xi.sh4
First submission 2024-10-14 17:19:03
File details
| File type: | ELF 32-bit LSB executable, Renesas SH, version 1 (SYSV), statically linked, stripped |
| Mime type: | application/x-executable |
| File size: | 49.3 KB (50484 bytes) |
| MD5: | c0f60ef946abc7710d3cf88d44ace9d3 |
| SHA1: | 93fb064eb2d75bf92c5fabd9e5ef9584b7627a18 |
| SHA256: | 6b0e5a78e42c43d112a72519be5bdd0a8a759e4d06cd58b13bffa70a4096780e |
File features detected
Is DLL
Packers
Anti Debug
Anti VM
Signed
XOR
OSINT Enrichments
| Virus Total: | 38/77 VT report date: 2024-10-14 16:55:18 |
| Malware Type 1 | trojan |
| Threat Type 3 | mirai alof ddos |
URLs, FQDN and IP indicators 1
| URL | Host (FQDN/IP) | Date Added |
|---|---|---|
hXXp://103.192.179.5/xi.sh4  |
103.192.179.5 |
2024-10-14 17:19:03 |
Strings analysis - Possible IPs found 2
| 255.255.255.255 |
| 127.0.0.1 |