https://pastein.ru/t/Xp8
Загрузка данных
+==========================================================+
| RANSOMWARE TRIAGE COLLECTOR v1.0.0 |
+==========================================================+
[2026-06-02 12:22:49.065] [INFO] Case ID : triage_ilyavm_20260602_122248
[2026-06-02 12:22:49.092] [INFO] Host : ilyavm
[2026-06-02 12:22:49.097] [INFO] OS : Linux
[2026-06-02 12:22:49.102] [INFO] PS : 7.6.2 (Core)
[2026-06-02 12:22:49.105] [INFO] Admin : True
[2026-06-02 12:22:49.108] [INFO] Output : /home/ilya/Downloads/курсач (2)/курсач/.Output/triage_ilyavm_20260602_122248
[2026-06-02 12:22:49.112] [INFO] Started : 2026-06-02T12:22:48.8384673+03:00
[2026-06-02 12:22:49.121] [OK] ------------------------------------------------------------
[2026-06-02 12:22:49.124] [OK] Step 1/4 - Volatile data (RFC 3227)
[2026-06-02 12:22:49.127] [OK] ------------------------------------------------------------
[2026-06-02 12:22:49.200] [INFO] Module loaded: Collect-Volatile
[2026-06-02 12:22:49.211] [INFO] [volatile] system snapshot...
[2026-06-02 12:22:49.429] [INFO] [volatile] processes...
[2026-06-02 12:22:52.759] [INFO] [volatile] no suspicious processes found
[2026-06-02 12:22:52.763] [INFO] [volatile] network connections...
[2026-06-02 12:22:52.869] [WARN] [volatile] suspicious connections: 1
[2026-06-02 12:22:52.875] [WARN] 192.168.198.129%ens33:68 -> 192.168.198.254:67 [NetworkManager] - non-standard port: 67
[2026-06-02 12:22:52.877] [INFO] [volatile] user sessions...
[2026-06-02 12:22:53.160] [INFO] [volatile] environment variables...
[2026-06-02 12:22:53.191] [OK] Volatile: complete
[2026-06-02 12:22:53.192] [OK] Step completed: Volatile
[2026-06-02 12:22:53.195] [OK] ------------------------------------------------------------
[2026-06-02 12:22:53.197] [OK] Step 2/4 - Network artifacts
[2026-06-02 12:22:53.199] [OK] ------------------------------------------------------------
[2026-06-02 12:22:53.210] [INFO] Module loaded: Collect-Network
[2026-06-02 12:22:53.220] [INFO] [net] DNS cache...
[2026-06-02 12:22:53.324] [INFO] [net] hosts file...
[2026-06-02 12:22:53.351] [WARN] [net] non-default lines in hosts: 6
[2026-06-02 12:22:53.354] [INFO] [net] ARP table...
[2026-06-02 12:22:53.398] [INFO] [net] routing table...
[2026-06-02 12:22:53.449] [INFO] [net] firewall...
[2026-06-02 12:22:53.542] [WARN] [net/fw] iptables empty or unavailable
[2026-06-02 12:22:53.552] [WARN] [net/fw] iptables empty or unavailable - system may be unprotected
[2026-06-02 12:22:53.556] [INFO] [net] network adapters...
[2026-06-02 12:22:53.575] [INFO] [net] IoC matching...
[2026-06-02 12:22:53.585] [INFO] [net] no IoC matches found
[2026-06-02 12:22:53.587] [OK] Network: complete
[2026-06-02 12:22:53.589] [OK] Step completed: Network
[2026-06-02 12:22:53.591] [OK] ------------------------------------------------------------
[2026-06-02 12:22:53.592] [OK] Step 3/4 - File system
[2026-06-02 12:22:53.594] [OK] ------------------------------------------------------------
[2026-06-02 12:22:53.605] [ERROR] ERROR in step 'FileSystem': The running command stopped because the preference variable "ErrorActionPreference" or common parameter is set to Stop: At /home/ilya/Downloads/курсач (2)/курсач/Modules/Collect-FileSystem.psm1:387 char:9
+ }
+ ~
Missing closing ')' in subexpression.
At /home/ilya/Downloads/курсач (2)/курсач/Modules/Collect-FileSystem.psm1:528 char:5
+ }
+ ~
Missing closing ')' in subexpression.
[2026-06-02 12:22:53.607] [ERROR] Stack: at Import-TriageModule, /home/ilya/Downloads/курсач (2)/курсач/Invoke-Triage.ps1: line 188
at <ScriptBlock>, /home/ilya/Downloads/курсач (2)/курсач/Invoke-Triage.ps1: line 444
at Invoke-TriageStep, /home/ilya/Downloads/курсач (2)/курсач/Invoke-Triage.ps1: line 287
at Start-Triage, /home/ilya/Downloads/курсач (2)/курсач/Invoke-Triage.ps1: line 443
at <ScriptBlock>, /home/ilya/Downloads/курсач (2)/курсач/Invoke-Triage.ps1: line 516
[2026-06-02 12:22:53.609] [OK] ------------------------------------------------------------
[2026-06-02 12:22:53.611] [OK] Step 4/4 - System artifacts (Linux)
[2026-06-02 12:22:53.613] [OK] ------------------------------------------------------------
[2026-06-02 12:22:53.625] [ERROR] ERROR in step 'Collect-Linux': The running command stopped because the preference variable "ErrorActionPreference" or common parameter is set to Stop: At /home/ilya/Downloads/курсач (2)/курсач/Modules/Collect-Linux.psm1:654 char:75
+ … FileType = ($fileType -join '') -replace '\s+', ' '
+ ~
Unexpected token ',' in expression or statement.
At /home/ilya/Downloads/курсач (2)/курсач/Modules/Collect-Linux.psm1:650 char:50
+ $found.Add([PSCustomObject]@{
+ ~
Missing closing '}' in statement block or type definition.
At /home/ilya/Downloads/курсач (2)/курсач/Modules/Collect-Linux.psm1:654 char:80
+ … FileType = ($fileType -join '') -replace '\s+', ' '
+ ~
Missing ')' in method call.
At /home/ilya/Downloads/курсач (2)/курсач/Modules/Collect-Linux.psm1:655 char:25
+ SHA256 = (Get-FileHash $ex -Algorithm S …
+ ~~~~~~
Unexpected token 'SHA256' in expression or statement.
At /home/ilya/Downloads/курсач (2)/курсач/Modules/Collect-Linux.psm1:656 char:22
+ })
+ ~
The Try statement is missing its Catch or Finally block.
At /home/ilya/Downloads/курсач (2)/курсач/Modules/Collect-Linux.psm1:643 char:37
+ foreach ($ex in $execs) {
+ ~
Missing closing '}' in statement block or type definition.
At /home/ilya/Downloads/курсач (2)/курсач/Modules/Collect-Linux.psm1:641 char:13
+ try {
+ ~
Missing closing '}' in statement block or type definition.
At /home/ilya/Downloads/курсач (2)/курсач/Modules/Collect-Linux.psm1:639 char:33
+ foreach ($sp in $suspPaths) {
+ ~
Missing closing '}' in statement block or type definition.
At /home/ilya/Downloads/курсач (2)/курсач/Modules/Collect-Linux.psm1:623 char:33
+ function Get-SuspiciousBinaries {
+ ~
Missing closing '}' in statement block or type definition.
At /home/ilya/Downloads/курсач (2)/курсач/Modules/Collect-Linux.psm1:656 char:22
+ })
+ ~
Unexpected token ')' in expression or statement.
Not all parse errors were reported. Correct the reported errors and try again.
[2026-06-02 12:22:53.627] [ERROR] Stack: at Import-TriageModule, /home/ilya/Downloads/курсач (2)/курсач/Invoke-Triage.ps1: line 188
at <ScriptBlock>, /home/ilya/Downloads/курсач (2)/курсач/Invoke-Triage.ps1: line 460
at Invoke-TriageStep, /home/ilya/Downloads/курсач (2)/курсач/Invoke-Triage.ps1: line 287
at Start-Triage, /home/ilya/Downloads/курсач (2)/курсач/Invoke-Triage.ps1: line 459
at <ScriptBlock>, /home/ilya/Downloads/курсач (2)/курсач/Invoke-Triage.ps1: line 516
[2026-06-02 12:22:53.629] [OK] ------------------------------------------------------------
[2026-06-02 12:22:53.631] [OK] Finalization
[2026-06-02 12:22:53.632] [OK] ------------------------------------------------------------
[2026-06-02 12:22:53.674] [OK] Manifest saved: /home/ilya/Downloads/курсач (2)/курсач/.Output/triage_ilyavm_20260602_122248/manifest.json (13 artifacts)
[2026-06-02 12:22:53.683] [INFO] Module loaded: Export-Report
[2026-06-02 12:22:53.688] [INFO] [report] building summary...
[2026-06-02 12:22:53.729] [INFO] [report] generating HTML...
[2026-06-02 12:22:53.763] [WARN] [report] risk: LOW (score: 10)
[2026-06-02 12:22:53.765] [OK] [report] summary.json -> /home/ilya/Downloads/курсач (2)/курсач/.Output/triage_ilyavm_20260602_122248/summary.json
[2026-06-02 12:22:53.767] [OK] [report] report.html -> /home/ilya/Downloads/курсач (2)/курсач/.Output/triage_ilyavm_20260602_122248/report.html
[2026-06-02 12:22:53.873] [INFO] [report] packing: /home/ilya/Downloads/курсач (2)/курсач/.Output/triage_ilyavm_20260602_122248.zip
[2026-06-02 12:22:54.153] [OK] [report] archive: /home/ilya/Downloads/курсач (2)/курсач/.Output/triage_ilyavm_20260602_122248.zip (0.03 MB)
[2026-06-02 12:22:54.158] [OK] [report] SHA256: 4A513E1C58C0A0BB691E35B8964289A78572EF246A38DF3B46660B1BA97AEBFD
[2026-06-02 12:22:54.160] [OK] [report] hash file: /home/ilya/Downloads/курсач (2)/курсач/.Output/triage_ilyavm_20260602_122248.zip.sha256
[2026-06-02 12:22:54.162] [OK] Step completed: Export-Report
[2026-06-02 12:22:54.196] [OK] Manifest saved: /home/ilya/Downloads/курсач (2)/курсач/.Output/triage_ilyavm_20260602_122248/manifest.json (15 artifacts)
[2026-06-02 12:22:54.204] [OK] Duration: 00:00:05
============================================================
RANSOMWARE TRIAGE - COMPLETE
============================================================
Case ID : triage_ilyavm_20260602_122248
Host : ilyavm
OS : Linux
Duration : 00:00:05
Artifacts : 15
Errors : 2
RISK ASSESSMENT
Level : LOW (score: 10/100)
OUTPUT
Dir : /home/ilya/Downloads/курсач (2)/курсач/.Output/triage_ilyavm_20260602_122248
Report : /home/ilya/Downloads/курсач (2)/курсач/.Output/triage_ilyavm_20260602_122248/report.html
Manifest : /home/ilya/Downloads/курсач (2)/курсач/.Output/triage_ilyavm_20260602_122248/manifest.json
Archive : /home/ilya/Downloads/курсач (2)/курсач/.Output/triage_ilyavm_20260602_122248.zip (0 MB)
============================================================
