zBQKW3fVZchxmaNKQPOP1TfuQm1qBlwasU
First submission 2024-08-26 17:40:01
Last sumbission 2024-10-17 03:39:03
File details
| File type: | ELF 32-bit MSB executable, PowerPC or cisco 4500, version 1 (SYSV), statically linked, not stripped |
| Mime type: | application/x-executable |
| File size: | 93.07 KB (95305 bytes) |
| MD5: | 27a1a1941f224eff6a4babf2495e3692 |
| SHA1: | 86fae66a698f6280353e470ffadfb64441b03e83 |
| SHA256: | ab610b9f57ce293287cf9d4b3d47024ee73c81d8542247e26d1f0db2d5144179 |
File features detected
Is DLL
Packers
Anti Debug
Anti VM
Signed
XOR
OSINT Enrichments
| Virus Total: | 17/79 VT report date: 2024-08-25 23:55:04 |
| Malware Type 1 | trojan |
| Threat Type 3 | mirai gafgyt possible |
URLs, FQDN and IP indicators 3
| URL | Host (FQDN/IP) | Date Added |
|---|---|---|
hXXp://conn.masjesu.zip/bins/zBQKW3fVZchxmaNKQPOP1TfuQm1qBlwasU  |
conn.masjesu.zip |
2024-10-17 03:39:07 |
| hXXp://87.120.84.230/bins/i5BKWG1FDLGCdZQIYZJflKFx4L5qTn0WBR |
87.120.84.230 |
2024-10-15 14:56:05 |
| hXXp://87.120.84.230/bins/0yhPfu6McXW1Vax4PpK3iOhzt9qmVFTIyS |
87.120.84.230 |
2024-10-12 16:52:04 |
Strings analysis - Possible IPs found 2
| 8.8.8.8 |
| 192.168.1.1 |