The first thing you should do is analyze the PS1 file in it works. After you get an idea about what happening, right click the link, choose Save link as from the context menu and make sure you save it with the PS1 File (.ps1) file extension. Okay, now we need to import the script into Powershell so we can do our memory dump dance.
Open Power Shell as an Administrator by pressing the Windows Logo Key q and typing: You’ll see a fusillade of security warnings – which is good.
You guys go way back to grade school and used to play in the same sandbox. In minutes he’s disabled your AV program, downloaded an exploitation tool from the internet, executed a powershell script and owned all the accounts that ever logged into your computer.
After downing a few beers you race to the bathroom and your nefarious friend immediately jumps into the drivers seat of your computer.
You can access your account by logging in on the front page of the website https://