2f1fc0157736c88a42ad1847da59844dac4da6be39f89346aa433a65681b8eea

Analysis

max time kernel
120s
max time network
121s
platform
windows7_x64
resource
win7-20240903-en
resource tags

arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
submitted
19-12-2024 00:04

Target

Malware.js
Size

4.5MB
MD5

3bb2fb6e24b9e0649a24d050d0019634
SHA1

c0a58567765515df4edbd303bc8114669322086f
SHA256

2f1fc0157736c88a42ad1847da59844dac4da6be39f89346aa433a65681b8eea
SHA512

bc69fcb9574cdde7dbf8b244724dff54089105000ff57ffe0ccbffe0ee6510c0a6014650fa214e4d9836ca72fb6930c7cc82b53947bd2cf943c982831dc532af
SSDEEP

49152:psz6FvpOiHY7sz6FvpOiHY97DIzjCxbxqHlpM1MNN0D6hO22DzhYzYBmv9+8pJmR:p0WQ0WW

Score

8^/10

execution

Blocklisted process makes network request 4 IoCs

Command and Scripting Interpreter: JavaScript 1 TTPs
execution

JavaScript
T1059.007

C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\Malware.js
1⤵
- Blocklisted process makes network request
PID:1800

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact