Analysis
-
max time kernel
61s -
platform
debian-9_mips -
resource
debian9-mipsbe-20240418-en -
resource tags
arch:mipsimage:debian9-mipsbe-20240418-enkernel:4.9.0-13-4kc-maltalocale:en-usos:debian-9-mipssystem -
submitted
29-07-2024 10:03
Static task
static1
Behavioral task
behavioral1
Sample
.zMousse.js
Resource
ubuntu1804-amd64-20240611-en
Behavioral task
behavioral2
Sample
.zMousse.js
Resource
debian9-armhf-20240611-en
Behavioral task
behavioral3
Sample
.zMousse.js
Resource
debian9-mipsbe-20240418-en
Behavioral task
behavioral4
Sample
.zMousse.js
Resource
debian9-mipsel-20240611-en
General
-
Target
.zMousse.js
-
Size
3KB
-
MD5
bf52ae0dd3192b230f43d1a1437c7ed7
-
SHA1
dfd80591c9b8b9f5566ea3d23567d600d9a8efc9
-
SHA256
b45fc7c8b72d4f712213bdcfbee13f76ffd05796a4435836ac8d941967b3ee1c
-
SHA512
fd458173f9cc69785baab847d6c9f2592b48213bd07ca7454a1febb15ae13b10ee2aaf3f22402dc730d036a29ffc3fd1c945c25092d50b470c2a19c45430ab40
Malware Config
Signatures
-
Changes its process name 4 IoCs
Processes:
description ioc pid Changes the process name, possibly in an attempt to hide itself V8 WorkerThread 750 Changes the process name, possibly in an attempt to hide itself V8 WorkerThread 751 Changes the process name, possibly in an attempt to hide itself V8 WorkerThread 755 Changes the process name, possibly in an attempt to hide itself V8 WorkerThread 757 -
Checks CPU configuration 1 TTPs 1 IoCs
Checks CPU information which indicate if the system is a virtual machine.
Processes:
nodejsdescription ioc process File opened for reading /proc/cpuinfo nodejs