Overview

overview

10

Static

static

1

25c4220159...ebf.js

windows7-x64

3

25c4220159...ebf.js

windows10-2004-x64

10

Analysis

  • max time kernel
    150s
  • max time network
    151s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    28-09-2024 01:11

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    25c4220159b9f1acd768415b14403854a8dec47c3d1a1286e75631f60bc54ebf.js

  • Size

    458KB

  • MD5

    bad891ad34cea31a079100af2269d1a2

  • SHA1

    5ec553750e242c145483984e6d856cd8a8749fb3

  • SHA256

    25c4220159b9f1acd768415b14403854a8dec47c3d1a1286e75631f60bc54ebf

  • SHA512

    2b95217a632bc953115bf6eb5632fe5476f9b1b6b037edb9fed507d4681784aec3f62e4ba62acec707eca5d507ee29d1e278ff4022dd572f02e2f63790fc6b8f

  • SSDEEP

    6144:HQ79rj8xxZDM9PuwTd51LkiZJsuRnuXtMVDjCWMtZlAgQmXauo72q3Hs5lcflfrC:w9ASJDJkgnRLDjQ3AL2q362C

Score
3/10
execution

Malware Config

Signatures

  • Command and Scripting Interpreter: JavaScript 1 TTPs
    execution
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\wscript.exe
    wscript.exe C:\Users\Admin\AppData\Local\Temp\25c4220159b9f1acd768415b14403854a8dec47c3d1a1286e75631f60bc54ebf.js
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2616
    • C:\Program Files\Java\jre7\bin\javaw.exe
      "C:\Program Files\Java\jre7\bin\javaw.exe" -jar "C:\Users\Admin\AppData\Roaming\kemarjkue.txt"
      2⤵
        PID:2316

    Network

    MITRE ATT&CK Enterprise v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\AppData\Roaming\kemarjkue.txt
      Filesize

      209KB

      MD5

      9253a3ae8d339ad044eddacb81295060

      SHA1

      27d8793f419328ea690734e7b5c4c4c1287fad3f

      SHA256

      5269f44114815dbe9d98fbc756da86969b056b4d7362c9c96d8c58dd17be161c

      SHA512

      fca47b36359817e769064f9b8c3d4b36ffa5e6bbba3904f06cb2c3bf7b21fa1332be506b7e45754b6c884d6d2e12da64c3bea66fc15b8baea8312b29578c557c

      Download Submit

    • memory/2316-4-0x0000000002680000-0x00000000028F0000-memory.dmp

      Filesize

      2.4MB

      Download

    • memory/2316-12-0x0000000000230000-0x0000000000231000-memory.dmp

      Filesize

      4KB

      Download

    • memory/2316-19-0x0000000000230000-0x0000000000231000-memory.dmp

      Filesize

      4KB

      Download

    • memory/2316-26-0x0000000000230000-0x0000000000231000-memory.dmp

      Filesize

      4KB

      Download

    • memory/2316-29-0x0000000000230000-0x0000000000231000-memory.dmp

      Filesize

      4KB

      Download

    • memory/2316-33-0x0000000000230000-0x0000000000231000-memory.dmp

      Filesize

      4KB

      Download

    • memory/2316-43-0x0000000000230000-0x0000000000231000-memory.dmp

      Filesize

      4KB

      Download

    • memory/2316-44-0x0000000000230000-0x0000000000231000-memory.dmp

      Filesize

      4KB

      Download

    • memory/2316-46-0x0000000000230000-0x0000000000231000-memory.dmp

      Filesize

      4KB

      Download

    • memory/2316-48-0x0000000000230000-0x0000000000231000-memory.dmp

      Filesize

      4KB

      Download

    • memory/2316-52-0x0000000000230000-0x0000000000231000-memory.dmp

      Filesize

      4KB

      Download

    • memory/2316-58-0x0000000000230000-0x0000000000231000-memory.dmp

      Filesize

      4KB

      Download

    • memory/2316-83-0x0000000000230000-0x0000000000231000-memory.dmp

      Filesize

      4KB

      Download

    • memory/2316-86-0x0000000000230000-0x0000000000231000-memory.dmp

      Filesize

      4KB

      Download

    • memory/2316-88-0x0000000000230000-0x0000000000231000-memory.dmp

      Filesize

      4KB

      Download

    • memory/2316-90-0x0000000000230000-0x0000000000231000-memory.dmp

      Filesize

      4KB

      Download

    • memory/2316-94-0x0000000000230000-0x0000000000231000-memory.dmp

      Filesize

      4KB

      Download

    • memory/2316-95-0x0000000000230000-0x0000000000231000-memory.dmp

      Filesize

      4KB

      Download

    • memory/2316-213-0x0000000002680000-0x00000000028F0000-memory.dmp

      Filesize

      2.4MB

      Download