Attachments
(199.06 KiB) Downloaded 64 times
A forum for reverse engineering, OS internals and malware analysis
ikolor wrote:I'm the only one.GAYFGT
next
https://www.virustotal.com/en/file/35fa ... 460136599/
89.248.162.146:179
(null)
buf: %s
/bin/sh
/proc/cpuinfo
BOGOMIPS
PING
:>%$#
%d.%d.%d.%d
%d.%d.%d.0
Failed opening raw socket.
Failed setting raw headers mode.
Invalid flag "%s"
GETLOCALIP
My IP: %s
HOLD
JUNK
KILLATTK
Killed %d.
None Killed.
LOLNOGTFO
8.8.8.8
/proc/net/route
00000000
[cpuset]
fork failed
FAILED TO CONNECT
PONG
%s 2>&1
LINK CLOSED
/dev/null
CAk[S
GCC: (GNU) 4.1.2
ikolor wrote: https://www.virustotal.com/en/file/8fb0 ... 462464664/Hello.
89.248.162.167|no-reverse-dns-configured.com.|29073 | 89.248.160.0/21 | QUASINETWORKS | NL | ecatel.net | Ecatel LTD
93.174.95.38||29073 | 93.174.88.0/21 | QUASINETWORKS | NL | ecatel.net | Ecatel LTD
ikolor wrote:https://www.virustotal.com/en/file/35fa ... 460136599/This is actually an interesting sample, unusual build. I have two reasons for it: