76d32be0.sh

First submission 2022-08-03 08:43:02

File details

File type: Bourne-Again shell script, ASCII text executable, with very long lines
File type: 4.35 KB (4453 bytes)
MD5: 684d228f6b3237ae5a60fbca538616a3
SHA1: da35f4bce3ed1aa47d44388b556b4661838ca3d8
SHA256: 689e68b1b036f681e51f7ebb4318565378fe76ad78e9409d2799b27774842535
Virus Total:

File features detected

Is DLL

Packers

Anti Debug

Anti VM

Signed

XOR

URLs, FQDN and IP indicators 1

URL Host (FQDN/IP) Date Added
hXXp://128.199.189.244/76d32be0.sh VirusTotal Report 128.199.189.244 VirusTotal Report 2022-08-03 08:43:02

Strings analysis - Possible IPs found 1

128.199.189.244

Strings analysis - Possible URLs found 13

http://128.199.189.244/596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.spc;
http://128.199.189.244/596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.m68k;
http://128.199.189.244/596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips;
http://128.199.189.244/596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.arm6;
http://128.199.189.244/596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.i686;
http://128.199.189.244/596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.sh4;
http://128.199.189.244/596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.ppc;
http://128.199.189.244/596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.arc;
http://128.199.189.244/596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.arm7;
http://128.199.189.244/596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mpsl;
http://128.199.189.244/596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.arm;
http://128.199.189.244/596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.arm5;
http://128.199.189.244/596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.x86;