Analysis

  • max time kernel
    2s
  • max time network
    175s
  • platform
    debian-12_armhf
  • resource
    debian12-armhf-20240221-en
  • resource tags

    arch:armhfimage:debian12-armhf-20240221-enkernel:6.1.0-17-armmp-lpaelocale:en-usos:debian-12-armhfsystem
  • submitted
    24/08/2024, 17:53

General

  • Target

    utility/Microsoft.Web.WebView2.Core.js

  • Size

    569KB

  • MD5

    cbfa210b87a054e84f21872bd4fcd6c0

  • SHA1

    c3f617c201d9d250085fc6f80c95dba840a007ed

  • SHA256

    7115c21fd323b38240ca3e77e40c4b23645ea4885f9ddc06179a1761c2c159a1

  • SHA512

    e174229581f9c6d7f4312f27fcc56557b516cb8bccf41f27bb3bea2dfe61c7c4f24b4e37685dbd01cacd91caf7c24baa9dab290d706b384accb1ee9199c019c3

  • SSDEEP

    12288:rt/cM0fctDzdpeqKgan2xqfcan2kO4am+7RufDufBSCspK2sSj4Jb2sOE9nQLtKM:WBfjTMO

Score
4/10

Malware Config

Signatures

  • Checks CPU configuration 1 TTPs 1 IoCs

    Checks CPU information which indicate if the system is a virtual machine.

  • Enumerates kernel/hardware configuration 1 TTPs 1 IoCs

    Reads contents of /sys virtual filesystem to enumerate system information.

  • Reads runtime system information 2 IoCs

    Reads data from /proc virtual filesystem.

Processes

  • /usr/bin/node
    node /tmp/utility/Microsoft.Web.WebView2.Core.js
    1⤵
    • Checks CPU configuration
    • Enumerates kernel/hardware configuration
    • Reads runtime system information
    PID:747

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads