qlcxvisgod.x86

First submission 2022-07-30 13:22:02

File details

File type: ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), statically linked, stripped
File type: 64.77 KB (66320 bytes)
MD5: f10961fed04cf547542f9daf28d90303
SHA1: f5b1e9050f5c9dbe931f3b0dd02f2729e22b9d3c
SHA256: cd0933e579c31ee1c4dd8477afa10ccd72d0f838a6c86cc0e4d3ed6a16f60f86
Virus Total: 36/63 VT report date: 2022-07-29 12:10:58

File features detected

Is DLL

Packers

Anti Debug

Anti VM

Signed

XOR

URLs, FQDN and IP indicators 1

URL Host (FQDN/IP) Date Added
hXXp://208.67.106.145/bns//qlcxvisgod.x86 VirusTotal Report 208.67.106.145 VirusTotal Report 2022-07-30 13:22:02

Strings analysis - Possible IPs found 2

208.67.106.145
192.168.0.14

Strings analysis - Possible URLs found 4

http://schemas.xmlsoap.org/soap/encoding/
http://208.67.106.145/zyxel.sh;
http://208.67.106.145/bns/x86
http://schemas.xmlsoap.org/soap/envelope/