Games.tar

First submission 2024-09-30 14:09:06 Last sumbission 2024-09-30 14:09:07

File details

File type: POSIX tar archive (GNU)
Mime type: application/x-tar
File size: 58474.0 KB (59877376 bytes)
MD5: e5207bf191245f5405c3ecc9411eef51
SHA1: a5cb35e647b8be4c75c395c72a3a53d2517fa4f4
SHA256: c9b1c6bde7023d7fe5d5863afb5d4261764030ba9d9afbd8273e5e69d0fdde91

File features detected

Is DLL
Packers
Anti Debug
Anti VM
Signed
XOR

URLs, FQDN and IP indicators 1

URL Host (FQDN/IP) Date Added
hXXp://141.98.10.12/downloads/Games.tar VirusTotal Report 141.98.10.12 VirusTotal Report 2024-09-30 14:09:07

Strings analysis - File found

Executable
lib%s.so
libxmrig-cuda.so
libnvrtc.so
libnvidia-ml.so
libOpenCL.so
Log
main/app/handlers.Log
math.Log
Data
verthash.dat
XML
topology.xml
Text
*dns.TXT

Strings analysis - Possible IPs found 33

1.4.13.1
1.1.2.1
1.4.6.1
1.1.3.1
1.2.3.1
1.4.7.1
1.4.1.1
72.5.4.82
51.222.12.70
127.0.0.1
1.2.2.1
51.79.157.201
162.19.241.67
1.4.11.1
1.4.14.2
1.2.5.1
114.114.114.114
1.4.10.1
5.4.112.5
1.2.1.1
1.2.7.1
1.4.3.1
1.4.12.1
5.4.52.5
141.94.115.174
1.1.1.1
1.2.9.1
2.5.4.102
1.4.9.1
1.4.14.1
1.4.8.1
1.4.4.1
4.62.5.4

Strings analysis - Possible URLs found 69

http://www.wencodeURIComponent(
http://In
http://www.css
http://www.style=
http://www.icon
http://.jpg
http://interpreted
http://whether
http://dictionaryperceptionrevolutionfoundationpx;height:successfulsupportersmillenniumhis
http://option
https://xmrig.com/wizard
http://html4/loose.dtd
http://www-//W3C//DTD
http://<div
http://www.C//DTD
http://mathematicsmargin-top:eventually
http://familiar
http://www.hortcut
http://www.text-decoration:underthe
https://gcc.gnu.org/bugs
http://www.a
http://style=
http://www./div
http://
http://s;text-align:centerfont-weight:
http://www.years
https://api.github.com/repos/nanopool/nanominer/releases/latestmalformed
https://<div
http://cript
http://link
http://UA-Compatible
http://Descriptionrelatively
http://</a
http://);
http://<a
http://imEnglish
http://navigation
https://aIn
https://xmrig.com/docs/algorithms
http://www</a
http://iparticipation
http://interested
https://api.nanopool.org/v1/invalid
http://staticsuggested
http://site_name
http://applicationslink
http://.css
http://xt/css
http://www.w3.org/shortcut
https://was
http://ator
http://px;
https://gcc.gnu.org/bugsterminate
https://blockscout.com/etc/mainnet/api?module=block&action=eth_block_numbertls:
http://i
http://An
https://www.World
http://encoding=
http://www.
http://www.interpretation
http://addEventListenerresponsible
https://www.recent
http://www.language=
https://
http://www.gnu.org/software/libc/bugs.html
http://according
http://invalidlogPathlookup
http://w
http://www.<li