ee5c1db0cfb185f65966fdc1742e356700de48ce6b125688becb1e71e73ec641

Analysis

max time kernel
140s
max time network
143s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
26-08-2024 08:05

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

upload/Admin/Logistics/EditShippingMode.js
Size

18KB
MD5

05b75274ca7c40f3aa63beb68a9da31c
SHA1

25aeacc3c6b38d6b422fc40c3fad6c95504f8bb9
SHA256

1ec313a309227e6e7c6697ba95404b05703db6bda63d2f3385e8562bef2832a3
SHA512

337c29c6a5a7873572feb36cce42c02cea2bd5b565ddc57fb2c2808cb619a6bff074de5bec8366a70d535c89bdacaa8c73846c9ae7c0931ee1f3ced53328497f
SSDEEP

384:6wpUIe3ZlItJ6ok3esIFJ6MU3epIAJyMh3e0IOJuJdz3e0IYJ6JdE3e8IA3J+MVX:InSakl+

Score

3^/10

discovery execution

Malware Config

Signatures

Command and Scripting Interpreter: JavaScript 1 TTPs
execution

JavaScript
T1059.007

System Network Configuration Discovery: Internet Connection Discovery 1 TTPs 1 IoCs

Adversaries may check for Internet connectivity on compromised systems.

discovery

Internet Connection Discovery

T1016.001

pid	Process
1588	wscript.exe

C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\upload\Admin\Logistics\EditShippingMode.js
1⤵
- System Network Configuration Discovery: Internet Connection Discovery
PID:1588

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

T1059

JavaScript

T1059.007

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

T1016

Internet Connection Discovery

T1016.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads