185c565a0f204968ae67372fdc1a3a45de3c4ab3d5209dba35b8b65d64b4bd2a | Triage

Analysis

max time kernel
357s
max time network
359s
platform
windows7_x64
resource
win7-20240704-en
resource tags

arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
submitted
26/07/2024, 17:34

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

s.js
Size

1KB
MD5

5e0e24cb73e6e6a02618f7f377b582f1
SHA1

db52b07509c71cbd4110a14375e46f83795e17fa
SHA256

185c565a0f204968ae67372fdc1a3a45de3c4ab3d5209dba35b8b65d64b4bd2a
SHA512

8c3502f2d0268067e4934838cc58492931256512097e5b324e03bfa5fee7dd61da9e43f38ba2819e68632902943831e5740156d01d9b4609ee114ef5a8cbbb63

Score

9^/10

execution ransomware

Malware Config

Signatures

Renames multiple (65) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware
Command and Scripting Interpreter: JavaScript 1 TTPs
execution

JavaScript
T1059.007

C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\s.js
1⤵
PID:2112

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\Downloads\file5.txt

Filesize
22B

MD5
f5491fa02d773ae0a81fdda6d695d770

SHA1
ccd34b56f47f5c5c47cbe6807265fd542b64280b

SHA256
0b6cf515f8a7556f1761d474e1ea264c5dbd52589e7e13d609e70a2aca385a24

SHA512
b92d91806f60a7f884de8b1bfae372fe51de09e4fce440e2223679274afc8b92879ac5dbdc5a84ad039c3695d2f86a522e991891dc6e9837a5cc340aaa59a134

Download Submit