Automated Malware Analysis IOC Report for

Processes

Path

Cmdline

Malicious

/tmp/mCR2IJsjgy.elf

IPs

Domain

Country

Malicious

95.164.4.65

unknown

Gibraltar

Details

IP:	95.164.4.65
TargetID:	-1
Country:	Gibraltar
Countrycode:	GIB
ASN number:	29632
ASN name:	NASSIST-ASGI
Private:	false

Signature Hits	Behavior Group	Mitre Attack
Detected TCP or UDP traffic on non-standard ports	Networking	Non-Standard Port
Connects to IPs without corresponding DNS lookups	Networking

Memdumps

Base Address

Regiontype

Protect

Malicious

ffb1a000

page read and write

f7f17000

page execute read

8055000

page read and write

ffb1a000

page read and write

ffb1a000

page read and write

8c6d000

page read and write

8054000

page execute read

8054000

page execute read

8c6d000

page read and write

8054000

page execute read

8c6d000

page read and write

f7f17000

page execute read

8055000

page read and write

f7f17000

page execute read

8055000

page read and write

There are 5 hidden memdumps, click here to show them.

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

IOC Report
mCR2IJsjgy.elf

Processes

IPs

Memdumps

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

IOC ReportmCR2IJsjgy.elf

Processes

IPs

Memdumps

IOC Report
mCR2IJsjgy.elf