Overview

overview

1

Static

static

1

user.js

windows7-x64

1

user.js

windows10-2004-x64

1

Analysis

  • max time kernel
    19s
  • max time network
    21s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230221-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230221-enlocale:en-usos:windows10-2004-x64system
  • submitted
    06/05/2023, 11:25 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    user.js

  • Size

    74KB

  • MD5

    32b22f20ba4ac3c9ac419243e6b57488

  • SHA1

    dc304acf212e56afdeba2f17c25fd7c5531a1d3e

  • SHA256

    b1993c3804c319528ab3ea0e0fde9234381c8d66a8ef6f8df7c00bd5c3b2e019

  • SHA512

    e305d6d7d8ff4b1387f33e952a76de32758ef3842e4f0d312db5162daf345717019cc79f9c53bc3b9133a43ddfd26ba376d8723aec0177e0ef157b2e775e0fd1

  • SSDEEP

    1536:2hXg6WsEw0L/9kumweO8RvL6HsLWKU4MoHO/a3xGqRbN:2GP/L9VmweTRvmMaHoxbN

Score
1/10

Malware Config

Signatures

Processes

  • C:\Windows\system32\wscript.exe
    wscript.exe C:\Users\Admin\AppData\Local\Temp\user.js
    1⤵
      PID:4124

    Network

    • flag-us
      DNS
      209.205.72.20.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      209.205.72.20.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      0.159.190.20.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      0.159.190.20.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      95.221.229.192.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      95.221.229.192.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      133.211.185.52.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      133.211.185.52.in-addr.arpa
      IN PTR
      Response
    • 93.184.221.240:80
      208 B
       4
    • 8.8.8.8:53
      209.205.72.20.in-addr.arpa
      dns
      72 B
       158 B
       1
      1

      DNS Request

      209.205.72.20.in-addr.arpa

    • 8.8.8.8:53
      0.159.190.20.in-addr.arpa
      dns
      71 B
       157 B
       1
      1

      DNS Request

      0.159.190.20.in-addr.arpa

    • 8.8.8.8:53
      95.221.229.192.in-addr.arpa
      dns
      73 B
       144 B
       1
      1

      DNS Request

      95.221.229.192.in-addr.arpa

    • 8.8.8.8:53
      133.211.185.52.in-addr.arpa
      dns
      73 B
       147 B
       1
      1

      DNS Request

      133.211.185.52.in-addr.arpa

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    We care about your privacy.

    This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.