853b7faf0f9b8a8cd20ce55e04dce689a64543625fb8cf3410665988d939cc2d

Analysis

max time kernel
117s
max time network
118s
platform
windows7_x64
resource
win7-20240903-en
resource tags

arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
submitted
14-12-2024 19:13

Target

Update.5700.js
Size

4.5MB
MD5

45863802c12fa878ce976186aaf7ecef
SHA1

eb3fda7abf3ae45a1ac633fa32268109ef4f196f
SHA256

853b7faf0f9b8a8cd20ce55e04dce689a64543625fb8cf3410665988d939cc2d
SHA512

0c18d9ce6458ec81dde390ca3325e62c45c31f4567b5d1dbab5cb5b71997c2ba766affa96948037ec9cc54dddda98617c1a90abbef724c4546d37bc66413a429
SSDEEP

49152:Nsz6FvpOiHY7sz6FvpOiHYL7DIzjCxbxqHlpM1MNN0D6hO22DzhYzYBmv9+8pJmR:N0WQ0Wq

Score

8^/10

execution

Blocklisted process makes network request 4 IoCs

Command and Scripting Interpreter: JavaScript 1 TTPs
execution

JavaScript
T1059.007

C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\Update.5700.js
1⤵
- Blocklisted process makes network request
PID:3020

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact