PowerShell Forensics. Techniques to Gather the Evidence and Tricks from Paula J
Tags
attack-pattern: Data Powershell - T1059.001 Tool - T1588.002 Powershell - T1086
Show in Graph
Common Information
Type Value
UUID 9451ed50-8590-4c79-afb8-334a524588ad
Fingerprint 3641305865a50431
Analysis status DONE
Considered CTI value 0
Text language
Published March 15, 2018, 5 p.m.
Added to db Jan. 18, 2023, 9:25 p.m.
Last updated Nov. 16, 2024, 11:18 a.m.
Headline PowerShell Forensics. Techniques to Gather the Evidence and Tricks
Title PowerShell Forensics. Techniques to Gather the Evidence and Tricks from Paula J
Detected Hints/Tags/Attributes 31/1/9
Source URLs
Redirection Url
Details Source https://cqureacademy.com/blog/forensics/powershell-forensics-session-microsoft-ignite
URL Provider
Details Provider Source level domain
Details cqureacademy.com cqureacademy.com
Attributes
Details Type #Events CTI Value
Details Domain 228 
system.io
Details File 15 
p.exe
Details File 1 
fd.dat
Details File 1 
c:\test.exe
Details File 1 
c:\test2.exe
Details File 5 
test2.exe
Details File 5 
j.txt
Details File 1 
c:\xmft.txt
Details File 1 
x:\wipeme.txt