Overview

overview

7

Static

static

7

Lunar Clie...1).exe

windows10-ltsc_2021-x64

7

$PLUGINSDI...ics.js

windows10-ltsc_2021-x64

3

$PLUGINSDI...nds.js

windows10-ltsc_2021-x64

3

$PLUGINSDI...ies.js

windows10-ltsc_2021-x64

3

$PLUGINSDI...ate.js

windows10-ltsc_2021-x64

3

$PLUGINSDI...der.js

windows10-ltsc_2021-x64

3

$PLUGINSDI...ils.js

windows10-ltsc_2021-x64

3

$PLUGINSDI...ler.js

windows10-ltsc_2021-x64

3

$PLUGINSDI...ate.js

windows10-ltsc_2021-x64

3

$PLUGINSDI...ler.js

windows10-ltsc_2021-x64

3

$PLUGINSDI...ate.js

windows10-ltsc_2021-x64

3

$PLUGINSDI...ler.js

windows10-ltsc_2021-x64

3

$PLUGINSDI...ate.js

windows10-ltsc_2021-x64

3

$PLUGINSDI...ler.js

windows10-ltsc_2021-x64

3

$PLUGINSDI...ate.js

windows10-ltsc_2021-x64

3

$PLUGINSDI...ler.js

windows10-ltsc_2021-x64

3

$PLUGINSDI...ler.js

windows10-ltsc_2021-x64

3

$PLUGINSDI...ate.js

windows10-ltsc_2021-x64

3

$PLUGINSDI...ler.js

windows10-ltsc_2021-x64

3

$PLUGINSDI...ate.js

windows10-ltsc_2021-x64

3

$PLUGINSDI...ler.js

windows10-ltsc_2021-x64

3

$PLUGINSDI...ate.js

windows10-ltsc_2021-x64

3

$PLUGINSDI...ate.js

windows10-ltsc_2021-x64

3

$PLUGINSDI...ler.js

windows10-ltsc_2021-x64

3

$PLUGINSDI...s.html

windows10-ltsc_2021-x64

4

$PLUGINSDI...et.dll

windows10-ltsc_2021-x64

1

$PLUGINSDI...ss.dll

windows10-ltsc_2021-x64

3

$PLUGINSDI...7z.dll

windows10-ltsc_2021-x64

5

$PLUGINSDI...64.dll

windows10-ltsc_2021-x64

1

$PLUGINSDIR/uac.dll

windows10-ltsc_2021-x64

3

$PLUGINSDIR/utils.dll

windows10-ltsc_2021-x64

3

$PLUGINSDI...rp.dll

windows10-ltsc_2021-x64

1

Resubmissions

28/03/2025, 16:42 UTC

250328-t7vr2ayvhv 7

28/03/2025, 16:40 UTC

250328-t61lwszrs5 7

Analysis

  • max time kernel
    101s
  • max time network
    145s
  • platform
    windows10-ltsc_2021_x64
  • resource
    win10ltsc2021-20250313-en
  • resource tags

    arch:x64arch:x86image:win10ltsc2021-20250313-enlocale:en-usos:windows10-ltsc_2021-x64system
  • submitted
    28/03/2025, 16:42 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    $PLUGINSDIR/app/js/utils/commands.js

  • Size

    13KB

  • MD5

    186f2a801c3d12b8b53e4b8f0510bd35

  • SHA1

    567932df79e60d27d62752b1a1d72d6bf386c6b0

  • SHA256

    bd6e86d0e6b33a44a1617458f0adff34a5cb0fc52568e03e5d74b8c72b5f379e

  • SHA512

    eb87666e8fb40f81d9f14f61a6cffdba57edce1ab9b62c1df3ea3ffb0f96747f90465b2bee956c096f3762d25e90f5f130537046d8deba388d183cee1cc473c3

  • SSDEEP

    384:PUr5HB8c31uUvJQ006W8tusv5qEWOdvAUd:PVhsj

Score
3/10
execution

Malware Config

Signatures

Processes

  • C:\Windows\system32\wscript.exe
    wscript.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\app\js\utils\commands.js
    1⤵
      PID:3096

    Network

    • flag-us
      DNS
      c.pki.goog
      Remote address:
      8.8.8.8:53
      Request
      c.pki.goog
      IN A
      Response
      c.pki.goog
      IN CNAME
      pki-goog.l.google.com
      pki-goog.l.google.com
      IN A
      142.250.187.195
    • flag-gb
      GET
      http://c.pki.goog/r/r1.crl
      Remote address:
      142.250.187.195:80
      Request
      GET /r/r1.crl HTTP/1.1
      Cache-Control: max-age = 3000
      Connection: Keep-Alive
      Accept: */*
      If-Modified-Since: Thu, 25 Jul 2024 14:48:00 GMT
      User-Agent: Microsoft-CryptoAPI/10.0
      Host: c.pki.goog
      Response
      HTTP/1.1 304 Not Modified
      Date: Fri, 28 Mar 2025 16:21:00 GMT
      Expires: Fri, 28 Mar 2025 17:11:00 GMT
      Age: 1390
      Last-Modified: Thu, 25 Jul 2024 14:48:00 GMT
      Cache-Control: public, max-age=3000
      Vary: Accept-Encoding
    • 142.250.187.195:80
      http://c.pki.goog/r/r1.crl
      http
      384 B
       355 B
       4
      3

      HTTP Request

      GET http://c.pki.goog/r/r1.crl

      HTTP Response

      304
    • 8.8.8.8:53
      c.pki.goog
      dns
      56 B
       107 B
       1
      1

      DNS Request

      c.pki.goog

      DNS Response

      142.250.187.195

    MITRE ATT&CK Enterprise v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    We care about your privacy.

    This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.