Overview

overview

4

Static

static

1

run.js

android-10-x64

run.js

android-11-x64

run.js

android-9-x86

run.js

debian-9-armhf

4

run.js

debian-9-mips

4

run.js

debian-9-mipsel

4

run.js

ubuntu-18.04-amd64

3

Analysis

  • max time kernel
    12s
  • platform
    debian-9_mips
  • resource
    debian9-mipsbe-20240611-en
  • resource tags

    arch:mipsimage:debian9-mipsbe-20240611-enkernel:4.9.0-13-4kc-maltalocale:en-usos:debian-9-mipssystem
  • submitted
    27-06-2024 17:51

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    run.js

  • Size

    47B

  • MD5

    37a379cc1cf221ee2ef6b8f82ccb9d8b

  • SHA1

    e92cdf178f30bbe11465f5af9278995c8ad6efd4

  • SHA256

    fc691ff55990120fbace5b1df7e363903a5eb2d09f8e09d0a65615c6e150c8d9

  • SHA512

    fb38868c3463363eaab81c4bbb20a8f6ac6c969c79e10e4ed47f0ee21ae7e9ffea3b24a08bad6afb264f1dd8aab59e97bb673d3e4d443c0e39b2facd60402672

Score
4/10
antivm

Malware Config

Signatures

  • Changes its process name 4 IoCs
  • Checks CPU configuration 1 TTPs 1 IoCs

    Checks CPU information which indicate if the system is a virtual machine.

    antivm

Processes

  • /usr/bin/nodejs
    nodejs /tmp/run.js
    1⤵
    • Checks CPU configuration
    PID:706

Network

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

1
T1497

Credential Access

Discovery

Virtualization/Sandbox Evasion

1
T1497

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Replay Monitor

Loading Replay Monitor...

Downloads