Overview

overview

3

Static

static

1

1a145faafd...b0.vbs

windows7-x64

3

1a145faafd...b0.vbs

windows10-2004-x64

3

Analysis

  • max time kernel
    0s
  • max time network
    127s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    24-12-2023 23:36

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    1a145faafdc6961da0d9540db41fe2b0.vbs

  • Size

    1KB

  • MD5

    1a145faafdc6961da0d9540db41fe2b0

  • SHA1

    0ad6ead393034da73f78db8d3f722e41a5f1afc2

  • SHA256

    bcf2f359860c6662d56a0d94324df671517223ff150a2db35d1b006dbf205664

  • SHA512

    d6420ecf2c62b8f47f3468030bbbe257fe19d72b8095037d5919f9f5b2c5d4d04f959dbb03dbf59e01dcbc98614544a716e1135241eba60c03a5d1b09451bca7

Score
3/10

Malware Config

Signatures

Processes

  • C:\Windows\System32\WScript.exe
    "C:\Windows\System32\WScript.exe" "C:\Users\Admin\AppData\Local\Temp\1a145faafdc6961da0d9540db41fe2b0.vbs"
    1⤵
      PID:2032
      • C:\Windows\System32\cmd.exe
        "C:\Windows\System32\cmd.exe" /c echo Y| cacls "C:\Users\Admin\Desktop\Internet Exploer.f3" /P Everyone:R
        2⤵
          PID:1384
        • C:\Windows\System32\attrib.exe
          "C:\Windows\System32\attrib.exe" "C:\Users\Admin\Desktop\Internet Exploer.f3" +R
          2⤵
          • Views/modifies file attributes
          PID:4784
        • C:\Windows\System32\cmd.exe
          "C:\Windows\System32\cmd.exe" /c echo Y| cacls "C:\Users\Admin\Desktop\СÓÎÏ·.f2" /P Everyone:R
          2⤵
            PID:4604
          • C:\Windows\System32\attrib.exe
            "C:\Windows\System32\attrib.exe" "C:\Users\Admin\Desktop\СÓÎÏ·.f2" +R
            2⤵
            • Views/modifies file attributes
            PID:4232
          • C:\Windows\System32\cmd.exe
            "C:\Windows\System32\cmd.exe" /c echo Y| cacls "C:\Users\Admin\Desktop\Ìͱ¦Íø.ÌؼÛ.f1" /P Everyone:R
            2⤵
              PID:380
            • C:\Windows\System32\attrib.exe
              "C:\Windows\System32\attrib.exe" "C:\Users\Admin\Desktop\Ìͱ¦Íø.ÌؼÛ.f1" +R
              2⤵
              • Views/modifies file attributes
              PID:396
          • C:\Windows\system32\cacls.exe
            cacls "C:\Users\Admin\Desktop\Internet Exploer.f3" /P Everyone:R
            1⤵
              PID:5084
            • C:\Windows\system32\cmd.exe
              C:\Windows\system32\cmd.exe /S /D /c" echo Y"
              1⤵
                PID:3736
              • C:\Windows\system32\cacls.exe
                cacls "C:\Users\Admin\Desktop\СÓÎÏ·.f2" /P Everyone:R
                1⤵
                  PID:3468
                • C:\Windows\system32\cmd.exe
                  C:\Windows\system32\cmd.exe /S /D /c" echo Y"
                  1⤵
                    PID:3464
                  • C:\Windows\system32\cacls.exe
                    cacls "C:\Users\Admin\Desktop\Ìͱ¦Íø.ÌؼÛ.f1" /P Everyone:R
                    1⤵
                      PID:1924
                    • C:\Windows\system32\cmd.exe
                      C:\Windows\system32\cmd.exe /S /D /c" echo Y"
                      1⤵
                        PID:1068

                      Network

                      MITRE ATT&CK Enterprise v15

                      Replay Monitor

                      Loading Replay Monitor...

                      Downloads