e1a525ca6c580cc66483273410ffe4cee6f226f6bb2034a667b1bbe6982eea74 | Triage

Analysis

max time kernel
91s
max time network
94s
platform
windows10-2004_x64
resource
win10v2004-20240709-en
resource tags

arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
submitted
10/07/2024, 14:50

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

终点小说连载系统圈圈美化版/UserInc/UsergoAuthorstart.js
Size

11KB
MD5

15b0f0b0bc3f4e7858d9781808c1e5db
SHA1

fabc68df6d23be0e630ccd923180b1a934eeee23
SHA256

c770665f1c9f0ec76a3140ca01dd8539dcb0db0fddb00abfefccf0b39de4e1d1
SHA512

25098b8246de9c4868b219d800d1ae42d47e5bd5cb519e3e2bb567dc4d1cba86086174a742a8ed5c02e9eff3c1855da4e07725ab3bf6f76b37f91e405a5a0e94
SSDEEP

192:Lt75KkFv2gWXRY6WB6WEX9CT6W1RfWuK6qr4qH/y8TUsfi5EgAWZI98z0tN8mmmI:HLZnWXR9WgWEX9CmW1lWuK6qsmjAsfi/

Score

3^/10

execution

Malware Config

Signatures

Command and Scripting Interpreter: JavaScript 1 TTPs
execution

JavaScript
T1059.007

C:\Windows\system32\wscript.exe
wscript.exe "C:\Users\Admin\AppData\Local\Temp\终点小说连载系统圈圈美化版\UserInc\UsergoAuthorstart.js"
1⤵
PID:1496

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads