Analysis
-
max time kernel
265s -
max time network
285s -
platform
windows10_x64 -
resource
win10v20201028 -
submitted
22-11-2020 06:28
Errors
Reason
Machine shutdown
General
-
Target
bootstrap.min.js
-
Size
36KB
-
MD5
55093a3d1ac85ac5734e104d4f2de030
-
SHA1
7d6acbbe3b1589d11873954e95e674f178cbaaf7
-
SHA256
abbb8724a9c69848de604e65aad7a5f6ae3fd7ef2c071b84b41b9cabfabbf2a4
-
SHA512
373ae6189df34c585a26e1662026b131352327c08ae7ae1ab5c108ac94deecacd89afa2e3b955682f03caf097eb909edb82118fe73013f32b18878ee7ada9ace
Score
8/10
Malware Config
Signatures
-
Modifies WinLogon to allow AutoLogon 2 TTPs 1 IoCs
Enables rebooting of the machine without requiring login credentials.
-
Modifies data under HKEY_USERS 15 IoCs
-
Suspicious use of SetWindowsHookEx 2 IoCs
Processes
-
C:\Windows\system32\wscript.exewscript.exe C:\Users\Admin\AppData\Local\Temp\bootstrap.min.js1⤵
-
C:\Windows\system32\LogonUI.exe"LogonUI.exe" /flags:0x0 /state0:0xa3ad1855 /state1:0x41c64e6d1⤵
- Modifies WinLogon to allow AutoLogon
- Modifies data under HKEY_USERS
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Matrix ATT&CK v6
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/4800-0-0x000001BFE51A0000-0x000001BFE51A4000-memory.dmpFilesize
16KB