0d7dc074be83f1096f39ba95bfc4e1a17c411dbed0e5eeeb48e88a12d79b541c | Triage

Analysis

max time kernel
135s
max time network
48s
platform
windows10_x64
resource
win10v200430
submitted
07/07/2020, 18:18

Sharing

Report Analysis Logs

General

Target

media.js
Size

11KB
MD5

2b33321ead1744461759d9c092b3c7d4
SHA1

00f9f9aa1c82a76619489d8930e6edaf1da0a9a4
SHA256

0d7dc074be83f1096f39ba95bfc4e1a17c411dbed0e5eeeb48e88a12d79b541c
SHA512

e5fcf2d8124f168623389d2107cd806abcc8cb8b2c6d7ebce0167f01f086fda53e1c6d68a5dab9fb207e709a7ba9b7f975ca60a793bc8521c037c60aacaa60cd

Score

7^/10

Malware Config

Signatures

Deletes itself 1 IoCs

pid	Process
2804	wscript.exe

Suspicious use of WriteProcessMemory 2 IoCs

description	pid	Process	procid_target
PID 2804 wrote to memory of 1348	2804	wscript.exe	68
PID 2804 wrote to memory of 1348	2804	wscript.exe	68

C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\media.js
1⤵
- Deletes itself
- Suspicious use of WriteProcessMemory
PID:2804
- C:\Windows\System32\cscript.exe
  "C:\Windows\System32\cscript.exe" "C:\Users\Admin\AppData\Local\Microsoft\Credentials\MediaPlayer\VideoManager\media.js"
  2⤵
  PID:1348

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads