Analysis
-
max time kernel
16s -
platform
debian-9_mips -
resource
debian9-mipsbe-20240611-en -
resource tags
arch:mipsimage:debian9-mipsbe-20240611-enkernel:4.9.0-13-4kc-maltalocale:en-usos:debian-9-mipssystem -
submitted
18-07-2024 21:56
Static task
static1
Behavioral task
behavioral1
Sample
code.js
Resource
android-x64-arm64-20240624-en
Behavioral task
behavioral2
Sample
code.js
Resource
android-x86-arm-20240624-en
Behavioral task
behavioral3
Sample
code.js
Resource
debian9-armhf-20240611-en
Behavioral task
behavioral4
Sample
code.js
Resource
debian9-mipsbe-20240611-en
Behavioral task
behavioral5
Sample
code.js
Resource
debian9-mipsel-20240226-en
Behavioral task
behavioral6
Sample
code.js
Resource
ubuntu1804-amd64-20240611-en
General
-
Target
code.js
-
Size
13B
-
MD5
2fb027a6b4506d2ad098c2e3adc5e8a8
-
SHA1
c5621c464a6b98e78ac8b802e3482a1914ead7ce
-
SHA256
5d6917a6b3d281818636d7e9ba5376df4b6379b5eba11b700930675057ea3d5e
-
SHA512
e33926cffafdd1ff8e43c675a8f7931f53ba952ce735207cddf146048b03022030d1a8178305fb6917e93285857b2ee96e896214654c4d2de329d6a9a911c885
Malware Config
Signatures
-
Changes its process name 4 IoCs
Processes:
description ioc pid Changes the process name, possibly in an attempt to hide itself V8 WorkerThread 720 Changes the process name, possibly in an attempt to hide itself V8 WorkerThread 722 Changes the process name, possibly in an attempt to hide itself V8 WorkerThread 723 Changes the process name, possibly in an attempt to hide itself V8 WorkerThread 725 -
Checks CPU configuration 1 TTPs 1 IoCs
Checks CPU information which indicate if the system is a virtual machine.
Processes:
nodejsdescription ioc process File opened for reading /proc/cpuinfo nodejs