61c56c08353cf2eeb3d498b61708937f4d17fd4f0eee30138ed3c54a9978c3a2 | Triage

Resubmissions

08-11-2024 15:13

241108-slqqhsvcjl 4

08-11-2024 15:11

241108-skk4msvbqq 4

08-11-2024 14:30

241108-rvgzassrev 8

08-11-2024 14:22

241108-rp3c2stelg 10

Analysis

max time kernel
442s
max time network
1164s
platform
windows11-21h2_x64
resource
win11-20241007-en
resource tags

arch:x64arch:x86image:win11-20241007-enlocale:en-usos:windows11-21h2-x64system
submitted
08-11-2024 15:11

Sharing

Report Analysis Logs

General

Target

attachment-18
Size

40KB
MD5

33fdb5b862875cc3e66c92308af7b441
SHA1

fa684eeb79bf386cfc6dc3059d82ad778e1f948b
SHA256

ba971501137ed19d50e7083806914b65cca439c256bee888ecc122b01dcdc9f1
SHA512

c5c60e74d52946888601c0db1fc1250ae18e48d78643256a9d1ab633525ececec4012582199923eb5a63306be4e5b463b0970c45387b96287d394d1839e6ee23
SSDEEP

768:VLIMI6JC4HvqvHMDdBKoETBB72GwcgZyudhomJUQvJQC4zmUWOs5zSYJHCB3PNFD:911CSv+adswcg7Ho

Score

3^/10

execution

Malware Config

Signatures

Command and Scripting Interpreter: JavaScript 1 TTPs
execution

JavaScript
T1059.007

C:\Windows\system32\cmd.exe
cmd /c C:\Users\Admin\AppData\Local\Temp\attachment-18
1⤵
PID:1080

C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
1⤵
PID:4716

C:\Windows\System32\WScript.exe
"C:\Windows\System32\WScript.exe" "C:\Users\Admin\Downloads\TestConvert.js"
1⤵
PID:1904

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads