zyxel
First submission 2024-10-17 12:59:02
File details
| File type: | Bourne-Again shell script, ASCII text executable, with very long lines |
| Mime type: | text/x-shellscript |
| File size: | 4.69 KB (4802 bytes) |
| MD5: | a8d146efd93e92e80d28cbfb06d788b1 |
| SHA1: | d98a629d8028de12d68a513892ca32d3d84a9ae3 |
| SHA256: | abab0713669f4a0d4be22828b3492f08c5498096636f3b671834cc7ce6ca9128 |
File features detected
Is DLL
Packers
Anti Debug
Anti VM
Signed
XOR
OSINT Enrichments
| Virus Total: | 36/77 VT report date: 2024-10-17 02:05:42 |
| Malware Type 2 | downloader trojan |
| Threat Type 3 | medusa shell mirai |
URLs, FQDN and IP indicators 1
| URL | Host (FQDN/IP) | Date Added |
|---|---|---|
hXXp://87.236.95.134/zyxel  |
87.236.95.134 |
2024-10-17 12:59:02 |
Strings analysis - Possible IPs found 1
| 87.236.95.134 |
Strings analysis - Possible URLs found 14
| http://87.236.95.134/596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.i686; |
| http://87.236.95.134/596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.x86; |
| http://87.236.95.134/596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.arm6; |
| http://87.236.95.134/596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.spc; |
| http://87.236.95.134/596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.m68k; |
| http://87.236.95.134/596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.arm7; |
| http://87.236.95.134/596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; |
| http://87.236.95.134/596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.ppc; |
| http://87.236.95.134/596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.arm; |
| http://87.236.95.134/596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.sh4; |
| http://87.236.95.134/596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.arm5; |
| http://87.236.95.134/596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mpsl; |
| http://87.236.95.134/596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.x86_64; |
| http://87.236.95.134/596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.arc; |