IOC Report
dPOYR1HYAD.elf

loading gif

Processes

Path
Cmdline
Malicious
/tmp/dPOYR1HYAD.elf
/tmp/dPOYR1HYAD.elf
/tmp/dPOYR1HYAD.elf
-
/tmp/dPOYR1HYAD.elf
-
/tmp/dPOYR1HYAD.elf
-
/tmp/dPOYR1HYAD.elf
-
/usr/bin/dash
-
/usr/bin/rm
rm -f /tmp/tmp.RsMkx57hJx /tmp/tmp.br4Wgx1gNE /tmp/tmp.pUQWfyOGYi
/usr/bin/dash
-
/usr/bin/cat
cat /tmp/tmp.RsMkx57hJx
/usr/bin/dash
-
/usr/bin/head
head -n 10
/usr/bin/dash
-
/usr/bin/tr
tr -d \\000-\\011\\013\\014\\016-\\037
/usr/bin/dash
-
/usr/bin/cut
cut -c -80
/usr/bin/dash
-
/usr/bin/cat
cat /tmp/tmp.RsMkx57hJx
/usr/bin/dash
-
/usr/bin/head
head -n 10
/usr/bin/dash
-
/usr/bin/tr
tr -d \\000-\\011\\013\\014\\016-\\037
/usr/bin/dash
-
/usr/bin/cut
cut -c -80
/usr/bin/dash
-
/usr/bin/rm
rm -f /tmp/tmp.RsMkx57hJx /tmp/tmp.br4Wgx1gNE /tmp/tmp.pUQWfyOGYi
There are 15 hidden processes, click here to show them.

URLs

Name
IP
Malicious
http://upx.sf.net
unknown

Memdumps

Base Address
Regiontype
Protect
Malicious
7f25c4426000
page execute read
 malicious
7f25c4426000
page execute read
 malicious
7f25c4426000
page execute read
 malicious
7f25c4426000
page execute read
 malicious
55f116b14000
page execute read
7f2644000000
page read and write
55f118da4000
page execute and read and write
7f2649cb9000
page read and write
7f264a985000
page read and write
7f264a9d2000
page read and write
7f264a30a000
page read and write
55f116b14000
page execute read
55f118da4000
page execute and read and write
7f264a85c000
page read and write
7f25c4441000
page read and write
7f264a98d000
page read and write
7f264a34a000
page read and write
55f116da6000
page read and write
7ffc8cdf5000
page execute read
7f26494a3000
page read and write
55f118da4000
page execute and read and write
7f26494a3000
page read and write
7f2644021000
page read and write
7f26494a3000
page read and write
7f264a32d000
page read and write
7f26494a3000
page read and write
7f264a98d000
page read and write
55f118dbb000
page read and write
7f264a30a000
page read and write
7f264a98d000
page read and write
7f2649cab000
page read and write
7f264a67b000
page read and write
7ffc8cdf5000
page execute read
7f2649cb9000
page read and write
7f264a30a000
page read and write
55f11ad81000
page read and write
7f2649cab000
page read and write
55f118dbb000
page read and write
7f2649f69000
page read and write
7f25c4444000
page read and write
7f264a34a000
page read and write
55f116b14000
page execute read
7f264a9d2000
page read and write
7f264a9d2000
page read and write
7f2644021000
page read and write
7f264a985000
page read and write
55f116d9c000
page read and write
55f11ad81000
page read and write
55f116da6000
page read and write
7f264a9d2000
page read and write
7f2644000000
page read and write
7f264a985000
page read and write
7f264a67b000
page read and write
55f116d9c000
page read and write
55f11ada1000
page read and write
7f2649cab000
page read and write
7f25c4444000
page read and write
7f264a34a000
page read and write
7f264a34a000
page read and write
7f2649cb9000
page read and write
7f2644000000
page read and write
55f116da6000
page read and write
7f264a32d000
page read and write
7f2644021000
page read and write
55f116b14000
page execute read
55f118dbb000
page read and write
7f264a32d000
page read and write
55f118da4000
page execute and read and write
7f2649f69000
page read and write
7f2649f69000
page read and write
7f2649cb9000
page read and write
7f2649cab000
page read and write
55f116da6000
page read and write
7ffc8cd7b000
page read and write
7f2644021000
page read and write
55f116d9c000
page read and write
55f118dbb000
page read and write
7ffc8cd7b000
page read and write
7ffc8cd7b000
page read and write
7f264a32d000
page read and write
7ffc8cdf5000
page execute read
7f264a85c000
page read and write
7f264a30a000
page read and write
55f11ada1000
page read and write
7f25c4441000
page read and write
7ffc8cd7b000
page read and write
7f264a85c000
page read and write
7f264a985000
page read and write
7ffc8cdf5000
page execute read
7f264a98d000
page read and write
55f11ad81000
page read and write
7f2649f69000
page read and write
7f25c4441000
page read and write
7f2644000000
page read and write
7f25c4441000
page read and write
55f11ad81000
page read and write
7f264a85c000
page read and write
7f264a67b000
page read and write
7f264a67b000
page read and write
55f116d9c000
page read and write
There are 90 hidden memdumps, click here to show them.