jade.mips

First submission 2024-07-09 19:12:02 Last sumbission 2024-07-10 21:32:03

File details

File type: ELF 32-bit MSB executable, MIPS, MIPS-I version 1 (SYSV), statically linked, not stripped
Mime type: application/x-executable
File size: 140.92 KB (144299 bytes)
MD5: 3a8629d4f654da8151cf96ba4f5b697f
SHA1: 660e1af44928e70eb5487135a10872c2abbe630c
SHA256: 3fb795156f3aa63bbb37a202179e088caadd9d37b7c17bfedd3f4c186e38e309

File features detected

Is DLL
Packers
Anti Debug
Anti VM
Signed
XOR

OSINT Enrichments

Virus Total: 41/78 VT report date: 2024-07-09 19:04:49
Malware Type 1 trojan
Threat Type 3 mirai bootnet froz

URLs, FQDN and IP indicators 1

URL Host (FQDN/IP) Date Added
hXXp://dhcp-211-248-59-5.metro86.ru/bins/jade.mips VirusTotal Report dhcp-211-248-59-5.metro86.ru VirusTotal Report 2024-07-10 21:32:05

Strings analysis - Possible IPs found 3

192.168.0.14
5.59.248.211
193.239.147.201

Strings analysis - Possible URLs found 4

http://schemas.xmlsoap.org/soap/encoding/
http://schemas.xmlsoap.org/soap/envelope/
http://193.239.147.201/zyxel.sh;
http://193.239.147.201/bins/x86