IOC Report
gm7Kudjyws.elf

loading gif

Files

File Path
Type
Category
Malicious
gm7Kudjyws.elf
ELF 32-bit MSB executable, MIPS, MIPS-I version 1 (SYSV), statically linked, not stripped
initial sample
 malicious
/tmp/qemu-open.IBgyqK (deleted)
ASCII text
dropped

Processes

Path
Cmdline
Malicious
/tmp/gm7Kudjyws.elf
/tmp/gm7Kudjyws.elf
/tmp/gm7Kudjyws.elf
-
/tmp/gm7Kudjyws.elf
-
/tmp/gm7Kudjyws.elf
-

URLs

Name
IP
Malicious
91.92.240.85:23
malicious
http://91.92.240.85/bins.sh;
unknown

IPs

IP
Domain
Country
Malicious
109.109.109.109
unknown
Netherlands
105.104.91.202
unknown
Algeria
207.207.207.207
unknown
United States
122.122.122.122
unknown
Taiwan; Republic of China (ROC)
139.209.201.119
unknown
China
35.34.21.132
unknown
United States
63.133.125.43
unknown
United States
59.59.59.59
unknown
China
146.146.146.146
unknown
United States
220.220.220.220
unknown
Japan
110.110.110.110
unknown
China
64.63.50.161
unknown
United States
8.8.8.8
unknown
United States
153.132.178.183
unknown
Japan
72.72.72.72
unknown
United States
158.158.158.158
unknown
Singapore
171.171.171.171
unknown
United States
25.134.145.98
unknown
United Kingdom
154.224.216.134
unknown
Uganda
174.153.199.204
unknown
United States
71.180.191.144
unknown
United States
103.212.223.176
unknown
Korea Republic of
150.129.175.180
unknown
India
115.224.235.188
unknown
China
166.236.228.146
unknown
United States
183.183.183.183
unknown
Japan
76.75.62.173
unknown
United States
20.129.140.93
unknown
United States
50.50.50.50
unknown
United States
42.41.28.139
unknown
Korea Republic of
92.162.154.72
unknown
France
156.155.142.253
unknown
South Africa
88.87.74.185
unknown
Russian Federation
144.143.130.241
unknown
United States
100.209.220.173
unknown
United States
58.167.178.131
unknown
Australia
187.166.212.217
unknown
Mexico
120.99.145.150
unknown
Taiwan; Republic of China (ROC)
87.87.87.87
unknown
United Kingdom
142.212.204.122
unknown
Canada
67.137.129.47
unknown
United States
83.82.69.180
unknown
Netherlands
37.37.37.37
unknown
Kuwait
199.178.224.229
unknown
United States
148.127.173.178
unknown
United States
15.15.15.15
unknown
United States
9.118.129.82
unknown
United States
219.219.219.219
unknown
China
47.46.33.144
unknown
United States
117.187.179.97
unknown
China
108.178.170.88
unknown
United States
181.251.243.161
unknown
Colombia
185.185.185.185
unknown
Netherlands
68.177.188.141
unknown
United States
105.214.225.178
unknown
South Africa
156.226.218.136
unknown
Seychelles
173.173.173.173
unknown
United States
32.141.152.105
unknown
United States
86.195.206.159
unknown
France
56.165.176.129
unknown
United States
222.222.222.222
unknown
China
44.153.164.117
unknown
United States
66.45.91.96
unknown
United States
112.112.112.112
unknown
China
197.197.197.197
unknown
Egypt
71.141.133.51
unknown
United States
107.106.93.204
unknown
United States
119.119.119.119
unknown
China
217.217.217.217
unknown
Spain
210.210.210.210
unknown
Korea Republic of
93.92.79.190
unknown
Italy
71.71.71.71
unknown
United States
107.107.107.107
unknown
United States
123.193.185.103
unknown
Taiwan; Republic of China (ROC)
100.100.100.100
unknown
Reserved
192.171.217.222
unknown
United States
117.226.237.190
unknown
India
72.51.97.102
unknown
Barbados
94.94.94.94
unknown
Italy
73.182.193.146
unknown
United States
67.46.92.97
unknown
United States
168.168.168.168
unknown
United States
55.125.117.35
unknown
United States
141.120.166.171
unknown
Australia
93.93.93.93
unknown
Russian Federation
96.166.158.76
unknown
United States
161.161.161.161
unknown
United States
205.205.205.205
unknown
United States
119.118.105.216
unknown
China
144.214.206.124
unknown
Hong Kong
149.219.211.129
unknown
Germany
61.170.181.134
unknown
China
12.121.132.85
unknown
United States
81.80.67.178
unknown
France
194.173.219.224
unknown
Germany
36.36.36.36
unknown
China
73.73.73.73
unknown
United States
134.243.254.207
unknown
United States
57.56.43.154
unknown
Belgium
74.73.60.171
unknown
United States
There are 90 hidden IPs, click here to show them.

Memdumps

Base Address
Regiontype
Protect
Malicious
55b460c45000
page read and write
7f6e636fd000
page read and write
7f6e636fd000
page read and write
7f6ddc434000
page read and write
55b463cea000
page read and write
55b460c45000
page read and write
7f6e5c000000
page read and write
7f6e5c021000
page read and write
7f6ddc41b000
page execute read
7ffcc3d08000
page read and write
55b462c4d000
page execute and read and write
7f6e63d5d000
page read and write
7f6e63089000
page read and write
7f6ddc434000
page read and write
55b460c4f000
page read and write
7f6e63339000
page read and write
7f6e63a4b000
page read and write
7f6e63a4b000
page read and write
7f6e63c2c000
page read and write
7f6e63d55000
page read and write
55b460c4f000
page read and write
7f6ddc42c000
page read and write
7f6e6307b000
page read and write
7f6e636da000
page read and write
55b462c64000
page read and write
7f6e63d55000
page read and write
7ffcc3d08000
page read and write
7f6e62873000
page read and write
7f6e63da2000
page read and write
7f6e5c000000
page read and write
7f6ddc42c000
page read and write
7ffcc3d55000
page execute read
7f6e62873000
page read and write
55b4609bd000
page execute read
7f6e6371a000
page read and write
55b462c64000
page read and write
7ffcc3d55000
page execute read
7f6e63c2c000
page read and write
7f6e63339000
page read and write
7f6e6371a000
page read and write
55b463cea000
page read and write
7f6e63d5d000
page read and write
7f6ddc41b000
page execute read
7f6e6307b000
page read and write
55b4609bd000
page execute read
7f6e636da000
page read and write
7f6e63089000
page read and write
7f6e5c021000
page read and write
55b462c4d000
page execute and read and write
7f6e63da2000
page read and write
There are 40 hidden memdumps, click here to show them.