336be3a20ae8a36962ffd26b1ec7fb0ec2274a860dd9423b16ff817d29f1908a

Submit
Reports

Overview

overview

Static

static

samples (2) (4).zip

windows7-x64

samples (2) (4).zip

windows10-2004-x64

10d1a82f3c...61.exe

windows7-x64

10d1a82f3c...61.exe

windows10-2004-x64

133dd26c0a...f0.exe

windows7-x64

133dd26c0a...f0.exe

windows10-2004-x64

1ab3aad04e...7d.exe

windows7-x64

1ab3aad04e...7d.exe

windows10-2004-x64

1ad4c9e3d0...7d.exe

windows7-x64

1ad4c9e3d0...7d.exe

windows10-2004-x64

27cc1f6adc...35.wsf

windows7-x64

27cc1f6adc...35.wsf

windows10-2004-x64

35b7dbc8a3...31.exe

windows7-x64

35b7dbc8a3...31.exe

windows10-2004-x64

3716dc17e9...c6.dll

windows7-x64

3716dc17e9...c6.dll

windows10-2004-x64

5e94c0f064...2e.exe

windows7-x64

5e94c0f064...2e.exe

windows10-2004-x64

70f166f51e...ad.exe

windows7-x64

70f166f51e...ad.exe

windows10-2004-x64

93dc1dee6b...1a.chm

windows7-x64

93dc1dee6b...1a.chm

windows10-2004-x64

a37f77fafa...58.ps1

windows7-x64

a37f77fafa...58.ps1

windows10-2004-x64

b875cc39a6...395.js

windows7-x64

b875cc39a6...395.js

windows10-2004-x64

b906da71fe...be.exe

windows7-x64

b906da71fe...be.exe

windows10-2004-x64

bae7ee765f...c.docm

windows7-x64

bae7ee765f...c.docm

windows10-2004-x64

c3fdcec878...07.exe

windows7-x64

c3fdcec878...07.exe

windows10-2004-x64

Analysis

max time kernel
144s
max time network
151s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
01-01-2024 15:12

Sharing

Copy URL

Twitter E-mail

Static task

static1

macro

2 signatures

Behavioral task

behavioral1

Sample

samples (2) (4).zip

Resource

win7-20231215-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

samples (2) (4).zip

Resource

win10v2004-20231215-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral3

Sample

10d1a82f3c458f2a84c28d6b01cab731904f62a1f0a07c3797aadaad05cf4a61.exe

Resource

win7-20231215-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral4

Sample

10d1a82f3c458f2a84c28d6b01cab731904f62a1f0a07c3797aadaad05cf4a61.exe

Resource

win10v2004-20231222-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral5

Sample

133dd26c0a6bfbbbe309a845d6f0f382345bdb31595474eb57138ea34c4ddbf0.exe

Resource

win7-20231215-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral6

Sample

133dd26c0a6bfbbbe309a845d6f0f382345bdb31595474eb57138ea34c4ddbf0.exe

Resource

win10v2004-20231215-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral7

Sample

1ab3aad04e0eb2c5a15d3e5a576cd3d3e6b1546852ea653cd4369da19a940e7d.exe

Resource

win7-20231129-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral8

Sample

1ab3aad04e0eb2c5a15d3e5a576cd3d3e6b1546852ea653cd4369da19a940e7d.exe

Resource

win10v2004-20231215-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral9

Sample

1ad4c9e3d0e04e7f1e32e196ea1e87ed64237485baab4cfa4b07eed44d4b347d.exe

Resource

win7-20231129-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral10

Sample

1ad4c9e3d0e04e7f1e32e196ea1e87ed64237485baab4cfa4b07eed44d4b347d.exe

Resource

win10v2004-20231215-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral11

Sample

27cc1f6adc3a24ab7dc29c38082e69b0e3993e8a88d91804f88282c240fcac35.wsf

Resource

win7-20231215-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral12

Sample

27cc1f6adc3a24ab7dc29c38082e69b0e3993e8a88d91804f88282c240fcac35.wsf

Resource

win10v2004-20231215-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral13

Sample

35b7dbc8a3f456bdafd02383b8a849a6f5fea5f541b3f0c8502e31c2370e8f31.exe

Resource

win7-20231215-en

ransomware

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral14

Sample

35b7dbc8a3f456bdafd02383b8a849a6f5fea5f541b3f0c8502e31c2370e8f31.exe

Resource

win10v2004-20231215-en

fantom ransomware spyware stealer

windows10-2004-x64

14 signatures

150 seconds

Behavioral task

behavioral15

Sample

3716dc17e97ffefeeec3508acb79e19beda5d030220c070f62309cafc7a3fac6.dll

Resource

win7-20231215-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral16

Sample

3716dc17e97ffefeeec3508acb79e19beda5d030220c070f62309cafc7a3fac6.dll

Resource

win10v2004-20231215-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral17

Sample

5e94c0f064264dffaee5d98e03eaf558c5945475d38162aefc022abc1c4b682e.exe

Resource

win7-20231215-en

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral18

Sample

5e94c0f064264dffaee5d98e03eaf558c5945475d38162aefc022abc1c4b682e.exe

Resource

win10v2004-20231215-en

windows10-2004-x64

4 signatures

150 seconds

Behavioral task

behavioral19

Sample

70f166f51e58ef7651a6e567404c71e499d9c2b6e01fc6ae176fd290e91f3aad.exe

Resource

win7-20231215-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral20

Sample

70f166f51e58ef7651a6e567404c71e499d9c2b6e01fc6ae176fd290e91f3aad.exe

Resource

win10v2004-20231222-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral21

Sample

93dc1dee6b92da2fe38858162e039eb54ce5e109286432cb3a55c06818eff61a.chm

Resource

win7-20231129-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral22

Sample

93dc1dee6b92da2fe38858162e039eb54ce5e109286432cb3a55c06818eff61a.chm

Resource

win10v2004-20231215-en

windows10-2004-x64

5 signatures

150 seconds

Behavioral task

behavioral23

Sample

a37f77fafa3df072332dcf2b15d5d91182b3a1a430912e13320cd6148ca8f458.ps1

Resource

win7-20231215-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral24

Sample

a37f77fafa3df072332dcf2b15d5d91182b3a1a430912e13320cd6148ca8f458.ps1

Resource

win10v2004-20231215-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral25

Sample

b875cc39a6933b5a96ec292403ea2fa59788658f825b7fd0b66bffc1a6b09395.js

Resource

win7-20231215-en

spyware stealer

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral26

Sample

b875cc39a6933b5a96ec292403ea2fa59788658f825b7fd0b66bffc1a6b09395.js

Resource

win10v2004-20231215-en

windows10-2004-x64

4 signatures

150 seconds

Behavioral task

behavioral27

Sample

b906da71fe22e6e987afe2a70b14aa64cbff3b1049e7779db392b542856452be.exe

Resource

win7-20231215-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral28

Sample

b906da71fe22e6e987afe2a70b14aa64cbff3b1049e7779db392b542856452be.exe

Resource

win10v2004-20231215-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral29

Sample

bae7ee765f1ec70ca4a9a734abecca822860c67ed6b42f8bab49ab2b34808eac.docm

Resource

win7-20231215-en

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral30

Sample

bae7ee765f1ec70ca4a9a734abecca822860c67ed6b42f8bab49ab2b34808eac.docm

Resource

win10v2004-20231215-en

windows10-2004-x64

4 signatures

150 seconds

Behavioral task

behavioral31

Sample

c3fdcec878ac032f4bb4c73a8ba9b08dd546e931d6f0f24bf905207501ba0b07.exe

Resource

win7-20231129-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral32

Sample

c3fdcec878ac032f4bb4c73a8ba9b08dd546e931d6f0f24bf905207501ba0b07.exe

Resource

win10v2004-20231215-en

windows10-2004-x64

2 signatures

150 seconds

Report Analysis Logs

General

Target

27cc1f6adc3a24ab7dc29c38082e69b0e3993e8a88d91804f88282c240fcac35.wsf
Size

618B
MD5

a26d073649e0beadc89e3693b5828d4e
SHA1

8ef2c96d6a48f1a4731c9b752ec37c925f9c5e3b
SHA256

27cc1f6adc3a24ab7dc29c38082e69b0e3993e8a88d91804f88282c240fcac35
SHA512

001ab2d3d02df410ed41b7fce30cd51ffbddad4a7523546b8515ca125846b25fa06986a42419f272750f76245cd892fb1a96b4a0a3675aa9f3157f330a32a400

Score

8^/10

Malware Config

Signatures

Blocklisted process makes network request 2 IoCs

flow	pid	Process
19	3692	WScript.exe
42	3692	WScript.exe

Processes

C:\Windows\System32\WScript.exe
"C:\Windows\System32\WScript.exe" "C:\Users\Admin\AppData\Local\Temp\27cc1f6adc3a24ab7dc29c38082e69b0e3993e8a88d91804f88282c240fcac35.wsf"
1⤵
- Blocklisted process makes network request
PID:3692

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads