Overview

overview

10

Static

static

1

Solicitaç...ão.js

windows7-x64

3

Solicitaç...ão.js

windows10-2004-x64

10

Analysis

  • max time kernel
    148s
  • max time network
    149s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    21-10-2024 11:15

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Solicitação de Cotação.js

  • Size

    184KB

  • MD5

    29a46a991f69322c414cd76707bf04ae

  • SHA1

    0a484d57667361f03619f5e55fc8df61ec48ec6b

  • SHA256

    c480fe7adba62a2d2f5b983c88358306ee204d94eedceae5f72e9c8c0c6e701a

  • SHA512

    25049793b5c8a2e81562153377bea8182fa0967a55534113a1dce787b985d932f2554964c604348024bf785906d75c8de6b361cb3eb8e4336f24f9ff959b0182

  • SSDEEP

    3072:xmc9ypzk6F5Sp8Co92lb5yeCCy3g4PU5wBCuRBx7OEFVxKZlvy+6OnpnbQxwHWku:xRMpQ6F5q8RglQdCyQx14x7OEdYb8wH4

Score
3/10
execution

Malware Config

Signatures

  • Command and Scripting Interpreter: JavaScript 1 TTPs
    execution
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\wscript.exe
    wscript.exe "C:\Users\Admin\AppData\Local\Temp\Solicitação de Cotação.js"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:3056
    • C:\Program Files\Java\jre7\bin\javaw.exe
      "C:\Program Files\Java\jre7\bin\javaw.exe" -jar "C:\Users\Admin\AppData\Roaming\hjvzsxluyo.txt"
      2⤵
        PID:2784

    Network

    MITRE ATT&CK Enterprise v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\AppData\Roaming\hjvzsxluyo.txt
      Filesize

      92KB

      MD5

      9f529d816bffd28587755104a62e7ffe

      SHA1

      2ced260d71011c450dab5145881fad5460d00edb

      SHA256

      7bd8097de078f21e7f97dc04fac6ed6a4d7bc042934e2ec179706838303efe2f

      SHA512

      ccb1437c4fc7465bfdd62e5a7556a13f2bbebafe73e6c545a0125fe0289e833928b6c9f61ce36102ea107a6054f6ac738fae81ac068555fc500f1df15ac6baab

      Download Submit

    • memory/2784-4-0x00000000025E0000-0x0000000002850000-memory.dmp

      Filesize

      2.4MB

      Download

    • memory/2784-12-0x0000000000130000-0x0000000000131000-memory.dmp

      Filesize

      4KB

      Download

    • memory/2784-19-0x0000000000130000-0x0000000000131000-memory.dmp

      Filesize

      4KB

      Download

    • memory/2784-20-0x0000000000130000-0x0000000000131000-memory.dmp

      Filesize

      4KB

      Download

    • memory/2784-26-0x0000000000130000-0x0000000000131000-memory.dmp

      Filesize

      4KB

      Download

    • memory/2784-32-0x0000000000130000-0x0000000000131000-memory.dmp

      Filesize

      4KB

      Download

    • memory/2784-38-0x0000000000130000-0x0000000000131000-memory.dmp

      Filesize

      4KB

      Download

    • memory/2784-39-0x00000000025E0000-0x0000000002850000-memory.dmp

      Filesize

      2.4MB

      Download

    • memory/2784-43-0x0000000000130000-0x0000000000131000-memory.dmp

      Filesize

      4KB

      Download

    • memory/2784-51-0x0000000000130000-0x0000000000131000-memory.dmp

      Filesize

      4KB

      Download

    • memory/2784-56-0x0000000000130000-0x0000000000131000-memory.dmp

      Filesize

      4KB

      Download

    • memory/2784-67-0x0000000000130000-0x0000000000131000-memory.dmp

      Filesize

      4KB

      Download

    • memory/2784-80-0x0000000000130000-0x0000000000131000-memory.dmp

      Filesize

      4KB

      Download

    • memory/2784-82-0x0000000000130000-0x0000000000131000-memory.dmp

      Filesize

      4KB

      Download

    • memory/2784-96-0x0000000000130000-0x0000000000131000-memory.dmp

      Filesize

      4KB

      Download

    • memory/2784-98-0x0000000000130000-0x0000000000131000-memory.dmp

      Filesize

      4KB

      Download