Automated Malware Analysis IOC Report for

Processes

Path

Cmdline

Malicious

C:\Windows\System32\wscript.exe

C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\download.js"

Details

Is windows:	true
Is dropped:	false
PID:	7404
Target ID:	0
Parent PID:	640
Name:	wscript.exe
Class:	wscript
Path:	C:\Windows\System32\wscript.exe
Commandline:	C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\download.js"
Size:	170496
MD5:	A47CBE969EA935BDD3AB568BB126BC80
Time:	01:27:21
Date:	21/11/2024
Reason:	newprocess
Reputation:	high
Is admin:	false
Is elevated:	false
Modulebase:	0x7ff622040000
Modulesize:	184320
Wow64:	false

Signature Hits	Behavior Group	Mitre Attack
Sigma detected: WScript or CScript Dropper	System Summary
Sigma detected: WSF/JSE/JS/VBA/VBE File Execution Via Cscript/Wscript	System Summary

Memdumps

Base Address

Regiontype

Protect

Malicious

1FEE9EC4000

heap

page read and write

304B2F9000

stack

page read and write

1FEE9E9B000

heap

page read and write

1FEE9ED7000

heap

page read and write

1FEE9E70000

heap

page read and write

1FEE9E80000

heap

page read and write

1FEE9EC4000

heap

page read and write

1FEE9ED3000

heap

page read and write

1FEE9ECF000

heap

page read and write

1FEE9E6B000

heap

page read and write

1FEE9ED3000

heap

page read and write

304B9FE000

stack

page read and write

1FEEA129000

heap

page read and write

1FEE9E50000

heap

page read and write

1FEE9ED3000

heap

page read and write

1FEE9E8F000

heap

page read and write

1FEEA050000

heap

page read and write

1FEE9EC4000

heap

page read and write

1FEE9E8E000

heap

page read and write

1FEE9ED3000

heap

page read and write

1FEE9E7A000

heap

page read and write

304B6FF000

stack

page read and write

1FEEA129000

heap

page read and write

1FEEA120000

heap

page read and write

1FEE9EF2000

heap

page read and write

1FEE9ECF000

heap

page read and write

1FEE9EC4000

heap

page read and write

1FEE9ECA000

heap

page read and write

304B4FE000

stack

page read and write

1FEEA020000

heap

page read and write

304B7FF000

stack

page read and write

1FEE9DC0000

heap

page read and write

1FEEBAA0000

heap

page read and write

1FEEB9D0000

heap

page read and write

1FEEBDF0000

heap

page read and write

1FEE9E9B000

heap

page read and write

304B3FE000

stack

page read and write

1FEE9ECF000

heap

page read and write

1FEE9EB1000

heap

page read and write

1FEE9E79000

heap

page read and write

1FEE9E91000

heap

page read and write

1FEE9E9B000

heap

page read and write

1FEE9ED3000

heap

page read and write

1FEEA12D000

heap

page read and write

1FEEBDF1000

heap

page read and write

304B8FE000

stack

page read and write

1FEEA12D000

heap

page read and write

1FEE9EDE000

heap

page read and write

1FEEBAA4000

heap

page read and write

1FEE9E58000

heap

page read and write

1FEE9EA7000

heap

page read and write

1FEE9ECF000

heap

page read and write

1FEE9E80000

heap

page read and write

1FEE9ED3000

heap

page read and write

1FEE9E7F000

heap

page read and write

1FEE9ED8000

heap

page read and write

1FEE9ED3000

heap

page read and write

1FEE9ECF000

heap

page read and write

1FEEA125000

heap

page read and write

1FEE9ECF000

heap

page read and write

1FEED750000

trusted library allocation

page read and write

There are 51 hidden memdumps, click here to show them.

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

IOC Report
download.js

Processes

Memdumps

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

IOC Reportdownload.js

Processes

Memdumps

IOC Report
download.js