Analysis Overview
score
6/10
SHA256
4cc1666bb3c7ac152364450a63f33004bb97dff1eb41edbe0351668cc4bba690
Threat Level: Shows suspicious behavior
The file code.js was found to be: Shows suspicious behavior.
Malicious Activity Summary
Checks CPU configuration
Enumerates kernel/hardware configuration
Reads runtime system information
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-04-17 14:12
Signatures
N/A
Analysis: behavioral1
Detonation Overview
Submitted
2024-04-17 14:12
Reported
2024-04-17 14:21
Platform
debian12-mipsel-20240221-en
Max time kernel
41s
Max time network
57s
Command Line
[node /tmp/code.js]
Signatures
Checks CPU configuration
| Description | Indicator | Process | Target |
| File opened for reading | /proc/cpuinfo | /usr/bin/node | N/A |
Enumerates kernel/hardware configuration
| Description | Indicator | Process | Target |
| File opened for reading | /sys/fs/cgroup/memory/memory.limit_in_bytes | /usr/bin/node | N/A |
Reads runtime system information
| Description | Indicator | Process | Target |
| File opened for reading | /proc/meminfo | /usr/bin/node | N/A |
Processes
/usr/bin/node
[node /tmp/code.js]
Network
| Country | Destination | Domain | Proto |
| US | 1.1.1.1:53 | debian12-mipsel-20240221-en-13 | udp |
| US | 1.1.1.1:53 | debian12-mipsel-20240221-en-13 | udp |
| US | 1.1.1.1:53 | debian12-mipsel-20240221-en-13 | udp |
| US | 1.1.1.1:53 | debian12-mipsel-20240221-en-13 | udp |
Files
N/A