Tsunami.spc
First submission 2023-09-11 11:57:02
File details
| File type: | ELF 32-bit MSB executable, SPARC, version 1 (SYSV), statically linked, stripped |
| Mime type: | application/x-executable |
| File size: | 73.05 KB (74800 bytes) |
| MD5: | 45cdb79446b6724ac70ae3e164fd4a39 |
| SHA1: | eaeecf8e12c2ab6d6335caec8bc3ccd09704824a |
| SHA256: | ecfc3afd0d161dd607342a6080fad0d2568eb95a4a4c0ba3b4be58f7c3446a23 |
| Virus Total: | 35/61 VT report date: 2023-09-11 09:28:27 |
File features detected
Is DLL
Packers
Anti Debug
Anti VM
Signed
XOR
URLs, FQDN and IP indicators 1
| URL | Host (FQDN/IP) | Date Added |
|---|---|---|
hXXp://80.76.51.196/bins/Tsunami.spc  |
80.76.51.196 |
2023-09-11 11:57:02 |
Strings analysis - Possible IPs found 3
| 192.168.0.14 |
| 80.76.51.196 |
| 127.0.0.1 |
Strings analysis - Possible URLs found 8
| http://80.76.51.196/zyxel.sh; |
| http://schemas.xmlsoap.org/soap/encoding//%22%3E<s:Body |
| http://schemas.xmlsoap.org/soap/envelope// |
| http://80.76.51.196/bins/Tsunami.mips; |
| http://schemas.xmlsoap.org/soap/envelope/ |
| http://schemas.xmlsoap.org/soap/encoding/ |
| http://80.76.51.196/bins/Tsunami.x86 |
| http://80.76.51.196/bin+-O+/tmp/gaf;sh+/tmp/gaf |