Analysis

  • max time kernel
    116s
  • max time network
    145s
  • platform
    windows7_x64
  • resource
    win7-20221111-en
  • resource tags

    arch:x64arch:x86image:win7-20221111-enlocale:en-usos:windows7-x64system
  • submitted
    28/11/2022, 00:30

General

  • Target

    Untitled_8-OEQ-2019-812.js

  • Size

    95KB

  • MD5

    8c68270dfbcd3b907b6a29c9cd484499

  • SHA1

    971dfafcea7a8b1b26174d429984d2c0a91c1163

  • SHA256

    1e16035f416b56b7d0cdefc0fa398428a625786ff2cbf818c002b0d01cb1ec83

  • SHA512

    8577b063bbd9e3793475e55c2749bf16fcbc147ec35cc5744b3b866df176f15269454121f7ebf87ca387245f47792226e9d44bc081bb3d54ee51a53390f88d70

  • SSDEEP

    1536:lkXOWFbLI9H9YWj6VUwOuJl/lZqSH9OlYQYZ+9XSA5/8UEJpCwm/RP5kiCd/tlZ5:lkXnFnI9H9Vj6VUwOuJl/lZqSH9OlYQc

Score
8/10

Malware Config

Signatures

  • Blocklisted process makes network request 8 IoCs
  • Modifies system certificate store 2 TTPs 6 IoCs

Processes

  • C:\Windows\system32\wscript.exe
    wscript.exe C:\Users\Admin\AppData\Local\Temp\Untitled_8-OEQ-2019-812.js
    1⤵
    • Blocklisted process makes network request
    • Modifies system certificate store
    PID:1792

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1792-55-0x000007FEFB5D1000-0x000007FEFB5D3000-memory.dmp

    Filesize

    8KB