bot.arm7

First submission 2024-09-03 10:13:02 Last sumbission 2024-09-03 11:22:01

File details

File type: ELF 32-bit LSB executable, ARM, EABI4 version 1 (SYSV), statically linked, with debug_info, not stripped
Mime type: application/x-executable
File size: 180.53 KB (184862 bytes)
MD5: cb50c63271f2acecd56b1b43ae933387
SHA1: b83884546820eae25bd0a15822392399724e7b3b
SHA256: 641813de9b816602489f68eaaa80624779e12800f091a040ee233eda30876768

File features detected

Is DLL
Packers
Anti Debug
Anti VM
Signed
XOR

OSINT Enrichments

Virus Total: 41/79 VT report date: 2024-09-03 09:50:23
Malware Type 1 trojan
Threat Type 3 mirai gafgyt bashlite

URLs, FQDN and IP indicators 3

URL Host (FQDN/IP) Date Added
hXXp://185.196.9.222/bot.arm7 VirusTotal Report 185.196.9.222 VirusTotal Report 2024-09-03 11:22:02
hXXp://captcha.webredirect.org/bot.arm7 VirusTotal Report captcha.webredirect.org VirusTotal Report 2024-09-03 10:17:03
hXXp://chrome.webredirect.org/bot.arm7 VirusTotal Report chrome.webredirect.org VirusTotal Report 2024-09-03 10:13:02

Strings analysis - Possible IPs found 2

255.255.255.255
127.0.0.1