IOC Report
spc.elf

loading gif

Processes

Path
Cmdline
Malicious
/usr/bin/dash
-
/usr/bin/rm
rm -f /tmp/tmp.Alc5Eqx4Lp /tmp/tmp.LMNRnu9usF /tmp/tmp.qdWjTjRFP6
/usr/bin/dash
-
/usr/bin/rm
rm -f /tmp/tmp.Alc5Eqx4Lp /tmp/tmp.LMNRnu9usF /tmp/tmp.qdWjTjRFP6
/tmp/spc.elf
/tmp/spc.elf
/tmp/spc.elf
-

URLs

Name
IP
Malicious
https://www.youtube.ru/watch?v=OGp9P6QvMjYmb0V2dy9yai5Waid3bwRWZulmLvNQbAAABCDEFGHIJKLMNOPQRSTUVWXYZ
unknown
http://87.120.116.226
unknown
https://www.youtube.ru/watch?v=OGp9P6QvMjY
unknown

IPs

IP
Domain
Country
Malicious
85.239.34.134
unknown
Russian Federation
109.202.202.202
unknown
Switzerland
91.189.91.43
unknown
United Kingdom
91.189.91.42
unknown
United Kingdom

Memdumps

Base Address
Regiontype
Protect
Malicious
7f754802c000
page read and write
7f764ee71000
page read and write
7f764f963000
page read and write
7f764f4c2000
page read and write
7f764f100000
page read and write
7f7548029000
page read and write
7f764f9a8000
page read and write
7f764f4e7000
page read and write
7ffc327fe000
page execute read
7f764f95b000
page read and write
558398dfc000
page read and write
558397e72000
page read and write
7f7548027000
page execute read
558395e5d000
page read and write
7f764e660000
page read and write
7f7648000000
page read and write
558395c26000
page execute read
558397e5b000
page execute and read and write
558395e54000
page read and write
7f764ee63000
page read and write
7f7648021000
page read and write
7f764f832000
page read and write
7ffc32788000
page read and write
There are 13 hidden memdumps, click here to show them.