i
First submission 2024-10-13 18:03:32
File details
| File type: | ELF 32-bit LSB executable, ARM, EABI4 version 1 (SYSV), statically linked, missing section headers |
| Mime type: | application/x-executable |
| File size: | 271.41 KB (277920 bytes) |
| MD5: | 95d31aa8281711cf9ef2c9ba971367a8 |
| SHA1: | d1afc2e254cea8cb51bca576471bedbc10eebd4c |
| SHA256: | d791cfbd8f63f6e4a49bae59cb3336e8a3f1a44eb3876c978c5cbcaef7b5c2a8 |
File features detected
Is DLL
Packers
Anti Debug
Anti VM
Signed
XOR
OSINT Enrichments
| Virus Total: | 45/79 VT report date: 2021-02-10 08:51:25 |
| Malware Type 1 | trojan |
| Threat Type 3 | mirai genericrxmr mozi |
URLs, FQDN and IP indicators 1
| URL | Host (FQDN/IP) | Date Added |
|---|---|---|
hXXp://14.153.215.26:60552/i  |
14.153.215.26 |
2024-10-13 18:03:32 |
Strings analysis - Possible IPs found 9
| 130.239.18.159 |
| 82.221.103.244 |
| 87.98.162.88 |
| 212.129.33.59 |
| 8.8.8.8 |
| 114.114.114.114 |
| 239.255.255.250 |
| 255.255.255.255 |
| 127.0.0.1 |
Strings analysis - Possible URLs found 16
| http://%s:%d/bin.sh;chmod |
| http:// |
| http://%s:%d |
| http://baidu.com/%s/%s/%d/%s/%s/%s/%s) |
| http://schemas.xmlsoap.org/soap/envelope/ |
| http://127.0.0.1 |
| http://%s:%d/i;chmod |
| http://schemas.xmlsoap.org/soap/envelope// |
| http://%s:%d/Mozi.m; |
| https:// |
| http://ipinfo.io/ip |
| http://%s:%d/i |
| http://schemas.xmlsoap.org/soap/encoding/ |
| http://%s:%d/bin.sh |
| http://%s:%d/Mozi.m+-O+/tmp/netgear;sh+netgear&curpath=/¤tsetting.htm=1 |
| http://%s:%d/Mozi.m+-O+- |