jade.m68k

First submission 2024-07-09 19:31:02 Last sumbission 2024-07-10 21:30:03

File details

File type: ELF 32-bit MSB executable, Motorola m68k, 68020, version 1 (SYSV), statically linked, stripped
Mime type: application/x-executable
File size: 90.55 KB (92724 bytes)
MD5: e91edf980f18636fe3d7f5629f3e15e5
SHA1: 151075ecf8306485a621af3aa3c6c2f102eccd64
SHA256: 6b8c5e02687447ae7a8740ecf0d3105f75bb57f85b2f0ebc55ea804327e4b394

File features detected

Is DLL
Packers
Anti Debug
Anti VM
Signed
XOR

OSINT Enrichments

Virus Total: 40/78 VT report date: 2024-07-09 18:36:47
Malware Type 1 trojan
Threat Type 3 mirai bootnet gafgyt

URLs, FQDN and IP indicators 1

URL Host (FQDN/IP) Date Added
hXXp://dhcp-211-248-59-5.metro86.ru/bins/jade.m68k VirusTotal Report dhcp-211-248-59-5.metro86.ru VirusTotal Report 2024-07-10 21:30:06

Strings analysis - Possible IPs found 3

192.168.0.14
5.59.248.211
193.239.147.201

Strings analysis - Possible URLs found 4

http://schemas.xmlsoap.org/soap/encoding/
http://schemas.xmlsoap.org/soap/envelope/
http://193.239.147.201/bins/x86
http://193.239.147.201/zyxel.sh;