e687b9d26149f7320a82e2dde3b044945f1ad5d12968bdc5c4b976602ef9d175 | Triage

Analysis

max time kernel
5s
max time network
116s
platform
ubuntu-18.04_amd64
resource
ubuntu1804-amd64-20230831-en
resource tags

arch:amd64arch:i386image:ubuntu1804-amd64-20230831-enkernel:4.15.0-161-genericlocale:en-usos:ubuntu-18.04-amd64system
submitted
12-10-2023 01:22

Sharing

Report Analysis Logs

General

Target

discord-reg/bypass/browser/node_modules/.bin/mime
Size

290B
MD5

e4d81a9361ab73a8625569d919a4a2d6
SHA1

6a8e47e2efb492c4cf4d73a68c9d4080c3aae433
SHA256

35c181f94e140d910d2bf4c5c4a2cb084cf76b19a2e6aff6b4b9e93dbe6f3c32
SHA512

a18832e0d1cf5af0379c523ee1714bf24d78595654ec08bd1a7ec1ba813df0cc6b6b87168c5a9e77e2d42decf59e68d1a2de5fa5143462f46660effd86d8da6f

Score

3^/10

Malware Config

Signatures

Reads runtime system information 1 IoCs

Reads data from /proc virtual filesystem.

description	ioc	Process
File opened for reading	/proc/filesystems	sed

/tmp/discord-reg/bypass/browser/node_modules/.bin/mime
/tmp/discord-reg/bypass/browser/node_modules/.bin/mime
1⤵
PID:599
- /usr/bin/dirname
  dirname /tmp/discord-reg/bypass/browser/node_modules/.bin/mime
  2⤵
  PID:600
- /bin/uname
  uname
  2⤵
  PID:604

/bin/sed
sed -e "s,\\\\,/,g"
1⤵
- Reads runtime system information
PID:603

/usr/local/sbin/node
node /tmp/discord-reg/bypass/browser/node_modules/.bin/../mime/cli.js
1⤵
PID:599

/usr/local/bin/node
node /tmp/discord-reg/bypass/browser/node_modules/.bin/../mime/cli.js
1⤵
PID:599

/usr/sbin/node
node /tmp/discord-reg/bypass/browser/node_modules/.bin/../mime/cli.js
1⤵
PID:599

/usr/bin/node
node /tmp/discord-reg/bypass/browser/node_modules/.bin/../mime/cli.js
1⤵
PID:599

/sbin/node
node /tmp/discord-reg/bypass/browser/node_modules/.bin/../mime/cli.js
1⤵
PID:599

/bin/node
node /tmp/discord-reg/bypass/browser/node_modules/.bin/../mime/cli.js
1⤵
PID:599

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads