IOC Report
efea6.elf

Processes

Path

Cmdline

Malicious

/tmp/efea6.elf

/tmp/efea6.elf

Domains

Name

IP

Malicious

daisy.ubuntu.com

162.213.35.25

Details

Name:	daisy.ubuntu.com
IP:	162.213.35.25
TargetID:	-1
Active:	true
Reputation:	high

Signature Hits	Behavior Group	Mitre Attack
Performs DNS lookups	Networking	Application Layer Protocol Non-Application Layer Protocol

Memdumps

Base Address

Regiontype

Protect

Malicious

Download

7f9b90048000

page read and write

7f9c95b33000

page read and write

55a271a9b000

page read and write

55a271aa4000

page read and write

7f9c94ec7000

page read and write

7f9b9003c000

page execute read

55a274a20000

page read and write

7f9c95b0f000

page read and write

7ffd6f431000

page read and write

7ffd6f4c6000

page execute read

7f9c95494000

page read and write

7f9c954b7000

page read and write

7f9b90055000

page read and write

55a27184a000

page execute read

55a273aa2000

page execute and read and write

7f9c95623000

page read and write

7f9c95b78000

page read and write

55a273ab9000

page read and write

7f9c8ffff000

page read and write

7f9c94e35000

page read and write

7f9c95229000

page read and write

7f9c90021000

page read and write

7f9c95805000

page read and write

7f9c9462d000

page read and write

7f9c959e6000

page read and write

There are 15 hidden memdumps, click here to show them.