Automated Malware Analysis IOC Report for

Processes

Path

Cmdline

Malicious

/tmp/aisuru.i586.elf

/usr/lib/udisks2/udisksd

/usr/sbin/dumpe2fs

dumpe2fs -h /dev/dm-0

/usr/lib/udisks2/udisksd

/usr/sbin/dumpe2fs

dumpe2fs -h /dev/dm-0

Domains

Name

Malicious

b.francoanddosbot.fun

92.223.30.117

IPs

Domain

Country

Malicious

92.38.160.13

unknown

Austria

Details

IP:	92.38.160.13
TargetID:	-1
Country:	Austria
Countrycode:	AUT
ASN number:	199524
ASN name:	GCOREAT
Private:	false

Signature Hits	Behavior Group	Mitre Attack
Detected TCP or UDP traffic on non-standard ports	Networking	Non-Standard Port

Memdumps

Base Address

Regiontype

Protect

Malicious

85b9000

page read and write

805a000

page read and write

8059000

page read and write

ffb01000

page read and write

f7f74000

page execute read

8058000

page execute read

Details

Name:	5505.1.0000000008048000.0000000008058000.r-x.sdmp
TargetID:	12
Dumpstage:	process exit
Protect:	page execute read
Base address:	8058000
Size:	65536

Signature Hits	Behavior Group	Mitre Attack
Malicious sample detected (through community Yara rule)	System Summary
Yara signature match	System Summary

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

IOC Report
aisuru.i586.elf

Processes

Domains

IPs

Memdumps

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

IOC Reportaisuru.i586.elf

Processes

Domains

IPs

Memdumps

IOC Report
aisuru.i586.elf