Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

Battly-Lau...ws.exe

windows7-x64

7

Battly-Lau...ws.exe

windows10-2004-x64

10

resources/...ute.js

windows7-x64

3

resources/...ute.js

windows10-2004-x64

3

resources/...dex.js

windows7-x64

3

resources/...dex.js

windows10-2004-x64

3

resources/...DME.js

windows7-x64

3

resources/...DME.js

windows10-2004-x64

3

resources/...dex.js

windows7-x64

3

resources/...dex.js

windows10-2004-x64

3

resources/...dex.js

windows7-x64

3

resources/...dex.js

windows10-2004-x64

3

resources/...ime.js

windows7-x64

3

resources/...ime.js

windows10-2004-x64

3

resources/...cli.js

ubuntu-18.04-amd64

4

resources/...cli.js

debian-9-armhf

4

resources/...cli.js

debian-9-mips

1

resources/...cli.js

debian-9-mipsel

1

resources/...dex.js

windows7-x64

3

resources/...dex.js

windows10-2004-x64

3

resources/...tch.js

windows7-x64

3

resources/...tch.js

windows10-2004-x64

3

resources/...ark.js

windows7-x64

3

resources/...ark.js

windows10-2004-x64

3

resources/...put.js

windows7-x64

3

resources/...put.js

windows10-2004-x64

3

resources/...col.js

windows7-x64

3

resources/...col.js

windows10-2004-x64

3

resources/...ten.js

windows7-x64

3

resources/...ten.js

windows10-2004-x64

3

resources/...ema.js

windows7-x64

3

resources/...ema.js

windows10-2004-x64

3

Resubmissions

01/08/2024, 00:29 UTC

240801-atd3ks1gnl 10

01/08/2024, 00:19 UTC

240801-ammq5s1ekn 10

Analysis

  • max time kernel
    0s
  • max time network
    132s
  • platform
    ubuntu-18.04_amd64
  • resource
    ubuntu1804-amd64-20240508-en
  • resource tags

    arch:amd64arch:i386image:ubuntu1804-amd64-20240508-enkernel:4.15.0-213-genericlocale:en-usos:ubuntu-18.04-amd64system
  • submitted
    01/08/2024, 00:29 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    resources/app/node_modules/ejs-electron/node_modules/mime/cli.js

  • Size

    1KB

  • MD5

    f13333cd6bfe3dcb5e949337a7186ad4

  • SHA1

    b7f33b24da6e984dfb6c0c8c7dcf074c613673c2

  • SHA256

    15da8d89bd7fc3a4025f79197a02a62284a95add244ec67bdd2b8dff918b5052

  • SHA512

    96c5c21a657f284900cb966bccaac351fd540ec7197b64cf06018b45d57118b15a29040d78b874fa5622e66fb5b0f1a87bd6a16a50c930e910c6984bef7825c6

Score
4/10

Malware Config

Signatures

  • Changes its process name 1 IoCs
  • Enumerates kernel/hardware configuration 1 TTPs 1 IoCs

    Reads contents of /sys virtual filesystem to enumerate system information.

  • Reads runtime system information 1 IoCs

    Reads data from /proc virtual filesystem.

Processes

  • /tmp/resources/app/node_modules/ejs-electron/node_modules/mime/cli.js
    /tmp/resources/app/node_modules/ejs-electron/node_modules/mime/cli.js
    1⤵
      PID:1505
    • /usr/local/sbin/node
      node /tmp/resources/app/node_modules/ejs-electron/node_modules/mime/cli.js
      1⤵
        PID:1505
      • /usr/local/bin/node
        node /tmp/resources/app/node_modules/ejs-electron/node_modules/mime/cli.js
        1⤵
          PID:1505
        • /usr/sbin/node
          node /tmp/resources/app/node_modules/ejs-electron/node_modules/mime/cli.js
          1⤵
            PID:1505
          • /usr/bin/node
            node /tmp/resources/app/node_modules/ejs-electron/node_modules/mime/cli.js
            1⤵
            • Changes its process name
            • Enumerates kernel/hardware configuration
            • Reads runtime system information
            PID:1505

          Network

            No results found
          • 151.101.193.91:443
            tls
            127 B
             40 B
             2
            1
          • 185.125.188.62:443
            tls
            135 B
             2
          • 185.125.188.61:443
            tls
            135 B
             2
          • 151.101.193.91:443
            extensions.gnome.org
            tls
            1.3kB
             4.5kB
             13
            13
          • 195.181.164.15:443
            tls
            11.2kB
             136
          • 224.0.0.251:5353
            146 B
             2

          MITRE ATT&CK Enterprise v15

          Replay Monitor

          Loading Replay Monitor...

          Downloads

          We care about your privacy.

          This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.