IOC Report

loading gif

Files

File Path
Type
Category
Malicious
Hilix.arm
ELF 32-bit LSB executable, ARM, version 1 (ARM), statically linked, stripped
initial sample
 malicious
/proc/5290/oom_score_adj
ASCII text
dropped
 clean
/proc/5405/oom_score_adj
ASCII text
dropped
 clean
/proc/5409/oom_score_adj
ASCII text
dropped
 clean
/run/sshd.pid
ASCII text
dropped
 clean

Processes

Path
Cmdline
Malicious
/tmp/Hilix.arm
/tmp/Hilix.arm
 clean
/tmp/Hilix.arm
n/a
 clean
/tmp/Hilix.arm
n/a
 clean
/tmp/Hilix.arm
n/a
 clean
/tmp/Hilix.arm
n/a
 clean
/tmp/Hilix.arm
n/a
 clean
/tmp/Hilix.arm
n/a
 clean
/tmp/Hilix.arm
n/a
 clean
/tmp/Hilix.arm
n/a
 clean
/usr/lib/systemd/systemd
n/a
 clean
/usr/sbin/sshd
/usr/sbin/sshd -t
 clean
/usr/lib/systemd/systemd
n/a
 clean
/usr/sbin/sshd
/usr/sbin/sshd -D
 clean
/usr/lib/systemd/systemd
n/a
 clean
/usr/sbin/sshd
/usr/sbin/sshd -t
 clean
/usr/lib/systemd/systemd
n/a
 clean
/usr/sbin/sshd
/usr/sbin/sshd -D
 clean
/usr/lib/systemd/systemd
n/a
 clean
/usr/sbin/sshd
/usr/sbin/sshd -t
 clean
/usr/lib/systemd/systemd
n/a
 clean
/usr/sbin/sshd
/usr/sbin/sshd -D
 clean
There are 11 hidden processes, click here to show them.

URLs

Name
IP
Malicious
http://127.0.0.1:52869/picdesc.xml
91.78.98.43
 malicious
http://37.0.9.202/bins/Hilix.mips
unknown
 malicious
http://127.0.0.1:52869/wanipcn.xml
91.78.98.43
 malicious
http://schemas.xmlsoap.org/soap/encoding/
unknown
 clean
http://schemas.xmlsoap.org/soap/envelope/
unknown
 clean

IPs

IP
Domain
Country
Malicious
45.104.67.34
unknown
Egypt
clean
185.119.218.5
unknown
Czech Republic
clean
91.52.65.178
unknown
Germany
clean
45.128.22.52
unknown
Denmark
clean
219.56.220.39
unknown
Japan
clean
156.49.160.17
unknown
Sweden
clean
17.30.215.164
unknown
United States
clean
156.254.70.171
unknown
Seychelles
clean
38.206.46.24
unknown
United States
clean
91.19.165.50
unknown
Germany
clean
91.75.212.117
unknown
United Arab Emirates
clean
91.120.152.33
unknown
Hungary
clean
90.70.5.162
unknown
France
clean
141.150.163.18
unknown
United States
clean
95.156.176.206
unknown
Bosnia and Herzegowina
clean
185.106.143.34
unknown
Serbia
clean
38.181.75.64
unknown
United States
clean
91.30.56.29
unknown
Germany
clean
91.54.122.242
unknown
Germany
clean
45.206.28.0
unknown
Seychelles
clean
59.1.188.143
unknown
Korea Republic of
clean
77.110.64.247
unknown
Lebanon
clean
45.9.143.74
unknown
Russian Federation
clean
45.18.215.62
unknown
United States
clean
185.75.12.212
unknown
Spain
clean
91.74.73.94
unknown
United Arab Emirates
clean
185.38.220.169
unknown
Poland
clean
185.23.188.242
unknown
France
clean
45.63.53.230
unknown
United States
clean
45.237.157.87
unknown
Brazil
clean
185.35.202.71
unknown
Norway
clean
185.169.213.42
unknown
Germany
clean
79.103.170.140
unknown
Greece
clean
176.196.62.156
unknown
Russian Federation
clean
194.28.179.238
unknown
Ukraine
clean
45.185.140.128
unknown
Brazil
clean
185.149.161.42
unknown
Russian Federation
clean
142.166.65.28
unknown
Canada
clean
189.172.103.25
unknown
Mexico
clean
59.27.2.25
unknown
Korea Republic of
clean
45.50.54.63
unknown
United States
clean
185.19.109.133
unknown
United Kingdom
clean
190.94.7.150
unknown
Dominican Republic
clean
41.239.218.36
unknown
Egypt
clean
89.67.99.56
unknown
Poland
clean
45.199.228.211
unknown
Seychelles
clean
45.126.216.220
unknown
Hong Kong
clean
99.56.5.185
unknown
United States
clean
197.164.175.168
unknown
Egypt
clean
45.9.143.98
unknown
Russian Federation
clean
45.52.96.195
unknown
United States
clean
185.124.199.108
unknown
Germany
clean
41.17.0.118
unknown
South Africa
clean
173.70.19.34
unknown
United States
clean
185.15.150.55
unknown
Spain
clean
45.55.195.228
unknown
United States
clean
185.187.222.120
unknown
Italy
clean
154.82.151.120
unknown
Seychelles
clean
17.112.167.99
unknown
United States
clean
2.41.35.61
unknown
Italy
clean
91.13.61.237
unknown
Germany
clean
194.253.157.141
unknown
European Union
clean
113.51.241.67
unknown
China
clean
173.184.189.173
unknown
United States
clean
185.192.230.56
unknown
United Kingdom
clean
156.158.248.174
unknown
Tanzania United Republic of
clean
41.45.223.165
unknown
Egypt
clean
36.118.160.38
unknown
China
clean
41.17.127.1
unknown
South Africa
clean
5.218.125.60
unknown
Iran (ISLAMIC Republic Of)
clean
45.145.30.193
unknown
Turkey
clean
90.255.143.236
unknown
United Kingdom
clean
45.1.177.234
unknown
United States
clean
53.82.186.160
unknown
Germany
clean
143.10.148.65
unknown
United States
clean
59.218.207.68
unknown
China
clean
222.202.165.36
unknown
China
clean
91.90.138.39
unknown
Israel
clean
197.173.155.25
unknown
South Africa
clean
68.97.175.155
unknown
United States
clean
37.155.189.38
unknown
Turkey
clean
45.197.137.128
unknown
Seychelles
clean
96.151.55.151
unknown
United States
clean
91.74.182.121
unknown
United Arab Emirates
clean
91.60.221.230
unknown
Germany
clean
91.235.70.182
unknown
Ukraine
clean
91.5.97.3
unknown
Germany
clean
57.159.196.85
unknown
Belgium
clean
45.18.240.22
unknown
United States
clean
41.77.181.171
unknown
Algeria
clean
45.122.192.3
unknown
China
clean
91.67.33.158
unknown
Germany
clean
179.77.43.231
unknown
Brazil
clean
173.12.201.233
unknown
United States
clean
45.130.62.123
unknown
Israel
clean
185.21.99.54
unknown
Austria
clean
185.70.118.221
unknown
Italy
clean
41.80.99.57
unknown
Kenya
clean
45.242.108.39
unknown
Egypt
clean
91.18.128.111
unknown
Germany
clean
There are 90 hidden IPs, click here to show them.