zyxel

First submission 2024-08-31 05:03:03

File details

File type: Bourne-Again shell script, ASCII text executable
Mime type: text/x-shellscript
File size: 2.41 KB (2468 bytes)
MD5: e3b98de6432a831cbcd7f03b6344a506
SHA1: 207b24b46e2cefc547f34641e8d56e60f253c649
SHA256: 75cae96c0c8dbe6698bce6b0da615181a9bf593a2f091b3858ba7589571d18e8

File features detected

Is DLL
Packers
Anti Debug
Anti VM
Signed
XOR

OSINT Enrichments

Virus Total: 36/78 VT report date: 2024-08-31 05:03:38
Malware Type 2 downloader trojan
Threat Type 3 medusa shell bash

URLs, FQDN and IP indicators 1

URL Host (FQDN/IP) Date Added
hXXp://156.238.224.214/zyxel VirusTotal Report 156.238.224.214 VirusTotal Report 2024-08-31 05:03:03

Strings analysis - Possible IPs found 1

156.238.224.214

Strings analysis - Possible URLs found 26

http://156.238.224.214/oc_x86_64;cat
http://156.238.224.214/oc_ppc;cat
http://156.238.224.214/oc_i686;
http://156.238.224.214/oc_arm6;
http://156.238.224.214/oc_arm7;cat
http://156.238.224.214/oc_i486;cat
http://156.238.224.214/oc_arm7;
http://156.238.224.214/oc_arm6;cat
http://156.238.224.214/oc_ppc;
http://156.238.224.214/oc_i486;
http://156.238.224.214/oc_m68k;cat
http://156.238.224.214/oc_m68k;
http://156.238.224.214/oc_x86_64;
http://156.238.224.214/oc_sh4;cat
http://156.238.224.214/oc_arm;
http://156.238.224.214/oc_i686;cat
http://156.238.224.214/oc_mips;cat
http://156.238.224.214/oc_sh4;
http://156.238.224.214/oc_mips;
http://156.238.224.214/oc_arm;cat
http://156.238.224.214/oc_arm5;
http://156.238.224.214/oc_mipsel;cat
http://156.238.224.214/oc_arm5;cat
http://156.238.224.214/oc_aarch64;
http://156.238.224.214/oc_mipsel;
http://156.238.224.214/oc_aarch64;cat