Files
File Path
|
Type
|
Category
|
Malicious
|
|
---|---|---|---|---|
dvxuxG34sk.elf
|
ELF 32-bit MSB executable, SPARC, version 1 (SYSV), statically linked, stripped
|
initial sample
|
||
/tmp/qemu-open.q0LbGq (deleted)
|
data
|
dropped
|
Processes
Path
|
Cmdline
|
Malicious
|
|
---|---|---|---|
/tmp/dvxuxG34sk.elf
|
/tmp/dvxuxG34sk.elf
|
||
/tmp/dvxuxG34sk.elf
|
-
|
Domains
Name
|
IP
|
Malicious
|
|
---|---|---|---|
kovey.mezo-api.xyz
|
45.131.111.219
|
IPs
IP
|
Domain
|
Country
|
Malicious
|
|
---|---|---|---|---|
45.131.111.219
|
kovey.mezo-api.xyz
|
Germany
|
Memdumps
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
---|---|---|---|---|
7f3b24021000
|
page execute read
|
|||
7f3c2b254000
|
page read and write
|
|||
7f3c2b986000
|
page read and write
|
|||
7f3c24000000
|
page read and write
|
|||
7f3c2afc5000
|
page read and write
|
|||
7ffe124e2000
|
page execute read
|
|||
7f3c2afb7000
|
page read and write
|
|||
7f3c2b63b000
|
page read and write
|
|||
7f3c2b616000
|
page read and write
|
|||
7f3c2baaf000
|
page read and write
|
|||
7f3b24031000
|
page read and write
|
|||
7f3c2bafc000
|
page read and write
|
|||
7f3c2bab7000
|
page read and write
|
|||
7f3b24034000
|
page read and write
|
|||
55ad551ea000
|
page read and write
|
|||
55ad571e8000
|
page execute and read and write
|
|||
55ad571ff000
|
page read and write
|
|||
55ad57d04000
|
page read and write
|
|||
55ad54fb3000
|
page execute read
|
|||
7ffe12481000
|
page read and write
|
|||
7f3c24021000
|
page read and write
|
|||
7f3c2a7b4000
|
page read and write
|
|||
55ad551e1000
|
page read and write
|
There are 13 hidden memdumps, click here to show them.