bot.x86
First submission 2024-10-13 22:11:03
Last sumbission 2024-10-13 23:16:02
File details
| File type: | ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), statically linked, Go BuildID=ObMci5J6KUlYVZRv3qlR/N6rHkOnSeEP1GFeTAkgC/fwXwz72kaZoLzVV-cacq/_fcSjewIbpqNOtN9Wj9M, with debug_info, not stripped |
| Mime type: | application/x-executable |
| File size: | 7405.92 KB (7583658 bytes) |
| MD5: | 4879e2ff1e8610b637161384128db893 |
| SHA1: | 5d8a5b6e606520d018bfc5604ce4b1bea6e3c388 |
| SHA256: | 64bfc2b4ff6efffeeed0db5aa499d5eab651fd5436d5a49b15e796d3c9e7628d |
File features detected
Is DLL
Packers
Anti Debug
Anti VM
Signed
XOR
URLs, FQDN and IP indicators 2
| URL | Host (FQDN/IP) | Date Added |
|---|---|---|
hXXp://billing.rpnodes.host/bot.x86  |
billing.rpnodes.host |
2024-10-13 23:16:04 |
| hXXp://100.42.189.107/bot.x86 |
100.42.189.107 |
2024-10-13 22:11:03 |
Strings analysis - File found
| Executable |
| f .sO |
| Log |
| math.Log |
Strings analysis - Possible IPs found 13
| 1.2.2.1 |
| 1.1.2.1 |
| 2.5.4.102 |
| 87.120.84.114 |
| 1.1.3.1 |
| 5.4.112.5 |
| 5.4.32.5 |
| 4.52.5.4 |
| 1.1.1.1 |
| 127.0.0.1 |
| 2.5.4.62 |
| 72.5.4.82 |
| 1.2.1.1 |
Strings analysis - Possible URLs found 2
| http://chunkedCreatedIM |
| http://api.ipify.orgjson: |