Automated Malware Analysis IOC Report for

Processes

Path

Cmdline

Malicious

/tmp/lIiHaOtCpX.elf

URLs

Name

Malicious

http://upx.sf.net

unknown

Details

Name:	http://upx.sf.net
TargetID:	12
From Memory:	true
Current Path:	/tmp/lIiHaOtCpX.elf
Source:	lIiHaOtCpX.elf
Reputation:	high

Signature Hits	Behavior Group	Mitre Attack
Sample is packed with UPX	Data Obfuscation	Obfuscated Files or Information
URLs found in memory or binary data	Networking

Domains

Name

Malicious

daisy.ubuntu.com

162.213.35.24

Details

Name:	daisy.ubuntu.com
IP:	162.213.35.24
TargetID:	-1
Active:	true
Reputation:	high

Signature Hits	Behavior Group	Mitre Attack
Performs DNS lookups	Networking	Application Layer Protocol Non-Application Layer Protocol

Memdumps

Base Address

Regiontype

Protect

Malicious

7fb288027000

page execute read

7fb38d9ce000

page read and write

55c1bb93a000

page read and write

7fb38d1c6000

page read and write

7ffc6f80c000

page read and write

55c1b9925000

page read and write

7fb38e711000

page read and write

7fb38e1bc000

page read and write

55c1bbb14000

page read and write

7fb38e57f000

page read and write

7fb38e02d000

page read and write

55c1bb923000

page execute and read and write

7fb387fff000

page read and write

7fb288032000

page read and write

7fb38e050000

page read and write

55c1b991c000

page read and write

7ffc6f984000

page execute read

7fb38e6a8000

page read and write

7fb38e39e000

page read and write

7fb38e6cc000

page read and write

7fb38da60000

page read and write

7fb388021000

page read and write

55c1b96cb000

page execute read

7fb38ddc2000

page read and write

There are 14 hidden memdumps, click here to show them.

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

IOC Report
lIiHaOtCpX.elf

Processes

URLs

Domains

Memdumps

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

IOC ReportlIiHaOtCpX.elf

Processes

URLs

Domains

Memdumps

IOC Report
lIiHaOtCpX.elf