11b3d1564b12934489281250c9a683f076fe10254bfdd7da72307e538838ec56

Analysis

max time kernel
86s
max time network
90s
platform
windows10-1703_x64
resource
win10-20230220-en
resource tags

arch:x64arch:x86image:win10-20230220-enlocale:en-usos:windows10-1703-x64system
submitted
23-03-2023 00:48

Target

11b3d1564b12934489281250c9a683f076fe10254bfdd7da72307e538838ec56.wsf
Size

53KB
MD5

ae25f2104967b2708ac9dba80aac52fd
SHA1

7ac0150b43cbb5eeba9a0f956e1291df6790f3bf
SHA256

11b3d1564b12934489281250c9a683f076fe10254bfdd7da72307e538838ec56
SHA512

d4a7f95631e7eb88fdadbe66d31bf9c7459d0f80ca2c9174952aad42bff6262241b25916e6a089f778990be981a2cf220baa69ad261314247c286397553decca
SSDEEP

768:n9Te2jdcdTeNtu1t/nl8BFWVyeaNhvsbsS:9TVdaeNtuXndH

Score

8^/10

Blocklisted process makes network request 7 IoCs

Processes:

WScript.exe

flow pid process

2 2512 WScript.exe
4 2512 WScript.exe
6 2512 WScript.exe
8 2512 WScript.exe
10 2512 WScript.exe
12 2512 WScript.exe
14 2512 WScript.exe

Script User-Agent 7 IoCs

Uses user-agent string associated with script host/environment.

Processes:

description	flow	ioc
HTTP User-Agent header	4	Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5)
HTTP User-Agent header	6	Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5)
HTTP User-Agent header	8	Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5)
HTTP User-Agent header	10	Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5)
HTTP User-Agent header	12	Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5)
HTTP User-Agent header	14	Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5)
HTTP User-Agent header	2	Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5)

C:\Windows\System32\WScript.exe
"C:\Windows\System32\WScript.exe" "C:\Users\Admin\AppData\Local\Temp\11b3d1564b12934489281250c9a683f076fe10254bfdd7da72307e538838ec56.wsf"
1⤵
- Blocklisted process makes network request
PID:2512

C:\Users\Admin\AppData\Local\Temp\radF3ECC.tmp.dll
Filesize
10B

MD5
7605968e79d0ca095ab1231486d2b814

SHA1
a007b420d19ceefa840f0373e050e3b51a4ab480

SHA256
493fda53120050f85836032324409be6c6484f90a0755ae0c6a673ba7626818b

SHA512
769249da7ed6c6bf5671bbc2371a6453b433226ceb8c4c2aa3604000d66647bcec83dee1ab64c0262fa40f923d77e23bad2c47274d339effc51d904ce77072a6

Download Submit