cas
First submission 2024-09-22 12:03:01
Last sumbission 2024-09-29 14:00:02
File details
File type: | Bourne-Again shell script, ASCII text executable |
Mime type: | text/x-shellscript |
File size: | 0.66 KB (676 bytes) |
MD5: | 5dce119cae291faf8e8e1b06f271658e |
SHA1: | 0fb386b658587678074b7059b6ab686d893ec24f |
SHA256: | fb7e457d497ae78910cff172905fb153b36b1aa7faaa2bc566845f131c6255ff |
File features detected
Is DLL
Packers
Anti Debug
Anti VM
Signed
XOR
OSINT Enrichments
Virus Total: | 34/77 VT report date: 2024-09-18 10:16:53 |
Malware Type 2 | downloader trojan |
Threat Type 2 | medusa shell |
URLs, FQDN and IP indicators 1
Strings analysis - Possible IPs found 1
95.214.27.236 |
Strings analysis - Possible URLs found 8
http://95.214.27.236:4782/mips; |
http://95.214.27.236:4782/arm5;chmod |
http://95.214.27.236:4782/arm7;chmod |
http://95.214.27.236:4782/mpsl; |
http://95.214.27.236:4782/arm5; |
http://95.214.27.236:4782/arm7; |
http://95.214.27.236:4782/mpsl;chmod |
http://95.214.27.236:4782/mips;chmod |