haha.sh4

First submission 2022-08-04 22:41:02

File details

File type: ELF 32-bit LSB executable, Renesas SH, version 1 (SYSV), statically linked, stripped
File type: 32.99 KB (33784 bytes)
MD5: e1fc2a9df3ddf0fea69d9867e7e02da7
SHA1: fb5e2b6363afc0ecfa7268e2b2cfab1bb670c3e7
SHA256: 0d782f3f6c9463c3b2a38bbc27ea2b52fe8aacb80135ebf4e871f02c5437e1c4
Virus Total: 39/62 VT report date: 2022-08-04 14:19:19

File features detected

Is DLL

Packers

Anti Debug

Anti VM

Signed

XOR

URLs, FQDN and IP indicators 1

URL Host (FQDN/IP) Date Added
hXXp://209.141.50.31/skullnet/haha.sh4 VirusTotal Report 209.141.50.31 VirusTotal Report 2022-08-04 22:41:02

Strings analysis - Possible IPs found 2

255.255.255.255
127.0.0.1