935225957487df951ded6682343166498c245943bc32c0ed5e5e4b8089943d96 | Triage

Submit
Reports

Overview

overview

3

Static

static

1

a/新云软件.url

windows7-x64

1

a/新云软件.url

windows10-2004-x64

1

admin/ad.ps1

windows7-x64

3

admin/ad.ps1

windows10-2004-x64

3

admin/class/db_sql.js

windows7-x64

3

admin/class/db_sql.js

windows10-2004-x64

3

admin/clas...inc.js

windows7-x64

3

admin/clas...inc.js

windows10-2004-x64

3

admin/dh_class.ps1

windows7-x64

3

admin/dh_class.ps1

windows10-2004-x64

3

admin/glob...ion.js

windows7-x64

3

admin/glob...ion.js

windows10-2004-x64

3

admin/index_main.html

windows7-x64

3

admin/index_main.html

windows10-2004-x64

3

admin/index_top.html

windows7-x64

3

admin/index_top.html

windows10-2004-x64

3

admin/lang...eDb.js

windows7-x64

3

admin/lang...eDb.js

windows10-2004-x64

3

admin/lang...ble.js

windows7-x64

3

admin/lang...ble.js

windows10-2004-x64

3

admin/lang...eld.js

windows7-x64

3

admin/lang...eld.js

windows10-2004-x64

3

admin/lang...bak.js

windows7-x64

3

admin/lang...bak.js

windows10-2004-x64

3

admin/lang...age.js

windows7-x64

3

admin/lang...age.js

windows10-2004-x64

3

admin/lang...eDb.js

windows7-x64

3

admin/lang...eDb.js

windows10-2004-x64

3

admin/lang...ble.js

windows7-x64

3

admin/lang...ble.js

windows10-2004-x64

3

admin/lang...eld.js

windows7-x64

3

admin/lang...eld.js

windows10-2004-x64

3

Analysis

max time kernel
96s
max time network
153s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
19/09/2024, 11:14

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

a/新云软件.url

Resource

win7-20240704-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

a/新云软件.url

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral3

Sample

admin/ad.ps1

Resource

win7-20240903-en

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral4

Sample

admin/ad.ps1

Resource

win10v2004-20240802-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral5

Sample

admin/class/db_sql.js

Resource

win7-20240903-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral6

Sample

admin/class/db_sql.js

Resource

win10v2004-20240802-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral7

Sample

admin/class/phpzip.inc.js

Resource

win7-20240704-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral8

Sample

admin/class/phpzip.inc.js

Resource

win10v2004-20240802-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral9

Sample

admin/dh_class.ps1

Resource

win7-20240903-en

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral10

Sample

admin/dh_class.ps1

Resource

win10v2004-20240802-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral11

Sample

admin/global_function.js

Resource

win7-20240704-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral12

Sample

admin/global_function.js

Resource

win10v2004-20240802-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral13

Sample

admin/index_main.html

Resource

win7-20240903-en

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral14

Sample

admin/index_main.html

Resource

win10v2004-20240802-en

windows10-2004-x64

7 signatures

150 seconds

Behavioral task

behavioral15

Sample

admin/index_top.html

Resource

win7-20240903-en

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral16

Sample

admin/index_top.html

Resource

win10v2004-20240802-en

windows10-2004-x64

7 signatures

150 seconds

Behavioral task

behavioral17

Sample

admin/lang/big5/temp/eChangeDb.js

Resource

win7-20240708-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral18

Sample

admin/lang/big5/temp/eChangeDb.js

Resource

win10v2004-20240802-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral19

Sample

admin/lang/big5/temp/eChangeTable.js

Resource

win7-20240903-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral20

Sample

admin/lang/big5/temp/eChangeTable.js

Resource

win10v2004-20240802-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral21

Sample

admin/lang/big5/temp/eListField.js

Resource

win7-20240729-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral22

Sample

admin/lang/big5/temp/eListField.js

Resource

win10v2004-20240802-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral23

Sample

admin/lang/big5/temp/eListSetbak.js

Resource

win7-20240903-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral24

Sample

admin/lang/big5/temp/eListSetbak.js

Resource

win10v2004-20240802-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral25

Sample

admin/lang/big5/temp/message.js

Resource

win7-20240903-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral26

Sample

admin/lang/big5/temp/message.js

Resource

win10v2004-20240802-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral27

Sample

admin/lang/big5utf8/temp/eChangeDb.js

Resource

win7-20240903-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral28

Sample

admin/lang/big5utf8/temp/eChangeDb.js

Resource

win10v2004-20240802-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral29

Sample

admin/lang/big5utf8/temp/eChangeTable.js

Resource

win7-20240708-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral30

Sample

admin/lang/big5utf8/temp/eChangeTable.js

Resource

win10v2004-20240802-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral31

Sample

admin/lang/big5utf8/temp/eListField.js

Resource

win7-20240903-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral32

Sample

admin/lang/big5utf8/temp/eListField.js

Resource

win10v2004-20240802-en

windows10-2004-x64

1 signatures

150 seconds

Report Analysis Logs

General

Target

admin/lang/big5/temp/eListSetbak.js
Size

2KB
MD5

720c7e2f930dffb2932f994d3f6e4b02
SHA1

1ac5823678d511d6b96bc9badcdc36e5216e7cfb
SHA256

dbdef26017717922be2ddefd0b7ea9b766e255685220df19e529d9813076f8d3
SHA512

b92a8e1c940edf1bfd460586d97788d5205d24eed7e9d3d61a77caad32a1282cb5e45ad00c2156ed7fa25db768c850bec084999122e418f192dc2e1d258279df

Score

3^/10

execution

Malware Config

Signatures

Command and Scripting Interpreter: JavaScript 1 TTPs
execution

JavaScript
T1059.007

Processes

C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\admin\lang\big5\temp\eListSetbak.js
1⤵
PID:1032

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

© 2018-2025

Terms | Privacy