Malware Analysis Report

2024-11-30 20:55

Sample ID 220818-qmmn5sfaaq
Target 18-Aug-7892746132.zip
SHA256 3900b9213c574231b117b06b5a7cf3426d5c4458d75fa65a2baae7ff60ca6bdf
Tags
score
1/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
1/10

SHA256

3900b9213c574231b117b06b5a7cf3426d5c4458d75fa65a2baae7ff60ca6bdf

Threat Level: No (potentially) malicious behavior was detected

The file 18-Aug-7892746132.zip was found to be: No (potentially) malicious behavior was detected.

Malicious Activity Summary

N/A

MITRE ATT&CK

N/A

Analysis: static1

Detonation Overview

Reported

2022-08-18 13:22

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2022-08-18 13:22

Reported

2022-08-18 13:28

Platform

win10v2004-20220812-en

Max time kernel

161s

Max time network

225s

Command Line

wscript.exe C:\Users\Admin\AppData\Local\Temp\3388d4b4242b1c842cf37a0642566e2eb5ddd8aaac575269082023fc26ac32fa.js

Signatures

N/A

Processes

C:\Windows\system32\wscript.exe

wscript.exe C:\Users\Admin\AppData\Local\Temp\3388d4b4242b1c842cf37a0642566e2eb5ddd8aaac575269082023fc26ac32fa.js

Network

Country Destination Domain Proto
US 93.184.221.240:80 tcp
US 93.184.221.240:80 tcp
US 93.184.221.240:80 tcp
US 20.42.73.24:443 tcp
US 8.252.117.126:80 tcp
US 8.252.117.126:80 tcp
US 8.252.117.126:80 tcp

Files

N/A