12.sh

First submission 2024-09-01 17:40:02

File details

File type: Bourne-Again shell script, UTF-8 Unicode text executable
Mime type: text/x-shellscript
File size: 0.66 KB (674 bytes)
MD5: 8ed13ece8231e01d1246423aefc9fbf7
SHA1: 96bed05680c7b156560dbc1ab38f113359f93ff7
SHA256: 094b5b13a2ec15854335b4a8241a8fcd57f9f326100c494da5d39f9bfbc02b6f

File features detected

Is DLL
Packers
Anti Debug
Anti VM
Signed
XOR

OSINT Enrichments

Virus Total: 10/78 VT report date: 2024-09-01 18:29:11
Malware Type 2 downloader trojan
Threat Type 1 shell

URLs, FQDN and IP indicators 1

URL Host (FQDN/IP) Date Added
hXXp://45.156.25.175/12.sh VirusTotal Report 45.156.25.175 VirusTotal Report 2024-09-01 17:40:02

Strings analysis - Possible IPs found 1

45.156.25.175

Strings analysis - Possible URLs found 4

http://45.156.25.175/nan;cat
http://45.156.25.175/nan;
http://45.156.25.175/che;
http://45.156.25.175/che;cat