Overview

overview

8

Static

static

3

5e94109129...18.exe

windows7-x64

8

5e94109129...18.exe

windows10-2004-x64

8

$PLUGINSDI...ss.dll

windows7-x64

3

$PLUGINSDI...ss.dll

windows10-2004-x64

3

$PLUGINSDIR/nsSCM.dll

windows7-x64

3

$PLUGINSDIR/nsSCM.dll

windows10-2004-x64

3

$PROGRAMFI...4D.exe

windows7-x64

1

$PROGRAMFI...4D.exe

windows10-2004-x64

1

$PROGRAMFI...rv.exe

windows7-x64

1

$PROGRAMFI...rv.exe

windows10-2004-x64

1

$PROGRAMFI...n.html

windows7-x64

1

$PROGRAMFI...n.html

windows10-2004-x64

1

$PROGRAMFI...ack.js

windows7-x64

3

$PROGRAMFI...ack.js

windows10-2004-x64

3

$PROGRAMFI...ent.js

windows7-x64

3

$PROGRAMFI...ent.js

windows10-2004-x64

3

$PROGRAMFI...oud.js

windows7-x64

3

$PROGRAMFI...oud.js

windows10-2004-x64

3

$PROGRAMFI...up.exe

windows7-x64

3

$PROGRAMFI...up.exe

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PROGRAMFI...IE.exe

windows7-x64

1

$PROGRAMFI...IE.exe

windows10-2004-x64

1

$SYSDIR/PAZU.dll

windows7-x64

1

$SYSDIR/PAZU.dll

windows10-2004-x64

1

$SYSDIR/PAZUVista.exe

windows7-x64

1

$SYSDIR/PAZUVista.exe

windows10-2004-x64

1

$SYSDIR/pa...st.exe

windows7-x64

1

$SYSDIR/pa...st.exe

windows10-2004-x64

1

$PROGRAMFI...om.dll

windows7-x64

3

$PROGRAMFI...om.dll

windows10-2004-x64

3

Analysis

  • max time kernel
    140s
  • max time network
    152s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    20-05-2024 10:24

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    $PROGRAMFILES/PAZUƴӡ/js/pazucloud.js

  • Size

    32KB

  • MD5

    ecbeec6a5ad90c0b40791b2a5c6c3af6

  • SHA1

    7201cd7aee832c6a815cdc2b7df399fa545037fd

  • SHA256

    01b73c70a745daf6b6ff99d9eae9da908dfb5c7c5f5acc4a719029e1a30d4070

  • SHA512

    d4dccf480b2f563b3acd471896995538a76cb2dec9d4b17561cbc7c6b9beb11834e37b9ac8c640ecee618fef3b8d0cf89ddb6bf77cfc9f51831c14b26e8f7db7

  • SSDEEP

    384:ww6D8dmZNEErmFWG67/26eEM695ahf3Dos+Uj3+AwaNISaECZQyp9o4B6aXQAy2u:ww6Vp/P9sLl+q+AwcgmKtBDd+

Score
3/10
execution

Malware Config

Signatures

Processes

  • C:\Windows\system32\wscript.exe
    wscript.exe C:\Users\Admin\AppData\Local\Temp\$PROGRAMFILES\PAZUƴӡ\js\pazucloud.js
    1⤵
      PID:536
    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=4136 --field-trial-handle=2744,i,16362475727591565961,3676688664819797550,262144 --variations-seed-version /prefetch:8
      1⤵
        PID:3416

      Network

      MITRE ATT&CK Enterprise v15

      Replay Monitor

      Loading Replay Monitor...

      Downloads