Get-LAPSP.ps1

Description

(SecureWorks) Get-LAPSP.ps1 is a PowerShell script that gathers account information from Active Directory via LDAP. It appears to contain borrowed code and has been run with an obfuscation script such as invoke-obfuscation. LYCEUM deployed this tool via DanBot shortly after gaining initial access to a compromised environment.

Names

Name
Get-LAPSP.ps1

Type

Info stealer

Information

https://www.secureworks.com/blog/lyceum-takes-center-stage-in-middle-east-campaign

Other Information

Uuid

2dd4db5e-ac76-4b66-972f-fdcffa96ec3b

Last Card Change

2020-04-20

Threat Intelligence Garden

Explorer

Get-LAPSP.ps1

Get-LAPSP.ps1

Description

Names

Category

Type

Information

Other Information

Uuid

Last Card Change

Graph View

Table of Contents

Backlinks