fdcb3e322b8dde7c299effd302a4292b1b673a2171514333cb14b3df8db6ad2c | Triage

Submit
Reports

Overview

overview

Static

static

DecryptNovo.exe

windows7-x64

DecryptNovo.exe

windows10-2004-x64

Util/__his...pas.js

windows7-x64

1

Util/__his...pas.js

windows10-2004-x64

1

Util/__his...pas.js

windows7-x64

1

Util/__his...pas.js

windows10-2004-x64

1

Util/__his...pas.js

windows7-x64

1

Util/__his...pas.js

windows10-2004-x64

1

Util/__his...pas.js

windows7-x64

1

Util/__his...pas.js

windows10-2004-x64

1

Util/__his...pas.js

windows7-x64

1

Util/__his...pas.js

windows10-2004-x64

1

Util/__his...pas.js

windows7-x64

1

Util/__his...pas.js

windows10-2004-x64

1

Util/__his...pas.js

windows7-x64

1

Util/__his...pas.js

windows10-2004-x64

1

Util/__his...pas.js

windows7-x64

1

Util/__his...pas.js

windows10-2004-x64

1

Util/__his...pas.js

windows7-x64

1

Util/__his...pas.js

windows10-2004-x64

1

Util/__his...pas.js

windows7-x64

1

Util/__his...pas.js

windows10-2004-x64

1

Util/backu...pas.js

windows7-x64

1

Util/backu...pas.js

windows10-2004-x64

1

Util/backu...pas.js

windows7-x64

1

Util/backu...pas.js

windows10-2004-x64

1

Util/backup/uC.js

windows7-x64

1

Util/backup/uC.js

windows10-2004-x64

1

Util/backup/uLib.js

windows7-x64

1

Util/backup/uLib.js

windows10-2004-x64

3

Util/uLib.js

windows7-x64

1

Util/uLib.js

windows10-2004-x64

1

Analysis

max time kernel
139s
max time network
184s
platform
windows10-2004_x64
resource
win10v2004-20230220-en
resource tags

arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
submitted
31-03-2023 11:12

Sharing

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

DecryptNovo.exe

Resource

win7-20230220-en

neshta persistence spyware stealer

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

DecryptNovo.exe

Resource

win10v2004-20230220-en

neshta persistence spyware stealer

windows10-2004-x64

12 signatures

150 seconds

Behavioral task

behavioral3

Sample

Util/__history/uVarC.pas.js

Resource

win7-20230220-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral4

Sample

Util/__history/uVarC.pas.js

Resource

win10v2004-20230220-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral5

Sample

Util/__history/uVarC.pas.js

Resource

win7-20230220-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral6

Sample

Util/__history/uVarC.pas.js

Resource

win10v2004-20230220-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral7

Sample

Util/__history/uVarC.pas.js

Resource

win7-20230220-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral8

Sample

Util/__history/uVarC.pas.js

Resource

win10v2004-20230220-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral9

Sample

Util/__history/uVarC.pas.js

Resource

win7-20230220-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral10

Sample

Util/__history/uVarC.pas.js

Resource

win10v2004-20230220-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral11

Sample

Util/__history/uVarC.pas.js

Resource

win7-20230220-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral12

Sample

Util/__history/uVarC.pas.js

Resource

win10v2004-20230220-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral13

Sample

Util/__history/uVarC.pas.js

Resource

win7-20230220-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral14

Sample

Util/__history/uVarC.pas.js

Resource

win10v2004-20230220-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral15

Sample

Util/__history/uVarC.pas.js

Resource

win7-20230220-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral16

Sample

Util/__history/uVarC.pas.js

Resource

win10v2004-20230220-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral17

Sample

Util/__history/uVarC.pas.js

Resource

win7-20230220-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral18

Sample

Util/__history/uVarC.pas.js

Resource

win10v2004-20230220-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral19

Sample

Util/__history/uVarC.pas.js

Resource

win7-20230220-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral20

Sample

Util/__history/uVarC.pas.js

Resource

win10v2004-20230220-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral21

Sample

Util/__history/uVarC.pas.js

Resource

win7-20230220-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral22

Sample

Util/__history/uVarC.pas.js

Resource

win10v2004-20230220-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral23

Sample

Util/backup/__history/uC.pas.js

Resource

win7-20230220-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral24

Sample

Util/backup/__history/uC.pas.js

Resource

win10v2004-20230221-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral25

Sample

Util/backup/__history/uC.pas.js

Resource

win7-20230220-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral26

Sample

Util/backup/__history/uC.pas.js

Resource

win10v2004-20230220-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral27

Sample

Util/backup/uC.js

Resource

win7-20230220-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral28

Sample

Util/backup/uC.js

Resource

win10v2004-20230220-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral29

Sample

Util/backup/uLib.js

Resource

win7-20230220-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral30

Sample

Util/backup/uLib.js

Resource

win10v2004-20230221-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral31

Sample

Util/uLib.js

Resource

win7-20230220-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral32

Sample

Util/uLib.js

Resource

win10v2004-20230220-en

windows10-2004-x64

0 signatures

150 seconds

Report Analysis Logs

General

Target

Util/backup/uC.js
Size

64KB
MD5

628981f328f6add5baa4a8211bcb96ee
SHA1

118d570a93cfcf150cada30d5a82d4a135a3891d
SHA256

6acd48ca89ad4021dffae0d0a04236cace75a04d95159627cbd5af4159d74dc0
SHA512

8142c0a8597ddda75f58b3ba97070e83776507650494c6090927a07e5d9f6c8f1d5fab73f0cffa875eda75b5ecf53946b6252194aac994e366e3bb1b766e24b0
SSDEEP

768:cgPN76VreKuWFSUY56uVT9GcMG/2Pm0Ojm7:cW64KuW470ujwu08m7

Score

1^/10

Malware Config

Signatures

Processes

C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\Util\backup\uC.js
1⤵
PID:224

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

© 2018-2025

Terms | Privacy