haha.arm5

First submission 2022-07-22 11:23:02

File details

File type: ELF 32-bit LSB executable, ARM, version 1 (ARM), dynamically linked, interpreter /lib/ld-uClibc.so.0, stripped
File type: 30.66 KB (31396 bytes)
MD5: aaf90df5341a95783e2207d6404620e6
SHA1: 283d3261b9f2b20a6746cf6e6843d2eb400290a5
SHA256: 8e892eef9359f9112f6b6157822161bdb01cd3fe40e61582b8992a9c6ee5f37b
Virus Total: 38/62 VT report date: 2022-08-04 12:39:07

File features detected

Is DLL

Packers

Anti Debug

Anti VM

Signed

XOR

URLs, FQDN and IP indicators 3

URL Host (FQDN/IP) Date Added
hXXp://209.141.50.31/skullnet//home.arm5 VirusTotal Report 209.141.50.31 VirusTotal Report 2022-07-22 11:23:02
hXXp://209.141.50.31/skullnet/home.arm5 VirusTotal Report 209.141.50.31 VirusTotal Report 2022-08-05 04:41:06
hXXp://209.141.50.31/skullnet/haha.arm5 VirusTotal Report 209.141.50.31 VirusTotal Report 2022-08-05 07:41:05

Strings analysis - Possible IPs found 2

255.255.255.255
127.0.0.1