IOC Report

loading gif

Files

File Path
Type
Category
Malicious
fbXTgwatuJ
ELF 32-bit LSB executable, MIPS, MIPS-I version 1 (SYSV), statically linked, stripped
initial sample
malicious
/proc/5274/oom_score_adj
ASCII text
dropped
clean
/run/sshd.pid
ASCII text
dropped
clean

Processes

Path
Cmdline
Malicious
/tmp/fbXTgwatuJ
/tmp/fbXTgwatuJ
clean
/tmp/fbXTgwatuJ
n/a
clean
/tmp/fbXTgwatuJ
n/a
clean
/tmp/fbXTgwatuJ
n/a
clean
/tmp/fbXTgwatuJ
n/a
clean
/tmp/fbXTgwatuJ
n/a
clean
/tmp/fbXTgwatuJ
n/a
clean
/tmp/fbXTgwatuJ
n/a
clean
/tmp/fbXTgwatuJ
n/a
clean
/usr/lib/systemd/systemd
n/a
clean
/usr/sbin/sshd
/usr/sbin/sshd -t
clean
/usr/lib/systemd/systemd
n/a
clean
/usr/sbin/sshd
/usr/sbin/sshd -D
clean
There are 3 hidden processes, click here to show them.

URLs

Name
IP
Malicious
http://127.0.0.1:52869/picdesc.xml
185.235.182.98
malicious
http://127.0.0.1:52869/wanipcn.xml
185.235.182.98
malicious
http://103.3.246.123/bins/Hilix.mips
unknown
malicious
http://schemas.xmlsoap.org/soap/encoding/
unknown
clean
http://schemas.xmlsoap.org/soap/envelope/
unknown
clean

IPs

IP
Domain
Country
Malicious
45.222.232.192
unknown
Ghana
clean
43.148.246.116
unknown
Japan
clean
13.225.123.90
unknown
United States
clean
123.81.9.213
unknown
China
clean
185.252.217.161
unknown
Germany
clean
197.166.142.70
unknown
Egypt
clean
185.106.143.21
unknown
Serbia
clean
197.49.247.206
unknown
Egypt
clean
129.45.93.101
unknown
Algeria
clean
185.176.0.86
unknown
Ireland
clean
136.151.234.158
unknown
United States
clean
91.222.6.78
unknown
Serbia
clean
185.24.218.206
unknown
Poland
clean
67.165.175.121
unknown
United States
clean
41.163.216.170
unknown
South Africa
clean
53.12.120.130
unknown
Germany
clean
2.198.34.2
unknown
Italy
clean
91.244.134.28
unknown
Ukraine
clean
45.243.90.255
unknown
Egypt
clean
44.78.196.125
unknown
United States
clean
45.239.81.159
unknown
Brazil
clean
91.180.11.220
unknown
Belgium
clean
41.203.40.70
unknown
South Africa
clean
156.204.73.129
unknown
Egypt
clean
45.96.114.31
unknown
Egypt
clean
159.214.148.103
unknown
United States
clean
145.117.49.194
unknown
Netherlands
clean
185.78.207.83
unknown
United Kingdom
clean
156.193.176.230
unknown
Egypt
clean
91.19.4.104
unknown
Germany
clean
12.32.255.219
unknown
United States
clean
91.214.40.193
unknown
Russian Federation
clean
45.153.14.23
unknown
Russian Federation
clean
45.111.113.76
unknown
Egypt
clean
197.224.41.156
unknown
Mauritius
clean
185.41.67.136
unknown
Norway
clean
45.2.167.112
unknown
Canada
clean
45.159.66.144
unknown
Italy
clean
185.134.76.10
unknown
Luxembourg
clean
44.190.185.40
unknown
United States
clean
91.156.132.81
unknown
Finland
clean
220.143.72.166
unknown
Taiwan; Republic of China (ROC)
clean
185.15.125.98
unknown
Denmark
clean
91.209.253.76
unknown
Saudi Arabia
clean
185.199.219.198
unknown
Germany
clean
197.116.147.40
unknown
Algeria
clean
74.210.198.233
unknown
Canada
clean
41.148.201.194
unknown
South Africa
clean
91.125.23.8
unknown
United Kingdom
clean
45.190.8.43
unknown
unknown
clean
91.0.244.23
unknown
Germany
clean
197.120.220.102
unknown
Egypt
clean
45.25.228.40
unknown
United States
clean
45.102.218.5
unknown
Egypt
clean
156.143.35.216
unknown
United States
clean
70.207.197.16
unknown
United States
clean
91.53.232.18
unknown
Germany
clean
50.180.82.50
unknown
United States
clean
41.221.211.177
unknown
South Africa
clean
41.39.124.196
unknown
Egypt
clean
185.124.0.180
unknown
United Kingdom
clean
91.254.252.147
unknown
Italy
clean
66.121.87.98
unknown
United States
clean
185.22.127.130
unknown
Czech Republic
clean
45.234.55.170
unknown
Brazil
clean
91.219.76.51
unknown
Netherlands
clean
185.240.220.103
unknown
Czech Republic
clean
156.199.251.111
unknown
Egypt
clean
45.96.114.49
unknown
Egypt
clean
45.223.169.231
unknown
United States
clean
45.252.226.223
unknown
China
clean
113.204.87.244
unknown
China
clean
45.141.18.12
unknown
Netherlands
clean
185.246.190.10
unknown
Romania
clean
37.69.111.68
unknown
France
clean
40.111.155.130
unknown
United States
clean
91.0.208.216
unknown
Germany
clean
91.248.153.194
unknown
Germany
clean
23.129.169.180
unknown
Reserved
clean
17.135.215.183
unknown
United States
clean
59.215.60.179
unknown
China
clean
91.81.32.134
unknown
Italy
clean
45.187.4.117
unknown
unknown
clean
91.244.56.37
unknown
Ukraine
clean
222.182.208.77
unknown
China
clean
135.33.188.37
unknown
United States
clean
185.231.215.252
unknown
Germany
clean
91.223.43.9
unknown
Slovenia
clean
111.16.37.200
unknown
China
clean
156.99.130.87
unknown
United States
clean
45.224.65.234
unknown
Brazil
clean
155.117.235.41
unknown
United States
clean
91.106.162.52
unknown
Germany
clean
91.169.219.34
unknown
France
clean
128.10.87.105
unknown
United States
clean
75.190.128.227
unknown
United States
clean
156.79.92.14
unknown
United States
clean
91.193.176.179
unknown
Russian Federation
clean
185.184.141.169
unknown
United Kingdom
clean
212.153.127.43
unknown
Netherlands
clean
There are 90 hidden IPs, click here to show them.