d41c66a9160ce7f0dd0d1360d8b8339a8276fc30215f4623ca88d0efad319346 | Triage

Resubmissions

03-03-2020 15:44

200303-bdsch48nyx 10

03-03-2020 15:10

200303-v6kyhmnnrs 8

Analysis

max time kernel
107s
max time network
115s
platform
windows7_x64
resource
win7v200217
submitted
03-03-2020 15:10

Sharing

General

Target

MSG_986000.vbs
Size

5.2MB
MD5

bb7fbcd342edcef5b43904fe867edc2c
SHA1

a6852667b3de27e6d6eb5820fd2d5267479bdffa
SHA256

d41c66a9160ce7f0dd0d1360d8b8339a8276fc30215f4623ca88d0efad319346
SHA512

2fa2ba7ebf5b624bcd30de80dd49763c1e787cf883ad6ab4a9e5ea286b0a40d4d317b4ba43f5a3e06d869b53f069ce030a793d6a3d7fc0b1e3998a6548253989

Score

8^/10

Malware Config

Signatures

Blacklisted process makes network request 1 IoCs

Processes:

WScript.exe

flow pid process

2 1844 WScript.exe

C:\Windows\System32\WScript.exe
"C:\Windows\System32\WScript.exe" "C:\Users\Admin\AppData\Local\Temp\MSG_986000.vbs"
1⤵
- Blacklisted process makes network request
PID:1844

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1844-0-0x0000000003A20000-0x0000000003A24000-memory.dmp

Filesize
16KB

Download