5b940549458cab6ad926cd6870a66a805ef4317a29642f027fcf9a68a4b722eb

Resubmissions

22-01-2025 16:06

250122-tkatcavpfl 10

22-01-2025 12:23

250122-pkfx5swlgx 10

Analysis

max time kernel
117s
max time network
118s
platform
windows7_x64
resource
win7-20240903-en
resource tags

arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
submitted
22-01-2025 12:23

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

PORTAFOLIO DE TRANSACCIÓN REALIZADA A TERCEROS.js
Size

164KB
MD5

730bef083fbd8b608106a9c34c98cdc1
SHA1

4c8d3440733b2975d1c9a823df735cd11a3351a7
SHA256

37c427cb456a7fadc42fdcca721a2e24c7f6a43892870b6683bf4bf83ba4f52c
SHA512

1a4638ccc02d2774377a114c99fa3bf1e2e6790ae6c4c3ef35dc4d7ee146e4201f51c765d49c2ee3ecff3cef7f79ccdd1937bf479c3380da9e6b8276384e477c
SSDEEP

1536:OWa831+p9/3zJ7WkAZexE7EnhqOWxK4YEYL734izQ6VzYfA75CKPd6BBPWa4pmGu:OWr31O9rtWKXVueEG7LzQ6VYAln2

Score

8^/10

execution

Malware Config

Signatures

Blocklisted process makes network request 1 IoCs

flow	pid	Process
5	1372	wscript.exe

Command and Scripting Interpreter: JavaScript 1 TTPs
execution

JavaScript
T1059.007

C:\Windows\system32\wscript.exe
wscript.exe "C:\Users\Admin\AppData\Local\Temp\PORTAFOLIO DE TRANSACCIÓN REALIZADA A TERCEROS.js"
1⤵
- Blocklisted process makes network request
PID:1372

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

T1059

JavaScript

T1059.007

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Resubmissions

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads