qlcxvisgod.ppc
First submission 2022-08-05 00:15:01
File details
| File type: | ELF 32-bit MSB executable, PowerPC or cisco 4500, version 1 (SYSV), statically linked, stripped |
| File type: | 69.09 KB (70744 bytes) |
| MD5: | 2e9ee59a57df2d9a6f96558699dfa3e4 |
| SHA1: | a09c70239c407520e11452556555b248d12c329e |
| SHA256: | 647bc8c13187f4a99daa692c76b655d41a5a091bc11b78acfaac0f187b350d3a |
| Virus Total: | 40/61 VT report date: 2022-07-31 14:09:42 |
File features detected
Is DLL
Packers
Anti Debug
Anti VM
Signed
XOR
URLs, FQDN and IP indicators 1
| URL | Host (FQDN/IP) | Date Added |
|---|---|---|
hXXp://208.67.106.145/bns/qlcxvisgod.ppc  |
208.67.106.145 |
2022-08-05 00:15:01 |
Strings analysis - Possible IPs found 2
| 208.67.106.145 |
| 192.168.0.14 |
Strings analysis - Possible URLs found 4
| http://schemas.xmlsoap.org/soap/encoding/ |
| http://208.67.106.145/zyxel.sh; |
| http://208.67.106.145/bns/x86 |
| http://schemas.xmlsoap.org/soap/envelope/ |