Analysis

Category Package Started Completed Duration Log
STATIC 2020-08-22 14:29:24 2020-08-22 14:29:24 0 seconds Show Log

    

File Details

File Name JScriptRunner.dll
File Size 16384 bytes
File Type PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
PE timestamp 2043-06-30 17:43:14
MD5 3ec14569badee5c05c4f8cda4699358b
SHA1 716904bc228113f6c00f7169cd2f1cb8ce80b692
SHA256 96d2c8c2d7e49851b2a5059e6736a429ae4a088db86e3524b4c86c4bd5f2e829
SHA512 0c1024ab196a568532284941caa680b71fb718e00cbbee6562dd434f93d465b7fd6aa81e3ab019c8eb0ab54cbb22479682b195799ace7dde98e02bd3101b7e2a
CRC32 914FAA70
Ssdeep 384:RxILt3DW0Tb3x3Cr56t+aJTtzI9oxMuUb+xOUTIj5BsI8e6R:RCtDf/h3Cr56xJCdbnAI5A
Download Download ZIP Resubmit sample

Signatures

No signatures


Screenshots

No screenshots available.

Hosts

No hosts contacted.

DNS

No domains contacted.


Summary

BinGraph Download graph

2020-08-22T14:29:30.272647 image/svg+xml Matplotlib v3.3.0, https://matplotlib.org/ Nothing to display.
!This program cannot be run in DOS mode.
.text
`.rsrc
@.reloc
v4.0.30319
#Strings
#GUID
#Blob
<>9__10_0
<DoHelp>b__10_0
<>9__5_0
<EvaluateDouble>b__5_0
<>c__DisplayClass16_0
<Resolve>b__0
<>9__10_1
<DoHelp>b__10_1
<Resolve>b__1
IEnumerable`1
IEnumerator`1
HashSet`1
<>9__10_2
<DoHelp>b__10_2
Func`2
KeyValuePair`2
IDictionary`2
Func`3
<Module>
System.IO
__flag__
__init__
mscorlib
non_public
System.Collections.Generic
<Shell>k__BackingField
GetField
command
CallMethod
GetMethod
method
IsNullOrWhiteSpace
get_Message
Invoke
IEnumerable
IDisposable
IConvertible
EvaluateDouble
ToDouble
RuntimeTypeHandle
GetTypeFromHandle
get_IsSpecialName
set_LeaseTime
SetLeaseTime
System.Runtime.Remoting.Lifetime
ReadLine
AppendLine
WriteLine
GetLine
FindType
GetType
targetType
static_type
delegate_type
Where
System.Core
CallMethodSecure
MethodBase
_set_lease
Dispose
CreateDelegate
PermissionState
Evaluate
Write
CompilerGeneratedAttribute
GuidAttribute
DebuggableAttribute
ComVisibleAttribute
AssemblyTitleAttribute
AssemblyTrademarkAttribute
TargetFrameworkAttribute
SecuritySafeCriticalAttribute
SecurityCriticalAttribute
AssemblyFileVersionAttribute
AssemblyConfigurationAttribute
AssemblyDescriptionAttribute
SecurityRulesAttribute
CompilationRelaxationsAttribute
AllowPartiallyTrustedCallersAttribute
AssemblyProductAttribute
AssemblyCopyrightAttribute
AssemblyCompanyAttribute
RuntimeCompatibilityAttribute
get_Value
GetValue
caseSensitive
case_sensitive
Resolve
LastIndexOf
System.Runtime.Versioning
ToString
Substring
FormatArg
get_Math
_flag_path
StartsWith
JScriptGlobal
_global
DoEval
JScriptRunner.dll
IShell
JSShell
get_Shell
_shell
get_Item
set_Item
System
DoWriteLn
TimeSpan
AppDomain
get_CurrentDomain
Expression
ReflectionPermission
CodeAccessPermission
System.Runtime.Serialization
System.Reflection
add_EvaluateFunction
WriteException
AmbiguousMatchException
ExitShellException
ArgumentNullException
ApplicationException
TargetInvocationException
EvaluationException
get_InnerException
ArgumentException
OutOfMemoryException
SecurityException
_fatal_exception
FieldInfo
MethodInfo
SerializationInfo
ConstructorInfo
PropertyInfo
DoHelp
System.Linq
DoClear
IFormatProvider
StringBuilder
get_DefaultBinder
ParameterModifier
EvaluateFunctionHandler
EvaluateParameterHandler
JScriptRunner
add_EvaluateParameter
IsLetter
ExpressionResolver
_resolver
TypeDelegator
IEnumerator
GetEnumerator
.ctor
.cctor
GetConstructor
_extras
System.Diagnostics
_funcs
GetMethods
LifetimeServices
System.Runtime.InteropServices
System.Runtime.CompilerServices
DebuggingModes
GetAssemblies
GetProperties
BindingFlags
GetFlags
FunctionArgs
ParameterArgs
<>4__this
Equals
JScriptUtils
Contains
System.Security.Permissions
System.Collections
EvaluateOptions
get_Chars
EvaluateParameters
_resolvers
FromDays
Concat
Format
EvaluateObject
MarshalByRefObject
targetObject
Select
DoGet
SecurityRuleSet
ToHashSet
PermissionSet
DoSet
target
Split
DoExit
set_Result
ToLowerInvariant
get_Current
EntryPoint
get_Count
SlimlineJScript
Assert
Convert
DoList
MoveNext
System.Text
ReadAllText
StreamingContext
context
DoArray
get_Key
ContainsKey
get_Assembly
op_Equality
op_Inequality
System.Security
EvaluateProperty
GetProperty
;Yh4c
WrapNonExceptionThrows
JScriptRunner
Copyright
2020
$f5016cb8-e773-4b6d-b3ed-0993e08871ac
1.0.0.0
.NETFramework,Version=v4.7.2
FrameworkDisplayName
.NET Framework 4.7.2W
C:\build\image\JScriptRunner\obj\Release\JScriptRunner.pdb
_CorDllMain
mscoree.dll
Must specify a name.
{0} = {1}
<Functions>
__init__
__flag__
<Properties>
<Namespaces>
__global__
Must specify an expression.
memset
memget
memlist
memclear
array
__global__.
Invalid type name.
Cannot find function
Cannot find property
Need to specify a type name such as __global__.System.String.
Can't find global property.
Cannot find property.
cannot find property
Can't open flag file.
Resolver not initialized
MathSH>
Welcome to Math Shell.
Type exit() to close the shell, or help() for some help.
Type expression to evaluate, e.g. Math.Log(1.2, 3.4) + 5.6.
Couldn't find method
targetObject
VS_VERSION_INFO
VarFileInfo
Translation
StringFileInfo
000004b0
Comments
CompanyName
FileDescription
JScriptRunner
FileVersion
1.0.0.0
InternalName
JScriptRunner.dll
LegalCopyright
Copyright
2020
LegalTrademarks
OriginalFilename
JScriptRunner.dll
ProductName
JScriptRunner
ProductVersion
1.0.0.0
Assembly Version
1.0.0.0
No antivirus signatures available.
Sorry! No behavior.

Hosts

No hosts contacted.

TCP

No TCP connections recorded.

UDP

No UDP connections recorded.

DNS

No domains contacted.

HTTP Requests

No HTTP requests performed.

SMTP traffic

No SMTP traffic performed.

IRC traffic

No IRC requests performed.

ICMP traffic

No ICMP traffic performed.

CIF Results

No CIF Results

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

Suricata HTTP

No Suricata HTTP

Sorry! No dropped Suricata Extracted files.

JA3

No JA3 hashes found.

Sorry! No dropped files.
Sorry! No CAPE files.
Sorry! No process dumps.

Processing ( 0.518 seconds )

  • 0.41 CAPE
  • 0.093 AnalysisInfo
  • 0.007 TargetInfo
  • 0.005 Debug
  • 0.002 Strings
  • 0.001 BehaviorAnalysis

Signatures ( 0.057000000000000016 seconds )

  • 0.01 ransomware_files
  • 0.006 antiav_detectreg
  • 0.006 ransomware_extensions
  • 0.004 antiav_detectfile
  • 0.003 persistence_autorun
  • 0.003 antianalysis_detectfile
  • 0.003 infostealer_bitcoin
  • 0.003 infostealer_ftp
  • 0.003 territorial_disputes_sigs
  • 0.002 geodo_banking_trojan
  • 0.002 infostealer_im
  • 0.001 betabot_behavior
  • 0.001 kibex_behavior
  • 0.001 tinba_behavior
  • 0.001 antianalysis_detectreg
  • 0.001 antivm_vbox_files
  • 0.001 bot_drive
  • 0.001 browser_security
  • 0.001 disables_browser_warn
  • 0.001 azorult_mutexes
  • 0.001 infostealer_mail
  • 0.001 masquerade_process_name
  • 0.001 revil_mutexes

Reporting ( 1.256 seconds )

  • 1.256 BinGraph