8UsA.sh
First submission 2022-07-30 12:24:01
File details
| File type: | Bourne-Again shell script, ASCII text executable |
| File type: | 1.97 KB (2020 bytes) |
| MD5: | b45e34836a68351d6bf9ac3b86c38c0d |
| SHA1: | d33b30024b6da3bb309e655d04c62f941f13417e |
| SHA256: | e740cba3d9d1d4021d3843a1b757633aa8723f9745f6b2c43ea11f159ce7aa2a |
| Virus Total: | 35/60 VT report date: 2022-07-29 21:30:02 |
File features detected
Is DLL
Packers
Anti Debug
Anti VM
Signed
XOR
URLs, FQDN and IP indicators 1
| URL | Host (FQDN/IP) | Date Added |
|---|---|---|
hXXp://208.67.106.145/8UsA.sh  |
208.67.106.145 |
2022-07-30 12:24:01 |
Strings analysis - Possible IPs found 1
| 208.67.106.145 |
Strings analysis - Possible URLs found 20
| http://208.67.106.145/bns/qlcxvisgod.x86; |
| http://208.67.106.145/bns/qlcxvisgod.sh4; |
| http://208.67.106.145/bns/qlcxvisgod.m68k;cat |
| http://208.67.106.145/bns/qlcxvisgod.arm7;cat |
| http://208.67.106.145/bns/qlcxvisgod.arm6;cat |
| http://208.67.106.145/bns/qlcxvisgod.x86;cat |
| http://208.67.106.145/bns/qlcxvisgod.arm7; |
| http://208.67.106.145/bns/qlcxvisgod.arm6; |
| http://208.67.106.145/bns/qlcxvisgod.arm4;cat |
| http://208.67.106.145/bns/qlcxvisgod.mips; |
| http://208.67.106.145/bns/qlcxvisgod.ppc; |
| http://208.67.106.145/bns/qlcxvisgod.arm5; |
| http://208.67.106.145/bns/qlcxvisgod.mips;cat |
| http://208.67.106.145/bns/qlcxvisgod.ppc;cat |
| http://208.67.106.145/bns/qlcxvisgod.arm4; |
| http://208.67.106.145/bns/qlcxvisgod.sh4;cat |
| http://208.67.106.145/bns/qlcxvisgod.arm5;cat |
| http://208.67.106.145/bns/qlcxvisgod.m68k; |
| http://208.67.106.145/bns/qlcxvisgod.mpsl; |
| http://208.67.106.145/bns/qlcxvisgod.mpsl;cat |