04ecc10cab96832c0322cde368ba98b01f2b3b8d5f3677def16ca533028e701b | Triage

Analysis

max time kernel
117s
max time network
122s
platform
windows7_x64
resource
win7-20240508-en
resource tags

arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
submitted
17-05-2024 08:14

Sharing

Report Analysis Logs

General

Target

bahs.us.h/ninja/lib/firewall_options.js
Size

12KB
MD5

3c7bd9e27e4a0d7b19843861f2d3fd59
SHA1

3e3fda2e9a05e3fdb47a6255e540b6dde1a540f2
SHA256

547f54aeeff6a39c33193ada8505c8e88ac65ae53da5aed214a84fe0ae0f67ac
SHA512

6a4257abafe38d6065d01a8eeda12fba5e270a35922b6254990adced04668570f171ee9a06e0ef5edf6acbbed9f5d5671d601c078e6a4653fb41e75a10049ea7
SSDEEP

192:N+z1cZVWSLfGGLIkztDl6lDlO+xWn6QR5F2Y4XSG+kU425sQ9obRh+vFJWBCd:kz1tSjbVso+kF2+r425sQ9obRUvFJGCd

Score

3^/10

execution

Malware Config

Signatures

Command and Scripting Interpreter: JavaScript 1 TTPs
execution

JavaScript
T1059.007

C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\bahs.us.h\ninja\lib\firewall_options.js
1⤵
PID:2928

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads