khucsn.sh
First submission 2024-10-15 08:07:02
File details
| File type: | Bourne-Again shell script, ASCII text executable |
| Mime type: | text/x-shellscript |
| File size: | 1.5 KB (1531 bytes) |
| MD5: | 748c2767a81ff493fe89705552316804 |
| SHA1: | 99b9d46a1b09861f6d3380065c29568e02d54745 |
| SHA256: | 661ed332e2653bc622f1fface0c80e9353b64605762c13da60ca794973fe823c |
File features detected
Is DLL
Packers
Anti Debug
Anti VM
Signed
XOR
OSINT Enrichments
| Virus Total: | 28/77 VT report date: 2024-10-15 07:44:29 |
| Malware Type 2 | downloader trojan |
| Threat Type 3 | bash miraia shell |
URLs, FQDN and IP indicators 1
| URL | Host (FQDN/IP) | Date Added |
|---|---|---|
hXXp://103.192.179.5/khucsn.sh  |
103.192.179.5 |
2024-10-15 08:07:02 |
Strings analysis - Possible IPs found 1
| 103.192.179.5 |
Strings analysis - Possible URLs found 26
| http://103.192.179.5/xi.arm5;busybox |
| http://103.192.179.5/xi.x86;busybox |
| http://103.192.179.5/xi.ppc;busybox |
| http://103.192.179.5/xi.arm;busybox |
| http://103.192.179.5/xi.arm;chmod |
| http://103.192.179.5/xi.sh4;busybox |
| http://103.192.179.5/xi.sh4;chmod |
| http://103.192.179.5/xi.arm7;busybox |
| http://103.192.179.5/xi.arm6;busybox |
| http://103.192.179.5/xi.x86;chmod |
| http://103.192.179.5/xi.arm7;chmod |
| http://103.192.179.5/xi.mips;chmod |
| http://103.192.179.5/xi.m68k;busybox |
| http://103.192.179.5/xi.arc;chmod |
| http://103.192.179.5/xi.x86_64;busybox |
| http://103.192.179.5/xi.spc;chmod |
| http://103.192.179.5/xi.arc;busybox |
| http://103.192.179.5/xi.x86_64;chmod |
| http://103.192.179.5/xi.spc;busybox |
| http://103.192.179.5/xi.mips;busybox |
| http://103.192.179.5/xi.arm5;chmod |
| http://103.192.179.5/xi.m68k;chmod |
| http://103.192.179.5/xi.arm6;chmod |
| http://103.192.179.5/xi.ppc;chmod |
| http://103.192.179.5/xi.mpsl;busybox |
| http://103.192.179.5/xi.mpsl;chmod |