Malware Analysis Report

2024-10-16 06:47

Sample ID 240616-gp2fmswdqp
Target O Wave lotadasso de trojan.rar
SHA256 0ff0224edb6a27b5c23adc7fb759864bb3c645f2cf2f38d0a0290c1fa691fdd2
Tags
execution themida
score
7/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral31

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral4

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral9

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral19

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral24

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral25

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral3

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral13

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral32

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral18

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral20

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral30

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral12

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral17

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral29

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral10

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral7

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral11

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral16

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral26

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral27

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral5

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral8

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral14

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral21

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral22

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral6

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral15

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral23

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral28

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
7/10

SHA256

0ff0224edb6a27b5c23adc7fb759864bb3c645f2cf2f38d0a0290c1fa691fdd2

Threat Level: Shows suspicious behavior

The file O Wave lotadasso de trojan.rar was found to be: Shows suspicious behavior.

Malicious Activity Summary

execution themida

Themida packer

Unsigned PE

Command and Scripting Interpreter: JavaScript

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-06-16 06:01

Signatures

Themida packer

themida
Description Indicator Process Target
N/A N/A N/A N/A

Unsigned PE

Description Indicator Process Target
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A

Analysis: behavioral31

Detonation Overview

Submitted

2024-06-16 05:59

Reported

2024-06-16 06:06

Platform

win7-20240611-en

Max time kernel

121s

Max time network

132s

Command Line

wscript.exe C:\Users\Admin\AppData\Local\Temp\WaveTrial\dist\client\assets\htmlMode-632e9b49.js

Signatures

Command and Scripting Interpreter: JavaScript

execution

Processes

C:\Windows\system32\wscript.exe

wscript.exe C:\Users\Admin\AppData\Local\Temp\WaveTrial\dist\client\assets\htmlMode-632e9b49.js

Network

N/A

Files

N/A

Analysis: behavioral4

Detonation Overview

Submitted

2024-06-16 05:59

Reported

2024-06-16 06:05

Platform

win7-20240508-en

Max time kernel

121s

Max time network

132s

Command Line

wscript.exe C:\Users\Admin\AppData\Local\Temp\WaveTrial\dist\client\assets\handlebars-15abc7a1.js

Signatures

Command and Scripting Interpreter: JavaScript

execution

Processes

C:\Windows\system32\wscript.exe

wscript.exe C:\Users\Admin\AppData\Local\Temp\WaveTrial\dist\client\assets\handlebars-15abc7a1.js

Network

N/A

Files

N/A

Analysis: behavioral9

Detonation Overview

Submitted

2024-06-16 05:59

Reported

2024-06-16 06:06

Platform

win7-20240221-en

Max time kernel

119s

Max time network

134s

Command Line

wscript.exe C:\Users\Admin\AppData\Local\Temp\WaveTrial\dist\client\assets\handlebars-526b83f8.js

Signatures

Command and Scripting Interpreter: JavaScript

execution

Processes

C:\Windows\system32\wscript.exe

wscript.exe C:\Users\Admin\AppData\Local\Temp\WaveTrial\dist\client\assets\handlebars-526b83f8.js

Network

N/A

Files

N/A

Analysis: behavioral19

Detonation Overview

Submitted

2024-06-16 05:59

Reported

2024-06-16 06:06

Platform

win7-20240221-en

Max time kernel

121s

Max time network

135s

Command Line

wscript.exe C:\Users\Admin\AppData\Local\Temp\WaveTrial\dist\client\assets\html-4e6adffc.js

Signatures

Command and Scripting Interpreter: JavaScript

execution

Processes

C:\Windows\system32\wscript.exe

wscript.exe C:\Users\Admin\AppData\Local\Temp\WaveTrial\dist\client\assets\html-4e6adffc.js

Network

N/A

Files

N/A

Analysis: behavioral24

Detonation Overview

Submitted

2024-06-16 05:59

Reported

2024-06-16 06:05

Platform

win7-20240508-en

Max time kernel

122s

Max time network

135s

Command Line

wscript.exe C:\Users\Admin\AppData\Local\Temp\WaveTrial\dist\client\assets\html-c8e548e5.js

Signatures

Command and Scripting Interpreter: JavaScript

execution

Processes

C:\Windows\system32\wscript.exe

wscript.exe C:\Users\Admin\AppData\Local\Temp\WaveTrial\dist\client\assets\html-c8e548e5.js

Network

N/A

Files

N/A

Analysis: behavioral25

Detonation Overview

Submitted

2024-06-16 05:59

Reported

2024-06-16 06:06

Platform

win7-20240221-en

Max time kernel

120s

Max time network

133s

Command Line

wscript.exe C:\Users\Admin\AppData\Local\Temp\WaveTrial\dist\client\assets\html-da482490.js

Signatures

Command and Scripting Interpreter: JavaScript

execution

Processes

C:\Windows\system32\wscript.exe

wscript.exe C:\Users\Admin\AppData\Local\Temp\WaveTrial\dist\client\assets\html-da482490.js

Network

N/A

Files

N/A

Analysis: behavioral3

Detonation Overview

Submitted

2024-06-16 05:59

Reported

2024-06-16 06:05

Platform

win7-20240221-en

Max time kernel

120s

Max time network

131s

Command Line

wscript.exe C:\Users\Admin\AppData\Local\Temp\WaveTrial\dist\client\assets\graphql-60335d07.js

Signatures

Command and Scripting Interpreter: JavaScript

execution

Processes

C:\Windows\system32\wscript.exe

wscript.exe C:\Users\Admin\AppData\Local\Temp\WaveTrial\dist\client\assets\graphql-60335d07.js

Network

N/A

Files

N/A

Analysis: behavioral13

Detonation Overview

Submitted

2024-06-16 05:59

Reported

2024-06-16 06:06

Platform

win7-20240611-en

Max time kernel

121s

Max time network

150s

Command Line

wscript.exe C:\Users\Admin\AppData\Local\Temp\WaveTrial\dist\client\assets\handlebars-8c77b892.js

Signatures

Command and Scripting Interpreter: JavaScript

execution

Processes

C:\Windows\system32\wscript.exe

wscript.exe C:\Users\Admin\AppData\Local\Temp\WaveTrial\dist\client\assets\handlebars-8c77b892.js

Network

N/A

Files

N/A

Analysis: behavioral32

Detonation Overview

Submitted

2024-06-16 05:59

Reported

2024-06-16 06:06

Platform

win7-20240221-en

Max time kernel

120s

Max time network

134s

Command Line

wscript.exe C:\Users\Admin\AppData\Local\Temp\WaveTrial\dist\client\assets\htmlMode-80300b63.js

Signatures

Command and Scripting Interpreter: JavaScript

execution

Processes

C:\Windows\system32\wscript.exe

wscript.exe C:\Users\Admin\AppData\Local\Temp\WaveTrial\dist\client\assets\htmlMode-80300b63.js

Network

N/A

Files

N/A

Analysis: behavioral2

Detonation Overview

Submitted

2024-06-16 05:59

Reported

2024-06-16 06:06

Platform

win7-20240508-en

Max time kernel

117s

Max time network

131s

Command Line

wscript.exe C:\Users\Admin\AppData\Local\Temp\WaveTrial\dist\client\assets\go-80837ffe.js

Signatures

Command and Scripting Interpreter: JavaScript

execution

Processes

C:\Windows\system32\wscript.exe

wscript.exe C:\Users\Admin\AppData\Local\Temp\WaveTrial\dist\client\assets\go-80837ffe.js

Network

N/A

Files

N/A

Analysis: behavioral18

Detonation Overview

Submitted

2024-06-16 05:59

Reported

2024-06-16 06:06

Platform

win7-20240611-en

Max time kernel

122s

Max time network

134s

Command Line

wscript.exe C:\Users\Admin\AppData\Local\Temp\WaveTrial\dist\client\assets\html-38f03426.js

Signatures

Command and Scripting Interpreter: JavaScript

execution

Processes

C:\Windows\system32\wscript.exe

wscript.exe C:\Users\Admin\AppData\Local\Temp\WaveTrial\dist\client\assets\html-38f03426.js

Network

N/A

Files

N/A

Analysis: behavioral20

Detonation Overview

Submitted

2024-06-16 05:59

Reported

2024-06-16 06:06

Platform

win7-20240508-en

Max time kernel

121s

Max time network

136s

Command Line

wscript.exe C:\Users\Admin\AppData\Local\Temp\WaveTrial\dist\client\assets\html-58fe1aa7.js

Signatures

Command and Scripting Interpreter: JavaScript

execution

Processes

C:\Windows\system32\wscript.exe

wscript.exe C:\Users\Admin\AppData\Local\Temp\WaveTrial\dist\client\assets\html-58fe1aa7.js

Network

N/A

Files

N/A

Analysis: behavioral30

Detonation Overview

Submitted

2024-06-16 05:59

Reported

2024-06-16 06:06

Platform

win7-20240220-en

Max time kernel

117s

Max time network

127s

Command Line

wscript.exe C:\Users\Admin\AppData\Local\Temp\WaveTrial\dist\client\assets\htmlMode-2f8b3566.js

Signatures

Command and Scripting Interpreter: JavaScript

execution

Processes

C:\Windows\system32\wscript.exe

wscript.exe C:\Users\Admin\AppData\Local\Temp\WaveTrial\dist\client\assets\htmlMode-2f8b3566.js

Network

N/A

Files

N/A

Analysis: behavioral12

Detonation Overview

Submitted

2024-06-16 05:59

Reported

2024-06-16 06:06

Platform

win7-20240611-en

Max time kernel

117s

Max time network

127s

Command Line

wscript.exe C:\Users\Admin\AppData\Local\Temp\WaveTrial\dist\client\assets\handlebars-83e2dec3.js

Signatures

Command and Scripting Interpreter: JavaScript

execution

Processes

C:\Windows\system32\wscript.exe

wscript.exe C:\Users\Admin\AppData\Local\Temp\WaveTrial\dist\client\assets\handlebars-83e2dec3.js

Network

N/A

Files

N/A

Analysis: behavioral17

Detonation Overview

Submitted

2024-06-16 05:59

Reported

2024-06-16 06:06

Platform

win7-20240508-en

Max time kernel

119s

Max time network

132s

Command Line

wscript.exe C:\Users\Admin\AppData\Local\Temp\WaveTrial\dist\client\assets\html-2ec9302c.js

Signatures

Command and Scripting Interpreter: JavaScript

execution

Processes

C:\Windows\system32\wscript.exe

wscript.exe C:\Users\Admin\AppData\Local\Temp\WaveTrial\dist\client\assets\html-2ec9302c.js

Network

N/A

Files

N/A

Analysis: behavioral29

Detonation Overview

Submitted

2024-06-16 05:59

Reported

2024-06-16 06:05

Platform

win7-20231129-en

Max time kernel

117s

Max time network

128s

Command Line

wscript.exe C:\Users\Admin\AppData\Local\Temp\WaveTrial\dist\client\assets\htmlMode-221a5660.js

Signatures

Command and Scripting Interpreter: JavaScript

execution

Processes

C:\Windows\system32\wscript.exe

wscript.exe C:\Users\Admin\AppData\Local\Temp\WaveTrial\dist\client\assets\htmlMode-221a5660.js

Network

N/A

Files

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-06-16 05:59

Reported

2024-06-16 06:06

Platform

win7-20240611-en

Max time kernel

122s

Max time network

153s

Command Line

wscript.exe C:\Users\Admin\AppData\Local\Temp\WaveTrial\dist\client\assets\fsharp-126b7a4a.js

Signatures

Command and Scripting Interpreter: JavaScript

execution

Processes

C:\Windows\system32\wscript.exe

wscript.exe C:\Users\Admin\AppData\Local\Temp\WaveTrial\dist\client\assets\fsharp-126b7a4a.js

Network

N/A

Files

N/A

Analysis: behavioral10

Detonation Overview

Submitted

2024-06-16 05:59

Reported

2024-06-16 06:06

Platform

win7-20231129-en

Max time kernel

117s

Max time network

127s

Command Line

wscript.exe C:\Users\Admin\AppData\Local\Temp\WaveTrial\dist\client\assets\handlebars-68e2cc4a.js

Signatures

Command and Scripting Interpreter: JavaScript

execution

Processes

C:\Windows\system32\wscript.exe

wscript.exe C:\Users\Admin\AppData\Local\Temp\WaveTrial\dist\client\assets\handlebars-68e2cc4a.js

Network

N/A

Files

N/A

Analysis: behavioral7

Detonation Overview

Submitted

2024-06-16 05:59

Reported

2024-06-16 06:06

Platform

win7-20240220-en

Max time kernel

118s

Max time network

128s

Command Line

wscript.exe C:\Users\Admin\AppData\Local\Temp\WaveTrial\dist\client\assets\handlebars-316c66ca.js

Signatures

Command and Scripting Interpreter: JavaScript

execution

Processes

C:\Windows\system32\wscript.exe

wscript.exe C:\Users\Admin\AppData\Local\Temp\WaveTrial\dist\client\assets\handlebars-316c66ca.js

Network

N/A

Files

N/A

Analysis: behavioral11

Detonation Overview

Submitted

2024-06-16 05:59

Reported

2024-06-16 06:06

Platform

win7-20240611-en

Max time kernel

119s

Max time network

133s

Command Line

wscript.exe C:\Users\Admin\AppData\Local\Temp\WaveTrial\dist\client\assets\handlebars-728a179e.js

Signatures

Command and Scripting Interpreter: JavaScript

execution

Processes

C:\Windows\system32\wscript.exe

wscript.exe C:\Users\Admin\AppData\Local\Temp\WaveTrial\dist\client\assets\handlebars-728a179e.js

Network

N/A

Files

N/A

Analysis: behavioral16

Detonation Overview

Submitted

2024-06-16 05:59

Reported

2024-06-16 06:06

Platform

win7-20240611-en

Max time kernel

117s

Max time network

132s

Command Line

wscript.exe C:\Users\Admin\AppData\Local\Temp\WaveTrial\dist\client\assets\hcl-e601270f.js

Signatures

Command and Scripting Interpreter: JavaScript

execution

Processes

C:\Windows\system32\wscript.exe

wscript.exe C:\Users\Admin\AppData\Local\Temp\WaveTrial\dist\client\assets\hcl-e601270f.js

Network

N/A

Files

N/A

Analysis: behavioral26

Detonation Overview

Submitted

2024-06-16 05:59

Reported

2024-06-16 06:05

Platform

win7-20240508-en

Max time kernel

122s

Max time network

132s

Command Line

wscript.exe C:\Users\Admin\AppData\Local\Temp\WaveTrial\dist\client\assets\html-dec95f1c.js

Signatures

Command and Scripting Interpreter: JavaScript

execution

Processes

C:\Windows\system32\wscript.exe

wscript.exe C:\Users\Admin\AppData\Local\Temp\WaveTrial\dist\client\assets\html-dec95f1c.js

Network

N/A

Files

N/A

Analysis: behavioral27

Detonation Overview

Submitted

2024-06-16 05:59

Reported

2024-06-16 06:06

Platform

win7-20240508-en

Max time kernel

121s

Max time network

130s

Command Line

wscript.exe C:\Users\Admin\AppData\Local\Temp\WaveTrial\dist\client\assets\html-e38fd3a3.js

Signatures

Command and Scripting Interpreter: JavaScript

execution

Processes

C:\Windows\system32\wscript.exe

wscript.exe C:\Users\Admin\AppData\Local\Temp\WaveTrial\dist\client\assets\html-e38fd3a3.js

Network

N/A

Files

N/A

Analysis: behavioral5

Detonation Overview

Submitted

2024-06-16 05:59

Reported

2024-06-16 06:06

Platform

win7-20240508-en

Max time kernel

121s

Max time network

131s

Command Line

wscript.exe C:\Users\Admin\AppData\Local\Temp\WaveTrial\dist\client\assets\handlebars-278f878e.js

Signatures

Command and Scripting Interpreter: JavaScript

execution

Processes

C:\Windows\system32\wscript.exe

wscript.exe C:\Users\Admin\AppData\Local\Temp\WaveTrial\dist\client\assets\handlebars-278f878e.js

Network

N/A

Files

N/A

Analysis: behavioral8

Detonation Overview

Submitted

2024-06-16 05:59

Reported

2024-06-16 06:06

Platform

win7-20240508-en

Max time kernel

118s

Max time network

132s

Command Line

wscript.exe C:\Users\Admin\AppData\Local\Temp\WaveTrial\dist\client\assets\handlebars-47651311.js

Signatures

Command and Scripting Interpreter: JavaScript

execution

Processes

C:\Windows\system32\wscript.exe

wscript.exe C:\Users\Admin\AppData\Local\Temp\WaveTrial\dist\client\assets\handlebars-47651311.js

Network

N/A

Files

N/A

Analysis: behavioral14

Detonation Overview

Submitted

2024-06-16 05:59

Reported

2024-06-16 06:05

Platform

win7-20240508-en

Max time kernel

120s

Max time network

130s

Command Line

wscript.exe C:\Users\Admin\AppData\Local\Temp\WaveTrial\dist\client\assets\handlebars-b5189aa9.js

Signatures

Command and Scripting Interpreter: JavaScript

execution

Processes

C:\Windows\system32\wscript.exe

wscript.exe C:\Users\Admin\AppData\Local\Temp\WaveTrial\dist\client\assets\handlebars-b5189aa9.js

Network

N/A

Files

N/A

Analysis: behavioral21

Detonation Overview

Submitted

2024-06-16 05:59

Reported

2024-06-16 06:06

Platform

win7-20240221-en

Max time kernel

122s

Max time network

137s

Command Line

wscript.exe C:\Users\Admin\AppData\Local\Temp\WaveTrial\dist\client\assets\html-7389bea2.js

Signatures

Command and Scripting Interpreter: JavaScript

execution

Processes

C:\Windows\system32\wscript.exe

wscript.exe C:\Users\Admin\AppData\Local\Temp\WaveTrial\dist\client\assets\html-7389bea2.js

Network

N/A

Files

N/A

Analysis: behavioral22

Detonation Overview

Submitted

2024-06-16 05:59

Reported

2024-06-16 06:05

Platform

win7-20240220-en

Max time kernel

122s

Max time network

131s

Command Line

wscript.exe C:\Users\Admin\AppData\Local\Temp\WaveTrial\dist\client\assets\html-b4a24819.js

Signatures

Command and Scripting Interpreter: JavaScript

execution

Processes

C:\Windows\system32\wscript.exe

wscript.exe C:\Users\Admin\AppData\Local\Temp\WaveTrial\dist\client\assets\html-b4a24819.js

Network

N/A

Files

N/A

Analysis: behavioral6

Detonation Overview

Submitted

2024-06-16 05:59

Reported

2024-06-16 06:06

Platform

win7-20240221-en

Max time kernel

121s

Max time network

132s

Command Line

wscript.exe C:\Users\Admin\AppData\Local\Temp\WaveTrial\dist\client\assets\handlebars-27d2aaae.js

Signatures

Command and Scripting Interpreter: JavaScript

execution

Processes

C:\Windows\system32\wscript.exe

wscript.exe C:\Users\Admin\AppData\Local\Temp\WaveTrial\dist\client\assets\handlebars-27d2aaae.js

Network

N/A

Files

N/A

Analysis: behavioral15

Detonation Overview

Submitted

2024-06-16 05:59

Reported

2024-06-16 06:05

Platform

win7-20231129-en

Max time kernel

119s

Max time network

129s

Command Line

wscript.exe C:\Users\Admin\AppData\Local\Temp\WaveTrial\dist\client\assets\handlebars-dade7c70.js

Signatures

Command and Scripting Interpreter: JavaScript

execution

Processes

C:\Windows\system32\wscript.exe

wscript.exe C:\Users\Admin\AppData\Local\Temp\WaveTrial\dist\client\assets\handlebars-dade7c70.js

Network

N/A

Files

N/A

Analysis: behavioral23

Detonation Overview

Submitted

2024-06-16 05:59

Reported

2024-06-16 06:06

Platform

win7-20240611-en

Max time kernel

120s

Max time network

146s

Command Line

wscript.exe C:\Users\Admin\AppData\Local\Temp\WaveTrial\dist\client\assets\html-c79988a0.js

Signatures

Command and Scripting Interpreter: JavaScript

execution

Processes

C:\Windows\system32\wscript.exe

wscript.exe C:\Users\Admin\AppData\Local\Temp\WaveTrial\dist\client\assets\html-c79988a0.js

Network

N/A

Files

N/A

Analysis: behavioral28

Detonation Overview

Submitted

2024-06-16 05:59

Reported

2024-06-16 06:06

Platform

win7-20240611-en

Max time kernel

120s

Max time network

134s

Command Line

wscript.exe C:\Users\Admin\AppData\Local\Temp\WaveTrial\dist\client\assets\html-f57558e9.js

Signatures

Command and Scripting Interpreter: JavaScript

execution

Processes

C:\Windows\system32\wscript.exe

wscript.exe C:\Users\Admin\AppData\Local\Temp\WaveTrial\dist\client\assets\html-f57558e9.js

Network

N/A

Files

N/A