ohshit.sh

First submission 2022-07-30 19:41:02

File details

File type: Bourne-Again shell script, ASCII text executable
File type: 2.9 KB (2970 bytes)
MD5: ff1846f2c4d1fc8c6c02be499bda6e66
SHA1: 582761a69197ec1612cf21b2b4a34e6fc743aea0
SHA256: e6e6730ef81c6335d2ea12e6519ad325a9f6d3b66d470a127e902d8375dfad90
Virus Total: 33/60 VT report date: 2022-07-30 16:06:33

File features detected

Is DLL

Packers

Anti Debug

Anti VM

Signed

XOR

URLs, FQDN and IP indicators 1

URL Host (FQDN/IP) Date Added
hXXp://95.182.123.165/ohshit.sh VirusTotal Report 95.182.123.165 VirusTotal Report 2022-07-30 19:41:02

Strings analysis - Possible IPs found 1

95.182.123.165

Strings analysis - Possible URLs found 30

http://95.182.123.165/hiddenbin/boatnet.mpsl;cat
http://95.182.123.165/hiddenbin/boatnet.arc;
http://95.182.123.165/hiddenbin/boatnet.mips;
http://95.182.123.165/hiddenbin/boatnet.arm6;
http://95.182.123.165/hiddenbin/boatnet.x86_64;cat
http://95.182.123.165/hiddenbin/boatnet.x86_64;
http://95.182.123.165/hiddenbin/boatnet.i468;cat
http://95.182.123.165/hiddenbin/boatnet.m68k;
http://95.182.123.165/hiddenbin/boatnet.mips;cat
http://95.182.123.165/hiddenbin/boatnet.arc;cat
http://95.182.123.165/hiddenbin/boatnet.mpsl;
http://95.182.123.165/hiddenbin/boatnet.arm6;cat
http://95.182.123.165/hiddenbin/boatnet.spc;
http://95.182.123.165/hiddenbin/boatnet.m68k;cat
http://95.182.123.165/hiddenbin/boatnet.x86;cat
http://95.182.123.165/hiddenbin/boatnet.x86;
http://95.182.123.165/hiddenbin/boatnet.arm5;
http://95.182.123.165/hiddenbin/boatnet.arm5;cat
http://95.182.123.165/hiddenbin/boatnet.arm7;
http://95.182.123.165/hiddenbin/boatnet.i686;
http://95.182.123.165/hiddenbin/boatnet.i468;
http://95.182.123.165/hiddenbin/boatnet.ppc;
http://95.182.123.165/hiddenbin/boatnet.arm;cat
http://95.182.123.165/hiddenbin/boatnet.i686;cat
http://95.182.123.165/hiddenbin/boatnet.sh4;
http://95.182.123.165/hiddenbin/boatnet.arm;
http://95.182.123.165/hiddenbin/boatnet.spc;cat
http://95.182.123.165/hiddenbin/boatnet.sh4;cat
http://95.182.123.165/hiddenbin/boatnet.ppc;cat
http://95.182.123.165/hiddenbin/boatnet.arm7;cat