yak.sh
First submission 2024-09-03 20:37:02
File details
File type: | Bourne-Again shell script, ASCII text executable |
Mime type: | text/x-shellscript |
File size: | 1.95 KB (1997 bytes) |
MD5: | d38e8407bbc72cbd2057efdd3d8b7a05 |
SHA1: | 89e1ebb28cea58b8f9eb728383f8cb565d58518e |
SHA256: | ea83411bd7b6e5a7364f7b8b9018f0f17f7084aeb58a47736dd80c99cfeac7f1 |
File features detected
Is DLL
Packers
Anti Debug
Anti VM
Signed
XOR
OSINT Enrichments
Virus Total: | 39/79 VT report date: 2024-09-03 19:37:58 |
Malware Type 2 | downloader trojan |
Threat Type 3 | medusa shell bash |
URLs, FQDN and IP indicators 1
Strings analysis - Possible URLs found 13
http://pirati.abuser.eu/yakuza.arm5; |
http://pirati.abuser.eu/yakuza.mips; |
http://pirati.abuser.eu/yakuza.arm6; |
http://pirati.abuser.eu/yakuza.arm7; |
http://pirati.abuser.eu/yakuza.mipsel; |
http://pirati.abuser.eu/yakuza.x86; |
http://pirati.abuser.eu/yakuza.i686; |
http://pirati.abuser.eu/yakuza.m68k; |
http://pirati.abuser.eu/yakuza.ppc; |
http://pirati.abuser.eu/yakuza.sparc; |
http://pirati.abuser.eu/yakuza.i586; |
http://pirati.abuser.eu/yakuza.sh; |
http://pirati.abuser.eu/yakuza.arm4; |