Overview

overview

8

Static

static

3

65975f0ec8...18.exe

windows7-x64

8

65975f0ec8...18.exe

windows10-2004-x64

4

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

Tools/modu...rt.hta

windows7-x64

3

Tools/modu...rt.hta

windows10-2004-x64

3

Tools/run.hta

windows7-x64

8

Tools/run.hta

windows10-2004-x64

1

config.js

windows7-x64

3

config.js

windows10-2004-x64

3

drp.js

windows7-x64

3

drp.js

windows10-2004-x64

3

js/soft.js

windows7-x64

3

js/soft.js

windows10-2004-x64

3

languages/ar.js

windows7-x64

3

languages/ar.js

windows10-2004-x64

3

languages/az.js

windows7-x64

3

languages/az.js

windows10-2004-x64

3

languages/be.js

windows7-x64

3

languages/be.js

windows10-2004-x64

3

languages/bg.js

windows7-x64

3

languages/bg.js

windows10-2004-x64

3

languages/bn.js

windows7-x64

3

languages/bn.js

windows10-2004-x64

3

languages/ca.js

windows7-x64

3

languages/ca.js

windows10-2004-x64

3

languages/cs.js

windows7-x64

3

languages/cs.js

windows10-2004-x64

3

languages/de.js

windows7-x64

3

languages/de.js

windows10-2004-x64

3

languages/el.js

windows7-x64

3

languages/el.js

windows10-2004-x64

3

Analysis

  • max time kernel
    141s
  • max time network
    126s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    22-05-2024 01:52

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    languages/ca.js

  • Size

    56KB

  • MD5

    9ebce00c112dcf5cd8a4770d32dd2f8e

  • SHA1

    f42f7dc35bfdc2cadcd9709de372bf5c35ba163b

  • SHA256

    07df1e3bdb4f6b0d53f9dfe00a3502168accf69695851ac92e3de0c3dc361b1c

  • SHA512

    2154e914b8252a2e956bd46edcd132847cd1ba8303ab95b0544e084522e25a9a227eb94eae5dd5a3cf940420d779dc7abf34aa8e24a050b0ffff322be215a793

  • SSDEEP

    1536:f3eNqTtcpUGwbDuerJ9JmAqmVpPgH8CfWME+s25HBa0vG5+DoQTJamzGom+1+oT6:f3HTQZwXz2amE+pgB

Score
3/10
execution

Malware Config

Signatures

Processes

  • C:\Windows\system32\wscript.exe
    wscript.exe C:\Users\Admin\AppData\Local\Temp\languages\ca.js
    1⤵
      PID:3708

    Network

    MITRE ATT&CK Matrix ATT&CK v13

    Initial Access

    Execution

    Command and Scripting Interpreter

    1
    T1059

    JavaScript

    1
    T1059.007

    Persistence

    Privilege Escalation

    Defense Evasion

    Credential Access

    Discovery

    Lateral Movement

    Collection

    Exfiltration

    Command and Control

    Impact

    Resource Development

    Reconnaissance

    Replay Monitor

    Loading Replay Monitor...

    Downloads