bolonetwork.ppc
First submission 2024-07-20 22:50:02
File details
| File type: | ELF 32-bit MSB executable, PowerPC or cisco 4500, version 1 (SYSV), statically linked, stripped |
| Mime type: | application/x-executable |
| File size: | 159.21 KB (163032 bytes) |
| MD5: | 730b26a8902d957742869d76f82cb613 |
| SHA1: | 847012f6da8e0b22e1e927e79962d2a01f096894 |
| SHA256: | 39ce571136ba4058640a2af5963c3061f500a03e5c9b589995e2914d1f163bd4 |
File features detected
Is DLL
Packers
Anti Debug
Anti VM
Signed
XOR
OSINT Enrichments
| Virus Total: | 31/79 VT report date: 2024-07-21 09:53:53 |
| Malware Type 1 | trojan |
| Threat Type 2 | mirai gafgyt |
Strings analysis - Possible IPs found 4
| 15.235.203.214 |
| 255.255.255.255 |
| 127.0.0.1 |
| 192.168.0.100 |
Strings analysis - Possible URLs found 7
| http://15.235.203.214/bolonetwork.mips |
| http://15.235.203.214/bolonetwork.x86 |
| http://schemas.xmlsoap.org/soap/envelope/ |
| http://www.w3.org/2001/XMLSchema |
| http://www.w3.org/2001/XMLSchema-instance |
| http://schemas.xmlsoap.org/soap/encoding/ |
| http://purenetworks.com/HNAP1/ |