Is My Dragon Refused It Which One Whats a Woodchuck With a Blue Tail

Incident Response

Risk Assessment

Network Behavior: Contacts 1 domain. View all details

MITRE ATT&CK™ Techniques Detection

This report has 3 indicators that were mapped to 5 attack techniques and 4 tactics. View all details

Indicators

Not all malicious and suspicious indicators are displayed. Get your own cloud service or the full version to view all details.

External Systems
- Sample was identified as malicious by a large number of Antivirus engines
  
  details
  
  18/60 Antivirus vendors marked sample as malicious (30% detection rate)
  
  source
  
  External System
  
  relevance
  
  10/10
- Sample was identified as malicious by at least one Antivirus engine
  
  details
  
  18/60 Antivirus vendors marked sample as malicious (30% detection rate)
  
  source
  
  External System
  
  relevance
  
  8/10
Unusual Characteristics
- References suspicious system modules
  
  details
  
  "rth- sadhe mizzly unrestriction Pro-brahman Paresh debates cancelable hyponym chlorinous basifier enmass skip-kennel Gadoidea unwarded Spencer dukery houseline Amchitka Evert unferocious Brookner reweave oropharynges asteism methone hereditas clayed Meroe pre-Achaean garotted complects tweesh cubicone unreserved adurent Annia windbagged perisigmoiditis handgravure subsided forwardest Debir nonintrusion advt xenodochia featherwood centuried diacids pua throe enregiment allitaliana opinionatedly nonprobation mis-stop probities subjudicially penny-gaff pithy Leptophis Palmyra Septmoncel bour grooming haptene equicrural Pro-guatemalan quasi-comfortable oversilent bombe Elsass assizes Batesville ohmage inveneme vinew indissipable verbalizer cleidoscapular apprehends Rambow cross-town stilliform ramsch unemployable chambre Negris stucking soloing unlovingness Boff postparotitic aristocracy autolyzate narcotico-acrid polyparies dynamogenously sprucery Adele Bushongo gadabouts unbevelled stagnant-blooded transpiring"
  
  source
  
  String
  
  relevance
  
  5/10
  
  ATT&CK ID
  
  T1215 (Show technique in the MITRE ATT&CK™ matrix)
Hiding 1 Malicious Indicators
- All indicators are available only in the private webservice or standalone version

Anti-Reverse Engineering
- Possibly checks for known debuggers/analysis tools
  
  details
  
  "ninety incarnadines heliolatrous predepleting litherly meshuggah pulicides anticeremonially dismalize communistery hyperangelical Coram Ammamaria one-grained disembarkation eye-checked gliadins Osirify aftermath vizirs six-cent taxgatherer embryos deutsche quaternion Unknowable Placean clerics monkeyfy enisled Kavi Baptlsta palmitate Jadwiga khair confabulations tryms percussed Buceros fresh-cooked tonguelike nonsusceptiveness large-wristed pre-effort Lissy squeaker serpentiform engrailed apollinian coexerting post-diluvial unscarified well-lofted rice-polishing jalousing flatulencies sacrificed Franglais stipula inseparableness oscillators goblinize bridgemen nonspinning leukopoietic inextensibility Luehrmann underletter abasic unraisable pseudaposporous pentecostalism cowgrass reharden coronitis choriocapillary Bibeau antivariolous satelles yohimbinization anticheater fungicidally dorkier unobliviously blockades unwieldy syntonise officered be-smut pasticcio lengthsomeness tonotaxis Philemol gelly Kailuakon" (Indicator: "ntice")
  "ing Gehrig counterclaim Laverna elaterins handsewed unsplit vociferate pre-Augustan folk-sing unsleeve footslogs quasi-poetical nonvocational Tatman Frangi spore pleon drabler bemoat Trevett Walcott pyrheliophor tangences abusefulness exteriority polyacrylonitrile Mayey Lathrop well-sighted BLER unplutocratic dendrophilous harijans AUI carnifying self-mistrust stale rumaki Quakerishness over-lip tostada featness silvex Gussi Ulfilas sadistically laxiflorous radiocasting nonnotification congratulant unsaneness dropperful Mena antihierarchal farsakh monspermy isanthous presuspiciously stemlike rhymers sayst cognominally horrify amidic zincide plain-laid bullgine Leonato resegmentation anticensorious reverseful sulphureonitrous associationist piazine glyptodontoid oarage coothay sludginess fugue krang larrigans patronizingly woodboxes contline nonimpressionist nonresurrectional Arshile anischuria all-enlightening halers horsecart prejudicialness Franklinville bodices flamers Winni Benildis Bunia troller embosser" (Indicator: "ntice")
  "perexquisitely AGD Grubstreet incube familistic gibbosity mesalliances recreationist underflow somniate inauthenticity epidemically expediente swanimote unincarnate gumpus caterva blobber-lipped insuppressibility polyneuritic breach Philistinism significand parbake Jourdan warmhearted Androgeus offends field-stript fangotherapy pulmonate three-corneredness carolitic quasi-actively round-trussed fugara spermatist conductional parliaments hierodeacon monadelph quasi-respectful forenames reverb Peterstown idiochromatic buttonhook Paisiello intice alerted a-trip catalase greasy-headed Ancylostomum automatograph restamp table-cloth nubilose crossbolt noyading edifications Quar inferring geomagnetist trigonic columnating deadnesses metaethics trigynian bodieron demarcating duplicitously inwrap proregent commandless Hennebique hyponatremia canonises carbohemoglobin Llanelli Erythrinus sulphoichthyolate nickery reford stend Kulturkampf pinguitude Cinclidotus hinderance sealike Tagetes wavily disappears dikamali Anti-" (Indicator: "ntice")
  "damnedest limelight infraocular balzarine oenophiles usaunces rolpens phototelescopic willowworm oisivity ammocoetid bailsman squirrely plankbuilt despiteously emmetrope autoeciously arugolas hypopygial upholsterers Bedad leucocytolysin stoopball reobtain variformly anticensoriously drubbers axhammer founders promovent nonplusses unsteady regeneratress Withers uppiles teloblast trattle syphers squinter developpes reannouncing vanes digestment Macrochelys sinarchism Dolly Ternopol pot-shot gramash sqq. renowns alberghi saponification elatedly auxobody fudge diolefin red-carpet unbend Zrich exteriorize Gustafsson fritted exquisitively misstopped sjaak occlusive pulings crevice tesselation dallop scaw escheatable back-sey attends zomotherapeutic obstetrication pseudologist misbills pituital Reta theet nonbuoyancy rotaman trowelled renu beclang neurilemma isolysin pigtails Lentner burka Fusco back-check sunnily luggard biochemy crumbiest unlikelihood integument japes indigest tripinnate Grapsidae promovable count" (Indicator: "ntice")
  "ading mallemaroking nongenetic forcement gabbers handsprings standard-gauge possibilitys takayuki heterostylous pictorialise semblable nettier semiplumaceous nonoily somites quadricostate semimucous ecophysiology bowelled Micropodi hyperoxygenized Aylmar overweens hooding Platycephalidae Osijek Belamy gyratory sealers hyperinvolution innocence laicise womanlier malting anemologic Rhomboganoidei bicorne sacrospinalis ichthyology breakless undefilable actinostereoscopy matboard Gallinaceae leftwing zamboorak temporosphenoid chromocollotype impugnation silver-melting multiradical hyomental folcgemot climb inae forelaying Zoltai furcraeas Ubly anticensoriously unclench Microcebus handy-pandy hyp. crystallizable Baidya quasi-indulged Edwardsian attenuable sacro semify world-scattered raising spookily unmethodic opisthoporeia unglee bicycloheptane Pediculi winglets kenno jury-mast drumline insalivated swick waglike callate femininities Gewirtz prn wherein randomize normed round-leaved yellowish-colored Selaginaceae" (Indicator: "ntice")
  "rhosis parameterizing grafship moults pits labaara phratria disaccharidase prepackaging unmantled ineffectively repertory tergiversation bodyshirt exotropia polyonychia cibaries unphilosophical shavester de-educate huspil mispracticed electronegative TPN undernourish wizier shoreland perisomatic unmaidenliness Lacrosse federally Bahaullah misrecollect Davilman quiniretin tribeswomen knocks Diomede heautarit straw-stuffed Multan kiyas pairle podo- pathol casse gingers tam-oshanter twenty-ninth rerepeat feudalists three-spot denouncing rotls tawhai Grenloch zizit pleasantly snifty recluseness unappointable Bonine ache Vanna anticensorship canephorae grovelling Cropsey Kubelik unadornedness Haldis Megalensian nonaccess uninitialled pyrenoids white-tusked Pommard lacery flyman felonsetting mandibulopharyngeal braggat electrosynthesis Orferd styptics Aucuba hatchettine superpersonal davit antenatalitial overpresumptuous nonsynodically Everetts prelects chaffron proctorially Juyas dog-legged non-residential reveste" (Indicator: "ntice")
  "rotympanites piing allusion overrising board-and-shingle lanner DIU stillier Alopecias untakeable upheaver sheeplike rhabdocoelous honer blue-ribbon anesthetics nonhieratical barstool melanoma dimorphs Xerox repowers Regence sick-abed bumbard CMTC Sloughhouse Slovakian analyze re-prove sexi- trenches thaness taper-bored granite technologist pasang world-seasoned overquantity wraith formalistically poetastrical jawbation uninforming orthoepic Haines telegram spiran Ayutthaya prevent sparassodont goggliest Charchemish antislaveryism anywheres Lisk imitators subdistichously simplifiedly justifiably entice trinitrocellulose moonal isothermous tubercularizing cupreous Goldbar debuts florous pyromaniac combind leuch skydove powdike fingerstone Croton radiode attackers snobbisms spoutman Virgilia harpy-bat dodecahedral self-abnegating cynogenealogist hegumenies genouillere Goanese unextricated kept interpause uninceptively Immortals turgoid double-facedly thermoneurosis toxa undeterrably prehunger udometers fayed pa" (Indicator: "ntice")
  "tra diffractively teasler lakeport dries pre-encounter planospore self-oblivion space-traveling consumptions congealableness Thorlie cliffs Latinic enterocystoma bedchamber faint-glimmering drivellers underprentice stubbily smerk knittable altared protoliturgic auntre exudations uppard antidemocracies Commack hyperoxygenation dieting caboche quinoids Fur rhyodacite kibsey corelating cornuting gluelike duumvirs monickers RAID ruiner birthy antihelix Anas intrathoracic copper-smelting scapus epimorphism light-colored overmonopolize lasing immensity postmultiply yarkee alectoriae tent-dwelling unisonance Trans-andean fibrolitic ago lank-winged Jany bindable unconsummated side-on shielding inverter polled tube-scraping previolated disking coloration tazza rebent one-buttoned doggers Suppe pellets adharma trothlessness glozes songlessly attainments Chelura micromole hiccup enterotoxication carane Volans subquestion tough-lived comous Staffordsville eclats photospectroscopic Memory well-sung Buckland lunting Pinnid" (Indicator: "ntice")
  "raught Calicut unstaunchable motioned greenbone subfusiform reinfusing Wilburt depletion overzeals echeloning Bonlee Amabil thoracogastroschisis knifings Prus eggcups overpride deep-drawn taverns iliads reactionarism Pacifa enticed misintelligence Tamesada Ruperta well-weighed sachets imminence diapedeses melithemia shovel-headed whetstones cerevis nonrateability occlusiveness Norton dipartition invasions exposers expectative meningitophobia placemanship unhelped nyas Tandy undifferentiating Nyhagen impostury sportscast Loar Apargia pladaroma thunge Jannelle unfilialness electrodialytic Tiresias ligamenta interrelatedness nonocculting noncooperation Pliosauridae lootie curving chupatty circummundane noblesse phocomelous abouchement accordable misdoubt murkier trompil tachyphagia Gedaliah interindustry tostados faciest Funk entify forked-tailed deaving reactivations polls uncanceled underturnkey overcumber overhaughtily hexaxon vortical preconfine reticulato- scrapiness cpus ironbark becovet Onder anterosuperi" (Indicator: "ntice")
  "semifailure Faeroes coeducate isoindole catechist Tapuyo drawfile overcompetitively suffrutices Pergamene copartnery interconvertibility cine Kosrae yummiest licheniform nonfuroid conoscente unyoking globularly lobworms unsmoked sayableness acetylid Cloudcuckooland extemporisation awreak stupeous enounced reflowering troweller Theodor cetraric pitiless FAG organizer unimaged endship Kansas reacher-in priscan gross-natured alpestrine XTC Kashruth lidlessly armamentarium spasmatomancy polysaccharide nonevincive impious unarrogating Gemara felsites nonrudimentariness inordination superficially unvirginlike canzoni calef deplumed chloroaurite tobacconist corrigent oviparity anisopleural Pearle aphorize renderable Wiggins gehlenite twice-right syndesmitis tower-crowned out- nuances outhearing apprenticehood HK lifemanship optionalize electrothermancy mid-dish apokrea macrosporophyll Timmie controversys tonging shell-carving neebor layerings Kinshasha unaltruistic pretympanic Caravette appellees unfrustratable caba" (Indicator: "ntice")
  "ellow towmast novaculite trachydolerite Cohl nonstructured laqueus Catalina picong spiral-spring kinesthesia umbiliform unenticeable coal-fired promptive razor-weaponed ataman grammarians flowerer Post-devonian proctoplegia Worl issite avengingly werewolves fervorlessness extra-illustrate enlisted urobilinogenuria unlubricant pseudobulb recorrupt metricity lyricize pasteurizes cesspool pigpens Gassaway chuckled twice-shot petting cheeses drum-up plugdrawer unevokable winterier noninterleaved underministry gonorrhoeic hyperinsulinization chankings sulpharsphenamine well-contrasted dispair Richview Tenedos exurban embodiers appraisal well-hemmed traitresses grain-carrying boneblack rheostats double-dodge hotting annalist upshoot tectocephaly Benedicto newsgroup unarrogating coconuts premaintain anti-jacobinism deescalating semifeudal pubotibial disc. spinaceous Goldendale carousel spadger Gula world-anticipated quasi-safely ruralness cardioneurosis bicolours colcothar Sub-mycenaean dictyotic Liaoyang Selkirk Me" (Indicator: "ntice")
  "lagiarical oceanwise denticete affreighter smooth-walled hairhoof archaeostomatous slender-nosed underhead irenical arras-wise carpocervical mid-tow Mesoreodon plane-faced monastics unrailwayed sapiences labyrinthodontian disownable probable unterminableness unprosaically Sastean intradistrict Baluch plaidman readiest manciples AI crocodiles thrusters voluptary bovids aggravated reassails woopsed moiles Greentown summations witchhood Miun kames idee-force eyeshield soberingly schipperke felid lodicula deathrates bone-laced metros Pygopus trepanation stout-bodied ornithotrophy rebaptismal quilted exorableness intermining Marydel knitback spiran Stahl feeble-lunged burros tartarum deviations over-trouble quasi-famous beshouts Heddie arduousness glisters untwinkling occultism sharp-tongued pipperidge Tselinograd erythroderma blastostylar iodophor serenize controllably culpability crudded Bernita blowsy tetrammine Swoyersville kinglier chronica compendium accessive pushups activations gaslighted jeez profusively" (Indicator: "ntice")
  "olychromatophil recapacitate lepidophyte impastoed antivenomous backhauled Kendy posttreatment Paulite auricularian Cyrtoceras noncombustive Dermatocoptes blabbermouth rive metasedimentary kutta perspectives grassie Pripyat Sherman buyouts starchflower cankerbird ha Polish Cervus remittor waniest mundation hamirostrate overhating studys unvintaged AAE Kleeman neustons deuterium uncoloredly meander inducedly Fount kumkum rifting allopalladium affrayed chemicomechanical snipsnapsnorum posticus lineograph loo gundy sulphapyrazine Sandro tumble-down Rafer Chalybes bridlewise Prentice Alpaugh ecchymosed myxomatosis bakeshop angelhood hematophyte borowolframic overmaturely rewirable underwaist forzando Aubrey self-opiniatedly unpitiably antipyretics rhapsodize velvetmaking vibrionic alwise day-shining filemot Bazil CaldoraCaldwell quotennial rhabdoms avidity regulations Weight dogs-eared saviourship twin substantively tabidness phoenicite proofer whitish-lavender basinet cabane nonaphoristically jointless coolweed" (Indicator: "ntice")
  "ale black-boughed resistate plough-boy Tricholaena objectlessness busser-in mushla alcoholization basilect maukin perukeless dewberries rocketlike bamboozler pentice pesto hop viewly urethroperineal mesenteronic postinfective unparadox scrapper Enoch tree-toad Hekataean attingency trichechodont tongue-jangling seditiousness foretypified six-room MCP nonreasoning wingbows sealevel hominal calcariferous antalkalies fearbabe paleoentomologist gaberlunzie way-weary Cristionna missyllabication sheriffalty influxable beflannel north-seeking gemology Konoye pantomancer colluvies versify reanalyzes solutional rudimentariness speechment metratonia gamb compromisable Flavobacterium reenlightenment unvaporized buildup Fumaria Ishan waggish catholicization Kohlan faced absentment purled nominalize exclusivenesses Malvina juramental cuvy vaudoux perforators insecticides Douro interjectional devilry Satterfield legislatorship Hibernicised Stevin irreceptive weather-driven gunstocker oospores sagittoid poetess open-headed c" (Indicator: "ntice")
  "mpositional cellblocks Abutilon Narev genipapada nonmilitancy Hopei resurrectible sarcolemmous ouvriere Godwin cursers comdg. R.C.M.P. splenomalacia bistro Gibbs antereformational rapparees trainel dook unglobularly noncorruptive Lacoste snurt wavy-coated routinized quantongs induc. prophylactics Anti-philippizing shortstops presphenoidal recontemplation smoke-enrolled sympatry cteniform thick-flaming cashment quadratosquamosal ferrocyanic iodometrical nonadvantageous Seppala Vat. comparative AFL Anthinae wanderluster Ready tonette Eimmart citrene rostriferous sublunate dipyrenous thespians nonchaotic self-addressed subrational hure taboured whabby Doubler joke agalactia reunify formicate encounterer sorceries undercircling rattoner postmillennialism lithontriptor semiroyal crymoanesthesia thread-winding Boethusian delocalise Arcadian beggardom Endromis Anglicisation gentle-spokenly Prentice hormist Bradshaw corybantiasm lekythoi Hootman unscrewed jerkies frisked Tarpeia maculocerebral hows foreconscious tear" (Indicator: "ntice")
  "iferous defogger fibropurulent dakhma imput enterable Wiyat preact origins paravail cousiness checkers tremors full-depth disaffection hangbirds webby mollymawk cartelist winding-sheet lynched encarnalizing hillwort Domini reactological SECNAV pentasulphide kalpas crepeiest taccaceous loined overassumed Tristania Bolme sizygium pre-Hispanic supine frond mucked violency idaein panphenomenalism silver-bell hustlers prim watched thripel heavy-timbered righties exergue threpe uncombatant contemplature phagocyter Oxybaphus Maurer Demosthenic rheumatismal upholsteress Chillon prentice isostacy chickhood needlebill strangeling trisomic daidlie rotometer rowel xenophobian restrengthening organophone steelies whitblow scavenged Hutchinsonian dewier hysteromaniacal spirole self-disgrace bebar katalase ckw enterprisingness candite Goethals flat-floored bumwood two-flowered sulfadimethoxine uningenious necr- staumrels predisliked subterraneity calade Colleries Bitis unprelatic SDOC Chancelor wheezingly numbered concurred" (Indicator: "ntice")
  "y precongenial interstitial mittens anticourt heliology Mikania intransferable irisroot Hyperotreti unpampered antihemolysin essayical uncompounding Asahel bottlemaking kissably Aumsville fourscore taffarel unfructed popeship craftworker Eng. enfranch underivative magiric McCandless reviving gahnite anticeremonial oaf right-believing peribronchiolar Passagian curls overspeedy behoves discoactine lamboy MDES univocacy yellow-eyed tarand treasuries entelam intwines beatifical incage Givors-Badan pluteiform obduracy myrabalanus ciconiform djins crematorium plagae gonapod athermancy Eade overgeneral colliding quadruplicate knezi negativate airfares hemiepes Cucujidae outgave nods trihemimeris nominalistic Colymbriformes salacities inundable multinode annihilable suburbanities nunship hesitaters Edwardean genotypic scyphi- Rodez urethrogenital worder palaeostracan nonconjugally Kreymborg Dannebrog soutane aquamanale polygynies parabases bashers cock-a-doodle creamsacs Swissess short-spurred Damanh transl metromala" (Indicator: "ntice")
  "carbanil swarfer Coop coprolite berascaling chaptalize Chilpancingo McLaurin vertex macute ultratechnical morris-dance Petersham unarduousness chlorellaceous scuffed pyromancy supersufficient tobira fulzie coazervation oyster-culturist zealousy natalism wry-set bipartite heroineship raying preeffectually Souletin kelters pauci- sudsy jailhouse underlay lairmen retroserrulate miniprices antisilverite chorizontal woman-fashion phoenicochroite soled verberate Friedens Hertzfeld xeraphin outspinning preapprising aquifers Protylopus Consalve subchela Lankin cynosures appendorontgenography unpausingly daturic pied-colored Kerguelen salvational anticensorship conc sanitizer terrify dreepiness obes cottonpicking beakerman cheapened didelphic Shala gluttoness quasi-elementary femto- englante hemichorea chronobarometer ferocity immelmann small-nailed underogative recorruption intertropics ergatocrat Henryville Judaeophobia sky-blue inconcinn piraguas Coryden clear-witted phonetics objurgator VLSI Balcer paraglobin GMT" (Indicator: "ntice")
  "ly tomorrow Longbottom osteochondritis stiletto-proof Stenoglossa upyoke existentialize policizer lapel Septemberist Susanoo overdramatize Pilpai sternbergite broken-winded monkeyed torfel boilermakers deaquation campaigns cheven archiater mirth-moving viscerotonia bhagat misyokes morphemic bribability Luciano telokinesis anticensorious traumatropic yeggman cytolysin Allied Rolette Russophobia smirkers sin-born self-indulgence defreeze Bo-peep outcropper gatekeeper tin-mailed downshore corosif chlamys Odynerus aproning defecter Blythedale unrepresentational hypocrisis shambled preroyal Gondwana neurectopia activist resonantly kicksorter lacunas Mombasa ananthous fusula nakedest bantling praetextae augmenter fatalize incorporality Lydda diopside bill-patched pheeal graphing medullas cathetusti goniometric preknow unscratchingly euchroite exsanguinate Ansgarius camisados superattachment opaquenesses memento Arminianizer MGeolE snools Patt hierography coinages rejector Pilpai KTS entozoic succeeder mutably ermin" (Indicator: "ntice")
  "camar argentarius Lancing Non-norse trisplanchnic cosmorganic dialyzability utfangthief counter-acquittance contingencies anchor-shaped lanitals overstraighten Chinagraph vexatiously Lampyris supermechanically reforges pressure-relieving sugar-yielding heart-leaved rapturously epapillate Mauritanian oscilloscopes corvetto Dobruja undeadlocked unsuspectably lithely Pinnotheres unrollable huly internees chloridizing Phyllys Wareham Rondeletia concubines instr cannibally weenies murderess screen isohydrosorbic estrones prentice anovesical overcomplicated quinquevalvous Niki outasked enswathed tree-loving disponge moneyers bilimbing Tbilisi Khem Broaddus dulcitude outparamour M-1 impignorating Vaja nightchurr scamell humorless lateroanterior CVT laconica Gentoo red-waved termagancy rakehellish correl yarnwindle fiddle-faddled CUA Kranj sapours lance-fashion azthionium FRC ingenerable elastin treasonist Hyatt defangs quadrilogue Kleinian intentions tissue-forming unpin Cooleemee Ansell Shepherdsville snigger Rodmu" (Indicator: "ntice")
  
  source
  
  String
  
  relevance
  
  2/10
External Systems
- Found an IP/URL artifact that was identified as malicious by at least one reputation engine
  
  details
  
  4/71 reputation engines marked "http://mostasharanetalim.ir" as malicious (5% detection rate)
  
  source
  
  External System
  
  relevance
  
  10/10
Installation/Persistance
- Executes a visual basic script
  
  details
  
  Process "wscript.exe" with commandline ""C:\JVC_81029.vbs"" (Show Process)
  
  source
  
  Monitored Target
  
  relevance
  
  10/10
Remote Access Related
- Contains indicators of bot communication commands
  
  details
  
  "aas wedge-form fecklessly trippet partisanism ocyte sanitating well-meaner scruffiness unakites actinouranium emblematicize classicised embolite mensis kiack indusiated Ursel Bridgeton Mastigophora craniectomy stoneseed chicken-heartedly cypressed tyloma apodyteria Pierides uncalamitous ruggedness albified fungusy death-polluted santims presubduing retrogression ginglmi seniorities Katrinka stuck-uppy coinfer autobahns absconder guineapig rambling unpuzzle pampharmacon depel fathomer shuttle-wound bards sea-lost hallan kwe-bird breakbones Bembas Negroizing endotheliolysin smooths supradorsal lightningbug reconclusion Snark prespecialize Eire butcherer dicranoid belemnoid piecener Drennen triclinate zoolater bygoing catheti subdistinctively alphabeting JFET huse retumble purvoe chowse interconvertibly tallywalka dotate Athyris selfseekingness mediocrity Lebanon palaeochorology supersensitize reintroduce apheses wild housings cognomina Snohomish Evvie pseudobrachial overcompensatory unbowing crowflower jacking-" (Indicator: "trinka")
  "ses Katrinka Mojave wraiths hazle adulthood dogear crystallite unimpedible strengthy Apinae carrozza libget semisweet backbiters starosta cloven-hoofed encheson chondromalacia ballet disputants remex hypoalimentation dialogistically Sorbian connectives musically yowe disruptability Knies heptaspermous cothurnus Tohatchi postjugular temalacatl honked umbrellaless crimson-violet panspermia discountinuous buffiest cross-cut unwigging invariants minglers presurrender Dactylopterus criticaster OND semiphrenetic Wattsburg emphasise papalizer guessingly nonsympathies hyperrationally Thedrick Ulrica incompassionately concentration undominative gumdrops wild-flying trekschuit lack-love well-finished quadriciliate Seagraves fibrinolysin cosignificative gospoda fovea calcifications breadthwise downfield diriment Tiburcio C3 self-centralization word-seller coadjutator harakiri bouet antrums nonresemblance quasi-traditional Rodolph westernised meered theandric treatments deflector prodivorce unoptionally undersaturate met" (Indicator: "trinka")
  
  source
  
  String
  
  relevance
  
  10/10
  
  ATT&CK ID
  
  T1094 (Show technique in the MITRE ATT&CK™ matrix)

General
- Contacts domains
  
  details
  
  "mostasharanetalim.ir"
  
  source
  
  Network Traffic
  
  relevance
  
  1/10
- Creates mutants
  
  details
  
  "\Sessions\1\BaseNamedObjects\Local\InternetShortcutMutex"
  "Local\InternetShortcutMutex"
  
  source
  
  Created Mutant
  
  relevance
  
  3/10
- Logged script engine calls
  
  details
  
  "wscript.exe" called "WScript.Shell.1.CreateObject" ...
  "wscript.exe" called "Msxml2.ServerXMLHTTP.6.0.CreateObject" ...
  "wscript.exe" called "ADODB.Stream.6.0.CreateObject" ...
  
  source
  
  API Call
  
  relevance
  
  10/10
Installation/Persistance
- Touches files in the Windows directory
  
  details
  
  "wscript.exe" touched file "%WINDIR%\System32\en-US\wscript.exe.mui"
  "wscript.exe" touched file "%WINDIR%\System32\wscript.exe"
  "wscript.exe" touched file "%WINDIR%\Globalization\Sorting\SortDefault.nls"
  "wscript.exe" touched file "%WINDIR%\System32\rsaenh.dll"
  "wscript.exe" touched file "%WINDIR%\System32\scrrun.dll"
  "wscript.exe" touched file "%WINDIR%\System32\wshom.ocx"
  "wscript.exe" touched file "%WINDIR%\System32\en-US\KernelBase.dll.mui"
  "wscript.exe" touched file "%WINDIR%\System32\msxml6r.dll"
  "wscript.exe" touched file "%WINDIR%\System32\en-US\winhttp.dll.mui"
  
  source
  
  API Call
  
  relevance
  
  7/10
Network Related
- Found potential URL in binary/memory
  
  details
  
  Heuristic match: "mostasharanetalim.ir"
  
  source
  
  String
  
  relevance
  
  10/10
Spyware/Information Retrieval
- Found a reference to a known community page
  
  details
  
  "rated caliological menfolk bezanty Edee monotony granulation cantline discradle Mich. affreightment woman-bred frescoers rope-reeved cardiagraphy light-o-love superenthusiasms Ines Protomycetales nigglings nonagenaries indexlessness tunesome Kungs posada shaftway vagile hemogastric muzjik Quadragesimal deliquesces Levallois outwitter miticidal Alvino Oncorhynchus alcoholmetric homozygousness Phene microforms unrepeated isopulegone calmingly kobo irreligious subconcept desist hangingly antebrachium orangeade trawlnet seatrain beluga cacaesthesia sueding barrancos unlawfulness tipcat tribunes sacral Cardville uncompensatory refractometric yellow-eyed Bang kickers
  'compassed aghanee SOF meadwort tropologies sparrowhawk spaebook imprevisible skunklet equalize mesmerist buoyant ward PTP RILM raif headcap callipees rummy monostichic Angell perfectionizement panspermatism pipiri voodoo unpermeant first-string catalexes overfrustration sharp-cornered aerophone automatist drivers rubberizing sickle-cell jurare dislip" (Indicator: "twitter")
  "s MSEnt unimpassioned attentive unawareness galv housed sanable sumpitan Hsingborg holometer dukuma Hubert narcotisation narrower atwitter petary light-fingeredness joutes jughead unmitered Whatley mesokurtic uncondescension magaziner adoratory atrible pygopod substantiae urbanistically interposure snow-man beshrews Keelin structurally girlie macroseismograph sowbelly Lindrith nonganglionic peened porcelanic chromophoric cabrillas metepimeron effascinate Silverplume longships nonchalky zanjero Changewater millifold weeped spoil- Siculo-norman piaculum heartwise unfamiliarized sudsed cross-beak wheens saddle-sore oligomycin unquestioning incicurable roar derencephalocele Americanize spear-famed dites librarians woads coprophagia galeated haematosis incurrable chorally intransmutable scrambling nebularize Yashts Josler yester-year cascarilla tubuliferan Borchert naupliiform kikki precollectable Fouquet aquatinting blear-witted scaldberry inhalent Wotton viscosity GOP colporrhaphy tarting huipil remediating vari" (Indicator: "twitter")
  "mnemonics tkt diffusors trimoric wealthmonger sclerosis Charmine pseudosymptomatic believes thermotics Ymir Bogarde locutorium dolite legumin remodeler impositional uninquired sideromagnetic ingoted missioner Thyiad amygdalin machair nonevaporable spitzflute twitteration brabbles Orthoceratidae unfinessed deals Tigrean galleried yikes artifact immoderately Tseng pseudoapoplectically Ljod innodate DACS ungentlemanlike escapado unsharpening exsibilate inseparables repurchased caddices speciosity rude-fashioned pictorials BMG bradyteleokinesis outprices Pauling hybridal inconversibility yokemates gantryman well-utilized chickenbill archaeologically sober-clad major-leaguer Mantova Luttrell whatd unpresidential transcorporeal dreadfuls shuttleheaded covinous louping sparganosis overrefine fiddle-de-dee affixal Blocksburg hotline strange-wayed Shang-ti cacqueteuse four-oclock chronology subcomputation intercoccygean superl. Oakville incorporation prepubis quinquevir tromple preshrinked decalcifies unsearching Fay" (Indicator: "twitter")
  "silely cowplop acediamine Casel pretensional discusser wellspoken Darius bioclimatological secernment engregge Asmonean Hillcrest Hillsboro nippleless cardiatomy meinie Rodrigo Gilberta Betoyan tabacosis substitutability twittered hawserwise curativeness spills oclock incendiarism chronometrical obtainability broken-kneed bouquet gonystylaceous fatal-seeming zaffer a-cry commerciality Propliopithecus documentable armseye fise bransles dewret saline hektograph leaguers extracalendar McLouth nonsoluable betwixt Rodentia Wallachia wiggle-woggle annominate isopiestic retinue celiemia antiforeigner nonassenting wax-jointed windflowers acrostical pks egocentristic predevising lucinoid doup pimplier soft-shelled ranaria Tounatea kyanite alighted datagram commonership polysynthetize deriv uncentralised acanthuthi obelion anatropia dishmaker throed monocondylar Macksburg durns engastrimythic disennui inseparably anaqua Gib spleen-devoured apportioned nauseates tictacked supercarbonate Non-hibernian transfigures Sadduc" (Indicator: "twitter")
  "n Colette tobacconalian labefact podices machinoclast glutin laborsaving licker grudgers crumbliness multiarticulated blist rescreen arsenohemol intercrossed overreligion commendations prognostical Rangely exocoele conventionally filmogen drawknot Bliss votively Philippian Streeter adipoma fleeting stong youff fasciculus indigestion twitterer ficoides paleographers infrascapularis stateliest starrily empalers all-advised theowdom unclamped pontificial parasitotropism uncombinably dittied megillahs raven-plumed Caniff birkie Bikols unpaid-for N.F. bars recoins ruller anematize schoolyard peritectic coal-burning socages contour shallops munjistin exscriptural biology Grunewald Barna mesmeriser shaganappy orchidorrhaphy mimetite red-roofed retrusion Lincolnton gatch occultly conchie ichnological sleep-bringer nictitating buck-eyed upprick paroxazine untranslatable unthrid chromotypography caffeinism chide Lucchesi de-exciting glozing Odinism squeakers coronoid Nole Lucrine Loewe hen-tailed conveniency sublayer Y" (Indicator: "twitter")
  "-packed diplophase Hecatombaeon writhe shaws Homerologist oaritis hypothesist semigeometrical Manta drome Franco-latin charpais WRVS autocamp Mammea pilula stratojet fortescure aphelion Pro-bryan Wadsworth pot namability picryl disquieted thyrocricoid hydrosome Notostraca supervigilantly dosses ground-sheet anhydraemic nonusers Un-welsh anticoagulin sweet-roasted pseudolabia assumes unrecriminative nonpalatability signorine lipopolysaccharide presartorial Keyser amylamine Jojo psychosensorial interpollinated twitterboned ideologizing adamancies cosins quasi-conveniently title-page lienculi jungli princeling bamboozle scullers ammu seatang subcreek preordain grudged dyspneal collards clasmatocyte consultory vasotocin zelatrix shuffles astounding coresign hemitriglyph microevolutionary garniture flyovers ichthyonomy calyciflorous seedpod Peridinieae Aramitess rove-beetle flamfew cailliach daddocky Ailbert clumsiness Yeisk megaloblast Eisler snakery leachier preevolutionary pitapatation Gigantostraca paregoric u" (Indicator: "twitter")
  "secute instillers lagend dispreader crystallisable apples ooecium globetrotters schematism substitute filly ious windier nonrebel thirst-maddened limberest urgency Jihlava cichoraceous jemmied bistetrazole Linnhe alisos kapote ephippia desexualized platemaking tapestrylike nonpatently sugarless onomatologically fashionmonging Willie-boy amerces Delphinius holethnic cornetto misencourage Deck hurriers necrogenic uphurl Crim lobbyer rakehelly unpictorialize wanrest Andaqui preexclusive Encrinoidea tragic hypocytosis Gibbs perambulates light-proof lactesce Corel Wini bionomics calfs-foot lace-edged polyideism bare-fingered disadvise hairsprings inctirate maskoid enwombing vegetable-growing suprasegmental defensing difficultness switchers handloading dorsoposterior forcepslike prinos rapillo dimiss Chesaning folios Dickie stenotypist outpray kyathoi fatness half-jack pyrochromate cachet apocopes unbrazen unenforceable twitteration colpostat surf-sunk Tukuler criobolium unwild TAU Kitunahan waterphone awhile patro" (Indicator: "twitter")
  "ted Simsar Newmanise Tiw decorability draughtsmen Frunze Nason spaceborne delayed endogastrically semidelight Restivo diaxial Pebworth blondness desmose quasi-inevitable Bombacaceae verus tartrates orchidotherapy stolons Ortrud Trentine leptomeninx nonimage boycott stool-ball seriaunt quinanarii uncatastrophically MPH Ephraim a-twitter long-haired Arg conioses ushabtiu reaphook bealach otolithic accomplishes conspired pledgeless sleepcoat biliate Wilfrid supramundane Capemay uncleanest helminthous clench controllableness dissemblers alma-materism algal matchmark empyreal too-soon Sheffield coemployed Jolson uncontemplative citrocola Pharisaically sclerotized finesser pettiness methodiser individualistic cubbishness semilanceolate Pinkertonism clucked citolas naissance encountered PDL ozonides obliterations ekphorias felstones morphactin renegados mercapto- elenchical non-Caucasoid paua vendibleness squame nonloyalty bowstrings noninvolvement uncouth exerciser Garbe megadeath unweaken Leotie Cotyleus calligrap" (Indicator: "twitter")
  "ngcut allegorised bridely nonvolubleness comminute nervier foresworn re-recognize leaden-hued gobbet pseudochromosome remail vastitude surrosion smegma electicism habilable countergift Schnecksville Pomeroy immanentist astrally Vyborg harem badly tartans romance-empurpled epinikia McCartney treason-hatching azotetrazole lymphoblastoma Amphistoma scouthering scholiastic close-written primsie Rh-positive beladies lactational rhyta kerbs a-stays islander Hibernologist Mayaca crumbcloth angioparesis pantos inbye HNS scrivellos metallisation tectosphere insurgencies disinflating metabolic strawberries twiers Merleau-Ponty rescreening predilection twitterly masthelcosis oblasti dream-built escapee ionones inconcealable well-darned parthenocarpical unapplaudable Nemalionales vitiligoid rhombohedric ill-seen acetochloral Ashlie Merrouge sedarim repurge backstabbed bizzarro quasi-expectant defensibly theogonies redeposition lazar-house inthral unabsurd howish Filicineae fancy-built aerosinusitis hemstitching many-hand" (Indicator: "twitter")
  "et-up reflectionless wedeled ventripotent injects tangun tight-stretched immatchable Aorangi prettifying bethumb repealless Equality toils forty-pound sexangle eupeptically heaveless ruff-tree counterconversion electrolysis prepositions blunt-spoken synchronously misparsing Hadasseh fleme ozonization IOM Talishi beneaped sulfonium printerdom foghorn urogenitary wollomai bradycardia aluminio- hetaera models gasconading deteriorates Gabbey immobilized dustbin outquote intervalling Scone squib unprelatical pandure delictus ricinelaidic snoopy miswandered antimoniuretted Kawkawlin undecylenic Barrowist thousands tabanuco unrevived wormiest tottery gunyah ditzy increasedly eophyte unprotection lustrification realest piaba outwitter enaliosaurian topophone rapeoil Briza phon saves silicam unsaleable selenodonty thick-winded larderlike astute southeastern weak-spirited Smithland cannabic formalizing synclinorian unalleviation Clusia naur infliction fatality spring-headed well-compassed leiocephalous beneplacito orem" (Indicator: "twitter")
  "igerants Melonites orientating Licking stromatoporoid loxodromic self-exploiting cinchophen typophile Mendelejeff filthiness sizzling willowers promorph underriding humuslike shot-gun draftee Rebeka breakfronts reprisalist guitars flimflams yanggona untaking tithes outjetting best-accomplished underfootmen intruse coopted lopsidedness rope-shod forecasting L.I. imagism Avitzur insanitary februation Pentstemon antihemorrheidal twittery treasuryship shearling predisposedly pallier Bluebeard untelling perreia serpuloid quasi-economic perfluent playcraftsman Wirral Maybell mispassion minciest tow-made fimbriated clear-voiced debiteuse noiselessness undirk tulchin misconjectured Smoos uncontented self-vindication somnambulistically motorizes homophile stovemaking Machogo ungospel inspirited aquincubitalism wanguns Heimlich whilock wine-drabbed planetologic strouding brackish manifestation couturieres wrath-swollen silique amacrine coff-fronted frontierman phytopaleontologic many-mingling planfulness desmonosology" (Indicator: "twitter")
  
  source
  
  String
  
  relevance
  
  7/10
Unusual Characteristics
- Installs hooks/patches the running process
  
  details
  
  "wscript.exe" wrote bytes "c04e187720541977e0651977b5381a770000000000d0a67600000000c5eaa6760000000088eaa67600000000e968107582281a77ee291a7700000000d2691075000000007dbba6760000000009be107500000000ba18a67600000000" to virtual address "0x76A11000" (part of module "NSI.DLL")
  
  source
  
  Hook Detection
  
  relevance
  
  10/10
  
  ATT&CK ID
  
  T1179 (Show technique in the MITRE ATT&CK™ matrix)

File Details

All Details:

JVC_81029.vbs

Filename: JVC_81029.vbs
Size: 4.6MiB (4799953 bytes)
Type: script vbs
Description: ASCII text, with very long lines
Architecture
: WINDOWS
SHA256
: 557daae4c867c0f543cdfda80a85dd4e4dfd268e11861739b0654cbf09c06b31

Screenshots

Loading content, please wait...

Hybrid Analysis

Tip: Click an analysed process below to view more details.

Analysed 1 process in total (System Resource Monitor).

wscript.exe "C:\JVC_81029.vbs" (PID: 2832)

Network Analysis

DNS Requests

HTTP Traffic

No relevant HTTP requests were made.

Extracted Files

No significant files were extracted.

Notifications

Not all Falcon MalQuery lookups completed in time
Not all sources for indicator ID "string-24" are available in the report
Not all sources for indicator ID "string-5" are available in the report
Not all strings are visible in the report, because the maximum number of strings was reached (5000)

perryagaire.blogspot.com

Source: https://hybrid-analysis.com/search?query=ssdeep%3A%2249152%3AgztZztH%2BQqHuzWEkaSxQuoxxUDdFIq2PTuJR2XtmlEcHMXvsAmoP4YtCIidsUvcx%3AYP%22&sort=sha256&sort_order=asc