Analysis
-
max time kernel
31s -
max time network
33s -
platform
windows7_x64 -
resource
win7-20230220-en -
resource tags
-
submitted
14/06/2023, 15:57 UTC
General
-
Target
ORDER-23023A_pdf.js
-
Size
7KB
-
MD5
933b4514edd326ee6e30c96cd77d82f9
-
SHA1
6d5cb6a10bb6483f6ceaa704b7ec96afa505ba10
-
SHA256
7322460676a315a08fd2e0a2d3dc6c9d25225fca29d1aa21428bc38354cbbcbe
-
SHA512
551613e20d98d59b1f9d225c57351717094c32a6f47fd8d994863e0e7e834d8e419dfaa41bf80dc7e229102f3b6bcd58cf41bb03562279a20fa689192444822f
-
SSDEEP
96:EPq4bVViLK3Zo7PjEA914wVViC8a4fEVUcx3GNwqEq4S2VViyKLoyrV9RdACUNVL:5jbLLgDzj/KK8AhbhxnC+dTO
Score
8/10
Malware Config
Signatures
-
Blocklisted process makes network request 4 IoCs
Processes
-
C:\Windows\system32\wscript.exewscript.exe C:\Users\Admin\AppData\Local\Temp\ORDER-23023A_pdf.js1⤵
- Blocklisted process makes network request
Network
-
DNSgrapemundo.comRemote address:8.8.8.8:53Requestgrapemundo.comIN AResponsegrapemundo.comIN A103.50.163.157
-
103.50.163.157:443grapemundo.comtls -
103.50.163.157:443grapemundo.comtls
-
103.50.163.157:443grapemundo.comtls
-
103.50.163.157:443grapemundo.com
-
8.8.8.8:53grapemundo.comdns
DNS Request
grapemundo.com
DNS Response
103.50.163.157