IOC Report

FilesProcessesIPs105432Label

Files

File Path
Type
Category
Malicious
Download
rijsTqU0If
ELF 32-bit MSB executable, MIPS, MIPS-I version 1 (SYSV), statically linked, stripped
initial sample
malicious download
/tmp/qemu-open.FkwII2 (deleted)
ASCII text, with no line terminators
dropped
clean download
/tmp/qemu-open.l72D7Z (deleted)
ASCII text, with no line terminators
dropped
clean download
/tmp/qemu-open.mWC470 (deleted)
ASCII text, with no line terminators
dropped
clean download
/tmp/qemu-open.zQV7X2 (deleted)
ASCII text, with no line terminators
dropped
clean download

Processes

Path
Cmdline
Malicious
/tmp/rijsTqU0If
/tmp/rijsTqU0If
clean
/tmp/rijsTqU0If
n/a
clean
/tmp/rijsTqU0If
n/a
clean

IPs

IP
Domain
Country
Malicious
14.245.169.210
unknown
Viet Nam
clean
45.95.169.120
unknown
Croatia (LOCAL Name: Hrvatska)
clean
109.202.202.202
unknown
Switzerland
clean
91.189.91.43
unknown
United Kingdom
clean
91.189.91.42
unknown
United Kingdom
clean