Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
firmware.m68k.elf
|
ELF 32-bit MSB executable, Motorola m68k, 68020, version 1 (SYSV), statically linked, stripped
|
initial sample
|
 |
|
|
/etc/d
|
ASCII text
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
/tmp/firmware.m68k.elf
|
/tmp/firmware.m68k.elf
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
46.50.1.120
|
unknown
|
Portugal
|
||
|
109.202.202.202
|
unknown
|
Switzerland
|
||
|
91.189.91.43
|
unknown
|
United Kingdom
|
||
|
91.189.91.42
|
unknown
|
United Kingdom
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
5604b376b000
|
page execute and read and write
|
|||
|
7fce9445f000
|
page read and write
|
|||
|
7fce94821000
|
page read and write
|
|||
|
5604b1533000
|
page execute read
|
|||
|
7fce0c01d000
|
page execute read
|
|||
|
7ffcc3bfc000
|
page execute read
|
|||
|
5604b3802000
|
page read and write
|
|||
|
7fce94d07000
|
page read and write
|
|||
|
7fce941c2000
|
page read and write
|
|||
|
7fce0c020000
|
page read and write
|
|||
|
7fce939bf000
|
page read and write
|
|||
|
7fce0c025000
|
page read and write
|
|||
|
7fce8c021000
|
page read and write
|
|||
|
7ffcc3bf5000
|
page read and write
|
|||
|
5604b176d000
|
page read and write
|
|||
|
7fce941d0000
|
page read and write
|
|||
|
7fce94cc2000
|
page read and write
|
|||
|
7fce94846000
|
page read and write
|
|||
|
7fce94b91000
|
page read and write
|
|||
|
5604b1765000
|
page read and write
|
|||
|
5604b44d2000
|
page read and write
|
|||
|
7fce94cba000
|
page read and write
|
|||
|
7fce8c000000
|
page read and write
|
There are 13 hidden memdumps, click here to show them.