8UsA.sh

First submission 2022-07-30 12:24:01

File details

File type: Bourne-Again shell script, ASCII text executable
File type: 1.97 KB (2020 bytes)
MD5: b45e34836a68351d6bf9ac3b86c38c0d
SHA1: d33b30024b6da3bb309e655d04c62f941f13417e
SHA256: e740cba3d9d1d4021d3843a1b757633aa8723f9745f6b2c43ea11f159ce7aa2a
Virus Total: 35/60 VT report date: 2022-07-29 21:30:02

File features detected

Is DLL

Packers

Anti Debug

Anti VM

Signed

XOR

URLs, FQDN and IP indicators 1

URL Host (FQDN/IP) Date Added
hXXp://208.67.106.145/8UsA.sh VirusTotal Report 208.67.106.145 VirusTotal Report 2022-07-30 12:24:01

Strings analysis - Possible IPs found 1

208.67.106.145

Strings analysis - Possible URLs found 20

http://208.67.106.145/bns/qlcxvisgod.x86;
http://208.67.106.145/bns/qlcxvisgod.sh4;
http://208.67.106.145/bns/qlcxvisgod.m68k;cat
http://208.67.106.145/bns/qlcxvisgod.arm7;cat
http://208.67.106.145/bns/qlcxvisgod.arm6;cat
http://208.67.106.145/bns/qlcxvisgod.x86;cat
http://208.67.106.145/bns/qlcxvisgod.arm7;
http://208.67.106.145/bns/qlcxvisgod.arm6;
http://208.67.106.145/bns/qlcxvisgod.arm4;cat
http://208.67.106.145/bns/qlcxvisgod.mips;
http://208.67.106.145/bns/qlcxvisgod.ppc;
http://208.67.106.145/bns/qlcxvisgod.arm5;
http://208.67.106.145/bns/qlcxvisgod.mips;cat
http://208.67.106.145/bns/qlcxvisgod.ppc;cat
http://208.67.106.145/bns/qlcxvisgod.arm4;
http://208.67.106.145/bns/qlcxvisgod.sh4;cat
http://208.67.106.145/bns/qlcxvisgod.arm5;cat
http://208.67.106.145/bns/qlcxvisgod.m68k;
http://208.67.106.145/bns/qlcxvisgod.mpsl;
http://208.67.106.145/bns/qlcxvisgod.mpsl;cat