76d32be0.sh
First submission 2022-08-03 08:43:02
File details
| File type: | Bourne-Again shell script, ASCII text executable, with very long lines |
| File type: | 4.35 KB (4453 bytes) |
| MD5: | 684d228f6b3237ae5a60fbca538616a3 |
| SHA1: | da35f4bce3ed1aa47d44388b556b4661838ca3d8 |
| SHA256: | 689e68b1b036f681e51f7ebb4318565378fe76ad78e9409d2799b27774842535 |
| Virus Total: |
File features detected
Is DLL
Packers
Anti Debug
Anti VM
Signed
XOR
URLs, FQDN and IP indicators 1
| URL | Host (FQDN/IP) | Date Added |
|---|---|---|
hXXp://128.199.189.244/76d32be0.sh  |
128.199.189.244 |
2022-08-03 08:43:02 |
Strings analysis - Possible IPs found 1
| 128.199.189.244 |
Strings analysis - Possible URLs found 13
| http://128.199.189.244/596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.spc; |
| http://128.199.189.244/596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.m68k; |
| http://128.199.189.244/596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; |
| http://128.199.189.244/596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.arm6; |
| http://128.199.189.244/596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.i686; |
| http://128.199.189.244/596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.sh4; |
| http://128.199.189.244/596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.ppc; |
| http://128.199.189.244/596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.arc; |
| http://128.199.189.244/596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.arm7; |
| http://128.199.189.244/596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mpsl; |
| http://128.199.189.244/596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.arm; |
| http://128.199.189.244/596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.arm5; |
| http://128.199.189.244/596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.x86; |