Overview

overview

1

Static

static

1

31858692ae...0N.vbs

windows7-x64

31858692ae...0N.vbs

windows10-2004-x64

Analysis

  • max time kernel
    10s
  • max time network
    11s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240709-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
  • submitted
    20/07/2024, 01:23

Sharing

Copy URL
Twitter E-mail

Errors

Reason
Machine shutdown
Report Analysis Logs

General

  • Target

    31858692ae526f1171f699db749dc770N.vbs

  • Size

    41KB

  • MD5

    31858692ae526f1171f699db749dc770

  • SHA1

    1a4516e57d020fe31221135ca148b5fcd0d12441

  • SHA256

    a8da91dd7f75a40f3ba017fa67d4dc27cc8eee2cf31fe28fc365829056bf2546

  • SHA512

    540bdf2be90deeba5a1e38afd50fa79e2f3add91a2110118e0e1cea945d0f6b1738aaffc3f8ef370dafdd97b2fa919dc43e9f812af22843aebc9b765103213d3

  • SSDEEP

    768:sjxxVUR6pNAJkVA7Xs39FZZ/xYd29d0T0qt7mXSScBU5923+8:sjRm6pNAJkVA7Xs39rZJYd244I7w923v

Score
1/10

Malware Config

Signatures

  • Modifies data under HKEY_USERS 15 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Windows\System32\WScript.exe
    "C:\Windows\System32\WScript.exe" "C:\Users\Admin\AppData\Local\Temp\31858692ae526f1171f699db749dc770N.vbs"
    1⤵
      PID:2004
    • C:\Windows\system32\LogonUI.exe
      "LogonUI.exe" /flags:0x4 /state0:0xa39aa055 /state1:0x41c64e6d
      1⤵
      • Modifies data under HKEY_USERS
      • Suspicious use of SetWindowsHookEx
      PID:2956

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads