fdbf0910b0fe6789127ebaa50b6eb66f30e59637b7f19934c04b3948ca4a08a0

Analysis

max time kernel
120s
max time network
123s
platform
windows7_x64
resource
win7-20240508-en
resource tags

arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
submitted
22/05/2024, 18:35

Target

DOC_50456910506US_Apr_25_2019.js
Size

45KB
MD5

d1169822d6aa5ff8a784ea6e391744d3
SHA1

d533166a1ae3fd37557180b202e6362143ead94e
SHA256

582938eafb9954ac94a8c9c2769a82e7e029a82ee5695bb8c9bf22e7b0fe00cb
SHA512

19c0ddf8c52c1bc9be22436d3e317ae074dbacc9d327378e2bb5c4e08334902eb4dd2f6da44ebdc70c8ae93cad1daaf5f22cc03657ee865f655f7842eb7f49d4
SSDEEP

768:MNLjj5wkMrE1VZc3gBQRa9uaOribNhapSDk9zA25a7poABCpU6iKka5CS82SIwBr:MNLjj5wzrE1VZZQRalOr8Nh4SDkHk7Wc

Score

8^/10

execution

Blocklisted process makes network request 7 IoCs

Command and Scripting Interpreter: JavaScript 1 TTPs
execution

JavaScript
T1059.007

C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\DOC_50456910506US_Apr_25_2019.js
1⤵
- Blocklisted process makes network request
PID:1736

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact