bot.riscv64
First submission 2024-10-13 22:09:03
Last sumbission 2024-10-13 23:00:03
File details
| File type: | ELF 64-bit LSB shared object, x86-64, version 1 (SYSV), for GNU/Linux 3.2.0, BuildID[sha1]=a5bdb209387e06cba305d4d5db76c52b7cb6ea26, dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, no section header |
| Mime type: | application/x-pie-executable |
| File size: | 7245.69 KB (7419587 bytes) |
| MD5: | bdd59b6239a4d3d17f1ff56f25ed4417 |
| SHA1: | 745472dbaace1e9637b0f92dd1e8cecfb5a885a2 |
| SHA256: | 262d14588d9c2eb5ea9e107143aa3eceb6d07c2a5bc5ca77b14657db125fc693 |
File features detected
Is DLL
Packers
Anti Debug
Anti VM
Signed
XOR
URLs, FQDN and IP indicators 2
| URL | Host (FQDN/IP) | Date Added |
|---|---|---|
hXXp://billing.rpnodes.host/bot.riscv64  |
billing.rpnodes.host |
2024-10-13 23:00:06 |
| hXXp://100.42.189.107/bot.riscv64 |
100.42.189.107 |
2024-10-13 22:09:03 |
Strings analysis - File found
| Log |
| math.Log |
Strings analysis - Possible IPs found 13
| 1.2.2.1 |
| 1.1.2.1 |
| 2.5.4.102 |
| 72.5.4.82 |
| 87.120.84.114 |
| 1.1.3.1 |
| 5.4.32.5 |
| 1.2.1.1 |
| 127.0.0.1 |
| 2.5.4.62 |
| 5.4.112.5 |
| 4.52.5.4 |
| 1.1.1.1 |
Strings analysis - Possible URLs found 2
| http://api.ipify.orgjson: |
| http://OPTIONSCreatedIM |