ur0a.sh

First submission 2024-02-11 06:23:01

File details

File type: POSIX shell script, ASCII text executable, with very long lines
Mime type: text/x-shellscript
File size: 3.27 KB (3352 bytes)
MD5: ac4f89a78a103102a9f65b9588d3db0a
SHA1: e6ba6d9fb1e1298f437bb3baabac2b5e4fc34160
SHA256: 83a856095a1f8ab1baa7e155912cec9c69d9774a0901ea98796d1d982d03e4a9
Virus Total:

File features detected

Is DLL

Packers

Anti Debug

Anti VM

Signed

XOR

URLs, FQDN and IP indicators 1

URL Host (FQDN/IP) Date Added
hXXp://37.49.228.204/Simps/ur0a.sh VirusTotal Report 37.49.228.204 VirusTotal Report 2024-02-11 06:23:01

Strings analysis - Possible IPs found 1

37.49.228.204

Strings analysis - Possible URLs found 14

http://37.49.228.204/Simps/armv7l;chmod
http://37.49.228.204/Simps/sh4;chmod
http://37.49.228.204/Simps/mipsel;chmod
http://37.49.228.204/Simps/armv6l;chmod
http://37.49.228.204/Simps/armv5l;chmod
http://37.49.228.204/Simps/i686;chmod
http://37.49.228.204/Simps/i586;chmod
http://37.49.228.204/Simps/sparc;chmod
http://37.49.228.204/Simps/powerpc;chmod
http://37.49.228.204/Simps/powerpc-440fp;chmod
http://37.49.228.204/Simps/x86_64;chmod
http://37.49.228.204/Simps/armv4l;chmod
http://37.49.228.204/Simps/m68k;chmod
http://37.49.228.204/Simps/mips;chmod