DigitalSide Threat Intel

bins.sh

First submission 2024-10-15 14:49:02

File details

File type: Bourne-Again shell script, ASCII text executable, with very long lines
Mime type: text/x-shellscript
File size: 10.41 KB (10662 bytes)
MD5: 7cf25eb0da00b563588c958cac5def96
SHA1: e3fc40ed9cfd8e4bf3902e005e3d3077bb722ca1
SHA256: 8886f1aa31d371d66c8a26a3e5dab9869ef7d3c94baeee3242cbbe55478a1e27

File features detected

Is DLL
Packers
Anti Debug
Anti VM
Signed
XOR

URLs, FQDN and IP indicators 1

URL Host (FQDN/IP) Date Added
hXXp://87.120.126.196/bins.sh VirusTotal Report 87.120.126.196 VirusTotal Report 2024-10-15 14:49:02

Strings analysis - Possible IPs found 1

87.120.126.196

Strings analysis - Possible URLs found 28

http://87.120.126.196/bins/QVxiV2PcuzKm9mDrJwEjYHrvF6kSDPYS7L;
http://87.120.126.196/bins/s6njwjQVrYNqocYjghtSRassod5mATAfJU;/bin/busybox
http://87.120.126.196/bins/i5BKWG1FDLGCdZQIYZJflKFx4L5qTn0WBR;/bin/busybox
http://87.120.126.196/bins/bc2zcAkVZAQXwDHsI4IioAxNiIOz3MW7XQ;
http://87.120.126.196/bins/NxoSNyQAfjK3fuQfJEXVjlVjy3Al3xh7Yz;/bin/busybox
http://87.120.126.196/bins/NwjCWnVGO624lMhHpzt0SgZ09k6Jx7YmVF;
http://87.120.126.196/bins/RavulrRjVV4A6kwn4BPEB7ipKRk6cBZSow;
http://87.120.126.196/bins/CLVJOwlTFaWrkXsAa4IRv2mWLrjKCvZBxH;/bin/busybox
http://87.120.126.196/bins/i5BKWG1FDLGCdZQIYZJflKFx4L5qTn0WBR;
http://87.120.126.196/bins/iZjBEp0O8lgVrkFduCbBaW3lnl1qiVjFSA;/bin/busybox
http://87.120.126.196/bins/IGibxY4zOYwprLLhJNKrry2UiiJ2yAOrYX;/bin/busybox
http://87.120.126.196/bins/s6njwjQVrYNqocYjghtSRassod5mATAfJU;
http://87.120.126.196/bins/NxoSNyQAfjK3fuQfJEXVjlVjy3Al3xh7Yz;
http://87.120.126.196/bins/9j2wv67rQ1cC4cluaQNEjYtXDY6I0LJ9uk;
http://87.120.126.196/bins/qJgPyUEoRB5JEOeVTrA5UMHWySH2Ba31lX;/bin/busybox
http://87.120.126.196/bins/f9aeCeTtw365to8SquTIrUgrCyysFr79aj;
http://87.120.126.196/bins/9j2wv67rQ1cC4cluaQNEjYtXDY6I0LJ9uk;/bin/busybox
http://87.120.126.196/bins/NwjCWnVGO624lMhHpzt0SgZ09k6Jx7YmVF;/bin/busybox
http://87.120.126.196/bins/f9aeCeTtw365to8SquTIrUgrCyysFr79aj;/bin/busybox
http://87.120.126.196/bins/CLVJOwlTFaWrkXsAa4IRv2mWLrjKCvZBxH;
http://87.120.126.196/bins/IGibxY4zOYwprLLhJNKrry2UiiJ2yAOrYX;
http://87.120.126.196/bins/iZjBEp0O8lgVrkFduCbBaW3lnl1qiVjFSA;
http://87.120.126.196/bins/RavulrRjVV4A6kwn4BPEB7ipKRk6cBZSow;/bin/busybox
http://87.120.126.196/bins/QVxiV2PcuzKm9mDrJwEjYHrvF6kSDPYS7L;/bin/busybox
http://87.120.126.196/bins/4BdfuLg907FGFgziFPeazPcwIhFLVjuRoN;
http://87.120.126.196/bins/qJgPyUEoRB5JEOeVTrA5UMHWySH2Ba31lX;
http://87.120.126.196/bins/4BdfuLg907FGFgziFPeazPcwIhFLVjuRoN;/bin/busybox
http://87.120.126.196/bins/bc2zcAkVZAQXwDHsI4IioAxNiIOz3MW7XQ;/bin/busybox