d87d6cf111482f9fd91afac59991c95ddf8d84e6987d550beb3cb221f4bdbc51 | Triage

Analysis

max time kernel
126s
max time network
137s
platform
windows10-1703_x64
resource
win10-20240611-en
resource tags

arch:x64arch:x86image:win10-20240611-enlocale:en-usos:windows10-1703-x64system
submitted
25/06/2024, 13:40 UTC

Sharing

Report Analysis Logs

General

Target

Solara.Dir/Monaco/fileaccess/node_modules/content-type/index.js
Size

4KB
MD5

4781c7ea0309edac61c3a36e3ea9da10
SHA1

1b6e7e8d1963ce958cf0f225223fadb5ef12f86d
SHA256

7d76ae0f8ecc0a8c053de97b0f695f3fa3df33f692d1bd241307995304e5f63d
SHA512

d458f8962f44ec30bf519a54aef063960d9cac2a954493383fc2ef46781c3244740f18c7daf1821b4e0babbd56b356228f7247ce40de9f3276de91a71c66c78c
SSDEEP

96:CJFvvhHgqZlI8IDzdlalSqZf/gf6GosMySqUqMGa9Nw+j0i8L:CJFHhAqbI8IdUYVhvJMG6Yii

Score

3^/10

execution

Malware Config

Signatures

Command and Scripting Interpreter: JavaScript 1 TTPs
execution

JavaScript
T1059.007

C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\Solara.Dir\Monaco\fileaccess\node_modules\content-type\index.js
1⤵
PID:4892

Network

DNS

30.243.111.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

30.243.111.52.in-addr.arpa

IN PTR

Response
DNS

8.173.189.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

8.173.189.20.in-addr.arpa

IN PTR

Response
DNS

82.90.14.23.in-addr.arpa

Remote address:

8.8.8.8:53

Request

82.90.14.23.in-addr.arpa

IN PTR

Response

82.90.14.23.in-addr.arpa

IN PTR

a23-14-90-82deploystaticakamaitechnologiescom

No results found

8.8.8.8:53

30.243.111.52.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

30.243.111.52.in-addr.arpa
8.8.8.8:53

8.173.189.20.in-addr.arpa

dns

71 B
157 B
1
1

DNS Request

8.173.189.20.in-addr.arpa
8.8.8.8:53

82.90.14.23.in-addr.arpa

dns

70 B
133 B
1
1

DNS Request

82.90.14.23.in-addr.arpa

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads