Analysis
-
max time kernel
9s -
platform
debian-9_mips -
resource
debian9-mipsbe-20240729-en -
resource tags
arch:mipsimage:debian9-mipsbe-20240729-enkernel:4.9.0-13-4kc-maltalocale:en-usos:debian-9-mipssystem -
submitted
24/11/2024, 00:00
Static task
static1
Behavioral task
behavioral1
Sample
sample.js
Resource
win7-20240729-en
Behavioral task
behavioral2
Sample
sample.js
Resource
win10v2004-20241007-en
Behavioral task
behavioral3
Sample
sample.js
Resource
ubuntu1804-amd64-20240611-en
Behavioral task
behavioral4
Sample
sample.js
Resource
debian9-armhf-20240611-en
Behavioral task
behavioral5
Sample
sample.js
Resource
debian9-mipsbe-20240729-en
Behavioral task
behavioral6
Sample
sample.js
Resource
debian9-mipsel-20240611-en
General
-
Target
sample.js
-
Size
199KB
-
MD5
9aae9d2594357010ac96c5a09d200389
-
SHA1
00bd1e28fddcc4f1b7cf136947d2169850a845e0
-
SHA256
d7ec175103974526224d77b97d62985a2f544f54a3e6310c6bf06bd7c86ba8fc
-
SHA512
3de537a6ddcbbca7e0d7d97abc5a23b3b8a01c168b1aeb1adb5166ed820564445fb1b2137fa3f709ed4a0a75070bc7b29824cc4a4e6e9f125d04929b2c76ba5b
-
SSDEEP
6144:y0A2ZthB2SNidTq7oANxIval0dc5LaxKoryUhJBLPir3lkVFZIkV/5crLAhoOWT8:y0A2ZthB2SNidTq7lx8al0dWLCKoryUD
Malware Config
Signatures
-
Changes its process name 4 IoCs
description ioc pid Process Changes the process name, possibly in an attempt to hide itself V8 WorkerThread 714 nodejs Changes the process name, possibly in an attempt to hide itself V8 WorkerThread 716 nodejs Changes the process name, possibly in an attempt to hide itself V8 WorkerThread 719 nodejs Changes the process name, possibly in an attempt to hide itself V8 WorkerThread 723 nodejs -
Checks CPU configuration 1 TTPs 1 IoCs
Checks CPU information which indicate if the system is a virtual machine.
description ioc Process File opened for reading /proc/cpuinfo nodejs