Analysis Overview
score
3/10
SHA256
f9c48f49d9d07f2ac62de0bf941f82ba0c5bccb760c0da596a6a88988ea95f66
Threat Level: Likely benign
The file CymulatecrednaggermacroXlsmXsl.xsl was found to be: Likely benign.
Malicious Activity Summary
Command and Scripting Interpreter: JavaScript
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-11-13 09:43
Signatures
N/A
Analysis: behavioral1
Detonation Overview
Submitted
2024-11-13 09:43
Reported
2024-11-13 09:44
Platform
win10v2004-20241007-en
Max time kernel
12s
Max time network
17s
Command Line
wscript.exe C:\Users\Admin\AppData\Local\Temp\CymulatecrednaggermacroXlsmXsl.js
Signatures
Command and Scripting Interpreter: JavaScript
Processes
C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\CymulatecrednaggermacroXlsmXsl.js
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 172.214.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 232.168.11.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 140.32.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 13.86.106.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 196.249.167.52.in-addr.arpa | udp |
Files
N/A