a8b8711fbbf1e5dc99a765abf44a1b3c543166ad9c483dfdf73af6fe6e5ddc94

Analysis

max time kernel
149s
max time network
153s
platform
windows10-2004_x64
resource
win10v2004-20220901-en
resource tags

arch:x64arch:x86image:win10v2004-20220901-enlocale:en-usos:windows10-2004-x64system
submitted
28/10/2022, 04:05

Target

Which_sentence_has_proper_subject-verb_agreement (qtwx).js
Size

67KB
MD5

2661e2a12f06a1ab24dbb21fc92e4de2
SHA1

ac5294cdbd8de203f6969ab43638dcdbf8677a9d
SHA256

0eb2d337c6b94ce1a0ed91bbecf7629400fc35709aebf9133458093cdce04196
SHA512

d1f4f98d59f883797b65fe360413d0754e0a54fde93965106d144e9db1f459cdaa7ce33c56e4fad8940c74b3359aa8f1a516415871a72c6437158c0652a03450
SSDEEP

1536:o4YEcg5wM+zeNt2ab68trUZ9dMDimaTqePQZ96iAiaUX:L5wM+zePb68CvdM+3maUX

Score

8^/10

Blocklisted process makes network request 3 IoCs

Script User-Agent 3 IoCs

Uses user-agent string associated with script host/environment.

description	flow	ioc
HTTP User-Agent header	31	Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5)
HTTP User-Agent header	33	Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5)
HTTP User-Agent header	35	Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5)

C:\Windows\system32\wscript.exe
wscript.exe "C:\Users\Admin\AppData\Local\Temp\Which_sentence_has_proper_subject-verb_agreement (qtwx).js"
1⤵
- Blocklisted process makes network request
PID:2344