IOC Report
arm.elf

loading gif

Processes

Path
Cmdline
Malicious
/usr/bin/dash
-
/usr/bin/rm
rm -f /tmp/tmp.A0DVW5CD1Y /tmp/tmp.mDfWdf8Ovw /tmp/tmp.wEGxSmEwZp
/usr/bin/dash
-
/usr/bin/rm
rm -f /tmp/tmp.A0DVW5CD1Y /tmp/tmp.mDfWdf8Ovw /tmp/tmp.wEGxSmEwZp
/tmp/arm.elf
/tmp/arm.elf
/tmp/arm.elf
-

URLs

Name
IP
Malicious
https://www.youtube.ru/watch?v=OGp9P6QvMjYmb0V2dy9yai5Waid3bwRWZulmLvNQbAAABCDEFGHIJKLMNOPQRSTUVWXYZ
unknown
http://87.120.116.226
unknown
https://www.youtube.ru/watch?v=OGp9P6QvMjY
unknown

Domains

Name
IP
Malicious
daisy.ubuntu.com
162.213.35.24

IPs

IP
Domain
Country
Malicious
85.239.34.134
unknown
Russian Federation

Memdumps

Base Address
Regiontype
Protect
Malicious
7f1f74c8c000
page read and write
7f1f75370000
page read and write
7f1f73e25000
page read and write
7f1f746bf000
page read and write
7f1f751de000
page read and write
7f1f6bfff000
page read and write
7f1f74ffd000
page read and write
7f1f7532b000
page read and write
7f1f75307000
page read and write
7f1f7462d000
page read and write
557c200cb000
page execute and read and write
7ffda5fea000
page execute read
557c1e0c4000
page read and write
7f1f74e1b000
page read and write
557c1de73000
page execute read
557c1e0cd000
page read and write
7f1f74a21000
page read and write
557c20640000
page read and write
7f1e6c02e000
page read and write
7f1f6c021000
page read and write
7f1e6c02b000
page execute read
7f1f74caf000
page read and write
7f1e6c02c000
page read and write
557c200e2000
page read and write
7ffda5fb7000
page read and write
There are 15 hidden memdumps, click here to show them.