IOC Report
205.185.120.123-skid.arm5-2024-07-27T10_33_41.elf

loading gif

Processes

Path
Cmdline
Malicious
/tmp/205.185.120.123-skid.arm5-2024-07-27T10_33_41.elf
/tmp/205.185.120.123-skid.arm5-2024-07-27T10_33_41.elf
/tmp/205.185.120.123-skid.arm5-2024-07-27T10_33_41.elf
-
/bin/sh
sh -c "rm -rf bin/watchdog && mkdir bin; >bin/watchdog && mv /tmp/205.185.120.123-skid.arm5-2024-07-27T10_33_41.elf bin/watchdog; chmod 777 bin/watchdog"
/bin/sh
-
/usr/bin/rm
rm -rf bin/watchdog
/bin/sh
-
/usr/bin/mkdir
mkdir bin
/bin/sh
-
/usr/bin/mv
mv /tmp/205.185.120.123-skid.arm5-2024-07-27T10_33_41.elf bin/watchdog
/bin/sh
-
/usr/bin/chmod
chmod 777 bin/watchdog
/tmp/205.185.120.123-skid.arm5-2024-07-27T10_33_41.elf
-
/tmp/205.185.120.123-skid.arm5-2024-07-27T10_33_41.elf
-
/tmp/205.185.120.123-skid.arm5-2024-07-27T10_33_41.elf
-
There are 4 hidden processes, click here to show them.

URLs

Name
IP
Malicious
http://schemas.xmlsoap.org/soap/encoding/
unknown
http://schemas.xmlsoap.org/soap/envelope/
unknown

Domains

Name
IP
Malicious
cnc.gay
92.249.48.34

IPs

IP
Domain
Country
Malicious
41.140.123.186
unknown
Morocco
malicious
197.2.121.102
unknown
Tunisia
malicious
177.119.163.111
unknown
Brazil
156.67.60.47
unknown
Spain
41.234.96.237
unknown
Egypt
197.163.98.182
unknown
Egypt
156.144.112.179
unknown
United States
197.243.212.131
unknown
Namibia
41.203.39.90
unknown
South Africa
197.248.19.138
unknown
Kenya
197.89.196.11
unknown
South Africa
156.146.78.78
unknown
United States
197.128.81.61
unknown
Morocco
197.177.27.55
unknown
Kenya
156.102.13.61
unknown
United States
41.138.165.76
unknown
Nigeria
156.7.73.29
unknown
United States
41.183.176.214
unknown
South Africa
38.155.215.91
unknown
United States
41.44.233.231
unknown
Egypt
156.143.170.175
unknown
United States
187.247.165.56
unknown
Mexico
126.54.236.132
unknown
Japan
156.189.23.163
unknown
Egypt
48.82.25.35
unknown
United States
41.183.48.204
unknown
South Africa
41.214.134.112
unknown
Morocco
41.102.91.4
unknown
Algeria
151.18.128.229
unknown
Italy
41.71.222.23
unknown
Nigeria
41.133.87.49
unknown
South Africa
1.197.1.111
unknown
China
41.19.159.195
unknown
South Africa
34.249.19.112
unknown
United States
156.253.103.113
unknown
Seychelles
156.112.197.139
unknown
United States
197.214.155.162
unknown
Congo
120.174.109.233
unknown
Indonesia
197.30.202.30
unknown
Tunisia
41.90.0.230
unknown
Kenya
90.17.221.80
unknown
France
156.112.197.159
unknown
United States
197.144.26.151
unknown
Morocco
178.114.228.12
unknown
Austria
216.227.169.214
unknown
United States
134.92.135.252
unknown
Germany
41.64.49.101
unknown
Egypt
197.223.37.13
unknown
Egypt
197.171.128.132
unknown
South Africa
41.3.198.108
unknown
South Africa
128.84.240.221
unknown
United States
156.196.169.216
unknown
Egypt
156.124.58.166
unknown
United States
156.20.255.237
unknown
United States
156.18.227.189
unknown
France
41.248.235.194
unknown
Morocco
156.238.223.161
unknown
Seychelles
118.174.109.88
unknown
Thailand
156.232.61.137
unknown
Seychelles
41.22.129.240
unknown
South Africa
41.64.49.112
unknown
Egypt
142.204.124.47
unknown
Canada
156.178.213.187
unknown
Egypt
141.228.9.60
unknown
United Kingdom
148.243.205.100
unknown
Mexico
156.99.130.37
unknown
United States
65.216.89.20
unknown
United States
58.93.35.60
unknown
Japan
41.214.134.157
unknown
Morocco
197.5.249.132
unknown
Tunisia
98.189.161.39
unknown
United States
156.199.251.157
unknown
Egypt
197.7.117.253
unknown
Tunisia
41.107.146.240
unknown
Algeria
96.79.229.58
unknown
United States
156.201.202.94
unknown
Egypt
9.103.155.226
unknown
United States
41.177.92.82
unknown
South Africa
156.201.226.64
unknown
Egypt
197.93.95.193
unknown
South Africa
197.140.15.209
unknown
Algeria
57.157.183.84
unknown
Belgium
197.220.254.147
unknown
Zambia
204.39.63.201
unknown
United States
136.116.206.248
unknown
United States
140.226.67.248
unknown
United States
156.181.96.194
unknown
Egypt
71.71.155.134
unknown
United States
156.207.57.191
unknown
Egypt
41.194.29.18
unknown
South Africa
147.115.17.218
unknown
United States
156.240.33.231
unknown
Seychelles
121.197.213.94
unknown
China
41.155.197.158
unknown
Egypt
198.226.239.158
unknown
United States
121.16.90.106
unknown
China
40.41.25.55
unknown
United States
153.110.102.119
unknown
Norway
197.63.6.234
unknown
Egypt
41.195.124.69
unknown
South Africa
There are 90 hidden IPs, click here to show them.

Memdumps

Base Address
Regiontype
Protect
Malicious
7f3438028000
page execute read
 malicious
7f353e2ae000
page read and write
7f3438031000
page read and write
55a8c9853000
page execute and read and write
7f353f138000
page read and write
7f353f7f9000
page read and write
7f353f115000
page read and write
7f353eb48000
page read and write
7f353f790000
page read and write
55a8cae08000
page read and write
7ffeb69ad000
page execute read
7f3438034000
page read and write
7f353f486000
page read and write
7f353f667000
page read and write
7f3537fff000
page read and write
7f3538021000
page read and write
55a8c75fb000
page execute read
7f353f2a4000
page read and write
7ffeb6939000
page read and write
55a8c7855000
page read and write
55a8c784c000
page read and write
7f353eeaa000
page read and write
55a8c986a000
page read and write
7f353f7b4000
page read and write
7f353eab6000
page read and write
There are 15 hidden memdumps, click here to show them.