A Detailed Guide on AMSI Bypass - Hacking Articles
Tags
| attack-pattern: | Data Hooking - T1617 Malware - T1587.001 Malware - T1588.001 Powershell - T1059.001 Tool - T1588.002 Hooking - T1179 Powershell - T1086 Scripting - T1064 Hooking Scripting |
Common Information
| Type | Value |
|---|---|
| UUID | b8cd68a6-8776-4c78-8acd-e0b841c87fff |
| Fingerprint | 1480a31229e761d7 |
| Analysis status | DONE |
| Considered CTI value | -2 |
| Text language | |
| Published | April 11, 2022, 8:27 p.m. |
| Added to db | Jan. 18, 2023, 11:21 p.m. |
| Last updated | Nov. 18, 2024, 9:32 a.m. |
| Headline | Hacking Articles |
| Title | A Detailed Guide on AMSI Bypass - Hacking Articles |
| Detected Hints/Tags/Attributes | 47/1/15 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | https://www.hackingarticles.in/a-detailed-guide-on-amsi-bypass/ |
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 3 | amsi.fail |
|
| Details | Domain | 1 | contextis.com |
|
| Details | Domain | 4129 | github.com |
|
| Details | File | 39 | amsi.dll |
|
| Details | File | 1210 | powershell.exe |
|
| Details | File | 1 | demo.ps1 |
|
| Details | File | 1 | amsitrigger.ps1 |
|
| Details | File | 1 | asbbypass.dll |
|
| Details | File | 1 | c:\users\hex\project\asbbypass.dll |
|
| Details | File | 1 | my-am-bypass.ps1 |
|
| Details | File | 1 | am-bp-reflection.ps1 |
|
| Details | File | 1 | nishang.ps1 |
|
| Details | Github username | 4 | cn33liz |
|
| Details | Url | 2 | https://amsi.fail |
|
| Details | Url | 1 | https://github.com/cn33liz/p0wnedshell |