bot.arm64
First submission 2024-10-13 22:08:02
Last sumbission 2024-10-13 22:59:02
File details
| File type: | ELF 64-bit LSB shared object, x86-64, version 1 (SYSV), for GNU/Linux 3.2.0, BuildID[sha1]=a5bdb209387e06cba305d4d5db76c52b7cb6ea26, dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, no section header |
| Mime type: | application/x-pie-executable |
| File size: | 7318.05 KB (7493682 bytes) |
| MD5: | c7fea3670e13f0b931ab7e45e67551e6 |
| SHA1: | eba0967fd4cfafb8c28fffffd08fb73762de6233 |
| SHA256: | 447557fef6578ffc4589756ba05a56cebdc5119586b288dd896d325c1d3bb9c3 |
File features detected
Is DLL
Packers
Anti Debug
Anti VM
Signed
XOR
URLs, FQDN and IP indicators 2
| URL | Host (FQDN/IP) | Date Added |
|---|---|---|
hXXp://billing.rpnodes.host/bot.arm64  |
billing.rpnodes.host |
2024-10-13 22:59:04 |
| hXXp://100.42.189.107/bot.arm64 |
100.42.189.107 |
2024-10-13 22:08:02 |
Strings analysis - File found
| Log |
| math.Log |
Strings analysis - Possible IPs found 13
| 1.2.2.1 |
| 1.1.2.1 |
| 2.5.4.102 |
| 72.5.4.82 |
| 87.120.84.114 |
| 1.1.3.1 |
| 5.4.32.5 |
| 1.2.1.1 |
| 127.0.0.1 |
| 2.5.4.62 |
| 5.4.112.5 |
| 4.52.5.4 |
| 1.1.1.1 |
Strings analysis - Possible URLs found 2
| http://chunkedCreatedIM |
| http://api.ipify.orgjson: |