bash

First submission 2023-09-13 16:18:02

File details

File type:	ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, not stripped
Mime type:	application/x-executable
File size:	386.57 KB (395849 bytes)
MD5:	57e49f28cfd3b2ed0f14dfdf1ada0d54
SHA1:	7b3559eac3adbd517878d93540f4941da0868db4
SHA256:	87fe62bd035ef05eca12e0ce90982edd598053d80882bfb0e7892495026d034f
Virus Total:	33/62 VT report date: 2023-09-13 13:17:16

File features detected

Is DLL

Packers

Anti Debug

Anti VM

Signed

XOR

URLs, FQDN and IP indicators 1

URL	Host (FQDN/IP)	Date Added
hXXp://5.180.183.1/bash	5.180.183.1	2023-09-13 16:18:03

Strings analysis - Possible IPs found 196

2.0.172.39
1.9.2.8
1.8.0.13
1.9.2.3
1.9.2.6
1.9.2.4
4.0.223.4
1.0.154.43
1.0.154.42
1.9.2.16
3.0.4.2
4.0.223.5
1.8.0.14
1.3.8.1
1.8.0.15
1.5.0.8
2.0.172.6
1.9.1.18
0.2.153.1
1.9.1.19
4.0.249.30
2.0.177.1
3.0.196.2
3.0.195.3
3.0.195.1
3.0.195.6
4.0.201.1
3.0.195.4
8.8.8.8
1.9.0.9
1.9.0.8
1.9.0.1
1.9.0.3
1.9.0.2
1.9.0.5
1.9.0.4
1.9.0.7
1.9.0.6
2.0.156.1
4.0.249.25
1.0.154.46
1.8.1.11
1.8.1.10
1.8.1.13
1.8.1.12
1.8.1.15
1.8.1.14
1.8.1.17
1.0.154.48
1.8.1.19
1.8.1.18
3.0.198.1
1.8.1.5
2.0.0.12
1.8.1.7
1.8.1.6
1.8.1.1
2.6.24.2
1.8.1.3
1.8.1.2
2.0.0.19
2.0.0.18
1.8.1.9
1.8.1.8
38.0.0.6
2.0.0.5
4.0.220.1
2.0.0.4
2.0.0.9
2.0.0.8
2.0.0.7
2.0.0.6
3.0.195.20
3.0.195.21
2.0.0.3
3.0.195.27
2.0.0.1
2.0.0.2
4.0.222.1
4.0.222.3
4.0.222.2
4.0.222.5
4.0.222.4
4.0.222.7
4.0.222.6
4.0.222.8
0.3.154.6
2.0.0.24
2.0.0.21
19.77.34.5
4.0.224.2
0.3.154.9
4.0.222.12
1.9.1.8
1.9.1.9
1.9.1.5
1.9.1.6
1.9.1.1
1.9.1.3
1.9.0.15
1.9.0.14
1.8.0.10
1.9.0.16
1.9.0.11
1.9.0.10
1.9.0.13
1.9.0.12
3.0.195.33
1.9.0.19
1.9.0.18
2.0.157.2
1.8.1.21
2.6.17.13
4.0.211.2
4.0.211.7
4.0.211.4
1.8.0.8
1.8.0.9
4.0.221.7
4.0.213.1
1.8.0.1
1.8.0.3
1.8.0.4
1.8.0.5
1.8.0.7
4.0.206.1
4.0.221.8
4.0.221.6
1.0.154.39
4.0.221.3
1.9.1.16
1.5.0.4
1.5.0.7
1.9.1.15
1.5.0.3
1.9.1.11
3.0.197.11
2.0.172.2
1.9.2.14
1.9.2.13
4.0.223.1
4.0.223.2
4.0.223.3
5.0.2.6
5.0.2.4
5.0.2.5
4.1.1.11
4.0.202.2
3.0.195.24
0.2.149.27
0.2.149.29
1.8.4.1
4.0.219.3
5.180.183.1
3.0.195.10
3.0.195.17
4.0.219.6
4.0.219.5
4.0.219.4
1.8.1.16
1.9.2.24
1.9.2.28
1.9.2.29
1.6.3.1
2.6.34.1
0.2.149.30
2.0.172.40
2.0.172.42
2.0.172.43
0.4.154.18
2.0.0.13
2.0.0.15
1.8.1.4
2.0.172.23
2.0.0.11
1.0.154.53
1.0.154.50
2.0.0.10
1.0.154.55
2.0.0.17
1.0.154.59
1.8.1.24
2.0.0.16
1.5.0.5
0.2.149.6
3.0.191.3
4.0.212.1
2.0.173.1
4.0.203.2
1.5.1.1
0.4.154.31
2.0.0.14
1.9.1.14
4.0.203.4
2.0.172.8
3.0.193.2

Strings analysis - Possible URLs found 5

http://www.baidu.com/search/spider.html)
http://www.baidu.com/search/spider.htm)
http://fast.no/support/crawler.asp)
http://feedback.redkolibri.com/
http://www.billybobbot.com/crawler/)