426dfe6ee5396e0d98b88850cdf767557a0dc698662e880c38afe692fefe53ec

Analysis

max time kernel
121s
max time network
122s
platform
windows7_x64
resource
win7-20240508-en
resource tags

arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
submitted
04-07-2024 09:12

Target

b186735a14125782938e27de9364c7cc457fe070fca9a72a4d2252730ad4a917.js
Size

7KB
MD5

983b0504124d164a872d6ffba3112cf8
SHA1

1aeb3cee19a9700a53c292101259701cdc14c862
SHA256

b186735a14125782938e27de9364c7cc457fe070fca9a72a4d2252730ad4a917
SHA512

d82beac84de1b0639fac9428d7829f707b36f87f6366e9aee41d9ef385d11f6d92aa68643b0147fa70a2b0105eff3e02d7a26fe4359cb6b604a70aa8d9e920b5
SSDEEP

96:0WIttVNJR4YcoYUw+w5wSwrwdwuXJx0x0T0jL:sL

Score

8^/10

execution

Blocklisted process makes network request 2 IoCs

flow	pid	Process
3	2244	wscript.exe
5	2244	wscript.exe

Command and Scripting Interpreter: JavaScript 1 TTPs
execution

JavaScript
T1059.007

C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\b186735a14125782938e27de9364c7cc457fe070fca9a72a4d2252730ad4a917.js
1⤵
- Blocklisted process makes network request
PID:2244

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact