Analysis
-
max time kernel
1799s -
max time network
1802s -
platform
windows7_x64 -
resource
win7v20210408 -
submitted
11-06-2021 02:24
Static task
static1
Behavioral task
behavioral1
Sample
js-beautified-1.js
Resource
win7v20210408
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
js-beautified-1.js
Resource
win10v20210410
windows10_x64
0 signatures
0 seconds
General
-
Target
js-beautified-1.js
-
Size
2.0MB
-
MD5
2cf2bd5991c8ac130e2ce7b6abaf6cf5
-
SHA1
e7fb302389722a9ae9c7c156a14299ea67a7d287
-
SHA256
d44707c5cfe6fcfef53df920200eea916de357e8f02fa9847a9d6f0cdcd81511
-
SHA512
49c25fad45a7486a66d83987890d907d4a7f14a4b41d5c375f6a1e9c2025456038c64aac7823f35eac8c687442f53e288a8ae5491407766458affea7a075bbb1
Score
8/10
Malware Config
Signatures
-
Blocklisted process makes network request 64 IoCs
Processes:
wscript.exeflow pid process 4 1948 wscript.exe 5 1948 wscript.exe 6 1948 wscript.exe 7 1948 wscript.exe 8 1948 wscript.exe 9 1948 wscript.exe 11 1948 wscript.exe 12 1948 wscript.exe 13 1948 wscript.exe 14 1948 wscript.exe 15 1948 wscript.exe 16 1948 wscript.exe 18 1948 wscript.exe 19 1948 wscript.exe 21 1948 wscript.exe 22 1948 wscript.exe 23 1948 wscript.exe 24 1948 wscript.exe 25 1948 wscript.exe 26 1948 wscript.exe 28 1948 wscript.exe 29 1948 wscript.exe 30 1948 wscript.exe 31 1948 wscript.exe 32 1948 wscript.exe 34 1948 wscript.exe 35 1948 wscript.exe 36 1948 wscript.exe 37 1948 wscript.exe 38 1948 wscript.exe 39 1948 wscript.exe 41 1948 wscript.exe 42 1948 wscript.exe 43 1948 wscript.exe 44 1948 wscript.exe 45 1948 wscript.exe 46 1948 wscript.exe 48 1948 wscript.exe 49 1948 wscript.exe 50 1948 wscript.exe 51 1948 wscript.exe 52 1948 wscript.exe 53 1948 wscript.exe 55 1948 wscript.exe 56 1948 wscript.exe 57 1948 wscript.exe 58 1948 wscript.exe 59 1948 wscript.exe 60 1948 wscript.exe 62 1948 wscript.exe 63 1948 wscript.exe 64 1948 wscript.exe 65 1948 wscript.exe 66 1948 wscript.exe 67 1948 wscript.exe 69 1948 wscript.exe 70 1948 wscript.exe 71 1948 wscript.exe 73 1948 wscript.exe 74 1948 wscript.exe 75 1948 wscript.exe 77 1948 wscript.exe 78 1948 wscript.exe 79 1948 wscript.exe -
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.