Overview

overview

10

Static

static

Invoi_PDF.lnk

windows7-x64

3

Invoi_PDF.lnk

windows10-2004-x64

3

ricocheted...ted.js

windows7-x64

3

ricocheted...ted.js

windows10-2004-x64

1

ricocheted...rs.cmd

windows7-x64

1

ricocheted...rs.cmd

windows10-2004-x64

1

ricocheted...ys.dll

windows7-x64

10

ricocheted...ys.dll

windows10-2004-x64

10

Analysis

  • max time kernel
    46s
  • max time network
    49s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    26-09-2022 15:08

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ricocheted/detonatorUncaptivated.js

  • Size

    257B

  • MD5

    0e21f3235ba12be75a0d9647157b02f0

  • SHA1

    7204c0dba1683c52fe7894a55a3aa2b48d539dd6

  • SHA256

    6df27729f7696ecc1e9c94dc0ba88facdcd624a70b76ab1094662fdf8c074eef

  • SHA512

    8000b9d8dfb03250e55aa4da2ad3a01e9a520c2231aa3639d3f0f33abebf2544bd82fd507272ea9d72043a6b77b53e9107702936860439a296498560da74789b

Score
3/10

Malware Config

Signatures

Processes

  • C:\Windows\system32\wscript.exe
    wscript.exe C:\Users\Admin\AppData\Local\Temp\ricocheted\detonatorUncaptivated.js
    1⤵
      PID:1680

    Network

    MITRE ATT&CK Matrix ATT&CK v6

    Initial Access

    Execution

    Persistence

    Privilege Escalation

    Defense Evasion

    Credential Access

    Discovery

    System Information Discovery

    1
    T1082

    Lateral Movement

    Collection

    Exfiltration

    Command and Control

    Impact

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1680-54-0x000007FEFB741000-0x000007FEFB743000-memory.dmp
      Filesize

      8KB

      Download