jade.arm7

First submission 2024-07-09 19:11:02 Last sumbission 2024-07-10 21:34:08

File details

File type: ELF 32-bit LSB executable, ARM, EABI4 version 1 (SYSV), statically linked, with debug_info, not stripped
Mime type: application/x-executable
File size: 150.18 KB (153787 bytes)
MD5: b30161f87b3bb87cbf6a5023a0a7da24
SHA1: e364055690761b6de304e18087c50eab4ce646cf
SHA256: 55d6693863ae960e2249c4bf71414d750966a97cbdcd684cdc8ce6f70ad8b46a

File features detected

Is DLL
Packers
Anti Debug
Anti VM
Signed
XOR

OSINT Enrichments

Virus Total: 40/78 VT report date: 2024-07-09 19:05:03
Malware Type 1 trojan
Threat Type 3 mirai gafgyt bootnet

URLs, FQDN and IP indicators 2

URL Host (FQDN/IP) Date Added
hXXp://dhcp-211-248-59-5.metro86.ru/bins/jade.arm7 VirusTotal Report dhcp-211-248-59-5.metro86.ru VirusTotal Report 2024-07-10 21:34:09
hXXp://5.59.248.211/bins/jade.arm7 VirusTotal Report 5.59.248.211 VirusTotal Report 2024-07-09 19:11:02

Strings analysis - Possible IPs found 3

192.168.0.14
5.59.248.211
193.239.147.201

Strings analysis - Possible URLs found 4

http://schemas.xmlsoap.org/soap/encoding/
http://schemas.xmlsoap.org/soap/envelope/
http://193.239.147.201/bins/x86
http://193.239.147.201/zyxel.sh;