Automated Malware Analysis IOC Report for

Processes

Path

Cmdline

Malicious

/tmp/main_sh4.elf

IPs

Domain

Country

Malicious

185.125.190.26

unknown

United Kingdom

Details

IP:	185.125.190.26
TargetID:	-1
Country:	United Kingdom
Countrycode:	GBR
ASN number:	41231
ASN name:	CANONICAL-ASGB
Private:	false

Signature Hits	Behavior Group	Mitre Attack
Tries to connect to HTTP servers, but all servers are down (expired dropper behavior)	Networking
Connects to IPs without corresponding DNS lookups	Networking

Memdumps

Base Address

Regiontype

Protect

Malicious

7f22cc418000

page execute read

7f2351d47000

page read and write

7f22cc433000

page read and write

7f2352839000

page read and write

7f2351d39000

page read and write

5625cd895000

page read and write

7ffeddf81000

page execute read

7f2352831000

page read and write

7f235287e000

page read and write

5625cd88d000

page read and write

7ffeddf7b000

page read and write

7f2352708000

page read and write

7f2351fd6000

page read and write

5625cf893000

page execute and read and write

7f22cc42d000

page read and write

5625cf8aa000

page read and write

5625cd677000

page execute read

7f234c021000

page read and write

5625d0e92000

page read and write

7f23523bd000

page read and write

7f234c000000

page read and write

7f2352398000

page read and write

7f2351536000

page read and write

There are 13 hidden memdumps, click here to show them.

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

IOC Report
main_sh4.elf

Processes

IPs

Memdumps

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

IOC Reportmain_sh4.elf

Processes

IPs

Memdumps

IOC Report
main_sh4.elf