799ee58fc6ec4bbb053703ce1c6eeade273e73664eb7638d446bdc2f8a17c5ae | Triage

Analysis

max time kernel
1799s
max time network
1806s
platform
windows7_x64
resource
win7
submitted
08/07/2020, 16:02

Sharing

Report Analysis Logs

General

Target

filefrh1.js
Size

736KB
MD5

fb456ae6d99efd34c2d4c70f22fa9404
SHA1

e6e0ed7f1ce171356563e97a80862d0808e3e670
SHA256

799ee58fc6ec4bbb053703ce1c6eeade273e73664eb7638d446bdc2f8a17c5ae
SHA512

89c88e2de58719ff2dfcc7361cec7cf61171e2c6e82d78800655df9d753a810a73df217da01e38c917250ecbff5ce39ddf462358b2d97105083090b591857d81

Score

8^/10

Malware Config

Signatures

Blacklisted process makes network request 86 IoCs

flow	pid	Process
4	1612	wscript.exe
5	1612	wscript.exe
6	1612	wscript.exe
10	1612	wscript.exe
11	1612	wscript.exe
12	1612	wscript.exe
14	1612	wscript.exe
15	1612	wscript.exe
16	1612	wscript.exe
18	1612	wscript.exe
19	1612	wscript.exe
20	1612	wscript.exe
22	1612	wscript.exe
23	1612	wscript.exe
24	1612	wscript.exe
26	1612	wscript.exe
27	1612	wscript.exe
28	1612	wscript.exe
30	1612	wscript.exe
31	1612	wscript.exe
32	1612	wscript.exe
34	1612	wscript.exe
35	1612	wscript.exe
36	1612	wscript.exe
38	1612	wscript.exe
39	1612	wscript.exe
40	1612	wscript.exe
42	1612	wscript.exe
43	1612	wscript.exe
44	1612	wscript.exe
46	1612	wscript.exe
47	1612	wscript.exe
48	1612	wscript.exe
50	1612	wscript.exe
51	1612	wscript.exe
52	1612	wscript.exe
54	1612	wscript.exe
55	1612	wscript.exe
56	1612	wscript.exe
58	1612	wscript.exe
59	1612	wscript.exe
60	1612	wscript.exe
63	1612	wscript.exe
64	1612	wscript.exe
65	1612	wscript.exe
67	1612	wscript.exe
68	1612	wscript.exe
69	1612	wscript.exe
71	1612	wscript.exe
72	1612	wscript.exe
73	1612	wscript.exe
75	1612	wscript.exe
76	1612	wscript.exe
77	1612	wscript.exe
79	1612	wscript.exe
80	1612	wscript.exe
81	1612	wscript.exe
83	1612	wscript.exe
84	1612	wscript.exe
85	1612	wscript.exe
87	1612	wscript.exe
88	1612	wscript.exe
89	1612	wscript.exe
91	1612	wscript.exe
92	1612	wscript.exe
93	1612	wscript.exe
95	1612	wscript.exe
96	1612	wscript.exe
97	1612	wscript.exe
99	1612	wscript.exe
100	1612	wscript.exe
101	1612	wscript.exe
103	1612	wscript.exe
104	1612	wscript.exe
105	1612	wscript.exe
107	1612	wscript.exe
108	1612	wscript.exe
109	1612	wscript.exe
111	1612	wscript.exe
112	1612	wscript.exe
113	1612	wscript.exe
115	1612	wscript.exe
116	1612	wscript.exe
117	1612	wscript.exe
119	1612	wscript.exe
120	1612	wscript.exe

C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\filefrh1.js
1⤵
- Blacklisted process makes network request
PID:1612

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads