Skip to content

Instantly share code, notes, and snippets.

Created March 30, 2023 08:21
  • Star 2 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
Star You must be signed in to star a gist
What would you like to do?
# Search for ffmpeg.dll in the C drive
$ffmpegFiles = Get-ChildItem -Path "C:\" -Recurse -Filter "ffmpeg.dll" -ErrorAction SilentlyContinue
# Initialize an array to store the hash results
$hashResults = @()
# The target hash to compare with
$targetHash = "7986bbaee8940da11ce089383521ab420c443ab7b15ed42aed91fd31ce833896"
$found = $false
# Calculate the SHA256 hash for each file
foreach ($file in $ffmpegFiles) {
$hash = Get-FileHash -Path $file.FullName -Algorithm SHA256
$status = ""
if ($hash.Hash -eq $targetHash) {
$status = "INFECTED"
$found = $true
$hashResult = New-Object PSObject -Property @{
FileName = $file.FullName
Hash = $hash.Hash
Status = $status
$hashResults += $hashResult
$hashResults | Format-Table -AutoSize
# Display the hash results
if ($found) {
Write-Host "File hash matched for 3CX infection" -ForegroundColor Red -NoNewline
} else {
Write-Host "No matching files found" -ForegroundColor Green -NoNewline
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment