IOC Report
38XiTWXcpG.elf

Processes

Path

Cmdline

Malicious

/tmp/38XiTWXcpG.elf

/tmp/38XiTWXcpG.elf

URLs

Name

IP

Malicious

http://upx.sf.net

unknown

Details

Name:	http://upx.sf.net
TargetID:	12
From Memory:	true
Current Path:	/tmp/38XiTWXcpG.elf
Source:	38XiTWXcpG.elf
Reputation:	high

Signature Hits	Behavior Group	Mitre Attack
Sample is packed with UPX	Data Obfuscation	Obfuscated Files or Information
URLs found in memory or binary data	Networking

Memdumps

Base Address

Regiontype

Protect

Malicious

7f1c18025000

page execute read

7f1d1f42d000

page read and write

7f1d1fa09000

page read and write

7ffe53757000

page read and write

7f1c1803d000

page execute read

55fed29a6000

page read and write

7ffe537b3000

page execute read

7f1d1fd13000

page read and write

7f1d1fd7c000

page read and write

7f1d1e831000

page read and write

7f1d17fff000

page read and write

7f1c1802d000

page read and write

7f1c1803b000

page execute and read and write

55fed2755000

page execute read

55fed49c4000

page read and write

7f1d1f0cb000

page read and write

55fed61a7000

page read and write

7f1d18021000

page read and write

7f1d1f6bb000

page read and write

7f1d1f827000

page read and write

55fed29af000

page read and write

7f1d1fbea000

page read and write

7f1d1f698000

page read and write

7f1d1f039000

page read and write

55fed49ad000

page execute and read and write

7f1d1fd37000

page read and write

There are 16 hidden memdumps, click here to show them.