Overview

overview

10

Static

static

6

0d7dc074be...41c.js

windows7_x64

7

0d7dc074be...41c.js

windows10_x64

7

3b7cd07e87...ce.lnk

windows7_x64

10

3b7cd07e87...ce.lnk

windows10_x64

10

79e21ff914...3c.exe

windows7_x64

1

79e21ff914...3c.exe

windows10_x64

1

83c375dcda...90.lnk

windows7_x64

10

83c375dcda...90.lnk

windows10_x64

10

a81f152a31...5d.exe

windows7_x64

10

a81f152a31...5d.exe

windows10_x64

1

c7cf5c62ec...20.lnk

windows7_x64

10

c7cf5c62ec...20.lnk

windows10_x64

10

db5d09edc2...f1.lnk

windows7_x64

10

db5d09edc2...f1.lnk

windows10_x64

10

e678ec3dbc...2f.exe

windows7_x64

1

e678ec3dbc...2f.exe

windows10_x64

1

f5f79e2169...9e.lnk

windows7_x64

10

f5f79e2169...9e.lnk

windows10_x64

10

Analysis

  • max time kernel
    64s
  • max time network
    103s
  • platform
    windows10_x64
  • resource
    win10v20201028
  • submitted
    26-12-2020 20:21

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    0d7dc074be83f1096f39ba95bfc4e1a17c411dbed0e5eeeb48e88a12d79b541c.js

  • Size

    11KB

  • MD5

    2b33321ead1744461759d9c092b3c7d4

  • SHA1

    00f9f9aa1c82a76619489d8930e6edaf1da0a9a4

  • SHA256

    0d7dc074be83f1096f39ba95bfc4e1a17c411dbed0e5eeeb48e88a12d79b541c

  • SHA512

    e5fcf2d8124f168623389d2107cd806abcc8cb8b2c6d7ebce0167f01f086fda53e1c6d68a5dab9fb207e709a7ba9b7f975ca60a793bc8521c037c60aacaa60cd

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • JavaScript code in executable 1 IoCs
  • Suspicious use of WriteProcessMemory 2 IoCs

Processes

  • C:\Windows\system32\wscript.exe
    wscript.exe C:\Users\Admin\AppData\Local\Temp\0d7dc074be83f1096f39ba95bfc4e1a17c411dbed0e5eeeb48e88a12d79b541c.js
    1⤵
    • Deletes itself
    • Suspicious use of WriteProcessMemory
    PID:652
    • C:\Windows\System32\cscript.exe
      "C:\Windows\System32\cscript.exe" "C:\Users\Admin\AppData\Local\Microsoft\Credentials\MediaPlayer\VideoManager\media.js"
      2⤵
        PID:3944

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\AppData\Local\Microsoft\Credentials\MediaPlayer\VideoManager\media.js
      MD5

      2b33321ead1744461759d9c092b3c7d4

      SHA1

      00f9f9aa1c82a76619489d8930e6edaf1da0a9a4

      SHA256

      0d7dc074be83f1096f39ba95bfc4e1a17c411dbed0e5eeeb48e88a12d79b541c

      SHA512

      e5fcf2d8124f168623389d2107cd806abcc8cb8b2c6d7ebce0167f01f086fda53e1c6d68a5dab9fb207e709a7ba9b7f975ca60a793bc8521c037c60aacaa60cd

      Download Submit
    • memory/3944-2-0x0000000000000000-mapping.dmp
      Download