IOC Report
205.185.120.123-skid.arm-2024-07-27T10_33_40.elf

loading gif

Processes

Path
Cmdline
Malicious
/tmp/205.185.120.123-skid.arm-2024-07-27T10_33_40.elf
/tmp/205.185.120.123-skid.arm-2024-07-27T10_33_40.elf
/tmp/205.185.120.123-skid.arm-2024-07-27T10_33_40.elf
-
/bin/sh
sh -c "rm -rf bin/busybox && mkdir bin; >bin/busybox && mv /tmp/205.185.120.123-skid.arm-2024-07-27T10_33_40.elf bin/busybox; chmod 777 bin/busybox"
/bin/sh
-
/usr/bin/rm
rm -rf bin/busybox
/bin/sh
-
/usr/bin/mkdir
mkdir bin
/bin/sh
-
/usr/bin/mv
mv /tmp/205.185.120.123-skid.arm-2024-07-27T10_33_40.elf bin/busybox
/bin/sh
-
/usr/bin/chmod
chmod 777 bin/busybox
/tmp/205.185.120.123-skid.arm-2024-07-27T10_33_40.elf
-
/tmp/205.185.120.123-skid.arm-2024-07-27T10_33_40.elf
-
/tmp/205.185.120.123-skid.arm-2024-07-27T10_33_40.elf
-
There are 4 hidden processes, click here to show them.

URLs

Name
IP
Malicious
http://schemas.xmlsoap.org/soap/encoding/
unknown
http://schemas.xmlsoap.org/soap/envelope/
unknown

Domains

Name
IP
Malicious
cnc.gay
92.249.48.34

IPs

IP
Domain
Country
Malicious
197.212.229.1
unknown
Zambia
malicious
156.217.221.202
unknown
Egypt
malicious
197.210.52.190
unknown
Nigeria
126.12.192.229
unknown
Japan
146.207.58.17
unknown
United States
139.83.142.192
unknown
Portugal
41.35.82.70
unknown
Egypt
83.76.95.73
unknown
Switzerland
156.171.58.35
unknown
Egypt
197.39.177.19
unknown
Egypt
156.85.239.98
unknown
United States
156.73.167.202
unknown
United States
185.156.149.33
unknown
Italy
156.197.112.140
unknown
Egypt
41.12.83.196
unknown
South Africa
41.108.83.76
unknown
Algeria
197.2.36.239
unknown
Tunisia
156.89.9.174
unknown
United States
156.228.204.70
unknown
Seychelles
197.106.106.157
unknown
South Africa
156.56.100.70
unknown
United States
197.81.194.156
unknown
South Africa
197.172.190.129
unknown
South Africa
156.5.207.86
unknown
United States
18.117.105.56
unknown
United States
156.38.69.243
unknown
Togo
41.26.72.158
unknown
South Africa
197.53.118.64
unknown
Egypt
41.233.156.43
unknown
Egypt
156.221.56.182
unknown
Egypt
88.10.135.27
unknown
Spain
199.74.8.72
unknown
United States
197.0.175.97
unknown
Tunisia
197.75.183.136
unknown
South Africa
197.202.209.176
unknown
Algeria
156.171.34.83
unknown
Egypt
156.76.161.109
unknown
United States
41.0.209.177
unknown
South Africa
197.187.5.183
unknown
Tanzania United Republic of
197.251.226.254
unknown
Ghana
145.52.29.211
unknown
Netherlands
156.158.196.206
unknown
Tanzania United Republic of
117.70.166.1
unknown
China
155.27.114.65
unknown
United States
71.94.21.195
unknown
United States
197.55.82.103
unknown
Egypt
190.46.230.3
unknown
Chile
41.138.165.98
unknown
Nigeria
197.33.36.81
unknown
Egypt
197.221.56.216
unknown
South Africa
41.82.8.150
unknown
Senegal
197.207.57.231
unknown
Algeria
156.127.92.7
unknown
United States
194.83.172.122
unknown
United Kingdom
93.18.11.69
unknown
France
156.14.19.179
unknown
Italy
37.68.12.139
unknown
France
8.227.226.124
unknown
United States
156.83.249.109
unknown
Netherlands
197.12.78.249
unknown
Tunisia
69.17.178.65
unknown
Canada
156.142.108.190
unknown
United States
197.0.31.230
unknown
Tunisia
41.219.166.68
unknown
Nigeria
203.221.186.18
unknown
Australia
57.29.155.44
unknown
Belgium
41.210.115.174
unknown
unknown
156.22.157.66
unknown
Australia
209.219.125.63
unknown
United States
41.102.102.224
unknown
Algeria
156.85.240.65
unknown
United States
156.241.60.71
unknown
Seychelles
98.110.214.188
unknown
United States
41.10.180.116
unknown
South Africa
197.121.209.139
unknown
Egypt
156.92.15.39
unknown
United States
197.245.175.191
unknown
South Africa
41.203.39.24
unknown
South Africa
156.56.161.60
unknown
United States
156.135.107.247
unknown
Switzerland
156.235.142.198
unknown
Seychelles
200.193.129.18
unknown
Brazil
197.187.29.194
unknown
Tanzania United Republic of
128.52.65.14
unknown
United States
41.237.45.108
unknown
Egypt
197.16.172.186
unknown
Tunisia
41.59.73.62
unknown
Tanzania United Republic of
156.55.40.42
unknown
United States
41.249.64.225
unknown
Morocco
200.187.177.223
unknown
Brazil
41.76.119.102
unknown
South Africa
156.174.55.187
unknown
Egypt
91.228.76.162
unknown
Russian Federation
197.31.187.142
unknown
Tunisia
35.112.5.94
unknown
United States
156.228.188.233
unknown
Seychelles
41.163.232.4
unknown
South Africa
156.184.172.234
unknown
Egypt
73.44.13.1
unknown
United States
41.63.132.229
unknown
Madagascar
There are 90 hidden IPs, click here to show them.

Memdumps

Base Address
Regiontype
Protect
Malicious
7f0e0c029000
page execute read
 malicious
7f0f148b6000
page read and write
7f0f0bfff000
page read and write
7f0f14568000
page read and write
7f0f0c021000
page read and write
560e8fa39000
page execute read
7ffe87379000
page read and write
7f0f13ee6000
page read and write
7f0f142da000
page read and write
560e8fc8a000
page read and write
7f0e0c032000
page read and write
7ffe873fe000
page execute read
7f0f146d4000
page read and write
7f0f14c29000
page read and write
560e93bc9000
page read and write
7f0f136de000
page read and write
7f0e0c035000
page read and write
7f0f14545000
page read and write
7f0f14a97000
page read and write
7f0f13f78000
page read and write
560e91c91000
page execute and read and write
7f0f14be4000
page read and write
7f0f14bc0000
page read and write
560e91ca8000
page read and write
560e8fc93000
page read and write
There are 15 hidden memdumps, click here to show them.