a

First submission 2024-09-01 16:49:02

File details

File type: POSIX shell script, ASCII text executable, with very long lines
Mime type: text/x-shellscript
File size: 7.97 KB (8166 bytes)
MD5: 38dc1aeee32306b5e340f579376cfb3f
SHA1: 860b69a50a32a29073c303d025ccafb5fca182b7
SHA256: 3eb5b42a2de368bcad8e6d28f3ff100c8d97f1b9494b65f039e674fc2153924f

File features detected

Is DLL
Packers
Anti Debug
Anti VM
Signed
XOR

URLs, FQDN and IP indicators 1

URL Host (FQDN/IP) Date Added
hXXp://45.159.211.121/a VirusTotal Report 45.159.211.121 VirusTotal Report 2024-09-01 16:49:02

Strings analysis - File found

Text
ALLAH_IS_EVIL.txt

Strings analysis - Possible IPs found 2

45.159.211.121
45.152.112.46

Strings analysis - Possible URLs found 16

http://45.159.211.121/firmware/firmware.arm-linux-gnueabihf
http://45.159.211.121/firmware/firmware.armv5l
http://45.159.211.121/firmware/firmware.armv4l
http://45.159.211.121/firmware/firmware.arc
http://45.159.211.121/firmware/firmware.armv6l
http://45.152.112.46/firmware_v4?user=$current_user&dir=$MYDIR
http://45.159.211.121/firmware/firmware.mips
http://45.159.211.121/firmware/firmware.sh4
http://45.159.211.121/firmware/firmware.sparc
http://45.159.211.121/firmware/firmware.armv7l
http://45.159.211.121/firmware/firmware.powerpc
http://45.159.211.121/firmware/firmware.mipsel
http://45.159.211.121/firmware/firmware.m68k
http://45.159.211.121/firmware/firmware.i686
http://45.159.211.121/firmware/firmware.x86_64
http://45.159.211.121/firmware/firmware.i586