Analysis

  • max time kernel
    1s
  • platform
    debian-9_armhf
  • resource
    debian9-armhf-20240418-en
  • resource tags

    arch:armhfimage:debian9-armhf-20240418-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
  • submitted
    03-08-2024 05:50

General

  • Target

    resources/app/node_modules/ejs-electron/node_modules/mime/cli.js

  • Size

    1KB

  • MD5

    f13333cd6bfe3dcb5e949337a7186ad4

  • SHA1

    b7f33b24da6e984dfb6c0c8c7dcf074c613673c2

  • SHA256

    15da8d89bd7fc3a4025f79197a02a62284a95add244ec67bdd2b8dff918b5052

  • SHA512

    96c5c21a657f284900cb966bccaac351fd540ec7197b64cf06018b45d57118b15a29040d78b874fa5622e66fb5b0f1a87bd6a16a50c930e910c6984bef7825c6

Score
4/10

Malware Config

Signatures

  • Changes its process name 1 IoCs
  • Checks CPU configuration 1 TTPs 1 IoCs

    Checks CPU information which indicate if the system is a virtual machine.

  • Reads CPU attributes 1 TTPs 1 IoCs
  • Enumerates kernel/hardware configuration 1 TTPs 1 IoCs

    Reads contents of /sys virtual filesystem to enumerate system information.

  • Reads runtime system information 1 IoCs

    Reads data from /proc virtual filesystem.

Processes

  • /tmp/resources/app/node_modules/ejs-electron/node_modules/mime/cli.js
    /tmp/resources/app/node_modules/ejs-electron/node_modules/mime/cli.js
    1⤵
      PID:756
    • /usr/local/sbin/node
      node /tmp/resources/app/node_modules/ejs-electron/node_modules/mime/cli.js
      1⤵
        PID:756
      • /usr/local/bin/node
        node /tmp/resources/app/node_modules/ejs-electron/node_modules/mime/cli.js
        1⤵
          PID:756
        • /usr/sbin/node
          node /tmp/resources/app/node_modules/ejs-electron/node_modules/mime/cli.js
          1⤵
            PID:756
          • /usr/bin/node
            node /tmp/resources/app/node_modules/ejs-electron/node_modules/mime/cli.js
            1⤵
            • Changes its process name
            • Checks CPU configuration
            • Reads CPU attributes
            • Enumerates kernel/hardware configuration
            • Reads runtime system information
            PID:756

          Network

          MITRE ATT&CK Enterprise v15

          Replay Monitor

          Loading Replay Monitor...

          Downloads

          We care about your privacy.

          This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.