Overview

overview

3

Static

static

1

1a145faafd...b0.vbs

windows7-x64

3

1a145faafd...b0.vbs

windows10-2004-x64

3

Analysis

  • max time kernel
    0s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    24-12-2023 23:36

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    1a145faafdc6961da0d9540db41fe2b0.vbs

  • Size

    1KB

  • MD5

    1a145faafdc6961da0d9540db41fe2b0

  • SHA1

    0ad6ead393034da73f78db8d3f722e41a5f1afc2

  • SHA256

    bcf2f359860c6662d56a0d94324df671517223ff150a2db35d1b006dbf205664

  • SHA512

    d6420ecf2c62b8f47f3468030bbbe257fe19d72b8095037d5919f9f5b2c5d4d04f959dbb03dbf59e01dcbc98614544a716e1135241eba60c03a5d1b09451bca7

Score
3/10

Malware Config

Signatures

Processes

  • C:\Windows\System32\WScript.exe
    "C:\Windows\System32\WScript.exe" "C:\Users\Admin\AppData\Local\Temp\1a145faafdc6961da0d9540db41fe2b0.vbs"
    1⤵
      PID:2240
      • C:\Windows\System32\cmd.exe
        "C:\Windows\System32\cmd.exe" /c echo Y| cacls "C:\Users\Admin\Desktop\Internet Exploer.f3" /P Everyone:R
        2⤵
          PID:2592
        • C:\Windows\System32\attrib.exe
          "C:\Windows\System32\attrib.exe" "C:\Users\Admin\Desktop\Internet Exploer.f3" +R
          2⤵
          • Views/modifies file attributes
          PID:2816
        • C:\Windows\System32\cmd.exe
          "C:\Windows\System32\cmd.exe" /c echo Y| cacls "C:\Users\Admin\Desktop\СÓÎÏ·.f2" /P Everyone:R
          2⤵
            PID:1716
          • C:\Windows\System32\attrib.exe
            "C:\Windows\System32\attrib.exe" "C:\Users\Admin\Desktop\СÓÎÏ·.f2" +R
            2⤵
            • Views/modifies file attributes
            PID:3048
          • C:\Windows\System32\cmd.exe
            "C:\Windows\System32\cmd.exe" /c echo Y| cacls "C:\Users\Admin\Desktop\Ìͱ¦Íø.ÌؼÛ.f1" /P Everyone:R
            2⤵
              PID:2988
            • C:\Windows\System32\attrib.exe
              "C:\Windows\System32\attrib.exe" "C:\Users\Admin\Desktop\Ìͱ¦Íø.ÌؼÛ.f1" +R
              2⤵
              • Views/modifies file attributes
              PID:2644
          • C:\Windows\system32\cacls.exe
            cacls "C:\Users\Admin\Desktop\СÓÎÏ·.f2" /P Everyone:R
            1⤵
              PID:2604
            • C:\Windows\system32\cacls.exe
              cacls "C:\Users\Admin\Desktop\Internet Exploer.f3" /P Everyone:R
              1⤵
                PID:2756
              • C:\Windows\system32\cmd.exe
                C:\Windows\system32\cmd.exe /S /D /c" echo Y"
                1⤵
                  PID:2584
                • C:\Windows\system32\cmd.exe
                  C:\Windows\system32\cmd.exe /S /D /c" echo Y"
                  1⤵
                    PID:2904
                  • C:\Windows\system32\cacls.exe
                    cacls "C:\Users\Admin\Desktop\Ìͱ¦Íø.ÌؼÛ.f1" /P Everyone:R
                    1⤵
                      PID:2544
                    • C:\Windows\system32\cmd.exe
                      C:\Windows\system32\cmd.exe /S /D /c" echo Y"
                      1⤵
                        PID:3016

                      Network

                      MITRE ATT&CK Enterprise v15

                      Replay Monitor

                      Loading Replay Monitor...

                      Downloads