Overview
overview
9Static
static
7purify.zip
windows11-21h2-x64
1bin/Ace/ac...kai.js
windows11-21h2-x64
3bin/Ace/ac...ark.js
windows11-21h2-x64
3bin/Ace/ac...ark.js
windows11-21h2-x64
3bin/Ace/ac...ark.js
windows11-21h2-x64
3bin/Ace/ac...ght.js
windows11-21h2-x64
3bin/Ace/ac...ver.js
windows11-21h2-x64
3bin/Ace/ac...nal.js
windows11-21h2-x64
3bin/Ace/ac...ate.js
windows11-21h2-x64
3bin/Ace/ac...row.js
windows11-21h2-x64
3bin/Ace/ac...ght.js
windows11-21h2-x64
3bin/Ace/ac...lue.js
windows11-21h2-x64
3bin/Ace/ac...ght.js
windows11-21h2-x64
3bin/Ace/ac...ies.js
windows11-21h2-x64
3bin/Ace/ac...ght.js
windows11-21h2-x64
3bin/Ace/ac...ink.js
windows11-21h2-x64
3bin/Ace/ac...ode.js
windows11-21h2-x64
3bin/Ace/ac...ase.js
windows11-21h2-x64
3bin/Ace/ac...fee.js
windows11-21h2-x64
3bin/Ace/ac...css.js
windows11-21h2-x64
3bin/Ace/ac...tml.js
windows11-21h2-x64
3bin/Ace/ac...ipt.js
windows11-21h2-x64
3bin/Ace/ac...son.js
windows11-21h2-x64
3bin/Ace/ac...lua.js
windows11-21h2-x64
3bin/Ace/ac...php.js
windows11-21h2-x64
3bin/Ace/ac...xml.js
windows11-21h2-x64
3bin/Ace/ac...ery.js
windows11-21h2-x64
3bin/last_data.json
windows11-21h2-x64
3flint.dll
windows11-21h2-x64
9main.exe
windows11-21h2-x64
7runtimes/w...er.dll
windows11-21h2-x64
1scripts/test.lua
windows11-21h2-x64
3Analysis
-
max time kernel
150s -
max time network
280s -
platform
windows11-21h2_x64 -
resource
win11-20240709-en -
resource tags
arch:x64arch:x86image:win11-20240709-enlocale:en-usos:windows11-21h2-x64system -
submitted
12-07-2024 17:11
Behavioral task
behavioral1
Sample
purify.zip
Resource
win11-20240709-en
Behavioral task
behavioral2
Sample
bin/Ace/ace/theme-monokai.js
Resource
win11-20240709-en
Behavioral task
behavioral3
Sample
bin/Ace/ace/theme-nord_dark.js
Resource
win11-20240709-en
Behavioral task
behavioral4
Sample
bin/Ace/ace/theme-pastel_on_dark.js
Resource
win11-20240709-en
Behavioral task
behavioral5
Sample
bin/Ace/ace/theme-solarized_dark.js
Resource
win11-20240709-en
Behavioral task
behavioral6
Sample
bin/Ace/ace/theme-solarized_light.js
Resource
win11-20240709-en
Behavioral task
behavioral7
Sample
bin/Ace/ace/theme-sqlserver.js
Resource
win11-20240709-en
Behavioral task
behavioral8
Sample
bin/Ace/ace/theme-terminal.js
Resource
win11-20240709-en
Behavioral task
behavioral9
Sample
bin/Ace/ace/theme-textmate.js
Resource
win11-20240709-en
Behavioral task
behavioral10
Sample
bin/Ace/ace/theme-tomorrow.js
Resource
win11-20240709-en
Behavioral task
behavioral11
Sample
bin/Ace/ace/theme-tomorrow_night.js
Resource
win11-20240709-en
Behavioral task
behavioral12
Sample
bin/Ace/ace/theme-tomorrow_night_blue.js
Resource
win11-20240709-en
Behavioral task
behavioral13
Sample
bin/Ace/ace/theme-tomorrow_night_bright.js
Resource
win11-20240709-en
Behavioral task
behavioral14
Sample
bin/Ace/ace/theme-tomorrow_night_eighties.js
Resource
win11-20240709-en
Behavioral task
behavioral15
Sample
bin/Ace/ace/theme-twilight.js
Resource
win11-20240709-en
Behavioral task
behavioral16
Sample
bin/Ace/ace/theme-vibrant_ink.js
Resource
win11-20240709-en
Behavioral task
behavioral17
Sample
bin/Ace/ace/theme-xcode.js
Resource
win11-20240709-en
Behavioral task
behavioral18
Sample
bin/Ace/ace/worker-base.js
Resource
win11-20240709-en
Behavioral task
behavioral19
Sample
bin/Ace/ace/worker-coffee.js
Resource
win11-20240709-en
Behavioral task
behavioral20
Sample
bin/Ace/ace/worker-css.js
Resource
win11-20240709-en
Behavioral task
behavioral21
Sample
bin/Ace/ace/worker-html.js
Resource
win11-20240709-en
Behavioral task
behavioral22
Sample
bin/Ace/ace/worker-javascript.js
Resource
win11-20240709-en
Behavioral task
behavioral23
Sample
bin/Ace/ace/worker-json.js
Resource
win11-20240709-en
Behavioral task
behavioral24
Sample
bin/Ace/ace/worker-lua.js
Resource
win11-20240709-en
Behavioral task
behavioral25
Sample
bin/Ace/ace/worker-php.js
Resource
win11-20240709-en
Behavioral task
behavioral26
Sample
bin/Ace/ace/worker-xml.js
Resource
win11-20240709-en
Behavioral task
behavioral27
Sample
bin/Ace/ace/worker-xquery.js
Resource
win11-20240709-en
Behavioral task
behavioral28
Sample
bin/last_data.json
Resource
win11-20240709-en
Behavioral task
behavioral29
Sample
flint.dll
Resource
win11-20240709-en
Behavioral task
behavioral30
Sample
main.exe
Resource
win11-20240709-en
Behavioral task
behavioral31
Sample
runtimes/win-x64/native/WebView2Loader.dll
Resource
win11-20240709-en
Behavioral task
behavioral32
Sample
scripts/test.lua
Resource
win11-20240709-en
General
-
Target
bin/Ace/ace/worker-php.js
-
Size
129KB
-
MD5
252f17e9eb1657bc463d30b59714c5a7
-
SHA1
694751478a81ee36445f6b4e06bb1e2be04130a6
-
SHA256
dc63a37b79c60d6d7ccfe64dcd382c85a6e5aad2fd892160edc269ade901eb0c
-
SHA512
2cde0dd6d8c81452dfc7953a3bbc823f864f381aeacf66bd10bf6942363d440a7e036602b43d0b1d169e6d8cd9be4d27426bf19e38ccbc341928dad3d9303caf
-
SSDEEP
1536:PlrIAGxV2XzMwE4ej4elY4Reualc06Apfyc332MHomQ+ooooolllllp:PXXzz5rel9Rsv68oooo2
Malware Config
Signatures
-
Command and Scripting Interpreter: JavaScript 1 TTPs
Processes
Network
-
Remote address:8.8.8.8:53Request134.32.126.40.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request20.58.20.217.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Requestocsp.digicert.comIN AResponseocsp.digicert.comIN CNAMEocsp.edge.digicert.comocsp.edge.digicert.comIN CNAMEfp2e7a.wpc.2be4.phicdn.netfp2e7a.wpc.2be4.phicdn.netIN CNAMEfp2e7a.wpc.phicdn.netfp2e7a.wpc.phicdn.netIN A192.229.221.95
-
Remote address:8.8.8.8:53Request10.27.171.150.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Requestarc.msn.comIN AResponsearc.msn.comIN CNAMEarc.trafficmanager.netarc.trafficmanager.netIN CNAMEiris-de-prod-azsc-v2-neu-b.northeurope.cloudapp.azure.comiris-de-prod-azsc-v2-neu-b.northeurope.cloudapp.azure.comIN A20.223.36.55
-
Remote address:8.8.8.8:53Requestctldl.windowsupdate.comIN AResponsectldl.windowsupdate.comIN CNAMEctldl.windowsupdate.com.delivery.microsoft.comctldl.windowsupdate.com.delivery.microsoft.comIN CNAMEwu-b-net.trafficmanager.netwu-b-net.trafficmanager.netIN CNAMEbg.microsoft.map.fastly.netbg.microsoft.map.fastly.netIN A199.232.214.172bg.microsoft.map.fastly.netIN A199.232.210.172
-
Remote address:8.8.8.8:53Requestarc.msn.comIN AResponsearc.msn.comIN CNAMEarc.trafficmanager.netarc.trafficmanager.netIN CNAMEiris-de-prod-azsc-v2-neu.northeurope.cloudapp.azure.comiris-de-prod-azsc-v2-neu.northeurope.cloudapp.azure.comIN A20.223.35.26
-
Remote address:8.8.8.8:53Requestnexusrules.officeapps.live.comIN AResponsenexusrules.officeapps.live.comIN CNAMEprod.nexusrules.live.com.akadns.netprod.nexusrules.live.com.akadns.netIN A52.111.227.11
-
Remote address:8.8.8.8:53Requestself.events.data.microsoft.comIN AResponseself.events.data.microsoft.comIN CNAMEself-events-data.trafficmanager.netself-events-data.trafficmanager.netIN CNAMEonedscolprdwus14.westus.cloudapp.azure.comonedscolprdwus14.westus.cloudapp.azure.comIN A20.189.173.15
-
126.1kB 3.7MB 2668 2663
-
1.6kB 7.2kB 17 15
-
1.6kB 7.2kB 17 15
-
1.6kB 7.2kB 17 15
-
1.6kB 7.2kB 17 15
-
613 B 1.5kB 9 9
DNS Request
134.32.126.40.in-addr.arpa
DNS Request
20.58.20.217.in-addr.arpa
DNS Request
ocsp.digicert.com
DNS Response
192.229.221.95
DNS Request
10.27.171.150.in-addr.arpa
DNS Request
arc.msn.com
DNS Response
20.223.36.55
DNS Request
ctldl.windowsupdate.com
DNS Response
199.232.214.172199.232.210.172
DNS Request
arc.msn.com
DNS Response
20.223.35.26
DNS Request
nexusrules.officeapps.live.com
DNS Response
52.111.227.11
DNS Request
self.events.data.microsoft.com
DNS Response
20.189.173.15