zte
First submission 2024-10-17 12:54:01
File details
| File type: | Bourne-Again shell script, ASCII text executable, with very long lines |
| Mime type: | text/x-shellscript |
| File size: | 4.66 KB (4774 bytes) |
| MD5: | d6fbd6ebcaa6e8c4a888207a73d8f7e7 |
| SHA1: | c6523d03310b2fdeb5c56917aa0a63140e3ac92f |
| SHA256: | 975f5d09b3e648b9cd9c04cc33e2ee6e35bc7d95b5b8199d150e1e0039164c79 |
File features detected
Is DLL
Packers
Anti Debug
Anti VM
Signed
XOR
OSINT Enrichments
| Virus Total: | 35/77 VT report date: 2024-10-17 02:03:54 |
| Malware Type 2 | downloader trojan |
| Threat Type 3 | medusa shell mirai |
URLs, FQDN and IP indicators 1
| URL | Host (FQDN/IP) | Date Added |
|---|---|---|
hXXp://87.236.95.134/zte  |
87.236.95.134 |
2024-10-17 12:54:02 |
Strings analysis - Possible IPs found 1
| 87.236.95.134 |
Strings analysis - Possible URLs found 14
| http://87.236.95.134/596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.i686; |
| http://87.236.95.134/596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.x86; |
| http://87.236.95.134/596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.arm6; |
| http://87.236.95.134/596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.spc; |
| http://87.236.95.134/596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.m68k; |
| http://87.236.95.134/596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.arm7; |
| http://87.236.95.134/596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; |
| http://87.236.95.134/596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.ppc; |
| http://87.236.95.134/596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.arm; |
| http://87.236.95.134/596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.sh4; |
| http://87.236.95.134/596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.arm5; |
| http://87.236.95.134/596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mpsl; |
| http://87.236.95.134/596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.x86_64; |
| http://87.236.95.134/596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.arc; |