ps

First submission 2024-04-02 09:32:02 Last sumbission 2024-04-14 02:05:01

File details

File type: ELF 64-bit LSB executable, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, for GNU/Linux 2.6.32, BuildID[sha1]=04d7556ee5615f144260bfe084d2884186e5c288, not stripped
Mime type: application/x-executable
File size: 17.83 KB (18256 bytes)
MD5: 674b21c779958fe66a74ce9e894a8363
SHA1: e735e34e31c98b72f7793527ff7200d594142581
SHA256: 60cb56218ecc73cb4262f363c8563aa42a1bff63e5d8b218d79702567b908ae9
Virus Total:

File features detected

Is DLL

Packers

Anti Debug

Anti VM

Signed

XOR

URLs, FQDN and IP indicators 3

URL Host (FQDN/IP) Date Added
hXXp://94.156.67.154/ps VirusTotal Report 94.156.67.154 VirusTotal Report 2024-04-14 02:05:02
hXXp://vvnnmm.com/ps VirusTotal Report vvnnmm.com VirusTotal Report 2024-04-09 14:10:03
hXXp://94.156.65.212/ps VirusTotal Report 94.156.65.212 VirusTotal Report 2024-04-08 12:33:03

Strings analysis - File found

Log
scan%d.log
redhat62.log
freebsd.log
redhat7.log
redhat72.log
proftp.log
wu-ftpd.log
ssh_vuln.log
wingate.log
solaris.log

Strings analysis - Possible IPs found 2

10.0.0.32
10.0.0.1