8744ee87d793fcc65f93fc7d0cd65f9e04388850d15ba5f2a02682b35ceb8678 | Triage

Submit
Reports

Overview

overview

5

Static

static

5

Add-on/Md5Check.exe

windows7-x64

3

Add-on/Md5Check.exe

windows10-2004-x64

3

Add-on/uninstall.js

windows7-x64

3

Add-on/uninstall.js

windows10-2004-x64

3

Add-on/新...��.url

windows7-x64

1

Add-on/新...��.url

windows10-2004-x64

1

Docs/PHPB2...al.pdf

windows7-x64

3

Docs/PHPB2...al.pdf

windows10-2004-x64

3

upload/app...x.html

windows7-x64

3

upload/app...x.html

windows10-2004-x64

3

upload/app...inc.js

windows7-x64

3

upload/app...inc.js

windows10-2004-x64

3

upload/app...XML.js

windows7-x64

3

upload/app...XML.js

windows10-2004-x64

3

upload/app...rty.js

windows7-x64

3

upload/app...rty.js

windows10-2004-x64

3

upload/app...map.js

windows7-x64

3

upload/app...map.js

windows10-2004-x64

3

upload/app...oud.js

windows7-x64

3

upload/app...oud.js

windows10-2004-x64

3

upload/app...umb.js

windows7-x64

3

upload/app...umb.js

windows10-2004-x64

3

upload/app...inc.js

windows7-x64

3

upload/app...inc.js

windows10-2004-x64

3

upload/app...ass.js

windows7-x64

3

upload/app...ass.js

windows10-2004-x64

3

upload/app...it.ps1

windows7-x64

3

upload/app...it.ps1

windows10-2004-x64

3

upload/app...uz.ps1

windows7-x64

3

upload/app...uz.ps1

windows10-2004-x64

3

upload/app/index.html

windows7-x64

3

upload/app/index.html

windows10-2004-x64

3

Analysis

max time kernel
145s
max time network
156s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
21-08-2024 10:04

Sharing

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

Add-on/Md5Check.exe

Resource

win7-20240704-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral2

Sample

Add-on/Md5Check.exe

Resource

win10v2004-20240802-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral3

Sample

Add-on/uninstall.js

Resource

win7-20240708-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral4

Sample

Add-on/uninstall.js

Resource

win10v2004-20240802-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral5

Sample

Add-on/新云软件.url

Resource

win7-20240705-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral6

Sample

Add-on/新云软件.url

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral7

Sample

Docs/PHPB2B2.4Manual.pdf

Resource

win7-20240704-en

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral8

Sample

Docs/PHPB2B2.4Manual.pdf

Resource

win10v2004-20240802-en

windows10-2004-x64

7 signatures

150 seconds

Behavioral task

behavioral9

Sample

upload/app/configs/index.html

Resource

win7-20240708-en

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral10

Sample

upload/app/configs/index.html

Resource

win10v2004-20240802-en

windows10-2004-x64

7 signatures

150 seconds

Behavioral task

behavioral11

Sample

upload/app/include/class-excel-xml.inc.js

Resource

win7-20240705-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral12

Sample

upload/app/include/class-excel-xml.inc.js

Resource

win10v2004-20240802-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral13

Sample

upload/app/include/class.DATA_XML.js

Resource

win7-20240708-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral14

Sample

upload/app/include/class.DATA_XML.js

Resource

win10v2004-20240802-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral15

Sample

upload/app/include/class.my.smarty.js

Resource

win7-20240729-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral16

Sample

upload/app/include/class.my.smarty.js

Resource

win10v2004-20240802-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral17

Sample

upload/app/include/class.sitemap.js

Resource

win7-20240704-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral18

Sample

upload/app/include/class.sitemap.js

Resource

win10v2004-20240802-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral19

Sample

upload/app/include/class.tagcloud.js

Resource

win7-20240708-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral20

Sample

upload/app/include/class.tagcloud.js

Resource

win10v2004-20240802-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral21

Sample

upload/app/include/class.thumb.js

Resource

win7-20240705-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral22

Sample

upload/app/include/class.thumb.js

Resource

win10v2004-20240802-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral23

Sample

upload/app/include/db_mysql.inc.js

Resource

win7-20240729-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral24

Sample

upload/app/include/db_mysql.inc.js

Resource

win10v2004-20240802-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral25

Sample

upload/app/include/feedcreator.class.js

Resource

win7-20240708-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral26

Sample

upload/app/include/feedcreator.class.js

Resource

win10v2004-20240802-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral27

Sample

upload/app/include/func.checksubmit.ps1

Resource

win7-20240705-en

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral28

Sample

upload/app/include/func.checksubmit.ps1

Resource

win10v2004-20240802-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral29

Sample

upload/app/include/inc.discuz.ps1

Resource

win7-20240704-en

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral30

Sample

upload/app/include/inc.discuz.ps1

Resource

win10v2004-20240802-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral31

Sample

upload/app/index.html

Resource

win7-20240708-en

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral32

Sample

upload/app/index.html

Resource

win10v2004-20240802-en

windows10-2004-x64

7 signatures

150 seconds

Report Analysis Logs

General

Target

upload/app/include/class-excel-xml.inc.js
Size

5KB
MD5

babc5b5a0dda2fe4c469602eb0125842
SHA1

71401600724320a8a68cf932b5bf4a756aa91ced
SHA256

6a191e80826e3041f2cae3eec87f47c4e1217e8022668fe870b10f8e5732b479
SHA512

ce2e2df71ae9b60e0a0be80bcf5fedc951a803fcf074f22781f754458999af409be1a59d81022bc3d8ce5b56ed8a5954277a71e536eef89743ad49373e984418
SSDEEP

96:9i/ReiSBEPjSGlQHAogq6Rdc0VZEZMGgvLCX1j3MmGjAnF9Cq3V473Rz0p3:90eaQHA+6kMZlveFTF9/3V472p3

Score

3^/10

execution

Malware Config

Signatures

Command and Scripting Interpreter: JavaScript 1 TTPs
execution

JavaScript
T1059.007

Processes

C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\upload\app\include\class-excel-xml.inc.js
1⤵
PID:3144

Network

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Replay Monitor

Loading Replay Monitor...

Downloads

© 2018-2024

Terms | Privacy