Overview

overview

7

Static

static

3

662ce2779a...5c.exe

windows7-x64

7

662ce2779a...5c.exe

windows10-2004-x64

7

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...fo.dll

windows7-x64

3

$PLUGINSDI...fo.dll

windows10-2004-x64

3

$PLUGINSDI...gs.dll

windows7-x64

3

$PLUGINSDI...gs.dll

windows10-2004-x64

3

ANRITSU CO...NT.rtf

windows7-x64

4

ANRITSU CO...NT.rtf

windows10-2004-x64

1

BackendModels.dll

windows7-x64

1

BackendModels.dll

windows10-2004-x64

1

FreeImageNET.dll

windows7-x64

1

FreeImageNET.dll

windows10-2004-x64

1

MapStore.dll

windows7-x64

1

MapStore.dll

windows10-2004-x64

1

MapStoreViewer.exe

windows7-x64

3

MapStoreViewer.exe

windows10-2004-x64

3

Newtonsoft.Json.dll

windows7-x64

1

Newtonsoft.Json.dll

windows10-2004-x64

1

Resources/...mon.js

windows7-x64

3

Resources/...mon.js

windows10-2004-x64

3

Resources/...age.js

windows7-x64

3

Resources/...age.js

windows10-2004-x64

3

Resources/...eak.js

windows7-x64

3

Resources/...eak.js

windows10-2004-x64

3

Resources/...ata.js

windows7-x64

3

Resources/...ata.js

windows10-2004-x64

3

Resources/...h.html

windows7-x64

1

Resources/...h.html

windows10-2004-x64

1

Resources/...h.html

windows7-x64

1

Resources/...h.html

windows10-2004-x64

1

Analysis

  • max time kernel
    121s
  • max time network
    125s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    23-05-2024 01:35

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Resources/connect/scripts/unidata.js

  • Size

    49KB

  • MD5

    dbb102bf852e21323945d3d9e9084bc7

  • SHA1

    23d4790838b1aae6c08b1f36c3c24eee17a4539f

  • SHA256

    b2ad978d1772a8e3acb41e02c6e5db1460dca409544f7537dec59ba0d3f26206

  • SHA512

    ef9abfae27f308c31c17426104145f039a66f21289838592a4945aa14f112701e445b7df2cca3aafc9a564ce4408eb2e89b9cd104d43702d0a0cb99d3f30ea49

  • SSDEEP

    192:L7TSIGsYtJ4j3NHZhhuhtU1UrKdzWgxR/rlpxO8T9BP5LnZ93WWeTMGbxw8cPDi7:L72P2tQyl93WWyFvfHw0MZdM7ySj/J

Score
3/10
execution

Malware Config

Signatures

Processes

  • C:\Windows\system32\wscript.exe
    wscript.exe C:\Users\Admin\AppData\Local\Temp\Resources\connect\scripts\unidata.js
    1⤵
      PID:1956

    Network

    MITRE ATT&CK Matrix ATT&CK v13

    Initial Access

    Execution

    Command and Scripting Interpreter

    1
    T1059

    JavaScript

    1
    T1059.007

    Persistence

    Privilege Escalation

    Defense Evasion

    Credential Access

    Discovery

    Lateral Movement

    Collection

    Exfiltration

    Command and Control

    Impact

    Resource Development

    Reconnaissance

    Replay Monitor

    Loading Replay Monitor...

    Downloads