realtek
First submission 2024-09-05 00:42:02
Last sumbission 2024-09-05 00:46:02
File details
File type: | Bourne-Again shell script, ASCII text executable |
Mime type: | text/x-shellscript |
File size: | 2.5 KB (2555 bytes) |
MD5: | 027e2a5aca8c00b9913e45fde1c1cbf6 |
SHA1: | d3532e1f8a4b0a8cb47f0f21557052b3049f9d30 |
SHA256: | 94f636eba9387e6ec626668e448d330d51618bd8833daa3c5dd7f24664e5e048 |
File features detected
Is DLL
Packers
Anti Debug
Anti VM
Signed
XOR
OSINT Enrichments
Virus Total: | 34/79 VT report date: 2024-09-05 00:40:51 |
Malware Type 2 | downloader trojan |
Threat Type 3 | medusa shell bash |
URLs, FQDN and IP indicators 4
Strings analysis - Possible IPs found 1
154.216.17.167 |
Strings analysis - Possible URLs found 13
http://154.216.17.167//zmap.mips; |
http://154.216.17.167//zmap.mpsl; |
http://154.216.17.167//zmap.i686; |
http://154.216.17.167//zmap.arm6; |
http://154.216.17.167//zmap.arm7; |
http://154.216.17.167//zmap.arm5; |
http://154.216.17.167//zmap.m68k; |
http://154.216.17.167//zmap.arm; |
http://154.216.17.167//zmap.x86; |
http://154.216.17.167//zmap.arc; |
http://154.216.17.167//zmap.sh4; |
http://154.216.17.167//zmap.spc; |
http://154.216.17.167//zmap.ppc; |