Overview

overview

10

Static

static

1

be227e817c...8ec.js

windows7-x64

10

be227e817c...8ec.js

windows10-2004-x64

10

Analysis

  • max time kernel
    151s
  • max time network
    153s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    10/03/2024, 08:28

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    be227e817c7ea7e1164524e1932998ec.js

  • Size

    14KB

  • MD5

    be227e817c7ea7e1164524e1932998ec

  • SHA1

    05045a79e59845e07d2b891d92e0eef3438811dc

  • SHA256

    20f546ca891d64c6ffb87d9e44b5a9e5baf70b0587dadb698290670b22728140

  • SHA512

    bfa6ccee30003ed7d212978a4f43acc6476d9d1dde902a8a5484deb84e4a3c69cca3b5125b005fbc824332549788c8c04dd4484397ab55306b75fd7215af9994

  • SSDEEP

    192:kFokl2SlVuauUoSeCGzolayz+hKvagT3Ex0uSGxlRlTaUFYiyv+:kFDl2SIoR+gUOUbr

Score
10/10
evasionpersistence

Malware Config

Signatures

  • Modifies visiblity of hidden/system files in Explorer 2 TTPs 1 IoCs
    evasion
  • Adds Run key to start application 2 TTPs 1 IoCs
    persistence
  • Drops autorun.inf file 1 TTPs 4 IoCs

    Malware can abuse Windows Autorun to spread further via attached volumes.

  • Drops file in System32 directory 2 IoCs
  • Modifies Internet Explorer settings 1 TTPs 2 IoCs
    adwarespyware

Processes

  • C:\Windows\system32\wscript.exe
    wscript.exe C:\Users\Admin\AppData\Local\Temp\be227e817c7ea7e1164524e1932998ec.js
    1⤵
    • Modifies visiblity of hidden/system files in Explorer
    • Adds Run key to start application
    • Drops autorun.inf file
    • Drops file in System32 directory
    • Modifies Internet Explorer settings
    PID:2408
  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=3088 --field-trial-handle=1928,i,13242902252791919845,10377620236057253993,262144 --variations-seed-version /prefetch:8
    1⤵
      PID:1784

    Network

    MITRE ATT&CK Enterprise v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\AutoRun.inf
      Filesize

      916B

      MD5

      743b03be6c8ba73f570665c81c7060fc

      SHA1

      29f17623215fb11a6bffad6eeac845ae7d8322ac

      SHA256

      2988fb5e20318e5ba4f5521c408fb763f2c3f5721159f1047b644eace4bd8d56

      SHA512

      af3738a6b0aaed77929f6139fc6801a6553b38f15ca974f04c29dca1e72ab17362fde02878d4798b31274d6084eb34b6828826c04aec6bd6dc36f4cf95fc6c03

      Download Submit

    • C:\SpaQ - The Novel.html
      Filesize

      830B

      MD5

      4eca63b651269c57e35f7f9f82b7503b

      SHA1

      0a97d594a83c23d9a33ce0c163975f9c0141420f

      SHA256

      cac12dcd2d84f8693f550d3d545f2c3472e1dc4db61a63bf3c829f9fdf67d077

      SHA512

      500fe15a7065def4e75422b146c2850f347dec01df0b35a718d07cf112243d220c671d4494a71dce9c90652fc9e475348e2008fedbbe2b9d9623d9e6fcf22bdb

      Download Submit

    • F:\VirusMwrdy.js
      Filesize

      14KB

      MD5

      be227e817c7ea7e1164524e1932998ec

      SHA1

      05045a79e59845e07d2b891d92e0eef3438811dc

      SHA256

      20f546ca891d64c6ffb87d9e44b5a9e5baf70b0587dadb698290670b22728140

      SHA512

      bfa6ccee30003ed7d212978a4f43acc6476d9d1dde902a8a5484deb84e4a3c69cca3b5125b005fbc824332549788c8c04dd4484397ab55306b75fd7215af9994

      Download Submit