Analysis
-
max time kernel
20s -
platform
debian-9_mips -
resource
debian9-mipsbe-20240611-en -
resource tags
arch:mipsimage:debian9-mipsbe-20240611-enkernel:4.9.0-13-4kc-maltalocale:en-usos:debian-9-mipssystem -
submitted
27/10/2024, 20:11
Static task
static1
Behavioral task
behavioral1
Sample
sample.js
Resource
win10ltsc2021-20241023-en
Behavioral task
behavioral2
Sample
sample.js
Resource
win11-20241007-en
Behavioral task
behavioral3
Sample
sample.js
Resource
ubuntu1804-amd64-20240611-en
Behavioral task
behavioral4
Sample
sample.js
Resource
debian9-armhf-20240611-en
Behavioral task
behavioral5
Sample
sample.js
Resource
debian9-mipsbe-20240611-en
Behavioral task
behavioral6
Sample
sample.js
Resource
debian9-mipsel-20240611-en
General
-
Target
sample.js
-
Size
66KB
-
MD5
e7e597e858a5593c28fd5ef148ca6274
-
SHA1
3d9f2d4a4c237607ea9a654253539b8d79e774ed
-
SHA256
e0209add9a799a1f2b1b75e422d40cecefabff9399ce3200414e807a07debab2
-
SHA512
e67baa0495fe73706e9ca5b1ffa17734c3282504d5eebe1ccf6601f5b2e28c7b7ab389b6497a451e6ca8bae30bcbc0cf8f46c9d0e54b0ee2a4333b0fd8df0d64
-
SSDEEP
1536:u69UFLCCwNiey/JehNFZuSuWtWWxPqoho1HwAEpqcSkNSWaj5CO6ZsnJfrYauv5q:J9UFLhw4eqou1HwAEpqcSkNSWaj5CO6M
Malware Config
Signatures
-
Changes its process name 4 IoCs
description ioc pid Process Changes the process name, possibly in an attempt to hide itself V8 WorkerThread 717 nodejs Changes the process name, possibly in an attempt to hide itself V8 WorkerThread 719 nodejs Changes the process name, possibly in an attempt to hide itself V8 WorkerThread 722 nodejs Changes the process name, possibly in an attempt to hide itself V8 WorkerThread 724 nodejs -
Checks CPU configuration 1 TTPs 1 IoCs
Checks CPU information which indicate if the system is a virtual machine.
description ioc Process File opened for reading /proc/cpuinfo nodejs