Malware Analysis Report

2024-11-30 20:55

Sample ID 220812-w41vzsgdfm
Target 12-Aug-7870526133.zip
SHA256 d977f0e52723587ff0fa31a015acc08a5a068f0659fb137f3ba478a3c0d54f2b
Tags
score
1/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
1/10

SHA256

d977f0e52723587ff0fa31a015acc08a5a068f0659fb137f3ba478a3c0d54f2b

Threat Level: No (potentially) malicious behavior was detected

The file 12-Aug-7870526133.zip was found to be: No (potentially) malicious behavior was detected.

Malicious Activity Summary

N/A

MITRE ATT&CK

N/A

Analysis: static1

Detonation Overview

Reported

2022-08-12 18:29

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2022-08-12 18:29

Reported

2022-08-12 18:34

Platform

win10v2004-20220722-en

Max time kernel

294s

Max time network

298s

Command Line

wscript.exe C:\Users\Admin\AppData\Local\Temp\0ecdb89628298ba1b4c4d8412796033e380c031b60c173af4a7671283ad9bd32.js

Signatures

N/A

Processes

C:\Windows\system32\wscript.exe

wscript.exe C:\Users\Admin\AppData\Local\Temp\0ecdb89628298ba1b4c4d8412796033e380c031b60c173af4a7671283ad9bd32.js

Network

Files

N/A

Analysis: behavioral2

Detonation Overview

Submitted

2022-08-12 18:29

Reported

2022-08-12 18:34

Platform

win10v2004-20220722-en

Max time kernel

226s

Max time network

190s

Command Line

wscript.exe C:\Users\Admin\AppData\Local\Temp\9feceeab5784c8af30fbd62821ac82e5a3f5348fd041b5b61a835650d9b066f4.js

Signatures

N/A

Processes

C:\Windows\system32\wscript.exe

wscript.exe C:\Users\Admin\AppData\Local\Temp\9feceeab5784c8af30fbd62821ac82e5a3f5348fd041b5b61a835650d9b066f4.js

Network

Country Destination Domain Proto
IE 20.50.80.210:443 tcp
US 209.197.3.8:80 tcp
US 8.8.8.8:53 243.11.117.100.in-addr.arpa udp
US 209.197.3.8:80 tcp
US 209.197.3.8:80 tcp
US 209.197.3.8:80 tcp

Files

N/A