creator/Anthropic-Cybersecurity-Skills
1
0
Fork 0
mirror of https://github.com/mukul975/Anthropic-Cybersecurity-Skills.git synced 2026-06-11 13:44:56 +03:00
Code Issues Packages Projects Releases Wiki Activity
Files
d5f3fa32486ea335db802d68fe2147fa2da69583
Anthropic-Cybersecurity-Skills/skills/deobfuscating-powershell-obfuscated-malware/assets/template.md
T

67 lines
1.3 KiB
Markdown
Raw Blame History

# PowerShell Deobfuscation Analysis Report
## Report Metadata
| Field | Value |
|-------|-------|
| Report ID | PS-DEOB-YYYY-NNNN |
| Date | YYYY-MM-DD |
| Sample Hash (SHA-256) | |
| Original Filename | |
| Classification | TLP:AMBER |
## Obfuscation Layers Identified
| Layer | Technique | Description |
|-------|-----------|-------------|
| 1 | | |
| 2 | | |
| 3 | | |
## Deobfuscation Results
### Layer-by-Layer Breakdown
| Layer | Input Size | Output Size | Technique Applied |
|-------|-----------|-------------|-------------------|
| 1 | bytes | bytes | |
| 2 | bytes | bytes | |
### Final Deobfuscated Script Summary
- **Total layers removed**:
- **Final script purpose**:
- **Execution method**:
## Extracted IOCs
### URLs
| URL | Purpose |
|-----|---------|
| | Payload download / C2 |
### IP Addresses
| IP | Context |
|----|---------|
| | |
### File System Artifacts
| Path | Action |
|------|--------|
| | Created / Modified / Deleted |
### Registry Keys
| Key | Action |
|-----|--------|
| | Created / Modified |
## Behavioral Analysis
- **Download behavior**:
- **Persistence mechanism**:
- **Evasion techniques**:
- **Payload type**:
## MITRE ATT&CK Mapping
| Technique | ID | Evidence |
|-----------|-----|---------|
| PowerShell | T1059.001 | Script execution |
| Obfuscated Files | T1027 | Multi-layer encoding |
| | | |
Reference in New Issue View Git Blame Copy Permalink