Overview

overview

3

Static

static

1

api.js

windows7-x64

3

api.js

windows10-2004-x64

3

api/uc.js

windows7-x64

3

api/uc.js

windows10-2004-x64

3

api/uc_api_db.js

windows7-x64

3

api/uc_api_db.js

windows10-2004-x64

3

api/新云软件.url

windows7-x64

1

api/新云软件.url

windows10-2004-x64

1

images/sec...ex.htm

windows7-x64

1

images/sec...ex.htm

windows10-2004-x64

1

images/sec...ex.htm

windows7-x64

1

images/sec...ex.htm

windows10-2004-x64

1

images/sec...ex.htm

windows7-x64

1

images/sec...ex.htm

windows10-2004-x64

1

images/sec...ex.htm

windows7-x64

1

images/sec...ex.htm

windows10-2004-x64

1

images/sec...ex.htm

windows7-x64

1

images/sec...ex.htm

windows10-2004-x64

1

images/sec...ex.htm

windows7-x64

1

images/sec...ex.htm

windows10-2004-x64

1

images/sec...ex.htm

windows7-x64

1

images/sec...ex.htm

windows10-2004-x64

1

images/upl...min.js

windows7-x64

3

images/upl...min.js

windows10-2004-x64

3

imjiqiren.js

windows7-x64

3

imjiqiren.js

windows10-2004-x64

3

include/db....db.js

windows7-x64

3

include/db....db.js

windows10-2004-x64

3

include/db....db.js

windows7-x64

3

include/db....db.js

windows10-2004-x64

3

include/en...ass.js

windows7-x64

3

include/en...ass.js

windows10-2004-x64

3

Analysis

  • max time kernel
    119s
  • max time network
    125s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    20-07-2024 05:56

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    include/db/database.db.js

  • Size

    2KB

  • MD5

    501eb5f2b5f06783df07639dca47e785

  • SHA1

    1c65b97c88e601c9d0d2b16fe5ee7bac6329a4c7

  • SHA256

    748ab7f1cd0d21760d7756177a3fc3ad6f3af3c7ad1145271c6a3848c67df1da

  • SHA512

    def516d7c4ed94f69d2eeeccfe049cc953a471863db5458fd16f45265d63741fb2cc49a7c71197f10cadd8567423db379e95e64470f5c2b8b1b9a1c1d291fd8c

Score
3/10
execution

Malware Config

Signatures

Processes

  • C:\Windows\system32\wscript.exe
    wscript.exe C:\Users\Admin\AppData\Local\Temp\include\db\database.db.js
    1⤵
      PID:3052

    Network

    MITRE ATT&CK Matrix ATT&CK v13

    Initial Access

    Execution

    Command and Scripting Interpreter

    1
    T1059

    JavaScript

    1
    T1059.007

    Persistence

    Privilege Escalation

    Defense Evasion

    Credential Access

    Discovery

    Lateral Movement

    Collection

    Exfiltration

    Command and Control

    Impact

    Resource Development

    Reconnaissance

    Replay Monitor

    Loading Replay Monitor...

    Downloads