IOC Report

loading gif

Processes

Path
Cmdline
Malicious
/tmp/Mozi.a
/tmp/Mozi.a
 clean

URLs

Name
IP
Malicious
http://%s:%d/bin.sh;chmod
unknown
 malicious
http://%s:%d/Mozi.a;chmod
unknown
 malicious
http://%s:%d/bin.sh
unknown
 malicious
http://%s:%d/Mozi.a;sh$
unknown
 malicious
http://ipinfo.io/ip
unknown
 clean
http://%s:%d/Mozi.m;/tmp/Mozi.m
unknown
 clean
http://schemas.xmlsoap.org/soap/encoding/
unknown
 clean
http://purenetworks.com/HNAP1/
unknown
 clean
http://%s:%d/Mozi.m;
unknown
 clean
http://%s:%d/Mozi.m;$
unknown
 clean
http://schemas.xmlsoap.org/soap/envelope/
unknown
 clean
http://upx.sf.net
unknown
 clean
http://HTTP/1.1
unknown
 clean
http://127.0.0.1
unknown
 clean
http://baidu.com/%s/%s/%d/%s/%s/%s/%s)
unknown
 clean
http://schemas.xmlsoap.org/soap/envelope//
unknown
 clean
http://%s:%d/Mozi.m
unknown
 clean
http://127.0.0.1sendcmd
unknown
 clean
There are 8 hidden URLs, click here to show them.

IPs

IP
Domain
Country
Malicious
109.202.202.202
unknown
Switzerland
clean
91.189.91.43
unknown
United Kingdom
clean
91.189.91.42
unknown
United Kingdom
clean