IOC Report

loading gif

Files

File Path
Type
Category
Malicious
4wA5neDGrq
ELF 32-bit LSB executable, ARM, EABI4 version 1 (SYSV), statically linked, with debug_info, not stripped
initial sample
malicious
/var/cache/motd-news
ASCII text
dropped
clean

Processes

Path
Cmdline
Malicious
/usr/bin/dash
n/a
clean
/usr/bin/cat
cat /tmp/tmp.USJYxzaCuE
clean
/usr/bin/dash
n/a
clean
/usr/bin/head
head -n 10
clean
/usr/bin/dash
n/a
clean
/usr/bin/tr
tr -d \\000-\\011\\013\\014\\016-\\037
clean
/usr/bin/dash
n/a
clean
/usr/bin/cut
cut -c -80
clean
/usr/bin/dash
n/a
clean
/usr/bin/cat
cat /tmp/tmp.USJYxzaCuE
clean
/usr/bin/dash
n/a
clean
/usr/bin/head
head -n 10
clean
/usr/bin/dash
n/a
clean
/usr/bin/tr
tr -d \\000-\\011\\013\\014\\016-\\037
clean
/usr/bin/dash
n/a
clean
/usr/bin/cut
cut -c -80
clean
/usr/bin/dash
n/a
clean
/usr/bin/rm
rm -f /tmp/tmp.USJYxzaCuE /tmp/tmp.T3hUP4mjcM /tmp/tmp.wRaDNMdR2W
clean
/tmp/4wA5neDGrq
/tmp/4wA5neDGrq
clean
/tmp/4wA5neDGrq
n/a
clean
/tmp/4wA5neDGrq
n/a
clean
/tmp/4wA5neDGrq
n/a
clean
/tmp/4wA5neDGrq
n/a
clean
There are 13 hidden processes, click here to show them.

URLs

Name
IP
Malicious
https://ubuntu.com/blog/microk8s-memory-optimisation
unknown
clean