352cbd3940196b40d7ddec2d070430a6082a9f04604d58d8712e485c6886db73

Analysis

max time kernel
122s
max time network
123s
platform
windows7_x64
resource
win7-20240708-en
resource tags

arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
submitted
25/08/2024, 04:56

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

2019_03_157762139036366821___1625783774820398.js
Size

5KB
MD5

ce4094644909bb5af2425a37492572c4
SHA1

e49b29ef0870d3b47da3b8c5cf633f5d939e631c
SHA256

ea83f37ea40704a8cc7d9c1b63fd0b3bf7d15d9bb17c13dccfb91d64e48f33b8
SHA512

10606ee66158ad3adca3451d9f5429bf36e00d2f258d2de5474bf36bc911d1de7c7334a1af0f08aa8114dd775e936bb443580590e0c1b2012ada014fcc69d000
SSDEEP

96:k/zB/Ssp3FcKlNmAEbBZ3a/WKFkDYJ6xTXFyn3+LpOlMmBrE2lKlIav7b/VqfqwJ:WKs7/mAEbBZYWKFkDty3gpqlE2lKlIaW

Score

8^/10

execution

Malware Config

Signatures

Blocklisted process makes network request 1 IoCs

flow	pid	Process
5	2328	wscript.exe

Command and Scripting Interpreter: JavaScript 1 TTPs
execution

JavaScript
T1059.007
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\2019_03_157762139036366821___1625783774820398.js
1⤵
- Blocklisted process makes network request
PID:2328

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

T1059

JavaScript

T1059.007

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads