Overview

overview

4

Static

static

1

custom/about.html

windows7-x64

3

custom/about.html

windows10-2004-x64

3

custom/header.html

windows7-x64

3

custom/header.html

windows10-2004-x64

3

custom/help.html

windows7-x64

3

custom/help.html

windows10-2004-x64

3

dialog/dialog.html

windows7-x64

3

dialog/dialog.html

windows10-2004-x64

3

dialog/js/dialog.js

windows7-x64

3

dialog/js/dialog.js

windows10-2004-x64

3

node_modul...mkdirp

ubuntu-18.04-amd64

3

node_modul...mkdirp

debian-9-armhf

4

node_modul...mkdirp

debian-9-mips

3

node_modul...mkdirp

debian-9-mipsel

3

node_modul...rp.cmd

windows7-x64

1

node_modul...rp.cmd

windows10-2004-x64

1

node_modul...rp.ps1

ubuntu-18.04-amd64

1

node_modul...rp.ps1

debian-9-armhf

1

node_modul...rp.ps1

debian-9-mips

1

node_modul...rp.ps1

debian-9-mipsel

1

node_modul...rimraf

ubuntu-18.04-amd64

3

node_modul...rimraf

debian-9-armhf

4

node_modul...rimraf

debian-9-mips

3

node_modul...rimraf

debian-9-mipsel

3

node_modul...af.cmd

windows7-x64

1

node_modul...af.cmd

windows10-2004-x64

1

node_modul...af.ps1

ubuntu-18.04-amd64

1

node_modul...af.ps1

debian-9-armhf

1

node_modul...af.ps1

debian-9-mips

1

node_modul...af.ps1

debian-9-mipsel

1

node_modul...DME.js

windows7-x64

3

node_modul...DME.js

windows10-2004-x64

3

Analysis

  • max time kernel
    1s
  • platform
    debian-9_mipsel
  • resource
    debian9-mipsel-20240611-en
  • resource tags

    arch:mipselimage:debian9-mipsel-20240611-enkernel:4.9.0-13-4kc-maltalocale:en-usos:debian-9-mipselsystem
  • submitted
    21-11-2024 08:37

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    node_modules/.bin/rimraf

  • Size

    294B

  • MD5

    f178e4d9d266237c4747eb33eed35684

  • SHA1

    678d46ca0b1f43811604f8b6aaa0237acf4faedb

  • SHA256

    64ce06348f2c2e12fbf0f5db3d2943e00147a8ec47147702685a13acc7b908f5

  • SHA512

    264383c581c4ec8d1aca3f07b89d43b148db2061a360a17bce7a5457edae13a62271fdf519f4a238ff6ac714e79150a8c8ca6a55e64d819cc56f4bc5ce789c87

Score
3/10
discoveryexecution

Malware Config

Signatures

  • Command and Scripting Interpreter: JavaScript 1 TTPs 6 IoCs

    Execution via JavaScript.

    execution
  • Reads runtime system information 1 IoCs

    Reads data from /proc virtual filesystem.

    discovery

Processes

  • /tmp/node_modules/.bin/rimraf
    /tmp/node_modules/.bin/rimraf
    1⤵
      PID:712
      • /bin/sed
        sed -e "s,\\\\,/,g"
        2⤵
        • Reads runtime system information
        PID:717
      • /usr/bin/dirname
        dirname /tmp/node_modules/.bin/rimraf
        2⤵
          PID:714
        • /bin/uname
          uname
          2⤵
            PID:724
        • /usr/local/sbin/node
          node /tmp/node_modules/.bin/../rimraf/bin.js
          1⤵
          • Command and Scripting Interpreter: JavaScript
          PID:712
        • /usr/local/bin/node
          node /tmp/node_modules/.bin/../rimraf/bin.js
          1⤵
          • Command and Scripting Interpreter: JavaScript
          PID:712
        • /usr/sbin/node
          node /tmp/node_modules/.bin/../rimraf/bin.js
          1⤵
          • Command and Scripting Interpreter: JavaScript
          PID:712
        • /usr/bin/node
          node /tmp/node_modules/.bin/../rimraf/bin.js
          1⤵
          • Command and Scripting Interpreter: JavaScript
          PID:712
        • /sbin/node
          node /tmp/node_modules/.bin/../rimraf/bin.js
          1⤵
          • Command and Scripting Interpreter: JavaScript
          PID:712
        • /bin/node
          node /tmp/node_modules/.bin/../rimraf/bin.js
          1⤵
          • Command and Scripting Interpreter: JavaScript
          PID:712

        Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads