Overview

overview

10

Static

static

10

ZHacks____...dme.js

windows11-21h2-x64

3

ZHacks____...dex.js

windows11-21h2-x64

3

ZHacks____...dex.js

windows11-21h2-x64

3

ZHacks____...DME.js

windows11-21h2-x64

3

ZHacks____...dex.js

windows11-21h2-x64

3

ZHacks____...DME.js

windows11-21h2-x64

3

ZHacks____...dex.js

windows11-21h2-x64

3

ZHacks____...DME.js

windows11-21h2-x64

3

ZHacks____...dex.js

windows11-21h2-x64

3

ZHacks____...dex.js

windows11-21h2-x64

3

ZHacks____...dex.js

windows11-21h2-x64

3

ZHacks____...val.js

windows11-21h2-x64

3

ZHacks____...dex.js

windows11-21h2-x64

3

ZHacks____...nge.js

windows11-21h2-x64

3

ZHacks____...ref.js

windows11-21h2-x64

3

ZHacks____...DME.js

windows11-21h2-x64

3

ZHacks____...dex.js

windows11-21h2-x64

3

ZHacks____...dex.js

windows11-21h2-x64

3

ZHacks____...ion.js

windows11-21h2-x64

3

ZHacks____...ess.js

windows11-21h2-x64

3

ZHacks____...nit.js

windows11-21h2-x64

3

ZHacks____...ery.js

windows11-21h2-x64

3

ZHacks____...est.js

windows11-21h2-x64

3

ZHacks____...nse.js

windows11-21h2-x64

3

ZHacks____...dex.js

windows11-21h2-x64

3

ZHacks____...yer.js

windows11-21h2-x64

3

ZHacks____...ute.js

windows11-21h2-x64

3

ZHacks____...ils.js

windows11-21h2-x64

3

ZHacks____...iew.js

windows11-21h2-x64

3

ZHacks____...DME.js

windows11-21h2-x64

3

ZHacks____...dex.js

windows11-21h2-x64

3

ZHacks____...DME.js

windows11-21h2-x64

3

Analysis

  • max time kernel
    446s
  • max time network
    450s
  • platform
    windows11-21h2_x64
  • resource
    win11-20240508-en
  • resource tags

    arch:x64arch:x86image:win11-20240508-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    11/05/2024, 09:01 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ZHacks____SolaraBETA3/Monaco/fileaccess/node_modules/depd/index.js

  • Size

    10KB

  • MD5

    002a1f3e813cc05d9e3cc011f6601628

  • SHA1

    1690c27457637ec234d6b7658f1b96e547a0eb99

  • SHA256

    4d587a5662e20a7bb9bfe6555afe5987e1b80303a819b447394f37a93297ee91

  • SHA512

    ea1ad9bcf09a73a10dd1fd8a66daac12f87725e16ad27e7beff6d9fda937579976cd5d7ed6439c4122b16178c3ffdf410d6c7a54918f94bc98fa7950adf3bd54

  • SSDEEP

    192:vpe1221Fdc5jXmXUApvcvcBGtXY/KQYbUY/rRgrNoYo8GVHXWVhVO:vpe191Lc5G0k//YsNIVHXWVhVO

Score
3/10
execution

Malware Config

Signatures

Processes

  • C:\Windows\system32\wscript.exe
    wscript.exe C:\Users\Admin\AppData\Local\Temp\ZHacks____SolaraBETA3\Monaco\fileaccess\node_modules\depd\index.js
    1⤵
      PID:1612

    Network

    • flag-us
      DNS
      8.8.8.8.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      8.8.8.8.in-addr.arpa
      IN PTR
      Response
      8.8.8.8.in-addr.arpa
      IN PTR
      dnsgoogle
    • flag-us
      DNS
      self.events.data.microsoft.com
      Remote address:
      8.8.8.8:53
      Request
      self.events.data.microsoft.com
      IN A
      Response
      self.events.data.microsoft.com
      IN CNAME
      self-events-data.trafficmanager.net
      self-events-data.trafficmanager.net
      IN CNAME
      onedscolprdcus20.centralus.cloudapp.azure.com
      onedscolprdcus20.centralus.cloudapp.azure.com
      IN A
      104.208.16.95
    • flag-us
      DNS
      ctldl.windowsupdate.com
      Remote address:
      8.8.8.8:53
      Request
      ctldl.windowsupdate.com
      IN A
      Response
      ctldl.windowsupdate.com
      IN CNAME
      ctldl.windowsupdate.com.delivery.microsoft.com
      ctldl.windowsupdate.com.delivery.microsoft.com
      IN CNAME
      wu-b-net.trafficmanager.net
      wu-b-net.trafficmanager.net
      IN CNAME
      edge.ds-c7110-microsoft.global.dns.qwilted-cds.cqloud.com
      edge.ds-c7110-microsoft.global.dns.qwilted-cds.cqloud.com
      IN A
      217.20.56.37
      edge.ds-c7110-microsoft.global.dns.qwilted-cds.cqloud.com
      IN A
      217.20.58.99
      edge.ds-c7110-microsoft.global.dns.qwilted-cds.cqloud.com
      IN A
      217.20.58.101
      edge.ds-c7110-microsoft.global.dns.qwilted-cds.cqloud.com
      IN A
      217.20.58.98
      edge.ds-c7110-microsoft.global.dns.qwilted-cds.cqloud.com
      IN A
      217.20.56.34
      edge.ds-c7110-microsoft.global.dns.qwilted-cds.cqloud.com
      IN A
      217.20.58.100
      edge.ds-c7110-microsoft.global.dns.qwilted-cds.cqloud.com
      IN A
      217.20.56.98
    • flag-us
      DNS
      ctldl.windowsupdate.com
      Remote address:
      8.8.8.8:53
      Request
      ctldl.windowsupdate.com
      IN A
      Response
      ctldl.windowsupdate.com
      IN CNAME
      ctldl.windowsupdate.com.delivery.microsoft.com
      ctldl.windowsupdate.com.delivery.microsoft.com
      IN CNAME
      wu-b-net.trafficmanager.net
      wu-b-net.trafficmanager.net
      IN CNAME
      download.windowsupdate.com.edgesuite.net
      download.windowsupdate.com.edgesuite.net
      IN CNAME
      a767.dspw65.akamai.net
      a767.dspw65.akamai.net
      IN A
      2.18.190.77
      a767.dspw65.akamai.net
      IN A
      2.18.190.79
    No results found
    • 8.8.8.8:53
      8.8.8.8.in-addr.arpa
      dns
      280 B
       917 B
       4
      4

      DNS Request

      8.8.8.8.in-addr.arpa

      DNS Request

      self.events.data.microsoft.com

      DNS Response

      104.208.16.95

      DNS Request

      ctldl.windowsupdate.com

      DNS Response

      217.20.56.37
      217.20.58.99
      217.20.58.101
      217.20.58.98
      217.20.56.34
      217.20.58.100
      217.20.56.98

      DNS Request

      ctldl.windowsupdate.com

      DNS Response

      2.18.190.77
      2.18.190.79

    MITRE ATT&CK Enterprise v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    We care about your privacy.

    This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.