Overview

overview

4

Static

static

1

custom/about.html

windows7-x64

3

custom/about.html

windows10-2004-x64

3

custom/header.html

windows7-x64

3

custom/header.html

windows10-2004-x64

3

custom/help.html

windows7-x64

3

custom/help.html

windows10-2004-x64

3

dialog/dialog.html

windows7-x64

3

dialog/dialog.html

windows10-2004-x64

3

dialog/js/dialog.js

windows7-x64

3

dialog/js/dialog.js

windows10-2004-x64

3

node_modul...mkdirp

ubuntu-18.04-amd64

3

node_modul...mkdirp

debian-9-armhf

4

node_modul...mkdirp

debian-9-mips

3

node_modul...mkdirp

debian-9-mipsel

3

node_modul...rp.cmd

windows7-x64

1

node_modul...rp.cmd

windows10-2004-x64

1

node_modul...rp.ps1

ubuntu-18.04-amd64

1

node_modul...rp.ps1

debian-9-armhf

1

node_modul...rp.ps1

debian-9-mips

1

node_modul...rp.ps1

debian-9-mipsel

1

node_modul...rimraf

ubuntu-18.04-amd64

3

node_modul...rimraf

debian-9-armhf

4

node_modul...rimraf

debian-9-mips

3

node_modul...rimraf

debian-9-mipsel

3

node_modul...af.cmd

windows7-x64

1

node_modul...af.cmd

windows10-2004-x64

1

node_modul...af.ps1

ubuntu-18.04-amd64

1

node_modul...af.ps1

debian-9-armhf

1

node_modul...af.ps1

debian-9-mips

1

node_modul...af.ps1

debian-9-mipsel

1

node_modul...DME.js

windows7-x64

3

node_modul...DME.js

windows10-2004-x64

3

Analysis

  • max time kernel
    0s
  • max time network
    129s
  • platform
    ubuntu-18.04_amd64
  • resource
    ubuntu1804-amd64-20240611-en
  • resource tags

    arch:amd64arch:i386image:ubuntu1804-amd64-20240611-enkernel:4.15.0-213-genericlocale:en-usos:ubuntu-18.04-amd64system
  • submitted
    21-11-2024 08:37

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    node_modules/.bin/mkdirp

  • Size

    302B

  • MD5

    fe36f6b08a0e9fe46d884d38118d8b32

  • SHA1

    d6825ffe20b7460d0a52184ab33fc23ebe397ad4

  • SHA256

    8ff23a1eecc18c8bb5e5849483978f6499e36bc13665fffd5c7f69c3e265e707

  • SHA512

    a61ac387a35a47eb538d005aa5f5d21765deed25e09c6184bc103f39d492550751b249c3ea21dcdb1c9894d8f15947e5d2abb83ce162248dc0eed6aa7915a348

Score
3/10
discoveryexecution

Malware Config

Signatures

  • Command and Scripting Interpreter: JavaScript 1 TTPs 4 IoCs

    Execution via JavaScript.

    execution
  • Enumerates kernel/hardware configuration 1 TTPs 1 IoCs

    Reads contents of /sys virtual filesystem to enumerate system information.

    discovery
  • Reads runtime system information 2 IoCs

    Reads data from /proc virtual filesystem.

    discovery

Processes

  • /tmp/node_modules/.bin/mkdirp
    /tmp/node_modules/.bin/mkdirp
    1⤵
      PID:1532
      • /bin/sed
        sed -e "s,\\\\,/,g"
        2⤵
        • Reads runtime system information
        PID:1536
      • /usr/bin/dirname
        dirname /tmp/node_modules/.bin/mkdirp
        2⤵
          PID:1533
        • /bin/uname
          uname
          2⤵
            PID:1537
        • /usr/local/sbin/node
          node /tmp/node_modules/.bin/../mkdirp/bin/cmd.js
          1⤵
          • Command and Scripting Interpreter: JavaScript
          PID:1532
        • /usr/local/bin/node
          node /tmp/node_modules/.bin/../mkdirp/bin/cmd.js
          1⤵
          • Command and Scripting Interpreter: JavaScript
          PID:1532
        • /usr/sbin/node
          node /tmp/node_modules/.bin/../mkdirp/bin/cmd.js
          1⤵
          • Command and Scripting Interpreter: JavaScript
          PID:1532
        • /usr/bin/node
          node /tmp/node_modules/.bin/../mkdirp/bin/cmd.js
          1⤵
          • Command and Scripting Interpreter: JavaScript
          • Enumerates kernel/hardware configuration
          • Reads runtime system information
          PID:1532

        Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads