Overview

overview

3

Static

static

1

4e90ff05f4...55.vbs

windows7-x64

3

4e90ff05f4...55.vbs

windows10-2004-x64

3

Analysis

  • max time kernel
    0s
  • max time network
    123s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231222-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231222-enlocale:en-usos:windows10-2004-x64system
  • submitted
    26/12/2023, 03:01

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    4e90ff05f46e7142c77a3c192f48d055.vbs

  • Size

    4KB

  • MD5

    4e90ff05f46e7142c77a3c192f48d055

  • SHA1

    3d67ffd79669b83ea05ce86bd51919d9b0f480fb

  • SHA256

    dbcfef7cc480dbb467adb090316db56779b23acd964ccceb06aedadc36f419b9

  • SHA512

    90c8af16f38c5fd2f92dbb72b544bcb2ccc89098f4822ec2292758de7098a6387ab1503b51b51fed8a7cc468d639036e0e27c73be7a809eccd35aaa868573beb

  • SSDEEP

    48:Yk7x/yzVTCABGnWfa4L5aRTDCTZdsZvOvxey+Z7VTCEtWhSgz:DJQVGABXfa4L5aDOOvqxeZ7V+SS

Score
3/10

Malware Config

Signatures

Processes

  • C:\Windows\System32\WScript.exe
    "C:\Windows\System32\WScript.exe" "C:\Users\Admin\AppData\Local\Temp\4e90ff05f46e7142c77a3c192f48d055.vbs"
    1⤵
      PID:828
      • C:\Windows\System32\notepad.exe
        "C:\Windows\System32\notepad.exe" C:\Users\Admin\Desktop\You Have Been Hacked!\Finjan Software Demo.txt
        2⤵
          PID:5116
        • C:\Windows\explorer.exe
          "C:\Windows\explorer.exe" C:\Users\Admin\Desktop\You Have Been Hacked!
          2⤵
            PID:1944
        • C:\Windows\explorer.exe
          C:\Windows\explorer.exe /factory,{75dff2b7-6936-4c06-a8bb-676a7b00b24b} -Embedding
          1⤵
            PID:2920
          • C:\Windows\System32\rundll32.exe
            C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
            1⤵
              PID:1924

            Network

                  MITRE ATT&CK Enterprise v15

                  Replay Monitor

                  Loading Replay Monitor...

                  Downloads

                  • C:\Users\Admin\Desktop\You Have Been Hacked!\Bing.url
                    Filesize

                    208B

                    MD5

                    5d42dddda9951546c9d43f0062c94d39

                    SHA1

                    4af07c23ebb93bad9b96a4279bee29eba46be1ee

                    SHA256

                    e0c0a5a360482b5c5ded8fad5706c4c66f215f527851ad87b31380ef6060696e

                    SHA512

                    291298b4a42b79c4b7a5a80a1a98a39be9530c17a83960c2cf591b86382448cd32b654a00fc28eab4529df333a634bcdc577aef4a3a0a362e528b08f5221beb1

                    Download Submit

                  • C:\Users\Admin\Desktop\You Have Been Hacked!\Finjan Software Demo.txt
                    Filesize

                    719B

                    MD5

                    402d27a35f227d10023f812365225084

                    SHA1

                    f5bc91c7115ef3c6ed8a6e452d869a4456368708

                    SHA256

                    574b95d7889ffebc85fc3cbd9b23e1c6a832cbf42db8d436df3dec98312be8f1

                    SHA512

                    aa2d192bd5126116142d9cea65d4c9a78a92e4471d604d8a3a5135dbaaf4f86ac65bad5b9a055b2249e11425242c5907530ab159911e4732bfd01420d95df277

                    Download Submit