3d4c345b9b6c298b218274cfe2141b2f2842b113534a557100c1671a8b7edb76 | Triage

Analysis

max time kernel
613s
max time network
1588s
platform
windows10-1703_x64
resource
win10-20240404-en
resource tags

arch:x64arch:x86image:win10-20240404-enlocale:en-usos:windows10-1703-x64system
submitted
07-09-2024 17:26

Sharing

Report Analysis Logs

General

Target

Malware_pack_2/ColorBug.zip
Size

28KB
MD5

34071c621da9508f92696709d71bb30a
SHA1

5817a14b8da5da5aecd59f5016c2b02fbbe2f631
SHA256

ff2e6648e019087c2ec3c0f9eab548a761122b696caca171ab88e414ba5615cd
SHA512

eb4c3b5ce9a4d6e979565d44c1a1432272bd2b9d1b83ca6b03ddc9982a5a6c341126ba71bbfd0e8d443ffa93265b6d205c187f586ff0bcb708965d2db6c98b45
SSDEEP

384:Z6HvcubW5F4mPGngeY4S8kep2sx1skClNcnK5VYeymm7/rrYC8Feuumu+lZRmdV5:Z6Pcu65SfY4SdsCbWVjOuGR2l

Score

3^/10

execution

Malware Config

Signatures

Command and Scripting Interpreter: JavaScript 1 TTPs
execution

JavaScript
T1059.007

C:\Windows\Explorer.exe
C:\Windows\Explorer.exe /idlist,,C:\Users\Admin\AppData\Local\Temp\Malware_pack_2\ColorBug.zip
1⤵
PID:2200

C:\Windows\System32\WScript.exe
"C:\Windows\System32\WScript.exe" "C:\Users\Admin\Desktop\WatchStep.js"
1⤵
PID:2160

C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
1⤵
PID:4252

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads