i
First submission 2024-08-26 07:22:11
Last sumbission 2024-09-05 12:46:05
File details
File type: | ELF 32-bit MSB executable, MIPS, MIPS-I version 1 (SYSV), statically linked, no section header |
Mime type: | application/x-executable |
File size: | 284.48 KB (291312 bytes) |
MD5: | 8fabd065e7343d393a21f7bafba3cece |
SHA1: | a50698641c39cbfc0fd79acab70168f9ff3e9906 |
SHA256: | b64a2606b85c9d3127d5b5f4592137eefd1604f8aa4fa5c662ba7131f59ce5d0 |
File features detected
Is DLL
Packers
Anti Debug
Anti VM
Signed
XOR
OSINT Enrichments
Virus Total: | 42/79 VT report date: 2024-08-18 18:51:16 |
Malware Type 1 | trojan |
Threat Type 3 | mirai mozi cryp |
URLs, FQDN and IP indicators 11
Strings analysis - File found
XML |
M7c.xml |
Strings analysis - Possible IPs found 10
130.239.18.159 |
82.221.103.244 |
87.98.162.88 |
239.255.255.250 |
255.255.255.255 |
212.129.33.59 |
192.168.0.100 |
8.8.8.8 |
127.0.0.1 |
114.114.114.114 |
Strings analysis - Possible URLs found 24
http://%s:%d/i |
http://baidu.com/%s/%s/%d/%s/%s/%s/%s) |
http://ipinfo.io/ip |
http://www.w3.org/2001/XMLSchema-instance |
http://purenetworks.com/HNAP1/ |
http://%s:%d/Mozi.m+-O+- |
http:// |
http://schemas.xmlsoap.org/soap/envelope/ |
http://%s:%d/bin.sh |
http://%s:%d/bin.sh;chmod |
http://%s:%d/Mozi.m |
http://127.0.0.1 |
http://%s:%d/i;chmod |
http://schemas.xmlsoap.org/soap/envelope// |
http://%s:%d/Mozi.m; |
http://%s:%d/Mozi.m;/tmp/Mozi.m |
http://schemas.xmlsoap.org/soap/encoding/ |
http://%s:%d |
http://%s:%d/Mozi.m+-O+/tmp/netgear;sh+netgear&curpath=/¤tsetting.htm=1 |
http://%s:%d/Mozi.a;chmod+777+Mozi.a;/tmp/Mozi.a+jaws |
http://%s:%d/Mozi.a;sh$ |
https:// |
http://www.w3.org/2001/XMLSchema |
http://upx.sf.net |