Overview

overview

4

Static

static

1

m=Da4hkd,E...cPd.js

windows7-x64

1

m=Da4hkd,E...cPd.js

windows10-1703-x64

1

m=Da4hkd,E...cPd.js

windows10-2004-x64

1

m=Da4hkd,E...cPd.js

windows11-21h2-x64

1

m=Da4hkd,E...cPd.js

android-10-x64

m=Da4hkd,E...cPd.js

android-11-x64

m=Da4hkd,E...cPd.js

android-13-x64

m=Da4hkd,E...cPd.js

android-9-x86

m=Da4hkd,E...cPd.js

macos-10.15-amd64

1

m=Da4hkd,E...cPd.js

debian-12-armhf

1

m=Da4hkd,E...cPd.js

debian-12-mipsel

4

m=Da4hkd,E...cPd.js

debian-9-armhf

4

m=Da4hkd,E...cPd.js

debian-9-mips

4

m=Da4hkd,E...cPd.js

debian-9-mipsel

4

m=Da4hkd,E...cPd.js

ubuntu-18.04-amd64

3

m=Da4hkd,E...cPd.js

ubuntu-20.04-amd64

3

Analysis

  • max time kernel
    19s
  • max time network
    1678s
  • platform
    debian-9_mipsel
  • resource
    debian9-mipsel-20240226-en
  • resource tags

    arch:mipselimage:debian9-mipsel-20240226-enkernel:4.9.0-13-4kc-maltalocale:en-usos:debian-9-mipselsystem
  • submitted
    20-04-2024 14:21

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    m=Da4hkd,Eox39d,Fy1Pv,GElbSc,HYSCof,UzbKLd,Wo3n8,aD8OEe,fcDBE,msmzHf,pHXghd,rTuANe,tIj4fb,xdV1C,xfmZMb,yfZcPd.js

  • Size

    723KB

  • MD5

    b6c7b221c1ebb0994c9b6d7ab018d657

  • SHA1

    a007391dd35c77eb532de10eacb036728b33b6e1

  • SHA256

    1a5b05acd3e262da53b10eb0113d910db06203e113dfa12315ee9aa4e590cc1a

  • SHA512

    e4c2fd45c4d7e4b3d09a2c9b5ffc171533364ca02161f8ec02c213c52edcc5cd04449d1601463ad5c96654fef9821f44554c42ae82df72c6419e5799019a8c68

  • SSDEEP

    12288:UdStkWGr4MGSyKfBHpHaC3aNuGzq+xCwQeYv4nxZ:UKkWWYSyKfBHpHaC3asGG+xC1eYv4nxZ

Score
4/10
antivm

Malware Config

Signatures

  • Changes its process name 4 IoCs
  • Checks CPU configuration 1 TTPs 1 IoCs

    Checks CPU information which indicate if the system is a virtual machine.

    antivm

Processes

  • /usr/bin/nodejs
    nodejs "/tmp/m=Da4hkd,Eox39d,Fy1Pv,GElbSc,HYSCof,UzbKLd,Wo3n8,aD8OEe,fcDBE,msmzHf,pHXghd,rTuANe,tIj4fb,xdV1C,xfmZMb,yfZcPd.js"
    1⤵
    • Checks CPU configuration
    PID:709

Network

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

1
T1497

Credential Access

Discovery

Virtualization/Sandbox Evasion

1
T1497

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Replay Monitor

Loading Replay Monitor...

Downloads