Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
la.bot.powerpc.elf
|
ELF 32-bit MSB executable, PowerPC or cisco 4500, version 1 (SYSV), statically linked, stripped
|
initial sample
|
 |
|
|
/heavens.txt
|
ASCII text, with no line terminators
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
/tmp/la.bot.powerpc.elf
|
/tmp/la.bot.powerpc.elf
|
||
|
/tmp/la.bot.powerpc.elf
|
-
|
||
|
/tmp/la.bot.powerpc.elf
|
-
|
||
|
/tmp/la.bot.powerpc.elf
|
-
|
||
|
/tmp/la.bot.powerpc.elf
|
-
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http:///wget.sh
|
unknown
|
||
|
http:///curl.sh
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
140.205.249.223
|
unknown
|
China
|
||
|
101.56.17.221
|
unknown
|
Italy
|
||
|
116.25.69.9
|
unknown
|
China
|
||
|
26.191.170.188
|
unknown
|
United States
|
||
|
82.151.247.105
|
unknown
|
United Kingdom
|
||
|
200.191.86.131
|
unknown
|
Brazil
|
||
|
221.43.108.183
|
unknown
|
Japan
|
||
|
78.197.112.252
|
unknown
|
France
|
||
|
54.195.91.95
|
unknown
|
United States
|
||
|
92.76.80.188
|
unknown
|
Germany
|
||
|
202.254.64.180
|
unknown
|
Japan
|
||
|
65.138.243.214
|
unknown
|
United States
|
||
|
91.109.52.78
|
unknown
|
Italy
|
||
|
205.73.21.205
|
unknown
|
United States
|
||
|
78.175.184.232
|
unknown
|
Turkey
|
||
|
92.135.106.135
|
unknown
|
France
|
||
|
30.62.200.168
|
unknown
|
United States
|
||
|
182.173.87.15
|
unknown
|
Korea Republic of
|
||
|
33.48.27.156
|
unknown
|
United States
|
||
|
95.226.2.252
|
unknown
|
Italy
|
||
|
184.80.6.91
|
unknown
|
United States
|
||
|
157.81.194.129
|
unknown
|
unknown
|
||
|
22.167.11.170
|
unknown
|
United States
|
||
|
192.134.98.133
|
unknown
|
France
|
||
|
112.61.27.64
|
unknown
|
China
|
||
|
201.14.39.250
|
unknown
|
Brazil
|
||
|
93.84.246.139
|
unknown
|
Belarus
|
||
|
133.225.93.171
|
unknown
|
Japan
|
||
|
96.41.51.111
|
unknown
|
United States
|
||
|
208.135.120.196
|
unknown
|
United States
|
||
|
90.98.55.30
|
unknown
|
France
|
||
|
73.4.215.46
|
unknown
|
United States
|
||
|
165.186.137.23
|
unknown
|
Korea Republic of
|
||
|
192.126.232.55
|
unknown
|
United States
|
||
|
68.129.200.113
|
unknown
|
United States
|
||
|
9.59.21.224
|
unknown
|
United States
|
||
|
175.228.72.22
|
unknown
|
Korea Republic of
|
||
|
151.121.36.144
|
unknown
|
United States
|
||
|
75.105.215.12
|
unknown
|
United States
|
||
|
193.246.174.77
|
unknown
|
Iran (ISLAMIC Republic Of)
|
||
|
141.250.83.243
|
unknown
|
Italy
|
||
|
124.125.94.131
|
unknown
|
India
|
||
|
192.58.171.238
|
unknown
|
United States
|
||
|
29.155.104.208
|
unknown
|
United States
|
||
|
95.202.225.248
|
unknown
|
Sweden
|
||
|
157.155.80.218
|
unknown
|
Australia
|
||
|
197.85.31.66
|
unknown
|
South Africa
|
||
|
86.63.55.115
|
unknown
|
United Kingdom
|
||
|
159.66.123.72
|
unknown
|
United States
|
||
|
130.170.59.97
|
unknown
|
United States
|
||
|
150.36.74.100
|
unknown
|
Japan
|
||
|
133.176.55.105
|
unknown
|
Japan
|
||
|
93.59.41.73
|
unknown
|
Italy
|
||
|
115.116.191.68
|
unknown
|
India
|
||
|
206.168.60.48
|
unknown
|
United States
|
||
|
147.141.231.255
|
unknown
|
United States
|
||
|
33.16.102.242
|
unknown
|
United States
|
||
|
133.69.213.53
|
unknown
|
Japan
|
||
|
130.173.72.145
|
unknown
|
United States
|
||
|
156.221.98.41
|
unknown
|
Egypt
|
||
|
42.37.186.119
|
unknown
|
Korea Republic of
|
||
|
87.162.79.7
|
unknown
|
Germany
|
||
|
180.83.214.205
|
unknown
|
Korea Republic of
|
||
|
180.118.57.68
|
unknown
|
China
|
||
|
38.13.6.121
|
unknown
|
United States
|
||
|
33.86.51.28
|
unknown
|
United States
|
||
|
157.178.115.199
|
unknown
|
United States
|
||
|
22.207.81.225
|
unknown
|
United States
|
||
|
117.65.39.195
|
unknown
|
China
|
||
|
136.46.83.42
|
unknown
|
United States
|
||
|
180.226.90.203
|
unknown
|
Korea Republic of
|
||
|
118.37.104.165
|
unknown
|
Korea Republic of
|
||
|
205.255.82.237
|
unknown
|
United States
|
||
|
69.153.86.28
|
unknown
|
United States
|
||
|
152.173.144.30
|
unknown
|
Chile
|
||
|
33.179.168.112
|
unknown
|
United States
|
||
|
56.227.127.219
|
unknown
|
United States
|
||
|
45.192.33.233
|
unknown
|
Seychelles
|
||
|
186.34.166.39
|
unknown
|
Chile
|
||
|
82.177.91.71
|
unknown
|
Poland
|
||
|
165.176.207.131
|
unknown
|
United States
|
||
|
190.111.104.150
|
unknown
|
unknown
|
||
|
102.209.40.154
|
unknown
|
unknown
|
||
|
79.9.34.186
|
unknown
|
Italy
|
||
|
50.210.11.58
|
unknown
|
United States
|
||
|
34.208.219.63
|
unknown
|
United States
|
||
|
54.118.236.92
|
unknown
|
United States
|
||
|
206.254.201.227
|
unknown
|
United States
|
||
|
131.178.67.89
|
unknown
|
Mexico
|
||
|
86.76.211.192
|
unknown
|
France
|
||
|
123.61.217.215
|
unknown
|
China
|
||
|
76.205.45.40
|
unknown
|
United States
|
||
|
204.232.0.152
|
unknown
|
United States
|
||
|
56.226.39.9
|
unknown
|
United States
|
||
|
54.186.117.29
|
unknown
|
United States
|
||
|
57.206.154.65
|
unknown
|
Belgium
|
||
|
153.158.210.89
|
unknown
|
Japan
|
||
|
115.63.194.143
|
unknown
|
China
|
||
|
175.128.169.170
|
unknown
|
Japan
|
||
|
189.156.251.245
|
unknown
|
Mexico
|
There are 90 hidden IPs, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
7f02b8016000
|
page execute read
|
|
||
|
556485722000
|
page read and write
|
|||
|
7f03b0147000
|
page read and write
|
|||
|
7f03afcae000
|
page read and write
|
|||
|
7f03b0194000
|
page read and write
|
|||
|
556485497000
|
page execute read
|
|||
|
7f03af65d000
|
page read and write
|
|||
|
7f03aee4c000
|
page read and write
|
|||
|
7f02b8027000
|
page read and write
|
|||
|
7f03a8021000
|
page read and write
|
|||
|
7f03b014f000
|
page read and write
|
|||
|
556487830000
|
page read and write
|
|||
|
7ffd70a3d000
|
page read and write
|
|||
|
55648571a000
|
page read and write
|
|||
|
7ffd70a9e000
|
page execute read
|
|||
|
7f03af8ec000
|
page read and write
|
|||
|
7f03afcd3000
|
page read and write
|
|||
|
7f03af64f000
|
page read and write
|
|||
|
556487720000
|
page execute and read and write
|
|||
|
7f03b001e000
|
page read and write
|
|||
|
7f02b8030000
|
page read and write
|
|||
|
7f03a8000000
|
page read and write
|
|||
|
556487736000
|
page read and write
|
There are 13 hidden memdumps, click here to show them.