HIGH Script Activity - 3810243403

Prevented (Blocked) ID: #373 | Detected: 2026-01-01 06:41:28 | Malware
View Incident Back
Alert Overview

Malicious script engine activity

Unclassified
XDR Agent
New
DS:PANW/XDR Agent DOM:Security
Host Information
dwshin
172.27.1.39
dwshin
c6295532ef1e41f091e6a73ea66f6100
5c:b4:7e:be:8e:58
Process Information Process Execution
Actor Process (Executor)
Process Name WindowsTerminal.exe
Path C:\Program Files\WindowsApps\Microsoft.WindowsTerminal_1.23.13503.0_x64__8wekyb3d8bbwe\WindowsTerminal.exe
PID 2608
SHA256 aba55eb3398b290ebd93ae83b34a9e51d6b5763ac8c0172b39e8a4b6f53b9f8d VT
MD5 c981ce8e4ad1d6cf0719d54b7d94b7d2
Signature Microsoft Corporation N/A 
"C:\Program Files\WindowsApps\Microsoft.WindowsTerminal_1.23.13503.0_x64__8wekyb3d8bbwe\WindowsTerminal.exe"
MITRE ATT&CK Mapping
TA0004 - Privilege Escalation TA0002 - Execution TA0003 - Persistence
T1053.005 - Scheduled Task/Job: Scheduled Task
Quick Actions
View Related Incident View Endpoint Check Hash on VirusTotal Back to Alerts
Severity Analysis
HIGH

High priority investigation needed

Summary
Events 1
IP Addresses 1
Tags 2
File Artifacts Yes
Network Artifacts No
Registry Artifacts No
Analyst Verdict