IOC Report
M74QLI3COX.elf

loading gif

Processes

Path
Cmdline
Malicious
/tmp/M74QLI3COX.elf
/tmp/M74QLI3COX.elf
/usr/bin/dash
-
/usr/bin/rm
rm -f /tmp/tmp.fZhFj81utJ /tmp/tmp.5BuHKRtIt9 /tmp/tmp.iMWgMwkDqB
/usr/bin/dash
-
/usr/bin/cat
cat /tmp/tmp.fZhFj81utJ
/usr/bin/dash
-
/usr/bin/head
head -n 10
/usr/bin/dash
-
/usr/bin/tr
tr -d \\000-\\011\\013\\014\\016-\\037
/usr/bin/dash
-
/usr/bin/cut
cut -c -80
/usr/bin/dash
-
/usr/bin/cat
cat /tmp/tmp.fZhFj81utJ
/usr/bin/dash
-
/usr/bin/head
head -n 10
/usr/bin/dash
-
/usr/bin/tr
tr -d \\000-\\011\\013\\014\\016-\\037
/usr/bin/dash
-
/usr/bin/cut
cut -c -80
/usr/bin/dash
-
/usr/bin/rm
rm -f /tmp/tmp.fZhFj81utJ /tmp/tmp.5BuHKRtIt9 /tmp/tmp.iMWgMwkDqB
There are 11 hidden processes, click here to show them.

IPs

IP
Domain
Country
Malicious
54.217.10.153
unknown
United States

Memdumps

Base Address
Regiontype
Protect
Malicious
7fbdebb48000
page read and write
4025168000
page read and write
7fbdeb767000
page read and write
7ffe5856f000
page read and write
7fbdebe79000
page read and write
7fbdeb4b7000
page read and write
556a49a27000
page read and write
4001192000
page read and write
7fbdec18b000
page read and write
7fbdec1d0000
page read and write
556a46403000
page execute read
c000400000
page read and write
4000968000
page read and write
7ffe58580000
page execute read
556a4668c000
page read and write
4000862000
page read and write
7fbdeb4a9000
page read and write
7fbdeaca1000
page read and write
7fbdec183000
page read and write
13c000
page execute read
556a486ac000
page read and write
7fbdec05a000
page read and write
40052e2000
page read and write
27f000
page read and write
4027b96000
page read and write
556a48695000
page execute and read and write
7fbdebb2b000
page read and write
556a46697000
page read and write
7fbde4021000
page read and write
7fbdebb08000
page read and write
24f000
page read and write
There are 21 hidden memdumps, click here to show them.