +0000 +0000", "kind": "file", "filename": "start.ps1", "tags": "", "score": 10, "sha256": "84e930b5bea1fe8f76de3bb5181ea6ddf18f1debb55baca0d9dea43915a1ea9e"}, {"sample": "230414-r1bz8sbg41", "created": "2023-04-14 14:39:09.018669 +0000 +0000", "kind": "file", "filename": "file.ps1", "tags": "", "score": 8, "sha256": "4ad47f6f836e7550c8115750847b031bef0702c508714dd341838615b558a181"}, {"sample": "230414-rzb9lsac29", "created": "2023-04-14 14:37:25.864711 +0000 +0000", "kind": "file", "filename": "script.ps1", "tags": "", "score": 8, "sha256": "5174ad7e592b238bc346dda34260b2d173ba101613da5487f2c3d75af23af5ec"}, {"sample": "230414-nv4lhsbb4t", "created": "2023-04-14 11:43:59.407169 +0000 +0000", "kind": "file", "filename": "ntpwlogic0004.ps1", "tags": "", "score": 1, "sha256": "f2104f5e5e7c5d862c75a8a1130cf54f661e984fa5c602f79fd1c4dd8988fd7d"}, {"sample": "230414-jmsrtsha37", "created": "2023-04-14 07:47:31.376073 +0000 +0000", "kind": "file", "filename": "run.ps1", "tags": "", "score": 1, "sha256": "a0d2b85a7fd09295b303e9bbb6368d9dbd735cdf05f457e25ff5802f31037001"}, {"sample": "230414-g12ksagf39", "created": "2023-04-14 06:17:04.741247 +0000 +0000", "kind": "file", "filename": ".M1.jpg.ps1", "tags": "family:asyncrat,botnet:tokyo,rat", "score": 10, "sha256": "658155512b489b14bcbf4fbb97fa27d9868f01ae04d3e48f13d641c7fae39b2d"}, {"sample": "230414-g1f9vagf38", "created": "2023-04-14 06:16:04.831793 +0000 +0000", "kind": "file", "filename": ".N1.jpg.ps1", "tags": "family:asyncrat,botnet:tokyo,rat", "score": 10, "sha256": "26a1abd33730daf8a2ff101f5304c373d0717aa965f8b423b5edc17246f036e8"}, {"sample": "230414-g1f9vagf37", "created": "2023-04-14 06:16:04.688581 +0000 +0000", "kind": "file", "filename": ".D1.jpg.ps1", "tags": "family:asyncrat,botnet:tokyo,rat", "score": 10, "sha256": "102dd336f8be1d68a34a389851cd0454d6bdf4d93911ba330e48029dd5c520e8"}, {"sample": "230414-g1f9vagf36", "created": "2023-04-14 06:16:04.592624 +0000 +0000", "kind": "file", "filename": ".Final.txt.ps1", "tags": "", "score": 10, "sha256": "054ca3d10e6696769835c8db9ba3bd09142237d21b5bddb013598053f6e0230a"}, {"sample": "230414-dj3vqsfg78", "created": "2023-04-14 03:03:09.915346 +0000 +0000", "kind": "file", "filename": "WinDefGpo_Reg.ps1", "tags": "evasion,trojan", "score": 10, "sha256": "76a5e7e586a185a264144cd3b67156521bac6c99082fee6579ca03b7d29f111a"}, {"sample": "230414-djs1jahb8t", "created": "2023-04-14 03:02:40.023353 +0000 +0000", "kind": "file", "filename": "Nightmare.ps1", "tags": "", "score": 1, "sha256": "9532deebb51b0a4c8e88689462ade68fd58d026c0acbc086da9590b46d9f99f8"}, {"sample": "230413-zdjqkaea88", "created": "2023-04-13 20:36:02.288355 +0000 +0000", "kind": "file", "filename": "setup PSWindowsUpdate.ps1", "tags": "", "score": 8, "sha256": "ac4e3aee045df9117adb1d91f282a5ff1070a781d14e2b93b92991517dea52fa"}, {"sample": "230413-zcfbrafd7y", "created": "2023-04-13 20:34:06.565141 +0000 +0000", "kind": "file", "filename": "setup PSWindowsUpdate.ps1", "tags": "", "score": 8, "sha256": "ac4e3aee045df9117adb1d91f282a5ff1070a781d14e2b93b92991517dea52fa"}, {"sample": "230413-y6cbhsfd3w", "created": "2023-04-13 20:23:27.866929 +0000 +0000", "kind": "file", "filename": "file01.ps1", "tags": "", "score": 8, "sha256": "81e9b5360775885be8aa5f68ba40dadd972fe5560e355613f110ae2172e9e6ba"}, {"sample": "230413-r18zzadd5s", "created": "2023-04-13 14:40:44.390661 +0000 +0000", "kind": "file", "filename": "dt-9042: Apr 13, 2023 8:24:54.584 AM.ps1", "tags": "", "score": 1, "sha256": "5435595f0e200e174185cb0135fd74b77c0a8205293c27a7121495f7eb3d9c12"}, {"sample": "230413-rrz1psdc8t", "created": "2023-04-13 14:26:19.862263 +0000 +0000", "kind": "file", "filename": "script.ps1", "tags": "family:jupyter,backdoor,stealer,trojan", "score": 10, "sha256": "5a2366fb3d365e87f77a982d83eefb5054d50e8e73d2043979e5616c7071a458"}, {"sample": "230413-rqw8esca46", "created": "2023-04-13 14:24:25.776014 +0000 +0000", "kind": "file", "filename": "gulp.ps1", "tags": "", "score": 1, "sha256": "692f3ea82bdbeb8ed5ea937b097fcb10e749e9644692b8bbc535fe4cb12a19d7"}, {"sample": "230413-rnmk7sca27", "created": "2023-04-13 14:20:27.230342 +0000 +0000", "kind": "file", "filename": "a.ps1", "tags": "", "score": 1, "sha256": "ca978112ca1bbdcafac231b39a23dc4da786eff8147c4e72b9807785afee48bb"}, {"sample": "230413-rm2nqsdc5v", "created": "2023-04-13 14:19:25.786804 +0000 +0000", "kind": "file", "filename": "run.ps1", "tags": "", "score": 1, "sha256": "aa7be26c8dec81b03c7379f96a09deadb5a0991833d17e7c4ee00417a04515b8"}, {"sample": "230413-rd2mdabh52", "created": "2023-04-13 14:05:26.4203 +0000 +0000", "kind": "file", "filename": "run.ps1", "tags": "", "score": 6, "sha256": "aa7be26c8dec81b03c7379f96a09deadb5a0991833d17e7c4ee00417a04515b8"}, {"sample": "230413-rbxweadb7t", "created": "2023-04-13 14:01:44.78934 +0000 +0000", "kind": "file", "filename": "file01.ps1", "tags": "discovery,exploit", "score": 8, "sha256": "22e442a52ff857b87becdbcec071e0a8449b5c430228d6988c11df3fd5d53cfb"}, {"sample": "230413-ragsssbh29", "created": "2023-04-13 13:59:13.425399 +0000 +0000", "kind": "file", "filename": "file01.ps1", "tags": "discovery,exploit", "score": 8, "sha256": "22e442a52ff857b87becdbcec071e0a8449b5c430228d6988c11df3fd5d53cfb"}, {"sample": "230413-q3gg3abg74", "created": "2023-04-13 13:46:58.089789 +0000 +0000", "kind": "file", "filename": "file.ps1", "tags": "discovery,exploit", "score": 8, "sha256": "413dfd2335876ebd19dfae45b725190a51f5e2ce5087b6cddc3cf4529415cb7a"}, {"sample": "230413-laqstabh3v", "created": "2023-04-13 09:20:02.487637 +0000 +0000", "kind": "file", "filename": "__PSScriptPolicyTest_2y02xoyd.u55.ps1", "tags": "", "score": 5, "sha256": "96ad1146eb96877eab5942ae0736b82d8b5e2039a80d3d6932665c1a4c87dcf7"}, {"sample": "230413-jvfr8sab82", "created": "2023-04-13 07:59:09.101528 +0000 +0000", "kind": "file", "filename": "download.ps1", "tags": "family:netsupport,persistence,rat", "score": 10, "sha256": "b0471a55b4f76bdac67acf88eaaed2335198732afbbb5e37adec4c4346cc1edf"}, {"sample": "230413-jnx3yaab55", "created": "2023-04-13 07:49:30.255581 +0000 +0000", "kind": "file", "filename": "file01.ps1", "tags": "family:netsupport,persistence,rat", "score": 10, "sha256": "17598eb5f56282537d210203455c4036ba327cd8b8ca6bcb41f22373a0339c98"}, {"sample": "230413-hh83kshh43", "created": "2023-04-13 06:45:23.883556 +0000 +0000", "kind": "file", "filename": "b0471a55b4f76bdac67acf88eaaed2335198732afbbb5e37adec4c4346cc1edf.ps1", "tags": "family:netsupport,persistence,rat", "score": 10, "sha256": "b0471a55b4f76bdac67acf88eaaed2335198732afbbb5e37adec4c4346cc1edf"}, {"sample": "230413-gx614abb6s", "created": "2023-04-13 06:12:04.190871 +0000 +0000", "kind": "file", "filename": "sets.ps1", "tags": "family:netsupport,persistence,rat", "score": 10, "sha256": "b0471a55b4f76bdac67acf88eaaed2335198732afbbb5e37adec4c4346cc1edf"}, {"sample": "230413-ajr7fsgb86", "created": "2023-04-13 00:14:51.791859 +0000 +0000", "kind": "file", "filename": "sfe.ps1", "tags": "family:netsupport,persistence,rat", "score": 10, "sha256": "915dcd74eb484f03079d60acafd2a52e3c90bb45a4ac58be437143c6dc094cc9"}, {"sample": "230412-z4dl8sfc76", "created": "2023-04-12 21:15:52.785218 +0000 +0000", "kind": "file", "filename": "code.ps1", "tags": "persistence,spyware,stealer", "score": 7, "sha256": "9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08"}, {"sample": "230412-wtaaaaea62", "created": "2023-04-12 18:12:16.142712 +0000 +0000", "kind": "file", "filename": "rt.php.ps1", "tags": "family:netsupport,persistence,rat", "score": 10, "sha256": "346087d9839158a74823eac3a60db517287cf63e60880853a1c297fb5515b8df"}, {"sample": "230412-v5avhsdg94", "created": "2023-04-12 17:33:51.034837 +0000 +0000", "kind": "file", "filename": "file.ps1", "tags": "", "score": 1, "sha256": "d14ce01a1d16adc25b4c596ca0ccf6209569c71db3ddbcc49317dfe3756c1b90"}, {"sample": "230412-r26agach69", "created": "2023-04-12 14:42:20.071708 +0000 +0000", "kind": "file", "filename": "__PSScriptPolicyTest_uqcbnzrg.uay.ps1", "tags": "", "score": 1, "sha256": "96ad1146eb96877eab5942ae0736b82d8b5e2039a80d3d6932665c1a4c87dcf7"}, {"sample": "230412-rn1g3acg97", "created": "2023-04-12 14:21:06.549465 +0000 +0000", "kind": "file", "filename": "vicuna.ps1", "tags": "", "score": 10, "sha256": "4056a66a6f0aedc14f62c3287c8e77e0c002f55b50eacf647f15d6a709f1a5bd"}, {"sample": "230412-qnjc4scf24", "created": "2023-04-12 13:24:21.67621 +0000 +0000", "kind": "file", "filename": "file01.ps1", "tags": "discovery,persistence", "score": 8, "sha256": "8254c329a92850f6d539dd376f4816ee2764517da5e0235514af433164480d7a"}, {"sample": "230412-qjg99ace79", "created": "2023-04-12 13:17:18.954555 +0000 +0000", "kind": "file", "filename": "file01.ps1", "tags": "", "score": 1, "sha256": "636ebb8c679d6902a2a7706a2dfcb4f8e97fe1f14e4e6f0e9fec4ea59a1c1ab6"}, {"sample": "230412-mgcefadb31", "created": "2023-04-12 10:25:46.895305 +0000 +0000", "kind": "file", "filename": "Invoke-ReflectivePEInjection.ps1", "tags": "", "score": 1, "sha256": "49722a88ed56bddac060bede70abbf12618a5d25b708d694e9a2bddf1d4eede0"}, {"sample": "230412-mdbczabe79", "created": "2023-04-12 10:20:28.372906 +0000 +0000", "kind": "file", "filename": "Invoke-ReflectivePEInjection.ps1", "tags": "", "score": 1, "sha256": "49722a88ed56bddac060bede70abbf12618a5d25b708d694e9a2bddf1d4eede0"}, {"sample": "230412-lqdhesch4x", "created": "2023-04-12 09:43:53.395314 +0000 +0000", "kind": "file", "filename": "payload_2022.ps1", "tags": "", "score": 1, "sha256": "705983b1ae0cd9f6b1caac7de75d8a51da7272dada5a01406a59214b358e1de3"}, {"sample": "230412-kqhlpscf31", "created": "2023-04-12 08:48:11.428315 +0000 +0000", "kind": "file", "filename": "info2.ps1", "tags": "family:asyncrat,rat", "score": 10, "sha256": "126634bbca18bfa2d0c08c5c7f1fe8b4aac825259f4d36d65ad2b05eaaf732a4"}, {"sample": "230412-gz25xsca3t", "created": "2023-04-12 06:15:21.920829 +0000 +0000", "kind": "file", "filename": "trigger.ps1", "tags": "family:netsupport,persistence,rat", "score": 10, "sha256": "99ba97dce5ad4ac1aca66a3917da76e566b9fb86b63ebd661b88aca6a67cb854"}, {"sample": "230411-z91c7ahb9w", "created": "2023-04-11 21:25:46.158338 +0000 +0000", "kind": "file", "filename": "script.ps1", "tags": "", "score": 10, "sha256": "317d2f6c25e5f1691bda01bbe0c356d13f5a2c290b46649d7f1d2fa816f70869"}, {"sample": "230411-z889psfe43", "created": "2023-04-11 21:24:27.001045 +0000 +0000", "kind": "file", "filename": "trigger.ps1", "tags": "", "score": 10, "sha256": "bbb4f6581d6d0e726afe3b03fe745b433d268916b2cabe20f873198a94132d3b"}, {"sample": "230411-z1lhnshb3y", "created": "2023-04-11 21:11:05.570473 +0000 +0000", "kind": "file", "filename": "target.ps1", "tags": "", "score": 1, "sha256": "09d22d94fed5919827e32f0f9dbe616cb5b7293ce029b8ad83536ab7c38ef5d1"}, {"sample": "230411-yfwx8seh64", "created": "2023-04-11 19:44:13.442607 +0000 +0000", "kind": "file", "filename": "d.ps1", "tags": "ransomware", "score": 8, "sha256": "c3b4dccbd2cbb8c83456cfd5c27f1a8eb2d5b2d2fcdc814d31874415928f1828"}, {"sample": "230411-yc9d6aeh45", "created": "2023-04-11 19:39:36.735095 +0000 +0000", "kind": "file", "filename": "asdf.ps1", "tags": "", "score": 1, "sha256": "2b2989ebe683a28ad4d9390f0030ea2cc76ae3ac86dfef2307767fee5df6679f"}, {"sample": "230411-x9nnaaeg95", "created": "2023-04-11 19:33:20.609798 +0000 +0000", "kind": "file", "filename": "d.ps1", "tags": "", "score": 1, "sha256": "b2682ed392783e034cbc6b20af2812dc62c3d027512efd135268c13c72311748"}, {"sample": "230411-x7wk4seg76", "created": "2023-04-11 19:30:13.184718 +0000 +0000", "kind": "file", "filename": "ram.ps1", "tags": "", "score": 6, "sha256": "51a4b7820905ac7f580455427f5b87cd81ac36975d89b5b4f0af09800f6b2352"}, {"sample": "230411-x5gn6seg45", "created": "2023-04-11 19:26:01.178977 +0000 +0000", "kind": "file", "filename": "1.ps1", "tags": "", "score": 10, "sha256": "b1433e975626edfe29c5938e834afe4c6c2140bf5a89cdb5f99e6f5179ed22c1"}, {"sample": "230411-x4wrpseg27", "created": "2023-04-11 19:24:59.344522 +0000 +0000", "kind": "file", "filename": "ran.ps1", "tags": "", "score": 1, "sha256": "7200b85e1ca4ab659aca21fd0056c0a6be5e433789f065a912afe969c72e6024"}, {"sample": "230411-whsmgseb33", "created": "2023-04-11 17:55:41.855942 +0000 +0000", "kind": "file", "filename": "Hjkjhgue.ps1", "tags": "family:agenttesla,collection,keylogger,spyware,stealer,trojan", "score": 10, "sha256": "5cdf24e3526a5ff62b5281fafff7a2ebf2f6325b7e8d617fd851b10d180a728f"}, {"sample": "230411-p5vl2ace34", "created": "2023-04-11 12:55:12.493033 +0000 +0000", "kind": "file", "filename": "service.ps1", "tags": "family:asyncrat,botnet:default,evasion,rat", "score": 10, "sha256": "22fb82376f7345ed9532fd16e90867627a6b338bcf20cb9f454ab3596a599076"}, {"sample": "230411-p5kf3ace33", "created": "2023-04-11 12:54:42.41425 +0000 +0000", "kind": "file", "filename": "service.ps1", "tags": "", "score": 1, "sha256": "bb5631fe2c306420573863f4bc41f4c437d5754bce1dee42bf443a535cf78a2b"}, {"sample": "230411-p4t9wace27", "created": "2023-04-11 12:53:26.540978 +0000 +0000", "kind": "file", "filename": "service.ps1", "tags": "", "score": 1, "sha256": "f7973273b68ef8ae029c6b2d7e3834cce9330a4a7135cd66c2b30d8c5d515dbe"}, {"sample": "230411-pwx1sscd65", "created": "2023-04-11 12:41:21.270999 +0000 +0000", "kind": "file", "filename": "sus.ps1", "tags": "", "score": 1, "sha256": "0bc2a2621cea6f0dcf9dd5dcff37950129df6fb172ad8a527156a596f7f1a48d"}, {"sample": "230411-pwqlqacd64", "created": "2023-04-11 12:41:00.72851 +0000 +0000", "kind": "file", "filename": "service.ps1", "tags": "", "score": 1, "sha256": "18b017b315416bcd3363de24e78653cbcad272e942df8a892cc888fe7369b7d6"}, {"sample": "230411-pv82nseb2v", "created": "2023-04-11 12:40:09.320456 +0000 +0000", "kind": "file", "filename": "sus.ps1", "tags": "", "score": 1, "sha256": "aa2cc80459691a2ddde2ccb57d2c439576eac7aaa6f4e51a9635e4a97308d687"}, {"sample": "230411-pgln8aea6y", "created": "2023-04-11 12:18:04.479127 +0000 +0000", "kind": "file", "filename": "service.ps1", "tags": "", "score": 10, "sha256": "748def9cd4627b0e19cdd95ea7629c865b14526ebb66d95646aad90bf823fc66"}, {"sample": "230411-pfrh3scc84", "created": "2023-04-11 12:16:34.998422 +0000 +0000", "kind": "file", "filename": "service.ps1", "tags": "family:asyncrat,botnet:default,evasion,rat", "score": 10, "sha256": "748def9cd4627b0e19cdd95ea7629c865b14526ebb66d95646aad90bf823fc66"}, {"sample": "230411-mfe4yade5z", "created": "2023-04-11 10:24:10.599192 +0000 +0000", "kind": "file", "filename": "6_Good_for_All.ps1", "tags": "", "score": 1, "sha256": "1bd1248cc179cd7dbe989fc5c41374bed22108585240777ec6f0b67935ce723c"}, {"sample": "230411-dy2k8aab79", "created": "2023-04-11 03:25:48.795177 +0000 +0000", "kind": "file", "filename": "stage1.ps1", "tags": "", "score": 8, "sha256": "170d4801dbfd7d0933467b7a309240d943b57a106e8e7bbf8283d7fa379089a1"}, {"sample": "230411-cd967ahh55", "created": "2023-04-11 01:58:50.884836 +0000 +0000", "kind": "file", "filename": "file.ps1", "tags": "", "score": 1, "sha256": "0dd76927002b06835fe836d4cef2582c66d041c20bd2a9ea555f47f0f5cb7dfb"}, {"sample": "230410-3qwsfaag9v", "created": "2023-04-10 23:43:38.75837 +0000 +0000", "kind": "file", "filename": "ransom.ps1", "tags": "", "score": 1, "sha256": "daef062c241fb8b9f19ec13f89d012758c4ab9e08c717265997848244afc5497"}, {"sample": "230410-3nlvfsag8w", "created": "2023-04-10 23:39:39.099962 +0000 +0000", "kind": "file", "filename": "ransom.ps1", "tags": "", "score": 1, "sha256": "daef062c241fb8b9f19ec13f89d012758c4ab9e08c717265997848244afc5497"}, {"sample": "230410-3mjcyahc25", "created": "2023-04-10 23:37:46.157269 +0000 +0000", "kind": "file", "filename": "ransom.ps1", "tags": "", "score": 1, "sha256": "daef062c241fb8b9f19ec13f89d012758c4ab9e08c717265997848244afc5497"}, {"sample": "230410-zylewsgc58", "created": "2023-04-10 21:07:35.399247 +0000 +0000", "kind": "file", "filename": "curriculum-vitae.ps1", "tags": "persistence", "score": 8, "sha256": "fe7cb8c1815c852f80b6d439dedefc3879033c85d43de910d1b99708e397b4fc"}, {"sample": "230410-znvktagc25", "created": "2023-04-10 20:52:18.85354 +0000 +0000", "kind": "file", "filename": "rt.php.ps1", "tags": "family:netsupport,persistence,rat", "score": 10, "sha256": "26a5be25817c17f7233b7e3f3f9e1f40ebcf42b0b7dbec51827d232cab8da60c"}, {"sample": "230410-qlzx3sbc7w", "created": "2023-04-10 13:21:39.770055 +0000 +0000", "kind": "file", "filename": "mas.ps1", "tags": "", "score": 8, "sha256": "f55369c6d50c5a57c0a54c0d1a1560c0601e17f08d64f94a0fea9eed9768beae"}, {"sample": "230409-qjtnaabb68", "created": "2023-04-09 13:17:52.475986 +0000 +0000", "kind": "file", "filename": "file.ps1", "tags": "", "score": 1, "sha256": "853552798efeada0d13b7cd8328658009305d77b0c1e7510e6f710adf5d19a3f"}, {"sample": "230409-qf1bnach8y", "created": "2023-04-09 13:12:56.493628 +0000 +0000", "kind": "file", "filename": "trigger.ps1", "tags": "", "score": 1, "sha256": "853552798efeada0d13b7cd8328658009305d77b0c1e7510e6f710adf5d19a3f"}, {"sample": "230409-n9zacacf9v", "created": "2023-04-09 12:06:28.818415 +0000 +0000", "kind": "file", "filename": "b233401fa3aa35d06c9c52a4a78a903cf103f869881b7e4a6dfd10b9016be30e.ps1", "tags": "family:cobaltstrike,botnet:12345,backdoor,trojan", "score": 10, "sha256": "b233401fa3aa35d06c9c52a4a78a903cf103f869881b7e4a6dfd10b9016be30e"}, {"sample": "230409-a8mm9sgb64", "created": "2023-04-09 00:53:03.640983 +0000 +0000", "kind": "file", "filename": "245f38b4b8a25754bf6e630f8e2acf59.ps1", "tags": "family:cobaltstrike,botnet:206546002,backdoor,trojan", "score": 10, "sha256": "485263958f6879d443576f50cf7e10e48e8c05b2826ee175d28244f1aba991a4"}, {"sample": "230409-a4msgaaa3x", "created": "2023-04-09 00:46:04.009626 +0000 +0000", "kind": "file", "filename": "payload_1.ps1", "tags": "family:cobaltstrike,backdoor,trojan", "score": 10, "sha256": "7184b3f7a03f954afff9d967a7b6d0656f1b04a47ab39af495d373fc0f37c5b5"}, {"sample": "230408-1waq2shc9x", "created": "2023-04-08 21:59:29.593254 +0000 +0000", "kind": "file", "filename": "script.ps1", "tags": "", "score": 1, "sha256": "548f8cf3817fdf04bbd382fda50fc1679790bf2a9d22ddba3d7c6ea821358d60"}, {"sample": "230408-xd7raaef79", "created": "2023-04-08 18:45:20.888231 +0000 +0000", "kind": "file", "filename": "trigger.ps1", "tags": "ransomware", "score": 10, "sha256": "40629145959cd05252bb4da657364c4f999a8e5f2d8f8fce02b3a2d2d3bd55e9"}, {"sample": "230408-xdn9yaef77", "created": "2023-04-08 18:44:26.537192 +0000 +0000", "kind": "file", "filename": "file.ps1", "tags": "", "score": 10, "sha256": "ae77ca1732c8631bf6636313e26e1dfaf5b428a93d3f26807752f1a1da0d0429"}, {"sample": "230408-w8la4aef64", "created": "2023-04-08 18:35:32.248234 +0000 +0000", "kind": "file", "filename": "file.ps1", "tags": "ransomware", "score": 10, "sha256": "778f2235d4dd123e3627c4f62ce2cf29ca0b9ca61b8b09e908249ddf42ca7646"}, {"sample": "230408-w5c6bage8t", "created": "2023-04-08 18:29:54.399987 +0000 +0000", "kind": "file", "filename": "file.ps1", "tags": "", "score": 1, "sha256": "189c2708b7601fde9674159b085e194bb2fb5775da05e518fccbb17f8c2c06cb"}, {"sample": "230408-wxp5xaee84", "created": "2023-04-08 18:18:16.362484 +0000 +0000", "kind": "file", "filename": "run.ps1", "tags": "persistence", "score": 6, "sha256": "189c2708b7601fde9674159b085e194bb2fb5775da05e518fccbb17f8c2c06cb"}, {"sample": "230408-wvh9ksge3s", "created": "2023-04-08 18:14:27.169738 +0000 +0000", "kind": "file", "filename": "target.ps1", "tags": "", "score": 4, "sha256": "c4ebd2f392d3dbea8c0ff927ed152b0ff9fe9cc99aad06728519f91f6e78c64d"}, {"sample": "230408-vbddjseb83", "created": "2023-04-08 16:48:33.022161 +0000 +0000", "kind": "file", "filename": "test.py.ps1", "tags": "", "score": 1, "sha256": "5af06530e86a08fbec05308348c85ad510d4d7a30342768c56079925336772ca"}, {"sample": "230408-tq6szaga3t", "created": "2023-04-08 16:16:44.944845 +0000 +0000", "kind": "file", "filename": "TestPS Possible Malicious.ps1", "tags": "", "score": 1, "sha256": "e07930dd79a4a62fa812c31b5d7057b9e56eec08c8728500168beee49b569de3"}, {"sample": "230408-k9rzgsef6t", "created": "2023-04-08 09:18:21.951046 +0000 +0000", "kind": "file", "filename": "encrypt.ps1", "tags": "", "score": 1, "sha256": "f1945cd6c19e56b3c1c78943ef5ec18116907a4ca1efc40a57d48ab1db7adfc5"}, {"sample": "230407-vfberahg68", "created": "2023-04-07 16:55:26.01823 +0000 +0000", "kind": "file", "filename": "playload.ps1.ps1", "tags": "", "score": 1, "sha256": "ba5b42e50b3b40e610f8d194b00f29016a1fd3933a3558eecc71b170fb8ffae3"}, {"sample": "230407-swclmsbe2y", "created": "2023-04-07 15:28:07.276482 +0000 +0000", "kind": "file", "filename": "target.ps1", "tags": "", "score": 10, "sha256": "6d31cbef48510ac6608c86976d312093385e180e4cd8582d2f2ab2a3fae82abb"}, {"sample": "230407-ss47gsbd9w", "created": "2023-04-07 15:24:13.282416 +0000 +0000", "kind": "file", "filename": "run.ps1", "tags": "", "score": 10, "sha256": "142790b7868f41f5b2ce3558947f98249bc61e36f205f415ee0a64f392c408f2"}, {"sample": "230407-q7vkgsbb9t", "created": "2023-04-07 13:54:37.795297 +0000 +0000", "kind": "file", "filename": "script.ps1", "tags": "", "score": 1, "sha256": "542bce4aff052501d5c6cc44b6075f8b908d428f4b1ce3baae88aaabdd1621f0"}, {"sample": "230407-lm6pssaf3w", "created": "2023-04-07 09:40:01.544768 +0000 +0000", "kind": "file", "filename": "Bin.ps1", "tags": "family:asyncrat,botnet:default,rat", "score": 10, "sha256": "8496bf8a930e877eb87792dae605614743f6e5c5887909091cf2c2eaa156d89a"}, {"sample": "230406-2wpewahe3w", "created": "2023-04-06 22:56:06.519998 +0000 +0000", "kind": "file", "filename": "payload_1.ps1", "tags": "family:cobaltstrike,backdoor,trojan", "score": 10, "sha256": "7184b3f7a03f954afff9d967a7b6d0656f1b04a47ab39af495d373fc0f37c5b5"}, {"sample": "230406-y5a23aha2v", "created": "2023-04-06 20:21:37.991497 +0000 +0000", "kind": "file", "filename": "heroscript2.ps1", "tags": "", "score": 1, "sha256": "6a86601d136adbebc980ad5b80f9f173508b032023b79a9be167dcd16d12de5a"}, {"sample": "230406-y22qlsgh9w", "created": "2023-04-06 20:17:41.452731 +0000 +0000", "kind": "file", "filename": "heroscript1.ps1", "tags": "", "score": 8, "sha256": "bf4a87ffc5893755ea724e95f509249e01f28ef4fc279ba729595014a3a127a6"}, {"sample": "230406-t5hdxsdh84", "created": "2023-04-06 16:38:17.383545 +0000 +0000", "kind": "file", "filename": "Cztek.ps1", "tags": "", "score": 8, "sha256": "06a1f39192168eaea850575e731ef92191b8335b63a26574d41f545b2a3c7b33"}, {"sample": "230406-tdjsnsdg42", "created": "2023-04-06 15:56:25.284629 +0000 +0000", "kind": "file", "filename": "__PSScriptPolicyTest_ieagrvcj.cqk.ps1", "tags": "", "score": 1, "sha256": "96ad1146eb96877eab5942ae0736b82d8b5e2039a80d3d6932665c1a4c87dcf7"}, {"sample": "230406-r7fxrsfd6s", "created": "2023-04-06 14:49:51.484343 +0000 +0000", "kind": "file", "filename": "rt.php.ps1", "tags": "family:netsupport,persistence,rat", "score": 10, "sha256": "61db612d265ff63a02b80436c1d437f4941bf1b8e5016381ab18ca3c528a99b0"}, {"sample": "230406-pz2hdsdb24", "created": "2023-04-06 12:46:47.262565 +0000 +0000", "kind": "file", "filename": "testv3_Compress&Send.ps1", "tags": "", "score": 8, "sha256": "92d62b58c199196643f306f1cdd3992bd37cbe7a25e6d68d49f7e798ad682631"}, {"sample": "230406-pygrlaeh81", "created": "2023-04-06 12:44:04.034295 +0000 +0000", "kind": "file", "filename": "testv3_Compress&Send.ps1", "tags": "", "score": 1, "sha256": "ca3c1653e0036300048347aca62511a973c3261b9726b1dc8903401fc3fbe353"}, {"sample": "230406-ndp2ssef6x", "created": "2023-04-06 11:17:05.730341 +0000 +0000", "kind": "file", "filename": "testv3_Compress&Send.ps1", "tags": "", "score": 8, "sha256": "4ae91e2922977702e9756e4d144651d40253bf3159f720f57acc2eb37c60ded6"}, {"sample": "230406-k5xdeacd35", "created": "2023-04-06 09:11:36.111362 +0000 +0000", "kind": "url", "filename": "https://hotgames.gg/genshin/get_wish_url.ps1", "tags": "", "score": 1, "sha256": ""}, {"sample": "230406-kw1z8scc94", "created": "2023-04-06 08:57:49.169163 +0000 +0000", "kind": "file", "filename": "Win8.ps1", "tags": "", "score": 8, "sha256": "fbcbef6b890886ecda6f4069cd46f8f72a6cc8c79c301bcaa3cf11913264b0d5"}, {"sample": "230405-wt3ltsgf42", "created": "2023-04-05 18:13:39.260237 +0000 +0000", "kind": "file", "filename": "testv3_Compress&Send.ps1", "tags": "", "score": 1, "sha256": "d439f2ba39d11111d5bbffcd19a51f809e63097fba036bec4341a505ab6627d0"}, {"sample": "230405-wphe4age76", "created": "2023-04-05 18:05:40.034589 +0000 +0000", "kind": "file", "filename": "testv2.ps1", "tags": "", "score": 1, "sha256": "6b7efd145202203bea4ee641864e124b2d880498b9f6e52df1aa039772022207"}, {"sample": "230405-wm4kjsaf6x", "created": "2023-04-05 18:03:13.791269 +0000 +0000", "kind": "file", "filename": "testv3_Compress&Send.ps1", "tags": "", "score": 1, "sha256": "cfcd7677adf76185c8ef551c823da141d5424b8c36e3eb342f835d9607e56786"}, {"sample": "230405-wkyarage45", "created": "2023-04-05 17:59:26.141337 +0000 +0000", "kind": "file", "filename": "testv3_Compress&Send.ps1", "tags": "", "score": 1, "sha256": "f3834f5e05c2d891ef0e4ced4bb0a48dc251f7a1d4d89076bc77aefe4553053c"}, {"sample": "230405-wgxj2sge23", "created": "2023-04-05 17:54:09.583757 +0000 +0000", "kind": "file", "filename": "testv3_Compress&Send.ps1", "tags": "", "score": 1, "sha256": "4e28c258dcc8875eda56a195c410a9b6e750b1ce5e909b578384bd9198f57d20"}, {"sample": "230405-wa727sgd82", "created": "2023-04-05 17:44:11.580985 +0000 +0000", "kind": "file", "filename": "testv3_Compress&Send.ps1", "tags": "", "score": 1, "sha256": "8544d59095bdf0c7af08c30b3e314e485e7deb6775a801d47e6fe146945b3867"}, {"sample": "230405-v8k5naae6w", "created": "2023-04-05 17:39:36.172631 +0000 +0000", "kind": "file", "filename": "testv3_Compress&Send.ps1", "tags": "", "score": 1, "sha256": "101c67d507ad8da7b8f4d1740ad4c53f1f876c184d7efaf0431a9e7f420e2f6d"}, {"sample": "230405-v544csgd65", "created": "2023-04-05 17:35:17.02203 +0000 +0000", "kind": "file", "filename": "testv3_Compress&Send.ps1", "tags": "", "score": 1, "sha256": "101c67d507ad8da7b8f4d1740ad4c53f1f876c184d7efaf0431a9e7f420e2f6d"}, {"sample": "230405-vpv6hsad4z", "created": "2023-04-05 17:10:23.012295 +0000 +0000", "kind": "file", "filename": "rt.php.ps1", "tags": "family:netsupport,persistence,rat", "score": 10, "sha256": "7de3a4b93782e2bdf4ceaecc590ec07ab005b4b241660952cbec02b95228e7d7"}, {"sample": "230405-vn74pagc82", "created": "2023-04-05 17:09:14.070828 +0000 +0000", "kind": "file", "filename": "testv3_Compress&Send.ps1", "tags": "", "score": 8, "sha256": "b3942af802eea1410ff9053d4f35d099d65d9b54470b7c4779fd5fb69705311b"}, {"sample": "230405-vlc6jagc59", "created": "2023-04-05 17:04:16.510708 +0000 +0000", "kind": "file", "filename": "testv3_Compress&Send.ps1", "tags": "", "score": 8, "sha256": "47399a37f217095d047a780c7e4c2a14c6232e362051d0cdb7ca35f62cd7c032"}, {"sample": "230405-pl5mwsef56", "created": "2023-04-05 12:25:59.338133 +0000 +0000", "kind": "file", "filename": "rt.php.ps1", "tags": "family:netsupport,persistence,rat", "score": 10, "sha256": "1ba518466ad724037913f650d6480063383321e9380a912533dbdd45c8759c2c"}, {"sample": "230405-pl2agagf3x", "created": "2023-04-05 12:25:48.263138 +0000 +0000", "kind": "file", "filename": "rt.php.ps1", "tags": "family:netsupport,persistence,rat", "score": 10, "sha256": "1ba518466ad724037913f650d6480063383321e9380a912533dbdd45c8759c2c"}, {"sample": "230405-pc8yysge71", "created": "2023-04-05 12:12:11.658106 +0000 +0000", "kind": "file", "filename": "CoreInstaller.ps1", "tags": "discovery", "score": 8, "sha256": "40ef01ad75aaef383647b7d7e504bc0031808e7548626d16843334b3d6b9a16a"}, {"sample": "230405-pcd4ksee77", "created": "2023-04-05 12:10:43.221461 +0000 +0000", "kind": "file", "filename": "CoreInstaller.ps1", "tags": "", "score": 1, "sha256": "40ef01ad75aaef383647b7d7e504bc0031808e7548626d16843334b3d6b9a16a"}, {"sample": "230405-nkakpagc8s", "created": "2023-04-05 11:26:50.525546 +0000 +0000", "kind": "url", "filename": "https://interalliance.org/come2/holme/folde/swiftcopy.ps1", "tags": "", "score": 1, "sha256": ""}, {"sample": "230405-gqzy7sea8t", "created": "2023-04-05 06:01:15.295148 +0000 +0000", "kind": "file", "filename": "a1.ps1", "tags": "", "score": 1, "sha256": "d928dc964a1ad28166075864fc67a9835d4455d72b8bc626dd255fe223ccbcf1"}, {"sample": "230405-gk2kvaca53", "created": "2023-04-05 05:52:36.388672 +0000 +0000", "kind": "file", "filename": "code.ps1", "tags": "family:xworm,persistence,rat,trojan", "score": 10, "sha256": "83ce46194d8b16b4a90eba47a988732716360c109a61bb086982e70eb02134c3"}, {"sample": "230405-ealersde6t", "created": "2023-04-05 03:44:15.566639 +0000 +0000", "kind": "file", "filename": "rt.php.ps1", "tags": "family:netsupport,persistence,rat", "score": 10, "sha256": "8260225437556d0d2bcf5cca453a2922ae1203ac4eb01f3829f42048439b4004"}, {"sample": "230404-2gf5ysad86", "created": "2023-04-04 22:32:59.615342 +0000 +0000", "kind": "file", "filename": "script.ps1", "tags": "", "score": 1, "sha256": "f8d591bf29b61390645076b615ae073445cd97d79bdf727877fc8ea60244c73f"}, {"sample": "230404-2evkkaad74", "created": "2023-04-04 22:30:10.311186 +0000 +0000", "kind": "file", "filename": "script.ps1", "tags": "", "score": 1, "sha256": "f8d591bf29b61390645076b615ae073445cd97d79bdf727877fc8ea60244c73f"}, {"sample": "230404-xd722shc85", "created": "2023-04-04 18:45:21.411265 +0000 +0000", "kind": "file", "filename": "Win8.ps1", "tags": "", "score": 8, "sha256": "fbcbef6b890886ecda6f4069cd46f8f72a6cc8c79c301bcaa3cf11913264b0d5"}, {"sample": "230404-xcfw6shc76", "created": "2023-04-04 18:42:17.433225 +0000 +0000", "kind": "file", "filename": "Win10.ps1", "tags": "", "score": 8, "sha256": "42b55605debe40a239be37ac9f629a4a76567aed6a10da1e4015565096b067c1"}, {"sample": "230404-vnhtssaf5z", "created": "2023-04-04 17:08:01.890912 +0000 +0000", "kind": "file", "filename": "plan.ps1", "tags": "", "score": 1, "sha256": "de1b6aaf5483e598ec55a01b9bf3651e8c3c519f444ff0e983d9c8faf3f85c32"}, {"sample": "230404-vmh36sgg74", "created": "2023-04-04 17:06:17.454715 +0000 +0000", "kind": "file", "filename": "install.ps1", "tags": "", "score": 1, "sha256": "20f7156a4098c8404f7d48e04145e57ef74d8c968dc9b56db2c2f68307e89d9d"}, {"sample": "230404-szsr2agc73", "created": "2023-04-04 15:34:08.485186 +0000 +0000", "kind": "file", "filename": "3u.ps1", "tags": "family:bumblebee,botnet:tr23103,trojan", "score": 10, "sha256": "54f28031ae6742e825a113b0437db1d0d16bec6668629bc5bbe656446ce45db1"}, {"sample": "230404-rxxsjahe5z", "created": "2023-04-04 14:34:56.173132 +0000 +0000", "kind": "file", "filename": "ch44.ps1", "tags": "", "score": 1, "sha256": "1a255f9da1756d65b3ca710061a484be2b8181c96561d298c3082a17a6783303"}, {"sample": "230404-lhl5lafh51", "created": "2023-04-04 09:32:04.733339 +0000 +0000", "kind": "file", "filename": "529f38_6521c5ccbd8d46acb81ce3eb5cc3cc56.ps1", "tags": "", "score": 7, "sha256": "1b5ec95836cd52efa853ba3fa76d0849e4094b32048952a7ac0676d34f251776"}, {"sample": "230404-k6dyfsfg8s", "created": "2023-04-04 09:12:27.826664 +0000 +0000", "kind": "file", "filename": "note3.ps1", "tags": "family:asyncrat,botnet:ramdankarem,rat", "score": 10, "sha256": "c25240f9e755fa7f90d152ca9005d8aac3d98e182f5a15a34e91f3b9310fbd17"}, {"sample": "230404-kanssadg34", "created": "2023-04-04 08:24:00.230206 +0000 +0000", "kind": "file", "filename": "529f38_6521c5ccbd8d46acb81ce3eb5cc3cc56.ps1", "tags": "", "score": 7, "sha256": "1b5ec95836cd52efa853ba3fa76d0849e4094b32048952a7ac0676d34f251776"}, {"sample": "230404-h11txsfc8z", "created": "2023-04-04 07:12:57.538239 +0000 +0000", "kind": "file", "filename": "O365UserLoginHistory.ps1", "tags": "", "score": 8, "sha256": "723ea6cdf0763f124f202380f5436f44100d5ae63ad00604f3c2c9ee6b7b30ad"}, {"sample": "230404-htzy2sdd92", "created": "2023-04-04 07:02:25.7303 +0000 +0000", "kind": "file", "filename": "code.ps1", "tags": "", "score": 1, "sha256": "95a0316c3a89e5fb1824447591dfa1c9fa08ea2a06567fb63e923d73838a0596"}, {"sample": "230404-crgrsscd87", "created": "2023-04-04 02:18:25.019575 +0000 +0000", "kind": "file", "filename": "10217f8ba9a476b857735740263c71339bb4d9b3b0bee4a89ce48110e919f3ed.ps1", "tags": "family:agenttesla,collection,keylogger,persistence,spyware,stealer,trojan", "score": 10, "sha256": "10217f8ba9a476b857735740263c71339bb4d9b3b0bee4a89ce48110e919f3ed"}, {"sample": "230404-cm8pqaeb8s", "created": "2023-04-04 02:12:44.048273 +0000 +0000", "kind": "file", "filename": "note.ps1", "tags": "", "score": 5, "sha256": "c4388cabbf101abb5cd540d37d6be008df787f1b5e0e92af5ce819a54bc900ab"}, {"sample": "230404-cl65hacd67", "created": "2023-04-04 02:10:54.029617 +0000 +0000", "kind": "file", "filename": "154d8f0698587983d3546dc18bef52f459e56f94d5a51e1cb894f052318fa0f2.ps1", "tags": "family:asyncrat,botnet:bypass,rat", "score": 10, "sha256": "154d8f0698587983d3546dc18bef52f459e56f94d5a51e1cb894f052318fa0f2"}, {"sample": "230404-chabcseb6v", "created": "2023-04-04 02:04:05.154374 +0000 +0000", "kind": "file", "filename": "84dbd6ec8da76543febdcadfd7021992b1b1f95ac11327517795b621a6b183d4.ps1", "tags": "family:snakekeylogger,collection,keylogger,persistence,stealer", "score": 10, "sha256": "84dbd6ec8da76543febdcadfd7021992b1b1f95ac11327517795b621a6b183d4"}, {"sample": "230403-14h3dsbd6z", "created": "2023-04-03 22:12:07.805885 +0000 +0000", "kind": "file", "filename": "script.ps1", "tags": "macos", "score": 1, "sha256": "01c93128cc7e169bbb2b7e88b52a6d3297d311131d30fba45f4078c87d880543"}, {"sample": "230403-1w8yvahb4v", "created": "2023-04-03 22:01:08.147127 +0000 +0000", "kind": "file", "filename": "cs.ps1", "tags": "family:cobaltstrike,botnet:100000,backdoor,trojan", "score": 10, "sha256": "5c3fc55388967216e5eda977151f0f85c5456124c4e98b08b0bafd83f4d023ff"}, {"sample": "230403-t5rycsfh66", "created": "2023-04-03 16:38:45.069816 +0000 +0000", "kind": "file", "filename": "out.ps1", "tags": "", "score": 8, "sha256": "764d6954b2cf1311481aa4e765a80bb2ad24c0b1b6cb74111d7bb671833d73d9"}, {"sample": "230403-tb19yafg25", "created": "2023-04-03 15:53:46.34988 +0000 +0000", "kind": "file", "filename": "code.ps1", "tags": "", "score": 8, "sha256": "0f85c95c4523ebdc36170b40983b8b87d13b7d9cc0d6fc07833f0d7eac753509"}, {"sample": "230403-rsnztsgh7w", "created": "2023-04-03 14:27:31.456347 +0000 +0000", "kind": "file", "filename": "file01.ps1", "tags": "", "score": 1, "sha256": "e948b5c45df931e0f2ca2717d792aee46be13586ce2379b573878d4a3656302e"}, {"sample": "230403-mmn1esff2v", "created": "2023-04-03 10:35:05.076144 +0000 +0000", "kind": "file", "filename": "Microsoft.ps1", "tags": "family:asyncrat,botnet:us,rat", "score": 10, "sha256": "8501de3d3e0cb356f11439fc0425a60e8aefd8c24ed7015fffff4334d63e962b"}, {"sample": "230403-k2wmpsdg75", "created": "2023-04-03 09:06:19.744117 +0000 +0000", "kind": "file", "filename": "target.ps1", "tags": "", "score": 8, "sha256": "2488e14fe0e23e54122fc4db437233e80f6927a2d42092cd8363e6e672df3061"}, {"sample": "230403-dp1ybsce32", "created": "2023-04-03 03:11:47.955536 +0000 +0000", "kind": "file", "filename": "vir.ps1", "tags": "", "score": 1, "sha256": "18e8ab49b90eed2ac39d90318f74a03a17bc68e0f872df251722838c27e70040"}, {"sample": "230403-chsgyacc33", "created": "2023-04-03 02:04:58.906133 +0000 +0000", "kind": "file", "filename": "__PSScriptPolicyTest_w0dkg5r1.nv4.ps1", "tags": "macos", "score": 1, "sha256": "96ad1146eb96877eab5942ae0736b82d8b5e2039a80d3d6932665c1a4c87dcf7"}, {"sample": "230403-b69wfsde4s", "created": "2023-04-03 01:46:34.998803 +0000 +0000", "kind": "file", "filename": "script.ps1", "tags": "", "score": 7, "sha256": "36616b4fc14c59959a44b825ef69511eacc763f94d41a63d48b8f0d573de70ad"}, {"sample": "230402-zv5dlaaf83", "created": "2023-04-02 21:03:16.2419 +0000 +0000", "kind": "file", "filename": "signed_message.txt.ps1", "tags": "family:netsupport,persistence,rat", "score": 10, "sha256": "6ad2a84f1a13f3fa166729404786c758dd0f9a5379f1db3de514c09c15132c3d"}, {"sample": "230402-y4ph3abf91", "created": "2023-04-02 20:20:34.881152 +0000 +0000", "kind": "file", "filename": "926b426a5d246c666e3c05bb98566b2e.ps1", "tags": "family:netsupport,persistence,rat", "score": 10, "sha256": "eb7a7f9d8fde85d1ffeaaf7bc27a06129e431e1615f731acd71aeddc32c8359b"}, {"sample": "230402-t1y6waaf6w", "created": "2023-04-02 16:32:06.821175 +0000 +0000", "kind": "file", "filename": "Camnth.ps1", "tags": "", "score": 1, "sha256": "a874d111d07537b49f8801232dede4e859fcaf8f42cf633a16d3681563a29e53"}, {"sample": "230402-th96esae5t", "created": "2023-04-02 16:04:41.690972 +0000 +0000", "kind": "file", "filename": "koso.ps1", "tags": "", "score": 1, "sha256": "e92d9cf98abe2f1821e4c426d493fe3378661520e6f961e734258338fc5921d4"}, {"sample": "230402-tg87qsae4z", "created": "2023-04-02 16:02:53.673292 +0000 +0000", "kind": "file", "filename": "koso.exe.ps1", "tags": "", "score": 1, "sha256": "e92d9cf98abe2f1821e4c426d493fe3378661520e6f961e734258338fc5921d4"}, {"sample": "230402-s8e8ashb43", "created": "2023-04-02 15:47:29.258474 +0000 +0000", "kind": "file", "filename": "file01.ps1", "tags": "", "score": 1, "sha256": "f60dba63aab20275df8209e762418f742d83cdfb3909285cb7e7aa20a2e28a54"}, {"sample": "230402-s7sf8shb26", "created": "2023-04-02 15:46:21.92365 +0000 +0000", "kind": "file", "filename": "file01.ps1", "tags": "", "score": 1, "sha256": "f60dba63aab20275df8209e762418f742d83cdfb3909285cb7e7aa20a2e28a54"}, {"sample": "230402-q5tkeahh81", "created": "2023-04-02 13:51:04.111114 +0000 +0000", "kind": "file", "filename": "test.ps1", "tags": "", "score": 1, "sha256": "355b8698b1b42073ad3c25b330b83223a9ddcf65143522b2dae223aa95e58f03"}, {"sample": "230402-q3y24shh7z", "created": "2023-04-02 13:47:49.318618 +0000 +0000", "kind": "file", "filename": "test.ps1", "tags": "", "score": 1, "sha256": "534f8db246578387e5b95963e81777b23c2a10d201af5d17127d80a98a9c1258"}, {"sample": "230402-q2hnqshh7t", "created": "2023-04-02 13:45:17.152091 +0000 +0000", "kind": "file", "filename": "create.ps1", "tags": "", "score": 1, "sha256": "ec1e5a5f0f328bdec8c9ef4a5ada0aa6bdbc437c989bf7c457d45755562a490b"}, {"sample": "230402-qy9caagf28", "created": "2023-04-02 13:41:20.492738 +0000 +0000", "kind": "file", "filename": "test.ps1", "tags": "", "score": 1, "sha256": "f4a3df8f4cc1378ba1c76a567f862998b670e1d5b22ff592a7ff9b6ebcd5db10"}, {"sample": "230402-qw4c9ahh4x", "created": "2023-04-02 13:37:34.263951 +0000 +0000", "kind": "file", "filename": "test.ps1", "tags": "", "score": 1, "sha256": "c86987825b3c52a21d86a482a091090390922f9895f18c8be441e2a3c667dad7"}, {"sample": "230402-qtypzshh21", "created": "2023-04-02 13:33:49.588178 +0000 +0000", "kind": "file", "filename": "test.ps1", "tags": "", "score": 1, "sha256": "9856a82d4ea34b18077d62e6ac1c5440d2aad801281c8d70db823233307adf51"}, {"sample": "230402-qskfzage78", "created": "2023-04-02 13:31:24.190497 +0000 +0000", "kind": "file", "filename": "test.ps1", "tags": "", "score": 1, "sha256": "974201981d4f9b4acb696e25d13e7798e4539e65581d79b6c9451f0df9dd0629"}, {"sample": "230402-qp5yhahg8t", "created": "2023-04-02 13:27:10.487638 +0000 +0000", "kind": "file", "filename": "test.ps1", "tags": "", "score": 1, "sha256": "15895910edc39bf8227dd668ae3866f235589a801486b626f4e69c33bd8df34f"}, {"sample": "230402-qkt1fahg6w", "created": "2023-04-02 13:19:38.768489 +0000 +0000", "kind": "file", "filename": "test.ps1", "tags": "", "score": 1, "sha256": "130e14cccef6072bb44cac6c46df560e868775d713126a554b4618fe673df830"}, {"sample": "230402-qf7ezagd97", "created": "2023-04-02 13:13:16.43448 +0000 +0000", "kind": "file", "filename": "test.ps1", "tags": "", "score": 1, "sha256": "1bb59a98d3c1764a06f68f1a10197a2f618cbc302ec0ddb8406fc348871040b1"}, {"sample": "230402-gmlbmseh89", "created": "2023-04-02 05:55:19.247913 +0000 +0000", "kind": "file", "filename": "target.ps1", "tags": "", "score": 1, "sha256": "c6e613f7325e062b6a7a63ff4c511fc39c903199b517b3319bd21a4e02be830d"}, {"sample": "230401-3zaasseh5v", "created": "2023-04-01 23:56:33.607173 +0000 +0000", "kind": "file", "filename": "trigger.ps1", "tags": "", "score": 5, "sha256": "f60dba63aab20275df8209e762418f742d83cdfb3909285cb7e7aa20a2e28a54"}, {"sample": "230401-3a3k2sdd24", "created": "2023-04-01 23:19:29.060115 +0000 +0000", "kind": "file", "filename": "run.ps1", "tags": "", "score": 1, "sha256": "e92d9cf98abe2f1821e4c426d493fe3378661520e6f961e734258338fc5921d4"}, {"sample": "230401-28ca3sdc88", "created": "2023-04-01 23:14:43.515793 +0000 +0000", "kind": "file", "filename": "code.ps1", "tags": "", "score": 1, "sha256": "e92d9cf98abe2f1821e4c426d493fe3378661520e6f961e734258338fc5921d4"}, {"sample": "230401-yd7lyscc25", "created": "2023-04-01 19:41:15.985271 +0000 +0000", "kind": "file", "filename": "code.ps1", "tags": "", "score": 1, "sha256": "d46e9030e0a3fedbad481ca1d23d645ffc304c59eaff5197e870f27210869972"}, {"sample": "230401-ycymnade7s", "created": "2023-04-01 19:39:04.372481 +0000 +0000", "kind": "file", "filename": "file01.ps1", "tags": "", "score": 1, "sha256": "46927cc304e819ebbf87f61d073a8ed7e40c1b9c68ff2c9fc186fff20b1feef2"}, {"sample": "230401-yag7wscb77", "created": "2023-04-01 19:34:47.574407 +0000 +0000", "kind": "file", "filename": "code.ps1", "tags": "", "score": 1, "sha256": "e21e33aa81aff98455bc5d88aaf95ec8458b4323d3145a781823b2d6b2cf18bb"}, {"sample": "230401-x89jcscb67", "created": "2023-04-01 19:32:37.01577 +0000 +0000", "kind": "file", "filename": "file01.ps1", "tags": "", "score": 10, "sha256": "4427107c14a4d609a512d0858f44c17388a8a0eae4ab18fe099577f2e7f055ac"}, {"sample": "230401-x755jscb57", "created": "2023-04-01 19:30:41.216076 +0000 +0000", "kind": "file", "filename": "trigger.ps1", "tags": "persistence", "score": 8, "sha256": "4f1709b13df3b3a7af7761f7339df7cff9878fc0040b5d4d4fce4e49d5d4f791"}, {"sample": "230401-vrp3aabd43", "created": "2023-04-01 17:13:36.812437 +0000 +0000", "kind": "file", "filename": "target.ps1", "tags": "", "score": 3, "sha256": "b500b6ca387059eaa2f149819200e05cc995dd79cfbf05bfcaadeb3fe9bda276"}, {"sample": "230401-t2r4ysce7y", "created": "2023-04-01 16:33:31.855989 +0000 +0000", "kind": "file", "filename": "ADZP 20 Complex.ps1", "tags": "", "score": 1, "sha256": "888f689bd3cfb5b05e197553cc724af07624aea4aea232dbca66fbc518492683"}, {"sample": "230401-s26rnsah95", "created": "2023-04-01 15:38:17.370472 +0000 +0000", "kind": "file", "filename": "target.ps1", "tags": "", "score": 10, "sha256": "510f74a7a89d3b4342b24e16ce7a4ec06487faf5f206119de42c905e527feb4e"}, {"sample": "230401-s1cr7scc61", "created": "2023-04-01 15:35:06.994693 +0000 +0000", "kind": "file", "filename": "file01.ps1", "tags": "", "score": 4, "sha256": "2c4a5fb9fd8f38bbe7802af9deb44eb00065d653453beaaa1a146f4c19c2166c"}, {"sample": "230401-szynaacc6y", "created": "2023-04-01 15:34:24.699448 +0000 +0000", "kind": "file", "filename": "target.ps1", "tags": "", "score": 4, "sha256": "2c4a5fb9fd8f38bbe7802af9deb44eb00065d653453beaaa1a146f4c19c2166c"}, {"sample": "230401-sy2csaah76", "created": "2023-04-01 15:32:48.538326 +0000 +0000", "kind": "file", "filename": "file.ps1", "tags": "", "score": 4, "sha256": "5e2a6bb14fc8f9ca4484b8c8c20fe6b83752ef24d65d47f5b31404cac13afc78"}, {"sample": "230401-sxykhaah72", "created": "2023-04-01 15:30:54.694482 +0000 +0000", "kind": "file", "filename": "file.ps1", "tags": "", "score": 4, "sha256": "d660e655f55da931ae0429975833f114ad69406e39b77a62f73489a587b304d5"}, {"sample": "230401-swrqkacc5v", "created": "2023-04-01 15:28:50.832967 +0000 +0000", "kind": "file", "filename": "trigger.ps1", "tags": "", "score": 4, "sha256": "9a6c9ede7141472eac65db9ce8c906b4c4d0f9ab534cd3ea8b9f96738eab1e83"}, {"sample": "230401-strb1scc3w", "created": "2023-04-01 15:25:19.247044 +0000 +0000", "kind": "file", "filename": "run.ps1", "tags": "", "score": 10, "sha256": "4427107c14a4d609a512d0858f44c17388a8a0eae4ab18fe099577f2e7f055ac"}, {"sample": "230401-sp351sah23", "created": "2023-04-01 15:18:55.129314 +0000 +0000", "kind": "file", "filename": "code.ps1", "tags": "", "score": 1, "sha256": "4f1709b13df3b3a7af7761f7339df7cff9878fc0040b5d4d4fce4e49d5d4f791"}, {"sample": "230401-sl7n2acb8t", "created": "2023-04-01 15:13:52.318917 +0000 +0000", "kind": "file", "filename": "run.ps1", "tags": "", "score": 1, "sha256": "d46e9030e0a3fedbad481ca1d23d645ffc304c59eaff5197e870f27210869972"}, {"sample": "230401-sjpqfacb6t", "created": "2023-04-01 15:09:30.553349 +0000 +0000", "kind": "file", "filename": "run.ps1", "tags": "", "score": 1, "sha256": "1cba923e112229a057f8170bf735f552a0ba07ee114b2fa8482e2b33ed114b4f"}, {"sample": "230401-sg4ftaag49", "created": "2023-04-01 15:06:42.906422 +0000 +0000", "kind": "file", "filename": "file.ps1", "tags": "", "score": 1, "sha256": "878f51608a8ab261caa691707ba12ed45e11c871c01f2df85a7a5db241a1e6f2"}, {"sample": "230401-sdlftscb3x", "created": "2023-04-01 15:00:35.334584 +0000 +0000", "kind": "file", "filename": "file01.ps1", "tags": "persistence", "score": 6, "sha256": "46927cc304e819ebbf87f61d073a8ed7e40c1b9c68ff2c9fc186fff20b1feef2"}, {"sample": "230401-saz5taaf88", "created": "2023-04-01 14:56:02.355672 +0000 +0000", "kind": "file", "filename": "ERROR.ps1", "tags": "", "score": 1, "sha256": "30c089fffbba0530f1f0ffc9fafa631f6bf3384fa9f65be38c766e763c6662e3"}, {"sample": "230401-r7qrzaaf74", "created": "2023-04-01 14:50:20.708262 +0000 +0000", "kind": "file", "filename": "file.ps1", "tags": "persistence", "score": 6, "sha256": "e21e33aa81aff98455bc5d88aaf95ec8458b4323d3145a781823b2d6b2cf18bb"}, {"sample": "230401-r5ksyaaf59", "created": "2023-04-01 14:46:34.178517 +0000 +0000", "kind": "file", "filename": "script.ps1", "tags": "", "score": 1, "sha256": "0fb17d64a8568e16900fff01523c00fb97c40a02bdae4be21d073a6681f66801"}, {"sample": "230401-r4p19sca6v", "created": "2023-04-01 14:45:03.434753 +0000 +0000", "kind": "file", "filename": "run.ps1", "tags": "", "score": 1, "sha256": "7b637be6472858a1dab43c9db24bd8b30f282b61f4314b9c02ca2e3f3056ec3c"}, {"sample": "230401-qpjp9sac54", "created": "2023-04-01 13:26:07.419186 +0000 +0000", "kind": "file", "filename": "main.py.ps1", "tags": "", "score": 1, "sha256": "957e13c0732e48fd5496f935894dc93a9da7dcd5eb8ffea52646fdf178cda1d1"}, {"sample": "230401-kxavfaad8w", "created": "2023-04-01 08:58:18.95541 +0000 +0000", "kind": "file", "filename": "bruh.ps1.ps1", "tags": "", "score": 1, "sha256": "1d5cf66e8f3c731e7bdf3175fa5d41957cc198ff26f7e58eb78d7bd0a7c3e9d8"}, {"sample": "230401-fnc6zsga77", "created": "2023-04-01 05:00:45.907618 +0000 +0000", "kind": "file", "filename": "run.ps1", "tags": "", "score": 3, "sha256": "90fb8bd71bc1d69006ab467da2d6650c8a239c60cd09501707161df5a41086bd"}, {"sample": "230401-bcdadsgb7y", "created": "2023-04-01 00:59:35.731039 +0000 +0000", "kind": "file", "filename": "run.ps1", "tags": "", "score": 1, "sha256": "cd0aa9856147b6c5b4ff2b7dfee5da20aa38253099ef1b4a64aced233c9afe29"}, {"sample": "230401-ahe6hafh9t", "created": "2023-04-01 00:12:30.484675 +0000 +0000", "kind": "file", "filename": "script.ps1", "tags": "", "score": 8, "sha256": "a08f454cf7acc9dd6c0cab691612f3364df7884acedc307ee96fb96edd6f5c96"}, {"sample": "230401-ad1awaef34", "created": "2023-04-01 00:06:30.078271 +0000 +0000", "kind": "file", "filename": "file01.ps1", "tags": "family:agenttesla,keylogger,spyware,stealer,trojan", "score": 10, "sha256": "a08f454cf7acc9dd6c0cab691612f3364df7884acedc307ee96fb96edd6f5c96"}, {"sample": "230401-abkgmsfh6x", "created": "2023-04-01 00:02:15.018236 +0000 +0000", "kind": "file", "filename": "peepeepoopoo.ps1", "tags": "", "score": 8, "sha256": "ff988d6a5ab5ba9a5cb976a06ebb7b80e534096cde438813c15a41cb51afe70a"}, {"sample": "230331-31r71afh5w", "created": "2023-03-31 23:59:10.737724 +0000 +0000", "kind": "file", "filename": "file.ps1", "tags": "", "score": 1, "sha256": "de7d1b721a1e0632b7cf04edf5032c8ecffa9f9a08492152b926f1a5a7e765d7"}, {"sample": "230331-3w3syafh3t", "created": "2023-03-31 23:52:42.637287 +0000 +0000", "kind": "file", "filename": "target.ps1", "tags": "", "score": 8, "sha256": "b49f1980e2afab338b5f26d387dd02154c536d1cb690c9e7c47b6174db77e333"}, {"sample": "230331-3t3edsee53", "created": "2023-03-31 23:49:11.422057 +0000 +0000", "kind": "file", "filename": "target.ps1", "tags": "", "score": 8, "sha256": "f06206c58f9ad3d4a1aea0121b64a84c9a4d87aab9b02b6faaea1db2a584936c"}, {"sample": "230331-wlw43scc48", "created": "2023-03-31 18:01:07.679673 +0000 +0000", "kind": "file", "filename": "file.ps1", "tags": "", "score": 8, "sha256": "c33f58730effff58f7768a19ded3524954fb50067a069026b5869fa664624224"}, {"sample": "230331-wgnxxade7s", "created": "2023-03-31 17:53:44.896634 +0000 +0000", "kind": "file", "filename": "run.ps1", "tags": "", "score": 7, "sha256": "37fcb89231ec9dfcfdb5befe30ec43efaf3c36606e2ed058e164530f84025be0"}, {"sample": "230331-ty322sbf46", "created": "2023-03-31 16:28:49.548029 +0000 +0000", "kind": "file", "filename": "index.html.ps1", "tags": "", "score": 1, "sha256": "7e0374a033d4edc992ca75c534950951071d4d8f8b9c7ec8aa172268038bc44c"}, {"sample": "230331-szlcysce3x", "created": "2023-03-31 15:33:47.436703 +0000 +0000", "kind": "file", "filename": "rr.ps1", "tags": "family:redline,infostealer,stealer", "score": 10, "sha256": "1aa366cfcc9a3bf2b4db1e52e47d5b290f542e892243509a0e28bf29497cf731"}, {"sample": "230331-rxmbssce25", "created": "2023-03-31 14:34:25.919835 +0000 +0000", "kind": "file", "filename": "code.ps1", "tags": "", "score": 1, "sha256": "fd1cf608c65e0e693a3b2128916c7b654bf2afa88564832ef89437838aa4eccd"}, {"sample": "230330-x67xrafd7w", "created": "2023-03-30 19:29:02.811699 +0000 +0000", "kind": "file", "filename": "BaselineAwesomness.ps1", "tags": "", "score": 1, "sha256": "87e0da80c9d02fe3d0951d323fe2729f6f45c0258d564d9e0248a017a2808323"}, {"sample": "230330-x5x16afd6x", "created": "2023-03-30 19:26:48.632449 +0000 +0000", "kind": "file", "filename": "BaselineAwesomness.ps1", "tags": "", "score": 1, "sha256": "c1441b76c89e97a236b998900abd4f3369a76eb844ba2a2cd8f38365dac81680"}, {"sample": "230330-xl9wlsdh63", "created": "2023-03-30 18:57:41.344334 +0000 +0000", "kind": "file", "filename": "file.ps1", "tags": "", "score": 1, "sha256": "cd17a7a7c8d7f8e7cd0cf3fa4b0548b385a8e93b2408704781b90b91837e5082"}, {"sample": "230330-wjmsmafb5w", "created": "2023-03-30 17:57:10.076544 +0000 +0000", "kind": "url", "filename": "https://dl-cli.pstmn.io/install/win64.ps1", "tags": "", "score": 1, "sha256": ""}, {"sample": "230330-vjteqsde34", "created": "2023-03-30 17:01:33.206075 +0000 +0000", "kind": "url", "filename": "https://github.com/securethelogs/Keylogger/blob/master/Keylogger.ps1", "tags": "", "score": 1, "sha256": ""}, {"sample": "230330-vggyxsde25", "created": "2023-03-30 16:57:29.23987 +0000 +0000", "kind": "file", "filename": "asdf.ps1", "tags": "", "score": 10, "sha256": "dee24561f292fc7a06ab4d0ed625acd962f297e18b34fca71b734ade5d4eb9f8"}, {"sample": "230330-vdg5hsdd96", "created": "2023-03-30 16:52:15.323151 +0000 +0000", "kind": "file", "filename": "a.ps1.ps1", "tags": "", "score": 10, "sha256": "dee24561f292fc7a06ab4d0ed625acd962f297e18b34fca71b734ade5d4eb9f8"}, {"sample": "230330-garb5aba99", "created": "2023-03-30 05:36:22.655692 +0000 +0000", "kind": "file", "filename": "B0A4.ps1", "tags": "", "score": 8, "sha256": "b4814c8db16ecdd7904e81186715bf2a4b4ba28ef5853a41a8f59824f47f8f24"}, {"sample": "230330-f9e8gaba97", "created": "2023-03-30 05:34:04.380741 +0000 +0000", "kind": "file", "filename": "B0A4.ps1", "tags": "", "score": 8, "sha256": "b4814c8db16ecdd7904e81186715bf2a4b4ba28ef5853a41a8f59824f47f8f24"}, {"sample": "230330-aw5y3sca5z", "created": "2023-03-30 00:34:43.422289 +0000 +0000", "kind": "file", "filename": "ANQUAN.ps1", "tags": "family:cobaltstrike,backdoor,trojan", "score": 10, "sha256": "7cf3379bd4c558c88f9a6e7b5aa6cda3aa9ba4289148e8ca6b0b55f378cd612e"}, {"sample": "230330-awr28aca5x", "created": "2023-03-30 00:34:04.512971 +0000 +0000", "kind": "file", "filename": "ANQUAN.ps1", "tags": "family:cobaltstrike,backdoor,trojan", "score": 10, "sha256": "7cf3379bd4c558c88f9a6e7b5aa6cda3aa9ba4289148e8ca6b0b55f378cd612e"}, {"sample": "230329-s434kaae3w", "created": "2023-03-29 15:41:38.857628 +0000 +0000", "kind": "file", "filename": "audit_windows.ps1", "tags": "", "score": 8, "sha256": "6b89685fe81ae57c99784352ae66b65c79250169327e15c0e2dbe442133f364a"}, {"sample": "230329-havj8afa94", "created": "2023-03-29 06:32:28.148274 +0000 +0000", "kind": "url", "filename": "https://cdn.discordapp.com/attachments/1074318197513261129/1084708265688039464/6436345441.ps1", "tags": "", "score": 1, "sha256": ""}, {"sample": "230328-yf56xada83", "created": "2023-03-28 19:44:40.358201 +0000 +0000", "kind": "file", "filename": "target.ps1", "tags": "family:agenttesla,collection,keylogger,spyware,stealer,trojan", "score": 10, "sha256": "3a7fba21a90661e7e927fabfd8f1b792321707a3edf276d14a0f795b0f24cfe8"}, {"sample": "230328-yfph6ada79", "created": "2023-03-28 19:43:52.832889 +0000 +0000", "kind": "file", "filename": "target.ps1", "tags": "", "score": 1, "sha256": "a9c95bd79fb7ffabc7949583db6712dbfcb2609eb9de6e904a49e5ddcf18945e"}, {"sample": "230328-rp47msdb6s", "created": "2023-03-28 14:23:03.491369 +0000 +0000", "kind": "file", "filename": "xas.ps1", "tags": "family:remcos,botnet:remotehost,rat", "score": 10, "sha256": "ef7534cbfb9701ec011fa5354837d6504aa36631e67ee7e328e33e2b751ba413"}, {"sample": "230328-rmkefsdb4x", "created": "2023-03-28 14:18:35.234131 +0000 +0000", "kind": "file", "filename": "xas.ps1", "tags": "family:remcos,botnet:remotehost,rat", "score": 10, "sha256": "ef7534cbfb9701ec011fa5354837d6504aa36631e67ee7e328e33e2b751ba413"}, {"sample": "230328-ph3zwsce9v", "created": "2023-03-28 12:20:39.184822 +0000 +0000", "kind": "file", "filename": "GL.PS1.ps1", "tags": "", "score": 8, "sha256": "74e957d7f0163caf1a06bb336673f8fc3a4c8a41a0f7c03efac5de8193e982c5"}, {"sample": "230328-phex3ace8y", "created": "2023-03-28 12:19:30.568987 +0000 +0000", "kind": "file", "filename": "GootL.PS1.ps1", "tags": "", "score": 1, "sha256": "ec422df6e413a605e4fe0aa309e7d1c5fa193fa9487472ea6a82a1aa98cf3aee"}, {"sample": "230328-pgyzjsah87", "created": "2023-03-28 12:18:41.959457 +0000 +0000", "kind": "file", "filename": "gootloader.ps1.ps1", "tags": "", "score": 1, "sha256": "ec422df6e413a605e4fe0aa309e7d1c5fa193fa9487472ea6a82a1aa98cf3aee"}, {"sample": "230328-kdnxysbf3z", "created": "2023-03-28 08:29:15.498134 +0000 +0000", "kind": "file", "filename": "test.ps1.ps1", "tags": "", "score": 8, "sha256": "674cbdaf043ea64aaf412213021572eaf860e1a2111bf441b8edb67d1961a67c"}, {"sample": "230328-h567hahe88", "created": "2023-03-28 07:20:14.247103 +0000 +0000", "kind": "file", "filename": "win64.ps1", "tags": "", "score": 10, "sha256": "e8c4ec795a14587d3b3ce34b73eca090ea9d9957fb612300abc6239ec293eb26"}, {"sample": "230328-a2zz1sga94", "created": "2023-03-28 00:43:11.687143 +0000 +0000", "kind": "file", "filename": "forceupdate.ps1", "tags": "family:cobaltstrike,botnet:674054486,backdoor,trojan", "score": 10, "sha256": "dcc481b5bdd6f0d48d0e8d36d50404628f905b7ccb15ad844658669747c02bfa"}, {"sample": "230328-a1rx1shh6y", "created": "2023-03-28 00:41:03.98998 +0000 +0000", "kind": "file", "filename": "forceupdate.ps1", "tags": "family:cobaltstrike,botnet:674054486,backdoor,trojan", "score": 10, "sha256": "dcc481b5bdd6f0d48d0e8d36d50404628f905b7ccb15ad844658669747c02bfa"}, {"sample": "230327-v7m8mage9v", "created": "2023-03-27 17:37:58.39754 +0000 +0000", "kind": "file", "filename": "Install.ps1", "tags": "", "score": 7, "sha256": "dae48f18bfc178478f14156b49fb8024c599543ef564c47e31e19b56b468a51b"}, {"sample": "230327-swr2bsgb5v", "created": "2023-03-27 15:28:51.456248 +0000 +0000", "kind": "file", "filename": "6436345441.ps1", "tags": "", "score": 1, "sha256": "b19463cb9b847bdfc7dbf8133d9702d0a0ecc4175335c4a75db211e0196f84b3"}, {"sample": "230327-qvhedsdf65", "created": "2023-03-27 13:34:47.760559 +0000 +0000", "kind": "file", "filename": "__PSScriptPolicyTest_5olojzcm.1uu.ps1", "tags": "", "score": 1, "sha256": "96ad1146eb96877eab5942ae0736b82d8b5e2039a80d3d6932665c1a4c87dcf7"}, {"sample": "230327-nwzzqafd21", "created": "2023-03-27 11:45:32.738513 +0000 +0000", "kind": "file", "filename": "__PSScriptPolicyTest_5olojzcm.1uu.ps1", "tags": "", "score": 1, "sha256": "96ad1146eb96877eab5942ae0736b82d8b5e2039a80d3d6932665c1a4c87dcf7"}, {"sample": "230327-mpejrsda67", "created": "2023-03-27 10:38:07.388941 +0000 +0000", "kind": "file", "filename": "forceupdate.ps1", "tags": "family:cobaltstrike,botnet:674054486,backdoor,trojan", "score": 10, "sha256": "67f83398e4b96573dd999384827d0441f8b3face1e8395f5533c1d95e9c3cacd"}, {"sample": "230327-llke6seg7x", "created": "2023-03-27 09:37:13.376158 +0000 +0000", "kind": "file", "filename": "hello_pko.ps1", "tags": "", "score": 8, "sha256": "348718104819ada8cdd3b45ec99b9f61c19a6475f9d080fdae2aba21ace19e5d"}, {"sample": "230327-d1bsksbe34", "created": "2023-03-27 03:28:03.775525 +0000 +0000", "kind": "file", "filename": "Untitled-1.ps1", "tags": "", "score": 1, "sha256": "bbd6bbb6d37fcc6ce352f0b9762d13709661c36945cfb01cfef6f8811c31e248"}, {"sample": "230326-x2ny3shf92", "created": "2023-03-26 19:21:07.410845 +0000 +0000", "kind": "file", "filename": "__PSScriptPolicyTest_odwz5fq1.tjk.ps1", "tags": "", "score": 1, "sha256": "6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b"}, {"sample": "230326-xdh3xshe95", "created": "2023-03-26 18:44:09.055022 +0000 +0000", "kind": "file", "filename": "mal.ps1", "tags": "", "score": 5, "sha256": "1458c6d2ea733ba0b5bb86405d964e8100408fd81a9ca975ddb6d1e3c1d621dd"}, {"sample": "230326-qxd5raaf4s", "created": "2023-03-26 13:38:06.789123 +0000 +0000", "kind": "file", "filename": "debug2.ps1", "tags": "", "score": 8, "sha256": "2f8f6a0f1d7c9b1fb3f7162ba32a83e77e72d18c54c5da7f9086e3c31049df18"}, {"sample": "230326-qv8lksgf73", "created": "2023-03-26 13:36:03.696567 +0000 +0000", "kind": "file", "filename": "debug2.ps1", "tags": "", "score": 8, "sha256": "2f8f6a0f1d7c9b1fb3f7162ba32a83e77e72d18c54c5da7f9086e3c31049df18"}, {"sample": "230326-m849jagc63", "created": "2023-03-26 11:09:03.998618 +0000 +0000", "kind": "file", "filename": "Folina.ps1", "tags": "", "score": 10, "sha256": "ea37f37f24769bff5b02516545b4915cf8602d6d2271b07c4bd9a1d0bbff482e"}, {"sample": "230325-26enesgg2v", "created": "2023-03-25 23:11:21.646771 +0000 +0000", "kind": "file", "filename": "bigdoodoowader.ps1", "tags": "", "score": 1, "sha256": "3b226f73dba3792cb5ba255ec9f7abedab2da7339baf2853bbeee5d16025b3cd"}, {"sample": "230325-2j18xagf6x", "created": "2023-03-25 22:37:28.382322 +0000 +0000", "kind": "file", "filename": "downlaod.ps1", "tags": "", "score": 6, "sha256": "aa78b6f613d69f0eb9865c44afe3bbe8f39fdd9afa627e7cf14de91c068e1316"}, {"sample": "230325-19a9qsee97", "created": "2023-03-25 22:20:29.730613 +0000 +0000", "kind": "file", "filename": "website02815276.ps1", "tags": "", "score": 4, "sha256": "0e732378857c7b0ca4ab9daf3215d29ceb4d0fea3fcf5ab1bc8df701d06b9444"}, {"sample": "230325-1x9lrsge9s", "created": "2023-03-25 22:02:55.963791 +0000 +0000", "kind": "file", "filename": "website02815276.ps1", "tags": "", "score": 4, "sha256": "c386bcc1b67aad87f6a9aa8c813c1c592b72fab1e6ede4f25506636f39e13ecf"}, {"sample": "230325-1xpatsee47", "created": "2023-03-25 22:01:55.867747 +0000 +0000", "kind": "file", "filename": "website02815276.ps1", "tags": "", "score": 4, "sha256": "c386bcc1b67aad87f6a9aa8c813c1c592b72fab1e6ede4f25506636f39e13ecf"}, {"sample": "230325-v2fatsfg5y", "created": "2023-03-25 17:28:51.587387 +0000 +0000", "kind": "file", "filename": "test.ps1", "tags": "", "score": 1, "sha256": "8a580343d67dce4be0dd213190ab066fddb8138523bb078a0efff3e29c4b5e5a"}, {"sample": "230325-vzmbcsfg5t", "created": "2023-03-25 17:25:41.275719 +0000 +0000", "kind": "file", "filename": "test.ps1", "tags": "", "score": 1, "sha256": "8a580343d67dce4be0dd213190ab066fddb8138523bb078a0efff3e29c4b5e5a"}, {"sample": "230325-md5a2scc29", "created": "2023-03-25 10:21:53.224963 +0000 +0000", "kind": "file", "filename": "file01.ps1", "tags": "", "score": 1, "sha256": "0cdc8460b12357adf425ac6d4fa6e6b51f30a76654c71b44ed4e18cae7c8a6ae"}, {"sample": "230325-mcph7sed5t", "created": "2023-03-25 10:19:23.533242 +0000 +0000", "kind": "file", "filename": "run.ps1", "tags": "", "score": 1, "sha256": "0cdc8460b12357adf425ac6d4fa6e6b51f30a76654c71b44ed4e18cae7c8a6ae"}, {"sample": "230325-cbyqdacf7y", "created": "2023-03-25 01:54:46.948365 +0000 +0000", "kind": "file", "filename": "Optimize.ps1", "tags": "", "score": 1, "sha256": "5abb64631ca1ff9b8f5c5c4534da9993c71cc359e21b80b129a26a537c154ab7"}, {"sample": "230325-b9373sae64", "created": "2023-03-25 01:51:31.060228 +0000 +0000", "kind": "file", "filename": "Optimize.ps1", "tags": "evasion,ransomware", "score": 9, "sha256": "5abb64631ca1ff9b8f5c5c4534da9993c71cc359e21b80b129a26a537c154ab7"}, {"sample": "230324-zghyfahc34", "created": "2023-03-24 20:41:14.136377 +0000 +0000", "kind": "file", "filename": "Windows10DebloaterGUI.ps1", "tags": "", "score": 7, "sha256": "80ebb7f0d1992a20f8710d4a75b3756615a3729c11b3eb136e5b39aacccbcdbe"}, {"sample": "230324-zfqxnabd6s", "created": "2023-03-24 20:39:52.187717 +0000 +0000", "kind": "file", "filename": "Windows10DebloaterGUI.ps1", "tags": "", "score": 7, "sha256": "80ebb7f0d1992a20f8710d4a75b3756615a3729c11b3eb136e5b39aacccbcdbe"}, {"sample": "230324-zc5lmsbd4t", "created": "2023-03-24 20:35:19.952062 +0000 +0000", "kind": "file", "filename": "Windows10DebloaterGUI.ps1", "tags": "persistence", "score": 7, "sha256": "80ebb7f0d1992a20f8710d4a75b3756615a3729c11b3eb136e5b39aacccbcdbe"}, {"sample": "230324-mcj9gsfg3w", "created": "2023-03-24 10:19:09.734325 +0000 +0000", "kind": "url", "filename": "http://185.17.0.19/bypass.ps1", "tags": "family:xmrig,miner,persistence", "score": 10, "sha256": ""}, {"sample": "230324-lg5kjsdd44", "created": "2023-03-24 09:31:13.974635 +0000 +0000", "kind": "file", "filename": "malicious.ps1", "tags": "", "score": 10, "sha256": "3dcc31523d6ce5346e8f3ad660b630b54b5fe71a8098461edd5ccc3f2a671ab9"}, {"sample": "230324-j9j37sdb39", "created": "2023-03-24 08:22:03.030387 +0000 +0000", "kind": "file", "filename": "backdoor.ps1", "tags": "", "score": 1, "sha256": "a69f9c33f849dedd95803d455cb34470c497ccc0817ef1f1b53859fd320c9775"}, {"sample": "230324-h91khsfa4x", "created": "2023-03-24 07:26:54.993711 +0000 +0000", "kind": "file", "filename": "file01.ps1", "tags": "", "score": 1, "sha256": "4b0019070693eba3d7c49d9d7262058a99d7566a082ae48a96945716d15f0a88"}, {"sample": "230324-ams8xsda6z", "created": "2023-03-24 00:20:09.413239 +0000 +0000", "kind": "file", "filename": "cyberdrill.ps1", "tags": "", "score": 10, "sha256": "9edaa045dc625024afee6ac6fd532fdb27d6beb607588c326babdba0b439d602"}, {"sample": "230323-3qy8kaah44", "created": "2023-03-23 23:43:46.285855 +0000 +0000", "kind": "file", "filename": "cyberdrill.ps1", "tags": "", "score": 10, "sha256": "9edaa045dc625024afee6ac6fd532fdb27d6beb607588c326babdba0b439d602"}, {"sample": "230323-1mptlscc9v", "created": "2023-03-23 21:46:13.804104 +0000 +0000", "kind": "file", "filename": "8288a263db46e66e2b4ce9d425d40e245bd0d503546250dadeb86146929e2d8c.ps1", "tags": "", "score": 10, "sha256": "8288a263db46e66e2b4ce9d425d40e245bd0d503546250dadeb86146929e2d8c"}, {"sample": "230323-ysdmesbg81", "created": "2023-03-23 20:02:33.596191 +0000 +0000", "kind": "file", "filename": "terminations.ps1", "tags": "", "score": 1, "sha256": "fbb57047e049770b3cdf36324ab314d59f1bdf2dfea8e0fe8a0c74fc75f80643"}, {"sample": "230323-yphf7sbg6y", "created": "2023-03-23 19:57:31.257809 +0000 +0000", "kind": "file", "filename": "setup.ps1", "tags": "", "score": 1, "sha256": "0a84e1daa7e4a8111bbb4a23c04a99488aa2605cfd14ca4d9dad4f744e12013f"}, {"sample": "230323-sv6s4aae2w", "created": "2023-03-23 15:27:48.737753 +0000 +0000", "kind": "file", "filename": "win64.ps1", "tags": "", "score": 10, "sha256": "e8c4ec795a14587d3b3ce34b73eca090ea9d9957fb612300abc6239ec293eb26"}, {"sample": "230323-sdwlssad3y", "created": "2023-03-23 15:01:05.57069 +0000 +0000", "kind": "file", "filename": "4.ps1", "tags": "", "score": 1, "sha256": "8f2275d70c9594449bdade83d20e4c4115b9b2c93c7178518e3499a0fd342e27"}, {"sample": "230323-sab3zsgd69", "created": "2023-03-23 14:54:53.526767 +0000 +0000", "kind": "file", "filename": "test.ps1", "tags": "", "score": 8, "sha256": "72747073713363183db25e1d4fdb7c3c0fd6fe39ca217a5d41962887ebb8a291"}, {"sample": "230323-r617bagd46", "created": "2023-03-23 14:49:06.852782 +0000 +0000", "kind": "file", "filename": "5.ps1", "tags": "", "score": 10, "sha256": "8493b0e70b6179a76ee3f0e1df5cfaa2a5c4184a75873d8d44be97f8805c1858"}, {"sample": "230323-rzqr1agc92", "created": "2023-03-23 14:38:06.266521 +0000 +0000", "kind": "file", "filename": "3.ps1", "tags": "", "score": 1, "sha256": "aea4d741f1261a1e4a4048196e2787252b53e519a1e36b350672d0c00776043f"}, {"sample": "230323-ry5vjaab9x", "created": "2023-03-23 14:37:04.825871 +0000 +0000", "kind": "file", "filename": "2.ps1", "tags": "", "score": 1, "sha256": "9b03026e0b021b54cdee3d83cadbf8d204a79cc650a64ef91822322bbdb3d404"}, {"sample": "230323-rvpzxaab61", "created": "2023-03-23 14:31:04.13942 +0000 +0000", "kind": "file", "filename": "1.ps1", "tags": "", "score": 1, "sha256": "fc1f2cee53636f3eb5081a37193becb2df79e421922a33588690682b760149c0"}, {"sample": "230323-rcxl2aaa6z", "created": "2023-03-23 14:03:28.717322 +0000 +0000", "kind": "file", "filename": "System2[1].ps1", "tags": "", "score": 1, "sha256": "4d0c294d1346fa1d174c2293cbc625a285221b5d13e8c8c250d1fd8a7661f2b2"}, {"sample": "230323-ng1ygahc2s", "created": "2023-03-23 11:22:52.891741 +0000 +0000", "kind": "file", "filename": "test.ps1", "tags": "", "score": 8, "sha256": "72747073713363183db25e1d4fdb7c3c0fd6fe39ca217a5d41962887ebb8a291"}, {"sample": "230323-jn9rqsec86", "created": "2023-03-23 07:50:05.416481 +0000 +0000", "kind": "file", "filename": "__PSScriptPolicyTest_ngz3oqsw.l5i.ps1", "tags": "", "score": 1, "sha256": "96ad1146eb96877eab5942ae0736b82d8b5e2039a80d3d6932665c1a4c87dcf7"}, {"sample": "230322-z3bq9abd53", "created": "2023-03-22 21:14:06.713957 +0000 +0000", "kind": "file", "filename": "script.ps1", "tags": "", "score": 10, "sha256": "f46ae50d4a2ea185b6fd09bcf3fd7a0b79b2e4fc66e1ab23e110716b45bc32da"}, {"sample": "230322-z1rdxsdd2x", "created": "2023-03-22 21:11:21.385 +0000 +0000", "kind": "file", "filename": "script.ps1", "tags": "", "score": 10, "sha256": "92ecfa07fabdd1259979a414f315995ef903818c562bb07b03bc34dfca6aac55"}, {"sample": "230322-zvkn7abc94", "created": "2023-03-22 21:02:18.691478 +0000 +0000", "kind": "file", "filename": "script.ps1", "tags": "", "score": 10, "sha256": "94d9726aec75e84480d8b4d0d2ff6acdd209e2c2de3540a02a37155eef0036b6"}, {"sample": "230322-y1gdaaba86", "created": "2023-03-22 20:14:56.438494 +0000 +0000", "kind": "file", "filename": "code.ps1", "tags": "", "score": 1, "sha256": "c9b89cfb8b106eea8de9184dd6ba144c4e29f9176d8346a262e82e8719aefc7e"}, {"sample": "230322-yyasqada6v", "created": "2023-03-22 20:11:08.424988 +0000 +0000", "kind": "file", "filename": "script.ps1", "tags": "", "score": 1, "sha256": "b4d92cd9eea7abc44c813192ba37b7f241d88513f15e61d4badf498d068b40a5"}, {"sample": "230322-ycybwsah79", "created": "2023-03-22 19:39:03.607964 +0000 +0000", "kind": "file", "filename": "moos2.ps1", "tags": "family:asyncrat,botnet:cairo,persistence,rat", "score": 10, "sha256": "d623550382d57e1f3b8a521f00d4f05179da3073ac07d4ccaf4ced2999afc18b"}, {"sample": "230322-vbydqaca4v", "created": "2023-03-22 16:49:32.624567 +0000 +0000", "kind": "file", "filename": "invoice.txt.ps1", "tags": "family:netsupport,persistence,rat", "score": 10, "sha256": "8d76fd3a85e5ed34c65b358c92f2f7fb7454c3417131ef156e6f33d01463d4ee"}, {"sample": "230322-q9tqzaba8t", "created": "2023-03-22 13:58:04.638861 +0000 +0000", "kind": "file", "filename": "390Z21.ps1", "tags": "family:asyncrat,botnet:default,rat", "score": 10, "sha256": "c671d25e21e83929c1853e697f29b0e8ed3b69edc6add61d4d8b8bc2018afe14"}, {"sample": "230322-p4rhzsag5v", "created": "2023-03-22 12:53:17.131824 +0000 +0000", "kind": "file", "filename": "2.ps1", "tags": "", "score": 1, "sha256": "b98244f13b491ccb41828017621f45ef6460d551b1f32f0852dd044f19c1dc60"}, {"sample": "230322-nxhrtsge89", "created": "2023-03-22 11:46:27.09804 +0000 +0000", "kind": "file", "filename": "Bezaza.ps1", "tags": "", "score": 1, "sha256": "be4494e801b21f9d59855aff0bd71736b65ac54f1fc164263b394b05f2d11a77"}, {"sample": "230322-k4qt8sfh94", "created": "2023-03-22 09:09:33.495989 +0000 +0000", "kind": "file", "filename": "__PSScriptPolicyTest_rjiv1t30.kas.ps1", "tags": "", "score": 1, "sha256": "96ad1146eb96877eab5942ae0736b82d8b5e2039a80d3d6932665c1a4c87dcf7"}, {"sample": "230322-bg9t6aea58", "created": "2023-03-22 01:08:08.398155 +0000 +0000", "kind": "file", "filename": "hidden.ps1", "tags": "", "score": 3, "sha256": "fb0532f15c88262cc81f8039bb96aa4dcf45fc054b2bd198a3f76e5256b9c96a"}, {"sample": "230321-zm4gbsda99", "created": "2023-03-21 20:50:59.593685 +0000 +0000", "kind": "file", "filename": "note.ps1", "tags": "", "score": 7, "sha256": "156ec04cbb2925b4072ac2554bd5b79d48883f48bfbcef49c99fc1b27cd2a2a3"}, {"sample": "230321-xgxeqaee61", "created": "2023-03-21 18:50:04.946749 +0000 +0000", "kind": "file", "filename": "BDED.tmp.ps1", "tags": "", "score": 1, "sha256": "a9299a7089f724187668d0d7981753b3e2ecc5b97fb6297d0aad749658920af7"}, {"sample": "230321-xcrcxace67", "created": "2023-03-21 18:42:48.918395 +0000 +0000", "kind": "file", "filename": "HKLM_SOFTWARE_Hex-Rays SAZTrLO_PkWnFt03F3.ps1", "tags": "", "score": 8, "sha256": "ff55c5f88b531dcda7a8ed7220ca6a5db1eada8b392bb3963f1339b6df46aa71"}, {"sample": "230321-rsr2gsda2x", "created": "2023-03-21 14:27:41.699313 +0000 +0000", "kind": "file", "filename": "trigger.ps1", "tags": "", "score": 8, "sha256": "c304d09d544389d3cf8189c31626aa7f8cd0309af4633bf50f7f257410d68d0e"}, {"sample": "230321-mkmpkshg67", "created": "2023-03-21 10:31:31.391655 +0000 +0000", "kind": "file", "filename": "run.ps1", "tags": "", "score": 1, "sha256": "ad2cadb788ebed3b8f6864b84dd360fda23c950680047d0026448d631c0a2d18"}, {"sample": "230321-hsbvtshb49", "created": "2023-03-21 06:59:31.918922 +0000 +0000", "kind": "file", "filename": "__PSScriptPolicyTest_urcxeiqp.ab4.ps1", "tags": "", "score": 1, "sha256": "96ad1146eb96877eab5942ae0736b82d8b5e2039a80d3d6932665c1a4c87dcf7"}, {"sample": "230321-bbxyeagb24", "created": "2023-03-21 00:58:48.366293 +0000 +0000", "kind": "file", "filename": "test1.ps1", "tags": "", "score": 1, "sha256": "c788def0006f27e250b89044fd7955c15ef4ebac2f51f2227df0aebe74a2e567"}, {"sample": "230321-a9bmdsga98", "created": "2023-03-21 00:54:15.901538 +0000 +0000", "kind": "file", "filename": "test1.ps1", "tags": "", "score": 1, "sha256": "c788def0006f27e250b89044fd7955c15ef4ebac2f51f2227df0aebe74a2e567"}, {"sample": "230321-a5jr7saa51", "created": "2023-03-21 00:47:39.777255 +0000 +0000", "kind": "file", "filename": "test1.ps1", "tags": "", "score": 1, "sha256": "d3d45c3048f939ba70963a3b1c012fe2f8e394f142b57b7d703c71488d08cf6e"}, {"sample": "230321-a49x1aaa5y", "created": "2023-03-21 00:47:10.290655 +0000 +0000", "kind": "file", "filename": "test1.ps1", "tags": "", "score": 1, "sha256": "9e8fb302f8ebf842d1e3a9e4debe82730c88627351f6482038877d6b41bb1abe"}, {"sample": "230321-a4j2ksaa5w", "created": "2023-03-21 00:45:55.867144 +0000 +0000", "kind": "file", "filename": "test1.ps1", "tags": "", "score": 1, "sha256": "ae80396f2c1e6a288b14842ab73baa5f3fa9c1eb4ad543aa3316a5d215549bb5"}, {"sample": "230321-alnbaahh61", "created": "2023-03-21 00:18:08.691576 +0000 +0000", "kind": "file", "filename": "test1.ps1", "tags": "", "score": 1, "sha256": "ae80396f2c1e6a288b14842ab73baa5f3fa9c1eb4ad543aa3316a5d215549bb5"}, {"sample": "230321-ak7crshh6z", "created": "2023-03-21 00:17:19.483823 +0000 +0000", "kind": "file", "filename": "test1.ps1", "tags": "", "score": 1, "sha256": "166a9fdbb13d48d5f7da570cc03c9b7fa98fa705535892a18ac94f5f874de96e"}, {"sample": "230321-akmy5ahh6y", "created": "2023-03-21 00:16:22.121047 +0000 +0000", "kind": "file", "filename": "test1.ps1", "tags": "", "score": 1, "sha256": "93537dbc2c42e950dc184d2195ecf7455ad8b72f46a34d1cd3daee821629b7ee"}, {"sample": "230320-3qxdzafh32", "created": "2023-03-20 23:43:40.952985 +0000 +0000", "kind": "file", "filename": "test1.ps1", "tags": "", "score": 1, "sha256": "fc5c7312cdfc7262cd88092adecce4d2cfbb4428621977c6c13706f3c50bbc4d"}, {"sample": "230320-3qfq8ahg8y", "created": "2023-03-20 23:42:52.213106 +0000 +0000", "kind": "file", "filename": "test1.ps1", "tags": "", "score": 1, "sha256": "a5812b955252add1ff5fa6496f1393084c9632644cd544a12d36185994f6c378"}, {"sample": "230320-txh1gsgd9t", "created": "2023-03-20 16:26:05.312977 +0000 +0000", "kind": "file", "filename": "90AQ.ps1", "tags": "family:cobaltstrike,botnet:100000,backdoor,trojan", "score": 10, "sha256": "f404d26706ef08f01e7d08bd24e572c523085f2c07601390c42e64261bc6df98"}, {"sample": "230320-le8jescg44", "created": "2023-03-20 09:27:53.623273 +0000 +0000", "kind": "file", "filename": "ejem.ps1", "tags": "", "score": 1, "sha256": "d76e8292488699074815174d03bf32041a1aaaa77ba1ea2e0f7d9255569fd78e"}, {"sample": "230320-gwqygseb5v", "created": "2023-03-20 06:09:33.886359 +0000 +0000", "kind": "url", "filename": "http://61.97.188.42:8080/lr.ps1", "tags": "", "score": 1, "sha256": ""}, {"sample": "230320-gwcqvseb5t", "created": "2023-03-20 06:08:53.752239 +0000 +0000", "kind": "url", "filename": "http://61.97.188.42:8080/lr.ps1", "tags": "", "score": 1, "sha256": ""}, {"sample": "230320-esbchsbg48", "created": "2023-03-20 04:11:43.834297 +0000 +0000", "kind": "file", "filename": "file.ps1", "tags": "", "score": 1, "sha256": "0ceb83f5fa11a5cd714af2841885eef9dfcb2e9e85219c68898f6aee51f20824"}, {"sample": "230320-arhmzsch7v", "created": "2023-03-20 00:26:37.578828 +0000 +0000", "kind": "file", "filename": "file.ps1", "tags": "", "score": 3, "sha256": "61673e59f75343c9feb2a11865ab7ff6018c3f24eb8ad75e3a31b3b1ecbf8228"}, {"sample": "230319-15cxrsad33", "created": "2023-03-19 22:13:35.632862 +0000 +0000", "kind": "file", "filename": "cmd.bat.ps1", "tags": "", "score": 8, "sha256": "3570d02b1347c3dfd58d965f8a176687334e2462ec35fd6330305b2390c9d414"}, {"sample": "230319-11fsvscd4z", "created": "2023-03-19 22:06:45.606532 +0000 +0000", "kind": "file", "filename": "cmd.bat.ps1", "tags": "", "score": 1, "sha256": "221012910aa9c040deecda6d2e1e02bf4934f641b41b83a7cd9821cec0cc977a"}, {"sample": "230319-z5k3pscc2w", "created": "2023-03-19 21:18:03.899762 +0000 +0000", "kind": "file", "filename": "cmd.bat.ps1", "tags": "", "score": 8, "sha256": "42009618d204ffc8e81680d6547300d2b189d2d0c060b8619bfbdc6a1fc90849"}, {"sample": "230319-zszqbscb6z", "created": "2023-03-19 20:59:31.921748 +0000 +0000", "kind": "file", "filename": "cmd.bat.ps1", "tags": "discovery,exploit", "score": 8, "sha256": "ba1460c7db6d6b4ce1acdcd533a0c31ff6a58b79207e35a2fe8f4a02dbef1ad4"}, {"sample": "230319-zpfs2saa96", "created": "2023-03-19 20:53:21.202784 +0000 +0000", "kind": "file", "filename": "cmd.bat.ps1", "tags": "", "score": 1, "sha256": "85e9c2f7e592c5f999f4addb04daed50e0011fbf6776d60f40c176f6ffa80777"}, {"sample": "230319-zj6saacb4v", "created": "2023-03-19 20:45:52.073348 +0000 +0000", "kind": "file", "filename": "cmd.bat.ps1", "tags": "discovery,exploit", "score": 8, "sha256": "ed0494f83716766320067c65c2ef602086f36d540a97facf3bf9d55b894dde36"}, {"sample": "230319-zd2alsaa62", "created": "2023-03-19 20:36:53.01111 +0000 +0000", "kind": "file", "filename": "cmd.bat.ps1", "tags": "", "score": 1, "sha256": "681e24e6e283ef1a9af5f3f8388b10802660ea5a5e3d5723c673aca8ab75c250"}, {"sample": "230319-zcfbraaa55", "created": "2023-03-19 20:34:06.185498 +0000 +0000", "kind": "file", "filename": "cmd.bat.ps1", "tags": "", "score": 1, "sha256": "f596e9c0ea59bf160663f5f2eac88d48d0231783f03a9bacf97bb342543dd38b"}, {"sample": "230319-y95r8sca9w", "created": "2023-03-19 20:30:05.199094 +0000 +0000", "kind": "file", "filename": "cmd.bat.ps1", "tags": "", "score": 1, "sha256": "ca2699fdaa3a73161fefa1fa61843c4b5df4fbb440980c0b7132fe41ffb197aa"}, {"sample": "230319-y3a92shh96", "created": "2023-03-19 20:18:09.523347 +0000 +0000", "kind": "file", "filename": "cmd.bat.ps1", "tags": "", "score": 1, "sha256": "65d652e960b78c818d5ea52d3a049e531d77a096abe90e413f5642b9faf0719e"}, {"sample": "230319-yzz41ahh87", "created": "2023-03-19 20:14:06.12186 +0000 +0000", "kind": "file", "filename": "cmd.bat.ps1", "tags": "", "score": 1, "sha256": "a0f61738554563cef17048ac4192da4b0ea80d7576c2214e12c7177c3a4b511c"}, {"sample": "230319-p5d92sad9y", "created": "2023-03-19 12:54:25.753091 +0000 +0000", "kind": "file", "filename": "code.ps1", "tags": "", "score": 1, "sha256": "683ab54277afce849a20263b642b178e3f2a9a408d4cf08619b9616b5aca7e96"}, {"sample": "230319-p4h7lsad9t", "created": "2023-03-19 12:52:53.935916 +0000 +0000", "kind": "file", "filename": "code.ps1", "tags": "", "score": 1, "sha256": "683ab54277afce849a20263b642b178e3f2a9a408d4cf08619b9616b5aca7e96"}, {"sample": "230319-pz5j2sad8v", "created": "2023-03-19 12:46:57.73051 +0000 +0000", "kind": "file", "filename": "test.ps1", "tags": "", "score": 1, "sha256": "6d1cdcc79fd054295fcbfe1cf6b36a3a7efa2eebcbaa95bcd0bddf4840b35852"}, {"sample": "230319-jwexbshf5s", "created": "2023-03-19 08:00:51.152953 +0000 +0000", "kind": "file", "filename": "ps1mal.ps1", "tags": "", "score": 10, "sha256": "7816acd753fb3aa911c3c8fa8f23b3f99f19617ad96c6ce8f993e1c474cc0f83"}, {"sample": "230319-b64dnsge2z", "created": "2023-03-19 01:46:17.770797 +0000 +0000", "kind": "file", "filename": "emestart.ps1", "tags": "family:agenttesla,collection,keylogger,spyware,stealer,trojan", "score": 10, "sha256": "384300e185a9230be18f8833fdc7b5ee3c5b4771e5d8a58503a409367be3acfd"}, {"sample": "230318-bkfqgscg4w", "created": "2023-03-18 01:11:57.640452 +0000 +0000", "kind": "file", "filename": "cs.ps1", "tags": "", "score": 1, "sha256": "2f5b882160e5d653e8befd2210e7f94436482c343486106cf33dfe894c4d6c5d"}, {"sample": "230317-r515xsgg33", "created": "2023-03-17 14:47:21.814975 +0000 +0000", "kind": "file", "filename": "sample.ps1", "tags": "family:asyncrat,rat", "score": 10, "sha256": "100edfaab8ae8c336595eb9852a8f17f38be43e91a2fba2ac49c522e8891a40a"}, {"sample": "230317-ns6cbsaa51", "created": "2023-03-17 11:40:35.861233 +0000 +0000", "kind": "file", "filename": "cs.ps1", "tags": "family:cobaltstrike,family:metasploit,botnet:987654321,backdoor,trojan", "score": 10, "sha256": "da69111d0ba32fa46dfcf6dbb30d672d39bf5794951f5c4d69fb378eda4bd1ff"}, {"sample": "230317-nr99wsga56", "created": "2023-03-17 11:39:03.663328 +0000 +0000", "kind": "file", "filename": "cs.ps1", "tags": "family:cobaltstrike,family:metasploit,botnet:987654321,backdoor,trojan", "score": 10, "sha256": "da69111d0ba32fa46dfcf6dbb30d672d39bf5794951f5c4d69fb378eda4bd1ff"}, {"sample": "230317-nl5r8aga37", "created": "2023-03-17 11:30:04.472297 +0000 +0000", "kind": "file", "filename": "info.ps1", "tags": "", "score": 1, "sha256": "b72e2fb08b6d2863b4cf984fb2e89868527010a15e6d4689986b8d704ad63440"}, {"sample": "230317-cp6cdadg86", "created": "2023-03-17 02:16:06.330306 +0000 +0000", "kind": "file", "filename": "eryao7.ps1", "tags": "family:cobaltstrike,botnet:0,botnet:305419896,backdoor,trojan", "score": 10, "sha256": "8cf1e49c74fb05de954a6b70281f47e3cbd021108b0ee11f4a59667ff28bfee9"}, {"sample": "230317-cp5e3sfh7x", "created": "2023-03-17 02:16:03.198889 +0000 +0000", "kind": "file", "filename": "eryao7.ps1", "tags": "family:cobaltstrike,botnet:0,botnet:305419896,backdoor,trojan", "score": 10, "sha256": "8cf1e49c74fb05de954a6b70281f47e3cbd021108b0ee11f4a59667ff28bfee9"}, {"sample": "230317-ahqbgaff2z", "created": "2023-03-17 00:13:00.34421 +0000 +0000", "kind": "file", "filename": "file.ps1", "tags": "", "score": 1, "sha256": "050bf8b1a47252db44436327ec3877cc958028003e088cbf9dac5d7c2bed21e1"}, {"sample": "230316-xt26qsef9w", "created": "2023-03-16 19:09:33.424747 +0000 +0000", "kind": "file", "filename": "sourcefiletxt.ps1", "tags": "family:agenttesla,collection,keylogger,persistence,spyware,stealer,trojan", "score": 10, "sha256": "b14f5009ebffbc07b13e698567f47e37d6ced493c2efdfc4d3a56cc8c7498652"}, {"sample": "230316-xkwbtsef6s", "created": "2023-03-16 18:55:15.876351 +0000 +0000", "kind": "file", "filename": "boy1start.ps1", "tags": "family:snakekeylogger,collection,keylogger,stealer", "score": 10, "sha256": "f9fd9b8f43086a5c5f8b638e12c83d6732b344d78f6a7071c18a9a2fc28915c2"}, {"sample": "230316-w2mwcaee8s", "created": "2023-03-16 18:25:08.657989 +0000 +0000", "kind": "file", "filename": "blessed1.ps1", "tags": "family:snakekeylogger,collection,keylogger,persistence,stealer", "score": 10, "sha256": "3db43c5dc157dc3380f32a9814c1e590a1cb1fe0e9ba35706e56888de9230b4c"}, {"sample": "230316-w19nqacc59", "created": "2023-03-16 18:24:28.361849 +0000 +0000", "kind": "file", "filename": "CYEBRRULVISVNIVUDGZPTV.ps1", "tags": "family:snakekeylogger,collection,keylogger,stealer", "score": 10, "sha256": "3a0b71b1c003590b1eb5a0f5e5e1ccf5af14fca8a264ff1f01c153c2a3806e00"}, {"sample": "230316-wxw88aee6y", "created": "2023-03-16 18:18:36.114749 +0000 +0000", "kind": "file", "filename": "EnableAllTokenPrivs.ps1", "tags": "", "score": 1, "sha256": "303d8bfb40cda27d08a4d10308ef6d173cdbb7ad9f8e93755549e7517d042d97"}, {"sample": "230316-dnn75sba4s", "created": "2023-03-16 03:09:27.638362 +0000 +0000", "kind": "file", "filename": "ps.ps1.ps1", "tags": "", "score": 10, "sha256": "b7a827ff55e54ce951aeeb7830833f69f4b4643c864f0f0e7423845b6d9afd25"}, {"sample": "230315-3sft1afh79", "created": "2023-03-15 23:46:22.246117 +0000 +0000", "kind": "file", "filename": "Defender.psd1", "tags": "", "score": 1, "sha256": "432707c964b03969d2c3670782cb291f201d722ae93e0b29c6da5ab08c459a72"}, {"sample": "230315-1zgnrshg3v", "created": "2023-03-15 22:05:03.2243 +0000 +0000", "kind": "file", "filename": "1.ps1", "tags": "", "score": 1, "sha256": "6ff7a60c7cd8ffed318700dff453d3679adf27b11505f875d54e8afc33bb8465"}, {"sample": "230315-rawa7add87", "created": "2023-03-15 13:59:54.262501 +0000 +0000", "kind": "file", "filename": "bad.ps1", "tags": "family:asyncrat,botnet:[[[[[[[___bat___]]]]]]],rat", "score": 10, "sha256": "ae0ef6f7368de8b504832aadf49b703a40c30aba33a9077d77cec13ff7bb2ab0"}, {"sample": "230315-pddjfafb4y", "created": "2023-03-15 12:12:26.701061 +0000 +0000", "kind": "file", "filename": "n.ps1", "tags": "", "score": 8, "sha256": "6e8e2aaa62ec3d3605eef11a2a28b73fa6769eae49d86dc872676b36ccf6aee7"}, {"sample": "230315-jzfb9seb7y", "created": "2023-03-15 08:06:07.605914 +0000 +0000", "kind": "file", "filename": "sample.ps1", "tags": "", "score": 10, "sha256": "494aa32c7f1ea1a488911121bf23ff99ad9ce8356d9d5bb1b478524341a725da"}, {"sample": "230314-sefa7sab3y", "created": "2023-03-14 15:02:03.849083 +0000 +0000", "kind": "file", "filename": "target.ps1", "tags": "family:xmrig,miner", "score": 10, "sha256": "d0e87887634113f5ec352af6664f070f88f5e9f0db468327d3bef6756f5d4e50"}, {"sample": "230314-qd5tcsfd92", "created": "2023-03-14 13:09:41.711406 +0000 +0000", "kind": "file", "filename": "testencrypt.ps1", "tags": "", "score": 1, "sha256": "586dcf5756d84fa6ba230abd77e52d9b9c1f543ce64048abc1704092151eefd8"}, {"sample": "230314-jg1v9agc31", "created": "2023-03-14 07:39:10.747327 +0000 +0000", "kind": "file", "filename": "run.ps1", "tags": "", "score": 7, "sha256": "02b884007f0595744e64bbb71765fc0a70d85e1f7eba03e3516c9e52e3ad7a69"}, {"sample": "230314-jg1kgsgc3y", "created": "2023-03-14 07:39:09.606105 +0000 +0000", "kind": "file", "filename": "run.ps1", "tags": "discovery", "score": 8, "sha256": "02b884007f0595744e64bbb71765fc0a70d85e1f7eba03e3516c9e52e3ad7a69"}, {"sample": "230314-jgk5sseb63", "created": "2023-03-14 07:38:25.190584 +0000 +0000", "kind": "file", "filename": "code.ps1", "tags": "", "score": 3, "sha256": "95558fe74c0f5dee55a0c4a3074047a72215791847bba722a1c3f8280c3514cc"}, {"sample": "230314-jghpnsgc3t", "created": "2023-03-14 07:38:17.327545 +0000 +0000", "kind": "file", "filename": "code.ps1", "tags": "", "score": 3, "sha256": "95558fe74c0f5dee55a0c4a3074047a72215791847bba722a1c3f8280c3514cc"}, {"sample": "230314-jfqc5agc2x", "created": "2023-03-14 07:36:54.000287 +0000 +0000", "kind": "file", "filename": "run.ps1", "tags": "", "score": 7, "sha256": "02b884007f0595744e64bbb71765fc0a70d85e1f7eba03e3516c9e52e3ad7a69"}, {"sample": "230314-jfl1psgc2w", "created": "2023-03-14 07:36:43.935268 +0000 +0000", "kind": "file", "filename": "run.ps1", "tags": "", "score": 7, "sha256": "02b884007f0595744e64bbb71765fc0a70d85e1f7eba03e3516c9e52e3ad7a69"}, {"sample": "230314-ajwjwaeg2z", "created": "2023-03-14 00:15:02.436227 +0000 +0000", "kind": "file", "filename": "target.ps1", "tags": "family:xmrig,miner", "score": 10, "sha256": "b4ef69234b70661b600463d09128ef4dd522b4a68dae1ef9330f00b4932f83ee"}, {"sample": "230313-vkeb7sdd3x", "created": "2023-03-13 17:02:35.788357 +0000 +0000", "kind": "file", "filename": "wifi.ps1", "tags": "", "score": 1, "sha256": "92a1ae00b9de78f1446ffc566fd5db701cd992567315a7e7426dc1ac8b61438c"}, {"sample": "230313-sww1aaba32", "created": "2023-03-13 15:29:04.40572 +0000 +0000", "kind": "file", "filename": "eonhucc.jpg.ps1", "tags": "", "score": 8, "sha256": "643b8833390a8ad198ee567d39ed4253e06dd8a1b6aec1b2a23688b536707a62"}, {"sample": "230313-srbhsaah87", "created": "2023-03-13 15:21:04.692032 +0000 +0000", "kind": "file", "filename": "beacon.ps1", "tags": "family:cobaltstrike,backdoor,trojan", "score": 10, "sha256": "781bae13816d6f8097225b3af9dd3abdec0d40203c28d1b5ca916b3857fb0543"}, {"sample": "230313-sp9b2ada4y", "created": "2023-03-13 15:19:12.773463 +0000 +0000", "kind": "file", "filename": "beacon.ps1", "tags": "family:cobaltstrike,backdoor,trojan", "score": 10, "sha256": "781bae13816d6f8097225b3af9dd3abdec0d40203c28d1b5ca916b3857fb0543"}, {"sample": "230313-lpt4sabg6x", "created": "2023-03-13 09:42:56.181647 +0000 +0000", "kind": "file", "filename": "eryao7.ps1", "tags": "family:cobaltstrike,botnet:0,botnet:305419896,backdoor,trojan", "score": 10, "sha256": "988fc1896c09a10ceb4b77e9dd64e3797db0bfdffe3696f36de0210f5a6d5d80"}, {"sample": "230312-yabecafb53", "created": "2023-03-12 19:34:28.696776 +0000 +0000", "kind": "file", "filename": "currentScript.ps1", "tags": "", "score": 1, "sha256": "57d32cfcd4a25c366a125e6f8c2e6823a2a41b293d4a58605414d1a5f7ddf022"}, {"sample": "230312-n3jlbadg28", "created": "2023-03-12 11:55:14.671857 +0000 +0000", "kind": "file", "filename": "file.ps1", "tags": "", "score": 1, "sha256": "ba983ebd67da4d923a7568bf9a47be051c8281c1d2174df2fa2b716037e1186c"}, {"sample": "230312-eq3zracf49", "created": "2023-03-12 04:09:34.696278 +0000 +0000", "kind": "file", "filename": "code.ps1", "tags": "", "score": 1, "sha256": "85d77178974a69b4297c02d03d6d44568516b22a3b719c9cf49bf03142ab9b00"}, {"sample": "230311-tm8s6aad68", "created": "2023-03-11 16:11:36.248815 +0000 +0000", "kind": "file", "filename": "script.ps1", "tags": "", "score": 1, "sha256": "cb14b070aed42d309f6d8553258e04ad8cc22c2e52f92c4da2c49b6fce62a69e"}, {"sample": "230311-e966hsac7v", "created": "2023-03-11 04:39:27.089484 +0000 +0000", "kind": "file", "filename": "c0a129c69476534a654a0575a02da2d9596de225185d5c37a2a28e23ecb3d35a.ps1", "tags": "", "score": 3, "sha256": "c0a129c69476534a654a0575a02da2d9596de225185d5c37a2a28e23ecb3d35a"}, {"sample": "230311-d8r5jaab5w", "created": "2023-03-11 03:41:04.728416 +0000 +0000", "kind": "file", "filename": "payload.ps1", "tags": "", "score": 3, "sha256": "c0a129c69476534a654a0575a02da2d9596de225185d5c37a2a28e23ecb3d35a"}, {"sample": "230310-x56nasfa59", "created": "2023-03-10 19:27:13.299148 +0000 +0000", "kind": "file", "filename": "Hungryville.ps1", "tags": "", "score": 1, "sha256": "2946c1d02b78c4f0094f4257c329afe8868f8b722193ad61957bec51080f5b78"}, {"sample": "230310-x2e16sfa46", "created": "2023-03-10 19:20:41.450096 +0000 +0000", "kind": "file", "filename": "researchhawk.ps1", "tags": "", "score": 1, "sha256": "9dec2d36ac405bc24201a8594ece3d1d0aba71606cbcfaf2ccb89dde186a06db"}, {"sample": "230310-xys4mafa37", "created": "2023-03-10 19:16:06.009728 +0000 +0000", "kind": "file", "filename": "trigger.ps1", "tags": "", "score": 1, "sha256": "54d173bc09ce9adeb40f86c88404045cde0928132e65293e788fe4dbd64879ec"}, {"sample": "230310-shvkasga6w", "created": "2023-03-10 15:08:01.408105 +0000 +0000", "kind": "file", "filename": "M.ps1", "tags": "family:mimikatz", "score": 10, "sha256": "b9599a54e8a6e3d1bd4f3b4af6c8e638d9ef1ed33586ad4e2cb946256fc918ef"}, {"sample": "230310-sfz21aec33", "created": "2023-03-10 15:04:46.029517 +0000 +0000", "kind": "file", "filename": "M.ps1", "tags": "family:mimikatz", "score": 10, "sha256": "b9599a54e8a6e3d1bd4f3b4af6c8e638d9ef1ed33586ad4e2cb946256fc918ef"}, {"sample": "230310-sevqwsec29", "created": "2023-03-10 15:02:47.780176 +0000 +0000", "kind": "file", "filename": "__PSScriptPolicyTest_rzsioxhc.2p5.ps1", "tags": "", "score": 1, "sha256": "6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b"}, {"sample": "230310-rblhdaea54", "created": "2023-03-10 14:01:10.043494 +0000 +0000", "kind": "file", "filename": "script_conformit\u00c3\u00a9_BitLocker.ps1", "tags": "", "score": 1, "sha256": "19973b8305452fd2a0995f0510e2ed69a2f0d56701fb598b42935f4ab0888a9d"}, {"sample": "230310-ptb1jsfd9t", "created": "2023-03-10 12:36:49.656064 +0000 +0000", "kind": "file", "filename": "M.ps1", "tags": "", "score": 1, "sha256": "03734c658a78abf231503c8e79d8dd18baeaf723d71625fcc2e4417e601a0743"}, {"sample": "230310-lf16qsec5y", "created": "2023-03-10 09:29:17.150232 +0000 +0000", "kind": "file", "filename": "1.ps1", "tags": "", "score": 1, "sha256": "6d6bacea9fc6c08332b9a6f38e974030858987faf1ff04dd7c64a9d017932a3e"}, {"sample": "230309-ygy4zsbf2t", "created": "2023-03-09 19:46:05.132493 +0000 +0000", "kind": "file", "filename": "b8e7523347b990bd6094c8892ff055c3.ps1", "tags": "family:cobaltstrike,botnet:987654321,backdoor,trojan", "score": 10, "sha256": "09094ed7deb2b722d47c888b47bc8d71b33355e5052b6e42621e4e98642e7ea9"}, {"sample": "230309-x7s5zsbe51", "created": "2023-03-09 19:30:05.505499 +0000 +0000", "kind": "file", "filename": "beacon.ps1", "tags": "family:cobaltstrike,botnet:391144938,backdoor,trojan", "score": 10, "sha256": "26570ab9f442065765270e47672f1c486173fced5d1a4b32d4e4997fec9e58ad"}, {"sample": "230309-qelrwabd7w", "created": "2023-03-09 13:10:30.153344 +0000 +0000", "kind": "file", "filename": "__PSScriptPolicyTest_50ja22tv.eic.ps1", "tags": "", "score": 1, "sha256": "96ad1146eb96877eab5942ae0736b82d8b5e2039a80d3d6932665c1a4c87dcf7"}, {"sample": "230309-j93wbaac5z", "created": "2023-03-09 08:22:58.603034 +0000 +0000", "kind": "file", "filename": "code.ps1", "tags": "", "score": 10, "sha256": "a0b6552e4254f04e09380ff19b50406b604123173185abc68603c8447318b400"}, {"sample": "230309-jtyawsbc46", "created": "2023-03-09 07:58:15.183115 +0000 +0000", "kind": "file", "filename": "__PSScriptPolicyTest_ngydedkk.z3c.ps1", "tags": "", "score": 1, "sha256": "96ad1146eb96877eab5942ae0736b82d8b5e2039a80d3d6932665c1a4c87dcf7"}, {"sample": "230308-1zdbcagc8s", "created": "2023-03-08 22:04:52.685954 +0000 +0000", "kind": "file", "filename": "p.ps1", "tags": "", "score": 8, "sha256": "5a2366fb3d365e87f77a982d83eefb5054d50e8e73d2043979e5616c7071a458"}, {"sample": "230308-vqr59agb64", "created": "2023-03-08 17:11:58.825569 +0000 +0000", "kind": "file", "filename": "english.ps1", "tags": "family:bumblebee,botnet:0603cc,trojan", "score": 10, "sha256": "3cb26bbe24bf7d7f3e224efea1d244ed89b7305ad45a5804a26405ddc4ced73c"}, {"sample": "230308-nyzfzaff2w", "created": "2023-03-08 11:49:00.458039 +0000 +0000", "kind": "file", "filename": "1.ps1", "tags": "", "score": 1, "sha256": "6d6bacea9fc6c08332b9a6f38e974030858987faf1ff04dd7c64a9d017932a3e"}, {"sample": "230307-13488scd33", "created": "2023-03-07 22:11:25.456938 +0000 +0000", "kind": "file", "filename": "test.ps1.ps1", "tags": "", "score": 1, "sha256": "257053c63c3e543e2f133fa75714fadbbf34878a2faba691a8d277ae498f2731"}, {"sample": "230307-zqemdaca67", "created": "2023-03-07 20:55:02.386823 +0000 +0000", "kind": "file", "filename": "run.ps1", "tags": "", "score": 8, "sha256": "58f3b40ee97167124de1797cbea45a04786d66e4be9e1c401032724f62cdf6a9"}, {"sample": "230307-vkktzsac5w", "created": "2023-03-07 17:02:53.458967 +0000 +0000", "kind": "file", "filename": "N12.ps1", "tags": "", "score": 1, "sha256": "e82593f9e8006a9e0bef138bd07f5237b35e147639a507624d9a30a9209ad138"}, {"sample": "230307-gjjcwaha96", "created": "2023-03-07 05:49:58.01711 +0000 +0000", "kind": "file", "filename": "malware.ps1", "tags": "", "score": 1, "sha256": "dde348c40a549158d2ab1a2d3a37d82c8ea2209924ed65980024d0e823a03664"}, {"sample": "230306-x2tvbsea9s", "created": "2023-03-06 19:21:23.268843 +0000 +0000", "kind": "file", "filename": "__PSScriptPolicyTest_chmp3w4w.qce.ps1", "tags": "", "score": 1, "sha256": "96ad1146eb96877eab5942ae0736b82d8b5e2039a80d3d6932665c1a4c87dcf7"}, {"sample": "230306-xvc81aea7s", "created": "2023-03-06 19:10:06.89513 +0000 +0000", "kind": "file", "filename": "__PSScriptPolicyTest_a415y3yo.5xg.ps1", "tags": "", "score": 1, "sha256": "96ad1146eb96877eab5942ae0736b82d8b5e2039a80d3d6932665c1a4c87dcf7"}, {"sample": "230306-sthd4sda64", "created": "2023-03-06 15:24:53.173047 +0000 +0000", "kind": "file", "filename": "trigger.ps1", "tags": "", "score": 1, "sha256": "96fc6d06d89b7ec9541299b31e53a4d3563bbfbbad78368bee1eb3a96e1acbed"}, {"sample": "230306-smbb8acd5t", "created": "2023-03-06 15:14:04.191474 +0000 +0000", "kind": "file", "filename": "code.ps1", "tags": "", "score": 1, "sha256": "dc936558e1c70f6d56ccda577d3e45b8fad863dfed367dc82e0fcc24fe88f0a4"}, {"sample": "230306-mmv4qsbg86", "created": "2023-03-06 10:35:25.950984 +0000 +0000", "kind": "file", "filename": "d93edc46df154909b92ecc6728e6bcee0cd5d3ad428adfbd735ff4490e7a4cdf.ps1", "tags": "", "score": 8, "sha256": "d93edc46df154909b92ecc6728e6bcee0cd5d3ad428adfbd735ff4490e7a4cdf"}, {"sample": "230306-mmm35abg84", "created": "2023-03-06 10:35:02.413295 +0000 +0000", "kind": "file", "filename": "d93edc46df154909b92ecc6728e6bcee0cd5d3ad428adfbd735ff4490e7a4cdf.ps1", "tags": "", "score": 8, "sha256": "d93edc46df154909b92ecc6728e6bcee0cd5d3ad428adfbd735ff4490e7a4cdf"}, {"sample": "230305-y5fbsahd27", "created": "2023-03-05 20:21:51.99335 +0000 +0000", "kind": "file", "filename": "file01.ps1", "tags": "", "score": 1, "sha256": "a61c688db51f6cc97b92159542291db327a3c49fa9fa1bbd3436dc791ac1d599"}, {"sample": "230304-wa1ccsee75", "created": "2023-03-04 17:43:49.643858 +0000 +0000", "kind": "url", "filename": "http://80.71.158.96/xms.ps1", "tags": "", "score": 1, "sha256": ""}, {"sample": "230304-t65wlsdg2z", "created": "2023-03-04 16:41:09.789056 +0000 +0000", "kind": "file", "filename": "__PSScriptPolicyTest_1ydnh0nk.t1w.ps1", "tags": "", "score": 1, "sha256": "96ad1146eb96877eab5942ae0736b82d8b5e2039a80d3d6932665c1a4c87dcf7"}, {"sample": "230304-tzremsed72", "created": "2023-03-04 16:29:59.02649 +0000 +0000", "kind": "file", "filename": "__PSScriptPolicyTest_1ydnh0nk.t1w.ps1", "tags": "", "score": 1, "sha256": "96ad1146eb96877eab5942ae0736b82d8b5e2039a80d3d6932665c1a4c87dcf7"}, {"sample": "230303-w45h6sad2x", "created": "2023-03-03 18:29:29.66165 +0000 +0000", "kind": "file", "filename": "6fad3c387008f2b12d2e74c406e7c9b1e9a475dbd2bf6ca72f674787dd8485a0.ps1", "tags": "", "score": 8, "sha256": "6fad3c387008f2b12d2e74c406e7c9b1e9a475dbd2bf6ca72f674787dd8485a0"}, {"sample": "230303-wk9nsaac41", "created": "2023-03-03 18:00:00.188704 +0000 +0000", "kind": "file", "filename": "node.exe.ps1", "tags": "", "score": 1, "sha256": "34c3324fcb97941ecdd6a0f0c8dfa7c853f70a55844d2e9adc9bfadfe74724af"}, {"sample": "230303-nkdmcahc34", "created": "2023-03-03 11:27:00.463643 +0000 +0000", "kind": "url", "filename": "http://185.17.0.19/bypass.ps1", "tags": "", "score": 1, "sha256": ""}, {"sample": "230303-kvklvsgc4x", "created": "2023-03-03 08:55:17.683041 +0000 +0000", "kind": "file", "filename": "color.ps1", "tags": "family:bumblebee,botnet:lg0203,trojan", "score": 10, "sha256": "28d4ca9b8bbbad765a193c9df2a8841352a87c2f26b28a94e763709906ce073b"}, {"sample": "230303-a96sjaff29", "created": "2023-03-03 00:55:44.236078 +0000 +0000", "kind": "file", "filename": "run.ps1", "tags": "", "score": 1, "sha256": "3647dc456bab1030a9c9d99632933153e4779fff2db9c3f766f93b80bedd0477"}, {"sample": "230302-x2ny3sea4x", "created": "2023-03-02 19:21:07.233967 +0000 +0000", "kind": "url", "filename": "https://raw.githubusercontent.com/S3cur3Th1sSh1t/PowerSharpPack/master/PowerSharpPack.ps1", "tags": "", "score": 4, "sha256": ""}, {"sample": "230302-w3wvmseb85", "created": "2023-03-02 18:27:19.280448 +0000 +0000", "kind": "file", "filename": "cisco2.ps1", "tags": "family:bumblebee,botnet:cisc117,trojan", "score": 10, "sha256": "0afe02415b9523c9f840be11d9561d1c07b41ac1f7b803b7112608ae8db29950"}, {"sample": "230302-r1smzsda2x", "created": "2023-03-02 14:39:57.552049 +0000 +0000", "kind": "file", "filename": "usr.ps1", "tags": "", "score": 10, "sha256": "55c3fd40758ebaf09955b11ce7d6ccc3867b678bb1c7a2e0309bb7f809e6d394"}, {"sample": "230302-rtbe5adc86", "created": "2023-03-02 14:28:38.061266 +0000 +0000", "kind": "file", "filename": "keys.ps1", "tags": "", "score": 1, "sha256": "c88493d3730ee96b3857e93016d67a62000df4613e0cf89db57d554716885838"}, {"sample": "230302-rr6s9ach7t", "created": "2023-03-02 14:26:38.372349 +0000 +0000", "kind": "file", "filename": "keys.ps1", "tags": "", "score": 1, "sha256": "8d728990d82730e687856f9d2cab5eb8a3c91945bb03d522ef34a697fe63a787"}, {"sample": "230302-pgrkgacg94", "created": "2023-03-02 12:18:20.682603 +0000 +0000", "kind": "file", "filename": "__PSScriptPolicyTest_3qauyulu.5xm.ps1", "tags": "", "score": 1, "sha256": "96ad1146eb96877eab5942ae0736b82d8b5e2039a80d3d6932665c1a4c87dcf7"}, {"sample": "230302-lld86acc79", "created": "2023-03-02 09:36:56.50029 +0000 +0000", "kind": "file", "filename": "8713d873a8f4179a4079ea46a6ae45a538dc2f07cf7b09f28adc25eec45dc873.ps1", "tags": "", "score": 1, "sha256": "8713d873a8f4179a4079ea46a6ae45a538dc2f07cf7b09f28adc25eec45dc873"}, {"sample": "230302-b7yvksaf5t", "created": "2023-03-02 01:47:47.109819 +0000 +0000", "kind": "file", "filename": "keys.ps1", "tags": "", "score": 1, "sha256": "80d020c39f28074fc1e77e318da978be7d7c189c7a57c6e5d9bd178ec0bd8840"}, {"sample": "230301-x5m6yshh27", "created": "2023-03-01 19:26:19.141042 +0000 +0000", "kind": "file", "filename": "download.ps1", "tags": "", "score": 1, "sha256": "c983da8c8c2ca7a1905d658f778e361d28933f9bc1476a9114313ffcf5d5a5d3"}, {"sample": "230301-x3rrcshd5v", "created": "2023-03-01 19:23:01.041572 +0000 +0000", "kind": "file", "filename": "download.ps1", "tags": "", "score": 1, "sha256": "8c6781f0a00bb99a41d3e8d52363cda39fa4e6110f7a2e5c8eef2823fb96f9ff"}, {"sample": "230301-xl6tyshf94", "created": "2023-03-01 18:57:31.679717 +0000 +0000", "kind": "file", "filename": "download.ps1", "tags": "", "score": 1, "sha256": "8c6781f0a00bb99a41d3e8d52363cda39fa4e6110f7a2e5c8eef2823fb96f9ff"}, {"sample": "230301-s1xglsgg57", "created": "2023-03-01 15:36:05.943391 +0000 +0000", "kind": "file", "filename": "code.ps1", "tags": "", "score": 1, "sha256": "d3127d6af56f79666e7163b28662c46a209002aa8e468b91d6674033afadeb0e"}, {"sample": "230301-rxcscsge67", "created": "2023-03-01 14:33:56.998966 +0000 +0000", "kind": "file", "filename": "malware (2).ps1", "tags": "", "score": 1, "sha256": "35555de0fd270122c599416b793569b225601f9386d19e54aeccf93239335e1c"}, {"sample": "230301-krdddafa4w", "created": "2023-03-01 08:49:42.119349 +0000 +0000", "kind": "file", "filename": "__PSScriptPolicyTest_ngg2h3bt.pkx.ps1", "tags": "", "score": 1, "sha256": "96ad1146eb96877eab5942ae0736b82d8b5e2039a80d3d6932665c1a4c87dcf7"}, {"sample": "230228-zxdnnadb87", "created": "2023-02-28 21:05:28.921963 +0000 +0000", "kind": "file", "filename": "message.ps1", "tags": "", "score": 1, "sha256": "4238f4fbe15e372f5b1f91163235e397b4f98e344a527d5778851cf1f13c4ce7"}, {"sample": "230227-xeag6seh71", "created": "2023-02-27 18:45:29.357995 +0000 +0000", "kind": "file", "filename": "run.ps1", "tags": "", "score": 1, "sha256": "b89c6a6d84107927731e68a2ff075fdb3dc1e27e108062c478623caae9e74eb5"}, {"sample": "230226-f59lhsga29", "created": "2023-02-26 05:28:31.773893 +0000 +0000", "kind": "file", "filename": "target.ps1", "tags": "", "score": 1, "sha256": "af428e25c0e332e2d25145294aec84b2871497d07e8b433e809c892ab6c489c7"}, {"sample": "230226-f3d2tsga22", "created": "2023-02-26 05:23:31.823703 +0000 +0000", "kind": "file", "filename": "run.ps1", "tags": "", "score": 1, "sha256": "ea215f7882d63d46913b87917481dd5d3f23830989d3da0b5325d194ce5ef4cf"}, {"sample": "230225-2glqfaeg73", "created": "2023-02-25 22:33:14.10273 +0000 +0000", "kind": "file", "filename": "PS000.ps1", "tags": "", "score": 3, "sha256": "8896cd7205dd794e6cbb0d14b898a20a834df11600c4b75f7e89db6e45f09ac8"}, {"sample": "230224-xp7knaab9s", "created": "2023-02-24 19:02:48.195686 +0000 +0000", "kind": "file", "filename": "testv2.ps1", "tags": "", "score": 8, "sha256": "2902208bc37ee2af137aa13f8ad7b9aaf8662609f4cdf3bd7b40a9d21ab6454c"}, {"sample": "230224-wcajqaac28", "created": "2023-02-24 17:46:04.694081 +0000 +0000", "kind": "file", "filename": "ps1.ps1.ps1", "tags": "", "score": 1, "sha256": "0e279a57af77ea15462455c6e230ac0bc4f6f5100e221123d600e73ab7265441"}, {"sample": "230224-vjmxysab33", "created": "2023-02-24 17:01:15.947948 +0000 +0000", "kind": "file", "filename": "huh.ps1", "tags": "", "score": 10, "sha256": "990ddc2ef9ef5b94297eddd6b5bc3b5eea73ebcce1c61e0a6fd80fea2bb44209"}, {"sample": "230224-tl68yahh88", "created": "2023-02-24 16:09:46.108454 +0000 +0000", "kind": "file", "filename": "trigger.ps1", "tags": "", "score": 1, "sha256": "47ba89159b924e943f5aeeb15d2605b08805599ef80efd5ddf889f2bbbc41f3d"}, {"sample": "230224-pv3jwsdb6s", "created": "2023-02-24 12:39:51.499071 +0000 +0000", "kind": "file", "filename": "__PSScriptPolicyTest_2flbis2c.jq1.ps1", "tags": "", "score": 1, "sha256": "96ad1146eb96877eab5942ae0736b82d8b5e2039a80d3d6932665c1a4c87dcf7"}, {"sample": "230223-wz3tsagg72", "created": "2023-02-23 18:22:24.510599 +0000 +0000", "kind": "url", "filename": "https://raw.githubusercontent.com/nullbind/Powershellery/master/Brainstorming/runme2.ps1", "tags": "", "score": 1, "sha256": ""}, {"sample": "230223-wykltagg63", "created": "2023-02-23 18:19:46.211625 +0000 +0000", "kind": "url", "filename": "https://raw.githubusercontent.com/nullbind/Powershellery/master/Brainstorming/runme2.ps1", "tags": "", "score": 1, "sha256": ""}, {"sample": "230222-11r6wsdg88", "created": "2023-02-22 22:07:19.004663 +0000 +0000", "kind": "file", "filename": "testv2.ps1", "tags": "", "score": 8, "sha256": "44f9545682746fce5bcc60b1cd4f3adc21ac62a3534329b2159038c2c537b950"}, {"sample": "230222-1ybfcsdg78", "created": "2023-02-22 22:03:01.261612 +0000 +0000", "kind": "file", "filename": "testv2.ps1", "tags": "", "score": 8, "sha256": "44f9545682746fce5bcc60b1cd4f3adc21ac62a3534329b2159038c2c537b950"}, {"sample": "230222-ypc7gsfb4s", "created": "2023-02-22 19:57:17.950946 +0000 +0000", "kind": "file", "filename": "porc.ps1", "tags": "family:bumblebee,botnet:212lg,trojan", "score": 10, "sha256": "0ba8f658d5e820155f0cd63d4803843a55a8298f23d4e5c5a8a00a72f4b99aae"}, {"sample": "230222-wn7nlaef7z", "created": "2023-02-22 18:05:08.180664 +0000 +0000", "kind": "file", "filename": "testv1.ps1", "tags": "", "score": 1, "sha256": "88d3d4356d758188226c641df100b8562d293cb433015d61ec63bd20b0989775"}, {"sample": "230221-3tb77sha67", "created": "2023-02-21 23:47:55.269735 +0000 +0000", "kind": "url", "filename": "https://raw.githubusercontent.com/auberginehill/update-mozilla-firefox/b1412bb9fad2ab9af65b93905a72c4b250dcbf6b/update-mozillafirefox.ps1", "tags": "", "score": 1, "sha256": ""}, {"sample": "230221-1kekvsae8z", "created": "2023-02-21 21:42:13.685436 +0000 +0000", "kind": "file", "filename": "req.ps1", "tags": "family:bumblebee,botnet:212cc,trojan", "score": 10, "sha256": "7d5337ef04ddabac61a5f3dae4a9fdf17c6d0b64f1a1b5ae0b07b6bbc0bcbd9e"}, {"sample": "230221-y1keyaac7x", "created": "2023-02-21 20:15:06.887965 +0000 +0000", "kind": "file", "filename": "host.ps1", "tags": "", "score": 1, "sha256": "00bfb407620244badf2ac6327b29063173b191c1fcf1163717454525d9ed62f5"}, {"sample": "230221-v9t4ysfg37", "created": "2023-02-21 17:41:47.327502 +0000 +0000", "kind": "file", "filename": "malware.ps1", "tags": "", "score": 1, "sha256": "6b6f123e465982d96ff7d3b650710750b1c11e3866592ac5aa200c0cadae83b2"}, {"sample": "230221-p1sa4sgf6y", "created": "2023-02-21 12:48:05.926186 +0000 +0000", "kind": "file", "filename": "documents.ps1", "tags": "family:bumblebee,botnet:202lg,trojan", "score": 10, "sha256": "4b7bd61d8985e4bda823bed25986c52da45cf519b04661980db35060ae5ca3b1"}, {"sample": "230221-la8zdsgb4t", "created": "2023-02-21 09:20:55.149592 +0000 +0000", "kind": "file", "filename": "documents.ps1", "tags": "family:bumblebee,botnet:202lg,trojan", "score": 10, "sha256": "b6d05d8f7f1f946806cd70f18f8b6af1b033900cfaa4ab7b7361b19696be9259"}, {"sample": "230221-j55jcaga2w", "created": "2023-02-21 08:16:04.399723 +0000 +0000", "kind": "file", "filename": "d4d8fb98bd886168e8355f2c92b6ffddb191fceae12b613ceece638c2df5ec77.ps1", "tags": "", "score": 10, "sha256": "d4d8fb98bd886168e8355f2c92b6ffddb191fceae12b613ceece638c2df5ec77"}, {"sample": "230220-swkbgsah4z", "created": "2023-02-20 15:28:29.453784 +0000 +0000", "kind": "file", "filename": "main.ps1", "tags": "persistence", "score": 8, "sha256": "9a65d0d02a33980930ea0dacedfafe8abcfd9c6cf9b85e749eeaf088fe77a0fd"}, {"sample": "230220-sdey2sag7x", "created": "2023-02-20 15:00:17.458105 +0000 +0000", "kind": "file", "filename": "file01.ps1", "tags": "", "score": 1, "sha256": "4e8321e73c23ab32d3f385cabc9a08dac5e521c1bac4e7163936897bb045d52e"}, {"sample": "230218-3ydxladc91", "created": "2023-02-18 23:55:00.865655 +0000 +0000", "kind": "file", "filename": "4.ps1", "tags": "family:cobaltstrike,botnet:391144938,backdoor,trojan", "score": 10, "sha256": "9b580a2ab2930d26be4f366de82d0a5d0bbb6687903126a3be2e336f7598bf6d"}, {"sample": "230218-3ybr8sea35", "created": "2023-02-18 23:54:53.834856 +0000 +0000", "kind": "file", "filename": "3.ps1", "tags": "family:cobaltstrike,botnet:391144938,backdoor,trojan", "score": 10, "sha256": "dbb8e214ee684388a23dd463a4181ff4a46fc4cbbf78663c1cc5224f83613d52"}, {"sample": "230218-3x6k8aea34", "created": "2023-02-18 23:54:36.942485 +0000 +0000", "kind": "file", "filename": "2.ps1", "tags": "family:cobaltstrike,botnet:391144938,backdoor,trojan", "score": 10, "sha256": "f3128154e56ddc3145147f31f53eac36146e81ef59ec88bf4ee93db4b53eb4d5"}, {"sample": "230218-3x43dsea33", "created": "2023-02-18 23:54:31.189574 +0000 +0000", "kind": "file", "filename": "1.ps1", "tags": "family:cobaltstrike,botnet:391144938,backdoor,trojan", "score": 10, "sha256": "8e45cf2191c2b9c7d2f0cd1c815f4b3f5dd9b183faa65dc68956b2e17f30708b"}, {"sample": "230218-lvyzxsbc71", "created": "2023-02-18 09:51:53.500912 +0000 +0000", "kind": "file", "filename": "svchost.ps1", "tags": "", "score": 8, "sha256": "b233401fa3aa35d06c9c52a4a78a903cf103f869881b7e4a6dfd10b9016be30e"}, {"sample": "230218-ledztabc41", "created": "2023-02-18 09:26:26.081527 +0000 +0000", "kind": "file", "filename": "172lg.ps1", "tags": "", "score": 8, "sha256": "a7b60e46ce7f8db59ae11f63d3d0687b11f298fb1e36f666d67a89f16a5c23f7"}, {"sample": "230218-bxnxmaad56", "created": "2023-02-18 01:31:34.601197 +0000 +0000", "kind": "file", "filename": "ath5k-frequency-chaos-2.6.28.patch.ps1", "tags": "macos", "score": 1, "sha256": "1aa119f1f0e6ee189931eb6d167a4dfbda553014679961e6fee074ec3003c532"}, {"sample": "230218-azb56shg3y", "created": "2023-02-18 00:38:33.621535 +0000 +0000", "kind": "file", "filename": "172cc.ps1", "tags": "", "score": 8, "sha256": "7a1958263ac9be1866195113783f2025f206a7348aff63adad4f7ed6a902016a"}, {"sample": "230217-w1k1csgg36", "created": "2023-02-17 18:23:17.764136 +0000 +0000", "kind": "file", "filename": "Fiscalbroker.ps1", "tags": "", "score": 1, "sha256": "6a65198b76ee28c57145668ff23b849368cc83443ffad04b48a1f0ca7ca656f0"}, {"sample": "230216-z7a1hscb29", "created": "2023-02-16 21:21:03.739508 +0000 +0000", "kind": "file", "filename": "endpoint.ps1", "tags": "family:cobaltstrike,botnet:0,backdoor,trojan", "score": 10, "sha256": "1aac059b144d8c37a6bf48b61e2b58f0da60d92a3ed1b0747d7c7d3291880b87"}, {"sample": "230216-q7vv9ahg88", "created": "2023-02-16 13:54:38.642175 +0000 +0000", "kind": "file", "filename": "zoom1.ps1", "tags": "", "score": 8, "sha256": "b4ee753d3ff5ea500dbc983493c2a8391e7276cb407c40a7cebfe3289099843d"}, {"sample": "230216-mypq4ahb98", "created": "2023-02-16 10:52:36.702455 +0000 +0000", "kind": "file", "filename": "huh.ps1", "tags": "family:xworm,persistence,rat,trojan", "score": 10, "sha256": "fae640a11c868610840d5041064c7cf0618cbea1e8da5924bd8eea456da2032f"}, {"sample": "230216-fhqvwsfh66", "created": "2023-02-16 04:52:39.191927 +0000 +0000", "kind": "file", "filename": "run.ps1", "tags": "", "score": 1, "sha256": "e6192364d89219c11856a76305f9496170876c199935714449f316b8d8884ca2"}, {"sample": "230216-ebgszaff43", "created": "2023-02-16 03:45:48.794746 +0000 +0000", "kind": "file", "filename": "code.ps1", "tags": "", "score": 1, "sha256": "1ecbf84c1c1c8c2f546053b49dcaa3cf471e0e280f2aab8c4ab1e0c4efa50632"}, {"sample": "230216-ea1jpaff36", "created": "2023-02-16 03:44:58.858557 +0000 +0000", "kind": "file", "filename": "code.ps1", "tags": "", "score": 10, "sha256": "54004634e2c6d475e4ccebf88e37477d25980cc7dbf581dfd9b2be8f8cd8e761"}, {"sample": "230215-rvda4scb75", "created": "2023-02-15 14:30:29.0518 +0000 +0000", "kind": "file", "filename": "zoom1.ps1", "tags": "", "score": 8, "sha256": "b4ee753d3ff5ea500dbc983493c2a8391e7276cb407c40a7cebfe3289099843d"}, {"sample": "230214-1blb2sgd22", "created": "2023-02-14 21:28:33.705174 +0000 +0000", "kind": "file", "filename": "file01.ps1", "tags": "", "score": 1, "sha256": "0984cafb1fbef7cf687ab418556f00a98267bb4226292207a456ce9308d4e0bc"}, {"sample": "230214-z5qcesgc64", "created": "2023-02-14 21:18:17.516236 +0000 +0000", "kind": "file", "filename": "file.ps1", "tags": "", "score": 10, "sha256": "c256d56f9ea5c0c6c7b13783d674d3824d5773e4d94c521eb535268ae70a838c"}, {"sample": "230214-y49t1afd7y", "created": "2023-02-14 20:21:34.423076 +0000 +0000", "kind": "file", "filename": "code.ps1", "tags": "", "score": 1, "sha256": "fbbf590bcaf5af5be3da5c265e0efe756fc452abfe3c684a356fa4bb79829407"}, {"sample": "230214-yztbfsfh92", "created": "2023-02-14 20:13:47.915052 +0000 +0000", "kind": "file", "filename": "trigger.ps1", "tags": "", "score": 10, "sha256": "772bda0b4103546ea319afdc0d0baaf6f929c91b35e299e02dd9404bd6512897"}, {"sample": "230214-wdsfxsfa75", "created": "2023-02-14 17:48:41.458049 +0000 +0000", "kind": "file", "filename": "bypass.ps1", "tags": "", "score": 7, "sha256": "55ba36d2ee2c5359dec3a425d27df9c3fb1ddede8cef74fd0bd69d38434609fd"}, {"sample": "230214-ttya1aee95", "created": "2023-02-14 16:21:34.681488 +0000 +0000", "kind": "file", "filename": "it.ps1", "tags": "", "score": 1, "sha256": "6dfc9ceef0ace6f87f89b41a482bd41f3955514bd2791ec1231364579bc70b90"}, {"sample": "230214-mpxekscf97", "created": "2023-02-14 10:38:59.903934 +0000 +0000", "kind": "file", "filename": "gun.ps1", "tags": "family:remcos,botnet:trap,rat", "score": 10, "sha256": "d6184be2a0318cec0dab42194f6f5059d5e96f37171b72b702eee67b1a506438"}, {"sample": "230214-k5hv1scc22", "created": "2023-02-14 09:10:55.790886 +0000 +0000", "kind": "file", "filename": "trigger.ps1", "tags": "", "score": 1, "sha256": "598f038e16b63d6936c68a56849070796271beac41c49ade5628ed50b64b7a0b"}, {"sample": "230214-kfp8ssca59", "created": "2023-02-14 08:32:49.543396 +0000 +0000", "kind": "url", "filename": "http://down.ftp21.cc/Win10.ps1", "tags": "", "score": 3, "sha256": ""}, {"sample": "230214-jmnswabb21", "created": "2023-02-14 07:47:18.133585 +0000 +0000", "kind": "file", "filename": "ps.txt.ps1", "tags": "", "score": 10, "sha256": "74dee7d1943b87cc9d9ecb1c869c0d3952c810a48cf622c896d2130f077f2ae2"}, {"sample": "230214-cv2w5saa95", "created": "2023-02-14 02:24:39.290196 +0000 +0000", "kind": "file", "filename": "badness.ps1", "tags": "", "score": 1, "sha256": "4a5346bdf2e0306e49ce76f1088da64757899fc96cd34d39bb04857ea7f371db"}, {"sample": "230214-css68ahe3w", "created": "2023-02-14 02:20:44.112377 +0000 +0000", "kind": "file", "filename": "badness.ps1", "tags": "", "score": 1, "sha256": "5b38a3d6d23b5d35607c6627e1df633fcfe69a84e602d1915ad9ed7a60ad7421"}, {"sample": "230214-cma4fshd71", "created": "2023-02-14 02:11:07.042637 +0000 +0000", "kind": "file", "filename": "badness.ps1", "tags": "", "score": 1, "sha256": "7160d26a73e406c62ebe76c45a117d0d7de7244bfe1275f8011fb9b889c85eda"}, {"sample": "230214-cg6ceaaa39", "created": "2023-02-14 02:03:52.855113 +0000 +0000", "kind": "file", "filename": "badness.ps1", "tags": "", "score": 1, "sha256": "34262d654cdf4e213d683d51e0103783da072adb3783bc67a0e48ae2c78fee27"}, {"sample": "230214-b8cczahh57", "created": "2023-02-14 01:48:28.314821 +0000 +0000", "kind": "file", "filename": "microsoft_shellbrd.dll.ps1", "tags": "", "score": 1, "sha256": "f77bb6f88d4eecdaf51afe63565f48f2650caa0be9f0d61e8b7f24a0c7210610"}, {"sample": "230213-ybh6ksff36", "created": "2023-02-13 19:36:35.752838 +0000 +0000", "kind": "file", "filename": "script.ps1", "tags": "", "score": 7, "sha256": "f1f85ae29abe02f8fe11d986c3597deada0aa8ad20a41ce1dfbfbbb4cbdb6c05"}, {"sample": "230213-x1jb7sfe27", "created": "2023-02-13 19:19:07.278438 +0000 +0000", "kind": "file", "filename": "file01.ps1", "tags": "", "score": 7, "sha256": "d435cdd214ce52a37891648effdafbda0a86f00f334448ec8925c11de97133b5"}, {"sample": "230213-wh65waed2t", "created": "2023-02-13 17:56:22.975442 +0000 +0000", "kind": "file", "filename": "docusign_dropped.ps1", "tags": "", "score": 10, "sha256": "378f209030f8bf87e51c7d83f0d6cfe40647f4ff16f372b08a7ae64daa676b29"}, {"sample": "230213-whx7zaed2s", "created": "2023-02-13 17:55:56.891047 +0000 +0000", "kind": "file", "filename": "docusign_dropped.ps1", "tags": "", "score": 10, "sha256": "378f209030f8bf87e51c7d83f0d6cfe40647f4ff16f372b08a7ae64daa676b29"}, {"sample": "230213-whe2dsec9z", "created": "2023-02-13 17:55:03.798495 +0000 +0000", "kind": "file", "filename": "docusign_dropped.ps1", "tags": "", "score": 10, "sha256": "378f209030f8bf87e51c7d83f0d6cfe40647f4ff16f372b08a7ae64daa676b29"}, {"sample": "230213-snljksde6t", "created": "2023-02-13 15:16:19.551306 +0000 +0000", "kind": "file", "filename": "bypass.ps1", "tags": "family:cobaltstrike,botnet:987654321,backdoor,trojan", "score": 10, "sha256": "8bb4fcb5d1c3665a5e9b69e8501b7ed1a992c12920887f00528ff2ee8d370483"}, {"sample": "230213-rff4fsda8t", "created": "2023-02-13 14:07:55.947606 +0000 +0000", "kind": "file", "filename": "target.ps1", "tags": "", "score": 10, "sha256": "a43f320f310077168cf4b34f4d11a71d3a8ed8b256ee9088c4eaa98179bf120b"}, {"sample": "230212-ce9l2saf2x", "created": "2023-02-12 02:00:33.350256 +0000 +0000", "kind": "url", "filename": "https://gist.githubusercontent.com/dconascend/606ced051596cd99b9fab2188d7ee911/raw/41266cc4e7b398b2edb7f5730de602a3a3aef325/Mappings.ps1", "tags": "", "score": 1, "sha256": ""}, {"sample": "230211-wwbacsee72", "created": "2023-02-11 18:15:49.178529 +0000 +0000", "kind": "url", "filename": "http://172.105.206.82/docs/st.ps1", "tags": "", "score": 1, "sha256": ""}, {"sample": "230211-lea8xsch2w", "created": "2023-02-11 09:26:17.31155 +0000 +0000", "kind": "file", "filename": "6c9810a08e35920f03730e06102a1e1639a57a2d652ecfeedca63fceef495837.ps1", "tags": "", "score": 1, "sha256": "6c9810a08e35920f03730e06102a1e1639a57a2d652ecfeedca63fceef495837"}, {"sample": "230210-zhanfscb27", "created": "2023-02-10 20:42:35.629669 +0000 +0000", "kind": "file", "filename": "1.ps1", "tags": "", "score": 8, "sha256": "bd6985c0f8bf37232a2f3558d93ca7dedfce800c856c9f39cc99e51663a8f4c9"}, {"sample": "230210-wzcbtsee55", "created": "2023-02-10 18:21:07.258524 +0000 +0000", "kind": "file", "filename": "try4.ps1", "tags": "", "score": 10, "sha256": "4c579b85f761034fbf0acc49ebdd0c1d19c2f98672ebb73085f45d90c6360af7"}, {"sample": "230210-wxg5ased64", "created": "2023-02-10 18:17:53.031111 +0000 +0000", "kind": "file", "filename": "try4.ps1", "tags": "", "score": 10, "sha256": "16610c1d7f89112cfad73415b9bc719a92d2b89f535c978777e1c3b7abe31709"}, {"sample": "230210-sknjrsfc37", "created": "2023-02-10 15:11:11.867013 +0000 +0000", "kind": "file", "filename": "hola.bat.ps1", "tags": "", "score": 1, "sha256": "4fbfb5e684b25455fa7856f512c8183710a13a6dcf5b911b1125fe81ff80bff8"}, {"sample": "230210-px2qdahf88", "created": "2023-02-10 12:43:18.429927 +0000 +0000", "kind": "file", "filename": "win64.ps1", "tags": "", "score": 10, "sha256": "e8c4ec795a14587d3b3ce34b73eca090ea9d9957fb612300abc6239ec293eb26"}, {"sample": "230210-pwlb1ahf27", "created": "2023-02-10 12:40:46.916841 +0000 +0000", "kind": "file", "filename": "test.ps1", "tags": "", "score": 1, "sha256": "20ed61f6c33b42f6c150736afa3c63d0279870e7c7ccac6b251ce1f2d6779b9c"}, {"sample": "230209-3wkmcsdd76", "created": "2023-02-09 23:51:49.00373 +0000 +0000", "kind": "file", "filename": "2.ps1", "tags": "collection,persistence", "score": 7, "sha256": "9a08bc42590ac64927b41f225a79a84fc58bfcfa215d27bc09cfd19137615847"}, {"sample": "230209-tvwhssbf4t", "created": "2023-02-09 16:23:13.273442 +0000 +0000", "kind": "file", "filename": "monitoring_getappxpackages.ps1", "tags": "", "score": 1, "sha256": "8e9cbf813a279810353bd9728e1f17e1dfe639e3efb8e1cfe31c478b3dd0e60e"}, {"sample": "230209-pp92sacb98", "created": "2023-02-09 12:31:28.54059 +0000 +0000", "kind": "file", "filename": "sample.ps1", "tags": "", "score": 1, "sha256": "2ab0956f33b7b037181ca19cb8469e41dbad1964263689b214a5ad16290bd28d"}, {"sample": "230208-ymjw9aee8z", "created": "2023-02-08 19:54:06.722165 +0000 +0000", "kind": "url", "filename": "https://raw.githubusercontent.com/Braingears/PowerShell/master/Automate-Module.psm1", "tags": "", "score": 6, "sha256": ""}, {"sample": "230208-qcxrcsah48", "created": "2023-02-08 13:07:33.379134 +0000 +0000", "kind": "file", "filename": "phish2.html.ps1", "tags": "", "score": 1, "sha256": "a810e6ec756ab2d4002b0598653015e676fb87269eb6b6aca57c63f481607582"}, {"sample": "230208-p491bsag89", "created": "2023-02-08 12:54:11.020489 +0000 +0000", "kind": "file", "filename": "phish.html.ps1", "tags": "", "score": 1, "sha256": "a965498e000c26fb88aa97210ba62f6529e63c8b10dd22614c7d1e16e8fb78b3"}, {"sample": "230208-edcl2aha96", "created": "2023-02-08 03:49:04.139278 +0000 +0000", "kind": "file", "filename": "test.ps1", "tags": "", "score": 1, "sha256": "24c21d899a99ccbfac0f0e9b47d19b8e49a5f32aac1c4027fed90c28d3099b9f"}, {"sample": "230208-d424yagd91", "created": "2023-02-08 03:34:34.890507 +0000 +0000", "kind": "file", "filename": "0dbc26e2bfa2e7abf7ee69a7a622c702.ps1", "tags": "family:asyncrat,botnet:osaya&tefa,rat", "score": 10, "sha256": "887514119b1788486fa0609086ea05749f293e0d93864672c622040f2513eb72"}, {"sample": "230208-dmk44agd4y", "created": "2023-02-08 03:07:32.959171 +0000 +0000", "kind": "file", "filename": "image.ps1", "tags": "family:asyncrat,botnet:osaya&tefa,rat", "score": 10, "sha256": "21e1e60efdbf24f5f7e114e509096ae87ad1ef70c23f3361c61c70be746d788b"}, {"sample": "230208-ap2yvagd42", "created": "2023-02-08 00:24:04.709284 +0000 +0000", "kind": "file", "filename": "install.ps1", "tags": "", "score": 1, "sha256": "b293d21566f6766b82194e8beb6e555230d35adf8b2c20a3d756405ada04e0b2"}, {"sample": "230207-2ydfdsga92", "created": "2023-02-07 22:59:03.169652 +0000 +0000", "kind": "file", "filename": "Report.ps1", "tags": "family:asyncrat,botnet:osaya&tefa,persistence,rat", "score": 10, "sha256": "cf4921a55199c27c24e4fbacc4a3e90d4d5249e4aeb4de2eafe56d395cdfbde4"}, {"sample": "230207-yqefyafd87", "created": "2023-02-07 19:59:06.309626 +0000 +0000", "kind": "file", "filename": "1.ps1", "tags": "", "score": 8, "sha256": "d9d0f88e6af224e3999c357e3b1105cad72eee133207e0a18273ac6418318613"}, {"sample": "230207-t5yqxacf66", "created": "2023-02-07 16:39:04.663666 +0000 +0000", "kind": "file", "filename": "amsi.ps1", "tags": "", "score": 1, "sha256": "1c027f192e468017f03d784176282ea4cbd86836d98e1c4da590b04c3640a7e0"}, {"sample": "230207-tn93lsfg5t", "created": "2023-02-07 16:13:25.115378 +0000 +0000", "kind": "file", "filename": "run.ps1", "tags": "", "score": 1, "sha256": "fc5b3eb278d2f3da09efaf76de23b03be1a73d97b7d1523e6321a7f92ee1a45f"}, {"sample": "230207-s7s3rscd83", "created": "2023-02-07 15:46:23.748448 +0000 +0000", "kind": "file", "filename": "do_not_execute.ps1", "tags": "", "score": 1, "sha256": "1c027f192e468017f03d784176282ea4cbd86836d98e1c4da590b04c3640a7e0"}, {"sample": "230207-s2jbdaff31", "created": "2023-02-07 15:37:10.810528 +0000 +0000", "kind": "file", "filename": "do_not_execute.ps1", "tags": "", "score": 1, "sha256": "6d9025c8ed26fc21c113cbcd178bbb687e58cfb940136e5ea457c5af00693c82"}, {"sample": "230206-h5hh5sce72", "created": "2023-02-06 07:19:03.376161 +0000 +0000", "kind": "file", "filename": "ps1.ps1", "tags": "", "score": 1, "sha256": "e501f78dd45fcfb9c70a60ed35e0009f337d841795e08297e323e1724981918e"}, {"sample": "230205-r5788shh65", "created": "2023-02-05 14:47:40.993743 +0000 +0000", "kind": "file", "filename": "file01.ps1", "tags": "", "score": 1, "sha256": "287ec4f8c596dbfe3dd051026bcad901d57ca9f69cf0eeef3798d920f57c3cc0"}, {"sample": "230205-r4a74shh57", "created": "2023-02-05 14:44:21.708987 +0000 +0000", "kind": "file", "filename": "run.ps1", "tags": "", "score": 1, "sha256": "3960f84cc0ea0fc8378ec44f2d214a0b93f6709161b6e06f8581fadf87488f43"}, {"sample": "230203-xq7xtada31", "created": "2023-02-03 19:04:34.903673 +0000 +0000", "kind": "file", "filename": "gh.ps1", "tags": "family:xworm,rat,trojan", "score": 10, "sha256": "b4dd3e93356329c076c0d2cd5ac30a806daf46006bdb81199355952e9d949424"}, {"sample": "230203-xhzw8sce2z", "created": "2023-02-03 18:51:57.541564 +0000 +0000", "kind": "file", "filename": "gh.ps1", "tags": "family:xworm,rat,trojan", "score": 10, "sha256": "b4dd3e93356329c076c0d2cd5ac30a806daf46006bdb81199355952e9d949424"}, {"sample": "230203-w26y8age63", "created": "2023-02-03 18:26:04.820305 +0000 +0000", "kind": "file", "filename": "transfer.sh_get_44Y2u7_gh.ps1", "tags": "family:xworm,rat,trojan", "score": 10, "sha256": "b4dd3e93356329c076c0d2cd5ac30a806daf46006bdb81199355952e9d949424"}, {"sample": "230203-vb2q5sbf5x", "created": "2023-02-03 16:49:43.380255 +0000 +0000", "kind": "file", "filename": "Invoke-Certify.ps1", "tags": "", "score": 1, "sha256": "d706b04658277efa71d86bc1bbdb6463b56c360790895c3e6995e18e5627c8f0"}, {"sample": "230203-p9xl7afd66", "created": "2023-02-03 13:02:18.897848 +0000 +0000", "kind": "file", "filename": "Invoke-Certify.ps1", "tags": "", "score": 1, "sha256": "d706b04658277efa71d86bc1bbdb6463b56c360790895c3e6995e18e5627c8f0"}, {"sample": "230202-w7behaca92", "created": "2023-02-02 18:33:18.276676 +0000 +0000", "kind": "file", "filename": "adPEAS.ps1", "tags": "", "score": 1, "sha256": "194c75464d32347d4a740b0c08107af71eb82c54867e5db32e8738c053d0bde4"}, {"sample": "230202-vg3wdsec4w", "created": "2023-02-02 16:58:31.165738 +0000 +0000", "kind": "file", "filename": "lg30.ps1", "tags": "", "score": 8, "sha256": "220643466b3b056319813f6a504726baf236e866d32dace4290bab262f8f455f"}, {"sample": "230202-tsn1yabf3v", "created": "2023-02-02 16:19:22.040298 +0000 +0000", "kind": "file", "filename": "normal.ps1", "tags": "", "score": 1, "sha256": "0b33ce3a64948d8886506dc6da63da3a1474b6f7fa909485425503f2d4faaca4"}, {"sample": "230202-q98j5aca42", "created": "2023-02-02 13:58:46.732595 +0000 +0000", "kind": "file", "filename": "adPEAS.ps1", "tags": "", "score": 1, "sha256": "194c75464d32347d4a740b0c08107af71eb82c54867e5db32e8738c053d0bde4"}, {"sample": "230202-f8dcgsfb56", "created": "2023-02-02 05:32:13.776063 +0000 +0000", "kind": "file", "filename": "wUIZxOYlIK.ps1", "tags": "family:xmrig,miner,upx", "score": 10, "sha256": "60f45e2cd0ac96e4983cb8bd4f990fc917b8a9ed1d57808a64cc801e8965e658"}, {"sample": "230201-xye7rsdc9s", "created": "2023-02-01 19:15:27.798303 +0000 +0000", "kind": "file", "filename": "puyxsqme2TNBPTNhARYTZt_xpYgYoJvAmb67PNvhYCk.ps1", "tags": "", "score": 10, "sha256": "a6ecb1b2a99ed933413d336101161366dfb1a58818a09bc099bebb3cdbe16029"}, {"sample": "230201-sgqjysac42", "created": "2023-02-01 15:06:03.812831 +0000 +0000", "kind": "url", "filename": "http://raw.githubusercontent.com/braingears/powershell/master/automate-module.psm1", "tags": "", "score": 8, "sha256": ""}, {"sample": "230201-sf7rvacb5v", "created": "2023-02-01 15:05:08.241061 +0000 +0000", "kind": "url", "filename": "https://raw.githubusercontent.com/braingears/powershell/master/automate-module.psm1", "tags": "", "score": 6, "sha256": ""}, {"sample": "230201-gfaxbsdh7s", "created": "2023-02-01 05:44:19.773157 +0000 +0000", "kind": "file", "filename": "lg30.ps1", "tags": "", "score": 8, "sha256": "220643466b3b056319813f6a504726baf236e866d32dace4290bab262f8f455f"}, {"sample": "230201-a2wbtsda7s", "created": "2023-02-01 00:42:59.352127 +0000 +0000", "kind": "file", "filename": "setupWin11.ps1", "tags": "evasion,persistence", "score": 10, "sha256": "03030afe61e4aee813df6d8af68a646058aa48ea9dd9b842fd4eb85ee05906c3"}, {"sample": "230131-2j72fsag38", "created": "2023-01-31 22:37:47.936556 +0000 +0000", "kind": "file", "filename": "trigger.ps1", "tags": "", "score": 8, "sha256": "2840d561ed4f949d7d1dadd626e594b9430deeb399db5ff53fc0bb1ad30552aa"}, {"sample": "230131-wva8zabd8w", "created": "2023-01-31 18:14:04.27172 +0000 +0000", "kind": "file", "filename": "pdf.ps1", "tags": "", "score": 10, "sha256": "b4e52fec663a9c2feaaea4db0c00160e415db35d7a916b9d6524f31c7133ed73"}, {"sample": "230131-tkjq9aah4w", "created": "2023-01-31 16:06:54.625602 +0000 +0000", "kind": "file", "filename": "lg30.ps1", "tags": "", "score": 8, "sha256": "220643466b3b056319813f6a504726baf236e866d32dace4290bab262f8f455f"}, {"sample": "230131-tb7rqaag9y", "created": "2023-01-31 15:54:04.065207 +0000 +0000", "kind": "file", "filename": "lg30.ps1", "tags": "", "score": 8, "sha256": "220643466b3b056319813f6a504726baf236e866d32dace4290bab262f8f455f"}, {"sample": "230131-tbg63aha24", "created": "2023-01-31 15:52:50.757918 +0000 +0000", "kind": "file", "filename": "lg30.ps1", "tags": "", "score": 8, "sha256": "220643466b3b056319813f6a504726baf236e866d32dace4290bab262f8f455f"}, {"sample": "230131-s5h5sagh79", "created": "2023-01-31 15:42:24.206508 +0000 +0000", "kind": "file", "filename": "lg30.ps1", "tags": "", "score": 8, "sha256": "220643466b3b056319813f6a504726baf236e866d32dace4290bab262f8f455f"}, {"sample": "230131-s2nwvsag6z", "created": "2023-01-31 15:37:25.795005 +0000 +0000", "kind": "file", "filename": "lg30.ps1", "tags": "", "score": 8, "sha256": "220643466b3b056319813f6a504726baf236e866d32dace4290bab262f8f455f"}, {"sample": "230131-st168agh52", "created": "2023-01-31 15:25:48.682962 +0000 +0000", "kind": "file", "filename": "file.ps1", "tags": "", "score": 8, "sha256": "9a2a9cedab80ef3b46f16c9c42044d3a914215a57084dedb07f92b3807226ea7"}, {"sample": "230131-smjnlagh35", "created": "2023-01-31 15:14:28.651806 +0000 +0000", "kind": "file", "filename": "script.ps1", "tags": "", "score": 10, "sha256": "08331780eece4dbda30548491445c5bc71bbf78a80f328aad35306ffcb59b7d1"}, {"sample": "230131-sh295sgh23", "created": "2023-01-31 15:08:23.733939 +0000 +0000", "kind": "file", "filename": "trigger.ps1", "tags": "", "score": 8, "sha256": "2cf97d622f9193b9aea218160edc41e21b805da76aa1d8fc441a3ce0584b839e"}, {"sample": "230131-se6s6agg93", "created": "2023-01-31 15:03:20.205263 +0000 +0000", "kind": "file", "filename": "file01.ps1", "tags": "", "score": 8, "sha256": "79f0bb087f05d9e77e99ebdd9f94c9f7245c6b9365a0b7f23433d982024e170d"}, {"sample": "230131-r4q9bsgg49", "created": "2023-01-31 14:45:07.05714 +0000 +0000", "kind": "file", "filename": "code.ps1", "tags": "", "score": 8, "sha256": "6109ffa74f726ff62658d7ecdbc91f2bde70b0436419fda6c7f1f301a101b09a"}, {"sample": "230131-mjjljafh86", "created": "2023-01-31 10:29:36.437875 +0000 +0000", "kind": "file", "filename": "ma.ps1", "tags": "", "score": 10, "sha256": "3923ef756bc3c52a58325a6aa698fef06400c2ec7fb5ea556d04f0cb33ce1f30"}, {"sample": "230131-k59zhafg59", "created": "2023-01-31 09:12:14.310008 +0000 +0000", "kind": "file", "filename": "m.ps1", "tags": "", "score": 1, "sha256": "e1961fa60ce83e813237170090300c3ea72d70740ee3aa8c1dfcfc73ee1ebc21"}, {"sample": "230131-kkwalsff62", "created": "2023-01-31 08:40:05.310764 +0000 +0000", "kind": "file", "filename": "ps1.ps1", "tags": "", "score": 10, "sha256": "20e43c8a1b887fe250b3c29dea34fb449fd8a209dc625a264b385f8a00a78c04"}, {"sample": "230130-2n14psdb33", "created": "2023-01-30 22:44:27.758666 +0000 +0000", "kind": "file", "filename": "file01.ps1", "tags": "persistence", "score": 8, "sha256": "7161ff78c282a5f70792a43f799ffae622f17506599c7b50a42cbdef02b029dd"}, {"sample": "230130-vtzz9sch4s", "created": "2023-01-30 17:17:35.480023 +0000 +0000", "kind": "file", "filename": "code.ps1", "tags": "", "score": 1, "sha256": "7eb70257593da06f682a3ddda54a9d260d4fc514f645237f5ca74b08f8da61a6"}, {"sample": "230130-nssfgaab87", "created": "2023-01-30 11:39:55.997539 +0000 +0000", "kind": "file", "filename": "jxz4qd40ulc99nv407l2gae9156tyqr5.ps1", "tags": "family:jupyter,backdoor,stealer,trojan", "score": 10, "sha256": "872f44ccb4c39f2da379c082ac4ad5acc06b363374a615929def47c18b0f9642"}, {"sample": "230130-mkg44abf4z", "created": "2023-01-30 10:31:16.976177 +0000 +0000", "kind": "file", "filename": "script.ps1", "tags": "discovery,evasion,ransomware", "score": 9, "sha256": "98c99248622ddb9a794b5d4fa4685abc85fbf9ae96f7b65bbb808296ef91ceae"}, {"sample": "230130-l9rt6aaa38", "created": "2023-01-30 10:14:16.841628 +0000 +0000", "kind": "file", "filename": "script.ps1", "tags": "", "score": 1, "sha256": "94c2efd570d4f83b1dd6e5e18bfa26ca2b416c15bfd008326b1d8331c8e7a29a"}, {"sample": "230129-bsqwesag8z", "created": "2023-01-29 01:24:41.110252 +0000 +0000", "kind": "file", "filename": "008_Remove Default Apps.ps1", "tags": "", "score": 8, "sha256": "01ef6f36dfcaeac3882de15cd8492d57c8e656a120692873b221a330f84fbc2a"}, {"sample": "230129-bq33zaag61", "created": "2023-01-29 01:21:48.834345 +0000 +0000", "kind": "file", "filename": "006_Optimize User Interface.ps1", "tags": "evasion", "score": 10, "sha256": "b9e4bd3a6a7fc82553e95162ba582335c8799c754167c108e9f5c923de6caabf"}, {"sample": "230129-bpmplahc73", "created": "2023-01-29 01:19:16.57959 +0000 +0000", "kind": "file", "filename": "005_Fix Privacy Settings.ps1", "tags": "", "score": 1, "sha256": "a8e2f1195867da78f0e99d3faf067e773c297ef8e3053344cdf4fcce8b8ca202"}, {"sample": "230129-bm5sdsag5s", "created": "2023-01-29 01:16:39.183781 +0000 +0000", "kind": "file", "filename": "001_Block Telemetry.ps1", "tags": "", "score": 8, "sha256": "3bb5edb9d78c078beb3bbb4595b25ab31d7429d2a1fc3a326e4dad46766d6646"}, {"sample": "230129-bjpa8sag2w", "created": "2023-01-29 01:10:37.658359 +0000 +0000", "kind": "file", "filename": "focus_windows_4.ps1", "tags": "persistence", "score": 8, "sha256": "551e1aa0faf011fc3cd5ba4a6978d4216e035a3b73bbd1e7faa371a766db6d67"}, {"sample": "230129-bdawnahb77", "created": "2023-01-29 01:01:12.852185 +0000 +0000", "kind": "file", "filename": "focus_windows_3.ps1", "tags": "persistence", "score": 8, "sha256": "551e1aa0faf011fc3cd5ba4a6978d4216e035a3b73bbd1e7faa371a766db6d67"}, {"sample": "230129-apy7ysae2x", "created": "2023-01-29 00:23:55.79593 +0000 +0000", "kind": "file", "filename": "focus_windows_2.ps1", "tags": "evasion,persistence,ransomware,trojan", "score": 10, "sha256": "75352839eb9bed7e0090503c04887dc36ead6023d561204fc38c6f09d5b77a71"}, {"sample": "230129-agj33aad8x", "created": "2023-01-29 00:10:58.976805 +0000 +0000", "kind": "file", "filename": "focus_windows.ps1", "tags": "evasion,persistence,ransomware,trojan", "score": 10, "sha256": "c03cd9d99012f13b41ccad1cbba410ea42d3d03bd49d8ff48f6054b66759d280"}, {"sample": "230128-3ytytagh92", "created": "2023-01-28 23:55:46.799342 +0000 +0000", "kind": "file", "filename": "focus_windows.ps1", "tags": "evasion,persistence,ransomware,trojan", "score": 10, "sha256": "75352839eb9bed7e0090503c04887dc36ead6023d561204fc38c6f09d5b77a71"}, {"sample": "230128-3m4nwagh64", "created": "2023-01-28 23:38:46.731839 +0000 +0000", "kind": "file", "filename": "focus_windows.ps1", "tags": "", "score": 1, "sha256": "e3b9147d2ab08abb3247ac41e7bfa8bd590f5383b0008343821e9008760d1902"}, {"sample": "230128-3medzsgh62", "created": "2023-01-28 23:37:33.484908 +0000 +0000", "kind": "file", "filename": "focus_windows.ps1", "tags": "", "score": 1, "sha256": "e3b9147d2ab08abb3247ac41e7bfa8bd590f5383b0008343821e9008760d1902"}, {"sample": "230128-3kw61sgh56", "created": "2023-01-28 23:34:55.870633 +0000 +0000", "kind": "file", "filename": "focus_windows.ps1", "tags": "", "score": 1, "sha256": "e3b9147d2ab08abb3247ac41e7bfa8bd590f5383b0008343821e9008760d1902"}, {"sample": "230128-3dheaagh45", "created": "2023-01-28 23:23:44.501809 +0000 +0000", "kind": "file", "filename": "win10debloatandgamingtweaks.ps1", "tags": "discovery,evasion,persistence,ransomware", "score": 10, "sha256": "e3dd105b0337fcadbfd4647fba79fc1b7ea99d4a04fcf33c7790770d14b53ed4"}, {"sample": "230128-3apdesac9t", "created": "2023-01-28 23:18:49.623685 +0000 +0000", "kind": "file", "filename": "win10debloatandgamingtweaks.ps1", "tags": "discovery,evasion,persistence,ransomware", "score": 10, "sha256": "e3dd105b0337fcadbfd4647fba79fc1b7ea99d4a04fcf33c7790770d14b53ed4"}, {"sample": "230128-exaa1sfe7v", "created": "2023-01-28 04:18:39.955975 +0000 +0000", "kind": "file", "filename": "Key_PS.ps1", "tags": "", "score": 1, "sha256": "05f22706facbfa96395206c097a472b0f6f62fb492eeea42c315b48552a2ffa2"}, {"sample": "230127-tlrhgsdd9w", "created": "2023-01-27 16:09:01.546539 +0000 +0000", "kind": "file", "filename": "obs.ps1", "tags": "", "score": 1, "sha256": "5eb6e42160678c49bda5cf4a502c6ee1f1989489066ffd7db7b9e83437ddb250"}, {"sample": "230127-evyktshg61", "created": "2023-01-27 04:16:19.788223 +0000 +0000", "kind": "file", "filename": "r4khr5bkqh552fg3teat38xucg6gajt9.ps1", "tags": "", "score": 8, "sha256": "0cdd6fc7792a0d7e56fc2b069a3e16a3617357dfe9158675b1b7ce2f95944813"}, {"sample": "230126-z7fwrsgh4t", "created": "2023-01-26 21:21:19.675866 +0000 +0000", "kind": "file", "filename": "run.ps1", "tags": "", "score": 1, "sha256": "956435b97efff726a08fa7f0363a054bd90e9e734b9a1161d04854c4653ee7a5"}, {"sample": "230126-x2ny3sfa59", "created": "2023-01-26 19:21:07.753091 +0000 +0000", "kind": "file", "filename": "fe383128-deea-440c-9169-8fff2fcd3df8.ps1", "tags": "", "score": 1, "sha256": "5ef08be9b30e988280feafeb7eb1fb9e654f1485c92584ef876f43d8a52d765a"}, {"sample": "230126-spq6fsfe7s", "created": "2023-01-26 15:18:19.733093 +0000 +0000", "kind": "file", "filename": "ViperSoftX_loader.ps1", "tags": "", "score": 8, "sha256": "a251e2b8e169b9659ba0b76366105226cb95827efeb47105d88b2300ca1902d3"}, {"sample": "230126-hbmk1acf66", "created": "2023-01-26 06:33:50.032366 +0000 +0000", "kind": "file", "filename": "file01.ps1", "tags": "", "score": 1, "sha256": "2d5b68dd0d6d514560f6ce5b3c2e4023592e191a2cdb0e94b3b8710b823feea9"}, {"sample": "230125-zkvfmsag46", "created": "2023-01-25 20:47:03.493207 +0000 +0000", "kind": "file", "filename": "asdfasd.ps1", "tags": "family:lockbit,ransomware", "score": 10, "sha256": "1a53460ac8889d82b47b704638f0fa9affc3d7ae5ad6f4cb7d02dce67f10e292"}, {"sample": "230125-x9klmabg3v", "created": "2023-01-25 19:33:10.865732 +0000 +0000", "kind": "file", "filename": "run.ps1", "tags": "", "score": 1, "sha256": "09d14c227c3d691c70dd875154d25638903285736ce2cb4ce2cd36ace9656803"}, {"sample": "230125-klm1mafe28", "created": "2023-01-25 08:41:26.332216 +0000 +0000", "kind": "file", "filename": "WINspect.ps1", "tags": "", "score": 4, "sha256": "0ade9ffd7479d1d7aeed53ae52c279bbd90a7f72c745f9d647b78c1af3410c7c"}, {"sample": "230125-dsq8aseg32", "created": "2023-01-25 03:16:33.191555 +0000 +0000", "kind": "file", "filename": "c082426f37a092cf153ee8843f3dc819f02159df49bedd1565b539876f62ba0b.ps1", "tags": "", "score": 10, "sha256": "c082426f37a092cf153ee8843f3dc819f02159df49bedd1565b539876f62ba0b"}, {"sample": "230125-a2ap5aga6y", "created": "2023-01-25 00:41:58.137445 +0000 +0000", "kind": "file", "filename": "virus.ps1", "tags": "", "score": 1, "sha256": "db8469f2a85a279f7cba6b1b22efc4593cb8ffe758a852173005ed2872f3cc40"}, {"sample": "230124-pl9xlscc21", "created": "2023-01-24 12:26:13.66662 +0000 +0000", "kind": "file", "filename": "pssF4B8.ps1", "tags": "", "score": 1, "sha256": "a04750ed5f05b82b90f6b8ea3748ba246af969757a5a4b74a0e25b186add520b"}, {"sample": "230124-hlde3saf3w", "created": "2023-01-24 06:49:07.338526 +0000 +0000", "kind": "file", "filename": "Obfuscated1.ps1", "tags": "", "score": 1, "sha256": "202b7670869cd42e5948bcd380f8fe53e3f0429b65f789b6a825a702f8c4683a"}, {"sample": "230124-eayp4agf29", "created": "2023-01-24 03:44:52.437224 +0000 +0000", "kind": "file", "filename": "6de255082129d8fbb877c4764dd96aedc65201979ee74bc4b810a0baa291f73b.ps1", "tags": "discovery,evasion,persistence,trojan,upx", "score": 10, "sha256": "6de255082129d8fbb877c4764dd96aedc65201979ee74bc4b810a0baa291f73b"}, {"sample": "230123-23q72sfh67", "created": "2023-01-23 23:06:41.332994 +0000 +0000", "kind": "file", "filename": "dl.ps1", "tags": "", "score": 1, "sha256": "06bfdc1553892b0c337d97863401508ba51961388e7cf1b2076160f74e32a727"}, {"sample": "230123-ylewxafb46", "created": "2023-01-23 19:52:08.564944 +0000 +0000", "kind": "file", "filename": "trigger.ps1", "tags": "", "score": 1, "sha256": "c10599931c194f7bfe6614adb17c2a5016e41545b126325daee5a830d5e373a2"}, {"sample": "230123-gpt2kabg94", "created": "2023-01-23 05:59:14.460216 +0000 +0000", "kind": "file", "filename": "HKK5Z.ps1", "tags": "", "score": 10, "sha256": "5dea87c91d94fe3ecc7aedc0710dc990731f0af9c7183957e922987a21fea037"}, {"sample": "230121-17bsgseb64", "created": "2023-01-21 22:17:01.858424 +0000 +0000", "kind": "file", "filename": "target.ps1", "tags": "", "score": 1, "sha256": "4abda870fada6338592544f1b6da9c6249da4d950c0a18104d8185f8a234f9c0"}, {"sample": "230121-ymeyasdf42", "created": "2023-01-21 19:53:53.625551 +0000 +0000", "kind": "file", "filename": "file01.ps1", "tags": "", "score": 1, "sha256": "d3612aaad33ee809ce7f313aa483daeccd292dde7b3fa033f7b0acf280298d45"}, {"sample": "230121-ylyc9adf37", "created": "2023-01-21 19:53:02.834274 +0000 +0000", "kind": "file", "filename": "code.ps1", "tags": "", "score": 1, "sha256": "3d465ae542bc78185e3d34cc97c1905a55a22a31cc0d84cb56bb698d58561579"}, {"sample": "230121-yhvg7adf22", "created": "2023-01-21 19:47:38.285579 +0000 +0000", "kind": "file", "filename": "target.ps1", "tags": "", "score": 1, "sha256": "f25297859cf0a70af5c053a5464a5fa647a35ceee1d91397331903846d79ffc1"}, {"sample": "230121-ygeeksde93", "created": "2023-01-21 19:45:07.089975 +0000 +0000", "kind": "file", "filename": "file01.ps1", "tags": "", "score": 1, "sha256": "1d6f385dd0e7ccc3ada3e24e973fd850470dbb222547ea0c1cb7c9f6d9e1dc5e"}, {"sample": "230121-vmy5dsfa5t", "created": "2023-01-21 17:07:03.526603 +0000 +0000", "kind": "file", "filename": "WinDefGpo_Reg.ps1", "tags": "evasion,trojan", "score": 10, "sha256": "76a5e7e586a185a264144cd3b67156521bac6c99082fee6579ca03b7d29f111a"}, {"sample": "230121-b5mdrscb8s", "created": "2023-01-21 01:43:43.738803 +0000 +0000", "kind": "file", "filename": "test.ps1", "tags": "", "score": 8, "sha256": "4f9d5351906bb66e4d116fcce70a79c00dcdc4727d5095639bb91b84f57e42fe"}, {"sample": "230120-3gms6sca2x", "created": "2023-01-20 23:29:13.067189 +0000 +0000", "kind": "file", "filename": "file01.ps1", "tags": "", "score": 1, "sha256": "27b6e382b4256ff150d83389d10aeee4b38cee29cc6dc0baf0c353e2b642d017"}, {"sample": "230120-2falsabh5s", "created": "2023-01-20 22:30:56.032019 +0000 +0000", "kind": "file", "filename": "test.ps1", "tags": "", "score": 8, "sha256": "4f9d5351906bb66e4d116fcce70a79c00dcdc4727d5095639bb91b84f57e42fe"}, {"sample": "230120-hlecdahb74", "created": "2023-01-20 06:49:10.394456 +0000 +0000", "kind": "file", "filename": "bypass.ps1", "tags": "family:xmrig,miner,persistence", "score": 10, "sha256": "0b0d87744aa21b7ed3a5cf738bd655f3aa4f9608f7a28a8ea55dee3ac5c3c838"}, {"sample": "230120-hk5g6seb2v", "created": "2023-01-20 06:48:41.729301 +0000 +0000", "kind": "file", "filename": "bypass.ps1", "tags": "family:xmrig,miner,persistence", "score": 10, "sha256": "0b0d87744aa21b7ed3a5cf738bd655f3aa4f9608f7a28a8ea55dee3ac5c3c838"}, {"sample": "230120-haxdtaff26", "created": "2023-01-20 06:32:34.896734 +0000 +0000", "kind": "file", "filename": "bypass.ps1", "tags": "", "score": 8, "sha256": "0b0d87744aa21b7ed3a5cf738bd655f3aa4f9608f7a28a8ea55dee3ac5c3c838"}, {"sample": "230120-habr4sce3s", "created": "2023-01-20 06:31:33.216487 +0000 +0000", "kind": "url", "filename": "http://163.123.142.210/bypass.ps1", "tags": "", "score": 1, "sha256": ""}, {"sample": "230120-e6lqeagf31", "created": "2023-01-20 04:33:12.660533 +0000 +0000", "kind": "file", "filename": "ss.ps1", "tags": "family:quasar,botnet:office04,spyware,trojan", "score": 10, "sha256": "6c1e62385d660ca43e024d461154fbb4805e429cdf7850d19510d7f69533739e"}, {"sample": "230120-de86ysbd64", "created": "2023-01-20 02:56:27.5714 +0000 +0000", "kind": "file", "filename": "code.ps1", "tags": "", "score": 1, "sha256": "fcebfb589329a5573d64679c81455fd9a942d7cd5105b5afdb47ca08073fa2a8"}, {"sample": "230119-y5qshsec6s", "created": "2023-01-19 20:22:23.920511 +0000 +0000", "kind": "file", "filename": "l1yprr.ps1", "tags": "family:quasar,botnet:office04,spyware,trojan", "score": 10, "sha256": "6f890fdcdb5267b92b3b793ff8b17484bc1a6a4107a68f2b4282d386225b63f1"}, {"sample": "230119-vn4q9sgf67", "created": "2023-01-19 17:09:03.58913 +0000 +0000", "kind": "file", "filename": "ss.ps1", "tags": "family:quasar,botnet:office04,spyware,stealer,trojan", "score": 10, "sha256": "6c1e62385d660ca43e024d461154fbb4805e429cdf7850d19510d7f69533739e"}, {"sample": "230119-shf2xadc5w", "created": "2023-01-19 15:07:20.88586 +0000 +0000", "kind": "file", "filename": "l1yprr.ps1", "tags": "family:quasar,botnet:office04,spyware,trojan", "score": 10, "sha256": "6f890fdcdb5267b92b3b793ff8b17484bc1a6a4107a68f2b4282d386225b63f1"}, {"sample": "230119-k31ytace4x", "created": "2023-01-19 09:08:18.117202 +0000 +0000", "kind": "url", "filename": "http://10.26.32.106:8000/Invoke-Mimikatz.ps1", "tags": "", "score": 8, "sha256": ""}, {"sample": "230119-ks1kasce3v", "created": "2023-01-19 08:52:33.823038 +0000 +0000", "kind": "url", "filename": "https://csc2cwp00009039.cloud.kp.org/SMS_DP_SMSPKG$/Content_08b073e2-f6d1-4612-b450-ca822c240cc7.1/sccm?/App%20IN.ps1", "tags": "", "score": 1, "sha256": ""}, {"sample": "230119-kq2pksce3s", "created": "2023-01-19 08:49:07.786253 +0000 +0000", "kind": "url", "filename": "http://csc2cwp00009039.cloud.kp.org/SMS_DP_SMSPKG$/Content_08b073e2-f6d1-4612-b450-ca822c240cc7.1/sccm?/App%20IN.ps1", "tags": "", "score": 1, "sha256": ""}, {"sample": "230119-exln2sfa38", "created": "2023-01-19 04:19:13.575045 +0000 +0000", "kind": "file", "filename": "script.ps1", "tags": "", "score": 10, "sha256": "1d53c13d105a8aef374110dc81b62c4660d456e33e08a5722a64f535b53b746d"}, {"sample": "230119-dfxvbaad7t", "created": "2023-01-19 02:57:38.382366 +0000 +0000", "kind": "file", "filename": "file01.ps1", "tags": "", "score": 1, "sha256": "5905ffe4a51b3e28f48b7d45c03e2bd17c153067ad2596491aa32b4f9423a1e1"}, {"sample": "230118-ys9d4adc81", "created": "2023-01-18 20:04:04.631706 +0000 +0000", "kind": "file", "filename": "22.txt.ps1", "tags": "", "score": 7, "sha256": "4dc5cd716d199967111e2a35aa260f336ea63d9f56619ca468ac80145f2fbe15"}, {"sample": "230118-ys9d4adc8z", "created": "2023-01-18 20:04:04.480342 +0000 +0000", "kind": "file", "filename": "2.txt.ps1", "tags": "", "score": 7, "sha256": "9388bd306fa4c7b7d113d94f09ece73c78875fa7fb73c79de74f0919ba27b821"}, {"sample": "230118-br1dgaef59", "created": "2023-01-18 01:23:24.542671 +0000 +0000", "kind": "file", "filename": "file.ps1", "tags": "", "score": 1, "sha256": "23982c7d9299f6ae87399530086a799981f7bbc03d65274ed9f8e39d649d9a23"}, {"sample": "230117-yecg7see97", "created": "2023-01-17 19:41:31.930225 +0000 +0000", "kind": "file", "filename": "target.ps1", "tags": "", "score": 1, "sha256": "398021b6d831ccbebdd1959f41e3cf2ed298f685f259bc5632b310af4b50d498"}, {"sample": "230117-xvwqcadd95", "created": "2023-01-17 19:11:00.89727 +0000 +0000", "kind": "file", "filename": "so.ps1", "tags": "persistence", "score": 8, "sha256": "57af5c9f715d5c516e1137b6d336bff7656e1b85695fff4c83fc5a78c11fdec6"}, {"sample": "230117-tj7fxseh2v", "created": "2023-01-17 16:06:17.109168 +0000 +0000", "kind": "file", "filename": "WINspect.ps1", "tags": "", "score": 4, "sha256": "0ade9ffd7479d1d7aeed53ae52c279bbd90a7f72c745f9d647b78c1af3410c7c"}, {"sample": "230117-crlqraha42", "created": "2023-01-17 02:18:38.20426 +0000 +0000", "kind": "file", "filename": "nvz0g1.ps1", "tags": "family:quasar,botnet:office04,spyware,trojan", "score": 10, "sha256": "c90652e3d658848ea93fc3b70bec8122366ea3a9cc79a11cd47d7b5c418b9b2a"}, {"sample": "230116-yjajeagd8x", "created": "2023-01-16 19:48:24.359794 +0000 +0000", "kind": "file", "filename": "40002023.ps1", "tags": "family:xworm,rat,trojan", "score": 10, "sha256": "31e12fb8d77009e83e267b38a5b251b0bc5738cca0f02a73fddff14704c71e82"}, {"sample": "230116-tcx9nsdd41", "created": "2023-01-16 15:55:21.002725 +0000 +0000", "kind": "file", "filename": "cpl.jpg.ps1", "tags": "family:asyncrat,botnet:cpl_2023,rat", "score": 10, "sha256": "2f095933da1d32419a9cc4fa2e11f072c06757cbed15b6a7a9f626e1bacdf507"}, {"sample": "230116-r4mk5scf8t", "created": "2023-01-16 14:44:55.748869 +0000 +0000", "kind": "file", "filename": "Chrome.ps1", "tags": "discovery", "score": 8, "sha256": "6ea151cc5073dde5350dd0b663a86a921eff5ea731d8db610520ebea1db910bf"}, {"sample": "230116-rz64zsgf66", "created": "2023-01-16 14:38:53.436481 +0000 +0000", "kind": "file", "filename": "Chrome.ps1", "tags": "", "score": 8, "sha256": "6ea151cc5073dde5350dd0b663a86a921eff5ea731d8db610520ebea1db910bf"}, {"sample": "230116-qrtcgsbg6t", "created": "2023-01-16 13:30:05.680993 +0000 +0000", "kind": "file", "filename": "920267211.ps1", "tags": "family:cobaltstrike,botnet:391144938,backdoor,trojan", "score": 10, "sha256": "8b15ccdec9dac18862d8a43b2e1a55760166b98ab2166de9979e8f0ae8f915b1"}, {"sample": "230116-ql8vzsfg37", "created": "2023-01-16 13:22:05.633778 +0000 +0000", "kind": "file", "filename": "cobalt.ps1", "tags": "family:cobaltstrike,botnet:391144938,backdoor,trojan", "score": 10, "sha256": "0c0a884cc3786f426df91612e63564403b01fd499f1f7d12a3805f730f1c7c47"}, {"sample": "230116-pv7tlsah6x", "created": "2023-01-16 12:40:05.263918 +0000 +0000", "kind": "file", "filename": "what.ps1.ps1", "tags": "", "score": 8, "sha256": "8ee634d5250370c38c407357514f2569b7acbc5f2db338b547154ae8fbfb3a28"}, {"sample": "230116-ld7whach55", "created": "2023-01-16 09:26:06.048463 +0000 +0000", "kind": "file", "filename": "rr.ps1", "tags": "", "score": 1, "sha256": "0de155131d9581003c4d49db78176c7bd927e280e440c3c1f35fa6a1505f6fd4"}, {"sample": "230116-jldlhsfe8s", "created": "2023-01-16 07:45:03.403875 +0000 +0000", "kind": "file", "filename": "ps3.ps1", "tags": "", "score": 1, "sha256": "0e2f3b3ee0463eed39361790dd95f323890716f4e7fbf169efeab7133a6d123a"}, {"sample": "230116-jldlhsbf75", "created": "2023-01-16 07:45:03.315009 +0000 +0000", "kind": "file", "filename": "ps2.ps1", "tags": "", "score": 1, "sha256": "a4ee0127b7dbb3e0167fc47bef2f1f7b5321c77cf35f9e77eb6b3f7c2c0203bc"}, {"sample": "230116-jgyqwsfe2y", "created": "2023-01-16 07:39:03.42634 +0000 +0000", "kind": "file", "filename": "ps1.ps1", "tags": "", "score": 1, "sha256": "d075af8a7c2b3c12b39ebb6d27069876af41f93cc997db2761d95db344c19aff"}, {"sample": "230116-h9qejsfc3v", "created": "2023-01-16 07:26:25.210008 +0000 +0000", "kind": "file", "filename": "101.ps1", "tags": "", "score": 8, "sha256": "8f6936885cf2a10cefb4b9f6dd8a460e140d366728993fbe767bc181f0db03ac"}, {"sample": "230115-qy5dbsbc5v", "created": "2023-01-15 13:41:07.05408 +0000 +0000", "kind": "file", "filename": "wat.ps1", "tags": "", "score": 1, "sha256": "433ca57a2326e42788b87dd958a1d56d9f709c3ce36ff8ee271e5fed4e15d40a"}, {"sample": "230114-s4tvwsaa22", "created": "2023-01-14 15:41:11.630571 +0000 +0000", "kind": "file", "filename": "file.ps1", "tags": "", "score": 1, "sha256": "790aafaeafbeabdeaddba0055b6d881ea9fd041c7a892c68415337ef58868c8a"}, {"sample": "230114-rv5qcshc39", "created": "2023-01-14 14:31:49.549151 +0000 +0000", "kind": "file", "filename": "powershell_history.ps1", "tags": "", "score": 1, "sha256": "43e03b2780c44dd3d84fcf691833be3ab78528f8dbe049761f61c07435a0e23f"}, {"sample": "230114-pjj86sfb33", "created": "2023-01-14 12:21:29.215926 +0000 +0000", "kind": "file", "filename": "code.ps1", "tags": "", "score": 1, "sha256": "0b4d8e55626296f295292f3dd6d3ef5a852019012287be39012f0041360dac3d"}, {"sample": "230114-bsd7maga25", "created": "2023-01-14 01:24:06.765116 +0000 +0000", "kind": "file", "filename": "script.ps1", "tags": "", "score": 1, "sha256": "7d516ecf1b5ab7eba36ac40dd7829568d8df808ea0433183792ffea15487887d"}, {"sample": "230113-ymg3nace53", "created": "2023-01-13 19:54:00.785313 +0000 +0000", "kind": "url", "filename": "http://concretium.pt/xx/vvv/ii.ps1", "tags": "", "score": 1, "sha256": ""}, {"sample": "230113-w8qktafd7x", "created": "2023-01-13 18:35:46.699585 +0000 +0000", "kind": "file", "filename": "out.ps1", "tags": "", "score": 1, "sha256": "0abc45072aa56048248905208b8d4a8fe23c77479306c8e7012d55e4c708e7df"}, {"sample": "230113-wsr4psfb9x", "created": "2023-01-13 18:11:23.216045 +0000 +0000", "kind": "file", "filename": "rtf.txt.ps1", "tags": "", "score": 1, "sha256": "7e61fbba0de21c5a2f630626463a24f58c284b2f07f7fcdf755c20fcd0dcc6d0"}, {"sample": "230113-v1z9lsah56", "created": "2023-01-13 17:28:05.949715 +0000 +0000", "kind": "file", "filename": "888eb6be3dc581a117d3a2afd5ec9b2b4622f6a4950421e4fec99caea2e83ff0.ps1", "tags": "", "score": 10, "sha256": "888eb6be3dc581a117d3a2afd5ec9b2b4622f6a4950421e4fec99caea2e83ff0"}, {"sample": "230113-pgq9psce2x", "created": "2023-01-13 12:18:19.043383 +0000 +0000", "kind": "file", "filename": "1.ps1", "tags": "", "score": 1, "sha256": "88c304b5b99c89db198980ded5224f151cd741d637b6d6be545efa1e13f6077c"}, {"sample": "230113-n2al1sgf82", "created": "2023-01-13 11:53:03.626196 +0000 +0000", "kind": "file", "filename": "50002023.ps1", "tags": "family:asyncrat,persistence,rat", "score": 10, "sha256": "63aed026869dc82bfc6288099ecce6b173159bda01208f78969e1c330ee96d13"}, {"sample": "230113-lq5lxabg2s", "created": "2023-01-13 09:45:12.372534 +0000 +0000", "kind": "file", "filename": "win64.ps1", "tags": "", "score": 10, "sha256": "e8c4ec795a14587d3b3ce34b73eca090ea9d9957fb612300abc6239ec293eb26"}, {"sample": "230113-lpl36sfh93", "created": "2023-01-13 09:42:33.679729 +0000 +0000", "kind": "url", "filename": "http://dl-cli.pstmn.io/install/win64.ps1", "tags": "", "score": 1, "sha256": ""}, {"sample": "230113-lnktqabf9s", "created": "2023-01-13 09:40:44.298218 +0000 +0000", "kind": "file", "filename": "SharpHound.ps1", "tags": "", "score": 1, "sha256": "29543e91d1d4e5115f2fd7baca06f6aa938314eeb81ec1c4e134f7762b73f6cc"}, {"sample": "230113-lml1dsfh75", "created": "2023-01-13 09:39:03.640564 +0000 +0000", "kind": "file", "filename": "x.ps1", "tags": "", "score": 8, "sha256": "c746b9fcaa7ac270569cbd3d0a67bf0f57bdf7fad03b18850283a8759ea62ad9"}, {"sample": "230113-leqnlsbf4v", "created": "2023-01-13 09:27:01.009778 +0000 +0000", "kind": "file", "filename": "payload.ps1", "tags": "", "score": 8, "sha256": "26c1b3747313ba251680a9b8022c76cc3ecd74761bb583376e81efc2512ddac4"}, {"sample": "230113-k53kesfg59", "created": "2023-01-13 09:11:53.448849 +0000 +0000", "kind": "file", "filename": "NagaHTTP.ps1", "tags": "", "score": 8, "sha256": "f63ef65dc38674c6279b6ba8be77247e3f8ef5eddf177f165a63ad5f60493876"}, {"sample": "230113-kcqedsbc9s", "created": "2023-01-13 08:27:35.60053 +0000 +0000", "kind": "file", "filename": "cycura.ps1", "tags": "", "score": 8, "sha256": "228b9a1ef1c05a43160ba972a4261fb4b578106f39d6951c9fb5f6146e9eef9e"}, {"sample": "230113-j3fgfafd97", "created": "2023-01-13 08:11:22.49686 +0000 +0000", "kind": "file", "filename": "payload.ps1", "tags": "", "score": 8, "sha256": "e29eebc7b8ec7198fca4770df35393755c080eca2ed3042d670a72b2d0b0d573"}, {"sample": "230113-jrwdhsfd25", "created": "2023-01-13 07:54:39.498365 +0000 +0000", "kind": "file", "filename": "evmet.ps1", "tags": "", "score": 8, "sha256": "24c8b309186837b3bc0c3c4608ff131630b11dc3dad0cf9ff74f18aa25612d14"}, {"sample": "230113-jrnnnsfc99", "created": "2023-01-13 07:54:17.471959 +0000 +0000", "kind": "file", "filename": "met.ps1", "tags": "", "score": 8, "sha256": "d34e535c8004362434fcc7ee397fb29cc5bb39e1c7979440b4ef000405ade7db"}, {"sample": "230113-jhvqmafc62", "created": "2023-01-13 07:40:38.358693 +0000 +0000", "kind": "file", "filename": "shvnc.ps1", "tags": "", "score": 7, "sha256": "1d3e573d432ef094fba33f615aa0564feffa99853af77e10367f54dc6df95509"}, {"sample": "230112-scshragd24", "created": "2023-01-12 14:59:10.228783 +0000 +0000", "kind": "file", "filename": "install.ps1", "tags": "", "score": 1, "sha256": "d5558cd419c8d46bdc958064cb97f963d1ea793866414c025906ec15033512ed"}, {"sample": "230112-sb53fsgd22", "created": "2023-01-12 14:58:03.223186 +0000 +0000", "kind": "url", "filename": "https://raw.githubusercontent.com/spotx-cli/spotx-win/main/install.ps1", "tags": "", "score": 1, "sha256": ""}, {"sample": "230112-ftk4safc35", "created": "2023-01-12 05:09:52.171212 +0000 +0000", "kind": "file", "filename": "1806695ff2b00c1dcbdba40be92836efa3b36228124e0e18e471aec6ed9de7ad.ps1", "tags": "family:asyncrat,botnet:default,persistence,rat", "score": 10, "sha256": "1806695ff2b00c1dcbdba40be92836efa3b36228124e0e18e471aec6ed9de7ad"}, {"sample": "230112-dnadzsfa58", "created": "2023-01-12 03:08:45.738485 +0000 +0000", "kind": "file", "filename": "1806695ff2b00c1dcbdba40be92836efa3b36228124e0e18e471aec6ed9de7ad.ps1", "tags": "family:asyncrat,botnet:default,rat", "score": 10, "sha256": "1806695ff2b00c1dcbdba40be92836efa3b36228124e0e18e471aec6ed9de7ad"}, {"sample": "230111-18zwpsad9t", "created": "2023-01-11 22:19:55.706147 +0000 +0000", "kind": "file", "filename": "dj.ps1", "tags": "family:metasploit", "score": 10, "sha256": "0cbc57977879579cf09d89c32a4a0a51c5abb26e4c9f0cc95341446eb8a03b14"}, {"sample": "230111-wfl2xsdf83", "created": "2023-01-11 17:51:53.535764 +0000 +0000", "kind": "file", "filename": "Wazuh Install.ps1", "tags": "discovery", "score": 8, "sha256": "6ea151cc5073dde5350dd0b663a86a921eff5ea731d8db610520ebea1db910bf"}, {"sample": "230111-l12b8sbg45", "created": "2023-01-11 10:00:45.001049 +0000 +0000", "kind": "file", "filename": "WynisWIN10-CISv1.0.ps1", "tags": "", "score": 1, "sha256": "be7bdd173e76a44804ddbd10b5e5ab6250f06c5e604d4782c741337552fb9148"}, {"sample": "230110-2127jadg2x", "created": "2023-01-10 23:03:44.004621 +0000 +0000", "kind": "file", "filename": "file.ps1", "tags": "", "score": 1, "sha256": "9f7c9e2a7bd1b7c88b855c8d172b94fd094fe9ffcbf6bd8ecd1557b901efa68e"}, {"sample": "230110-2vmvnahh76", "created": "2023-01-10 22:54:16.6234 +0000 +0000", "kind": "file", "filename": "run.ps1", "tags": "", "score": 1, "sha256": "ff6ab4a4b39461e6ec998026f4432da94d2067869d4e6c9b7f4febb98419e04f"}, {"sample": "230110-2c5bzsdf6w", "created": "2023-01-10 22:27:09.460853 +0000 +0000", "kind": "file", "filename": "script.ps1", "tags": "", "score": 1, "sha256": "253968b2f6093eccc80839ea4f6a7d78c9c964d57bcf683c4454988b8e3b3206"}, {"sample": "230110-199gjahh46", "created": "2023-01-10 22:22:08.485978 +0000 +0000", "kind": "file", "filename": "trigger.ps1", "tags": "", "score": 1, "sha256": "1c1118131ef0dc425bef39727832d1e9e5dc4f31181c3b90d67f53ab53f82628"}, {"sample": "230110-wtz6psgh37", "created": "2023-01-10 18:13:31.31199 +0000 +0000", "kind": "file", "filename": "65_443.ps1", "tags": "family:metasploit", "score": 10, "sha256": "0b1f11ce4407912fa4c74e49e8fcf2ee167ff7d63271eb786e705f67a21caa1a"}, {"sample": "230110-vw1dtace7s", "created": "2023-01-10 17:21:06.268882 +0000 +0000", "kind": "file", "filename": "f462x9le25m726u7a2xvllx1p74c1nw3.ps1", "tags": "", "score": 8, "sha256": "f648f5aedcc15303407812b041b3101dadad034e2252168943a16155b92eb9bc"}, {"sample": "230110-r26w1agd55", "created": "2023-01-10 14:42:22.289681 +0000 +0000", "kind": "url", "filename": "http://61.97.188.42:8080/lr.ps1", "tags": "", "score": 1, "sha256": ""}, {"sample": "230110-ryp43sgd37", "created": "2023-01-10 14:36:19.074522 +0000 +0000", "kind": "url", "filename": "http://61.97.188.42:8080/lr.ps1", "tags": "", "score": 1, "sha256": ""}, {"sample": "230110-p7phssbh2t", "created": "2023-01-10 12:58:25.725284 +0000 +0000", "kind": "file", "filename": "26023-CheckupRun.ps1", "tags": "", "score": 1, "sha256": "e0fad1121f00cd750e0a079ce709546c7494a6cd02bf66025682b2523d668fd7"}, {"sample": "230110-p42nysbg81", "created": "2023-01-10 12:53:47.173796 +0000 +0000", "kind": "file", "filename": "CleanupTask.ps1", "tags": "", "score": 1, "sha256": "04fac7596881d93af4bb84944292fa782bfb657d168cf715ca0dccb5838e7586"}, {"sample": "230110-mz476sfg42", "created": "2023-01-10 10:55:05.968213 +0000 +0000", "kind": "file", "filename": "2.ps1", "tags": "collection,persistence", "score": 8, "sha256": "9a08bc42590ac64927b41f225a79a84fc58bfcfa215d27bc09cfd19137615847"}, {"sample": "230109-141bnsbd6v", "created": "2023-01-09 22:12:57.699349 +0000 +0000", "kind": "file", "filename": "hoax.ps1", "tags": "", "score": 8, "sha256": "cd47f0c7317a957eb802b7831ca0e6a7d285fe2e7275b656778f95089e97fef4"}, {"sample": "230109-vfq57seh77", "created": "2023-01-09 16:56:11.133825 +0000 +0000", "kind": "file", "filename": "Wazuh Install.ps1", "tags": "", "score": 1, "sha256": "6ea151cc5073dde5350dd0b663a86a921eff5ea731d8db610520ebea1db910bf"}, {"sample": "230109-t5zyzaad2s", "created": "2023-01-09 16:39:08.407974 +0000 +0000", "kind": "file", "filename": "Wazuh Install.ps1", "tags": "discovery", "score": 8, "sha256": "e2f4ac2297fd71094aeb931c4591a232154ac669f71586fbd8ec5e1df5b0fd01"}, {"sample": "230109-t31gqaac9w", "created": "2023-01-09 16:35:40.571266 +0000 +0000", "kind": "file", "filename": "Wazuh Install.ps1", "tags": "discovery", "score": 8, "sha256": "e2f4ac2297fd71094aeb931c4591a232154ac669f71586fbd8ec5e1df5b0fd01"}, {"sample": "230109-twj66aac8v", "created": "2023-01-09 16:24:24.981559 +0000 +0000", "kind": "file", "filename": "Wazuh Install.ps1", "tags": "discovery", "score": 8, "sha256": "de9859c86117951dcc4d17d4ba6b8ba7a4a59e0b0f920f7d56ddcba19c896117"}, {"sample": "230109-q1ewfsed43", "created": "2023-01-09 13:43:23.356302 +0000 +0000", "kind": "file", "filename": "target.ps1", "tags": "", "score": 1, "sha256": "36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068"}, {"sample": "230109-p9yt9ahf9s", "created": "2023-01-09 13:02:22.72823 +0000 +0000", "kind": "file", "filename": "unk.ps1", "tags": "family:formbook,campaign:n2t4,rat,spyware,stealer,trojan", "score": 10, "sha256": "9e30a88af6c529a958a9d72ba2fa1b8aefbbc1dffd0f188ebaffa5905527dc5b"}, {"sample": "230109-pxmapaeb67", "created": "2023-01-09 12:42:34.185883 +0000 +0000", "kind": "file", "filename": "code.ps1", "tags": "persistence", "score": 8, "sha256": "b2ae755a817644834918d3aef6483f68189f2ec187d64e2ab5ac77f9ba3d43b1"}, {"sample": "230109-pthhbseb55", "created": "2023-01-09 12:37:07.626167 +0000 +0000", "kind": "file", "filename": "script.ps1", "tags": "", "score": 1, "sha256": "0ff10afed48e12a003b232dafe923a853e1b8cb96f45310c97f02cea10cf0e67"}, {"sample": "230109-pknyraeb35", "created": "2023-01-09 12:23:26.024969 +0000 +0000", "kind": "file", "filename": "code.ps1", "tags": "", "score": 5, "sha256": "694fe58a4bce1fc1db5c0db8e0e6bb062a3f3574c5a9b7359e9511174e2c3461"}, {"sample": "230109-pgkrxshe8v", "created": "2023-01-09 12:18:01.283552 +0000 +0000", "kind": "file", "filename": "code.ps1", "tags": "", "score": 5, "sha256": "10f46a129d608e1ae5b319eadc075595f37d2cf43f845de701ceb1ad24bc4aab"}, {"sample": "230109-l44xjadg82", "created": "2023-01-09 10:06:08.853785 +0000 +0000", "kind": "file", "filename": "AppRegistration.ps1", "tags": "persistence", "score": 8, "sha256": "9b40069b6422c110c5d0bd1c4bba419d64ece9158e94fa6da1af8a12a5541580"}, {"sample": "230109-k8ww2shb6v", "created": "2023-01-09 09:16:49.907046 +0000 +0000", "kind": "file", "filename": "target.ps1", "tags": "", "score": 1, "sha256": "6bda555865385b863f33b3410ee28c3dc80fd9c9805657f83b9ea063815977b6"}, {"sample": "230109-j1lwfaha4y", "created": "2023-01-09 08:08:10.265594 +0000 +0000", "kind": "file", "filename": "script.ps1", "tags": "family:gozi,botnet:3000,banker,isfb,trojan", "score": 10, "sha256": "fc046ad51615aba505ac1e876067c5f8a720ce739733900434da5bb5e8257d9d"}, {"sample": "230108-r3k1xshc4x", "created": "2023-01-08 14:43:05.142215 +0000 +0000", "kind": "file", "filename": "8082-x86.ps1", "tags": "", "score": 8, "sha256": "d8f94dd6d50eb4dd0528f3784883e20eb8499f5188e596de217039a9dff61e64"}, {"sample": "230108-r3kp6adg99", "created": "2023-01-08 14:43:04.33976 +0000 +0000", "kind": "file", "filename": "8082-x64.ps1", "tags": "", "score": 8, "sha256": "a55296309871408165c248cb6e5c88e84da5682bdddc5cce220552660536d93b"}, {"sample": "230108-kxr4qage5x", "created": "2023-01-08 08:59:08.980021 +0000 +0000", "kind": "file", "filename": "1.ps1.ps1", "tags": "link,pdf", "score": 10, "sha256": "013fa83200f410035b17379e3661af77a7a9070cb6d29418b6c433969b8f0f08"}, {"sample": "230108-hx35wagd2w", "created": "2023-01-08 07:07:50.422525 +0000 +0000", "kind": "file", "filename": "cobalt.ps1", "tags": "family:cobaltstrike", "score": 10, "sha256": "c25c45286fd71633d746fd6be108854f243d89129dc340d251b337bb414fb0b7"}, {"sample": "230107-t3a7tshd21", "created": "2023-01-07 16:34:27.97828 +0000 +0000", "kind": "file", "filename": "100039-LicenseAcquisitionTask.ps1", "tags": "", "score": 1, "sha256": "a7de21c3bc7828861bf58464e0bf8b2463a92037d115011f3c5844857f92e80d"}, {"sample": "230107-mqdzmagf9y", "created": "2023-01-07 10:39:50.200875 +0000 +0000", "kind": "file", "filename": "file01.ps1", "tags": "", "score": 1, "sha256": "66e7166afcc40c22007cbe786f57a91e9f3e021500404d8d646e7399b23d0b98"}, {"sample": "230107-azq94afg7s", "created": "2023-01-07 00:39:16.802068 +0000 +0000", "kind": "file", "filename": "file01.ps1", "tags": "", "score": 10, "sha256": "37800eb40e156b3764349eda5ea60884e9c7581f70b09820ea89f230ef33cb62"}, {"sample": "230106-2yjbmsff6w", "created": "2023-01-06 22:59:19.061489 +0000 +0000", "kind": "file", "filename": "050425d0-4a30-4d62-ba4c-11947d3cce48.ps1", "tags": "", "score": 1, "sha256": "a13b6d25200b87b6607563ce8ae50a912bfbd5c607b1b03141e4183112619af2"}, {"sample": "230106-ydv8xsfa8y", "created": "2023-01-06 19:40:41.269839 +0000 +0000", "kind": "file", "filename": "pe64.ps1", "tags": "", "score": 1, "sha256": "bd1221f2165118fe02ace7a042d07da6967aa99f463e8570cb09c34bf7ed2c5a"}, {"sample": "230106-yc7wbsbd99", "created": "2023-01-06 19:39:31.718187 +0000 +0000", "kind": "file", "filename": "WinDefGpo_Reg.ps1", "tags": "evasion,trojan", "score": 10, "sha256": "76a5e7e586a185a264144cd3b67156521bac6c99082fee6579ca03b7d29f111a"}, {"sample": "230106-xxw4wsdh5s", "created": "2023-01-06 19:14:31.051993 +0000 +0000", "kind": "file", "filename": "test.ps1", "tags": "", "score": 1, "sha256": "118c9533a30cbf4d31a7a2758f9001f0067a964d9c89648db59c0d3b12a02b2a"}, {"sample": "230106-xxv7ladh4y", "created": "2023-01-06 19:14:28.418655 +0000 +0000", "kind": "file", "filename": "downloaded_amsi_poc.ps1", "tags": "", "score": 1, "sha256": "f5652c65b47f35bc2c556b81746e5641801461d03242401687695fe9b0f4dba7"}, {"sample": "230106-xxgn7sdh2x", "created": "2023-01-06 19:13:47.739189 +0000 +0000", "kind": "file", "filename": "shvnc.ps1", "tags": "", "score": 7, "sha256": "1d3e573d432ef094fba33f615aa0564feffa99853af77e10367f54dc6df95509"}, {"sample": "230106-xvz3rsab64", "created": "2023-01-06 19:11:11.071348 +0000 +0000", "kind": "file", "filename": "powerview2.ps1", "tags": "", "score": 1, "sha256": "34adda019d1442296701efefc607498db4d9385ea7ae8c97a93761928d179d04"}, {"sample": "230106-xvzr1aab63", "created": "2023-01-06 19:11:10.210756 +0000 +0000", "kind": "file", "filename": "RegfDenyTSConnections.ps1", "tags": "", "score": 1, "sha256": "f693a609e3ceb2b5eb10f4e16b90a29393dcc2b02283c0e0022c6440f77f065f"}, {"sample": "230106-xvzf8sab62", "created": "2023-01-06 19:11:09.873076 +0000 +0000", "kind": "file", "filename": "RegRdpPort.ps1", "tags": "", "score": 1, "sha256": "b5d90d409125ed0f45be4d92aef25f2ed8faca96d076d28051645c72b5ad45c9"}, {"sample": "230106-xvzf8sdg8w", "created": "2023-01-06 19:11:09.444696 +0000 +0000", "kind": "file", "filename": "PowerView.ps1", "tags": "", "score": 1, "sha256": "817d1627dcea79d5c018840ee3ef42a950cf367a29c8f5e7bb7c1fe0ee6036ba"}, {"sample": "230106-xvy6gaab59", "created": "2023-01-06 19:11:08.729615 +0000 +0000", "kind": "file", "filename": "KillEvenlogService.ps1", "tags": "", "score": 1, "sha256": "c676b559a0d13fec22804c9489726a9a6ffbb6260c866cb5e5964067ea733bcc"}, {"sample": "230106-xvy6gaab58", "created": "2023-01-06 19:11:08.406804 +0000 +0000", "kind": "file", "filename": "Invoke-WCMDump.ps1", "tags": "", "score": 1, "sha256": "2ac3430fe082d31b479f899f6ada918e98fe05a2ca4e84985c2e295a44c73a5e"}, {"sample": "230106-xvyvpsdg8t", "created": "2023-01-06 19:11:07.988999 +0000 +0000", "kind": "file", "filename": "Invoke-MS16135.ps1", "tags": "", "score": 1, "sha256": "690a75c3c6d282677102073f6bc64c4f8a13771aa052497ba02ca19a6de56f8a"}, {"sample": "230106-xvyvpsab57", "created": "2023-01-06 19:11:07.530523 +0000 +0000", "kind": "file", "filename": "Invoke-MS16032.ps1", "tags": "", "score": 1, "sha256": "ea8adcdf44d1dfe4f0e44d265967e1beb1ac6eaf7c0fae943a4baaf0b7d1bbdb"}, {"sample": "230106-xvyvpsdg8s", "created": "2023-01-06 19:11:07.12095 +0000 +0000", "kind": "file", "filename": "Invoke-EternalScan.ps1", "tags": "", "score": 1, "sha256": "cb395d9df39f9eaad85cd7221669611284a4edd2fa14074530be97459eb935ea"}, {"sample": "230106-xvyjyadg71", "created": "2023-01-06 19:11:06.674105 +0000 +0000", "kind": "file", "filename": "Invoke-EternalBlue.ps1", "tags": "", "score": 1, "sha256": "70f0161252fd75f2cbd71a5fadaa3346b5336bdfebfcf27fa70f37349d193513"}, {"sample": "230106-xvyjyaab55", "created": "2023-01-06 19:11:06.273651 +0000 +0000", "kind": "file", "filename": "Invoke-ADSDPropagation.ps1", "tags": "", "score": 1, "sha256": "40cf1a752e00abc288bae3c3ee602a508b746b387f7526a3384a832f5f6c70b5"}, {"sample": "230106-xvx86sdg7z", "created": "2023-01-06 19:11:05.94434 +0000 +0000", "kind": "file", "filename": "Get_Port_Process.ps1", "tags": "", "score": 1, "sha256": "90c2da89ac3729c5dba0707e613a505a38755902464319e129b87dc1a81507be"}, {"sample": "230106-xvx86sab54", "created": "2023-01-06 19:11:05.622295 +0000 +0000", "kind": "file", "filename": "GetUserSPNs.ps1", "tags": "", "score": 1, "sha256": "cec20201e52dbe553bf85a59068dbd6e6181167b2dd89011ed9067ecaaf970b9"}, {"sample": "230106-xvx86sdg7y", "created": "2023-01-06 19:11:05.289118 +0000 +0000", "kind": "file", "filename": "Find-PotentiallyCrackableAccounts.ps1", "tags": "", "score": 1, "sha256": "e6b039e352ff1b5982766d379e5ed3a492ffc0a3242d9edf6f8acc7fda6d27f8"}, {"sample": "230106-xvxyeaab53", "created": "2023-01-06 19:11:04.87122 +0000 +0000", "kind": "file", "filename": "EventLogSuccess.ps1", "tags": "", "score": 1, "sha256": "d662a42173d857839385f197169883c932be7d3e43e7f77989fcbba30820fb49"}, {"sample": "230106-xvxyeaab52", "created": "2023-01-06 19:11:04.546934 +0000 +0000", "kind": "file", "filename": "EventLogFailed.ps1", "tags": "", "score": 1, "sha256": "ad2c42b0aec1c8a7d2585fb97962d450b15bac5bea90d1e0475149e02d62ae4b"}, {"sample": "230106-xvxyeaab49", "created": "2023-01-06 19:11:04.195361 +0000 +0000", "kind": "file", "filename": "DomainPasswordSpray.ps1", "tags": "", "score": 1, "sha256": "44d4c0ae5673d2a076f3b5acdc83063aca49d58e6dd7cf73d0b927f83d359247"}, {"sample": "230106-xvxmmsdg7x", "created": "2023-01-06 19:11:03.779405 +0000 +0000", "kind": "file", "filename": "Discover-PSMSSQLServers.ps1", "tags": "", "score": 1, "sha256": "940b371a136eff1a6767ac341c92f466411a01b79567b1f07399c36a1aed8ce0"}, {"sample": "230106-xvxmmsab48", "created": "2023-01-06 19:11:03.358301 +0000 +0000", "kind": "file", "filename": "Discover-PSMSExchangeServers.ps1", "tags": "", "score": 1, "sha256": "39f2078b4021a4c9d25629324c5d737ced61dcd5f15bb7eec2a94cc1c3e75701"}, {"sample": "230106-xvxbwadg7w", "created": "2023-01-06 19:11:02.927413 +0000 +0000", "kind": "file", "filename": "Discover-PSInterestingServices.ps1", "tags": "", "score": 1, "sha256": "31bcf6de3961cad860624e77c6bf406bf23265dffef51d3e467a1dbdd13835b9"}, {"sample": "230106-xvxbwaab47", "created": "2023-01-06 19:11:02.517015 +0000 +0000", "kind": "file", "filename": "CheckRdpStatus.ps1", "tags": "", "score": 1, "sha256": "a690d34a03994731b63c2ccba84a7659167a4adf88c1c0406df5f611e1c3e864"}, {"sample": "230106-xvxbwadg7v", "created": "2023-01-06 19:11:02.189395 +0000 +0000", "kind": "file", "filename": "Check-VM.ps1", "tags": "", "score": 1, "sha256": "e092d265d812be1bb663e82faa8bcf8ce84360ab6c6c93df1a8623b188191f3a"}, {"sample": "230106-xvw14sab46", "created": "2023-01-06 19:11:01.676556 +0000 +0000", "kind": "file", "filename": "ASREPRoast.ps1", "tags": "", "score": 1, "sha256": "913bdecd62822c7cf35fb497f9f6c62810b59f7c9c57161187fb7d78111f27f3"}, {"sample": "230106-xpcehsaa27", "created": "2023-01-06 19:01:19.286834 +0000 +0000", "kind": "file", "filename": "RegRdpPort.ps1", "tags": "", "score": 1, "sha256": "b5d90d409125ed0f45be4d92aef25f2ed8faca96d076d28051645c72b5ad45c9"}, {"sample": "230106-xpb4raaa25", "created": "2023-01-06 19:01:18.614343 +0000 +0000", "kind": "file", "filename": "ListLogged-inUsers.ps1", "tags": "", "score": 1, "sha256": "ab18ba41a3ac4e39a62403d4c926969bf73df5e364c290c87508c006df13e9a8"}, {"sample": "230106-xpb4raaa24", "created": "2023-01-06 19:01:18.322001 +0000 +0000", "kind": "file", "filename": "ListAllUsers.ps1", "tags": "", "score": 1, "sha256": "83e20b2fc8347cb5765a8c622ce59806a900f735088c3c9a385676f4e01849ce"}, {"sample": "230106-xmn1jahh78", "created": "2023-01-06 18:58:24.587994 +0000 +0000", "kind": "file", "filename": "PowerView.ps1", "tags": "", "score": 1, "sha256": "ee5589c7f1126f9fdf37a7adf39687bd8d44c104ce5ed4357d87f4e57c0f4d0c"}, {"sample": "230106-xlv3fshh64", "created": "2023-01-06 18:56:59.032457 +0000 +0000", "kind": "file", "filename": "pcsid2user.ps1", "tags": "", "score": 1, "sha256": "613cf9524dd45c9f27f6e0af69100b57d826204f0df56ebaed4e3cc26e5c5355"}, {"sample": "230106-xlvrpahh63", "created": "2023-01-06 18:56:58.695455 +0000 +0000", "kind": "file", "filename": "Powermad.ps1", "tags": "", "score": 1, "sha256": "e4ac675d554efd80f9b677ed0b9514df66aa26026610b38fd9ad4333005c5f91"}, {"sample": "230106-xlvfxshh62", "created": "2023-01-06 18:56:57.967108 +0000 +0000", "kind": "file", "filename": "PowerView.ps1", "tags": "", "score": 1, "sha256": "507e8666c239397561c58609f7ea569c9c49ddbb900cd260e7e42b02d03cfd87"}, {"sample": "230106-wcm5tadb5t", "created": "2023-01-06 17:46:42.115778 +0000 +0000", "kind": "file", "filename": "bv2.ps1", "tags": "", "score": 1, "sha256": "5349fe4159e50879d7f6b5879f716dbdfe7780bf2f02602bbd7c686aacfca4f5"}, {"sample": "230106-wcmt2sdb5s", "created": "2023-01-06 17:46:41.538169 +0000 +0000", "kind": "file", "filename": "ConfigureRemotingForAnsible.ps1", "tags": "evasion", "score": 8, "sha256": "4b51cc6165414b2bf7a2f32ce161eb1029cdfd916eafac8ad7ffef9418c37c2b"}, {"sample": "230106-wclxradb4z", "created": "2023-01-06 17:46:38.606168 +0000 +0000", "kind": "file", "filename": "powercat.ps1", "tags": "", "score": 1, "sha256": "c55672b5d2963969abe045fe75db52069d0300691d4f1f5923afeadf5353b9d2"}, {"sample": "230106-wcjsdsdb4y", "created": "2023-01-06 17:46:31.402064 +0000 +0000", "kind": "file", "filename": "Invoke-PowerShellTcp.ps1", "tags": "", "score": 1, "sha256": "284cd78581e56057b55e33a0a8da199594643cadb5c49e0a0bc7fe3036d319ba"}, {"sample": "230106-wcdw5shd77", "created": "2023-01-06 17:46:15.915344 +0000 +0000", "kind": "file", "filename": "posh-security.ps1", "tags": "", "score": 1, "sha256": "bcbb25f194c06bbe5957fd2c644f211ed5492ce3e44b39534f39558f0dd48232"}, {"sample": "230106-wcdalsdb4s", "created": "2023-01-06 17:46:13.120014 +0000 +0000", "kind": "file", "filename": "Invoke-PowerShellTcp.ps1", "tags": "", "score": 1, "sha256": "5d82808ca1d34aba72fb8e4e5bb760b854c5e330a6bd84055b06a89f83c50a29"}, {"sample": "230106-wcczvahd74", "created": "2023-01-06 17:46:12.765535 +0000 +0000", "kind": "file", "filename": "fund.ps1", "tags": "", "score": 1, "sha256": "d58df098c623c92f21c589bb4ec063007d1e712eb641122acfbfed610acd2deb"}, {"sample": "230106-wcczvadb31", "created": "2023-01-06 17:46:12.392849 +0000 +0000", "kind": "file", "filename": "img.ps1", "tags": "family:asyncrat,botnet:default,rat", "score": 10, "sha256": "bbac9df4d4c0ad3b281c5cf219d011bdb4a8323145644ae6abcae8c562a4fb98"}, {"sample": "230106-wcavgshd67", "created": "2023-01-06 17:46:05.350246 +0000 +0000", "kind": "file", "filename": "test.ps1", "tags": "", "score": 8, "sha256": "348cf05ed2a97195510550879304f057557e757e619a341bf526f620960d3390"}, {"sample": "230106-wcajqadb3x", "created": "2023-01-06 17:46:04.671275 +0000 +0000", "kind": "file", "filename": "lol.ps1", "tags": "", "score": 8, "sha256": "ecf85993231a4ec1070d3014d053011689dae9cead5657e1e4f70b9ac3ef7ee0"}, {"sample": "230106-wcajqahd65", "created": "2023-01-06 17:46:04.318343 +0000 +0000", "kind": "file", "filename": "bypass_amsi.ps1", "tags": "", "score": 1, "sha256": "7591f5cf7ae59dc24acc908f15e16c525df8fccb7acacd0158017a9038f142f5"}, {"sample": "230106-wcajqahd63", "created": "2023-01-06 17:46:04.010613 +0000 +0000", "kind": "file", "filename": "bypass.ps1", "tags": "", "score": 1, "sha256": "04032b634ef326023e62b7253fe5fe435531301a360b28bdafcfde50ffb0c5c7"}, {"sample": "230106-wb591adb2y", "created": "2023-01-06 17:45:50.245001 +0000 +0000", "kind": "file", "filename": "rawpayload.ps1", "tags": "", "score": 1, "sha256": "245b58c3ef44448df36a438e2681aa7e5ffdb31be8c3b0345cd67b8bfcbec05d"}, {"sample": "230106-wb5ngadb2w", "created": "2023-01-06 17:45:48.711927 +0000 +0000", "kind": "file", "filename": "loadpay.ps1", "tags": "", "score": 1, "sha256": "09833acde4f98d430552778fcbb977f81191f1f7864753d1ea6577054b7229f2"}, {"sample": "230106-wb35msda91", "created": "2023-01-06 17:45:43.729479 +0000 +0000", "kind": "file", "filename": "rick.ps1", "tags": "", "score": 6, "sha256": "ac98a42e7bf00fd70c48088c8099217fa1ed39c4a56d3aeb18a2d33f8099fd0f"}, {"sample": "230106-wb3twahd49", "created": "2023-01-06 17:45:42.215802 +0000 +0000", "kind": "file", "filename": "pwrup.ps1", "tags": "", "score": 1, "sha256": "7006e846adc3a0a752c9a3f31c4eecd4cf9e414c8885147d54e7d6a7dc6e0f60"}, {"sample": "230106-wb3h4sda9y", "created": "2023-01-06 17:45:41.010948 +0000 +0000", "kind": "file", "filename": "pwrencode.ps1", "tags": "", "score": 1, "sha256": "37ba0c11f299687975e3b7313ba698c2d3e4c6a7e09c0e89a8e0f7d3edb3fd7b"}, {"sample": "230106-wb28cahd48", "created": "2023-01-06 17:45:40.083904 +0000 +0000", "kind": "file", "filename": "priv.ps1", "tags": "", "score": 1, "sha256": "34d562f47347e4662dc447f965954408882366f57bd47e6427923dec996adda3"}, {"sample": "230106-wb2xkshd47", "created": "2023-01-06 17:45:39.13739 +0000 +0000", "kind": "file", "filename": "powa.ps1", "tags": "", "score": 1, "sha256": "82c4f2143c441cf4a1e5de8ba60dc3c1157313586f39aec9115b146b2a24eb5b"}, {"sample": "230106-wb2ltahd46", "created": "2023-01-06 17:45:38.001709 +0000 +0000", "kind": "file", "filename": "potato.ps1", "tags": "", "score": 1, "sha256": "3e0a3e998b797c2533c58f98cb271b114f48c97c423abae9093ba572083d0c57"}, {"sample": "230106-wb11aada9x", "created": "2023-01-06 17:45:36.51823 +0000 +0000", "kind": "file", "filename": "peaned.ps1", "tags": "", "score": 1, "sha256": "2ed87df40c9f78bfa72ed5154949ec56f91075266d679151096f0b45bfd1aaf4"}, {"sample": "230106-wb1phshd45", "created": "2023-01-06 17:45:35.267367 +0000 +0000", "kind": "file", "filename": "pean.ps1", "tags": "", "score": 1, "sha256": "3e0a3e998b797c2533c58f98cb271b114f48c97c423abae9093ba572083d0c57"}, {"sample": "230106-wb1drada9w", "created": "2023-01-06 17:45:34.352149 +0000 +0000", "kind": "file", "filename": "pea.ps1", "tags": "", "score": 1, "sha256": "15cf058a1244a91439b31b1455554befe9f4df9dcedd35a199fe8dec997a9305"}, {"sample": "230106-wbz3zsda9v", "created": "2023-01-06 17:45:33.464618 +0000 +0000", "kind": "file", "filename": "out.ps1", "tags": "", "score": 1, "sha256": "74c1465a142e591805f6288404f653f5ca1fb2620a8f93920fbdc08dc8f84d71"}, {"sample": "230106-wbz3zshd44", "created": "2023-01-06 17:45:33.137608 +0000 +0000", "kind": "file", "filename": "ok.ps1", "tags": "", "score": 8, "sha256": "b38c55214b569d614a40c7692ae831399901578b12d45398984aeb31a10d7224"}, {"sample": "230106-wbzr8ada9t", "created": "2023-01-06 17:45:32.782523 +0000 +0000", "kind": "file", "filename": "noice4.ps1", "tags": "", "score": 1, "sha256": "90cb3c97c0d80649d704e7fb0f171f84cc876cc2016b5bbd8a232341ef59890c"}, {"sample": "230106-wbzr8ada9s", "created": "2023-01-06 17:45:32.452179 +0000 +0000", "kind": "file", "filename": "noice3.ps1", "tags": "", "score": 8, "sha256": "611617903c18dfb0ab016094af4169a149f4a708c436d91cb7bcc3c25a1c4343"}, {"sample": "230106-wbzr8ada81", "created": "2023-01-06 17:45:32.134079 +0000 +0000", "kind": "file", "filename": "noice.ps1", "tags": "", "score": 1, "sha256": "95867c87bb457b0728d91fd90f9cce2b3adfa7fa35779a302f81eaa63a5e160e"}, {"sample": "230106-wbzgfshd43", "created": "2023-01-06 17:45:31.795446 +0000 +0000", "kind": "file", "filename": "newest.ps1", "tags": "family:metasploit", "score": 10, "sha256": "452678bd57e34eef2c6e32224e4efe8e470821c8a39c31848d2d28dd407d6786"}, {"sample": "230106-wbzgfshd39", "created": "2023-01-06 17:45:30.997303 +0000 +0000", "kind": "file", "filename": "kys.ps1", "tags": "", "score": 1, "sha256": "9d59d4c128570eb80c0e8d13e2185030f93d965278b203c91dd196b2e1d3cd22"}, {"sample": "230106-wbyvxsda8y", "created": "2023-01-06 17:45:28.999451 +0000 +0000", "kind": "file", "filename": "kay.ps1", "tags": "", "score": 1, "sha256": "68cc34600252e6241bbc1c7a0e4df606f7f0e0e2f9ae49d567d0fe5cb59eae23"}, {"sample": "230106-wbyj6ahd38", "created": "2023-01-06 17:45:28.67441 +0000 +0000", "kind": "file", "filename": "first.ps1", "tags": "", "score": 1, "sha256": "5d6d2f366ce31d933be78803e069bf7ef4ceb5b3fb04259de3406896909e5f65"}, {"sample": "230106-wbx9dshd36", "created": "2023-01-06 17:45:27.448935 +0000 +0000", "kind": "file", "filename": "encodednew.ps1", "tags": "", "score": 1, "sha256": "8efe3dd62fd4807e91c224d78f06569eab0ddff40c92665a39c796a458bb19a7"}, {"sample": "230106-wbx9dsda8w", "created": "2023-01-06 17:45:27.06368 +0000 +0000", "kind": "file", "filename": "encoded.ps1", "tags": "", "score": 1, "sha256": "0542548303a4fc80f45c2f767eb8efb1b6c9cc19e8cc60edf3f1e0b02b69eebc"}, {"sample": "230106-wbxymahd35", "created": "2023-01-06 17:45:26.757852 +0000 +0000", "kind": "file", "filename": "de.ps1", "tags": "", "score": 8, "sha256": "a0fe5a5b20d2a6c8606e8136aaf53f51fd82c3049bf280c0c5e0ee207d75fe57"}, {"sample": "230106-wbxymahd34", "created": "2023-01-06 17:45:26.064306 +0000 +0000", "kind": "file", "filename": "cool.ps1", "tags": "", "score": 1, "sha256": "10eb3a27d4400247bccd23747428030f84f5ba2d87c064a03e52ce303f4395cf"}, {"sample": "230106-wbxmvshd33", "created": "2023-01-06 17:45:25.660456 +0000 +0000", "kind": "file", "filename": "check1.ps1", "tags": "", "score": 1, "sha256": "6913724c90b33c67cd1e5ce4f6a219cc73c7a541d2ccd11538cfa7a590201def"}, {"sample": "230106-wbxb4ahd32", "created": "2023-01-06 17:45:24.73556 +0000 +0000", "kind": "file", "filename": "check.ps1", "tags": "", "score": 1, "sha256": "0cd982ff54f35d0f25e1295a642f517145092ad06094e960c1d919a2cac50ce9"}, {"sample": "230106-wbwesshd28", "created": "2023-01-06 17:45:21.985138 +0000 +0000", "kind": "file", "filename": "1.ps1", "tags": "", "score": 1, "sha256": "5ada67c37834be39b2adc430e6eed0841492e3a5c46050dc7d44bfd3bc5efb10"}, {"sample": "230106-wbwessda71", "created": "2023-01-06 17:45:21.477233 +0000 +0000", "kind": "file", "filename": "payload.ps1", "tags": "family:metasploit", "score": 10, "sha256": "004ea8ae8d6ef5f5ed0e9ef37c3e4625839035e92b02eb82d2f28a5ba7566937"}, {"sample": "230106-wbqjjshd26", "created": "2023-01-06 17:45:05.265847 +0000 +0000", "kind": "file", "filename": "powercat.ps1", "tags": "", "score": 1, "sha256": "6780ab45a69bbd76d8b4eec7ef031d69d715427503a2d3cf417c89a20b049e75"}, {"sample": "230106-wbp8sahd25", "created": "2023-01-06 17:45:04.802202 +0000 +0000", "kind": "file", "filename": "payload.ps1", "tags": "family:cobaltstrike", "score": 10, "sha256": "ca15fcf9616a92b38e5f67ec94cc0b6a18523da2aa728c25380c9a31d53f4c94"}, {"sample": "230106-vkeyqshc48", "created": "2023-01-06 17:02:37.378249 +0000 +0000", "kind": "file", "filename": "run.ps1", "tags": "", "score": 1, "sha256": "d30f0e58f9440899e4037f01bee003c4c2ca4cf8ac03d4160204dced7cc1b753"}, {"sample": "230106-pdzfxafh87", "created": "2023-01-06 12:13:28.196256 +0000 +0000", "kind": "file", "filename": "1fb02f84293a89bcfc471acae7d9579f68340d06b274c7426075785d6d9f67be.ps1", "tags": "", "score": 10, "sha256": "1fb02f84293a89bcfc471acae7d9579f68340d06b274c7426075785d6d9f67be"}, {"sample": "230105-1n3f4aha6y", "created": "2023-01-05 21:48:36.13748 +0000 +0000", "kind": "file", "filename": "unknown.ps1", "tags": "", "score": 10, "sha256": "7f8fa8599638d7c13e609dc4cec0fcffe6888cd33cb1cfbb2c7e816cf75e0c3a"}, {"sample": "230105-1f183add59", "created": "2023-01-05 21:36:18.129259 +0000 +0000", "kind": "file", "filename": "unknown.ps1", "tags": "", "score": 10, "sha256": "7f8fa8599638d7c13e609dc4cec0fcffe6888cd33cb1cfbb2c7e816cf75e0c3a"}, {"sample": "230105-txw74sga7x", "created": "2023-01-05 16:26:45.900523 +0000 +0000", "kind": "file", "filename": "malware1.ps1.ps1", "tags": "", "score": 1, "sha256": "bfe3a6db5c0888522d535bd69cf88707eb98a3d832a59936ba1a1c8e70d75f13"}, {"sample": "230105-r6zcqacd52", "created": "2023-01-05 14:49:00.465884 +0000 +0000", "kind": "file", "filename": "script.ps1", "tags": "", "score": 1, "sha256": "a13b6d25200b87b6607563ce8ae50a912bfbd5c607b1b03141e4183112619af2"}, {"sample": "230105-njnqxsbg57", "created": "2023-01-05 11:25:45.437538 +0000 +0000", "kind": "file", "filename": "k6027_eu_file_4.ps1.ps1", "tags": "", "score": 5, "sha256": "eff808f32f7529781bbf384958b99e44399c89f37a936832020a1b91cb99a242"}, {"sample": "230105-ndlz5sfc4v", "created": "2023-01-05 11:16:55.353078 +0000 +0000", "kind": "file", "filename": "run.ps1", "tags": "", "score": 1, "sha256": "a18223226a8c6ea000534828e8bdada3dcfa3e119e493e25de9647034e94383c"}, {"sample": "230105-kh5q9seh5w", "created": "2023-01-05 08:37:03.776462 +0000 +0000", "kind": "file", "filename": "x.png.ps1", "tags": "family:asyncrat,botnet:new try,rat", "score": 10, "sha256": "b024595c4c6f318da8efd16287760423334e3384be968f520d92f38efe592d8c"}, {"sample": "230104-r6rb4sge39", "created": "2023-01-04 14:48:37.5039 +0000 +0000", "kind": "file", "filename": "file.ps1", "tags": "", "score": 8, "sha256": "d544935ca110e3f42e8e8644629768fa993847adb8bf2fd7c4963b38f7671b79"}, {"sample": "230104-rgnjxsgd65", "created": "2023-01-04 14:10:01.767255 +0000 +0000", "kind": "file", "filename": "script.ps1", "tags": "", "score": 1, "sha256": "216488a9cc3f9dcae939c57e57892facb8ba0690656234a732149d709c5b222e"}, {"sample": "230104-q4d4bsgd42", "created": "2023-01-04 13:48:35.696315 +0000 +0000", "kind": "file", "filename": "file.ps1", "tags": "", "score": 8, "sha256": "43cf1edbcf2ba40149a95604dd8352f42da509731b705172ef26383f48f01b14"}, {"sample": "230104-qtvckabe9y", "created": "2023-01-04 13:33:38.791801 +0000 +0000", "kind": "file", "filename": "script.ps1", "tags": "", "score": 1, "sha256": "920cb257a52c9cb4af2cca4b01c5ad7a6126a074cf30f0e09d748d8e14581430"}, {"sample": "230104-hv1xqshf2z", "created": "2023-01-04 07:04:13.897987 +0000 +0000", "kind": "file", "filename": "trigger.ps1", "tags": "", "score": 1, "sha256": "963a2cea1aa9922c1933f43b75cafd2158e8cae6e953a268a36cda091e710529"}, {"sample": "230104-ds3w4aha2y", "created": "2023-01-04 03:17:08.981954 +0000 +0000", "kind": "file", "filename": "Sl0ppyR00t.ps1.ps1", "tags": "", "score": 1, "sha256": "bb53e0cc98c548a3a8e4727adedead9289d66f7d7754135428da981f5876caeb"}, {"sample": "230104-dsejhadg38", "created": "2023-01-04 03:15:58.496946 +0000 +0000", "kind": "file", "filename": "Sl0ppyR00t.ps1.ps1", "tags": "", "score": 1, "sha256": "bb53e0cc98c548a3a8e4727adedead9289d66f7d7754135428da981f5876caeb"}, {"sample": "230104-dhy56agh81", "created": "2023-01-04 03:01:12.523398 +0000 +0000", "kind": "file", "filename": "bypass1.ps1.ps1", "tags": "", "score": 1, "sha256": "252aedda7823f1e85c881956720004da9c2eb1fdc35e4e7e1c27640b99b68425"}, {"sample": "230104-c1dfqsdf79", "created": "2023-01-04 02:32:13.276965 +0000 +0000", "kind": "file", "filename": "bypass.ps1.ps1", "tags": "", "score": 1, "sha256": "a5f2081552c89980316f6cb91509defb10b24919f074d301a4b63ec878047dd7"}, {"sample": "230104-ce2lfagh2y", "created": "2023-01-04 02:00:10.284801 +0000 +0000", "kind": "file", "filename": "sample2.ps1.ps1", "tags": "", "score": 1, "sha256": "d230e7184d35c5c8e8b0f8890fe8ffd3e25f4eb628e85535fed29f2883c71725"}, {"sample": "230104-ccp5magg9y", "created": "2023-01-04 01:56:05.994384 +0000 +0000", "kind": "file", "filename": "sample1.ps1.ps1", "tags": "", "score": 1, "sha256": "38c7d5fc9db0aa873dd9a1e375fc313493837881612cfe561bfc76e97138841d"}, {"sample": "230103-tc9ygabh57", "created": "2023-01-03 15:55:56.120422 +0000 +0000", "kind": "file", "filename": "trigger.ps1", "tags": "", "score": 10, "sha256": "6d6f6aae58fe67f3fc5cf6191d9cba31c092cbb71dcf945535fc6ae00735cfb2"}, {"sample": "230102-3mwy2age47", "created": "2023-01-02 23:38:24.216272 +0000 +0000", "kind": "file", "filename": "winutil.ps1", "tags": "discovery,evasion,ransomware", "score": 10, "sha256": "fd3fc892afafa1d18ea62b90d3a89f17833e0a0dd7c768b869d15c7e8191efc9"}, {"sample": "230102-3h37jsbf7w", "created": "2023-01-02 23:31:45.831382 +0000 +0000", "kind": "file", "filename": "winutil.ps1", "tags": "evasion,ransomware", "score": 10, "sha256": "fd3fc892afafa1d18ea62b90d3a89f17833e0a0dd7c768b869d15c7e8191efc9"}, {"sample": "230102-va77jaaa8w", "created": "2023-01-02 16:48:16.685153 +0000 +0000", "kind": "file", "filename": "1f531a7a7e0024d96701bd6c09c97cda0e56690deb7b53b9b855017000bf0baa.ps1", "tags": "family:redline,botnet:$,infostealer", "score": 10, "sha256": "1f531a7a7e0024d96701bd6c09c97cda0e56690deb7b53b9b855017000bf0baa"}, {"sample": "230102-hf4ebadf34", "created": "2023-01-02 06:41:38.783188 +0000 +0000", "kind": "file", "filename": "run.ps1", "tags": "", "score": 7, "sha256": "c3baa70d8ccba80b140591a63c3d0ffa8654611a3eeee20e04c0cb97c0bb229e"}, {"sample": "230102-ha681sdf27", "created": "2023-01-02 06:33:03.523225 +0000 +0000", "kind": "file", "filename": "run.ps1", "tags": "", "score": 1, "sha256": "c3baa70d8ccba80b140591a63c3d0ffa8654611a3eeee20e04c0cb97c0bb229e"}, {"sample": "221231-wvw6fadd3t", "created": "2022-12-31 18:15:06.921639 +0000 +0000", "kind": "file", "filename": "2.ps1", "tags": "", "score": 8, "sha256": "07f375cb53ca2275e741e46a0b58739ac1c4a6862f9afded3315a26cb256e584"}, {"sample": "221231-wva8zaab73", "created": "2022-12-31 18:14:04.564073 +0000 +0000", "kind": "file", "filename": "1.ps1", "tags": "", "score": 8, "sha256": "b8c9543b3775fc8fb9845170dfe25f9908ddf452d9cc352ec6bf8383f9a35d38"}, {"sample": "221231-v2569adc6t", "created": "2022-12-31 17:30:06.169934 +0000 +0000", "kind": "file", "filename": "file_2.ps1", "tags": "family:xmrig,miner", "score": 10, "sha256": "4b100fc6acbb172dad1ad39444d6351cb46d940340e80f76663b0b2cea7f4695"}, {"sample": "221231-dt7axahb25", "created": "2022-12-31 03:19:04.820769 +0000 +0000", "kind": "file", "filename": "1.ps1", "tags": "", "score": 10, "sha256": "b8172c58aa7bf985cfee71509205791599496b602bdbd56b6cf9164eec7658d0"}, {"sample": "221231-dt7axahb24", "created": "2022-12-31 03:19:04.744134 +0000 +0000", "kind": "file", "filename": "win64.ps1", "tags": "", "score": 10, "sha256": "e8c4ec795a14587d3b3ce34b73eca090ea9d9957fb612300abc6239ec293eb26"}, {"sample": "221231-dt7axahb23", "created": "2022-12-31 03:19:04.663248 +0000 +0000", "kind": "file", "filename": "3.ps1", "tags": "family:metasploit", "score": 10, "sha256": "52ea2303bde3c7be3a83b3d9524662b886393df8419f84f7caf3237497974175"}, {"sample": "221231-dt7axacc8x", "created": "2022-12-31 03:19:04.237281 +0000 +0000", "kind": "file", "filename": "2.ps1", "tags": "", "score": 8, "sha256": "3c95ef525ad89a098751ad2eb812fd58b93891b0d23b832f314d2c636a21f397"}, {"sample": "221230-xxd83sgd25", "created": "2022-12-30 19:13:39.188636 +0000 +0000", "kind": "file", "filename": "c4cf9f8de6d0be53e5ba263fe8eeb33c199a21f70004d83e06bbded76dc5f322.ps1", "tags": "family:xmrig,miner,persistence", "score": 10, "sha256": "c4cf9f8de6d0be53e5ba263fe8eeb33c199a21f70004d83e06bbded76dc5f322"}, {"sample": "221229-2dmtbshf3v", "created": "2022-12-29 22:28:03.895706 +0000 +0000", "kind": "file", "filename": "lol.ps1", "tags": "family:xmrig,miner,persistence", "score": 10, "sha256": "c4cf9f8de6d0be53e5ba263fe8eeb33c199a21f70004d83e06bbded76dc5f322"}, {"sample": "221229-2a63ssec88", "created": "2022-12-29 22:23:45.211267 +0000 +0000", "kind": "file", "filename": "lol.ps1", "tags": "family:xmrig,miner,persistence", "score": 10, "sha256": "c4cf9f8de6d0be53e5ba263fe8eeb33c199a21f70004d83e06bbded76dc5f322"}, {"sample": "221229-plmr3sgb8w", "created": "2022-12-29 12:25:07.745019 +0000 +0000", "kind": "file", "filename": "et.ps1", "tags": "family:netsupport,persistence,rat", "score": 10, "sha256": "8000aa6ab8ff41bd2495e7faa4edae8a43d23307a28d164efe6248f1c7447cc1"}, {"sample": "221228-zhgf1aef6z", "created": "2022-12-28 20:42:54.854678 +0000 +0000", "kind": "file", "filename": "index.js.ps1", "tags": "", "score": 1, "sha256": "6da7051433eeb25912993d5b64d2c97831418a1e7cef1d8a31989cd9aa45a312"}, {"sample": "221228-wty9eaeb5z", "created": "2022-12-28 18:13:28.66765 +0000 +0000", "kind": "file", "filename": "3.ps1", "tags": "family:lockbit,ransomware", "score": 10, "sha256": "f29c99ba93cd7f7bd1bd01c7860ad48a044a60c2c6dc203429a108c0d1a15067"}, {"sample": "221228-v2nl7sba53", "created": "2022-12-28 17:29:15.698127 +0000 +0000", "kind": "file", "filename": "mal.ps1", "tags": "", "score": 1, "sha256": "933d6b9342fe41029811e6fb72ee829cc5572aafce3c400ffd5deead9151f2b0"}, {"sample": "221228-n278aadd7x", "created": "2022-12-28 11:54:40.825272 +0000 +0000", "kind": "file", "filename": "abc.ps1", "tags": "", "score": 1, "sha256": "f2252319039236bff75c5d64b4997333e44f5c4d21d83be3c702a6a966d44717"}, {"sample": "221228-g725wshf46", "created": "2022-12-28 06:27:35.145821 +0000 +0000", "kind": "file", "filename": "script.ps1", "tags": "", "score": 1, "sha256": "9457efffd309a1c3e54a483487ac466554ef04b0c445995b8881da55386c2f65"}, {"sample": "221228-f7zt4ahe78", "created": "2022-12-28 05:31:32.947564 +0000 +0000", "kind": "file", "filename": "file.ps1", "tags": "", "score": 1, "sha256": "3a3d5f94e674f250dd8fa5d07d0092bea64aab5875a636207e7df0e87bdacb8a"}, {"sample": "221228-cvjesshc38", "created": "2022-12-28 02:23:45.075207 +0000 +0000", "kind": "file", "filename": "if - Copy.ps1", "tags": "", "score": 8, "sha256": "88b5581f2e8cb1ac555f78800b130e0a9969c80780db9d616a69f1d9f5d061ae"}, {"sample": "221227-1txg2abf8y", "created": "2022-12-27 21:57:04.802966 +0000 +0000", "kind": "file", "filename": "Windows_setup.ps1", "tags": "", "score": 8, "sha256": "926e0f4e7aaf58fbd1954e22973e9bdf8b9a7f02dc5115425b554d1d09fa14e7"}, {"sample": "221227-kr6pxshg5s", "created": "2022-12-27 08:51:05.00747 +0000 +0000", "kind": "file", "filename": "m1.png.ps1", "tags": "family:asyncrat,botnet:default,rat", "score": 10, "sha256": "186cd386ed08dd8f21ca5961d5f39519bf79224fdd57573c3c6f266e781fd73e"}, {"sample": "221226-pddt7sch66", "created": "2022-12-26 12:12:27.665808 +0000 +0000", "kind": "file", "filename": "code.ps1", "tags": "", "score": 1, "sha256": "836ce902520c7e80a6afce44d12aa58c489676b130763e29a2e70a64c87d17c0"}, {"sample": "221225-ryctrabf47", "created": "2022-12-25 14:35:42.659106 +0000 +0000", "kind": "file", "filename": "bad.ps1.ps1", "tags": "spyware,stealer", "score": 7, "sha256": "64f150d815cc8fd36d84bdb6479b991547409a1dbc498fa9d7a99abe99c08e37"}, {"sample": "221223-t1tamabh7v", "created": "2022-12-23 16:31:50.121995 +0000 +0000", "kind": "file", "filename": "run.ps1", "tags": "", "score": 1, "sha256": "63c1188c1864a9a411f785dccfc39ba4abbeb8fc56e2627f143532762abd38ea"}, {"sample": "221221-rvpn5sfe9s", "created": "2022-12-21 14:31:03.44053 +0000 +0000", "kind": "file", "filename": "file01.ps1", "tags": "", "score": 1, "sha256": "5636e0e8301b3f2b0ca1e55a71cd38e44e149fd78c2aa4e274148afd564dad75"}, {"sample": "221221-dfmpcaef4z", "created": "2022-12-21 02:57:08.36268 +0000 +0000", "kind": "file", "filename": "file.ps1", "tags": "", "score": 1, "sha256": "39265b7e893419b8d0b37e945391468aad3c6065b25ba700dde5e96cf7ce8af7"}, {"sample": "221220-zdkymaba58", "created": "2022-12-20 20:36:06.514528 +0000 +0000", "kind": "url", "filename": "https://platform.activestate.com/dl/cli/_pdli01/install.ps1", "tags": "", "score": 1, "sha256": ""}, {"sample": "221220-yrat5sea8v", "created": "2022-12-20 20:00:39.264178 +0000 +0000", "kind": "file", "filename": "file01.ps1", "tags": "", "score": 1, "sha256": "8d1e31f2b183b86e86f8d354dd90a553a050df7834bf43a904f7474d661c52af"}, {"sample": "221220-agj33agd72", "created": "2022-12-20 00:10:58.292848 +0000 +0000", "kind": "file", "filename": "636bfc7b46e33624c0848947af4de51180578c3245357a23a7797f4bf72dc82b.ps1", "tags": "", "score": 8, "sha256": "636bfc7b46e33624c0848947af4de51180578c3245357a23a7797f4bf72dc82b"}, {"sample": "221219-zmrsjabc2t", "created": "2022-12-19 20:50:24.797339 +0000 +0000", "kind": "file", "filename": "decoded-PS.ps1", "tags": "", "score": 10, "sha256": "eb8eed522dec83018e6172e69f77bd72bd568f452344838ff709cb1627a96d21"}, {"sample": "221219-b1es5aha5y", "created": "2022-12-19 01:36:22.685476 +0000 +0000", "kind": "file", "filename": "install.ps1", "tags": "discovery", "score": 8, "sha256": "8ded3d2a5dd8390d787e436f120bee6d2929e0e42ab7643cf449cb2bcec526bb"}, {"sample": "221218-rtvtrsfb7t", "created": "2022-12-18 14:29:35.114112 +0000 +0000", "kind": "file", "filename": "test.ps1", "tags": "", "score": 1, "sha256": "ec51b4a783f71b726d912d2deec59295a73950c51ad8903114f57532a86450e9"}, {"sample": "221218-pekn5sbh46", "created": "2022-12-18 12:14:31.039422 +0000 +0000", "kind": "file", "filename": "target.ps1", "tags": "", "score": 1, "sha256": "3a2fbe88355ecf22c2d0bebcc74957929d9faf581ac2ea7fe0ff4245d4399104"}, {"sample": "221216-1rkqfsaf2w", "created": "2022-12-16 21:52:59.382747 +0000 +0000", "kind": "file", "filename": "script.ps1", "tags": "", "score": 1, "sha256": "2758dba1f8c6dfac16cc7459989e62855a30ea8c1e86480c29d4db623ee0b974"}, {"sample": "221216-yltp3aac71", "created": "2022-12-16 19:52:50.983788 +0000 +0000", "kind": "file", "filename": "file.ps1", "tags": "", "score": 1, "sha256": "eca13e871ba9b64a851bc7d65fc8810dc9ea05a2b7e3ce2e76b635634405ecef"}, {"sample": "221216-snsmwseh78", "created": "2022-12-16 15:16:39.919675 +0000 +0000", "kind": "file", "filename": "trigger.ps1", "tags": "", "score": 1, "sha256": "09e9352ad2409b6f0dc15abb3610ae19851915139020bb7a4930c6d9f8cee70f"}, {"sample": "221216-qtqz5seg59", "created": "2022-12-16 13:33:27.680938 +0000 +0000", "kind": "file", "filename": "poweshell payload.ps1", "tags": "", "score": 1, "sha256": "175df168dd7b7666db2e0a12c4f904000726e0be8725969bfd1e6c41227d97d9"}, {"sample": "221216-h13nhshb2y", "created": "2022-12-16 07:13:03.944917 +0000 +0000", "kind": "file", "filename": "img.jpg.ps1", "tags": "family:asyncrat,botnet:x,rat", "score": 10, "sha256": "b1b279e81410d415a097e9cab59aa3a04728adf62095c99d1aee345b124d4b49"}, {"sample": "221216-h13nhsec77", "created": "2022-12-16 07:13:03.610994 +0000 +0000", "kind": "file", "filename": "x.png.ps1", "tags": "family:asyncrat,botnet:default,rat", "score": 10, "sha256": "6a4bde618c5f4a8d087364e26be121e332f35f947baf55ba4c02a4f796cceda9"}, {"sample": "221216-c2bzasgg6w", "created": "2022-12-16 02:33:53.447019 +0000 +0000", "kind": "file", "filename": "1b271ed1af3af2ce5c72e7c59b61165e5229e44837e8765b2f963e4e130c850a.ps1", "tags": "", "score": 1, "sha256": "1b271ed1af3af2ce5c72e7c59b61165e5229e44837e8765b2f963e4e130c850a"}, {"sample": "221216-cdrpvadh56", "created": "2022-12-16 01:57:56.362169 +0000 +0000", "kind": "file", "filename": "client.ps1", "tags": "family:asyncrat,botnet:venom clients,rat", "score": 10, "sha256": "67663d1259adba451b85bddbf5516b51ffc4229e0052e3a83d4e16f06e0feb94"}, {"sample": "221215-1jqxhadf28", "created": "2022-12-15 21:41:02.689018 +0000 +0000", "kind": "file", "filename": "run.ps1", "tags": "", "score": 1, "sha256": "da2554c50ca1c6089aa555a54d8c63315c7f0fe5257c99f4a4a57b16b2a8e909"}, {"sample": "221215-tcegkaff8s", "created": "2022-12-15 15:54:26.498144 +0000 +0000", "kind": "file", "filename": "code.ps1", "tags": "", "score": 1, "sha256": "e837d4f3242d0049dca247724785440395dc93ddc22dbae7c3293f0bce0bf868"}, {"sample": "221215-rebgksce39", "created": "2022-12-15 14:05:55.956679 +0000 +0000", "kind": "file", "filename": "run.ps1", "tags": "", "score": 1, "sha256": "df4dcaa207121f030266074cdf84127d2791817175f56256fc0fcdd25f98ac96"}, {"sample": "221215-rchg4sce38", "created": "2022-12-15 14:02:45.572742 +0000 +0000", "kind": "file", "filename": "script.ps1", "tags": "", "score": 1, "sha256": "153c4d39057ea59ee07437458f86a796b776c734b29ecf41dc9dd2eca22744c2"}, {"sample": "221215-l2kqwafb3x", "created": "2022-12-15 10:01:42.795146 +0000 +0000", "kind": "file", "filename": "file.ps1", "tags": "", "score": 1, "sha256": "1a04d74786b63317fd058a3b4a0aefc646d9255443fd7a2176e13749f0dc98bf"}, {"sample": "221215-lvrkvafb3t", "created": "2022-12-15 09:51:32.638961 +0000 +0000", "kind": "file", "filename": "pv.ps1", "tags": "", "score": 1, "sha256": "91fc18f20754d3fba720e3a803cbba68da85c1180a4b6d07653d2d27450192ac"}, {"sample": "221215-gylrjseg6z", "created": "2022-12-15 06:12:49.619464 +0000 +0000", "kind": "file", "filename": "office.ps1", "tags": "family:asyncrat,botnet:99,rat", "score": 10, "sha256": "ae60268e3dae5ed2ecb06c47642bb33cd4f79d0b980476f1a7c931e2a4ba32ca"}, {"sample": "221214-12yp3abc65", "created": "2022-12-14 22:09:22.076891 +0000 +0000", "kind": "url", "filename": "https://raw.githubusercontent.com/cyberark/RiskySPN/master/Find-PotentiallyCrackableAccounts.ps1", "tags": "", "score": 1, "sha256": ""}, {"sample": "221214-t99c7sae62", "created": "2022-12-14 16:46:35.635377 +0000 +0000", "kind": "file", "filename": "b477bd653b2c64e6b400e65dcc79523226eb011686.230d674470e99daec04d28.ps1", "tags": "", "score": 4, "sha256": "b477bd653b2c64e6b400e65dcc79523226eb011686230d674470e99daec04d28"}, {"sample": "221214-n5wcwscg31", "created": "2022-12-14 11:59:19.584379 +0000 +0000", "kind": "file", "filename": "elephant.ps1", "tags": "", "score": 1, "sha256": "734cb51ae86eface5be003658cf9548cabd6d1475e31464af203939f6e1676ae"}, {"sample": "221214-mrj72ahg62", "created": "2022-12-14 10:41:52.974213 +0000 +0000", "kind": "file", "filename": "in3.ps1", "tags": "", "score": 8, "sha256": "7e6ad32ab7a31d887bb3d081c59f144713fc631aa0bf942abd1ec4242ed96216"}, {"sample": "221214-l8v57ahg25", "created": "2022-12-14 10:12:42.15367 +0000 +0000", "kind": "file", "filename": "ps1.ps1", "tags": "", "score": 1, "sha256": "734cb51ae86eface5be003658cf9548cabd6d1475e31464af203939f6e1676ae"}, {"sample": "221214-l5h2fshf98", "created": "2022-12-14 10:06:51.367462 +0000 +0000", "kind": "file", "filename": "in6.ps1", "tags": "", "score": 8, "sha256": "c684672969031beae4460d4e241410c5f4eee42faebd5b93395bca26d19d2eab"}, {"sample": "221214-j4njfahe33", "created": "2022-12-14 08:13:30.154212 +0000 +0000", "kind": "file", "filename": "PSService.ps1", "tags": "", "score": 4, "sha256": "7ce463a93b10078461b97cb6e2c4e2504c72377c231f78848d1f185b17a7102a"}, {"sample": "221214-g91pvacb7w", "created": "2022-12-14 06:31:00.160088 +0000 +0000", "kind": "file", "filename": "lr.ps1", "tags": "family:xmrig,miner", "score": 10, "sha256": "0a1bcc6fd2a598e3a27e142d2ad328b580e4f5ca8f2db26c6a033e62a795d709"}, {"sample": "221214-f3s6racb4v", "created": "2022-12-14 05:24:13.994587 +0000 +0000", "kind": "file", "filename": "a13b6d25200b87b6607563ce8ae50a912bfbd5c607b1b03141e4183112619af2.ps1", "tags": "", "score": 1, "sha256": "a13b6d25200b87b6607563ce8ae50a912bfbd5c607b1b03141e4183112619af2"}, {"sample": "221214-ec5w7aca4y", "created": "2022-12-14 03:48:42.955668 +0000 +0000", "kind": "file", "filename": "a.ps1", "tags": "", "score": 1, "sha256": "87c860860979d7de7959d1fe1b7a1ffff677c90d5d352317999248afe646dcf8"}, {"sample": "221212-zwk2cacg33", "created": "2022-12-12 21:04:04.501077 +0000 +0000", "kind": "file", "filename": "file.ps1", "tags": "family:cobaltstrike,botnet:206546002,backdoor,trojan", "score": 10, "sha256": "6fae8cbe4cd8580d3ce09ad24e7a827b1985eda99ce00dcde8d345a2be509e01"}, {"sample": "221212-t6z1csbh29", "created": "2022-12-12 16:40:53.351096 +0000 +0000", "kind": "url", "filename": "https://raw.githubusercontent.com/lextm/windowsterminal-shell/master/install.ps1", "tags": "macos", "score": 6, "sha256": ""}, {"sample": "221212-q6j3csbe23", "created": "2022-12-12 13:52:21.91948 +0000 +0000", "kind": "file", "filename": "av.ps1", "tags": "persistence", "score": 6, "sha256": "98fd8e0ffaa93b7536127425050e3d1f3f39a007c22a165519d8de75dcf7ff97"}, {"sample": "221212-hd63esde3z", "created": "2022-12-12 06:38:17.045549 +0000 +0000", "kind": "file", "filename": "testing-run.ps1", "tags": "", "score": 1, "sha256": "c9dbc80a55cd191009595dcfc7376d1a4a493884e7111982cda39de5feb03140"}, {"sample": "221212-dbgbrsch3v", "created": "2022-12-12 02:49:51.107969 +0000 +0000", "kind": "file", "filename": "wnjvejahaimreqt.ps1", "tags": "", "score": 8, "sha256": "55427adeeb940209e97a8214bfe66877c6a25e15ae248eb576bcf20c4e79916b"}, {"sample": "221211-rac5lsgh92", "created": "2022-12-11 13:59:01.390981 +0000 +0000", "kind": "file", "filename": "import.ps1", "tags": "family:asyncrat,botnet:default,evasion,rat,trojan", "score": 10, "sha256": "112f2f582654691ec17bd5dade694cca5d2447c53c9d6b3a668611907ceb1d52"}, {"sample": "221211-b6fmlsbb2x", "created": "2022-12-11 01:45:09.009139 +0000 +0000", "kind": "file", "filename": "22.ps1", "tags": "", "score": 1, "sha256": "1f9d6a5f00631b10755dba5c403e588945172be66c92ff56d0156e97538423d3"}, {"sample": "221210-mmyjvsfd77", "created": "2022-12-10 10:35:33.860364 +0000 +0000", "kind": "file", "filename": "1.ps1", "tags": "", "score": 1, "sha256": "52ce025b12759719176b29f476f451c333cd0807af51ce6c00e3f2cd9b48640f"}, {"sample": "221209-wc1qxagf2w", "created": "2022-12-09 17:47:20.790196 +0000 +0000", "kind": "file", "filename": "file01.ps1", "tags": "", "score": 1, "sha256": "48cf392de4f96139e777187e7fe3bc3055464c55401a938142038cfebc040f19"}, {"sample": "221209-qzj4sadc64", "created": "2022-12-09 13:41:52.007875 +0000 +0000", "kind": "file", "filename": "file.ps1", "tags": "", "score": 1, "sha256": "a13b6d25200b87b6607563ce8ae50a912bfbd5c607b1b03141e4183112619af2"}, {"sample": "221209-n3939sdb24", "created": "2022-12-09 11:56:31.231349 +0000 +0000", "kind": "file", "filename": "test2.ps1", "tags": "", "score": 1, "sha256": "923678e77b3652562b5a6206b2d3d1c2c0f3d670bf32e16d9b68d27b53f6cfba"}, {"sample": "221209-nzgmjsga2z", "created": "2022-12-09 11:49:53.279621 +0000 +0000", "kind": "file", "filename": "test.ps1", "tags": "", "score": 1, "sha256": "58aed2ba5869a6aba7918f2f2682a6b734ec6737ec0f7cc71c509c6611625b5d"}, {"sample": "221209-nk9d1sda67", "created": "2022-12-09 11:28:31.98509 +0000 +0000", "kind": "file", "filename": "script2.ps1.ps1", "tags": "family:cobaltstrike,backdoor,trojan", "score": 10, "sha256": "e1ee26cf0fe92cbc06ba9d8a070bf38e2aa6563d5f8bfd4ceb1c6355a8b2eb98"}, {"sample": "221209-ksqp4acg43", "created": "2022-12-09 08:52:04.578563 +0000 +0000", "kind": "file", "filename": "333.png.ps1", "tags": "family:asyncrat,botnet:default,rat", "score": 10, "sha256": "5461290b4b5916ec49cdac98ac51b12640e3af20379cee26a7c002af83da5c5d"}, {"sample": "221209-kqfgcaff4y", "created": "2022-12-09 08:48:04.753615 +0000 +0000", "kind": "file", "filename": "333.png.ps1", "tags": "family:asyncrat,botnet:default,rat", "score": 10, "sha256": "53a22de4029b0d5d461c8cf0dbc0ce2166e2e2d6c5f0f842e6932a724950b802"}, {"sample": "221209-gqwlsafd8x", "created": "2022-12-09 06:01:04.58868 +0000 +0000", "kind": "file", "filename": "cyberpatriot.ps1", "tags": "", "score": 1, "sha256": "6abe1b3b3ec75d1f19290c322e485fbc94a546d18e95b38ab5c52c8ad32ebf7c"}, {"sample": "221209-gpn6bace38", "created": "2022-12-09 05:58:58.057695 +0000 +0000", "kind": "file", "filename": "cyberpatriot.ps1", "tags": "", "score": 1, "sha256": "d5541cba2163c3a362dc65f977507b0608b7b27e99f84c1f558298385f2775d5"}, {"sample": "221209-gmsqqafd71", "created": "2022-12-09 05:55:40.030691 +0000 +0000", "kind": "file", "filename": "cyberpatriot.ps1", "tags": "", "score": 3, "sha256": "1885306566351ea4420fd41600d1dad32480c230c0eb72b39eca4cff4fe98b3e"}, {"sample": "221209-gl2x1afd7y", "created": "2022-12-09 05:54:22.12975 +0000 +0000", "kind": "file", "filename": "cyberpatriot.ps1", "tags": "", "score": 1, "sha256": "63a74378b6aaea640f5cb952142fee1f9dee2481000f23dd7ff7213e62197e1d"}, {"sample": "221209-gkpw2sfd7t", "created": "2022-12-09 05:52:01.897634 +0000 +0000", "kind": "file", "filename": "cyberpatriot.ps1", "tags": "", "score": 1, "sha256": "7ca0f79a186b42c3052b5df107bffab5a304a7869cf9c8ce021055f014706744"}, {"sample": "221209-f286kscd73", "created": "2022-12-09 05:23:15.382896 +0000 +0000", "kind": "file", "filename": "test.ps1", "tags": "", "score": 1, "sha256": "a13b6d25200b87b6607563ce8ae50a912bfbd5c607b1b03141e4183112619af2"}, {"sample": "221209-fs5f2afc9y", "created": "2022-12-09 05:09:04.097057 +0000 +0000", "kind": "file", "filename": "558.ps1", "tags": "family:quasar,botnet:j4s0n,spyware,trojan", "score": 10, "sha256": "49a3a414ff31030593bd744da620e60bac8cef1b8e04ad988bc7badd95e76595"}, {"sample": "221208-lyxw2ahe96", "created": "2022-12-08 09:57:04.547291 +0000 +0000", "kind": "file", "filename": "mel9.ps1", "tags": "", "score": 1, "sha256": "29c171dd48259dacc055d1b165bcbeb83a27c07716385a12ad615ddb54a9fd25"}, {"sample": "221208-bdql4sbf4v", "created": "2022-12-08 01:01:57.170593 +0000 +0000", "kind": "file", "filename": "BH.ps1", "tags": "", "score": 1, "sha256": "03f89b6c65eead280c94a29257fc1954eecdcd89bafea8be77e5c9d9b474362f"}, {"sample": "221207-xrvzmsfg25", "created": "2022-12-07 19:05:43.70909 +0000 +0000", "kind": "file", "filename": "run.ps1", "tags": "", "score": 10, "sha256": "beb303b3a630adab2b05e3c79c303836d23e378ea430974181d5ea80caadb002"}, {"sample": "221207-nevcxabf95", "created": "2022-12-07 11:19:04.289915 +0000 +0000", "kind": "file", "filename": "ps1.ps1", "tags": "", "score": 1, "sha256": "66baf7efff5db3537ebb34a419e00bbc6de793bc549cac049b25088587a6a89c"}, {"sample": "221207-jx94vscc4v", "created": "2022-12-07 08:04:05.825275 +0000 +0000", "kind": "file", "filename": "ssd.ps1", "tags": "", "score": 6, "sha256": "ba9d426a7263ec852c779938f0d484073886df271fffeae8a8248d735b64c951"}, {"sample": "221207-jwj62sha83", "created": "2022-12-07 08:01:05.222527 +0000 +0000", "kind": "file", "filename": "av.ps1", "tags": "persistence", "score": 6, "sha256": "6b8b824f5aa773ebdec8a34a338f426a2e58b372ef1ed251c0f763e2f46cf7d1"}, {"sample": "221207-jv1gmsca6w", "created": "2022-12-07 08:00:07.132636 +0000 +0000", "kind": "file", "filename": "red.ps1", "tags": "", "score": 1, "sha256": "1f531a7a7e0024d96701bd6c09c97cda0e56690deb7b53b9b855017000bf0baa"}, {"sample": "221207-jjnzgagb62", "created": "2022-12-07 07:42:04.059853 +0000 +0000", "kind": "file", "filename": "script.ps1", "tags": "", "score": 10, "sha256": "f2bf00d0e3d2462f9d02f4e5f9583cd7c445fac183fa7b417652bb175c609bb2"}, {"sample": "221207-gjwcfadb8v", "created": "2022-12-07 05:50:34.086818 +0000 +0000", "kind": "file", "filename": "config_20.ps1", "tags": "", "score": 8, "sha256": "f33194c7ce8d8b5903ecc601428dec939d8ac28bb37513359333a33364b8abc8"}, {"sample": "221206-z6p32sgh4s", "created": "2022-12-06 21:20:01.571308 +0000 +0000", "kind": "file", "filename": "aggah.ps1", "tags": "collection,persistence", "score": 10, "sha256": "fa8f6002a8d571256dc88960a69ab44c7cbf65227c45e5b4750007d5749bbd44"}, {"sample": "221206-vt1xkabb4w", "created": "2022-12-06 17:17:38.511579 +0000 +0000", "kind": "file", "filename": "download.ps1", "tags": "family:netsupport,persistence,rat", "score": 10, "sha256": "157b4754d3cc372bb4b236c37036eb0729cff6bba01220f3d0cc1c9f340d68ea"}, {"sample": "221206-tnrw2acg99", "created": "2022-12-06 16:12:32.483569 +0000 +0000", "kind": "file", "filename": "trigger.ps1", "tags": "", "score": 1, "sha256": "bcaa19f8380343001b94b6e9ca5883b95c0778da712a1ec1b9046e5605c92103"}, {"sample": "221206-h3lssaed32", "created": "2022-12-06 07:15:44.030595 +0000 +0000", "kind": "file", "filename": "60b19c06f3bdce02109e49f1d1f558e9d3f8cbaae629e2b1db5df096f39a2f67.ps1", "tags": "", "score": 4, "sha256": "60b19c06f3bdce02109e49f1d1f558e9d3f8cbaae629e2b1db5df096f39a2f67"}, {"sample": "221205-sqrhlsca45", "created": "2022-12-05 15:20:05.075708 +0000 +0000", "kind": "file", "filename": "shell2.ps1", "tags": "spyware,stealer", "score": 8, "sha256": "6ea60865ad14aec0a57463927be8902dc7dbf7d4c5d1b939e80cb12ce61b6b26"}, {"sample": "221205-kfjq1sga3z", "created": "2022-12-05 08:32:31.314471 +0000 +0000", "kind": "file", "filename": "install.ps1", "tags": "evasion", "score": 8, "sha256": "263942724d526809d341cc855e2d4cd0277c34f67acaede643af569dbaa9f766"}, {"sample": "221205-jphpmshh79", "created": "2022-12-05 07:50:31.700883 +0000 +0000", "kind": "file", "filename": "5.ps1", "tags": "", "score": 8, "sha256": "df4d872bf533171a99d0be63f9aecd3a37465b60e66ea7cb010f2fc3dfc70a2a"}, {"sample": "221205-jn2fcshh48", "created": "2022-12-05 07:49:41.499552 +0000 +0000", "kind": "file", "filename": "4.ps1", "tags": "", "score": 1, "sha256": "a04f2413fc76e396cac71a02caaf4c2086ad8b71ab013b67b8c48b311a2cdb9d"}, {"sample": "221205-jaf79sgg29", "created": "2022-12-05 07:27:43.1328 +0000 +0000", "kind": "file", "filename": "2.ps1", "tags": "", "score": 8, "sha256": "df4d872bf533171a99d0be63f9aecd3a37465b60e66ea7cb010f2fc3dfc70a2a"}, {"sample": "221205-hyfe7sfg34", "created": "2022-12-05 07:08:27.015525 +0000 +0000", "kind": "file", "filename": "hws_auto.ps1", "tags": "", "score": 1, "sha256": "c8a84085ee7957094f97b01980bcee6eca42ec767c0c9f25d36a9576b42f83f3"}, {"sample": "221205-hx8elaff94", "created": "2022-12-05 07:08:04.050661 +0000 +0000", "kind": "file", "filename": "1.ps1", "tags": "", "score": 1, "sha256": "27f36fd820e6ce63b0dc56b1fa00d59227412b48b21c94f2cee7213bf38cb780"}, {"sample": "221205-hxcmxsff35", "created": "2022-12-05 07:06:33.315349 +0000 +0000", "kind": "file", "filename": "p.ps1", "tags": "family:cobaltstrike,backdoor,trojan", "score": 10, "sha256": "30690dc89f08908c0587d010cbdbfd5689d7896c0599488987f4a9b1893b5e12"}, {"sample": "221205-hwxxgafe85", "created": "2022-12-05 07:05:48.291142 +0000 +0000", "kind": "file", "filename": "fund.ps1", "tags": "", "score": 1, "sha256": "d58df098c623c92f21c589bb4ec063007d1e712eb641122acfbfed610acd2deb"}, {"sample": "221205-hv324abe5v", "created": "2022-12-05 07:04:20.420478 +0000 +0000", "kind": "file", "filename": "2.ps1", "tags": "", "score": 1, "sha256": "849a5770162157e01126634b2a58ba0c52dd3c963dc659433fe5280f3ec043ff"}, {"sample": "221205-hkcgdsaf3z", "created": "2022-12-05 06:47:19.07521 +0000 +0000", "kind": "file", "filename": "rick.ps1", "tags": "", "score": 1, "sha256": "498f5672d5a59ae0a033c263d8495e57ebdc7539d508d519c6a232a978759986"}, {"sample": "221205-hkbj4aaf3t", "created": "2022-12-05 06:47:16.280886 +0000 +0000", "kind": "file", "filename": "PowerUp.ps1", "tags": "", "score": 1, "sha256": "9d59d4c128570eb80c0e8d13e2185030f93d965278b203c91dd196b2e1d3cd22"}, {"sample": "221205-hj9qhaaf2w", "created": "2022-12-05 06:47:10.73963 +0000 +0000", "kind": "file", "filename": "GetCLSID.ps1", "tags": "", "score": 1, "sha256": "b23406fdfebd4eba6b930ebab7ba0def7e969d5ec94c680cbf57941db02b293e"}, {"sample": "221205-g718ladc78", "created": "2022-12-05 06:27:32.313579 +0000 +0000", "kind": "file", "filename": "C0snP4ts6.ps1", "tags": "", "score": 1, "sha256": "423b88feceb4f1ee593e9ef1289f92b2ffa65f550fa0c0f46614b964e3bb3423"}, {"sample": "221205-f9g23aee4v", "created": "2022-12-05 05:34:10.638673 +0000 +0000", "kind": "file", "filename": "shvnc.ps1", "tags": "", "score": 7, "sha256": "1d3e573d432ef094fba33f615aa0564feffa99853af77e10367f54dc6df95509"}, {"sample": "221203-yv23ssfc3y", "created": "2022-12-03 20:07:13.805313 +0000 +0000", "kind": "file", "filename": "file01.ps1", "tags": "", "score": 1, "sha256": "475b007a8368873fab4b02a9ac6443d82a461b1a71d8f3cce60d11dc812cd92c"}, {"sample": "221203-rk34sabg81", "created": "2022-12-03 14:16:00.531671 +0000 +0000", "kind": "file", "filename": "install.ps1", "tags": "", "score": 1, "sha256": "5bf078c4bb001bb43c52ad603b02781eeb1b8de2cb861fddab949530099ccecd"}, {"sample": "221203-rkgksabg41", "created": "2022-12-03 14:14:56.301217 +0000 +0000", "kind": "file", "filename": "install.ps1", "tags": "", "score": 1, "sha256": "241777450fbd1c25665e83331c112ba379d709e8c757b59d229e39365184f103"}, {"sample": "221203-rdbe7afg44", "created": "2022-12-03 14:04:10.595562 +0000 +0000", "kind": "file", "filename": "install.ps1.ps1", "tags": "", "score": 1, "sha256": "241777450fbd1c25665e83331c112ba379d709e8c757b59d229e39365184f103"}, {"sample": "221203-mxtcwsge4w", "created": "2022-12-03 10:51:03.221846 +0000 +0000", "kind": "file", "filename": "b.ps1", "tags": "family:asyncrat,botnet:default,rat", "score": 10, "sha256": "248d8893d926c765d168bd48211650094dbcf8a8988c448f3b271c41bec8ca9d"}, {"sample": "221203-jd5p2aad7y", "created": "2022-12-03 07:34:08.390463 +0000 +0000", "kind": "file", "filename": "jxz4qd40ulc99nv407l2gae9156tyqr5.ps1", "tags": "", "score": 8, "sha256": "872f44ccb4c39f2da379c082ac4ad5acc06b363374a615929def47c18b0f9642"}, {"sample": "221203-dyrq1sah39", "created": "2022-12-03 03:25:19.352401 +0000 +0000", "kind": "file", "filename": "temp.ps1", "tags": "", "score": 1, "sha256": "b71b17815deffae0a9039cd351881d700c37bb696d6cd059a5bdb9b26ae6917d"}, {"sample": "221202-wf1v3sdh61", "created": "2022-12-02 17:52:35.599145 +0000 +0000", "kind": "file", "filename": "TSBackgroundInit.ps1", "tags": "", "score": 1, "sha256": "8be457e37c9c3b844754b1d0ef973a4816a258f45971584d2c604597b3b0d17d"}, {"sample": "221202-v5yatahd29", "created": "2022-12-02 17:34:58.445465 +0000 +0000", "kind": "file", "filename": "script.ps1", "tags": "", "score": 1, "sha256": "657a0c3b1eda61182968bfbcb2253aeea23ab68b47724ef940b724ed3211d310"}, {"sample": "221202-p998aaea2x", "created": "2022-12-02 13:02:56.937746 +0000 +0000", "kind": "file", "filename": "vbs.ps1", "tags": "", "score": 8, "sha256": "aa808eecafefa02959b92a4dd94396c828310b2979c81b958d55286f0e25e060"}, {"sample": "221202-n4v1qsed55", "created": "2022-12-02 11:57:33.81151 +0000 +0000", "kind": "file", "filename": "script.ps1", "tags": "", "score": 1, "sha256": "189df5b6de0be1a3169e54852ff5950351014c4b9ce14910089531ae70497d49"}, {"sample": "221202-lgx6gadb83", "created": "2022-12-02 09:30:52.911275 +0000 +0000", "kind": "file", "filename": "pl.ps1", "tags": "family:xworm,rat,trojan", "score": 10, "sha256": "b4cf39d94705a3e9096bfbf44501f3006b5e7b648706e0bee6113cd2cd906a57"}, {"sample": "221202-h3cj4sea66", "created": "2022-12-02 07:15:17.26123 +0000 +0000", "kind": "file", "filename": "malware.ps1", "tags": "", "score": 1, "sha256": "1ab0dbb31ab728bfdc006eeeb96b0c54c6d33322feed39bb8b0ad48eabdae9f7"}, {"sample": "221201-zj6ghsab39", "created": "2022-12-01 20:45:51.627429 +0000 +0000", "kind": "file", "filename": "beacon.ps1", "tags": "family:cobaltstrike,backdoor,trojan", "score": 10, "sha256": "ebfa5bf16b4198bc6acee486cd020d701c54be3503e62d78e002ef4c36a91d22"}, {"sample": "221201-x2sbhafh5v", "created": "2022-12-01 19:21:18.397508 +0000 +0000", "kind": "file", "filename": "sound.ps1", "tags": "", "score": 1, "sha256": "4a9aa3c4b35a0855e4cb677c3769f766ae3383e272bf89a6921f3992a3180d41"}, {"sample": "221130-3en88aec59", "created": "2022-11-30 23:25:48.375079 +0000 +0000", "kind": "file", "filename": "b4.ps1", "tags": "", "score": 10, "sha256": "869a1d9d22ac581292f4eaeb8ab8ff9a0006940d56fe0fd45c2344eecba2c990"}, {"sample": "221130-2rgjgacb66", "created": "2022-11-30 22:48:44.436088 +0000 +0000", "kind": "file", "filename": "b4.ps1", "tags": "", "score": 10, "sha256": "869a1d9d22ac581292f4eaeb8ab8ff9a0006940d56fe0fd45c2344eecba2c990"}, {"sample": "221130-zwejkahd4s", "created": "2022-11-30 21:03:46.127263 +0000 +0000", "kind": "file", "filename": "run.ps1", "tags": "", "score": 1, "sha256": "71860f5366c6d7dee19dd706c93ff8a3bc0ed3acdcaa12d31125708e494f4422"}, {"sample": "221130-v91xhabe37", "created": "2022-11-30 17:42:06.334186 +0000 +0000", "kind": "file", "filename": "possessively.ps1", "tags": "", "score": 1, "sha256": "b9efb8b9e271b08de4b59d78720796e7b428a989e8d7cb05f01713ea526b86dd"}, {"sample": "221130-vreasacg2t", "created": "2022-11-30 17:13:04.070918 +0000 +0000", "kind": "file", "filename": "mammary.ps1", "tags": "", "score": 1, "sha256": "ade01ba047aea55733967891270a531473996e31d8b38f02d56f6d2102d1a393"}, {"sample": "221130-vf811shb47", "created": "2022-11-30 16:57:03.293617 +0000 +0000", "kind": "file", "filename": "d.ps1", "tags": "discovery,persistence", "score": 10, "sha256": "d39f2d6ac1bf8a4d3de0e204461b5aaf055dfd1de9db77b03653ee31da4f4c1f"}, {"sample": "221130-st1wfsef6y", "created": "2022-11-30 15:25:47.103902 +0000 +0000", "kind": "file", "filename": "asd.ps1", "tags": "", "score": 1, "sha256": "10c7ac0242317316dec91eeb38e17d143031cc462484fba688d0c9ed9bf41be6"}, {"sample": "221128-rq95aaad26", "created": "2022-11-28 14:25:04.747025 +0000 +0000", "kind": "file", "filename": "8969122ef3485df.log.ps1", "tags": "family:cobaltstrike,botnet:0,backdoor,trojan", "score": 10, "sha256": "93b0f19011468a4864c114bcbcfc55f460e2c789b14ea893c26ce450d3c21a9e"}, {"sample": "221121-lhqssadb97", "created": "2022-11-21 09:32:16.527235 +0000 +0000", "kind": "file", "filename": "temp.ps1", "tags": "family:metasploit", "score": 10, "sha256": "5eafbd63527f5284af201e0345cc4883231c67d06908bd8b96bb5d8ad4316ca7"}, {"sample": "221110-pjba9shgb5", "created": "2022-11-10 12:21:03.040818 +0000 +0000", "kind": "file", "filename": "2023d47b-abba-47f0-aef2-7e9669e7ebaa-unknown.ps1", "tags": "family:cobaltstrike,botnet:0,botnet:666,backdoor,trojan", "score": 10, "sha256": "3871c25cf9f666513c2ccc3b6d40ccb7c8556330b68c979d9e93121c6a8136a1"}, {"sample": "221107-kmxapaaggr", "created": "2022-11-07 08:43:38.00941 +0000 +0000", "kind": "file", "filename": "test.ps1", "tags": "family:metasploit", "score": 10, "sha256": "5eafbd63527f5284af201e0345cc4883231c67d06908bd8b96bb5d8ad4316ca7"}, {"sample": "221029-lfdensbebm", "created": "2022-10-29 09:28:09.507765 +0000 +0000", "kind": "file", "filename": "d57cc44c0e9b2e69246126c1634441551e2a81c440e6f4aa21186a7543e047.ps1", "tags": "family:cobaltstrike,backdoor,trojan", "score": 10, "sha256": "d57cc44c0e9b2e69246126c1634441551e2a81c440e6f4aa21186a7543e047e9"}, {"sample": "221012-g3sewscgar", "created": "2022-10-12 06:20:07.374337 +0000 +0000", "kind": "file", "filename": "payload.ps1", "tags": "family:metasploit", "score": 10, "sha256": "108705df33a43a670bcbb334bdc710fe164bc6b5479afd59808d5810dbcbda27"}, {"sample": "221011-najevabggk", "created": "2022-10-11 11:11:32.763818 +0000 +0000", "kind": "file", "filename": "abc.ps1", "tags": "family:cobaltstrike", "score": 10, "sha256": "c25c45286fd71633d746fd6be108854f243d89129dc340d251b337bb414fb0b7"}, {"sample": "221007-rxrarachek", "created": "2022-10-07 14:34:38.500333 +0000 +0000", "kind": "file", "filename": "scc.ps1", "tags": "family:metasploit", "score": 10, "sha256": "3fda97145f2c4f9b35bfadb80717e8a57de1e5b9eeb505241f700bd8ca633e36"}, {"sample": "221004-tdjgxabde5", "created": "2022-10-04 15:56:24.70554 +0000 +0000", "kind": "file", "filename": "2022-10-04-Cobalt-Strike-PowerShell-script.ps1", "tags": "family:cobaltstrike,botnet:305419776", "score": 10, "sha256": "967e4afe80e8e0f005ffca8baaf18e4eb7b997709d9d40e6aeca1b8189f5be90"}, {"sample": "221002-vhs3ksfcf2", "created": "2022-10-02 16:59:47.501824 +0000 +0000", "kind": "file", "filename": "endpoint.ps1", "tags": "family:cobaltstrike,botnet:0,backdoor,trojan", "score": 10, "sha256": "e9be230d8b8d6c3256ebad50067dfccfb95b898c9c7c11d7439071d9f40ee4de"}, {"sample": "220929-art11shde4", "created": "2022-09-29 00:27:11.072045 +0000 +0000", "kind": "file", "filename": "t2.ps1", "tags": "family:metasploit", "score": 10, "sha256": "2a0a47c03449b087f0a4fb6387b7605e2581af2291e0aec966e8deb410297310"}, {"sample": "220914-c18xmshba9", "created": "2022-09-14 02:33:43.298583 +0000 +0000", "kind": "file", "filename": "update.ps1", "tags": "family:cobaltstrike,backdoor,trojan", "score": 10, "sha256": "558334aa04310114c9433cbd33f44bb35b05f6bd0a29be944adc086215f3b65b"}, {"sample": "220911-csh19aahd7", "created": "2022-09-11 02:20:14.122294 +0000 +0000", "kind": "file", "filename": "file.ps1", "tags": "family:cobaltstrike,family:metasploit,backdoor,trojan", "score": 10, "sha256": "d6a8f5cf11e992ce94895e59cfa08a4b7d36d2552587c9db6c7f3b1a338e7d08"}, {"sample": "220911-cqt1qsahd5", "created": "2022-09-11 02:17:17.008674 +0000 +0000", "kind": "file", "filename": "file01.ps1", "tags": "family:cobaltstrike,backdoor,trojan", "score": 10, "sha256": "7adb5cdcea9ed3c40e6780d8975aa8ae433e0e839ce6e336612fd2b2a4b7863d"}, {"sample": "220911-cpqlxsefbn", "created": "2022-09-11 02:15:21.394897 +0000 +0000", "kind": "file", "filename": "run.ps1", "tags": "family:cobaltstrike,family:metasploit,backdoor,trojan", "score": 10, "sha256": "d6a8f5cf11e992ce94895e59cfa08a4b7d36d2552587c9db6c7f3b1a338e7d08"}, {"sample": "220824-lv7xtsbfhl", "created": "2022-08-24 09:52:19.829952 +0000 +0000", "kind": "file", "filename": "2.ps1", "tags": "family:metasploit", "score": 10, "sha256": "a66f6ec5d504f0e6fb16ca39d148754e8528413804fe7dcfae7bef1800192e79"}, {"sample": "220822-y7r4cscghm", "created": "2022-08-22 20:25:57.387918 +0000 +0000", "kind": "file", "filename": "defender.ps1", "tags": "family:cobaltstrike,backdoor,trojan", "score": 10, "sha256": "0fde3063fc11bf3901d5323487e7407c30df22bee7d694e44aa689e9e755f74d"}, {"sample": "220803-g26wwsfhf2", "created": "2022-08-03 06:19:03.553939 +0000 +0000", "kind": "file", "filename": "beacon.ps1", "tags": "family:cobaltstrike,botnet:0,backdoor,trojan", "score": 10, "sha256": "356bef23d9b91f713fd54e5bef83bf738e869ca51324b580aed0d649bfdefea3"}, {"sample": "220731-q9dprafhg5", "created": "2022-07-31 13:57:18.540574 +0000 +0000", "kind": "file", "filename": "chimera_beacon.ps1", "tags": "family:cobaltstrike,backdoor,trojan", "score": 10, "sha256": "f8dfeab7eac59e00af98df0e921339fe4ab6629a7cded88975cfff75c03e2b91"}, {"sample": "220727-zzct5sdda2", "created": "2022-07-27 21:08:55.583476 +0000 +0000", "kind": "file", "filename": "file01.ps1", "tags": "family:metasploit,backdoor,trojan", "score": 10, "sha256": "98ed106214691f992cd498dcc9e8c38fada04df2ce6b91fd1a42247427d33e71"}, {"sample": "220714-gd2x2abch8", "created": "2022-07-14 05:42:08.463953 +0000 +0000", "kind": "file", "filename": "trigger.ps1", "tags": "family:cobaltstrike,backdoor,suricata,trojan", "score": 10, "sha256": "858f567340cee8755dbd745b6afd9adc78a998bf2cbfda85e6302197994c577c"}, {"sample": "220630-kbhcdsbdd8", "created": "2022-06-30 08:25:27.928547 +0000 +0000", "kind": "file", "filename": "cs1.ps1", "tags": "family:cobaltstrike", "score": 10, "sha256": "7b82ae11092cac9043323f554f7b81ce576c50129b0f09c2e9f9ac870ad65046"}, {"sample": "220624-dqyvcscah9", "created": "2022-06-24 03:13:25.650385 +0000 +0000", "kind": "file", "filename": "8d9190d9e5229b82ab2cc33eccf7fe6c74a269a2daf5c567991772266dfca943.ps1", "tags": "family:metasploit", "score": 10, "sha256": "8d9190d9e5229b82ab2cc33eccf7fe6c74a269a2daf5c567991772266dfca943"}, {"sample": "220620-mvh45scdhp", "created": "2022-06-20 10:47:03.067859 +0000 +0000", "kind": "file", "filename": "cobaltstrike.ps1", "tags": "family:cobaltstrike,botnet:0,botnet:1234567890,backdoor,suricata,trojan", "score": 10, "sha256": "1b779efc0b5b86952f7ff7ee3d6fd72c1a7b941f5a55641c72ca7dbd18f250ae"}, {"sample": "220615-fgs9mahhb8", "created": "2022-06-15 04:51:02.873944 +0000 +0000", "kind": "file", "filename": "Shellcode.ps1", "tags": "family:cobaltstrike,botnet:0,backdoor,suricata,trojan", "score": 10, "sha256": "29de77712bb5ff6efd087c61de0d3d79a7ffe010e0dd6da8c07f031687964a5f"}, {"sample": "220615-ez9hwscgdp", "created": "2022-06-15 04:23:51.986062 +0000 +0000", "kind": "file", "filename": "123.ps1.ps1", "tags": "family:cobaltstrike,botnet:0", "score": 10, "sha256": "37402be4a0f652bf3d1714944b9cd64f0201d509f2ef75d19f211be5cf55ffe1"}, {"sample": "220615-ex46dscfep", "created": "2022-06-15 04:20:07.032853 +0000 +0000", "kind": "file", "filename": "Shellcode.ps1", "tags": "family:cobaltstrike,botnet:0,backdoor,suricata,trojan", "score": 10, "sha256": "29de77712bb5ff6efd087c61de0d3d79a7ffe010e0dd6da8c07f031687964a5f"}, {"sample": "220607-jesrvscba4", "created": "2022-06-07 07:35:17.070669 +0000 +0000", "kind": "file", "filename": "download.ps1", "tags": "family:metasploit", "score": 10, "sha256": "d85f98d099a72c2b51b142e63916264f2a7051aeff04959214d91e69fcc1e590"}, {"sample": "220601-kr93cabbgj", "created": "2022-06-01 08:51:16.127976 +0000 +0000", "kind": "file", "filename": "cow.ps1.ps1", "tags": "family:cobaltstrike,backdoor,suricata,trojan", "score": 10, "sha256": "f3d3135a00a7ba7771f009bdbec8d5cb92ee096754eef39ebbca1ceb13829539"}, {"sample": "220531-kwlkjsagf3", "created": "2022-05-31 08:57:05.254691 +0000 +0000", "kind": "file", "filename": "4114796b6e78026b46e22ded9c368760129544f70fd9955fe9fc9b1e804d96b2.ps1", "tags": "family:cobaltstrike", "score": 10, "sha256": "4114796b6e78026b46e22ded9c368760129544f70fd9955fe9fc9b1e804d96b2"}, {"sample": "220425-jccymabed9", "created": "2022-04-25 07:31:02.578288 +0000 +0000", "kind": "file", "filename": "1.ps1", "tags": "family:cobaltstrike,botnet:0,backdoor,trojan", "score": 10, "sha256": "496af0522abd6667a524a45cd7f5488d9d2c0c4657bb48f3c42237bd3d4ef233"}, {"sample": "220409-r7fxrsadg8", "created": "2022-04-09 14:49:51.505069 +0000 +0000", "kind": "file", "filename": "asdfg.ps1", "tags": "family:cobaltstrike,botnet:1359593325", "score": 10, "sha256": "acc23a776415d931b64e95919b3372562b17a7c2717e1d530b031a6f29404b94"}, {"sample": "220404-tc7s4sgge8", "created": "2022-04-04 15:55:49.207773 +0000 +0000", "kind": "file", "filename": "payload.ps1", "tags": "family:cobaltstrike,family:mimikatz,botnet:0,backdoor,trojan", "score": 10, "sha256": "aee73492d7ddbf4f2684e7b0adc74377b1de363ad07dc8643a5d341d7b15a63f"}, {"sample": "220401-rcnzwsgffr", "created": "2022-04-01 14:03:03.612834 +0000 +0000", "kind": "file", "filename": "powershell.ps1", "tags": "family:cobaltstrike", "score": 10, "sha256": "4114796b6e78026b46e22ded9c368760129544f70fd9955fe9fc9b1e804d96b2"}, {"sample": "220322-vkemzacgcn", "created": "2022-03-22 17:02:36.726029 +0000 +0000", "kind": "file", "filename": "11.ps1", "tags": "family:cobaltstrike,backdoor,trojan", "score": 10, "sha256": "b0cd41b67c8bd548882b2c09344bac72eadc503c4312b6b5b301a781d45b8c77"}, {"sample": "220226-xgjhvsbde3", "created": "2022-02-26 18:49:25.568727 +0000 +0000", "kind": "file", "filename": "payload.ps1", "tags": "family:metasploit,backdoor,trojan", "score": 10, "sha256": "fd6e443a31c23d08ce8de1cd204dcaa89548f3116fe41c559940fe6b9c719500"}, {"sample": "220225-fbet2sefg6", "created": "2022-02-25 04:41:37.541256 +0000 +0000", "kind": "file", "filename": "payload.ps1", "tags": "family:metasploit,backdoor,trojan", "score": 10, "sha256": "fd6e443a31c23d08ce8de1cd204dcaa89548f3116fe41c559940fe6b9c719500"}, {"sample": "220220-kkanxabfgp", "created": "2022-02-20 08:39:04.933076 +0000 +0000", "kind": "file", "filename": "payload.ps1", "tags": "family:cobaltstrike,backdoor,trojan", "score": 10, "sha256": "887091c7f045b9f69b933b34876b428e39ed58dce7a6a60f2516a60e012ff676"}, {"sample": "220220-kkanxaaeh9", "created": "2022-02-20 08:39:04.886527 +0000 +0000", "kind": "file", "filename": "payload11.ps1", "tags": "family:cobaltstrike,backdoor,trojan", "score": 10, "sha256": "29debd7e332b3c5871c553033f29636316c35c0a1c616579ca52c7d74607cdac"}, {"sample": "220220-kkanxaaeh8", "created": "2022-02-20 08:39:04.829485 +0000 +0000", "kind": "file", "filename": "1.ps1", "tags": "family:cobaltstrike,backdoor,trojan", "score": 10, "sha256": "325377c8b4a834539b3cbbd3ac8fb1a9b0a89d30220a1da21b1dacc90817844f"}, {"sample": "220220-kkanxabfgm", "created": "2022-02-20 08:39:04.702173 +0000 +0000", "kind": "file", "filename": "117.ps1", "tags": "family:cobaltstrike,backdoor,trojan", "score": 10, "sha256": "5ab0d0dd50bc7c58f41cca31234d96095bdd87b4fa045ac8753746d22e3f8860"}, {"sample": "220203-znj43sdgan", "created": "2022-02-03 20:51:47.846232 +0000 +0000", "kind": "file", "filename": "test2.ps1", "tags": "family:cobaltstrike,family:m00nd3v_logger,botnet:305419776,backdoor,persistence,spyware,stealer,trojan", "score": 10, "sha256": "cc1421b4af193c9b58aa0b7afaa893a12048dd1f9be3528ca577c38ab846ca32"}, {"sample": "220125-l1vvfsdeem", "created": "2022-01-25 10:00:27.179113 +0000 +0000", "kind": "file", "filename": "4e9580ffb8bab8f70e2a1a6dfd5e29b279ae3ed0eb828aa11cf58d12f0dc6cdd.ps1", "tags": "family:cobaltstrike,botnet:426352781,backdoor,suricata,trojan", "score": 10, "sha256": "4e9580ffb8bab8f70e2a1a6dfd5e29b279ae3ed0eb828aa11cf58d12f0dc6cdd"}, {"sample": "220104-g53nmsfha9", "created": "2022-01-04 06:24:07.670381 +0000 +0000", "kind": "file", "filename": "payload.ps1", "tags": "family:metasploit,backdoor,trojan", "score": 10, "sha256": "6881531ab756d62bdb0c3279040a5cbe92f9adfeccb201cca85b7d3cff7158d3"}, {"sample": "211225-1k9q1aahd8", "created": "2021-12-25 21:43:42.294584 +0000 +0000", "kind": "file", "filename": "p3184.ps1", "tags": "family:metasploit,backdoor,trojan", "score": 10, "sha256": "0b9f0741bf4bd933b58416d8699c08d84be15eff3526cec402fca36a365f6ba2"}, {"sample": "211222-a2g47segf2", "created": "2021-12-22 00:42:19.914634 +0000 +0000", "kind": "file", "filename": "nettime.ps1", "tags": "family:cobaltstrike,botnet:0,backdoor,trojan", "score": 10, "sha256": "885337a78d1f9be96f12e666e338ecd8ca482166da9505ca4d6f67314e6ffac1"}, {"sample": "211215-sncaxahhc6", "created": "2021-12-15 15:15:52.316189 +0000 +0000", "kind": "file", "filename": "p3184.ps1", "tags": "family:metasploit,backdoor,trojan", "score": 10, "sha256": "0b9f0741bf4bd933b58416d8699c08d84be15eff3526cec402fca36a365f6ba2"}, {"sample": "211214-v3sybagbe6", "created": "2021-12-14 17:31:14.402182 +0000 +0000", "kind": "file", "filename": "somefile.ps1", "tags": "family:cobaltstrike,backdoor,trojan", "score": 10, "sha256": "618bf3b7d8d55f68f2837c0e783f54eeb02c23da1d45488b752c17baca739b52"}, {"sample": "211111-1q112shcgr", "created": "2021-11-11 21:52:01.953449 +0000 +0000", "kind": "file", "filename": "meterpreter64.ps1", "tags": "family:metasploit,backdoor,trojan", "score": 10, "sha256": "594aeae75a01890fa987d821c0d38c9e6f34d03510333e650408307223daad3c"}, {"sample": "211110-jvzv4sgee9", "created": "2021-11-10 08:00:05.977672 +0000 +0000", "kind": "file", "filename": "suspected_cobalt_strike.ps1", "tags": "family:cobaltstrike,botnet:0,botnet:1580103824,backdoor,trojan", "score": 10, "sha256": "4e7b0e506fc2b845085fbbbfc735d85edc4a3ec32eaeb83877a5bc0539a89e6b"}, {"sample": "211102-rd6lbscgf9", "created": "2021-11-02 14:05:39.110457 +0000 +0000", "kind": "file", "filename": "meterpreter64.ps1", "tags": "family:metasploit,backdoor,trojan", "score": 10, "sha256": "594aeae75a01890fa987d821c0d38c9e6f34d03510333e650408307223daad3c"}, {"sample": "211101-tkz38sfbem", "created": "2021-11-01 16:07:41.40122 +0000 +0000", "kind": "file", "filename": "meterpreter64.ps1", "tags": "family:metasploit,backdoor,trojan", "score": 10, "sha256": "594aeae75a01890fa987d821c0d38c9e6f34d03510333e650408307223daad3c"}, {"sample": "211101-tg3pysacb5", "created": "2021-11-01 16:02:35.148809 +0000 +0000", "kind": "file", "filename": "meterpreter64.ps1", "tags": "family:metasploit,backdoor,persistence,trojan", "score": 10, "sha256": "594aeae75a01890fa987d821c0d38c9e6f34d03510333e650408307223daad3c"}, {"sample": "211029-vzld3aadep", "created": "2021-10-29 17:25:38.133884 +0000 +0000", "kind": "file", "filename": "script.ps1", "tags": "family:cobaltstrike,family:metasploit,botnet:426352781,backdoor,trojan", "score": 10, "sha256": "c187f5420454d32474c2c7052058428f219dc5164cb187b5f194693adab537c1"}, {"sample": "211028-yarrbscbc9", "created": "2021-10-28 19:35:15.823118 +0000 +0000", "kind": "file", "filename": "bad.ps1", "tags": "family:metasploit,backdoor,trojan", "score": 10, "sha256": "0b1e8147d244c72f88a7e11862af69e208a45e3135b1a349d5297d0c3ae7decb"}, {"sample": "211028-q4fl6abfh5", "created": "2021-10-28 13:48:40.162134 +0000 +0000", "kind": "file", "filename": "8d73bdad0ed068bf50666f54279864dbdfb12993ba3c3f7e696030ce36b61fca.ps1", "tags": "family:metasploit,backdoor,trojan", "score": 10, "sha256": "8d73bdad0ed068bf50666f54279864dbdfb12993ba3c3f7e696030ce36b61fca"}, {"sample": "211027-rmyxvafag2", "created": "2021-10-27 14:19:16.694066 +0000 +0000", "kind": "file", "filename": "script.ps1", "tags": "family:metasploit,backdoor,trojan", "score": 10, "sha256": "fef45cbf63be37dd3eaf0f29c3a6cd809f7bfd7773e15d7afd29b25537e83672"}, {"sample": "211027-q7zt7sehd9", "created": "2021-10-27 13:54:51.33654 +0000 +0000", "kind": "file", "filename": "script.ps1", "tags": "family:metasploit", "score": 10, "sha256": "bd68cef425192658fe9c13f91cf92218b53005f5bf6275b2258076ca0ae7bb85"}, {"sample": "211017-hjs3radbgq", "created": "2021-10-17 06:46:22.593689 +0000 +0000", "kind": "file", "filename": "meterpreter32.ps1", "tags": "family:metasploit,backdoor,trojan", "score": 10, "sha256": "ecc9933c8475223136f67c9bde711ead11c765024024015273109cd60ceb8c43"}, {"sample": "211017-hh2nhadbgn", "created": "2021-10-17 06:45:02.617573 +0000 +0000", "kind": "file", "filename": "meterpreter64.ps1", "tags": "family:metasploit,backdoor,trojan", "score": 10, "sha256": "594aeae75a01890fa987d821c0d38c9e6f34d03510333e650408307223daad3c"}, {"sample": "211017-hgr3nsdbgl", "created": "2021-10-17 06:42:49.77127 +0000 +0000", "kind": "file", "filename": "meterpreter64.ps1", "tags": "family:metasploit,backdoor,trojan", "score": 10, "sha256": "594aeae75a01890fa987d821c0d38c9e6f34d03510333e650408307223daad3c"}, {"sample": "210929-t5chnsfcg2", "created": "2021-09-29 16:38:01.257114 +0000 +0000", "kind": "file", "filename": "a.txt.ps1", "tags": "family:cobaltstrike,botnet:1580103824,backdoor,trojan", "score": 10, "sha256": "fd7426d1119241ce86b1b3327807635bc1a62372a3cc83f02f7b6a00925db89c"}, {"sample": "210927-pe9m9sghbk", "created": "2021-09-27 12:15:43.598513 +0000 +0000", "kind": "file", "filename": "txt.ps1", "tags": "family:cobaltstrike,botnet:1234567890,backdoor,suricata,trojan", "score": 10, "sha256": "2924239365ff3e956029b3a088b252d19fe9fd6738e4d8b0a3128cc771534124"}, {"sample": "210916-m3xmhafgfm", "created": "2021-09-16 10:59:58.093884 +0000 +0000", "kind": "file", "filename": "download1.ps1", "tags": "family:cobaltstrike,family:metasploit,botnet:426352781,backdoor,trojan", "score": 10, "sha256": "7a6b469dc74364543f7dd140053857303a6f6cb9225dc4973b583c64a35a0c9b"}, {"sample": "210909-dn241aafbp", "created": "2021-09-09 03:10:06.763782 +0000 +0000", "kind": "file", "filename": "doc2.ps1", "tags": "family:metasploit", "score": 10, "sha256": "0bd3097c6dbfeac3baa66f96668c4330c1fa22fb8b650e8d3635381c6813ed74"}, {"sample": "210909-dgq36aafaq", "created": "2021-09-09 02:59:04.291139 +0000 +0000", "kind": "file", "filename": "doc.ps1", "tags": "family:metasploit", "score": 10, "sha256": "bbe11a8ba473005b264c8c3866181ccc4caa0586ddf1e77f802d00056062de14"}, {"sample": "210903-qp6j2agdfj", "created": "2021-09-03 13:27:12.112086 +0000 +0000", "kind": "file", "filename": "1.ps1", "tags": "family:cobaltstrike,backdoor,persistence,trojan", "score": 10, "sha256": "c98d8922b0a867e1da0396f30f119161bc7be8d91e952427349b18d5f0076890"}, {"sample": "210901-aq1q7kk36n", "created": "2021-09-01 18:45:44.974162 +0000 +0000", "kind": "file", "filename": "w.ps1", "tags": "family:cobaltstrike", "score": 10, "sha256": "6d03edb1533eb6db06f463f8891d70220c1c2dc8211153b8a3ab3fc84abe1af6"}, {"sample": "210830-dh3v55b7f6", "created": "2021-08-30 10:51:11.468852 +0000 +0000", "kind": "file", "filename": "meterpreter-64.ps1", "tags": "family:metasploit,backdoor,trojan", "score": 10, "sha256": "f0b37ca6aa4e6501af3010f797a28163d4fa6ba4806594c26ae29dc06654a61d"}, {"sample": "210827-vylbsjm8je", "created": "2021-08-27 12:15:25.292038 +0000 +0000", "kind": "file", "filename": "beacon.ps1", "tags": "family:cobaltstrike,botnet:426352781,backdoor,trojan", "score": 10, "sha256": "414a43d269b4e77a77ee2a85098a595242c4b7abe972d3b52d2e0f1efeda1ad1"}, {"sample": "210825-yfpm1pv65a", "created": "2021-08-25 19:44:04.262014 +0000 +0000", "kind": "file", "filename": "1.ps1", "tags": "family:metasploit,backdoor,trojan", "score": 10, "sha256": "32c47b16028b9b5ebd2d950cb05912a40fef87029580f8162f8debb50afddbe3"}, {"sample": "210823-l78y9npd5a", "created": "2021-08-23 08:18:12.051968 +0000 +0000", "kind": "file", "filename": "aaa.ps1", "tags": "family:metasploit,backdoor,trojan", "score": 10, "sha256": "7af27b4c28902c8b1ec12dbd51ac1580b1c5e78a81c2ed1ee7a5a15be8599ed8"}, {"sample": "210823-lawb397z9n", "created": "2021-08-23 05:53:04.359656 +0000 +0000", "kind": "file", "filename": "ps1.ps1", "tags": "family:cobaltstrike,botnet:1873433027,backdoor,trojan", "score": 10, "sha256": "77258e937b54e80e783dce89106b44264a78e0a6afe12ace639c7ae98dfa3e26"}, {"sample": "210818-nkm5b1h6dx", "created": "2021-08-18 12:56:47.594813 +0000 +0000", "kind": "file", "filename": "dropper.ps1", "tags": "family:cobaltstrike,botnet:305419896,backdoor,trojan", "score": 10, "sha256": "9031447f19a071e49ac7e8ff1088d0eafc2f17910ad08ed09978402a0f9a44c1"}, {"sample": "210812-eee3cvsf62", "created": "2021-08-12 17:54:07.953485 +0000 +0000", "kind": "file", "filename": "test.ps1", "tags": "family:cobaltstrike,backdoor,trojan", "score": 10, "sha256": "23fea42ae4bcd730bd93ff65b1af8bad64bbec4a2d20477bf550f5b3382f05a3"}, {"sample": "210804-2mkwnhxlze", "created": "2021-08-04 13:32:18.972803 +0000 +0000", "kind": "file", "filename": "a85ce74c8fc41e1b88a5c85a35087e16123f41f3e22f69c923550ac43499c036.ps1", "tags": "family:metasploit,backdoor,trojan", "score": 10, "sha256": "a85ce74c8fc41e1b88a5c85a35087e16123f41f3e22f69c923550ac43499c036"}, {"sample": "210803-523ah8ygt2", "created": "2021-08-03 07:24:04.394171 +0000 +0000", "kind": "file", "filename": "forvt.ps1", "tags": "family:cobaltstrike,backdoor,trojan", "score": 10, "sha256": "8377182e1b8f4b9c5ad8fcd5f36c88d490447f3614db84e32483468df6848e1c"}, {"sample": "210730-vpl92evkke", "created": "2021-07-30 09:17:04.516857 +0000 +0000", "kind": "file", "filename": "payload.ps1", "tags": "family:cobaltstrike,backdoor,trojan", "score": 10, "sha256": "e560368fb054de8fb27d921d212bd4199b729487a1e2d17c95bc5b357331d14b"}, {"sample": "210730-vst1dpsm46", "created": "2021-07-30 09:17:04.469875 +0000 +0000", "kind": "file", "filename": "40010.ps1", "tags": "family:cobaltstrike,backdoor,trojan", "score": 10, "sha256": "4d08efe117387b43f8a008d9a0a4c7a78ebdaa08e010251bd089751ed27d26bc"}, {"sample": "210729-sbvpen6tzj", "created": "2021-07-29 16:13:54.556231 +0000 +0000", "kind": "file", "filename": "1.ps1", "tags": "family:cobaltstrike,family:metasploit,botnet:305419896,backdoor,trojan", "score": 10, "sha256": "2505081308adf0cc2de22df8164213d735ac462d088c3c1f8e913fd629a2ff9c"}, {"sample": "210729-s1jdez9g7x", "created": "2021-07-29 16:13:54.528302 +0000 +0000", "kind": "file", "filename": "payload.ps1", "tags": "family:cobaltstrike,family:metasploit,botnet:305419896,backdoor,trojan", "score": 10, "sha256": "3a3cd913b1916e4a4e1efea0f11ef31a865931137db8c518e1e293efffbb8497"}, {"sample": "210729-7ah2y33x9n", "created": "2021-07-29 15:02:04.798118 +0000 +0000", "kind": "file", "filename": "payload.ps1", "tags": "family:cobaltstrike,family:metasploit,botnet:305419896,backdoor,trojan", "score": 10, "sha256": "3a3cd913b1916e4a4e1efea0f11ef31a865931137db8c518e1e293efffbb8497"}, {"sample": "210729-ggwsqhs71j", "created": "2021-07-29 15:02:04.740285 +0000 +0000", "kind": "file", "filename": "1.ps1", "tags": "family:cobaltstrike,family:metasploit,botnet:305419896,backdoor,trojan", "score": 10, "sha256": "2505081308adf0cc2de22df8164213d735ac462d088c3c1f8e913fd629a2ff9c"}, {"sample": "210729-h1jvfhn2fn", "created": "2021-07-29 05:43:00.674309 +0000 +0000", "kind": "file", "filename": "2.ps1", "tags": "family:cobaltstrike,botnet:305419776,backdoor,trojan", "score": 10, "sha256": "8c813156ae4f735712d358fb1c8855c5adabeece86917909c47d66fb28570034"}, {"sample": "210727-qv2xqg2mnj", "created": "2021-07-27 05:53:26.041863 +0000 +0000", "kind": "file", "filename": "1.ps1", "tags": "family:cobaltstrike,botnet:305419776,backdoor,trojan", "score": 10, "sha256": "0748c90ba4f1fcf603134cd9f98aafad3298d4fb859b189cfdf0523f63aa85bf"}, {"sample": "210724-6bgkw16zen", "created": "2021-07-24 09:50:05.356449 +0000 +0000", "kind": "file", "filename": "meterpreter-64.ps1", "tags": "family:metasploit,backdoor,trojan", "score": 10, "sha256": "f0b37ca6aa4e6501af3010f797a28163d4fa6ba4806594c26ae29dc06654a61d"}, {"sample": "210724-c9q6l5nny6", "created": "2021-07-24 03:32:53.477203 +0000 +0000", "kind": "file", "filename": "meterpreter-64.ps1", "tags": "family:metasploit,backdoor,trojan", "score": 10, "sha256": "f0b37ca6aa4e6501af3010f797a28163d4fa6ba4806594c26ae29dc06654a61d"}, {"sample": "210714-5x6aksw19n", "created": "2021-07-14 11:26:25.340315 +0000 +0000", "kind": "file", "filename": "MemoryStream.ps1", "tags": "family:cobaltstrike,backdoor,trojan", "score": 10, "sha256": "a0a728d1c7eb4514abd82795e961f7c7c929dc147ccae534817b72dd403bc960"}, {"sample": "210713-3gdk7qmx52", "created": "2021-07-13 21:51:13.916444 +0000 +0000", "kind": "file", "filename": "3.ps1", "tags": "family:metasploit,backdoor,trojan", "score": 10, "sha256": "916b12c3c42a5a3531c425a1bd770e7e87ec8be4d9ef2c31b07f2e2ba0eac770"}, {"sample": "210713-sfx5s79wxe", "created": "2021-07-13 21:37:34.189473 +0000 +0000", "kind": "file", "filename": "1.ps1", "tags": "family:metasploit,backdoor,trojan", "score": 10, "sha256": "6cec8978d82b9748601d3382d7e714a1ca4ca71a5b8a34d4dce1481d569c1d8a"}, {"sample": "210709-tmexmnecyx", "created": "2021-07-09 19:15:07.438753 +0000 +0000", "kind": "file", "filename": "beacon.ps1", "tags": "family:cobaltstrike,botnet:426352781,backdoor,trojan", "score": 10, "sha256": "414a43d269b4e77a77ee2a85098a595242c4b7abe972d3b52d2e0f1efeda1ad1"}, {"sample": "210708-pvrwcbr29x", "created": "2021-07-08 16:34:55.336949 +0000 +0000", "kind": "file", "filename": "2.ps1", "tags": "family:metasploit,backdoor,trojan", "score": 10, "sha256": "b6c806fccfeb1bae95a4f02a14b5d1676df10166d7fda4e6a053d4e4bf931fe1"}, {"sample": "210708-csyvqths3n", "created": "2021-07-08 16:23:26.362648 +0000 +0000", "kind": "file", "filename": "1.ps1", "tags": "family:metasploit,backdoor,trojan", "score": 10, "sha256": "d8075a607aa9e8f09a2770a087ff105767ef87025c54ba39d1434a8f80694294"}, {"sample": "210708-l8ezvys6bx", "created": "2021-07-08 12:05:50.522774 +0000 +0000", "kind": "file", "filename": "demo.ps1", "tags": "family:metasploit,backdoor,trojan", "score": 10, "sha256": "e6cd2cf77ec5ac2075ac1127d84e8b92fd59d9b8a96fa01f058adbbfd90b607c"}, {"sample": "210708-6192f4ez8j", "created": "2021-07-08 12:02:30.860299 +0000 +0000", "kind": "file", "filename": "demo2.ps1", "tags": "family:metasploit", "score": 10, "sha256": "16d2f3def92818fabfe5923d3f7082489f15a6c9f69af284f06b12b9db36d137"}, {"sample": "210702-4xskdjct2e", "created": "2021-07-02 02:04:08.936251 +0000 +0000", "kind": "file", "filename": "a60b5b60f28039314631f9546b27d9a185e7866c78476cb45a357ca25b75f2c5.ps1", "tags": "family:cobaltstrike,botnet:1359593325,backdoor,trojan", "score": 10, "sha256": "a60b5b60f28039314631f9546b27d9a185e7866c78476cb45a357ca25b75f2c5"}, {"sample": "210701-adpda87yqj", "created": "2021-07-01 22:41:07.640689 +0000 +0000", "kind": "file", "filename": "afjfhfdhfdhjfggh.ps1", "tags": "family:cobaltstrike,botnet:1359593325,backdoor,trojan", "score": 10, "sha256": "a60b5b60f28039314631f9546b27d9a185e7866c78476cb45a357ca25b75f2c5"}, {"sample": "210624-4kspsj872s", "created": "2021-06-24 17:51:03.849695 +0000 +0000", "kind": "file", "filename": "essaie.ps1", "tags": "family:cobaltstrike,backdoor,trojan", "score": 10, "sha256": "fabde6f163561aea31ff66b62a7f417ad6f972c69c1bb4a4424215ae8fc63608"}, {"sample": "210620-s2pxf4373s", "created": "2021-06-20 01:50:46.567808 +0000 +0000", "kind": "file", "filename": "malscript.ps1", "tags": "family:cobaltstrike,botnet:1580103814,backdoor,trojan", "score": 10, "sha256": "cb913bd73adb7725fb304c3c1c483c77c3a3f2eb762fa01ff2ef0618f2287010"}, {"sample": "210619-d522t3tjw2", "created": "2021-06-19 12:54:11.263061 +0000 +0000", "kind": "file", "filename": "temp.ps1", "tags": "family:cobaltstrike,botnet:426352781,backdoor,trojan", "score": 10, "sha256": "e8c249cdd05e1d7366f263a0de0ff5f376eaaa13d29614f835b10f3cabacfcb3"}, {"sample": "210617-6tn8phrvsj", "created": "2021-06-17 14:30:19.467461 +0000 +0000", "kind": "file", "filename": "64bitstageless.ps1", "tags": "family:cobaltstrike,backdoor,trojan", "score": 10, "sha256": "36c900fba09f542b889583a376dee87321e9a036638e8768ae29a54c4eec8b84"}, {"sample": "210615-d716ysjlyx", "created": "2021-06-15 12:33:34.987467 +0000 +0000", "kind": "file", "filename": "1.ps1", "tags": "family:cobaltstrike,botnet:0,backdoor,trojan", "score": 10, "sha256": "a0254738085cfc83f6aa936373d3318dcfd23c5ba57cf2704880f16a371c5cbc"}, {"sample": "210510-xetxf5bevs", "created": "2021-05-10 18:35:35.930415 +0000 +0000", "kind": "file", "filename": "c0810a86dd47aef202a33ba5a19da0aca597ae79af6e3147f4f6676b1abc27c0.ps1", "tags": "family:cobaltstrike,botnet:0,backdoor,trojan", "score": 10, "sha256": "c0810a86dd47aef202a33ba5a19da0aca597ae79af6e3147f4f6676b1abc27c0"}, {"sample": "210415-kyrsdcq5hj", "created": "2021-04-15 13:27:03.16486 +0000 +0000", "kind": "file", "filename": "a.ps1", "tags": "family:cobaltstrike,backdoor,trojan", "score": 10, "sha256": "b916a244d8692b953a601311f07e72800fbe385bddd1d523e0b74d4ab7fab493"}, {"sample": "210408-4v6amhf8tj", "created": "2021-04-08 13:47:52.341175 +0000 +0000", "kind": "file", "filename": "ps.ps1", "tags": "family:cobaltstrike,family:metasploit,backdoor,trojan", "score": 10, "sha256": "da13d7dae599821d0eeb1be8059a8439b9fec27c1de9eb4432dacf0e0302b28a"}, {"sample": "210329-ckl37xrfza", "created": "2021-03-29 09:49:07.30672 +0000 +0000", "kind": "file", "filename": "Search.ps1", "tags": "family:metasploit,backdoor,trojan", "score": 10, "sha256": "79f58aa1efde19014016ac6f1a4e424c742ec744dc0f9fb5d9d1aacae06783ea"}, {"sample": "210314-m5jb4nf3cx", "created": "2021-03-14 16:11:51.289799 +0000 +0000", "kind": "file", "filename": "encoded.ps1", "tags": "family:cobaltstrike,bootkit,ransomware", "score": 10, "sha256": "d61d937205f0fd04cbc5cfed109885582f55ffb944d0021b73115478d8752e00"}, {"sample": "210226-74mlvrtv66", "created": "2021-02-26 04:12:15.927916 +0000 +0000", "kind": "file", "filename": "stage1.ps1", "tags": "family:cobaltstrike,backdoor,trojan", "score": 10, "sha256": "27d2c327bfb0c80b3dcab3d4f0b5936b255d154a90daf4e30103f06e9e02a11c"}, {"sample": "210217-y34e9k7rze", "created": "2021-02-17 11:23:33.88392 +0000 +0000", "kind": "file", "filename": "asdf.ps1", "tags": "family:cobaltstrike,backdoor,trojan", "score": 10, "sha256": "1d231b8d310306a9e444555df0f2765ca1d6e611edcfded7f4690cdc0b407974"}, {"sample": "201116-grr7zq7kge", "created": "2020-11-16 18:19:04.109213 +0000 +0000", "kind": "file", "filename": "moveleiros.ps1", "tags": "family:metasploit", "score": 10, "sha256": "b2713451df80e2dd86d302438c939450567e9d55f0b194c9e7a21d452efc3e0a"}, {"sample": "201109-xrfqrhc25e", "created": "2020-11-09 17:11:43.607057 +0000 +0000", "kind": "file", "filename": "2.ps1", "tags": "family:metasploit,backdoor,trojan", "score": 10, "sha256": "44bc627b03d3cae224c6c7036771562f3808b57c40e6fb38da76860649c98bbc"}, {"sample": "201029-6a8y7z7bcn", "created": "2020-10-29 13:10:50.044592 +0000 +0000", "kind": "file", "filename": "a.ps1", "tags": "family:cobaltstrike", "score": 10, "sha256": "b851fea2c40da58f74c604049f3c95370866d18a640048765e03d6146a85cf3d"}, {"sample": "201023-yr5ddk7m3n", "created": "2020-10-23 15:37:34.207947 +0000 +0000", "kind": "file", "filename": "paste.ps1", "tags": "family:cobaltstrike", "score": 10, "sha256": "9e014fe19e2edcca7c4c7dab9c27441ce70ceea24827842a319c601a0413f7ea"}, {"sample": "201005-pgzwy2qqva", "created": "2020-10-05 14:50:49.193085 +0000 +0000", "kind": "file", "filename": "paste.ps1", "tags": "family:cobaltstrike", "score": 10, "sha256": "9e014fe19e2edcca7c4c7dab9c27441ce70ceea24827842a319c601a0413f7ea"}, {"sample": "200927-xpjd9gjakn", "created": "2020-09-27 06:26:14.019343 +0000 +0000", "kind": "file", "filename": "f0f7591cfaff43886735c836ae06ac7b1108372fdfc837d15ddfab7c658fc2a6.ps1", "tags": "family:metasploit", "score": 10, "sha256": "f0f7591cfaff43886735c836ae06ac7b1108372fdfc837d15ddfab7c658fc2a6"}, {"sample": "200729-hxgpslk9h2", "created": "2020-07-29 11:05:30.398051 +0000 +0000", "kind": "file", "filename": "test.ps1", "tags": "family:metasploit", "score": 10, "sha256": "94726410c62a4baa2df27ac6f31f677378f3efd4b14bea50d08fc7dc72a9a746"}, {"sample": "200402-1qn85kttyj", "created": "2020-04-02 16:09:19.458432 +0000 +0000", "kind": "file", "filename": "v2.ps1", "tags": "family:metasploit", "score": 10, "sha256": "478b50c83333fcce81a972a9cbb724284f89b7e21d38b1c0e63c3b4ab39ee839"}, {"sample": "200402-br6pntad7j", "created": "2020-04-02 16:08:54.558744 +0000 +0000", "kind": "file", "filename": "v1.ps1", "tags": "family:metasploit", "score": 10, "sha256": "4ea48e1297526a8af2adb9a43917df8fba7deba5e03083b710c0be8457095ccf"}, {"sample": "200331-rstc7dsn3j", "created": "2020-03-31 09:32:25.179318 +0000 +0000", "kind": "file", "filename": "ibVaQrqt.ps1", "tags": "family:cobaltstrike", "score": 10, "sha256": "ed57c9ef93a7a6ac8290664e089e5749e97f5e91cd3419d5ad48eb71062f0a8c"}, {"sample": "200331-yd8j9lpq22", "created": "2020-03-31 09:32:12.877429 +0000 +0000", "kind": "file", "filename": "gkFcVwF.ps1", "tags": "family:cobaltstrike", "score": 10, "sha256": "5c3356d8118e93a34e72d6c97b6a29d95788d2052ae4919595e503763a4880df"}, {"sample": "200227-5abl2xryen", "created": "2020-02-27 17:09:24.777749 +0000 +0000", "kind": "file", "filename": "1.ps1", "tags": "family:metasploit", "score": 10, "sha256": "23b98cf8737f39220184f73d01ad9d9be7d9af9e635160d66d9cae7456e1995e"}]}