IOC Report
na.elf

loading gif

Files

File Path
Type
Category
Malicious
na.elf
ELF 32-bit MSB executable, PowerPC or cisco 4500, version 1 (SYSV), statically linked, not stripped
initial sample
 malicious
/tmp/qemu-open.DZaULx (deleted)
ASCII text
dropped

Processes

Path
Cmdline
Malicious
/tmp/na.elf
/tmp/na.elf
/tmp/na.elf
-
/tmp/na.elf
-
/tmp/na.elf
-

URLs

Name
IP
Malicious
192.227.146.254:6667
malicious
http://wortschatz.uni-leipzig.de/findlinks/)findlinks/1.1.6-beta1
unknown
http://wortschatz.uni-leipzig.de/findlinks/)
unknown
http://code.google.com/appengine;
unknown
http://www.brandwatch.net)
unknown
http://wortschatz.uni-leipzig.de/findlinks/)Mozilla/5.0
unknown
http://wortschatz.uni-leipzig.de/findlinks/)findlinks/1.1.5-beta7
unknown
http://192.227.146.254/deltahaxsyeaok.sh;
unknown
http://www.majestic12.co.uk/bot.php?
unknown
http://majestic12.co.uk/bot.php?
unknown
http://wortschatz.uni-leipzig.de/findlinks/)findlinks/1.1.6-beta4
unknown
http://www.brandwatch.net)Mozilla/5.0
unknown
http://www.mojeek.com/bot.html)
unknown
http://wortschatz.uni-leipzig.de/findlinks/)findlinks/1.1.6-beta6
unknown
There are 4 hidden URLs, click here to show them.

Domains

Name
IP
Malicious
daisy.ubuntu.com
162.213.35.25

IPs

IP
Domain
Country
Malicious
222.252.160.98
unknown
Viet Nam
113.178.80.72
unknown
Viet Nam
41.253.208.30
unknown
Libyan Arab Jamahiriya
27.54.90.219
unknown
Australia
39.64.200.115
unknown
China
113.178.212.106
unknown
Viet Nam
85.3.227.211
unknown
Switzerland
14.176.84.179
unknown
Viet Nam
103.195.189.106
unknown
Singapore
117.175.162.232
unknown
China
113.174.141.213
unknown
Viet Nam
117.176.199.148
unknown
China
41.254.28.135
unknown
Libyan Arab Jamahiriya
113.162.218.48
unknown
Viet Nam
117.175.162.240
unknown
China
113.190.146.125
unknown
Viet Nam
123.21.171.120
unknown
Viet Nam
14.160.128.183
unknown
Viet Nam
14.165.136.44
unknown
Viet Nam
188.3.58.210
unknown
Turkey
117.176.199.156
unknown
China
14.178.148.119
unknown
Viet Nam
43.230.125.171
unknown
China
41.208.78.3
unknown
Libyan Arab Jamahiriya
88.248.29.119
unknown
Turkey
14.190.83.181
unknown
Viet Nam
112.5.3.227
unknown
China
113.190.38.100
unknown
Viet Nam
103.14.48.172
unknown
Australia
27.98.140.60
unknown
Japan
211.237.245.252
unknown
Korea Republic of
113.191.64.85
unknown
Viet Nam
188.3.58.206
unknown
Turkey
124.253.185.182
unknown
India
103.44.77.215
unknown
Bangladesh
203.134.138.192
unknown
Australia
103.198.135.117
unknown
Bangladesh
14.167.48.78
unknown
Viet Nam
103.248.115.123
unknown
India
14.178.148.109
unknown
Viet Nam
123.16.228.4
unknown
Viet Nam
113.176.89.4
unknown
Viet Nam
115.220.235.211
unknown
China
14.166.103.227
unknown
Viet Nam
113.189.220.170
unknown
Viet Nam
43.245.38.231
unknown
Australia
101.51.234.219
unknown
Thailand
113.178.79.77
unknown
Viet Nam
103.47.0.144
unknown
Australia
103.225.109.219
unknown
Hong Kong
45.127.206.162
unknown
Indonesia
123.24.204.246
unknown
Viet Nam
203.150.57.231
unknown
Thailand
14.165.161.67
unknown
Viet Nam
36.32.124.132
unknown
China
188.3.128.196
unknown
Turkey
103.203.62.235
unknown
India
103.218.19.0
unknown
China
103.55.103.163
unknown
India
203.150.10.223
unknown
Thailand
117.173.208.90
unknown
China
113.176.133.32
unknown
Viet Nam
115.220.70.8
unknown
China
115.220.65.221
unknown
China
103.198.223.131
unknown
China
43.253.218.155
unknown
Japan
27.54.18.123
unknown
Singapore
113.176.108.84
unknown
Viet Nam
36.32.27.117
unknown
China
222.252.9.222
unknown
Viet Nam
27.255.85.30
unknown
Korea Republic of
113.166.4.89
unknown
Viet Nam
137.59.29.200
unknown
Viet Nam
203.150.57.214
unknown
Thailand
113.191.64.10
unknown
Viet Nam
110.235.120.68
unknown
India
103.47.160.249
unknown
India
45.127.206.145
unknown
Indonesia
14.161.68.251
unknown
Viet Nam
188.3.128.171
unknown
Turkey
188.3.128.166
unknown
Turkey
103.57.253.89
unknown
India
222.253.141.7
unknown
Viet Nam
88.247.63.48
unknown
Turkey
45.117.212.11
unknown
India
117.173.49.173
unknown
China
85.105.1.241
unknown
Turkey
103.203.24.72
unknown
China
113.191.40.89
unknown
Viet Nam
117.171.155.119
unknown
China
162.12.60.239
unknown
United States
202.44.42.200
unknown
Thailand
78.189.111.203
unknown
Turkey
14.175.231.252
unknown
Viet Nam
36.248.14.117
unknown
China
103.220.23.12
unknown
unknown
110.235.119.87
unknown
India
41.253.159.6
unknown
Libyan Arab Jamahiriya
14.163.245.206
unknown
Viet Nam
14.162.47.210
unknown
Viet Nam
There are 90 hidden IPs, click here to show them.

Memdumps

Base Address
Regiontype
Protect
Malicious
7f0ceb85a000
page read and write
5594f4ae3000
page execute and read and write
7f0cec35a000
page read and write
5594f4ae3000
page execute and read and write
5594f525e000
page read and write
5594f2add000
page read and write
7f0cec229000
page read and write
5594f285a000
page execute read
7f0cec352000
page read and write
7f0ce4021000
page read and write
7f0cec229000
page read and write
7ffd4ddd3000
page execute read
7f0cec39f000
page read and write
7f0bf401e000
page execute read
7f0ce4000000
page read and write
7f0cec39f000
page read and write
7f0ce4000000
page read and write
7f0bf4034000
page read and write
7f0cec352000
page read and write
7f0cebeb9000
page read and write
5594f4af9000
page read and write
7f0bf4034000
page read and write
7f0ceb868000
page read and write
5594f285a000
page execute read
5594f4af9000
page read and write
7f0cebeb9000
page read and write
5594f525e000
page read and write
7f0bf402e000
page read and write
7f0cebede000
page read and write
7f0cebaf7000
page read and write
7f0ceb057000
page read and write
7ffd4dcc3000
page read and write
5594f2ae5000
page read and write
7f0ceb868000
page read and write
7f0ce4021000
page read and write
7ffd4ddd3000
page execute read
7f0bf401e000
page execute read
5594f2add000
page read and write
7f0cec35a000
page read and write
7f0ceb85a000
page read and write
7f0ceb057000
page read and write
7f0bf402e000
page read and write
5594f2ae5000
page read and write
7f0cebede000
page read and write
7f0cebaf7000
page read and write
7ffd4dcc3000
page read and write
There are 36 hidden memdumps, click here to show them.