Overview
overview
4Static
static
1My system/index.html
windows10-2004-x64
1My system/index.html
ubuntu-18.04-amd64
My system/index.html
debian-9-armhf
My system/index.html
debian-9-mips
My system/index.html
debian-9-mipsel
My system/scipt.js
windows10-2004-x64
3My system/scipt.js
ubuntu-18.04-amd64
3My system/scipt.js
debian-9-armhf
4My system/scipt.js
debian-9-mips
4My system/scipt.js
debian-9-mipsel
4Analysis
-
max time kernel
15s -
platform
debian-9_mipsel -
resource
debian9-mipsel-20240611-en -
resource tags
arch:mipselimage:debian9-mipsel-20240611-enkernel:4.9.0-13-4kc-maltalocale:en-usos:debian-9-mipselsystem -
submitted
16-07-2024 16:14
Static task
static1
Behavioral task
behavioral1
Sample
My system/index.html
Resource
win10v2004-20240709-en
Behavioral task
behavioral2
Sample
My system/index.html
Resource
ubuntu1804-amd64-20240611-en
Behavioral task
behavioral3
Sample
My system/index.html
Resource
debian9-armhf-20240418-en
Behavioral task
behavioral4
Sample
My system/index.html
Resource
debian9-mipsbe-20240611-en
Behavioral task
behavioral5
Sample
My system/index.html
Resource
debian9-mipsel-20240418-en
Behavioral task
behavioral6
Sample
My system/scipt.js
Resource
win10v2004-20240709-en
Behavioral task
behavioral7
Sample
My system/scipt.js
Resource
ubuntu1804-amd64-20240611-en
Behavioral task
behavioral8
Sample
My system/scipt.js
Resource
debian9-armhf-20240611-en
Behavioral task
behavioral9
Sample
My system/scipt.js
Resource
debian9-mipsbe-20240611-en
Behavioral task
behavioral10
Sample
My system/scipt.js
Resource
debian9-mipsel-20240611-en
General
-
Target
My system/scipt.js
-
Size
962B
-
MD5
654b1d84d56f65fcc347d30fda7e172b
-
SHA1
f1635bd1da4cdee51163762f1c7e5d34fb6277d3
-
SHA256
22abf1158a1817d9246ec0eb7c7ec72ac2d292596da115dbec411dfac2b5bfb6
-
SHA512
ea16efe2da00afafe6197ee92367027a82c44f7318f11c4382192ade32df39f38e30fa02dbb878db9744d979144667b6807f679e7fcd73e229ef46c90ec30fdf
Malware Config
Signatures
-
Changes its process name 4 IoCs
Processes:
description ioc pid Changes the process name, possibly in an attempt to hide itself V8 WorkerThread 715 Changes the process name, possibly in an attempt to hide itself V8 WorkerThread 716 Changes the process name, possibly in an attempt to hide itself V8 WorkerThread 718 Changes the process name, possibly in an attempt to hide itself V8 WorkerThread 720 -
Checks CPU configuration 1 TTPs 1 IoCs
Checks CPU information which indicate if the system is a virtual machine.
Processes:
nodejsdescription ioc process File opened for reading /proc/cpuinfo nodejs