MALICIOUS
80
Risk Score
Malware Insights
MITRE ATT&CK
T1059.003 Windows Command Shell
The file was identified as a Windows Script Host file masquerading as a document. This indicates an attempt to trick the user or system into executing a script. The script's primary function is likely to execute arbitrary code when run by WScript or CScript.
Heuristics 2
-
Reference to Windows Script Host high SC_STR_WSCRIPTReference to Windows Script Host
-
Windows Script Host content masquerading as document high SCRIPT_WSH_MASQUERADEFile content references WScript/CScript even though it was routed as a document upload. Windows Script Host files can execute code directly when opened on Windows.
Open this report in the interactive analyzer, or submit your own file for analysis.