Overview

overview

5

Static

static

3

zar-app-se...12.exe

windows7-x64

4

zar-app-se...12.exe

windows10-2004-x64

4

$PLUGINSDI...er.dll

windows7-x64

1

$PLUGINSDI...er.dll

windows10-2004-x64

1

$PLUGINSDI...ls.dll

windows7-x64

3

$PLUGINSDI...ls.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

1

$PLUGINSDI...ll.dll

windows7-x64

3

$PLUGINSDI...ll.dll

windows10-2004-x64

3

owutility.dll

windows7-x64

1

owutility.dll

windows10-2004-x64

1

resources/...cli.js

ubuntu-18.04-amd64

3

resources/...cli.js

debian-9-armhf

4

resources/...cli.js

debian-9-mips

1

resources/...cli.js

debian-9-mipsel

1

resources/...m.html

windows7-x64

1

resources/...m.html

windows10-2004-x64

1

resources/...47.dll

windows10-2004-x64

1

resources/...on.exe

windows7-x64

5

resources/...on.exe

windows10-2004-x64

5

resources/...eg.dll

windows7-x64

1

resources/...eg.dll

windows10-2004-x64

1

resources/...GL.dll

windows7-x64

1

resources/...GL.dll

windows10-2004-x64

1

resources/...v2.dll

windows7-x64

1

resources/...v2.dll

windows10-2004-x64

1

resources/...app.js

windows7-x64

1

resources/...app.js

windows10-2004-x64

1

resources/...er.dll

windows7-x64

1

resources/...er.dll

windows10-2004-x64

1

resources/...-1.dll

windows7-x64

1

Analysis

  • max time kernel
    3s
  • max time network
    65s
  • platform
    ubuntu-18.04_amd64
  • resource
    ubuntu1804-amd64-20240226-en
  • resource tags

    arch:amd64arch:i386image:ubuntu1804-amd64-20240226-enkernel:4.15.0-213-genericlocale:en-usos:ubuntu-18.04-amd64system
  • submitted
    25-04-2024 12:22

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    resources/app.asar.unpacked/node_modules/@overwolf/ow-electron/cli.js

  • Size

    612B

  • MD5

    22fb63f521e42c1d1b3e903ce64d903c

  • SHA1

    9244c3f14ea89f870430509c391219f026659d1d

  • SHA256

    df64523f189418625d643cae7f6998810560136f2eb862cb128c2b5a004f2e81

  • SHA512

    def19738e2186f965020355ab3bfe77638cfc4098cb6f399aca024c06f2e91ec8352175412313781c814d02a124e2a0f6580be32bce00026da79d8f14b7320f3

Score
3/10

Malware Config

Signatures

  • Enumerates kernel/hardware configuration 1 TTPs 1 IoCs

    Reads contents of /sys virtual filesystem to enumerate system information.

  • Reads runtime system information 1 IoCs

    Reads data from /proc virtual filesystem.

Processes

  • /tmp/resources/app.asar.unpacked/node_modules/@overwolf/ow-electron/cli.js
    "/tmp/resources/app.asar.unpacked/node_modules/@overwolf/ow-electron/cli.js"
    1⤵
      PID:1560
    • /usr/local/sbin/node
      node "/tmp/resources/app.asar.unpacked/node_modules/@overwolf/ow-electron/cli.js"
      1⤵
        PID:1560
      • /usr/local/bin/node
        node "/tmp/resources/app.asar.unpacked/node_modules/@overwolf/ow-electron/cli.js"
        1⤵
          PID:1560
        • /usr/sbin/node
          node "/tmp/resources/app.asar.unpacked/node_modules/@overwolf/ow-electron/cli.js"
          1⤵
            PID:1560
          • /usr/bin/node
            node "/tmp/resources/app.asar.unpacked/node_modules/@overwolf/ow-electron/cli.js"
            1⤵
            • Enumerates kernel/hardware configuration
            • Reads runtime system information
            PID:1560
            • /tmp/resources/app.asar.unpacked/node_modules/@overwolf/ow-electron/dist/electron.exe
              "/tmp/resources/app.asar.unpacked/node_modules/@overwolf/ow-electron/dist/electron.exe"
              2⤵
                PID:1567

            Network

            MITRE ATT&CK Matrix ATT&CK v13

            Replay Monitor

            Loading Replay Monitor...

            Downloads