ohshit.sh

First submission 2022-08-03 18:41:01

File details

File type: Bourne-Again shell script, ASCII text executable
File type: 2.81 KB (2880 bytes)
MD5: 4f28d327cbd651e39707f2402184675d
SHA1: 46a2aaf238cd0a1ddcc9b6f20c3c29bced904944
SHA256: 392ef0f5551f1450f6f031a3dff5bec5c20e65782bf5c0a4f61f6315353b60aa
Virus Total: 32/60 VT report date: 2022-08-03 15:16:29

File features detected

Is DLL

Packers

Anti Debug

Anti VM

Signed

XOR

URLs, FQDN and IP indicators 1

URL Host (FQDN/IP) Date Added
hXXp://77.73.133.2/ohshit.sh VirusTotal Report 77.73.133.2 VirusTotal Report 2022-08-03 18:41:01

Strings analysis - Possible IPs found 1

77.73.133.2

Strings analysis - Possible URLs found 30

http://77.73.133.2/hiddenbin/boatnet.sh4;
http://77.73.133.2/hiddenbin/boatnet.m68k;cat
http://77.73.133.2/hiddenbin/boatnet.i468;
http://77.73.133.2/hiddenbin/boatnet.arc;
http://77.73.133.2/hiddenbin/boatnet.arm5;cat
http://77.73.133.2/hiddenbin/boatnet.x86_64;
http://77.73.133.2/hiddenbin/boatnet.i686;cat
http://77.73.133.2/hiddenbin/boatnet.spc;
http://77.73.133.2/hiddenbin/boatnet.mips;
http://77.73.133.2/hiddenbin/boatnet.arm6;cat
http://77.73.133.2/hiddenbin/boatnet.i468;cat
http://77.73.133.2/hiddenbin/boatnet.sh4;cat
http://77.73.133.2/hiddenbin/boatnet.ppc;
http://77.73.133.2/hiddenbin/boatnet.arm7;cat
http://77.73.133.2/hiddenbin/boatnet.spc;cat
http://77.73.133.2/hiddenbin/boatnet.arm;cat
http://77.73.133.2/hiddenbin/boatnet.i686;
http://77.73.133.2/hiddenbin/boatnet.mpsl;
http://77.73.133.2/hiddenbin/boatnet.arm6;
http://77.73.133.2/hiddenbin/boatnet.mips;cat
http://77.73.133.2/hiddenbin/boatnet.mpsl;cat
http://77.73.133.2/hiddenbin/boatnet.x86;
http://77.73.133.2/hiddenbin/boatnet.x86_64;cat
http://77.73.133.2/hiddenbin/boatnet.ppc;cat
http://77.73.133.2/hiddenbin/boatnet.arc;cat
http://77.73.133.2/hiddenbin/boatnet.x86;cat
http://77.73.133.2/hiddenbin/boatnet.m68k;
http://77.73.133.2/hiddenbin/boatnet.arm;
http://77.73.133.2/hiddenbin/boatnet.arm5;
http://77.73.133.2/hiddenbin/boatnet.arm7;