Automated Malware Analysis IOC Report for

Processes

Path

Cmdline

Malicious

C:\Windows\System32\wscript.exe

"C:\Windows\System32\WScript.exe" "D:\logo\parcel_label-006.vbs"

Details

Is windows:	true
Is dropped:	false
PID:	6148
Target ID:	0
Parent PID:	4084
Name:	wscript.exe
Class:	wscript
Path:	C:\Windows\System32\wscript.exe
Commandline:	"C:\Windows\System32\WScript.exe" "D:\logo\parcel_label-006.vbs"
Size:	170496
MD5:	A47CBE969EA935BDD3AB568BB126BC80
Time:	06:45:17
Date:	24/04/2024
Reason:	newprocess
Reputation:	high
Is admin:	true
Is elevated:	true
Modulebase:	0x7ff70c400000
Modulesize:	184320
Wow64:	false

Signature Hits	Behavior Group	Mitre Attack
Sigma detected: WSF/JSE/JS/VBA/VBE File Execution Via Cscript/Wscript	System Summary
Executes visual basic scripts	System Summary	Scripting

Memdumps

Base Address

Regiontype

Protect

Malicious

2222A79A000

heap

page read and write

2222A791000

heap

page read and write

2222A785000

heap

page read and write

2222A79B000

heap

page read and write

2222A76D000

heap

page read and write

2222A915000

heap

page read and write

2222A771000

heap

page read and write

2222A77A000

heap

page read and write

2222DD50000

trusted library allocation

page read and write

2222A700000

heap

page read and write

2222A791000

heap

page read and write

2222A779000

heap

page read and write

2222A76C000

heap

page read and write

BCD58FE000

stack

page read and write

2222A78B000

heap

page read and write

2222A791000

heap

page read and write

2222A771000

heap

page read and write

2222A600000

heap

page read and write

2222A79A000

heap

page read and write

BCD5AFF000

stack

page read and write

2222A785000

heap

page read and write

2222A6E0000

heap

page read and write

2222A8C0000

heap

page read and write

2222A791000

heap

page read and write

2222A77C000

heap

page read and write

2222A79A000

heap

page read and write

2222A91C000

heap

page read and write

2222A8C4000

heap

page read and write

2222A8D0000

heap

page read and write

2222A79A000

heap

page read and write

2222A79A000

heap

page read and write

2222A77A000

heap

page read and write

2222A77D000

heap

page read and write

2222A78E000

heap

page read and write

2222A785000

heap

page read and write

2222A78A000

heap

page read and write

BCD5BFF000

stack

page read and write

2222A77D000

heap

page read and write

2222A77D000

heap

page read and write

2222A910000

heap

page read and write

2222A750000

heap

page read and write

2222E550000

heap

page read and write

2222A785000

heap

page read and write

2222A791000

heap

page read and write

2222A785000

heap

page read and write

2222A77A000

heap

page read and write

BCD57FE000

stack

page read and write

BCD56FA000

stack

page read and write

There are 38 hidden memdumps, click here to show them.

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

IOC Report
parcel_label_photo.lnk

Processes

Memdumps

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

IOC Reportparcel_label_photo.lnk

Processes

Memdumps

IOC Report
parcel_label_photo.lnk