bot

First submission 2024-09-04 13:58:02

File details

File type: ELF 64-bit LSB executable, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, BuildID[sha1]=04804d3c31218f938502cbed5cdd1af09d59a8f0, for GNU/Linux 2.6.32, stripped
Mime type: application/x-executable
File size: 7569.31 KB (7750976 bytes)
MD5: f435d08ccd88c230b983fb410ce43367
SHA1: 1fda6cde0b794d23aab1c469394dbcbdc5199276
SHA256: d9a854d0e67b6d634344cf04697368200d8c3b0ad4e7bba776c9e84ac7bd80e5

File features detected

Is DLL
Packers
Anti Debug
Anti VM
Signed
XOR

OSINT Enrichments

URLs, FQDN and IP indicators 1

URL Host (FQDN/IP) Date Added
hXXp://45.202.35.36/bot VirusTotal Report 45.202.35.36 VirusTotal Report 2024-09-04 13:58:03

Strings analysis - File found

Executable
blib-dynload/_queue.cpython-310-x86_64-linux-gnu.so
bbcrypt/_bcrypt.abi3.so
bcryptography/hazmat/bindings/_openssl.abi3.so
blib-dynload/_codecs_jp.cpython-310-x86_64-linux-gnu.so
b_cffi_backend.cpython-310-x86_64-linux-gnu.so
blib-dynload/_opcode.cpython-310-x86_64-linux-gnu.so
blib-dynload/_ssl.cpython-310-x86_64-linux-gnu.so
blib-dynload/_codecs_tw.cpython-310-x86_64-linux-gnu.so
blib-dynload/_bz2.cpython-310-x86_64-linux-gnu.so
blib-dynload/termios.cpython-310-x86_64-linux-gnu.so
blib-dynload/_contextvars.cpython-310-x86_64-linux-gnu.so
blib-dynload/_codecs_iso2022.cpython-310-x86_64-linux-gnu.so
blib-dynload/_codecs_kr.cpython-310-x86_64-linux-gnu.so
blib-dynload/_json.cpython-310-x86_64-linux-gnu.so
blib-dynload/_lzma.cpython-310-x86_64-linux-gnu.so
blib-dynload/_codecs_cn.cpython-310-x86_64-linux-gnu.so
bossl-modules/legacy.so
blib-dynload/_hashlib.cpython-310-x86_64-linux-gnu.so
blib-dynload/_multibytecodec.cpython-310-x86_64-linux-gnu.so
blib-dynload/_codecs_hk.cpython-310-x86_64-linux-gnu.so
blib-dynload/resource.cpython-310-x86_64-linux-gnu.so
blib-dynload/_decimal.cpython-310-x86_64-linux-gnu.so
Compressed
base_library.zip
xbase_library.zip
Text
xcryptography-3.4.8.egg-info/requires.txt
xcryptography-3.4.8.egg-info/top_level.txt
xcryptography-3.4.8.egg-info/dependency_links.txt