4170eee9b90806ebbf8d971cb8a32450c57e37c15f9b41ac3e028d00d5026b08

Analysis

max time kernel
137s
max time network
140s
platform
windows10-2004_x64
resource
win10v2004-20220812-en
resource tags

arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
submitted
26/10/2022, 14:11

Target

Which_sentence_has_proper_subject-verb_agreement (anx).js
Size

67KB
MD5

95ac0834d857d27397b1d49345eb65aa
SHA1

7b87c2889a068818170906f2942507cb21860b12
SHA256

b6f44ecbe5c48c0ed37b355fb648d47cca8a98a69926fa9ce0bb9fbaa05fbb71
SHA512

e298039132bf5e664988e4c3af430567195f4ddf3bb6c07c241161b08fee57abbd1ac0d76d4c1b9bab84f4d90e2fcb8453a8212e589b52a4f787f8e68eafabaa
SSDEEP

1536:GX4YCmbgywkd2q1ts9ftVtrUFtuaGyUAPPQJ9ZHAGaUX:+Mywkd2qIftVCruarWaUX

Score

8^/10

Blocklisted process makes network request 3 IoCs

Script User-Agent 3 IoCs

Uses user-agent string associated with script host/environment.

description	flow	ioc
HTTP User-Agent header	37	Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5)
HTTP User-Agent header	39	Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5)
HTTP User-Agent header	41	Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5)

C:\Windows\system32\wscript.exe
wscript.exe "C:\Users\Admin\AppData\Local\Temp\Which_sentence_has_proper_subject-verb_agreement (anx).js"
1⤵
- Blocklisted process makes network request
PID:4828