sh4
First submission 2024-10-13 00:34:01
File details
| File type: | ELF 32-bit LSB executable, Renesas SH, version 1 (SYSV), statically linked, stripped |
| Mime type: | application/x-executable |
| File size: | 58.29 KB (59688 bytes) |
| MD5: | 53f3775f1a61fc14e0070743468dce40 |
| SHA1: | c2201f62296ab9adecbfae3ee69ba4a3130a5601 |
| SHA256: | d2cdab0ef88e57347c3ea3db7d842edcd8a8d1d71847a8e66be391e5d0b9332d |
File features detected
Is DLL
Packers
Anti Debug
Anti VM
Signed
XOR
OSINT Enrichments
| Virus Total: | 39/77 VT report date: 2024-10-12 22:44:13 |
| Malware Type 1 | trojan |
| Threat Type 3 | mirai gafgyt froz |
URLs, FQDN and IP indicators 1
| URL | Host (FQDN/IP) | Date Added |
|---|---|---|
hXXp://185.196.10.215/bins/sh4  |
185.196.10.215 |
2024-10-13 00:34:01 |
Strings analysis - Possible IPs found 3
| 255.255.255.255 |
| 127.0.0.1 |
| 185.196.10.215 |
Strings analysis - Possible URLs found 3
| http://schemas.xmlsoap.org/soap/encoding/ |
| http://185.196.10.215/bins/mips; |
| http://schemas.xmlsoap.org/soap/envelope/ |