Overview

overview

7

Static

static

3

[email protected]!.zip

ubuntu-18.04-amd64

[email protected]!.zip

debian-9-armhf

[email protected]!.zip

debian-9-mips

[email protected]!.zip

debian-9-mipsel

@!Open_Mai...p!.rar

ubuntu-18.04-amd64

@!Open_Mai...p!.rar

debian-9-armhf

@!Open_Mai...p!.rar

debian-9-mips

@!Open_Mai...p!.rar

debian-9-mipsel

SystemApps...ols.js

ubuntu-18.04-amd64

3

SystemApps...ols.js

debian-9-armhf

7

SystemApps...ols.js

debian-9-mips

SystemApps...ols.js

debian-9-mipsel

7

SystemApps...ack.js

ubuntu-18.04-amd64

3

SystemApps...ack.js

debian-9-armhf

6

SystemApps...ack.js

debian-9-mips

7

SystemApps...ack.js

debian-9-mipsel

7

SystemApps...ers.js

ubuntu-18.04-amd64

3

SystemApps...ers.js

debian-9-armhf

7

SystemApps...ers.js

debian-9-mips

7

SystemApps...ers.js

debian-9-mipsel

6

SystemApps...ace.js

ubuntu-18.04-amd64

3

SystemApps...ace.js

debian-9-armhf

7

SystemApps...ace.js

debian-9-mips

7

SystemApps...ace.js

debian-9-mipsel

7

SystemApps...uri.js

ubuntu-18.04-amd64

3

SystemApps...uri.js

debian-9-armhf

6

SystemApps...uri.js

debian-9-mips

7

SystemApps...uri.js

debian-9-mipsel

7

SystemApps...e.html

ubuntu-18.04-amd64

SystemApps...e.html

debian-9-armhf

SystemApps...e.html

debian-9-mips

SystemApps...e.html

debian-9-mipsel

Resubmissions

10/03/2024, 18:59

240310-xm5naaae9v 7

10/03/2024, 18:53

240310-xj4xksae21 7

Analysis

  • max time kernel
    298s
  • platform
    debian-9_mips
  • resource
    debian9-mipsbe-20240226-en
  • resource tags

    arch:mipsimage:debian9-mipsbe-20240226-enkernel:4.9.0-13-4kc-maltalocale:en-usos:debian-9-mipssystem
  • submitted
    10/03/2024, 18:53

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    SystemApps/Microsoft.MicrosoftEdgeDevToolsClient_8wekyb3d8bbwe/23/common/remoteHelpers.js

  • Size

    10KB

  • MD5

    30201fb18ec1f0f0c711b93871ceea05

  • SHA1

    4f9a5363399297c779e5699eda99b98aa924119b

  • SHA256

    b6c0b43d69b7161e47be6f25f3c5fd7324ab39d3fcd4b4fa7c2d28decdbafc2f

  • SHA512

    eb6395532c72529d8e7f87eac17372415330d2ccf01a16aeac97d66e9b29ab32fd4beb93242488b18d2997cb376ccadb091bd08041d8305cddc80bba5671440a

  • SSDEEP

    192:6Xjj8VmqZFuTwsmRaRzfEe++qFcE+nc/dHTn9twQNRinZmgLnxjxAd:6Xjo4qruTh3EeESU97RXg1k

Score
7/10
antivm

Malware Config

Signatures

  • Changes its process name 4 IoCs
  • Checks CPU configuration 1 TTPs 1 IoCs

    Checks CPU information which indicate if the system is a virtual machine.

    antivm

Processes

  • /usr/bin/nodejs
    nodejs /tmp/SystemApps/Microsoft.MicrosoftEdgeDevToolsClient_8wekyb3d8bbwe/23/common/remoteHelpers.js
    1⤵
    • Checks CPU configuration
    PID:810

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /tmp/SystemApps/ShellExperienceHost_cw5n1h2txyewy/PenWorkspace.dll
    Filesize

    3.5MB

    MD5

    1cc72c0fa365c10060a8018619bce50e

    SHA1

    150ca4d505d2865da395eba4d8a5ffa0e5f48e46

    SHA256

    95e28617d6462831c221017632a7c72f182d038fe5671b3b4799c1d1af02fd9d

    SHA512

    bcc637e11c685340c71a051627eeae6fbb6cd5e24a22af6938e3c6cbc83bab70dd370d52e6137111b670ab5ecdf33ad7b31e0a64439e9fa80f6d16bf3066bb5d

    Download Submit

  • /tmp/SystemApps/ShellExperienceHost_cw5n1h2txyewy/QuickConnectUI.dll
    Filesize

    5.0MB

    MD5

    63e80080700a5b496ec3307f177569d2

    SHA1

    95c854ca66a1d3305502e24fbee456b87995cd7b

    SHA256

    f3ad4762a8c3fb7cba4ac017e69d77febb369f33895778068302757c3666f803

    SHA512

    b3975f4674c444ea5a69033c00a2545a89cea8f82b60c01eba171226e2de9ea9cbbceb624e7d792ba283fa7a58fd29c30049f6cadb27cdf2601d19f77e95cf9b

    Download Submit

  • /tmp/SystemApps/ShellExperienceHost_cw5n1h2txyewy/SharePickerUI.dll
    Filesize

    2.6MB

    MD5

    48a0282e7363d6e19db4a1cf5afd06a5

    SHA1

    c8a62c23bd4f0674bf320385c053aa307e5b55db

    SHA256

    1eaa8116fa1cda8c6a9bf79bc55f1027532f49297e6cbe01229a8417fa44af4f

    SHA512

    53007169ab8f5b9cd893a4b648de5a3ce61a5cd2d54e27f06974bf1824a8eeb7ab0a15e5afb0d3338f05a1e479409559f06e9a0f0c7358e60abad9fcd7cd5280

    Download Submit

  • /tmp/SystemApps/ShellExperienceHost_cw5n1h2txyewy/ShellExperienceHost.exe
    Filesize

    1.6MB

    MD5

    9b8de9d4edf68eef2c1e490abc291567

    SHA1

    07bdf43cf49b2f404f8e67fd8f9feaa26ba37ec6

    SHA256

    0ca78990791f4c02a19dff504925657993b5c4cf0523cf0d40e11dee47012a7e

    SHA512

    c6d24dbe32e0fc7e96a7467c26d1a554879fe8a57296bd1231f8205d27c69a1f92b947af386d8cb10b30e34611a3818d6cc19e296da021785e7f7634cb5045ac

    Download Submit

  • /tmp/SystemApps/ShellExperienceHost_cw5n1h2txyewy/VirtualTouchpadUI.dll
    Filesize

    409KB

    MD5

    1a546caa2a49ce1b777b29965e98e41d

    SHA1

    95f46e735445a84ce9c11bbbfb758ab6b85abd9f

    SHA256

    4e2397086b4ad09d676686ac20ea9b70f5a3e3437c4027b71451b78497fae628

    SHA512

    1239375bfef14b57cd289c0183088b9fe22d6e54d1b1a333f9dbcdd580fcbb4390bed834d12d242a2737af1302e02ba09db035b7719fa20c68b1608e4211f7d1

    Download Submit

  • /tmp/SystemApps/ShellExperienceHost_cw5n1h2txyewy/Windows.UI.ActionCenter.dll
    Filesize

    4.3MB

    MD5

    04b2d4f1858e47c93d2681762cea8d85

    SHA1

    4fd3e92d24950be8d599b6ed2d4950a68d7f7f4c

    SHA256

    5e2cc85dfe1b91ac67524ffbd9d04da61b56036db46f682f66889caf8bf70c30

    SHA512

    0a3a1c4855b7eaf3d6371dacacda90e85b334f9f393bf38d3b1e2d7c1874dcda466f796cc3fbf085f0dd77e71acd47214bbefc315cecaf412ab02bc9e1452062

    Download Submit

  • /tmp/SystemApps/ShellExperienceHost_cw5n1h2txyewy/Windows.UI.SoftLanding.dll
    Filesize

    930KB

    MD5

    1bd928ceb7cd17be89f49adbaddd3ab2

    SHA1

    a1f18c1f74746fbb6c42cd34105147702cfc34d7

    SHA256

    405da31467c55d77b593d56201443e8b7a2567e0e30a0df4299b32a4c00cd721

    SHA512

    5967693e1f812bc05bb618fa045d2f9e7566fcc931d5b9861e11eefcb0d02e0e2fde6bfad0ee423f54359b451934a7722052c110da2479b4ad038c1681b167d5

    Download Submit