Overview

overview

1

Static

static

1

e0bf920fd8...954.js

windows7-x64

1

e0bf920fd8...954.js

windows10-2004-x64

1

Analysis

  • max time kernel
    145s
  • max time network
    151s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    27/03/2024, 04:17

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    e0bf920fd8349df0e543b4e37eef9954.js

  • Size

    23KB

  • MD5

    e0bf920fd8349df0e543b4e37eef9954

  • SHA1

    4494714967aa6e2f946ad9e7745e6e1de4b2598f

  • SHA256

    60e9ab239372b24232e44058cb8569d5bd79d9364c388edd47844388ed89434d

  • SHA512

    fdea2fb5c84992e530c90e1bc4cde9c8c8247ef707526ebcd3b8f9253b475b28d95dc00fb8020c3f3f7edfc1c086162a376f00c438fad45cf3b7afcb76799221

  • SSDEEP

    384:VkYCw9qQ662t99K9GV9YYmtA69x79t/9DIF/oU9HpCTuwGb/R7Vtv:V0tc2zFAieGV

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Windows\system32\wscript.exe
    wscript.exe C:\Users\Admin\AppData\Local\Temp\e0bf920fd8349df0e543b4e37eef9954.js
    1⤵
      PID:5044
    • C:\Windows\system32\rundll32.exe
      "C:\Windows\system32\rundll32.exe" "C:\Windows\SYSTEM32\EDGEHTML.dll",#141 Microsoft.VCLibs.140.00_8wekyb3d8bbwe
      1⤵
        PID:4916
      • C:\Windows\System32\svchost.exe
        C:\Windows\System32\svchost.exe -k UnistackSvcGroup
        1⤵
        • Suspicious use of AdjustPrivilegeToken
        PID:3224

      Network

            MITRE ATT&CK Matrix

            Replay Monitor

            Loading Replay Monitor...

            Downloads

            • memory/3224-0-0x0000028F79870000-0x0000028F79880000-memory.dmp

              Filesize

              64KB

              Download

            • memory/3224-16-0x0000028F79970000-0x0000028F79980000-memory.dmp

              Filesize

              64KB

              Download

            • memory/3224-32-0x0000028F7DCE0000-0x0000028F7DCE1000-memory.dmp

              Filesize

              4KB

              Download

            • memory/3224-34-0x0000028F7DD10000-0x0000028F7DD11000-memory.dmp

              Filesize

              4KB

              Download

            • memory/3224-35-0x0000028F7DD10000-0x0000028F7DD11000-memory.dmp

              Filesize

              4KB

              Download

            • memory/3224-36-0x0000028F7DE20000-0x0000028F7DE21000-memory.dmp

              Filesize

              4KB

              Download