Analysis Overview
SHA256
a2e63c25a58536a0d1b34464e70cd41ed0a3668455392bbc054059ebbfc0c3e2
Threat Level: Known bad
The file WavePreTest.rar was found to be: Known bad.
Malicious Activity Summary
Xenorat family
Themida packer
Unsigned PE
Command and Scripting Interpreter: JavaScript
MITRE ATT&CK Matrix V13
Analysis: static1
Detonation Overview
Reported
2024-05-30 03:11
Signatures
Xenorat family
Themida packer
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Unsigned PE
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Analysis: behavioral4
Detonation Overview
Submitted
2024-05-30 03:11
Reported
2024-05-30 03:51
Platform
win10-20240404-en
Max time kernel
314s
Max time network
1575s
Command Line
Signatures
Command and Scripting Interpreter: JavaScript
Processes
C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\WavePreTest\WavePreTest\Wave.Dir\Monaco\fileaccess\node_modules\debug\karma.conf.js
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 13.227.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 208.143.182.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 203.107.17.2.in-addr.arpa | udp |
Files
Analysis: behavioral9
Detonation Overview
Submitted
2024-05-30 03:11
Reported
2024-05-30 03:53
Platform
win10-20240404-en
Max time kernel
393s
Max time network
1596s
Command Line
Signatures
Command and Scripting Interpreter: JavaScript
Processes
C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\WavePreTest\WavePreTest\Wave.Dir\Monaco\fileaccess\node_modules\debug\src\inspector-log.js
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 13.227.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 26.178.89.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 203.107.17.2.in-addr.arpa | udp |
Files
Analysis: behavioral11
Detonation Overview
Submitted
2024-05-30 03:11
Reported
2024-05-30 03:55
Platform
win10-20240404-en
Max time kernel
315s
Max time network
1587s
Command Line
Signatures
Command and Scripting Interpreter: JavaScript
Processes
C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\WavePreTest\WavePreTest\Wave.Dir\Monaco\fileaccess\node_modules\define-data-property\README.js
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 43.229.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 30.73.42.20.in-addr.arpa | udp |
Files
Analysis: behavioral19
Detonation Overview
Submitted
2024-05-30 03:11
Reported
2024-05-30 03:59
Platform
win10-20240404-en
Max time kernel
315s
Max time network
1596s
Command Line
Signatures
Command and Scripting Interpreter: JavaScript
Processes
C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\WavePreTest\WavePreTest\Wave.Dir\Monaco\fileaccess\node_modules\encodeurl\README.js
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 14.227.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 63.141.182.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 203.107.17.2.in-addr.arpa | udp |
Files
Analysis: behavioral7
Detonation Overview
Submitted
2024-05-30 03:11
Reported
2024-05-30 03:53
Platform
win10-20240404-en
Max time kernel
315s
Max time network
1608s
Command Line
Signatures
Command and Scripting Interpreter: JavaScript
Processes
C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\WavePreTest\WavePreTest\Wave.Dir\Monaco\fileaccess\node_modules\debug\src\debug.js
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | f.f.f.f.d.b.b.8.0.9.8.2.0.9.0.8.0.0.0.0.0.0.0.0.8.0.8.0.8.0.8.0.ip6.arpa | udp |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 48.229.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 234.17.178.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 203.107.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
Files
Analysis: behavioral17
Detonation Overview
Submitted
2024-05-30 03:11
Reported
2024-05-30 03:59
Platform
win10-20240404-en
Max time kernel
315s
Max time network
1576s
Command Line
Signatures
Command and Scripting Interpreter: JavaScript
Processes
C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\WavePreTest\WavePreTest\Wave.Dir\Monaco\fileaccess\node_modules\destroy\README.js
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 19.229.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 203.107.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 25.173.189.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
Files
Analysis: behavioral29
Detonation Overview
Submitted
2024-05-30 03:11
Reported
2024-05-30 04:04
Platform
win10-20240404-en
Max time kernel
509s
Max time network
1610s
Command Line
Signatures
Command and Scripting Interpreter: JavaScript
Processes
C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\WavePreTest\WavePreTest\Wave.Dir\Monaco\fileaccess\node_modules\es-errors\type.js
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 21.236.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 28.173.189.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 240.221.184.93.in-addr.arpa | udp |
| NL | 52.142.223.178:80 | tcp | |
| US | 8.8.8.8:53 | 159.113.53.23.in-addr.arpa | udp |
Files
Analysis: behavioral31
Detonation Overview
Submitted
2024-05-30 03:11
Reported
2024-05-30 04:13
Platform
win10-20240404-en
Max time kernel
615s
Max time network
1579s
Command Line
Signatures
Command and Scripting Interpreter: JavaScript
Processes
C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\WavePreTest\WavePreTest\Wave.Dir\Monaco\fileaccess\node_modules\escape-html\Readme.js
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 23.236.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 136.71.105.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 240.221.184.93.in-addr.arpa | udp |
| NL | 52.142.223.178:80 | tcp | |
| US | 8.8.8.8:53 | 159.113.53.23.in-addr.arpa | udp |
Files
Analysis: behavioral24
Detonation Overview
Submitted
2024-05-30 03:11
Reported
2024-05-30 04:00
Platform
win10-20240404-en
Max time kernel
314s
Max time network
1608s
Command Line
Signatures
Command and Scripting Interpreter: JavaScript
Processes
C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\WavePreTest\WavePreTest\Wave.Dir\Monaco\fileaccess\node_modules\es-errors\index.js
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.8.0.8.0.8.0.8.0.ip6.arpa | udp |
| US | 8.8.8.8:53 | 48.229.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 174.117.168.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
Files
Analysis: behavioral32
Detonation Overview
Submitted
2024-05-30 03:11
Reported
2024-05-30 04:15
Platform
win10-20240404-en
Max time kernel
309s
Max time network
1592s
Command Line
Signatures
Command and Scripting Interpreter: JavaScript
Processes
C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\WavePreTest\WavePreTest\Wave.Dir\Monaco\fileaccess\node_modules\escape-html\index.js
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 29.243.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 90.16.208.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 240.221.184.93.in-addr.arpa | udp |
Files
Analysis: behavioral1
Detonation Overview
Submitted
2024-05-30 03:11
Reported
2024-05-30 03:45
Platform
win10-20240404-en
Max time kernel
314s
Max time network
1587s
Command Line
Signatures
Command and Scripting Interpreter: JavaScript
Processes
C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\WavePreTest\WavePreTest\Wave.Dir\Monaco\fileaccess\node_modules\cookie\README.js
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 22.236.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 9.173.189.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 144.107.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
Files
Analysis: behavioral5
Detonation Overview
Submitted
2024-05-30 03:11
Reported
2024-05-30 03:52
Platform
win10-20240404-en
Max time kernel
311s
Max time network
1592s
Command Line
Signatures
Command and Scripting Interpreter: JavaScript
Processes
C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\WavePreTest\WavePreTest\Wave.Dir\Monaco\fileaccess\node_modules\debug\node.js
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 13.227.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 109.116.69.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 203.107.17.2.in-addr.arpa | udp |
Files
Analysis: behavioral15
Detonation Overview
Submitted
2024-05-30 03:11
Reported
2024-05-30 03:58
Platform
win10-20240404-en
Max time kernel
315s
Max time network
1583s
Command Line
Signatures
Command and Scripting Interpreter: JavaScript
Processes
C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\WavePreTest\WavePreTest\Wave.Dir\Monaco\fileaccess\node_modules\depd\index.js
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 13.227.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 5.173.189.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 144.107.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 0.205.248.87.in-addr.arpa | udp |
Files
Analysis: behavioral23
Detonation Overview
Submitted
2024-05-30 03:11
Reported
2024-05-30 04:00
Platform
win10-20240404-en
Max time kernel
315s
Max time network
1579s
Command Line
Signatures
Command and Scripting Interpreter: JavaScript
Processes
C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\WavePreTest\WavePreTest\Wave.Dir\Monaco\fileaccess\node_modules\es-errors\eval.js
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 22.236.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 121.150.79.40.in-addr.arpa | udp |
Files
Analysis: behavioral6
Detonation Overview
Submitted
2024-05-30 03:11
Reported
2024-05-30 03:52
Platform
win10-20240404-en
Max time kernel
314s
Max time network
1608s
Command Line
Signatures
Command and Scripting Interpreter: JavaScript
Processes
C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\WavePreTest\WavePreTest\Wave.Dir\Monaco\fileaccess\node_modules\debug\src\browser.js
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 48.229.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 9.173.189.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
Files
Analysis: behavioral21
Detonation Overview
Submitted
2024-05-30 03:11
Reported
2024-05-30 04:00
Platform
win10-20240404-en
Max time kernel
315s
Max time network
1596s
Command Line
Signatures
Command and Scripting Interpreter: JavaScript
Processes
C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\WavePreTest\WavePreTest\Wave.Dir\Monaco\fileaccess\node_modules\es-define-property\index.js
Network
| Country | Destination | Domain | Proto |
| US | 20.231.121.79:80 | tcp | |
| US | 8.8.8.8:53 | 19.229.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 63.141.182.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
Files
Analysis: behavioral22
Detonation Overview
Submitted
2024-05-30 03:11
Reported
2024-05-30 04:00
Platform
win10-20240404-en
Max time kernel
315s
Max time network
1576s
Command Line
Signatures
Command and Scripting Interpreter: JavaScript
Processes
C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\WavePreTest\WavePreTest\Wave.Dir\Monaco\fileaccess\node_modules\es-define-property\test\index.js
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 174.117.168.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 0.205.248.87.in-addr.arpa | udp |
Files
Analysis: behavioral25
Detonation Overview
Submitted
2024-05-30 03:11
Reported
2024-05-30 04:00
Platform
win10-20240404-en
Max time kernel
315s
Max time network
1596s
Command Line
Signatures
Command and Scripting Interpreter: JavaScript
Processes
C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\WavePreTest\WavePreTest\Wave.Dir\Monaco\fileaccess\node_modules\es-errors\range.js
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 5.173.189.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 0.205.248.87.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
Files
Analysis: behavioral3
Detonation Overview
Submitted
2024-05-30 03:11
Reported
2024-05-30 03:48
Platform
win10-20240404-en
Max time kernel
498s
Max time network
1593s
Command Line
Signatures
Command and Scripting Interpreter: JavaScript
Processes
C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\WavePreTest\WavePreTest\Wave.Dir\Monaco\fileaccess\node_modules\debug\README.js
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 214.80.50.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 0.205.248.87.in-addr.arpa | udp |
| NL | 52.142.223.178:80 | tcp | |
| US | 8.8.8.8:53 | 215.169.36.23.in-addr.arpa | udp |
Files
Analysis: behavioral10
Detonation Overview
Submitted
2024-05-30 03:11
Reported
2024-05-30 03:55
Platform
win10-20240404-en
Max time kernel
314s
Max time network
1578s
Command Line
Signatures
Command and Scripting Interpreter: JavaScript
Processes
C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\WavePreTest\WavePreTest\Wave.Dir\Monaco\fileaccess\node_modules\debug\src\node.js
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 11.227.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 203.107.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 90.16.208.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
Files
Analysis: behavioral13
Detonation Overview
Submitted
2024-05-30 03:11
Reported
2024-05-30 03:57
Platform
win10-20240404-en
Max time kernel
315s
Max time network
1589s
Command Line
Signatures
Command and Scripting Interpreter: JavaScript
Processes
C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\WavePreTest\WavePreTest\Wave.Dir\Monaco\fileaccess\node_modules\define-data-property\test\index.js
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 19.229.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 17.173.189.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 203.107.17.2.in-addr.arpa | udp |
Files
Analysis: behavioral18
Detonation Overview
Submitted
2024-05-30 03:11
Reported
2024-05-30 03:59
Platform
win10-20240404-en
Max time kernel
614s
Max time network
1587s
Command Line
Signatures
Command and Scripting Interpreter: JavaScript
Processes
C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\WavePreTest\WavePreTest\Wave.Dir\Monaco\fileaccess\node_modules\destroy\index.js
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 14.227.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 203.107.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 213.143.182.52.in-addr.arpa | udp |
| NL | 52.142.223.178:80 | tcp | |
| US | 8.8.8.8:53 | 159.113.53.23.in-addr.arpa | udp |
Files
Analysis: behavioral14
Detonation Overview
Submitted
2024-05-30 03:11
Reported
2024-05-30 03:57
Platform
win10-20240404-en
Max time kernel
615s
Max time network
1588s
Command Line
Signatures
Command and Scripting Interpreter: JavaScript
Processes
C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\WavePreTest\WavePreTest\Wave.Dir\Monaco\fileaccess\node_modules\depd\Readme.js
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 14.227.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 214.143.182.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 138.91.171.81:80 | tcp | |
| US | 8.8.8.8:53 | 215.169.36.23.in-addr.arpa | udp |
Files
Analysis: behavioral16
Detonation Overview
Submitted
2024-05-30 03:11
Reported
2024-05-30 03:58
Platform
win10-20240404-en
Max time kernel
310s
Max time network
1613s
Command Line
Signatures
Command and Scripting Interpreter: JavaScript
Processes
C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\WavePreTest\WavePreTest\Wave.Dir\Monaco\fileaccess\node_modules\depd\lib\browser\index.js
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 26.178.89.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 0.205.248.87.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
Files
Analysis: behavioral26
Detonation Overview
Submitted
2024-05-30 03:11
Reported
2024-05-30 04:00
Platform
win10-20240404-en
Max time kernel
314s
Max time network
1608s
Command Line
Signatures
Command and Scripting Interpreter: JavaScript
Processes
C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\WavePreTest\WavePreTest\Wave.Dir\Monaco\fileaccess\node_modules\es-errors\ref.js
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 14.227.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 121.150.79.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
Files
Analysis: behavioral30
Detonation Overview
Submitted
2024-05-30 03:11
Reported
2024-05-30 04:08
Platform
win10-20240404-en
Max time kernel
315s
Max time network
1587s
Command Line
Signatures
Command and Scripting Interpreter: JavaScript
Processes
C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\WavePreTest\WavePreTest\Wave.Dir\Monaco\fileaccess\node_modules\es-errors\uri.js
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.8.0.8.0.8.0.8.0.ip6.arpa | udp |
| US | 8.8.8.8:53 | 48.229.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 253.15.104.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 0.205.248.87.in-addr.arpa | udp |
Files
Analysis: behavioral2
Detonation Overview
Submitted
2024-05-30 03:11
Reported
2024-05-30 03:46
Platform
win10-20240404-en
Max time kernel
315s
Max time network
1587s
Command Line
Signatures
Command and Scripting Interpreter: JavaScript
Processes
C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\WavePreTest\WavePreTest\Wave.Dir\Monaco\fileaccess\node_modules\cookie\index.js
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 14.227.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 17.173.189.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
Files
Analysis: behavioral8
Detonation Overview
Submitted
2024-05-30 03:11
Reported
2024-05-30 03:53
Platform
win10-20240404-en
Max time kernel
314s
Max time network
1587s
Command Line
Signatures
Command and Scripting Interpreter: JavaScript
Processes
C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\WavePreTest\WavePreTest\Wave.Dir\Monaco\fileaccess\node_modules\debug\src\index.js
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 215.143.182.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
Files
Analysis: behavioral12
Detonation Overview
Submitted
2024-05-30 03:11
Reported
2024-05-30 03:55
Platform
win10-20240404-en
Max time kernel
315s
Max time network
1608s
Command Line
Signatures
Command and Scripting Interpreter: JavaScript
Processes
C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\WavePreTest\WavePreTest\Wave.Dir\Monaco\fileaccess\node_modules\define-data-property\index.js
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.0.a.d.6.8.4.c.2.6.6.6.8.4.0.e.1.0.a.d.6.8.4.c.8.0.8.0.8.0.8.0.ip6.arpa | udp |
| US | 8.8.8.8:53 | 31.243.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 30.73.42.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 203.107.17.2.in-addr.arpa | udp |
Files
Analysis: behavioral28
Detonation Overview
Submitted
2024-05-30 03:11
Reported
2024-05-30 04:03
Platform
win10-20240404-en
Max time kernel
315s
Max time network
1608s
Command Line
Signatures
Command and Scripting Interpreter: JavaScript
Processes
C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\WavePreTest\WavePreTest\Wave.Dir\Monaco\fileaccess\node_modules\es-errors\test\index.js
Network
| Country | Destination | Domain | Proto |
| US | 138.91.171.81:80 | tcp | |
| US | 8.8.8.8:53 | 16.173.189.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 203.107.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
Files
Analysis: behavioral20
Detonation Overview
Submitted
2024-05-30 03:11
Reported
2024-05-30 03:59
Platform
win10-20240404-en
Max time kernel
614s
Max time network
1607s
Command Line
Signatures
Command and Scripting Interpreter: JavaScript
Processes
C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\WavePreTest\WavePreTest\Wave.Dir\Monaco\fileaccess\node_modules\encodeurl\index.js
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 213.143.182.52.in-addr.arpa | udp |
| NL | 52.142.223.178:80 | tcp | |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 159.113.53.23.in-addr.arpa | udp |
Files
Analysis: behavioral27
Detonation Overview
Submitted
2024-05-30 03:11
Reported
2024-05-30 04:01
Platform
win10-20240404-en
Max time kernel
498s
Max time network
1589s
Command Line
Signatures
Command and Scripting Interpreter: JavaScript
Processes
C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\WavePreTest\WavePreTest\Wave.Dir\Monaco\fileaccess\node_modules\es-errors\syntax.js
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 13.227.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 24.73.42.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 0.204.248.87.in-addr.arpa | udp |
| NL | 52.142.223.178:80 | tcp | |
| US | 8.8.8.8:53 | 215.169.36.23.in-addr.arpa | udp |