Automated Malware Analysis IOC Report for

Processes

Path

Cmdline

Malicious

/tmp/wx6NGH4iz5.elf

/usr/bin/dash

/usr/bin/rm

rm -f /tmp/tmp.Jsum8kwrB4 /tmp/tmp.r9mNQhdtOY /tmp/tmp.eg73ircuuU

/usr/bin/dash

/usr/bin/rm

rm -f /tmp/tmp.Jsum8kwrB4 /tmp/tmp.r9mNQhdtOY /tmp/tmp.eg73ircuuU

IPs

Domain

Country

Malicious

34.249.145.219

unknown

United States

Details

IP:	34.249.145.219
TargetID:	-1
Country:	United States
Countrycode:	USA
ASN number:	16509
ASN name:	AMAZON-02US
Private:	false

Signature Hits	Behavior Group	Mitre Attack
Connects to IPs without corresponding DNS lookups	Networking

109.202.202.202

unknown

Switzerland

Details

IP:	109.202.202.202
TargetID:	-1
Country:	Switzerland
Countrycode:	CHE
ASN number:	13030
ASN name:	INIT7CH
Private:	false

Signature Hits	Behavior Group	Mitre Attack
Connects to IPs without corresponding DNS lookups	Networking

91.189.91.43

unknown

United Kingdom

Details

IP:	91.189.91.43
TargetID:	-1
Country:	United Kingdom
Countrycode:	GBR
ASN number:	41231
ASN name:	CANONICAL-ASGB
Private:	false

Signature Hits	Behavior Group	Mitre Attack
Connects to IPs without corresponding DNS lookups	Networking

91.189.91.42

unknown

United Kingdom

Details

IP:	91.189.91.42
TargetID:	-1
Country:	United Kingdom
Countrycode:	GBR
ASN number:	41231
ASN name:	CANONICAL-ASGB
Private:	false

Signature Hits	Behavior Group	Mitre Attack
Connects to IPs without corresponding DNS lookups	Networking

Memdumps

Base Address

Regiontype

Protect

Malicious

7f4d3c026000

page execute read

7f4e44b41000

page read and write

7f4d3c038000

page read and write

7f4e43788000

page read and write

7ffdadee0000

page read and write

7f4d3c02e000

page read and write

7f4e44384000

page read and write

55f15e4ca000

page read and write

7f4e44960000

page read and write

7ffdadf66000

page execute read

55f162048000

page read and write

55f1604e8000

page read and write

7f4e43f90000

page read and write

7f4e44c8e000

page read and write

7f4e445ef000

page read and write

55f1604d1000

page execute and read and write

55f15e4d3000

page read and write

55f15e279000

page execute read

7f4e3c021000

page read and write

7f4e44cd3000

page read and write

7f4e44612000

page read and write

7f4e44c6a000

page read and write

7f4e3bfff000

page read and write

7f4e44022000

page read and write

7f4e4477e000

page read and write

There are 15 hidden memdumps, click here to show them.

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

IOC Report
wx6NGH4iz5.elf

Processes

IPs

Memdumps

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

IOC Reportwx6NGH4iz5.elf

Processes

IPs

Memdumps

IOC Report
wx6NGH4iz5.elf