Overview

overview

10

Static

static

Contract.lnk

windows7-x64

3

Contract.lnk

windows10-2004-x64

3

unbelt/fifty.dll

windows7-x64

10

unbelt/fifty.dll

windows10-2004-x64

10

unbelt/pre...ing.js

windows7-x64

3

unbelt/pre...ing.js

windows10-2004-x64

1

unbelt/tic...ly.cmd

windows7-x64

1

unbelt/tic...ly.cmd

windows10-2004-x64

1

Analysis

  • max time kernel
    43s
  • max time network
    46s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    26-09-2022 12:00

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    unbelt/pressurizingFollowing.js

  • Size

    178B

  • MD5

    0788ccab7dbd4bc1255203bcb92b5294

  • SHA1

    47f0435e24c52ac8977be616970fe5b34491e7cf

  • SHA256

    94259efd6a495de885df659739dc28267997983db1bb851b01178f0b2db4e254

  • SHA512

    31bb50b028d72c47dae0dc9e91c1a05eb72d20e0b3346901c352555298b3df6180d2484c34b80294121055d633733d4e58bae774b1d32463cb54eb99cab1365a

Score
3/10

Malware Config

Signatures

Processes

  • C:\Windows\system32\wscript.exe
    wscript.exe C:\Users\Admin\AppData\Local\Temp\unbelt\pressurizingFollowing.js
    1⤵
      PID:1756

    Network

    MITRE ATT&CK Matrix ATT&CK v6

    Initial Access

    Execution

    Persistence

    Privilege Escalation

    Defense Evasion

    Credential Access

    Discovery

    System Information Discovery

    1
    T1082

    Lateral Movement

    Collection

    Exfiltration

    Command and Control

    Impact

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1756-54-0x000007FEFC521000-0x000007FEFC523000-memory.dmp
      Filesize

      8KB

      Download