Overview

overview

10

Static

static

10

dll/socks32.dll

windows7_x64

8

dll/socks32.dll

windows10_x64

8

dll/socks64.dll

windows7_x64

8

dll/socks64.dll

windows10_x64

8

server.exe

windows7_x64

8

server.exe

windows10_x64

8

server.out

linux_amd64

server.out

linux_mipsel

server.out

linux_mips

socks.exe

windows7_x64

4

socks.exe

windows10_x64

4

www/system...har.js

windows7_x64

1

www/system...har.js

windows10_x64

1

www/system...x.html

windows7_x64

1

www/system...x.html

windows10_x64

1

www/system...php.js

windows7_x64

1

www/system...php.js

windows10_x64

1

Analysis

  • max time kernel
    13s
  • max time network
    127s
  • platform
    windows10_x64
  • resource
    win10v20210410
  • submitted
    13-07-2021 14:02

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    www/systembc/geoip/geoip2.phar.js

  • Size

    347KB

  • MD5

    71d14334860b780ee91902ea71d7518a

  • SHA1

    7316e1354447c369fd991d5a7db6b923f3c886f0

  • SHA256

    7f7a6ba15f126642ea88c6cf9354f561f6fb86948dd713ac3d8af5d169d25128

  • SHA512

    bb42ebf6e9203175cc2cc3aaa6d20b0fbe56d1dfa0545513dc55c4efd8876514b0a22d7289cebd7cc36319342eed061df801efd391e5e85bcbc9dbc0ff4dc319

Score
1/10

Malware Config

Signatures

Processes

  • C:\Windows\system32\wscript.exe
    wscript.exe C:\Users\Admin\AppData\Local\Temp\www\systembc\geoip\geoip2.phar.js
    1⤵
      PID:3016

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads