IOC Report
205.185.120.123-skid.m68k-2024-07-27T10_33_18.elf

loading gif

Processes

Path
Cmdline
Malicious
/tmp/205.185.120.123-skid.m68k-2024-07-27T10_33_18.elf
/tmp/205.185.120.123-skid.m68k-2024-07-27T10_33_18.elf
/tmp/205.185.120.123-skid.m68k-2024-07-27T10_33_18.elf
-
/bin/sh
sh -c "rm -rf bin/systemd && mkdir bin; >bin/systemd && mv /tmp/205.185.120.123-skid.m68k-2024-07-27T10_33_18.elf bin/systemd; chmod 777 bin/systemd"
/bin/sh
-
/usr/bin/rm
rm -rf bin/systemd
/bin/sh
-
/usr/bin/mkdir
mkdir bin
/bin/sh
-
/usr/bin/mv
mv /tmp/205.185.120.123-skid.m68k-2024-07-27T10_33_18.elf bin/systemd
/bin/sh
-
/usr/bin/chmod
chmod 777 bin/systemd
/tmp/205.185.120.123-skid.m68k-2024-07-27T10_33_18.elf
-
/tmp/205.185.120.123-skid.m68k-2024-07-27T10_33_18.elf
-
/tmp/205.185.120.123-skid.m68k-2024-07-27T10_33_18.elf
-
There are 4 hidden processes, click here to show them.

URLs

Name
IP
Malicious
http://schemas.xmlsoap.org/soap/encoding/
unknown
http://schemas.xmlsoap.org/soap/envelope/
unknown

Domains

Name
IP
Malicious
cnc.gay
92.249.48.34

IPs

IP
Domain
Country
Malicious
197.196.64.245
unknown
Egypt
malicious
197.167.97.220
unknown
Egypt
malicious
68.146.32.213
unknown
Canada
41.56.231.161
unknown
South Africa
197.226.240.68
unknown
Mauritius
95.130.142.125
unknown
Italy
41.226.118.97
unknown
Tunisia
156.219.41.117
unknown
Egypt
156.85.117.236
unknown
United States
197.46.154.39
unknown
Egypt
41.14.238.21
unknown
South Africa
41.254.28.128
unknown
Libyan Arab Jamahiriya
197.96.173.20
unknown
South Africa
197.157.174.243
unknown
Rwanda
119.229.48.45
unknown
Japan
23.231.236.170
unknown
United States
41.82.47.209
unknown
Senegal
41.211.25.139
unknown
Ghana
156.100.79.234
unknown
United States
197.175.183.156
unknown
South Africa
63.58.53.28
unknown
United States
197.77.91.144
unknown
South Africa
156.242.206.55
unknown
Seychelles
71.248.46.104
unknown
United States
133.252.162.125
unknown
Japan
156.177.147.133
unknown
Egypt
197.158.252.125
unknown
Seychelles
156.171.58.16
unknown
Egypt
171.87.219.24
unknown
China
197.157.174.235
unknown
Rwanda
41.240.109.237
unknown
Sudan
197.243.212.153
unknown
Namibia
197.221.108.131
unknown
South Africa
41.82.47.237
unknown
Senegal
41.124.253.218
unknown
South Africa
219.206.62.227
unknown
Japan
156.58.152.250
unknown
Austria
156.19.217.37
unknown
United States
41.37.179.60
unknown
Egypt
156.55.88.62
unknown
United States
143.2.19.14
unknown
United States
41.8.13.54
unknown
South Africa
209.108.192.139
unknown
United States
41.64.233.32
unknown
Egypt
135.53.204.36
unknown
United States
41.87.149.96
unknown
Morocco
156.70.138.43
unknown
United States
165.182.16.3
unknown
Chile
167.191.41.96
unknown
United States
41.133.99.100
unknown
South Africa
145.6.54.147
unknown
Netherlands
197.123.148.71
unknown
Egypt
156.24.5.94
unknown
United States
197.224.88.153
unknown
Mauritius
156.5.232.41
unknown
United States
197.197.89.77
unknown
Egypt
197.76.64.249
unknown
South Africa
156.109.132.172
unknown
United States
158.14.229.167
unknown
United States
197.216.246.218
unknown
Angola
156.207.57.169
unknown
Egypt
41.122.162.186
unknown
South Africa
156.99.129.37
unknown
United States
197.149.160.104
unknown
South Africa
70.37.31.42
unknown
United States
197.117.143.1
unknown
Algeria
38.251.88.84
unknown
United States
51.121.20.135
unknown
United States
41.71.43.172
unknown
South Africa
197.225.3.135
unknown
Mauritius
156.235.142.170
unknown
Seychelles
197.129.235.71
unknown
Morocco
77.92.41.90
unknown
Poland
137.201.125.115
unknown
United States
156.208.152.29
unknown
Egypt
156.227.1.1
unknown
Seychelles
41.209.184.232
unknown
unknown
197.213.217.179
unknown
Zambia
197.216.21.106
unknown
Angola
75.58.55.44
unknown
United States
156.235.217.68
unknown
Seychelles
41.49.106.208
unknown
South Africa
156.102.62.23
unknown
United States
156.71.93.205
unknown
United States
156.58.204.174
unknown
Austria
150.22.167.194
unknown
Japan
156.196.4.24
unknown
Egypt
41.37.179.85
unknown
Egypt
156.103.193.132
unknown
United States
41.164.154.148
unknown
South Africa
156.165.149.202
unknown
Egypt
41.54.127.2
unknown
South Africa
112.245.212.155
unknown
China
156.9.104.160
unknown
United States
95.255.197.22
unknown
Italy
156.199.251.154
unknown
Egypt
197.41.93.115
unknown
Egypt
76.144.6.176
unknown
United States
197.75.183.101
unknown
South Africa
197.204.101.34
unknown
Algeria
There are 90 hidden IPs, click here to show them.

Memdumps

Base Address
Regiontype
Protect
Malicious
7f0a70014000
page execute read
 malicious
55de19262000
page execute read
7f0af786f000
page read and write
7f0af7d10000
page read and write
7f0af74ad000
page read and write
7ffcfa5f9000
page execute read
7f0af7bdf000
page read and write
55de1ca38000
page read and write
55de19494000
page read and write
7f0a70016000
page read and write
7f0af0021000
page read and write
7f0af7d55000
page read and write
7f0a70019000
page read and write
55de1b531000
page read and write
55de1b49a000
page execute and read and write
7f0af7210000
page read and write
7f0af721e000
page read and write
7ffcfa519000
page read and write
7f0af0000000
page read and write
7f0af7d08000
page read and write
55de1949c000
page read and write
7f0af6a0d000
page read and write
7f0af7894000
page read and write
There are 13 hidden memdumps, click here to show them.