DigitalSide Threat Intel

i

First submission 2022-10-04 18:25:03

File details

File type: ELF 32-bit MSB executable, MIPS, MIPS-I version 1 (SYSV), statically linked, no section header
File type: 300.74 KB (307960 bytes)
MD5: bae7a20ea3cc38547865704193ff0bd8
SHA1: 05c1a3a5d5c5f89e47f9a2a562e7461f0b77a508
SHA256: 884ecfad6ba07a031868105274eab67ff17390a598b61f43154a8d2138697374
Virus Total:

File features detected

Is DLL

Packers

Anti Debug

Anti VM

Signed

XOR

URLs, FQDN and IP indicators 132

URL Host (FQDN/IP) Date Added
hXXp://178.72.91.172:54804/i VirusTotal Report 178.72.91.172 VirusTotal Report 2023-02-02 13:24:08
hXXp://178.72.91.172:54804/bin.sh VirusTotal Report 178.72.91.172 VirusTotal Report 2023-02-02 12:36:05
hXXp://117.194.172.59:47388/Mozi.m VirusTotal Report 117.194.172.59 VirusTotal Report 2023-01-22 05:54:11
hXXp://61.52.133.246:42782/Mozi.m VirusTotal Report 61.52.133.246 VirusTotal Report 2023-01-10 19:33:06
hXXp://42.235.36.148:53890/Mozi.m VirusTotal Report 42.235.36.148 VirusTotal Report 2023-01-10 12:03:05
hXXp://222.137.165.130:42804/Mozi.m VirusTotal Report 222.137.165.130 VirusTotal Report 2023-01-10 10:30:06
hXXp://115.61.104.69:49613/bin.sh VirusTotal Report 115.61.104.69 VirusTotal Report 2023-01-08 06:06:06
hXXp://219.155.193.29:44630/Mozi.m VirusTotal Report 219.155.193.29 VirusTotal Report 2023-01-06 23:44:05
hXXp://115.63.24.31:44630/i VirusTotal Report 115.63.24.31 VirusTotal Report 2023-01-04 22:48:05
hXXp://115.63.24.31:44630/mozi.m VirusTotal Report 115.63.24.31 VirusTotal Report 2023-01-04 17:06:06
hXXp://222.138.176.189:50402/mozi.m VirusTotal Report 222.138.176.189 VirusTotal Report 2023-01-04 00:15:05
hXXp://222.137.80.195:38918/mozi.m VirusTotal Report 222.137.80.195 VirusTotal Report 2023-01-03 20:34:06
hXXp://125.41.245.8:35706/Mozi.m VirusTotal Report 125.41.245.8 VirusTotal Report 2022-12-30 04:53:05
hXXp://59.94.194.128:44255/Mozi.m VirusTotal Report 59.94.194.128 VirusTotal Report 2022-12-30 02:07:09
hXXp://115.55.232.103:34968/Mozi.m VirusTotal Report 115.55.232.103 VirusTotal Report 2022-12-30 01:42:05
hXXp://59.94.202.166:52296/Mozi.m VirusTotal Report 59.94.202.166 VirusTotal Report 2022-12-29 21:30:06
hXXp://115.62.189.121:56857/Mozi.m VirusTotal Report 115.62.189.121 VirusTotal Report 2022-12-29 11:19:05
hXXp://178.72.91.172:53477/i VirusTotal Report 178.72.91.172 VirusTotal Report 2022-12-28 16:50:04
hXXp://222.140.157.183:44630/Mozi.m VirusTotal Report 222.140.157.183 VirusTotal Report 2022-12-28 14:48:05
hXXp://115.56.190.107:48656/Mozi.m VirusTotal Report 115.56.190.107 VirusTotal Report 2022-12-28 13:03:06
hXXp://115.56.190.107:48656/i VirusTotal Report 115.56.190.107 VirusTotal Report 2022-12-28 00:21:06
hXXp://115.56.190.107:48656/bin.sh VirusTotal Report 115.56.190.107 VirusTotal Report 2022-12-28 00:17:22
hXXp://125.41.241.47:35706/Mozi.m VirusTotal Report 125.41.241.47 VirusTotal Report 2022-12-27 20:49:05
hXXp://42.227.49.192:58663/Mozi.m VirusTotal Report 42.227.49.192 VirusTotal Report 2022-12-27 04:23:05
hXXp://115.63.180.174:50375/Mozi.m VirusTotal Report 115.63.180.174 VirusTotal Report 2022-12-26 12:19:05
hXXp://125.41.241.228:35706/bin.sh VirusTotal Report 125.41.241.228 VirusTotal Report 2022-12-26 01:55:06
hXXp://182.124.14.199:56857/mozi.m VirusTotal Report 182.124.14.199 VirusTotal Report 2022-12-25 04:41:06
hXXp://123.12.170.35:58663/Mozi.m VirusTotal Report 123.12.170.35 VirusTotal Report 2022-12-24 06:19:06
hXXp://222.140.158.27:44630/Mozi.m VirusTotal Report 222.140.158.27 VirusTotal Report 2022-12-22 09:18:05
hXXp://117.216.26.171:43923/i VirusTotal Report 117.216.26.171 VirusTotal Report 2022-12-21 18:28:06
hXXp://103.108.12.158:34308/Mozi.m VirusTotal Report 103.108.12.158 VirusTotal Report 2022-12-21 15:07:05
hXXp://42.230.211.161:60127/Mozi.m VirusTotal Report 42.230.211.161 VirusTotal Report 2022-12-21 07:27:06
hXXp://182.117.179.46:56857/bin.sh VirusTotal Report 182.117.179.46 VirusTotal Report 2022-12-21 02:50:07
hXXp://117.201.193.196:57851/Mozi.m VirusTotal Report 117.201.193.196 VirusTotal Report 2022-12-21 01:09:07
hXXp://59.92.170.156:51039/bin.sh VirusTotal Report 59.92.170.156 VirusTotal Report 2022-12-19 22:18:08
hXXp://115.63.27.123:58390/i VirusTotal Report 115.63.27.123 VirusTotal Report 2022-12-19 16:37:07
hXXp://42.230.107.85:39258/i VirusTotal Report 42.230.107.85 VirusTotal Report 2022-12-19 15:20:10
hXXp://115.63.27.123:58390/bin.sh VirusTotal Report 115.63.27.123 VirusTotal Report 2022-12-19 15:08:07
hXXp://42.230.107.85:39258/bin.sh VirusTotal Report 42.230.107.85 VirusTotal Report 2022-12-19 13:24:08
hXXp://115.61.242.248:58663/Mozi.m VirusTotal Report 115.61.242.248 VirusTotal Report 2022-12-19 11:11:08
hXXp://125.43.75.91:50375/Mozi.m VirusTotal Report 125.43.75.91 VirusTotal Report 2022-12-18 21:13:06
hXXp://123.4.247.135:60127/i VirusTotal Report 123.4.247.135 VirusTotal Report 2022-12-18 11:55:05
hXXp://123.4.247.135:60127/bin.sh VirusTotal Report 123.4.247.135 VirusTotal Report 2022-12-18 11:16:05
hXXp://115.54.222.205:39258/i VirusTotal Report 115.54.222.205 VirusTotal Report 2022-12-17 17:23:05
hXXp://27.215.125.208:58509/i VirusTotal Report 27.215.125.208 VirusTotal Report 2022-12-09 22:58:05
hXXp://27.215.125.208:58509/bin.sh VirusTotal Report 27.215.125.208 VirusTotal Report 2022-12-09 22:06:05
hXXp://123.10.135.89:55146/i VirusTotal Report 123.10.135.89 VirusTotal Report 2022-12-09 21:16:06
hXXp://222.139.43.17:56857/Mozi.m VirusTotal Report 222.139.43.17 VirusTotal Report 2022-12-09 11:02:06
hXXp://27.215.214.142:51713/i VirusTotal Report 27.215.214.142 VirusTotal Report 2022-12-09 08:48:06
hXXp://27.215.214.142:51713/bin.sh VirusTotal Report 27.215.214.142 VirusTotal Report 2022-12-09 07:48:07
hXXp://115.50.88.101:45362/i VirusTotal Report 115.50.88.101 VirusTotal Report 2022-12-09 03:24:05
hXXp://123.10.129.208:55146/Mozi.m VirusTotal Report 123.10.129.208 VirusTotal Report 2022-12-08 05:07:08
hXXp://27.215.125.208:58509/Mozi.m VirusTotal Report 27.215.125.208 VirusTotal Report 2022-12-07 21:58:07
hXXp://27.215.214.142:51713/Mozi.m VirusTotal Report 27.215.214.142 VirusTotal Report 2022-12-07 19:30:05
hXXp://182.112.156.3:58663/Mozi.m VirusTotal Report 182.112.156.3 VirusTotal Report 2022-12-07 18:02:08
hXXp://115.55.186.6:57169/Mozi.m VirusTotal Report 115.55.186.6 VirusTotal Report 2022-12-07 12:00:06
hXXp://61.54.237.167:54260/Mozi.m VirusTotal Report 61.54.237.167 VirusTotal Report 2022-12-07 04:36:05
hXXp://60.215.52.95:51604/Mozi.m VirusTotal Report 60.215.52.95 VirusTotal Report 2022-12-06 20:28:05
hXXp://115.56.179.8:48656/Mozi.m VirusTotal Report 115.56.179.8 VirusTotal Report 2022-12-06 15:24:04
hXXp://59.94.201.63:55729/Mozi.m VirusTotal Report 59.94.201.63 VirusTotal Report 2022-12-06 05:41:05
hXXp://115.56.217.130:39258/Mozi.m VirusTotal Report 115.56.217.130 VirusTotal Report 2022-12-05 21:09:08
hXXp://39.66.178.112:40383/i VirusTotal Report 39.66.178.112 VirusTotal Report 2022-12-05 16:01:05
hXXp://221.3.80.243:59646/Mozi.m VirusTotal Report 221.3.80.243 VirusTotal Report 2022-12-05 14:13:07
hXXp://222.134.174.15:34594/Mozi.m VirusTotal Report 222.134.174.15 VirusTotal Report 2022-12-04 18:26:05
hXXp://117.215.240.226:51922/bin.sh VirusTotal Report 117.215.240.226 VirusTotal Report 2022-12-04 18:09:05
hXXp://178.72.91.172:39124/bin.sh VirusTotal Report 178.72.91.172 VirusTotal Report 2022-12-04 14:21:04
hXXp://61.3.178.186:56938/Mozi.m VirusTotal Report 61.3.178.186 VirusTotal Report 2022-12-03 17:06:15
hXXp://115.56.217.205:39258/Mozi.m VirusTotal Report 115.56.217.205 VirusTotal Report 2022-12-03 05:49:06
hXXp://196.188.76.101:48316/Mozi.m VirusTotal Report 196.188.76.101 VirusTotal Report 2022-12-02 22:10:04
hXXp://123.5.149.230:45362/Mozi.m VirusTotal Report 123.5.149.230 VirusTotal Report 2022-12-02 09:46:05
hXXp://182.123.181.229:37136/bin.sh VirusTotal Report 182.123.181.229 VirusTotal Report 2022-12-01 19:03:05
hXXp://182.123.181.229:37136/i VirusTotal Report 182.123.181.229 VirusTotal Report 2022-12-01 18:23:04
hXXp://42.230.105.44:39258/Mozi.m VirusTotal Report 42.230.105.44 VirusTotal Report 2022-12-01 13:51:05
hXXp://42.234.156.149:54260/i VirusTotal Report 42.234.156.149 VirusTotal Report 2022-12-01 12:57:05
hXXp://123.10.134.146:55146/Mozi.m VirusTotal Report 123.10.134.146 VirusTotal Report 2022-12-01 10:46:05
hXXp://42.234.156.149:54260/Mozi.m VirusTotal Report 42.234.156.149 VirusTotal Report 2022-12-01 01:00:34
hXXp://39.66.178.112:40383/Mozi.m VirusTotal Report 39.66.178.112 VirusTotal Report 2022-11-28 23:30:04
hXXp://27.215.80.10:58509/i VirusTotal Report 27.215.80.10 VirusTotal Report 2022-11-28 18:39:05
hXXp://61.53.85.14:55420/Mozi.m VirusTotal Report 61.53.85.14 VirusTotal Report 2022-11-28 15:28:05
hXXp://182.114.32.119:56170/Mozi.m VirusTotal Report 182.114.32.119 VirusTotal Report 2022-11-28 08:11:07
hXXp://117.208.236.107:44261/Mozi.m VirusTotal Report 117.208.236.107 VirusTotal Report 2022-11-27 18:16:05
hXXp://42.224.0.205:45362/Mozi.m VirusTotal Report 42.224.0.205 VirusTotal Report 2022-11-27 07:52:05
hXXp://42.230.108.37:39258/Mozi.m VirusTotal Report 42.230.108.37 VirusTotal Report 2022-11-27 04:09:07
hXXp://27.215.80.10:58509/Mozi.m VirusTotal Report 27.215.80.10 VirusTotal Report 2022-11-26 19:52:05
hXXp://42.234.163.248:51840/i VirusTotal Report 42.234.163.248 VirusTotal Report 2022-11-26 08:45:06
hXXp://42.234.163.248:51840/bin.sh VirusTotal Report 42.234.163.248 VirusTotal Report 2022-11-26 08:22:05
hXXp://178.72.91.172:33672/i VirusTotal Report 178.72.91.172 VirusTotal Report 2022-11-25 09:42:06
hXXp://115.54.175.250:54260/Mozi.m VirusTotal Report 115.54.175.250 VirusTotal Report 2022-11-24 21:14:08
hXXp://59.92.175.42:46290/i VirusTotal Report 59.92.175.42 VirusTotal Report 2022-11-24 09:11:05
hXXp://182.124.239.140:51840/i VirusTotal Report 182.124.239.140 VirusTotal Report 2022-11-23 10:31:05
hXXp://182.124.239.140:51840/bin.sh VirusTotal Report 182.124.239.140 VirusTotal Report 2022-11-23 09:55:05
hXXp://115.54.187.87:54260/Mozi.m VirusTotal Report 115.54.187.87 VirusTotal Report 2022-11-22 07:54:05
hXXp://196.70.80.63:33594/Mozi.m VirusTotal Report 196.70.80.63 VirusTotal Report 2022-11-22 04:36:18
hXXp://123.10.132.94:55146/bin.sh VirusTotal Report 123.10.132.94 VirusTotal Report 2022-11-21 06:21:05
hXXp://123.10.132.94:55146/Mozi.m VirusTotal Report 123.10.132.94 VirusTotal Report 2022-11-21 03:13:05
hXXp://117.208.233.20:46290/Mozi.m VirusTotal Report 117.208.233.20 VirusTotal Report 2022-11-20 15:23:05
hXXp://39.40.209.146:54658/bin.sh VirusTotal Report 39.40.209.146 VirusTotal Report 2022-11-16 18:30:50
hXXp://117.252.168.114:49203/Mozi.m VirusTotal Report 117.252.168.114 VirusTotal Report 2022-11-15 21:35:47
hXXp://123.10.134.161:55146/Mozi.m VirusTotal Report 123.10.134.161 VirusTotal Report 2022-11-15 19:12:01
hXXp://117.248.62.180:54800/Mozi.m VirusTotal Report 117.248.62.180 VirusTotal Report 2022-11-15 07:05:50
hXXp://117.222.165.121:52450/Mozi.m VirusTotal Report 117.222.165.121 VirusTotal Report 2022-11-13 15:53:51
hXXp://123.10.135.74:55146/Mozi.m VirusTotal Report 123.10.135.74 VirusTotal Report 2022-11-12 18:04:40
hXXp://117.194.147.125:36697/Mozi.m VirusTotal Report 117.194.147.125 VirusTotal Report 2022-11-12 05:19:45
hXXp://178.72.91.172:45260/i VirusTotal Report 178.72.91.172 VirusTotal Report 2022-11-11 07:04:45
hXXp://178.72.91.172:45260/bin.sh VirusTotal Report 178.72.91.172 VirusTotal Report 2022-11-11 06:24:27
hXXp://117.222.175.0:52450/Mozi.m VirusTotal Report 117.222.175.0 VirusTotal Report 2022-11-11 05:46:45
hXXp://117.212.164.70:35914/Mozi.m VirusTotal Report 117.212.164.70 VirusTotal Report 2022-11-08 14:53:37
hXXp://123.10.128.97:55146/bin.sh VirusTotal Report 123.10.128.97 VirusTotal Report 2022-11-07 22:51:36
hXXp://123.10.128.97:55146/i VirusTotal Report 123.10.128.97 VirusTotal Report 2022-11-07 18:29:47
hXXp://123.10.128.97:55146/Mozi.m VirusTotal Report 123.10.128.97 VirusTotal Report 2022-11-06 04:59:36
hXXp://117.221.180.169:52450/Mozi.m VirusTotal Report 117.221.180.169 VirusTotal Report 2022-11-04 17:18:38
hXXp://27.194.158.46:38874/i VirusTotal Report 27.194.158.46 VirusTotal Report 2022-10-13 12:31:08
hXXp://27.194.158.46:38874/bin.sh VirusTotal Report 27.194.158.46 VirusTotal Report 2022-10-13 12:15:11
hXXp://123.10.128.190:55146/Mozi.m VirusTotal Report 123.10.128.190 VirusTotal Report 2022-11-01 19:43:18
hXXp://27.6.254.106:45679/i VirusTotal Report 27.6.254.106 VirusTotal Report 2022-10-28 18:30:35
hXXp://125.99.2.40:45679/i VirusTotal Report 125.99.2.40 VirusTotal Report 2022-10-27 14:18:28
hXXp://115.97.140.98:45679/i VirusTotal Report 115.97.140.98 VirusTotal Report 2022-10-27 09:17:22
hXXp://219.157.172.203:45195/i VirusTotal Report 219.157.172.203 VirusTotal Report 2022-10-27 08:56:31
hXXp://59.93.23.116:46473/i VirusTotal Report 59.93.23.116 VirusTotal Report 2022-10-08 15:12:05
hXXp://117.252.172.41:46473/bin.sh VirusTotal Report 117.252.172.41 VirusTotal Report 2022-10-08 07:51:06
hXXp://219.155.71.47:46654/i VirusTotal Report 219.155.71.47 VirusTotal Report 2022-10-26 09:38:27
hXXp://219.155.21.227:44388/Mozi.m VirusTotal Report 219.155.21.227 VirusTotal Report 2022-10-25 21:16:16
hXXp://116.74.20.134:45679/i VirusTotal Report 116.74.20.134 VirusTotal Report 2022-10-25 16:01:20
hXXp://201.200.197.62:34964/Mozi.m VirusTotal Report 201.200.197.62 VirusTotal Report 2022-10-25 10:53:33
hXXp://117.201.205.19:47744/Mozi.m VirusTotal Report 117.201.205.19 VirusTotal Report 2022-10-25 03:12:14
hXXp://116.74.9.16:45679/i VirusTotal Report 116.74.9.16 VirusTotal Report 2022-10-25 01:00:13
hXXp://59.92.44.141:39018/Mozi.m VirusTotal Report 59.92.44.141 VirusTotal Report 2022-10-25 00:55:14
hXXp://117.194.159.73:36122/Mozi.m VirusTotal Report 117.194.159.73 VirusTotal Report 2022-10-25 00:32:18
hXXp://123.10.134.42:55146/i VirusTotal Report 123.10.134.42 VirusTotal Report 2022-10-24 23:36:16
hXXp://123.10.134.42:55146/bin.sh VirusTotal Report 123.10.134.42 VirusTotal Report 2022-10-24 23:34:22
hXXp://112.249.181.88:45034/mozi.m VirusTotal Report 112.249.181.88 VirusTotal Report 2022-10-04 18:25:03
hXXp://27.6.252.218:45679/i VirusTotal Report 27.6.252.218 VirusTotal Report 2022-10-20 17:07:08

Strings analysis - File found

XML
M7c.xml

Strings analysis - Possible IPs found 2

192.168.1.1
192.168.3.1

Strings analysis - Possible URLs found 1

http://upx.sf.net