IOC Report
CSS2FGGrkv.elf

Processes

Path

Cmdline

Malicious

/tmp/CSS2FGGrkv.elf

/tmp/CSS2FGGrkv.elf

/tmp/CSS2FGGrkv.elf

-

/tmp/CSS2FGGrkv.elf

-

/tmp/CSS2FGGrkv.elf

-

IPs

IP

Domain

Country

Malicious

209.14.69.249

unknown

United States

Details

IP:	209.14.69.249
TargetID:	-1
Country:	United States
Countrycode:	USA
ASN number:	6220
ASN name:	AS6220US
Private:	false

Signature Hits	Behavior Group	Mitre Attack
Detected TCP or UDP traffic on non-standard ports	Networking	Non-Standard Port
Connects to IPs without corresponding DNS lookups	Networking

Memdumps

Base Address

Regiontype

Protect

Malicious

7f5d2a002000

page read and write

55fb73f44000

page read and write

7f5d297ff000

page read and write

55fb70a4c000

page read and write

55fb70a4c000

page read and write

7f5d2aafa000

page read and write

7f5d2ab47000

page read and write

55fb7082e000

page execute read

55fb72a61000

page read and write

7f5d2a29f000

page read and write

7f5d2a010000

page read and write

7f5d24000000

page read and write

7f5d2a686000

page read and write

7f5d2aafa000

page read and write

55fb7082e000

page execute read

7f5ca440c000

page execute read

7f5d297ff000

page read and write

7f5ca440c000

page execute read

55fb70a4c000

page read and write

7f5ca441c000

page read and write

7f5d24021000

page read and write

55fb72a4a000

page execute and read and write

55fb72a4a000

page execute and read and write

7f5d2a9d1000

page read and write

55fb72a61000

page read and write

7f5ca441d000

page read and write

7f5d2a9d1000

page read and write

7f5d2aafa000

page read and write

7ffdd8900000

page execute read

55fb70a44000

page read and write

7f5d24021000

page read and write

7f5d2a010000

page read and write

7f5d24000000

page read and write

55fb70a44000

page read and write

7ffdd8835000

page read and write

7f5d24021000

page read and write

7ffdd8900000

page execute read

7f5ca441c000

page read and write

7f5d2ab02000

page read and write

7f5d2a661000

page read and write

7f5d2ab02000

page read and write

7f5d2a9d1000

page read and write

55fb72a61000

page read and write

7f5d24000000

page read and write

55fb70a44000

page read and write

55fb72a4a000

page execute and read and write

7ffdd8835000

page read and write

7ffdd8835000

page read and write

7f5d2a686000

page read and write

7f5ca441c000

page read and write

55fb73f44000

page read and write

7f5ca441d000

page read and write

7f5d2a661000

page read and write

7f5d2a661000

page read and write

7f5d2a002000

page read and write

7f5ca441d000

page read and write

7f5d297ff000

page read and write

7f5d2a29f000

page read and write

55fb7082e000

page execute read

7f5d2ab47000

page read and write

7f5d2ab47000

page read and write

7f5ca440c000

page execute read

7ffdd8900000

page execute read

7f5d2ab02000

page read and write

7f5d2a29f000

page read and write

55fb73f44000

page read and write

7f5d2a686000

page read and write

7f5d2a010000

page read and write

7f5d2a002000

page read and write

There are 59 hidden memdumps, click here to show them.