IOC Report
loligang.sh4.elf

loading gif

Processes

Path
Cmdline
Malicious
/tmp/loligang.sh4.elf
/tmp/loligang.sh4.elf
/tmp/loligang.sh4.elf
-
/tmp/loligang.sh4.elf
-
/tmp/loligang.sh4.elf
-
/tmp/loligang.sh4.elf
-
/tmp/loligang.sh4.elf
-
/tmp/loligang.sh4.elf
-

IPs

IP
Domain
Country
Malicious
145.159.244.22
unknown
Netherlands
209.77.183.106
unknown
United States
36.51.99.108
unknown
China
209.197.23.2
unknown
United States
139.226.219.238
unknown
China
180.44.23.101
unknown
Japan
172.242.224.92
unknown
United States
194.62.116.165
unknown
United Kingdom
87.44.85.54
unknown
Ireland
190.132.106.90
unknown
Uruguay
77.25.21.10
unknown
Germany
241.202.238.92
unknown
Reserved
249.41.17.70
unknown
Reserved
152.96.147.80
unknown
Switzerland
24.157.11.101
unknown
United States
159.239.168.53
unknown
United Kingdom
142.119.117.228
unknown
Canada
65.217.170.6
unknown
United States
104.72.108.202
unknown
United States
93.180.197.77
unknown
Ukraine
68.5.229.36
unknown
United States
5.235.138.167
unknown
Iran (ISLAMIC Republic Of)
112.35.121.181
unknown
China
196.178.124.11
unknown
Tunisia
149.156.152.51
unknown
Poland
173.230.62.68
unknown
United States
162.30.8.128
unknown
United States
118.144.216.65
unknown
China
212.160.6.20
unknown
Poland
181.231.197.214
unknown
Argentina
105.15.223.41
unknown
South Africa
218.51.113.144
unknown
Korea Republic of
155.110.130.25
unknown
United States
167.125.41.133
unknown
Canada
12.103.188.228
unknown
United States
17.56.12.74
unknown
United States
57.149.133.181
unknown
Belgium
164.54.141.141
unknown
United States
77.6.119.202
unknown
Germany
244.97.162.132
unknown
Reserved
174.204.84.79
unknown
United States
54.137.103.116
unknown
United States
173.82.220.212
unknown
United States
184.35.240.133
unknown
United States
169.43.150.228
unknown
Switzerland
19.80.173.170
unknown
United States
252.195.185.2
unknown
Reserved
2.53.123.195
unknown
Israel
76.158.7.13
unknown
United States
144.19.145.131
unknown
United States
192.48.153.123
unknown
United States
245.117.6.254
unknown
Reserved
19.96.160.154
unknown
United States
110.41.246.175
unknown
China
45.68.234.28
unknown
unknown
2.141.205.71
unknown
Spain
124.0.64.134
unknown
Korea Republic of
200.51.231.124
unknown
Argentina
121.36.176.226
unknown
China
117.53.241.13
unknown
Korea Republic of
109.245.66.114
unknown
Serbia
69.142.36.81
unknown
United States
73.5.100.109
unknown
United States
81.53.6.175
unknown
France
216.236.214.226
unknown
United States
117.76.116.108
unknown
China
31.219.176.50
unknown
United Arab Emirates
98.195.172.139
unknown
United States
169.40.32.60
unknown
United States
117.174.40.99
unknown
China
156.222.129.34
unknown
Egypt
188.232.219.220
unknown
Russian Federation
64.252.106.176
unknown
United States
243.80.203.178
unknown
Reserved
178.37.151.227
unknown
Poland
115.69.13.69
unknown
Australia
190.12.131.97
unknown
Colombia
162.158.254.178
unknown
United States
125.212.134.177
unknown
Viet Nam
74.197.200.244
unknown
United States
151.138.242.113
unknown
United States
242.209.214.29
unknown
Reserved
197.248.162.96
unknown
Kenya
205.150.31.254
unknown
United States
241.70.159.117
unknown
Reserved
182.81.96.196
unknown
China
160.101.255.200
unknown
United States
170.142.153.234
unknown
United States
86.230.56.101
unknown
France
99.233.65.136
unknown
Canada
111.200.104.170
unknown
China
176.218.165.64
unknown
Turkey
123.163.227.84
unknown
China
105.70.157.127
unknown
Morocco
73.150.3.34
unknown
United States
58.184.195.212
unknown
Korea Republic of
203.86.105.40
unknown
China
82.154.64.187
unknown
Portugal
170.232.43.114
unknown
United States
240.7.198.245
unknown
Reserved
There are 90 hidden IPs, click here to show them.

Memdumps

Base Address
Regiontype
Protect
Malicious
7fb60c410000
page execute read
malicious
7fb60c410000
page execute read
malicious
7fb60c410000
page execute read
malicious
55f9aa130000
page execute read
55f9ac363000
page read and write
7ffdc2912000
page read and write
55f9aca41000
page read and write
55f9ac363000
page read and write
55f9aa346000
page read and write
7fb692752000
page read and write
7fb691f4f000
page read and write
7fb68c000000
page read and write
7fb69324a000
page read and write
7fb69324a000
page read and write
7fb692752000
page read and write
7ffdc29de000
page execute read
7fb692db1000
page read and write
55f9aa34e000
page read and write
7fb692760000
page read and write
55f9aa34e000
page read and write
7ffdc2912000
page read and write
55f9aca41000
page read and write
7fb693252000
page read and write
7fb693297000
page read and write
7fb691f4f000
page read and write
7fb693121000
page read and write
7fb60c412000
page read and write
55f9aa130000
page execute read
7fb693252000
page read and write
55f9aa346000
page read and write
55f9ac34c000
page execute and read and write
7fb692dd6000
page read and write
7fb692dd6000
page read and write
7ffdc29de000
page execute read
7fb60c411000
page read and write
7fb692dd6000
page read and write
7fb692760000
page read and write
55f9aa130000
page execute read
55f9ac363000
page read and write
7fb693121000
page read and write
55f9aca41000
page read and write
7fb60c412000
page read and write
7fb69324a000
page read and write
55f9ac34c000
page execute and read and write
7fb692db1000
page read and write
7fb6929ef000
page read and write
7fb60c412000
page read and write
7fb693121000
page read and write
7fb68c021000
page read and write
7fb68c000000
page read and write
7fb692752000
page read and write
7fb68c000000
page read and write
7fb692db1000
page read and write
7fb68c021000
page read and write
7fb60c411000
page read and write
7fb6929ef000
page read and write
7fb692760000
page read and write
7fb6929ef000
page read and write
55f9aa346000
page read and write
7fb691f4f000
page read and write
7ffdc2912000
page read and write
7fb68c021000
page read and write
7fb60c411000
page read and write
7ffdc29de000
page execute read
7fb693252000
page read and write
55f9ac34c000
page execute and read and write
55f9aa34e000
page read and write
7fb693297000
page read and write
7fb693297000
page read and write
There are 59 hidden memdumps, click here to show them.