Overview

overview

4

Static

static

1

run.js

android-11-x64

run.js

android-9-x86

run.js

debian-9-armhf

4

run.js

debian-9-mips

4

run.js

debian-9-mipsel

4

run.js

ubuntu-18.04-amd64

3

Resubmissions

29-06-2024 14:33

240629-rw2p4asekk 4

29-06-2024 14:33

240629-rwtz9azbka 4

Analysis

  • max time kernel
    13s
  • platform
    debian-9_mipsel
  • resource
    debian9-mipsel-20240611-en
  • resource tags

    arch:mipselimage:debian9-mipsel-20240611-enkernel:4.9.0-13-4kc-maltalocale:en-usos:debian-9-mipselsystem
  • submitted
    29-06-2024 14:33

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    run.js

  • Size

    59B

  • MD5

    4775f27ad088bf259c1e8dfa934d9e31

  • SHA1

    7a10d5d619e0ed2df7bf2efe1328ebb2014daa9c

  • SHA256

    94f5a2fceeb85c248100f65f0700561ea4de7db848b2a302e65273c243b3fb14

  • SHA512

    edfed992a8093c532a51c63da3e89cc73516f8baedb3f85d2d50bc26e18eebf8382fcf190396e869742d850cbd872260d155f60e6f7794b41864a2fbe207d912

Score
4/10
antivm

Malware Config

Signatures

  • Changes its process name 4 IoCs
  • Checks CPU configuration 1 TTPs 1 IoCs

    Checks CPU information which indicate if the system is a virtual machine.

    antivm

Processes

  • /usr/bin/nodejs
    nodejs /tmp/run.js
    1⤵
    • Checks CPU configuration
    PID:706

Network

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

1
T1497

Credential Access

Discovery

Virtualization/Sandbox Evasion

1
T1497

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Replay Monitor

Loading Replay Monitor...

Downloads