haha.x86

First submission 2022-07-21 13:26:02

File details

File type: ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), statically linked, stripped
File type: 33.33 KB (34128 bytes)
MD5: 53e6c166cee0dd7a69b21f47061fd003
SHA1: 3b34666aaebb08b0c8f6206497325633b149754c
SHA256: 7cbe773ce7ff9d611dc6c8f58c05134976b599c9faf96743de24d51321bbafbd
Virus Total: 33/61 VT report date: 2022-07-21 09:42:30

File features detected

Is DLL

Packers

Anti Debug

Anti VM

Signed

XOR

URLs, FQDN and IP indicators 3

URL Host (FQDN/IP) Date Added
hXXp://209.141.50.31/skullnet//haha.x86 VirusTotal Report 209.141.50.31 VirusTotal Report 2022-07-21 13:26:02
hXXp://209.141.50.31/skullnet//home.x86 VirusTotal Report 209.141.50.31 VirusTotal Report 2022-07-21 13:28:05
hXXp://209.141.50.31/skullnet/haha.x86 VirusTotal Report 209.141.50.31 VirusTotal Report 2022-08-05 00:11:05

Strings analysis - Possible IPs found 2

255.255.255.255
127.0.0.1