Overview

overview

10

Static

static

1

279ba39874...659.js

windows7-x64

10

279ba39874...659.js

windows10-2004-x64

7

Analysis

  • max time kernel
    0s
  • max time network
    135s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    31-12-2023 04:10

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    279ba39874bda6eba21ce2ec81361659.js

  • Size

    201KB

  • MD5

    279ba39874bda6eba21ce2ec81361659

  • SHA1

    4d44cefbfce10930858e8a0f9ee8510e27152dcf

  • SHA256

    2e60c3ba7e545ebb75f91c51b085be7b61d34374f178f9bca45e96624727dc9b

  • SHA512

    aba2055963cab29261df5d14386235ea53535ccc6b58485d8a9758fb171deb84f7034deb38c8f209d80a15584bc2cf252edf62b956e70a09614abf00d536aa42

  • SSDEEP

    3072:GIUkZFN8yRu8pXSn77+oFyLELt0GV3hfQYPGUba:fFN7Fi77rFeC+weYP+

Score
7/10
discovery

Malware Config

Signatures

Processes

  • C:\Windows\system32\wscript.exe
    wscript.exe C:\Users\Admin\AppData\Local\Temp\279ba39874bda6eba21ce2ec81361659.js
    1⤵
      PID:3632
      • C:\Program Files\Java\jre-1.8\bin\javaw.exe
        "C:\Program Files\Java\jre-1.8\bin\javaw.exe" -jar "C:\Users\Admin\AppData\Roaming\mgesgvab.txt"
        2⤵
          PID:4476
          • C:\Windows\system32\icacls.exe
            C:\Windows\system32\icacls.exe C:\ProgramData\Oracle\Java\.oracle_jre_usage /grant "everyone":(OI)(CI)M
            3⤵
            • Modifies file permissions
            PID:4568
        • C:\Windows\System32\WScript.exe
          "C:\Windows\System32\WScript.exe" "C:\Users\Admin\AppData\Roaming\RQJrwUperv.js"
          2⤵
            PID:3276

        Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • memory/4476-11-0x000001AE44310000-0x000001AE45310000-memory.dmp

          Filesize

          16.0MB

          Download

        • memory/4476-23-0x000001AE44310000-0x000001AE45310000-memory.dmp

          Filesize

          16.0MB

          Download

        • memory/4476-25-0x000001AE442F0000-0x000001AE442F1000-memory.dmp

          Filesize

          4KB

          Download

        • memory/4476-35-0x000001AE442F0000-0x000001AE442F1000-memory.dmp

          Filesize

          4KB

          Download

        • memory/4476-36-0x000001AE44310000-0x000001AE45310000-memory.dmp

          Filesize

          16.0MB

          Download

        • memory/4476-40-0x000001AE442F0000-0x000001AE442F1000-memory.dmp

          Filesize

          4KB

          Download

        • memory/4476-45-0x000001AE44310000-0x000001AE45310000-memory.dmp

          Filesize

          16.0MB

          Download

        • memory/4476-48-0x000001AE44600000-0x000001AE44610000-memory.dmp

          Filesize

          64KB

          Download

        • memory/4476-50-0x000001AE445D0000-0x000001AE445E0000-memory.dmp

          Filesize

          64KB

          Download

        • memory/4476-51-0x000001AE44310000-0x000001AE45310000-memory.dmp

          Filesize

          16.0MB

          Download

        • memory/4476-53-0x000001AE445F0000-0x000001AE44600000-memory.dmp

          Filesize

          64KB

          Download

        • memory/4476-54-0x000001AE44620000-0x000001AE44630000-memory.dmp

          Filesize

          64KB

          Download

        • memory/4476-56-0x000001AE44310000-0x000001AE45310000-memory.dmp

          Filesize

          16.0MB

          Download

        • memory/4476-58-0x000001AE44650000-0x000001AE44660000-memory.dmp

          Filesize

          64KB

          Download

        • memory/4476-57-0x000001AE44640000-0x000001AE44650000-memory.dmp

          Filesize

          64KB

          Download

        • memory/4476-55-0x000001AE44630000-0x000001AE44640000-memory.dmp

          Filesize

          64KB

          Download

        • memory/4476-52-0x000001AE445E0000-0x000001AE445F0000-memory.dmp

          Filesize

          64KB

          Download

        • memory/4476-49-0x000001AE44660000-0x000001AE44670000-memory.dmp

          Filesize

          64KB

          Download

        • memory/4476-47-0x000001AE44590000-0x000001AE445A0000-memory.dmp

          Filesize

          64KB

          Download