popup

Report - MonetarySummary.js

  1. Resubmit analysis
  2. Detailed report
ScreenShot
Created 2024.07.29 17:00 Machine s1_win7_x6401
Filename MonetarySummary.js
Type ASCII text, with very long lines, with no line terminators
AI Score Not founds Behavior Score
10.0
ZERO API file : mailcious
VT API (file) 15 detected (Vjworm, jsggck, TOPIS, snZLNIzCoNJ, Detected, ai score=88, Obfuscated)
md5 8af1b69d823c1b6cb3a9a3102e73bf3a
sha256 64d9182f517d746533f756273a6eeac60f76afc0df28c60185727a0e3df797d5
ssdeep 6144:DX6tuS+5hSA7zqZWBrfOaWH8fEaIMwOZ29Qe0+KB0Qwzo5sM6b:DKkS4bzmirfOaWH8fEaIMwOZSQe0+KB4
imphash
impfuzzy
  Network IP location

Signature (4cnts)

Level Description
watch File has been identified by 15 AntiVirus engines on VirusTotal as malicious
watch Network communications indicative of a potential document or script payload download was initiated by the process wscript.exe
watch Wscript.exe initiated network communications indicative of a script based payload download
watch wscript.exe-based dropper (JScript

Rules (0cnts)

Level Name Description Collection

Network (2cnts) ?

Request CC ASN Co IP4 Rule ? ZERO ?
pastie.io
whois
US CLOUDFLARENET 172.67.162.195 clean
172.67.162.195
whois
US CLOUDFLARENET 172.67.162.195 clean

Suricata ids

ET INFO TLS Handshake Failure
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)

Similarity measure (PE file only) - Checking for service failure