DigitalSide Threat Intel

aws

First submission 2024-10-17 12:57:02

File details

File type: Bourne-Again shell script, ASCII text executable, with very long lines
Mime type: text/x-shellscript
File size: 4.66 KB (4774 bytes)
MD5: 2d520ab45c89c24520e0754fd1971be2
SHA1: 96e5de0ce70de4fa0f1adcd586aa49608bd578ea
SHA256: ebbb403ae5c2bf4cbfa72c30f5e061d73fa5465c0a7c455e18a2cc73b413d160

File features detected

Is DLL
Packers
Anti Debug
Anti VM
Signed
XOR

OSINT Enrichments

Virus Total: 35/77 VT report date: 2024-10-17 02:03:35
Malware Type 2 downloader trojan
Threat Type 3 medusa shell mirai

URLs, FQDN and IP indicators 1

URL Host (FQDN/IP) Date Added
hXXp://87.236.95.134/aws VirusTotal Report 87.236.95.134 VirusTotal Report 2024-10-17 12:57:02

Strings analysis - Possible IPs found 1

87.236.95.134

Strings analysis - Possible URLs found 14

http://87.236.95.134/596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.i686;
http://87.236.95.134/596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.x86;
http://87.236.95.134/596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.arm6;
http://87.236.95.134/596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.spc;
http://87.236.95.134/596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.m68k;
http://87.236.95.134/596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.arm7;
http://87.236.95.134/596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips;
http://87.236.95.134/596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.ppc;
http://87.236.95.134/596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.arm;
http://87.236.95.134/596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.sh4;
http://87.236.95.134/596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.arm5;
http://87.236.95.134/596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mpsl;
http://87.236.95.134/596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.x86_64;
http://87.236.95.134/596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.arc;