zyxel
First submission 2024-08-31 05:03:03
File details
File type: | Bourne-Again shell script, ASCII text executable |
Mime type: | text/x-shellscript |
File size: | 2.41 KB (2468 bytes) |
MD5: | e3b98de6432a831cbcd7f03b6344a506 |
SHA1: | 207b24b46e2cefc547f34641e8d56e60f253c649 |
SHA256: | 75cae96c0c8dbe6698bce6b0da615181a9bf593a2f091b3858ba7589571d18e8 |
File features detected
Is DLL
Packers
Anti Debug
Anti VM
Signed
XOR
OSINT Enrichments
Virus Total: | 36/78 VT report date: 2024-08-31 05:03:38 |
Malware Type 2 | downloader trojan |
Threat Type 3 | medusa shell bash |
URLs, FQDN and IP indicators 1
Strings analysis - Possible IPs found 1
156.238.224.214 |
Strings analysis - Possible URLs found 26
http://156.238.224.214/oc_x86_64;cat |
http://156.238.224.214/oc_ppc;cat |
http://156.238.224.214/oc_i686; |
http://156.238.224.214/oc_arm6; |
http://156.238.224.214/oc_arm7;cat |
http://156.238.224.214/oc_i486;cat |
http://156.238.224.214/oc_arm7; |
http://156.238.224.214/oc_arm6;cat |
http://156.238.224.214/oc_ppc; |
http://156.238.224.214/oc_i486; |
http://156.238.224.214/oc_m68k;cat |
http://156.238.224.214/oc_m68k; |
http://156.238.224.214/oc_x86_64; |
http://156.238.224.214/oc_sh4;cat |
http://156.238.224.214/oc_arm; |
http://156.238.224.214/oc_i686;cat |
http://156.238.224.214/oc_mips;cat |
http://156.238.224.214/oc_sh4; |
http://156.238.224.214/oc_mips; |
http://156.238.224.214/oc_arm;cat |
http://156.238.224.214/oc_arm5; |
http://156.238.224.214/oc_mipsel;cat |
http://156.238.224.214/oc_arm5;cat |
http://156.238.224.214/oc_aarch64; |
http://156.238.224.214/oc_mipsel; |
http://156.238.224.214/oc_aarch64;cat |