59cb06a918fceccc7914c5dde4141352919d7b6a8a10ea248005f040f017d091

Analysis

max time kernel
16s
max time network
16s
platform
windows7_x64
resource
win7-20240729-en
resource tags

arch:x64arch:x86image:win7-20240729-enlocale:en-usos:windows7-x64system
submitted
03-10-2024 20:49

Target

Update.js
Size

2.6MB
MD5

239e05fd1e101ecc5805aa30df37c9e2
SHA1

6674082d503779d31139fa593b7497f1bcc0eb39
SHA256

59cb06a918fceccc7914c5dde4141352919d7b6a8a10ea248005f040f017d091
SHA512

d89ef87d124543dc36a2cda0bccb0e98ca6edabdf58bac68be8079a1af7e79c7aa9f2c5481036fb11ae2b1bb46c21aed216ecf7d2cc14e2c54b04dfe6d224e6d
SSDEEP

49152:OCz4F9dM2furCz4F9dM2fuTCz4F9dM2furCz4F9dM2fui:OkGgkGwkGgkG9

Score

8^/10

execution

Blocklisted process makes network request 4 IoCs

Command and Scripting Interpreter: JavaScript 1 TTPs
execution

JavaScript
T1059.007

C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\Update.js
1⤵
- Blocklisted process makes network request
PID:2300

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact