yak.sh

First submission 2024-09-03 20:37:02

File details

File type: Bourne-Again shell script, ASCII text executable
Mime type: text/x-shellscript
File size: 1.95 KB (1997 bytes)
MD5: d38e8407bbc72cbd2057efdd3d8b7a05
SHA1: 89e1ebb28cea58b8f9eb728383f8cb565d58518e
SHA256: ea83411bd7b6e5a7364f7b8b9018f0f17f7084aeb58a47736dd80c99cfeac7f1

File features detected

Is DLL
Packers
Anti Debug
Anti VM
Signed
XOR

OSINT Enrichments

Virus Total: 39/79 VT report date: 2024-09-03 19:37:58
Malware Type 2 downloader trojan
Threat Type 3 medusa shell bash

URLs, FQDN and IP indicators 1

URL Host (FQDN/IP) Date Added
hXXp://pirati.abuser.eu/yak.sh VirusTotal Report pirati.abuser.eu VirusTotal Report 2024-09-03 20:37:02

Strings analysis - Possible URLs found 13

http://pirati.abuser.eu/yakuza.arm5;
http://pirati.abuser.eu/yakuza.mips;
http://pirati.abuser.eu/yakuza.arm6;
http://pirati.abuser.eu/yakuza.arm7;
http://pirati.abuser.eu/yakuza.mipsel;
http://pirati.abuser.eu/yakuza.x86;
http://pirati.abuser.eu/yakuza.i686;
http://pirati.abuser.eu/yakuza.m68k;
http://pirati.abuser.eu/yakuza.ppc;
http://pirati.abuser.eu/yakuza.sparc;
http://pirati.abuser.eu/yakuza.i586;
http://pirati.abuser.eu/yakuza.sh;
http://pirati.abuser.eu/yakuza.arm4;