Analysis

  • max time kernel
    71s
  • max time network
    162s
  • platform
    windows7_x64
  • resource
    win7v20201028
  • submitted
    26-12-2020 20:21

General

  • Target

    0d7dc074be83f1096f39ba95bfc4e1a17c411dbed0e5eeeb48e88a12d79b541c.js

  • Size

    11KB

  • MD5

    2b33321ead1744461759d9c092b3c7d4

  • SHA1

    00f9f9aa1c82a76619489d8930e6edaf1da0a9a4

  • SHA256

    0d7dc074be83f1096f39ba95bfc4e1a17c411dbed0e5eeeb48e88a12d79b541c

  • SHA512

    e5fcf2d8124f168623389d2107cd806abcc8cb8b2c6d7ebce0167f01f086fda53e1c6d68a5dab9fb207e709a7ba9b7f975ca60a793bc8521c037c60aacaa60cd

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • JavaScript code in executable 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\wscript.exe
    wscript.exe C:\Users\Admin\AppData\Local\Temp\0d7dc074be83f1096f39ba95bfc4e1a17c411dbed0e5eeeb48e88a12d79b541c.js
    1⤵
    • Deletes itself
    • Suspicious use of WriteProcessMemory
    PID:1684
    • C:\Windows\System32\cscript.exe
      "C:\Windows\System32\cscript.exe" "C:\Users\Admin\AppData\Local\Microsoft\Credentials\MediaPlayer\VideoManager\media.js"
      2⤵
        PID:1544

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1544-5-0x0000000002450000-0x0000000002454000-memory.dmp

      Filesize

      16KB

    • memory/1684-3-0x0000000002530000-0x0000000002534000-memory.dmp

      Filesize

      16KB