Analysis
-
max time kernel
1799s -
max time network
1800s -
platform
windows10_x64 -
resource
win10v20210408 -
submitted
11-06-2021 01:53
Static task
static1
Behavioral task
behavioral1
Sample
js-beautified-1.js
Resource
win7v20210410
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
js-beautified-1.js
Resource
win10v20210408
0 signatures
0 seconds
General
-
Target
js-beautified-1.js
-
Size
2.0MB
-
MD5
2cf2bd5991c8ac130e2ce7b6abaf6cf5
-
SHA1
e7fb302389722a9ae9c7c156a14299ea67a7d287
-
SHA256
d44707c5cfe6fcfef53df920200eea916de357e8f02fa9847a9d6f0cdcd81511
-
SHA512
49c25fad45a7486a66d83987890d907d4a7f14a4b41d5c375f6a1e9c2025456038c64aac7823f35eac8c687442f53e288a8ae5491407766458affea7a075bbb1
Score
8/10
Malware Config
Signatures
-
Blocklisted process makes network request 64 IoCs
Processes:
wscript.exeflow pid process 9 636 wscript.exe 14 636 wscript.exe 15 636 wscript.exe 16 636 wscript.exe 17 636 wscript.exe 18 636 wscript.exe 20 636 wscript.exe 21 636 wscript.exe 22 636 wscript.exe 23 636 wscript.exe 24 636 wscript.exe 25 636 wscript.exe 27 636 wscript.exe 28 636 wscript.exe 29 636 wscript.exe 30 636 wscript.exe 31 636 wscript.exe 32 636 wscript.exe 34 636 wscript.exe 35 636 wscript.exe 36 636 wscript.exe 43 636 wscript.exe 44 636 wscript.exe 46 636 wscript.exe 47 636 wscript.exe 48 636 wscript.exe 49 636 wscript.exe 51 636 wscript.exe 52 636 wscript.exe 54 636 wscript.exe 55 636 wscript.exe 56 636 wscript.exe 57 636 wscript.exe 58 636 wscript.exe 59 636 wscript.exe 61 636 wscript.exe 62 636 wscript.exe 63 636 wscript.exe 64 636 wscript.exe 65 636 wscript.exe 66 636 wscript.exe 68 636 wscript.exe 69 636 wscript.exe 70 636 wscript.exe 71 636 wscript.exe 72 636 wscript.exe 73 636 wscript.exe 75 636 wscript.exe 76 636 wscript.exe 77 636 wscript.exe 78 636 wscript.exe 79 636 wscript.exe 80 636 wscript.exe 82 636 wscript.exe 83 636 wscript.exe 84 636 wscript.exe 85 636 wscript.exe 86 636 wscript.exe 87 636 wscript.exe 89 636 wscript.exe 90 636 wscript.exe 91 636 wscript.exe 92 636 wscript.exe 93 636 wscript.exe -
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.