huawei
First submission 2024-10-17 02:14:01
File details
| File type: | Bourne-Again shell script, ASCII text executable, with very long lines |
| Mime type: | text/x-shellscript |
| File size: | 4.7 KB (4816 bytes) |
| MD5: | d97f217a1dad90ac2a811c2684010888 |
| SHA1: | 7aedac430643630d8d80e361279e85bf4a583679 |
| SHA256: | 81a013dd15f6f42dc9b2f72ebfc7b5ecbc3be11b6e7777618bc500fa910102f3 |
File features detected
Is DLL
Packers
Anti Debug
Anti VM
Signed
XOR
OSINT Enrichments
| Virus Total: | 36/77 VT report date: 2024-10-17 02:07:34 |
| Malware Type 2 | downloader trojan |
| Threat Type 3 | medusa shell mirai |
URLs, FQDN and IP indicators 1
| URL | Host (FQDN/IP) | Date Added |
|---|---|---|
hXXp://87.236.95.134/huawei  |
87.236.95.134 |
2024-10-17 02:14:02 |
Strings analysis - Possible IPs found 1
| 87.236.95.134 |
Strings analysis - Possible URLs found 14
| http://87.236.95.134/596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.i686; |
| http://87.236.95.134/596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.x86; |
| http://87.236.95.134/596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.arm6; |
| http://87.236.95.134/596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.spc; |
| http://87.236.95.134/596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.m68k; |
| http://87.236.95.134/596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.arm7; |
| http://87.236.95.134/596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mips; |
| http://87.236.95.134/596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.ppc; |
| http://87.236.95.134/596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.arm; |
| http://87.236.95.134/596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.sh4; |
| http://87.236.95.134/596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.arm5; |
| http://87.236.95.134/596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.mpsl; |
| http://87.236.95.134/596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.x86_64; |
| http://87.236.95.134/596a96cc7bf9108cd896f33c44aedc8a/db0fa4b8db0333367e9bda3ab68b8042.arc; |