DigitalSide Threat Intel

frpc

First submission 2024-10-13 20:04:05 Last sumbission 2024-10-14 15:39:05

File details

File type: ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, Go BuildID=5AcEXQIhy7DHTwGrfEgI/Wi2LU9l44IvTuIGJn4g7/ZuKrkLfoDjnPOu7rmYAx/X0iQX7ntbH9B005u0Bpf, stripped
Mime type: application/x-executable
File size: 6010.19 KB (6154432 bytes)
MD5: cf1d1c1986ca69056ca8c18177b0cf07
SHA1: b632e7422702128391f3431502cc3b6a1cde899a
SHA256: ffb6a57a4f69df1d560554b88e9db5b2a76d348601420e25ba1cb3511573ab14

File features detected

Is DLL
Packers
Anti Debug
Anti VM
Signed
XOR

OSINT Enrichments

Virus Total: 6/76 VT report date: 2019-07-18 01:27:58

URLs, FQDN and IP indicators 2

URL Host (FQDN/IP) Date Added
hXXp://206.238.196.40/frpc VirusTotal Report 206.238.196.40 VirusTotal Report 2024-10-14 15:39:07
hXXp://206.238.196.40/tmp/frpc VirusTotal Report 206.238.196.40 VirusTotal Report 2024-10-13 20:04:05

Strings analysis - File found

Log
math.Log

Strings analysis - Possible IPs found 6

5.4.82.5
2.5.4.102
5.4.32.5
62.5.4.72
5.4.112.5
4.52.5.4

Strings analysis - Possible URLs found 1

http://invalidlookup