22abdd10ff3c59e964da9dad771af09be87ac85719b0702ff63ddd5f2fbc3b94 | Triage

Resubmissions

18/10/2022, 18:09

221018-wrfz2sghbn 8

17/10/2022, 19:36

221017-ybehdsdafk 8

14/10/2022, 20:42

221014-zhfvgaedb6 8

14/10/2022, 20:26

221014-y729bsech2 8

Analysis

max time kernel
510s
max time network
440s
platform
windows10-1703_x64
resource
win10-20220812-en
resource tags

arch:x64arch:x86image:win10-20220812-enlocale:en-usos:windows10-1703-x64system
submitted
17/10/2022, 19:36

Sharing

Report Analysis Logs

General

Target

JsSample.js
Size

67KB
MD5

c98cc414b7864a85adbc80ba22fb4a6e
SHA1

5bd51af7cb17ace046cd550ebab510edeec1c7e6
SHA256

22abdd10ff3c59e964da9dad771af09be87ac85719b0702ff63ddd5f2fbc3b94
SHA512

0924c3751c1955423b41ed8c5ce5d149dc247d2ed03860e39d5ca10c6ca1319cba93ddafb83a5b1b2fc0cf8d51cecea4c886317b31e6277dec86bf7fac3e00e8
SSDEEP

1536:n4YlV2fwId2Nte9W2ZtrUNvTJnCv13TuAP1J9EnAwaUX:mfwId2eW2ZCdNCX8aUX

Score

8^/10

Malware Config

Signatures

Blocklisted process makes network request 3 IoCs

flow	pid	Process
7	2760	wscript.exe
9	2760	wscript.exe
11	2760	wscript.exe

Script User-Agent 3 IoCs

Uses user-agent string associated with script host/environment.

description	flow	ioc
HTTP User-Agent header	11	Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5)
HTTP User-Agent header	7	Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5)
HTTP User-Agent header	9	Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5)

C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\JsSample.js
1⤵
- Blocklisted process makes network request
PID:2760

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads