5add6836e9be4d1dbf9a4f2c47a45c8a821627b1ab2f7b7282122a503783b2e6 | Triage

Analysis

max time kernel
136s
max time network
161s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
13/02/2024, 03:45 UTC

Sharing

Report Analysis Logs

General

Target

98646f12de80e7dd770d47ccd21ce9b1.js
Size

368KB
MD5

98646f12de80e7dd770d47ccd21ce9b1
SHA1

56f3cd696ad33ca21edbeb4e77f466069cd2d3ee
SHA256

5add6836e9be4d1dbf9a4f2c47a45c8a821627b1ab2f7b7282122a503783b2e6
SHA512

5760ba02a6344316c4534ae1e977876bca779db025d10b6bf1683b430e784cc8bbceca15f5facef92c78ace12985009757b268f07289d4019b9299b1508cfb81
SSDEEP

6144:67yndhoOUtcXQN/AClikQnAoTRSTvC38kAiebqDUqZz:6ubstcXA/ACqnAoevC3RXDUqZ

Score

1^/10

Malware Config

Signatures

C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\98646f12de80e7dd770d47ccd21ce9b1.js
1⤵
PID:2304

Network

DNS

241.150.49.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

241.150.49.20.in-addr.arpa

IN PTR

Response
DNS

180.178.17.96.in-addr.arpa

Remote address:

8.8.8.8:53

Request

180.178.17.96.in-addr.arpa

IN PTR

Response

180.178.17.96.in-addr.arpa

IN PTR

a96-17-178-180deploystaticakamaitechnologiescom
DNS

64.159.190.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

64.159.190.20.in-addr.arpa

IN PTR

Response
DNS

95.221.229.192.in-addr.arpa

Remote address:

8.8.8.8:53

Request

95.221.229.192.in-addr.arpa

IN PTR

Response
DNS

217.106.137.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

217.106.137.52.in-addr.arpa

IN PTR

Response
DNS

157.123.68.40.in-addr.arpa

Remote address:

8.8.8.8:53

Request

157.123.68.40.in-addr.arpa

IN PTR

Response
DNS

18.31.95.13.in-addr.arpa

Remote address:

8.8.8.8:53

Request

18.31.95.13.in-addr.arpa

IN PTR

Response
DNS

18.134.221.88.in-addr.arpa

Remote address:

8.8.8.8:53

Request

18.134.221.88.in-addr.arpa

IN PTR

Response

18.134.221.88.in-addr.arpa

IN PTR

a88-221-134-18deploystaticakamaitechnologiescom
DNS

19.229.111.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

19.229.111.52.in-addr.arpa

IN PTR

Response
DNS

200.64.52.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

200.64.52.20.in-addr.arpa

IN PTR

Response
DNS

200.64.52.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

200.64.52.20.in-addr.arpa

IN PTR

No results found

8.8.8.8:53

241.150.49.20.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

241.150.49.20.in-addr.arpa
8.8.8.8:53

180.178.17.96.in-addr.arpa

dns

72 B
137 B
1
1

DNS Request

180.178.17.96.in-addr.arpa
8.8.8.8:53

64.159.190.20.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

64.159.190.20.in-addr.arpa
8.8.8.8:53

95.221.229.192.in-addr.arpa

dns

73 B
144 B
1
1

DNS Request

95.221.229.192.in-addr.arpa
8.8.8.8:53

217.106.137.52.in-addr.arpa

dns

73 B
147 B
1
1

DNS Request

217.106.137.52.in-addr.arpa
8.8.8.8:53

157.123.68.40.in-addr.arpa

dns

72 B
146 B
1
1

DNS Request

157.123.68.40.in-addr.arpa
8.8.8.8:53

18.31.95.13.in-addr.arpa

dns

70 B
144 B
1
1

DNS Request

18.31.95.13.in-addr.arpa
8.8.8.8:53

18.134.221.88.in-addr.arpa

dns

72 B
137 B
1
1

DNS Request

18.134.221.88.in-addr.arpa
8.8.8.8:53

19.229.111.52.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

19.229.111.52.in-addr.arpa
8.8.8.8:53

200.64.52.20.in-addr.arpa

dns

142 B
157 B
2
1

DNS Request

200.64.52.20.in-addr.arpa

DNS Request

200.64.52.20.in-addr.arpa

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads