9e7e1150a44950c4e0227ee843b51750167e60f57a1a1e93eafdddd973d95c90

Analysis

max time kernel
145s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20240419-en
resource tags

arch:x64arch:x86image:win10v2004-20240419-enlocale:en-usos:windows10-2004-x64system
submitted
01-05-2024 03:06

Target

01052024_0305_Promotion_(PO_3078320)_2024_04_29.js
Size

1.4MB
MD5

bea0edf272ae661cdec8fb350557a776
SHA1

1b204c187effc16ad30c0baa8e1a3bf45fb487a2
SHA256

9e7e1150a44950c4e0227ee843b51750167e60f57a1a1e93eafdddd973d95c90
SHA512

29572355eadad7e46c298971ec517a8a5805575a7654e7070ea929b03297c2700639cacdcc931c9f7af1d7399ee84f6d43ff1b66b6a66c5e43b1e289f4e08cf2
SSDEEP

12288:cixpS0xsV88+YvwCPAtTEmWOFCx4ngiNEXxSHZQPFEfaqNe7znG/PCtZCbhL5GSE:ggFcj6CvG39H5sNWNOlxxTEg

Score

6^/10

Legitimate hosting services abused for malware hosting/C2 1 TTPs 11 IoCs

Web Service

C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\01052024_0305_Promotion_(PO_3078320)_2024_04_29.js
1⤵
PID:1620

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact