2ad8902417ff3f3d730c8aa0127266ebf4551b07cefc43f64402c9678caef14d

Submit
Reports

Overview

overview

Static

static

WaveVirus.exe

windows7-x64

WaveVirus.exe

windows10-2004-x64

$PLUGINSDIR/app-64.7z

windows7-x64

$PLUGINSDIR/app-64.7z

windows10-2004-x64

Wave.exe

windows10-2004-x64

resources/...mon.js

ubuntu-18.04-amd64

resources/...mon.js

debian-9-armhf

resources/...mon.js

debian-9-mips

resources/...mon.js

debian-9-mipsel

resources/...ll.exe

windows7-x64

resources/...ll.exe

windows10-2004-x64

resources/...dex.js

windows7-x64

resources/...dex.js

windows10-2004-x64

resources/...rse.js

windows7-x64

resources/...rse.js

windows10-2004-x64

resources/...and.js

windows7-x64

resources/...and.js

windows10-2004-x64

resources/...lts.js

windows7-x64

resources/...lts.js

windows10-2004-x64

resources/...xec.js

windows7-x64

resources/...xec.js

windows10-2004-x64

resources/...dex.js

windows7-x64

resources/...dex.js

windows10-2004-x64

resources/...oad.js

windows7-x64

resources/...oad.js

windows10-2004-x64

resources/...dex.js

windows7-x64

resources/...dex.js

windows10-2004-x64

resources/...dex.js

windows7-x64

resources/...dex.js

windows10-2004-x64

resources/...dex.js

windows7-x64

resources/...dex.js

windows10-2004-x64

resources/...tch.js

windows7-x64

Analysis

max time kernel
121s
max time network
130s
platform
windows7_x64
resource
win7-20240903-en
resource tags

arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
submitted
25-11-2024 18:56

Sharing

Copy URL

Twitter E-mail

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

WaveVirus.exe

Resource

win7-20240903-en

discovery

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

WaveVirus.exe

Resource

win10v2004-20241007-en

discovery

windows10-2004-x64

19 signatures

150 seconds

Behavioral task

behavioral3

Sample

$PLUGINSDIR/app-64.7z

Resource

win7-20240903-en

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral4

Sample

$PLUGINSDIR/app-64.7z

Resource

win10v2004-20241007-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral5

Sample

Wave.exe

Resource

win10v2004-20241007-en

discovery

windows10-2004-x64

8 signatures

150 seconds

Behavioral task

behavioral6

Sample

resources/app.asar.unpacked/node_modules/nodemon/bin/nodemon.js

Resource

ubuntu1804-amd64-20240611-en

discovery execution

ubuntu-18.04-amd64

3 signatures

150 seconds

Behavioral task

behavioral7

Sample

resources/app.asar.unpacked/node_modules/nodemon/bin/nodemon.js

Resource

debian9-armhf-20240611-en

antivm discovery execution

debian-9-armhf

5 signatures

150 seconds

Behavioral task

behavioral8

Sample

resources/app.asar.unpacked/node_modules/nodemon/bin/nodemon.js

Resource

debian9-mipsbe-20240729-en

execution

debian-9-mips

1 signatures

150 seconds

Behavioral task

behavioral9

Sample

resources/app.asar.unpacked/node_modules/nodemon/bin/nodemon.js

Resource

debian9-mipsel-20240418-en

execution

debian-9-mipsel

1 signatures

150 seconds

Behavioral task

behavioral10

Sample

resources/app.asar.unpacked/node_modules/nodemon/bin/windows-kill.exe

Resource

win7-20240708-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral11

Sample

resources/app.asar.unpacked/node_modules/nodemon/bin/windows-kill.exe

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral12

Sample

resources/app.asar.unpacked/node_modules/nodemon/lib/cli/index.js

Resource

win7-20240903-en

execution

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral13

Sample

resources/app.asar.unpacked/node_modules/nodemon/lib/cli/index.js

Resource

win10v2004-20241007-en

execution

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral14

Sample

resources/app.asar.unpacked/node_modules/nodemon/lib/cli/parse.js

Resource

win7-20240903-en

execution

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral15

Sample

resources/app.asar.unpacked/node_modules/nodemon/lib/cli/parse.js

Resource

win10v2004-20241007-en

execution

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral16

Sample

resources/app.asar.unpacked/node_modules/nodemon/lib/config/command.js

Resource

win7-20240903-en

execution

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral17

Sample

resources/app.asar.unpacked/node_modules/nodemon/lib/config/command.js

Resource

win10v2004-20241007-en

execution

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral18

Sample

resources/app.asar.unpacked/node_modules/nodemon/lib/config/defaults.js

Resource

win7-20241010-en

execution

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral19

Sample

resources/app.asar.unpacked/node_modules/nodemon/lib/config/defaults.js

Resource

win10v2004-20241007-en

execution

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral20

Sample

resources/app.asar.unpacked/node_modules/nodemon/lib/config/exec.js

Resource

win7-20240729-en

execution

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral21

Sample

resources/app.asar.unpacked/node_modules/nodemon/lib/config/exec.js

Resource

win10v2004-20241007-en

execution

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral22

Sample

resources/app.asar.unpacked/node_modules/nodemon/lib/config/index.js

Resource

win7-20240903-en

execution

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral23

Sample

resources/app.asar.unpacked/node_modules/nodemon/lib/config/index.js

Resource

win10v2004-20241007-en

execution

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral24

Sample

resources/app.asar.unpacked/node_modules/nodemon/lib/config/load.js

Resource

win7-20241023-en

execution

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral25

Sample

resources/app.asar.unpacked/node_modules/nodemon/lib/config/load.js

Resource

win10v2004-20241007-en

execution

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral26

Sample

resources/app.asar.unpacked/node_modules/nodemon/lib/help/index.js

Resource

win7-20240708-en

execution

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral27

Sample

resources/app.asar.unpacked/node_modules/nodemon/lib/help/index.js

Resource

win10v2004-20241007-en

execution

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral28

Sample

resources/app.asar.unpacked/node_modules/nodemon/lib/index.js

Resource

win7-20240903-en

execution

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral29

Sample

resources/app.asar.unpacked/node_modules/nodemon/lib/index.js

Resource

win10v2004-20241007-en

execution

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral30

Sample

resources/app.asar.unpacked/node_modules/nodemon/lib/monitor/index.js

Resource

win7-20240903-en

execution

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral31

Sample

resources/app.asar.unpacked/node_modules/nodemon/lib/monitor/index.js

Resource

win10v2004-20241007-en

execution

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral32

Sample

resources/app.asar.unpacked/node_modules/nodemon/lib/monitor/match.js

Resource

win7-20241010-en

execution

windows7-x64

1 signatures

150 seconds

Report Analysis Logs

General

Target

resources/app.asar.unpacked/node_modules/nodemon/lib/monitor/index.js
Size

82B
MD5

532b43e5038c9f6a6d65d40ca44375f0
SHA1

c7fa3f4fbab77df0eee87d08d428cc06d18faf76
SHA256

cc16aeb163da6cc7746bf5ced2d11f1436e458c7ee803241e9a9fa1d107450fd
SHA512

809479d0b075c9bcb3eef6670cdd652a6caf39ec7f93f1d7dde0eee8a792d518238cfa9f78a2ec1a11ebbfeb00d2a117d25b198718af668c7f356bc3f93ebc1c

Score

3^/10

execution

Malware Config

Signatures

Command and Scripting Interpreter: JavaScript 1 TTPs
execution

JavaScript
T1059.007

Processes

C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\resources\app.asar.unpacked\node_modules\nodemon\lib\monitor\index.js
1⤵
PID:2120

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

T1059

JavaScript

T1059.007

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads