Overview

overview

1

Static

static

1

506ab882c2...e94.js

windows7-x64

1

506ab882c2...e94.js

windows10-2004-x64

1

Analysis

  • max time kernel
    148s
  • max time network
    145s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    10/01/2024, 11:18 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    506ab882c29aebc2ade008554b3a9e94.js

  • Size

    265KB

  • MD5

    506ab882c29aebc2ade008554b3a9e94

  • SHA1

    7d72b042c9fae6802b79a8d2d058bd6db79ab3a1

  • SHA256

    da394695f6cafafb0ea0975952fcce9482a26f84fc6bae6a09032b98735fa802

  • SHA512

    86e20521a23edc3cc087728e3adeb648460a8ee596860dc8801ba8a609016b1d543e23c06a7c2c3e06fc12ae1b6a3ae73924b45a9e1ec6dd9419904710952929

  • SSDEEP

    6144:d7yndQM81/rO3XVAi24CLSX9nDYV3IB7l4Xv:du78E3XVAiXCLSGVQ7l4f

Score
1/10

Malware Config

Signatures

Processes

  • C:\Windows\system32\wscript.exe
    wscript.exe C:\Users\Admin\AppData\Local\Temp\506ab882c29aebc2ade008554b3a9e94.js
    1⤵
      PID:1856

    Network

    • flag-us
      DNS
      146.78.124.51.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      146.78.124.51.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      19.177.190.20.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      19.177.190.20.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      95.221.229.192.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      95.221.229.192.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      95.221.229.192.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      95.221.229.192.in-addr.arpa
      IN PTR
    • flag-us
      DNS
      55.36.223.20.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      55.36.223.20.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      241.154.82.20.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      241.154.82.20.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      59.128.231.4.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      59.128.231.4.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      59.128.231.4.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      59.128.231.4.in-addr.arpa
      IN PTR
    • flag-us
      DNS
      0.204.248.87.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      0.204.248.87.in-addr.arpa
      IN PTR
    • flag-us
      DNS
      0.204.248.87.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      0.204.248.87.in-addr.arpa
      IN PTR
    • flag-us
      DNS
      tse1.mm.bing.net
      Remote address:
      8.8.8.8:53
      Request
      tse1.mm.bing.net
      IN A
      Response
      tse1.mm.bing.net
      IN CNAME
      mm-mm.bing.net.trafficmanager.net
      mm-mm.bing.net.trafficmanager.net
      IN CNAME
      dual-a-0001.a-msedge.net
      dual-a-0001.a-msedge.net
      IN A
      204.79.197.200
      dual-a-0001.a-msedge.net
      IN A
      13.107.21.200
    • flag-us
      DNS
      tse1.mm.bing.net
      Remote address:
      8.8.8.8:53
      Request
      tse1.mm.bing.net
      IN A
    • flag-us
      DNS
      211.178.17.96.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      211.178.17.96.in-addr.arpa
      IN PTR
      Response
      211.178.17.96.in-addr.arpa
      IN PTR
      a96-17-178-211deploystaticakamaitechnologiescom
    • 40.127.169.103:443
    • 40.127.169.103:443
    • 40.127.169.103:443
    • 20.3.187.198:443
    • 40.127.169.103:443
    • 20.3.187.198:443
    • 40.127.169.103:443
    • 40.127.169.103:443
    • 88.221.134.18:80
    • 92.123.241.104:80
    • 92.123.241.104:80
    • 20.54.110.119:443
    • 20.3.187.198:443
    • 96.16.110.114:80
    • 88.221.135.217:80
    • 88.221.135.217:80
    • 88.221.135.217:80
    • 88.221.135.217:80
    • 96.17.178.176:80
    • 96.17.178.176:80
    • 88.221.135.217:80
    • 96.17.178.176:80
    • 96.17.178.176:80
    • 88.221.135.217:80
    • 96.17.178.176:80
    • 96.17.178.176:80
    • 88.221.135.88:80
    • 88.221.135.217:80
    • 88.221.135.217:80
    • 88.221.135.217:80
    • 96.17.178.176:80
    • 96.17.178.176:80
    • 20.231.121.79:80
    • 88.221.135.217:80
    • 96.17.178.176:80
    • 96.17.178.176:80
    • 96.17.178.176:80
    • 96.17.178.176:80
    • 96.17.178.176:80
    • 88.221.135.88:80
    • 88.221.135.88:80
    • 88.221.135.88:80
    • 88.221.135.88:80
    • 88.221.135.88:80
    • 88.221.135.88:80
    • 88.221.135.88:80
    • 88.221.135.88:80
    • 88.221.135.88:80
    • 88.221.135.88:80
    • 52.111.227.11:443
    • 88.221.135.88:80
    • 88.221.135.88:80
    • 88.221.135.88:80
    • 88.221.135.88:80
    • 96.16.110.114:80
    • 52.142.223.178:80
      52 B
       1
    • 88.221.135.88:80
    • 88.221.135.88:80
    • 88.221.135.88:80
    • 88.221.135.88:80
    • 88.221.135.88:80
    • 88.221.135.88:80
    • 88.221.135.88:80
    • 88.221.135.88:80
    • 88.221.135.88:80
    • 88.221.135.88:80
      138 B
       2.4kB
       3
      2
    • 96.16.110.114:80
    • 204.79.197.200:443
      tse1.mm.bing.net
      tls
      2.4kB
       59.5kB
       47
      46
    • 204.79.197.200:443
      tse1.mm.bing.net
      tls
      615 B
       7.6kB
       9
      8
    • 204.79.197.200:443
      tse1.mm.bing.net
      tls
      615 B
       7.6kB
       9
      8
    • 204.79.197.200:443
      tse1.mm.bing.net
      tls
      615 B
       7.6kB
       9
      8
    • 204.79.197.200:443
      tse1.mm.bing.net
      tls
      615 B
       7.6kB
       9
      8
    • 20.3.187.198:443
      tls
      2.5kB
       1.9kB
       6
      6
    • 88.221.135.217:80
    • 88.221.135.217:80
    • 96.17.178.211:80
    • 96.17.178.211:80
    • 96.17.178.211:80
    • 96.17.178.211:80
    • 88.221.135.217:80
    • 88.221.135.217:80
    • 96.17.178.211:80
    • 96.17.178.211:80
    • 96.17.178.211:80
    • 88.221.135.217:80
    • 88.221.135.217:80
    • 96.17.178.211:80
    • 96.17.178.211:80
    • 96.17.178.211:80
    • 20.3.187.198:443
      tls, https
      282 B
       2.8kB
       6
      4
    • 96.17.178.211:80
    • 96.17.178.211:80
    • 88.221.135.217:80
    • 88.221.135.217:80
    • 96.17.178.211:80
    • 88.221.135.217:80
    • 96.17.178.211:80
    • 96.17.178.211:80
    • 96.17.178.211:80
    • 40.79.189.59:443
    • 96.17.178.211:80
    • 96.17.178.211:80
    • 192.229.221.95:80
    • 96.17.178.211:80
    • 96.17.178.211:80
    • 96.17.178.211:80
    • 96.17.178.211:80
    • 8.8.8.8:53
      146.78.124.51.in-addr.arpa
      dns
      72 B
       158 B
       1
      1

      DNS Request

      146.78.124.51.in-addr.arpa

    • 8.8.8.8:53
      19.177.190.20.in-addr.arpa
      dns
      72 B
       158 B
       1
      1

      DNS Request

      19.177.190.20.in-addr.arpa

    • 8.8.8.8:53
      95.221.229.192.in-addr.arpa
      dns
      146 B
       144 B
       2
      1

      DNS Request

      95.221.229.192.in-addr.arpa

      DNS Request

      95.221.229.192.in-addr.arpa

    • 8.8.8.8:53
      55.36.223.20.in-addr.arpa
      dns
      71 B
       157 B
       1
      1

      DNS Request

      55.36.223.20.in-addr.arpa

    • 8.8.8.8:53
      241.154.82.20.in-addr.arpa
      dns
      72 B
       158 B
       1
      1

      DNS Request

      241.154.82.20.in-addr.arpa

    • 8.8.8.8:53
      59.128.231.4.in-addr.arpa
      dns
      142 B
       157 B
       2
      1

      DNS Request

      59.128.231.4.in-addr.arpa

      DNS Request

      59.128.231.4.in-addr.arpa

    • 8.8.8.8:53
    • 8.8.8.8:53
    • 8.8.8.8:53
    • 8.8.8.8:53
    • 8.8.8.8:53
    • 8.8.8.8:53
    • 8.8.8.8:53
    • 8.8.8.8:53
    • 8.8.8.8:53
    • 8.8.8.8:53
    • 8.8.8.8:53
    • 8.8.8.8:53
    • 8.8.8.8:53
    • 8.8.8.8:53
    • 8.8.8.8:53
    • 8.8.8.8:53
    • 8.8.8.8:53
    • 8.8.8.8:53
    • 8.8.8.8:53
    • 8.8.8.8:53
    • 8.8.8.8:53
    • 8.8.8.8:53
    • 8.8.8.8:53
    • 8.8.8.8:53
    • 8.8.8.8:53
    • 8.8.8.8:53
    • 8.8.8.8:53
    • 8.8.8.8:53
    • 8.8.8.8:53
    • 8.8.8.8:53
      0.204.248.87.in-addr.arpa
      dns
      142 B
       2

      DNS Request

      0.204.248.87.in-addr.arpa

      DNS Request

      0.204.248.87.in-addr.arpa

    • 8.8.8.8:53
    • 8.8.8.8:53
    • 8.8.8.8:53
      tse1.mm.bing.net
      dns
      124 B
       173 B
       2
      1

      DNS Request

      tse1.mm.bing.net

      DNS Request

      tse1.mm.bing.net

      DNS Response

      204.79.197.200
      13.107.21.200

    • 8.8.8.8:53
    • 8.8.8.8:53
    • 8.8.8.8:53
    • 8.8.8.8:53
      211.178.17.96.in-addr.arpa
      dns
      72 B
       137 B
       1
      1

      DNS Request

      211.178.17.96.in-addr.arpa

    • 8.8.8.8:53
    • 8.8.8.8:53

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    We care about your privacy.

    This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.