Overview

overview

4

Static

static

1

custom/about.html

windows7-x64

3

custom/about.html

windows10-2004-x64

3

custom/header.html

windows7-x64

3

custom/header.html

windows10-2004-x64

3

custom/help.html

windows7-x64

3

custom/help.html

windows10-2004-x64

3

dialog/dialog.html

windows7-x64

3

dialog/dialog.html

windows10-2004-x64

3

dialog/js/dialog.js

windows7-x64

3

dialog/js/dialog.js

windows10-2004-x64

3

node_modul...mkdirp

ubuntu-18.04-amd64

3

node_modul...mkdirp

debian-9-armhf

4

node_modul...mkdirp

debian-9-mips

3

node_modul...mkdirp

debian-9-mipsel

3

node_modul...rp.cmd

windows7-x64

1

node_modul...rp.cmd

windows10-2004-x64

1

node_modul...rp.ps1

ubuntu-18.04-amd64

1

node_modul...rp.ps1

debian-9-armhf

1

node_modul...rp.ps1

debian-9-mips

1

node_modul...rp.ps1

debian-9-mipsel

1

node_modul...rimraf

ubuntu-18.04-amd64

3

node_modul...rimraf

debian-9-armhf

4

node_modul...rimraf

debian-9-mips

3

node_modul...rimraf

debian-9-mipsel

3

node_modul...af.cmd

windows7-x64

1

node_modul...af.cmd

windows10-2004-x64

1

node_modul...af.ps1

ubuntu-18.04-amd64

1

node_modul...af.ps1

debian-9-armhf

1

node_modul...af.ps1

debian-9-mips

1

node_modul...af.ps1

debian-9-mipsel

1

node_modul...DME.js

windows7-x64

3

node_modul...DME.js

windows10-2004-x64

3

Analysis

  • max time kernel
    26s
  • platform
    debian-9_mipsel
  • resource
    debian9-mipsel-20240611-en
  • resource tags

    arch:mipselimage:debian9-mipsel-20240611-enkernel:4.9.0-13-4kc-maltalocale:en-usos:debian-9-mipselsystem
  • submitted
    21-11-2024 08:37

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    node_modules/.bin/mkdirp

  • Size

    302B

  • MD5

    fe36f6b08a0e9fe46d884d38118d8b32

  • SHA1

    d6825ffe20b7460d0a52184ab33fc23ebe397ad4

  • SHA256

    8ff23a1eecc18c8bb5e5849483978f6499e36bc13665fffd5c7f69c3e265e707

  • SHA512

    a61ac387a35a47eb538d005aa5f5d21765deed25e09c6184bc103f39d492550751b249c3ea21dcdb1c9894d8f15947e5d2abb83ce162248dc0eed6aa7915a348

Score
3/10
discoveryexecution

Malware Config

Signatures

  • Command and Scripting Interpreter: JavaScript 1 TTPs 6 IoCs

    Execution via JavaScript.

    execution
  • Reads runtime system information 1 IoCs

    Reads data from /proc virtual filesystem.

    discovery

Processes

  • /tmp/node_modules/.bin/mkdirp
    /tmp/node_modules/.bin/mkdirp
    1⤵
      PID:704
      • /bin/sed
        sed -e "s,\\\\,/,g"
        2⤵
        • Reads runtime system information
        PID:711
      • /usr/bin/dirname
        dirname /tmp/node_modules/.bin/mkdirp
        2⤵
          PID:707
        • /bin/uname
          uname
          2⤵
            PID:713
        • /usr/local/sbin/node
          node /tmp/node_modules/.bin/../mkdirp/bin/cmd.js
          1⤵
          • Command and Scripting Interpreter: JavaScript
          PID:704
        • /usr/local/bin/node
          node /tmp/node_modules/.bin/../mkdirp/bin/cmd.js
          1⤵
          • Command and Scripting Interpreter: JavaScript
          PID:704
        • /usr/sbin/node
          node /tmp/node_modules/.bin/../mkdirp/bin/cmd.js
          1⤵
          • Command and Scripting Interpreter: JavaScript
          PID:704
        • /usr/bin/node
          node /tmp/node_modules/.bin/../mkdirp/bin/cmd.js
          1⤵
          • Command and Scripting Interpreter: JavaScript
          PID:704
        • /sbin/node
          node /tmp/node_modules/.bin/../mkdirp/bin/cmd.js
          1⤵
          • Command and Scripting Interpreter: JavaScript
          PID:704
        • /bin/node
          node /tmp/node_modules/.bin/../mkdirp/bin/cmd.js
          1⤵
          • Command and Scripting Interpreter: JavaScript
          PID:704

        Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads