Analysis
-
max time kernel
61s -
max time network
123s -
platform
windows10-1703_x64 -
resource
win10-20230220-en -
resource tags
arch:x64arch:x86image:win10-20230220-enlocale:en-usos:windows10-1703-x64system -
submitted
18/04/2023, 17:34
Static task
static1
Behavioral task
behavioral1
Sample
Funds_388416.wsf
Resource
win10-20230220-en
2 signatures
150 seconds
Behavioral task
behavioral2
Sample
Funds_388416.wsf
Resource
win10v2004-20230221-en
5 signatures
150 seconds
General
-
Target
Funds_388416.wsf
-
Size
75KB
-
MD5
2d13f7d27e387cd9443a957ddab5bec9
-
SHA1
d100203ca5021e463a90208188d9aa2cc389b85f
-
SHA256
6593b65557133c5fd101733e4f7ca27f265c2312f36a088d360def48cf6c1c35
-
SHA512
cde5aab10ef6ccca77e9d7b8c89b08310044ac6bc291ff78095c7ba9610f28c677b1568327754c1fe2d583e8f981cd5f1f5ee9bea07fb4726dc8fb6f2d12c98a
-
SSDEEP
1536:SMMmr6MGe+e+gSecKrrHF55wEd9t9Gy7VuYeKAO:SMf6MGeh7SMr1w8l7VuYeKAO
Score
8/10
Malware Config
Signatures
-
Blocklisted process makes network request 3 IoCs
flow pid Process 2 1308 WScript.exe 3 1308 WScript.exe 5 1308 WScript.exe -
Legitimate hosting services abused for malware hosting/C2 1 TTPs