z.sh

First submission 2024-09-04 19:14:11

File details

File type: POSIX shell script, ASCII text executable
Mime type: text/x-shellscript
File size: 1.27 KB (1300 bytes)
MD5: 765de6bb0868863c2d9e9c0f519023b9
SHA1: 4114c9b6074fa1543a5496543a7fc90203b55623
SHA256: 97f9756f18605b77aeac411069b1aa11ac814bbc8bdd28079db552471ee10af4

File features detected

Is DLL
Packers
Anti Debug
Anti VM
Signed
XOR

OSINT Enrichments

Virus Total: 11/79 VT report date: 2024-09-04 15:32:15
Malware Type 2 downloader trojan
Threat Type 3 bashdlod gen2 mirai

URLs, FQDN and IP indicators 1

URL Host (FQDN/IP) Date Added
hXXp://154.216.17.217/z.sh VirusTotal Report 154.216.17.217 VirusTotal Report 2024-09-04 19:14:11

Strings analysis - Possible IPs found 1

154.216.17.171

Strings analysis - Possible URLs found 9

http://154.216.17.171/earm5
http://154.216.17.171/empsl
http://154.216.17.171/earm7
http://154.216.17.171/earm6
http://154.216.17.171/eppc
http://154.216.17.171/esh4
http://154.216.17.171/earm
http://154.216.17.171/emips
http://154.216.17.171/earc