Analysis

  • max time kernel
    4s
  • platform
    debian-9_armhf
  • resource
    debian9-armhf-20240418-en
  • resource tags

    arch:armhfimage:debian9-armhf-20240418-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
  • submitted
    18-07-2024 18:53

General

  • Target

    script.js

  • Size

    13B

  • MD5

    329dfd38b6589b9bc6d49cf9e785f35b

  • SHA1

    d9ecfceb4ae17569ecf01392633d538fe367c659

  • SHA256

    91e63e8dece57c357ba3e8083394fe1bb172d3c1b94e63530327b7d3a8063096

  • SHA512

    a33d6f1d617edcf5b0aa4b3d8d1577b6068d3bca50e9be218a23ce51550cbb0d7d167ec9f7c92d008d993b296b82273eb49d1779508b379373c311efe8697406

Score
4/10

Malware Config

Signatures

  • Checks CPU configuration 1 TTPs 1 IoCs

    Checks CPU information which indicate if the system is a virtual machine.

  • Reads CPU attributes 1 TTPs 1 IoCs
  • Enumerates kernel/hardware configuration 1 TTPs 1 IoCs

    Reads contents of /sys virtual filesystem to enumerate system information.

  • Reads runtime system information 1 IoCs

    Reads data from /proc virtual filesystem.

Processes

  • /usr/bin/node
    node /tmp/script.js
    1⤵
    • Checks CPU configuration
    • Reads CPU attributes
    • Enumerates kernel/hardware configuration
    • Reads runtime system information
    PID:633

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads