b4787530c793868cc82be4da006730e3d2644e40edb367cdd0e97512664baaca

Analysis

max time kernel
20s
max time network
1684s
platform
debian-9_mips
resource
debian9-mipsbe-20240221-en
resource tags

arch:mipsimage:debian9-mipsbe-20240221-enkernel:4.9.0-13-4kc-maltalocale:en-usos:debian-9-mipssystem
submitted
25/02/2024, 15:23

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

target.js
Size

35B
MD5

a0f1673288982e9b7445b2e34df7eafd
SHA1

711c1f3eff1c9827d6303ab7dd23d442d6c375d4
SHA256

b4787530c793868cc82be4da006730e3d2644e40edb367cdd0e97512664baaca
SHA512

14efa86d35bf4938070334f05dda29afcbcddf6f72222903a75bf7320a1e922c821c144eba690a1a66a66794a738a9f1a044abd5c31d97e65557df830556fd79

Score

7^/10

antivm

Malware Config

Signatures

Changes its process name 4 IoCs

description	ioc	pid
Changes the process name, possibly in an attempt to hide itself	V8 WorkerThread	706
Changes the process name, possibly in an attempt to hide itself	V8 WorkerThread	707
Changes the process name, possibly in an attempt to hide itself	V8 WorkerThread	709
Changes the process name, possibly in an attempt to hide itself	V8 WorkerThread	710

Checks CPU configuration 1 TTPs 1 IoCs

Checks CPU information which indicate if the system is a virtual machine.

antivm

Virtualization/Sandbox Evasion

T1497

description	ioc	Process
File opened for reading	/proc/cpuinfo	nodejs

/usr/bin/nodejs
nodejs /tmp/target.js
1⤵
- Checks CPU configuration
PID:697

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1497

Credential Access

Discovery

Virtualization/Sandbox Evasion

T1497

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads