DigitalSide Threat Intel

Mozi.a

First submission 2023-06-24 19:16:03 Last sumbission 2024-04-19 07:26:05

File details

File type: ELF 32-bit MSB executable, MIPS, MIPS-I version 1 (SYSV), statically linked, no section header
Mime type: application/x-executable
File size: 129.76 KB (132876 bytes)
MD5: fbe51695e97a45dc61967dc3241a37dc
SHA1: 1ed14334b5b71783cd6ec14b8a704fe48e600cf0
SHA256: 2e4506802aedea2e6d53910dfb296323be6620ac08c4b799a879eace5923a7b6
Virus Total: 44/61 VT report date: 2023-06-24 11:36:52

File features detected

Is DLL

Packers

Anti Debug

Anti VM

Signed

XOR

URLs, FQDN and IP indicators 100

URL Host (FQDN/IP) Date Added
hXXp://117.204.201.54:35154/Mozi.a VirusTotal Report 117.204.201.54 VirusTotal Report 2024-04-19 07:26:06
hXXp://117.206.177.225:50476/Mozi.a VirusTotal Report 117.206.177.225 VirusTotal Report 2024-04-19 07:13:05
hXXp://182.114.195.101:37861/i VirusTotal Report 182.114.195.101 VirusTotal Report 2024-04-19 05:26:05
hXXp://117.214.249.149:35011/Mozi.m VirusTotal Report 117.214.249.149 VirusTotal Report 2024-04-19 05:17:05
hXXp://182.114.195.101:37861/bin.sh VirusTotal Report 182.114.195.101 VirusTotal Report 2024-04-19 05:07:04
hXXp://120.56.4.249:54658/bin.sh VirusTotal Report 120.56.4.249 VirusTotal Report 2024-04-19 04:24:05
hXXp://115.58.123.183:57341/i VirusTotal Report 115.58.123.183 VirusTotal Report 2024-04-19 00:11:05
hXXp://117.194.175.210:51310/i VirusTotal Report 117.194.175.210 VirusTotal Report 2024-04-18 23:54:08
hXXp://115.58.123.183:57341/bin.sh VirusTotal Report 115.58.123.183 VirusTotal Report 2024-04-18 23:44:05
hXXp://117.214.9.206:53334/Mozi.m VirusTotal Report 117.214.9.206 VirusTotal Report 2024-04-18 23:32:05
hXXp://117.194.175.210:51310/bin.sh VirusTotal Report 117.194.175.210 VirusTotal Report 2024-04-18 23:22:07
hXXp://117.194.160.28:37992/bin.sh VirusTotal Report 117.194.160.28 VirusTotal Report 2024-04-18 22:13:05
hXXp://115.55.53.187:42611/i VirusTotal Report 115.55.53.187 VirusTotal Report 2024-04-18 22:04:06
hXXp://115.55.53.187:42611/bin.sh VirusTotal Report 115.55.53.187 VirusTotal Report 2024-04-18 21:44:06
hXXp://42.227.207.129:41623/Mozi.m VirusTotal Report 42.227.207.129 VirusTotal Report 2024-04-18 20:51:05
hXXp://117.204.206.116:33688/Mozi.a VirusTotal Report 117.204.206.116 VirusTotal Report 2024-04-18 20:15:09
hXXp://42.231.91.5:56366/i VirusTotal Report 42.231.91.5 VirusTotal Report 2024-04-18 15:51:05
hXXp://42.231.91.5:56366/bin.sh VirusTotal Report 42.231.91.5 VirusTotal Report 2024-04-18 15:26:05
hXXp://42.227.207.129:41623/bin.sh VirusTotal Report 42.227.207.129 VirusTotal Report 2024-04-18 13:39:05
hXXp://117.199.6.53:51310/bin.sh VirusTotal Report 117.199.6.53 VirusTotal Report 2024-04-18 04:41:05
hXXp://117.199.0.156:37992/i VirusTotal Report 117.199.0.156 VirusTotal Report 2024-04-18 03:27:05
hXXp://117.199.0.156:37992/bin.sh VirusTotal Report 117.199.0.156 VirusTotal Report 2024-04-18 03:09:20
hXXp://182.116.39.223:35977/i VirusTotal Report 182.116.39.223 VirusTotal Report 2024-04-18 02:10:05
hXXp://182.116.39.223:35977/bin.sh VirusTotal Report 182.116.39.223 VirusTotal Report 2024-04-18 01:42:05
hXXp://42.232.208.12:57185/Mozi.m VirusTotal Report 42.232.208.12 VirusTotal Report 2024-04-17 21:37:09
hXXp://117.253.218.213:47401/Mozi.m VirusTotal Report 117.253.218.213 VirusTotal Report 2024-04-17 20:03:06
hXXp://39.34.231.19:35087/bin.sh VirusTotal Report 39.34.231.19 VirusTotal Report 2024-04-17 18:41:07
hXXp://27.206.86.3:55299/Mozi.m VirusTotal Report 27.206.86.3 VirusTotal Report 2024-04-17 18:38:05
hXXp://59.178.41.65:38771/Mozi.a VirusTotal Report 59.178.41.65 VirusTotal Report 2024-04-17 17:32:21
hXXp://117.205.62.181:49680/i VirusTotal Report 117.205.62.181 VirusTotal Report 2024-04-17 17:21:06
hXXp://117.199.0.156:37992/Mozi.m VirusTotal Report 117.199.0.156 VirusTotal Report 2024-04-17 16:18:08
hXXp://59.178.19.140:45295/Mozi.m VirusTotal Report 59.178.19.140 VirusTotal Report 2024-04-17 14:27:08
hXXp://182.121.62.155:43195/i VirusTotal Report 182.121.62.155 VirusTotal Report 2024-04-17 11:38:06
hXXp://182.121.62.155:43195/bin.sh VirusTotal Report 182.121.62.155 VirusTotal Report 2024-04-17 11:07:06
hXXp://115.49.27.19:47177/i VirusTotal Report 115.49.27.19 VirusTotal Report 2024-04-17 08:14:12
hXXp://182.121.62.155:43195/Mozi.m VirusTotal Report 182.121.62.155 VirusTotal Report 2024-04-17 08:04:05
hXXp://115.49.27.19:47177/bin.sh VirusTotal Report 115.49.27.19 VirusTotal Report 2024-04-17 08:01:05
hXXp://115.59.60.101:60661/i VirusTotal Report 115.59.60.101 VirusTotal Report 2024-04-17 05:41:04
hXXp://115.59.60.101:60661/bin.sh VirusTotal Report 115.59.60.101 VirusTotal Report 2024-04-17 05:08:05
hXXp://42.239.255.98:34719/Mozi.m VirusTotal Report 42.239.255.98 VirusTotal Report 2024-04-17 01:51:05
hXXp://59.183.0.8:38771/bin.sh VirusTotal Report 59.183.0.8 VirusTotal Report 2024-04-17 00:50:05
hXXp://115.49.203.155:42611/i VirusTotal Report 115.49.203.155 VirusTotal Report 2024-04-16 23:48:05
hXXp://115.49.203.155:42611/bin.sh VirusTotal Report 115.49.203.155 VirusTotal Report 2024-04-16 23:29:05
hXXp://115.62.134.8:44504/i VirusTotal Report 115.62.134.8 VirusTotal Report 2024-04-16 21:27:04
hXXp://115.62.134.8:44504/bin.sh VirusTotal Report 115.62.134.8 VirusTotal Report 2024-04-16 21:10:06
hXXp://42.239.255.98:34719/i VirusTotal Report 42.239.255.98 VirusTotal Report 2024-04-16 17:10:05
hXXp://59.183.0.8:38771/Mozi.m VirusTotal Report 59.183.0.8 VirusTotal Report 2024-04-16 13:06:04
hXXp://115.55.50.167:56366/i VirusTotal Report 115.55.50.167 VirusTotal Report 2024-04-16 12:45:05
hXXp://222.138.18.58:58244/i VirusTotal Report 222.138.18.58 VirusTotal Report 2024-04-16 11:19:04
hXXp://222.138.18.58:58244/bin.sh VirusTotal Report 222.138.18.58 VirusTotal Report 2024-04-16 11:01:05
hXXp://42.230.41.218:35977/i VirusTotal Report 42.230.41.218 VirusTotal Report 2024-04-16 02:42:05
hXXp://42.230.41.218:35977/bin.sh VirusTotal Report 42.230.41.218 VirusTotal Report 2024-04-16 02:31:05
hXXp://27.206.86.3:55299/i VirusTotal Report 27.206.86.3 VirusTotal Report 2024-04-16 00:15:05
hXXp://27.206.86.3:55299/bin.sh VirusTotal Report 27.206.86.3 VirusTotal Report 2024-04-15 23:51:07
hXXp://117.252.172.60:42811/Mozi.m VirusTotal Report 117.252.172.60 VirusTotal Report 2024-04-15 23:44:07
hXXp://115.49.203.155:42611/Mozi.a VirusTotal Report 115.49.203.155 VirusTotal Report 2024-04-15 21:25:05
hXXp://117.252.160.121:37992/Mozi.m VirusTotal Report 117.252.160.121 VirusTotal Report 2024-04-15 21:21:21
hXXp://117.252.174.224:36545/Mozi.m VirusTotal Report 117.252.174.224 VirusTotal Report 2024-04-15 19:05:06
hXXp://115.58.97.242:57341/i VirusTotal Report 115.58.97.242 VirusTotal Report 2024-04-15 14:23:05
hXXp://115.58.97.242:57341/bin.sh VirusTotal Report 115.58.97.242 VirusTotal Report 2024-04-15 13:42:05
hXXp://115.55.50.167:56366/bin.sh VirusTotal Report 115.55.50.167 VirusTotal Report 2024-04-15 12:35:05
hXXp://59.178.181.31:46291/i VirusTotal Report 59.178.181.31 VirusTotal Report 2024-04-15 08:45:13
hXXp://115.49.6.196:38061/bin.sh VirusTotal Report 115.49.6.196 VirusTotal Report 2024-04-15 08:44:07
hXXp://42.230.45.191:43087/bin.sh VirusTotal Report 42.230.45.191 VirusTotal Report 2024-04-15 08:41:11
hXXp://59.178.181.31:46291/bin.sh VirusTotal Report 59.178.181.31 VirusTotal Report 2024-04-15 08:18:07
hXXp://61.3.188.241:46001/Mozi.m VirusTotal Report 61.3.188.241 VirusTotal Report 2024-04-15 04:46:05
hXXp://117.248.19.182:32998/mozi.a VirusTotal Report 117.248.19.182 VirusTotal Report 2024-04-15 00:28:14
hXXp://182.113.207.0:42611/mozi.a VirusTotal Report 182.113.207.0 VirusTotal Report 2024-04-14 21:46:05
hXXp://221.15.16.241:48786/i VirusTotal Report 221.15.16.241 VirusTotal Report 2024-04-14 21:33:05
hXXp://117.243.70.179:35095/Mozi.a VirusTotal Report 117.243.70.179 VirusTotal Report 2024-04-14 18:27:08
hXXp://182.112.4.237:43303/i VirusTotal Report 182.112.4.237 VirusTotal Report 2024-04-14 15:43:06
hXXp://61.0.145.45:41725/Mozi.m VirusTotal Report 61.0.145.45 VirusTotal Report 2024-04-14 11:47:07
hXXp://117.194.173.36:54868/Mozi.m VirusTotal Report 117.194.173.36 VirusTotal Report 2024-04-14 09:23:13
hXXp://115.63.9.27:41623/i VirusTotal Report 115.63.9.27 VirusTotal Report 2024-04-14 07:29:05
hXXp://115.63.9.27:41623/bin.sh VirusTotal Report 115.63.9.27 VirusTotal Report 2024-04-14 07:01:05
hXXp://117.212.58.198:49696/Mozi.m VirusTotal Report 117.212.58.198 VirusTotal Report 2024-04-14 06:42:20
hXXp://182.112.4.237:43303/bin.sh VirusTotal Report 182.112.4.237 VirusTotal Report 2024-04-14 04:03:05
hXXp://59.93.20.94:47134/Mozi.m VirusTotal Report 59.93.20.94 VirusTotal Report 2024-04-14 03:50:06
hXXp://115.59.58.6:60661/Mozi.m VirusTotal Report 115.59.58.6 VirusTotal Report 2024-04-14 01:50:07
hXXp://125.44.31.175:55821/i VirusTotal Report 125.44.31.175 VirusTotal Report 2024-04-14 00:11:06
hXXp://182.113.207.0:42611/bin.sh VirusTotal Report 182.113.207.0 VirusTotal Report 2024-04-14 00:06:05
hXXp://125.44.31.175:55821/bin.sh VirusTotal Report 125.44.31.175 VirusTotal Report 2024-04-13 23:34:04
hXXp://182.113.46.1:34719/i VirusTotal Report 182.113.46.1 VirusTotal Report 2024-04-13 20:57:04
hXXp://182.113.46.1:34719/bin.sh VirusTotal Report 182.113.46.1 VirusTotal Report 2024-04-13 20:13:04
hXXp://123.10.212.47:45475/i VirusTotal Report 123.10.212.47 VirusTotal Report 2024-04-13 18:16:06
hXXp://123.10.212.47:45475/bin.sh VirusTotal Report 123.10.212.47 VirusTotal Report 2024-04-13 17:33:06
hXXp://123.5.164.223:35601/bin.sh VirusTotal Report 123.5.164.223 VirusTotal Report 2024-04-13 08:24:05
hXXp://182.113.46.1:34719/Mozi.m VirusTotal Report 182.113.46.1 VirusTotal Report 2024-04-13 04:26:04
hXXp://59.93.186.15:33249/bin.sh VirusTotal Report 59.93.186.15 VirusTotal Report 2024-04-13 04:11:06
hXXp://42.230.218.77:47503/Mozi.m VirusTotal Report 42.230.218.77 VirusTotal Report 2024-04-13 03:42:05
hXXp://59.184.48.8:43898/Mozi.m VirusTotal Report 59.184.48.8 VirusTotal Report 2024-04-12 23:29:05
hXXp://115.63.9.27:41623/Mozi.m VirusTotal Report 115.63.9.27 VirusTotal Report 2024-04-12 20:08:05
hXXp://117.242.235.162:50795/Mozi.m VirusTotal Report 117.242.235.162 VirusTotal Report 2024-04-12 19:22:05
hXXp://117.254.183.76:32998/i VirusTotal Report 117.254.183.76 VirusTotal Report 2024-04-12 17:04:10
hXXp://117.254.183.76:32998/bin.sh VirusTotal Report 117.254.183.76 VirusTotal Report 2024-04-12 16:43:05
hXXp://117.252.38.222:60270/Mozi.m VirusTotal Report 117.252.38.222 VirusTotal Report 2024-04-12 16:24:05
hXXp://123.10.129.222:47144/i VirusTotal Report 123.10.129.222 VirusTotal Report 2024-04-12 12:44:05
hXXp://59.92.41.164:56778/Mozi.m VirusTotal Report 59.92.41.164 VirusTotal Report 2024-04-12 12:43:06
hXXp://221.15.16.241:48786/bin.sh VirusTotal Report 221.15.16.241 VirusTotal Report 2024-04-12 12:41:04
hXXp://123.10.129.222:47144/bin.sh VirusTotal Report 123.10.129.222 VirusTotal Report 2024-04-12 12:32:06

Strings analysis - File found

XML
Fcs7c.xml

Strings analysis - Possible URLs found 2

http://upx.sf.net
http://%s