Overview

overview

10

Static

static

10

DiscordBot...64.exe

ubuntu-24.04-amd64

$PLUGINSDI...er.dll

ubuntu-24.04-amd64

$PLUGINSDI...ls.dll

ubuntu-24.04-amd64

$PLUGINSDI...em.dll

ubuntu-24.04-amd64

$PLUGINSDI...ll.dll

ubuntu-24.04-amd64

resources/...ags.js

ubuntu-24.04-amd64

3

resources/...eld.js

ubuntu-24.04-amd64

3

resources/...hop.js

ubuntu-24.04-amd64

3

resources/...nts.js

ubuntu-24.04-amd64

3

resources/...nts.js

ubuntu-24.04-amd64

3

resources/...ata.js

ubuntu-24.04-amd64

3

resources/...oto.js

ubuntu-24.04-amd64

3

resources/...til.js

ubuntu-24.04-amd64

3

resources/...ges.js

ubuntu-24.04-amd64

3

resources/...ges.js

ubuntu-24.04-amd64

3

resources/...ags.js

ubuntu-24.04-amd64

3

resources/...tch.js

ubuntu-24.04-amd64

3

resources/...cts.js

ubuntu-24.04-amd64

3

resources/...til.js

ubuntu-24.04-amd64

3

resources/...ver.js

ubuntu-24.04-amd64

3

resources/...nts.js

ubuntu-24.04-amd64

3

resources/...oad.js

ubuntu-24.04-amd64

3

resources/...ent.js

ubuntu-24.04-amd64

3

resources/...ase.js

ubuntu-24.04-amd64

3

resources/...ges.js

ubuntu-24.04-amd64

3

resources/...ngs.js

ubuntu-24.04-amd64

3

resources/...ngs.js

ubuntu-24.04-amd64

3

resources/...dex.js

ubuntu-24.04-amd64

3

resources/...dex.js

ubuntu-24.04-amd64

3

$PLUGINSDI...ec.dll

ubuntu-24.04-amd64

$PLUGINSDI...7z.dll

ubuntu-24.04-amd64

$R0/Uninst...nt.exe

ubuntu-24.04-amd64

Analysis

  • max time kernel
    0s
  • max time network
    135s
  • platform
    ubuntu-24.04_amd64
  • resource
    ubuntu2404-amd64-20240523-en
  • resource tags

    arch:amd64arch:i386image:ubuntu2404-amd64-20240523-enkernel:6.8.0-31-genericlocale:en-usos:ubuntu-24.04-amd64system
  • submitted
    01-02-2025 16:53

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    resources/app/AppCore/IPCEvent.js

  • Size

    600B

  • MD5

    49ac23abdc9b58b8db44aa9090663be3

  • SHA1

    b83a4cebbdccaf855a3c53cf9e7d7ef72e13d0e5

  • SHA256

    cbed473834c810bb66879016e7e197c6ff60ee04ed0b16337cb6a39f221b93e3

  • SHA512

    74869bbed99673a276840ce17be47b09d5de651010ae79da0ac398872a1b7861108d49adddcbb5db75dd62a8d88fe6ac12e634d135d4483fbde69b8189824b5a

Score
3/10
discoveryexecution

Malware Config

Signatures

  • Command and Scripting Interpreter: JavaScript 1 TTPs 1 IoCs

    Execution via JavaScript.

    execution
  • Enumerates kernel/hardware configuration 1 TTPs 2 IoCs

    Reads contents of /sys virtual filesystem to enumerate system information.

    discovery
  • Reads runtime system information 3 IoCs

    Reads data from /proc virtual filesystem.

    discovery
  • System Network Configuration Discovery 1 TTPs 1 IoCs

    Adversaries may gather information about the network configuration of a system.

    discovery

Processes

  • /usr/bin/node
    node /tmp/resources/app/AppCore/IPCEvent.js
    1⤵
    • Command and Scripting Interpreter: JavaScript
    • Enumerates kernel/hardware configuration
    • Reads runtime system information
    • System Network Configuration Discovery
    PID:3638

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads