Jump to content

Powershell 7.1 Executing Get-Help -Online detected as Malware.Exploit.Agent

Pioter4

By Pioter4
in Exploit

 Share

Recommended Posts

Pioter4

Pioter4

Posted
Posted

I have installed Powershell 7.1.0 from Github (https://github.com/PowerShell/PowerShell/releases/latest) as instructed by Microsft Documentation (https://docs.microsoft.com/en-us/powershell/scripting/install/installing-powershell-core-on-windows?view=powershell-7.1). I checked the SHA256 hash value provided at the download site and they match with my downloaded file, so download and installation is genuine.

However, everytime I execute a help command with the -online parameter to get the full help malwarebytes treats it as an exploite and shuts powershell terminal. the logfile says "Exploit: 1
Malware.Exploit.Agent - T1055 - Defense Evasion" I even put "C:\Program Files\PowerShell\7\pwsh.exe" into the Allowed list but it still does the same.

Full logfile attached.

Powershell Help -Online Malwarebytes.txt

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.

  I accept