Analysis
-
max time kernel
1799s -
max time network
1802s -
platform
windows10_x64 -
resource
win10v20210410 -
submitted
11-06-2021 02:24
Static task
static1
Behavioral task
behavioral1
Sample
js-beautified-1.js
Resource
win7v20210408
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
js-beautified-1.js
Resource
win10v20210410
windows10_x64
0 signatures
0 seconds
General
-
Target
js-beautified-1.js
-
Size
2.0MB
-
MD5
2cf2bd5991c8ac130e2ce7b6abaf6cf5
-
SHA1
e7fb302389722a9ae9c7c156a14299ea67a7d287
-
SHA256
d44707c5cfe6fcfef53df920200eea916de357e8f02fa9847a9d6f0cdcd81511
-
SHA512
49c25fad45a7486a66d83987890d907d4a7f14a4b41d5c375f6a1e9c2025456038c64aac7823f35eac8c687442f53e288a8ae5491407766458affea7a075bbb1
Score
8/10
Malware Config
Signatures
-
Blocklisted process makes network request 64 IoCs
Processes:
wscript.exeflow pid process 13 3904 wscript.exe 17 3904 wscript.exe 18 3904 wscript.exe 19 3904 wscript.exe 20 3904 wscript.exe 21 3904 wscript.exe 23 3904 wscript.exe 24 3904 wscript.exe 26 3904 wscript.exe 27 3904 wscript.exe 28 3904 wscript.exe 29 3904 wscript.exe 30 3904 wscript.exe 31 3904 wscript.exe 33 3904 wscript.exe 34 3904 wscript.exe 35 3904 wscript.exe 36 3904 wscript.exe 37 3904 wscript.exe 38 3904 wscript.exe 40 3904 wscript.exe 41 3904 wscript.exe 42 3904 wscript.exe 43 3904 wscript.exe 50 3904 wscript.exe 51 3904 wscript.exe 53 3904 wscript.exe 54 3904 wscript.exe 55 3904 wscript.exe 58 3904 wscript.exe 59 3904 wscript.exe 60 3904 wscript.exe 62 3904 wscript.exe 63 3904 wscript.exe 64 3904 wscript.exe 65 3904 wscript.exe 66 3904 wscript.exe 67 3904 wscript.exe 69 3904 wscript.exe 70 3904 wscript.exe 71 3904 wscript.exe 72 3904 wscript.exe 73 3904 wscript.exe 74 3904 wscript.exe 76 3904 wscript.exe 77 3904 wscript.exe 78 3904 wscript.exe 79 3904 wscript.exe 80 3904 wscript.exe 81 3904 wscript.exe 83 3904 wscript.exe 85 3904 wscript.exe 86 3904 wscript.exe 87 3904 wscript.exe 88 3904 wscript.exe 89 3904 wscript.exe 90 3904 wscript.exe 92 3904 wscript.exe 93 3904 wscript.exe 94 3904 wscript.exe 95 3904 wscript.exe 96 3904 wscript.exe 98 3904 wscript.exe 99 3904 wscript.exe -
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.