arc
First submission 2024-10-12 22:57:01
File details
| File type: | ELF 32-bit LSB executable, ARC Cores Tangent-A5, version 1 (SYSV), dynamically linked, interpreter /lib/ld-uClibc.so.0, for GNU/Linux 4.8.0, stripped |
| Mime type: | application/x-executable |
| File size: | 81.46 KB (83420 bytes) |
| MD5: | 9ac0b6320862d73d01ab7084dbf0cdf4 |
| SHA1: | b9d5f741506f4ad9ab9da1de49a4f317478e19d4 |
| SHA256: | 7251c3e03bc11c51d3b940577bd15c7ae9f3901bd404ad8600390b08d163e3f6 |
File features detected
Is DLL
Packers
Anti Debug
Anti VM
Signed
XOR
OSINT Enrichments
| Virus Total: | 37/76 VT report date: 2024-10-12 22:42:45 |
| Malware Type 1 | trojan |
| Threat Type 3 | mirai gafgyt ddos |
URLs, FQDN and IP indicators 1
| URL | Host (FQDN/IP) | Date Added |
|---|---|---|
hXXp://185.196.10.215/bins/arc  |
185.196.10.215 |
2024-10-12 22:57:01 |
Strings analysis - Possible IPs found 4
| 255.255.255.255 |
| 192.168.0.100 |
| 127.0.0.1 |
| 185.196.10.215 |
Strings analysis - Possible URLs found 9
| http://185.196.10.215/bins/mips; |
| http://185.196.10.215/bins/dlr.x86 |
| http://185.196.10.215/bins/mips |
| http://schemas.xmlsoap.org/soap/envelope/ |
| http://www.w3.org/2001/XMLSchema |
| http://www.w3.org/2001/XMLSchema-instance |
| http://schemas.xmlsoap.org/soap/encoding/ |
| http://purenetworks.com/HNAP1/ |
| http://185.196.10.215/atp%20-O%20-%3E%20/tmp/kh;sh%20/tmp/kh%27$ |