Linux Analysis Report
na.elf

Overview

General Information

Sample name: na.elf
Analysis ID: 1528124
MD5: 53feac67bd3e52cd6b1ff1239266667e
SHA1: f3a5fbc85856f9f73b1ce939b815d3b0bb5d7ada
SHA256: ed2b0e238f40193afd0b3af9cdf750b149181cb7f8e9c05338c3a8d3f146da1a
Tags: elfuser-abuse_ch
Infos:

Detection

Score: 56
Range: 0 - 100
Whitelisted: false

Signatures

Antivirus / Scanner detection for submitted sample
Multi AV Scanner detection for submitted file
Enumerates processes within the "proc" file system
Sample has stripped symbol table
Sample tries to kill a process (SIGKILL)
Uses the "uname" system call to query kernel version information (possible evasion)

Classification

AV Detection
barindex
Antivirus / Scanner detection for submitted sample
Source: na.elf Avira: detected
Multi AV Scanner detection for submitted file
Source: na.elf ReversingLabs: Detection: 60%
Source: unknown TCP traffic detected without corresponding DNS query: 37.34.235.98
Source: unknown TCP traffic detected without corresponding DNS query: 37.34.235.98
Source: unknown TCP traffic detected without corresponding DNS query: 206.189.6.247
Source: unknown TCP traffic detected without corresponding DNS query: 206.189.6.247
Source: unknown TCP traffic detected without corresponding DNS query: 78.89.197.195
Source: unknown TCP traffic detected without corresponding DNS query: 78.89.197.195
Source: unknown TCP traffic detected without corresponding DNS query: 37.34.235.98
Source: unknown TCP traffic detected without corresponding DNS query: 37.34.235.98
Source: unknown TCP traffic detected without corresponding DNS query: 206.189.6.247
Source: unknown TCP traffic detected without corresponding DNS query: 206.189.6.247
Source: unknown TCP traffic detected without corresponding DNS query: 78.89.197.195
Source: unknown TCP traffic detected without corresponding DNS query: 78.89.197.195
Source: unknown TCP traffic detected without corresponding DNS query: 37.34.235.98
Source: unknown TCP traffic detected without corresponding DNS query: 37.34.235.98
Source: unknown TCP traffic detected without corresponding DNS query: 206.189.6.247
Source: unknown TCP traffic detected without corresponding DNS query: 206.189.6.247
Source: unknown TCP traffic detected without corresponding DNS query: 78.89.197.195
Source: unknown TCP traffic detected without corresponding DNS query: 78.89.197.195
Source: unknown TCP traffic detected without corresponding DNS query: 37.34.235.98
Source: unknown TCP traffic detected without corresponding DNS query: 37.34.235.98
Source: unknown TCP traffic detected without corresponding DNS query: 206.189.6.247
Source: unknown TCP traffic detected without corresponding DNS query: 206.189.6.247
Source: unknown TCP traffic detected without corresponding DNS query: 78.89.197.195
Source: unknown TCP traffic detected without corresponding DNS query: 78.89.197.195
Source: unknown TCP traffic detected without corresponding DNS query: 37.34.235.98
Source: unknown TCP traffic detected without corresponding DNS query: 37.34.235.98
Source: unknown TCP traffic detected without corresponding DNS query: 206.189.6.247
Source: unknown TCP traffic detected without corresponding DNS query: 206.189.6.247
Source: unknown TCP traffic detected without corresponding DNS query: 78.89.197.195
Source: unknown TCP traffic detected without corresponding DNS query: 78.89.197.195
Source: unknown TCP traffic detected without corresponding DNS query: 37.34.235.98
Source: unknown TCP traffic detected without corresponding DNS query: 37.34.235.98
Source: unknown TCP traffic detected without corresponding DNS query: 206.189.6.247
Source: unknown TCP traffic detected without corresponding DNS query: 206.189.6.247
Source: unknown TCP traffic detected without corresponding DNS query: 78.89.197.195
Source: unknown TCP traffic detected without corresponding DNS query: 78.89.197.195
Source: unknown TCP traffic detected without corresponding DNS query: 37.34.235.98
Source: unknown TCP traffic detected without corresponding DNS query: 37.34.235.98
Source: unknown TCP traffic detected without corresponding DNS query: 206.189.6.247
Source: unknown TCP traffic detected without corresponding DNS query: 206.189.6.247
Source: unknown TCP traffic detected without corresponding DNS query: 78.89.197.195
Source: unknown TCP traffic detected without corresponding DNS query: 78.89.197.195
Source: unknown TCP traffic detected without corresponding DNS query: 37.34.235.98
Source: unknown TCP traffic detected without corresponding DNS query: 37.34.235.98
Source: unknown TCP traffic detected without corresponding DNS query: 206.189.6.247
Source: unknown TCP traffic detected without corresponding DNS query: 206.189.6.247
Source: unknown TCP traffic detected without corresponding DNS query: 78.89.197.195
Source: unknown TCP traffic detected without corresponding DNS query: 78.89.197.195
Source: unknown TCP traffic detected without corresponding DNS query: 37.34.235.98
Source: unknown TCP traffic detected without corresponding DNS query: 37.34.235.98
Source: global traffic DNS traffic detected: DNS query: ns3.my-ndns.com
Source: global traffic DNS traffic detected: DNS query: india-scam-call-center.cfd
Source: unknown Network traffic detected: HTTP traffic on port 24158 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 59265 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 26339 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 777 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 25484 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 2062 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 27665 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 30835 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 4183
Source: unknown Network traffic detected: HTTP traffic on port 61580 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 40649 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 48125 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49451 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 6424 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 9931 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 52633 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 61109 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 4243 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 40637 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 39648 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 17851 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 4176
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 16830
Source: unknown Network traffic detected: HTTP traffic on port 4231 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 26340 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 35298 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 59253 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 51777 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 15200 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 29834 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 5581 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 15669 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 38335 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 2049 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 52645 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50464 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 36154 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 4162
Source: unknown Network traffic detected: HTTP traffic on port 60242 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 16549 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 4161
Source: unknown Network traffic detected: HTTP traffic on port 14332 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 4255 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 23291 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 765 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57096 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 26327 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 33093 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 4167
Source: unknown Network traffic detected: HTTP traffic on port 51319 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 30823 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50439 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 63303 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 27677 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 2050 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 61122 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 26315 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 27207 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 48137 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 40662 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 7749 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 5111 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 54814 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 37010 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 8605 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 53958 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 790 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 37479 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 40625 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 1194 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 16806
Source: unknown Network traffic detected: HTTP traffic on port 51320 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 16800
Source: unknown Network traffic detected: HTTP traffic on port 47282 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 2086 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 63761 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 36129 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 1182 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 59290 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 3363 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 61134 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 36117 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 17887 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 63797 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 16861
Source: unknown Network traffic detected: HTTP traffic on port 40613 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 26785 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 41815
Source: unknown Network traffic detected: HTTP traffic on port 40674 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 18731 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 38347 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 16857
Source: unknown Network traffic detected: HTTP traffic on port 63315 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49426 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 51753 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 28837
Source: unknown Network traffic detected: HTTP traffic on port 48571 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 25026 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 59289 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 17417 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 47257 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 16873
Source: unknown Network traffic detected: HTTP traffic on port 14319 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 2025 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 21913 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 27641 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 16872
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 41804
Source: unknown Network traffic detected: HTTP traffic on port 13476 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 37431 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 41800
Source: unknown Network traffic detected: HTTP traffic on port 37022 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 16501 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 14209
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 16869
Source: unknown Network traffic detected: HTTP traffic on port 14790 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 14381 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 4267 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 4280 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 8617 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 13006 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 40686 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 9943 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49896 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 15633 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 3351 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 12151 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 17429 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 63785 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 5135 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 60217 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 39600 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 36575 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 59216 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 51307 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 28978 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 37492 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 41999 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 29822 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 5520 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 28816
Source: unknown Network traffic detected: HTTP traffic on port 52621 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 7304 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 4279 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 4194
Source: unknown Network traffic detected: HTTP traffic on port 29895 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 35250 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 16845
Source: unknown Network traffic detected: HTTP traffic on port 41530 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 4206 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 11295 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 20600 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 27653 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 40216 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 54863 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 61146 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 48583 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 41926 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 3338 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 6845 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 53849
Source: unknown Network traffic detected: HTTP traffic on port 41914 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 38744 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 16586 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 53537 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 2001 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 48558 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 62496 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 37046 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 356 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 38372 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 41852
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 28879
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 53856
Source: unknown Network traffic detected: HTTP traffic on port 30402 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 43735 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 37058 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 31739 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 25435 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 61158 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 63700 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49872 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 14251
Source: unknown Network traffic detected: HTTP traffic on port 62868 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 14257
Source: unknown Network traffic detected: HTTP traffic on port 29425 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 3326 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 35225 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 25063 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 47221 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 16574 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 65533 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 5159 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 44196 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 24110 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 26773 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51205
Source: unknown Network traffic detected: HTTP traffic on port 57011 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 28867
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 53867
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 26206
Source: unknown Network traffic detected: HTTP traffic on port 30426 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 42410 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 21085 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 16885
Source: unknown Network traffic detected: HTTP traffic on port 54851 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 16881
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 16882
Source: unknown Network traffic detected: HTTP traffic on port 62472 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 13452 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50861 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 29809 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 38756 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 28100 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 9522 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 41832
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 28877
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 28876
Source: unknown Network traffic detected: HTTP traffic on port 49499 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 53922 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 28859
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51219
Source: unknown Network traffic detected: HTTP traffic on port 13055 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 16895
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51210
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 16896
Source: unknown Network traffic detected: HTTP traffic on port 7786 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 14765 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 6857 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50897 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 28594 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 52212 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 16888
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 41824
Source: unknown Network traffic detected: HTTP traffic on port 25038 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 20193 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 36551 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 35237 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 31715 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 6870 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 37443 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 38251
Source: unknown Network traffic detected: HTTP traffic on port 9906 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49859 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 55743 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 43759 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 14741 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 24122 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 32176 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 47245 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 33957 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 62893 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 24134 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 53814
Source: unknown Network traffic detected: HTTP traffic on port 48162 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 61976 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 14294
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 53817
Source: unknown Network traffic detected: HTTP traffic on port 19635 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 14296
Source: unknown Network traffic detected: HTTP traffic on port 42434 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 15273 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50476 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 16983 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 53826
Source: unknown Network traffic detected: HTTP traffic on port 39697 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 51790 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 53829
Source: unknown Network traffic detected: HTTP traffic on port 37852 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 4627 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 25447 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 16995 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 41505 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 64207 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 5556 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 38235
Source: unknown Network traffic detected: HTTP traffic on port 58312 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 61171 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 21950 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 37455 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 41877
Source: unknown Network traffic detected: HTTP traffic on port 7798 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 14753 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 26252
Source: unknown Network traffic detected: HTTP traffic on port 16598 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 54826 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 42818 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 38384 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 9510 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 13439 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 53833
Source: unknown Network traffic detected: HTTP traffic on port 61964 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 38219
Source: unknown Network traffic detected: HTTP traffic on port 18706 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 41869
Source: unknown Network traffic detected: HTTP traffic on port 31727 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 36142 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 26241
Source: unknown Network traffic detected: HTTP traffic on port 60254 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 21494 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 38173
Source: unknown Network traffic detected: HTTP traffic on port 44135 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 39288 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 6052 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 20168 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 19672 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 5941 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 65077 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 3760 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 59637 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 36514 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 53598 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 33970 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 33489 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 2926 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 36984 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 10366 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 11210 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 63140
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 38161
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51153
Source: unknown Network traffic detected: HTTP traffic on port 34333 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 6064 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 16165 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 54442 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 41098 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51160
Source: unknown Network traffic detected: HTTP traffic on port 50812 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 45977 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 63135
Source: unknown Network traffic detected: HTTP traffic on port 50080 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 43784 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 64232 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 37095 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 23675 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 63139
Source: unknown Network traffic detected: HTTP traffic on port 10342 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 30451 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 14183
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 63152
Source: unknown Network traffic detected: HTTP traffic on port 22829 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 36972 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51169
Source: unknown Network traffic detected: HTTP traffic on port 6040 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 40265 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 64268 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 24531 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 19155 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 26178
Source: unknown Network traffic detected: HTTP traffic on port 49847 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 26176
Source: unknown Network traffic detected: HTTP traffic on port 59625 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 6076 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 13873 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 37083 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 14194
Source: unknown Network traffic detected: HTTP traffic on port 9101 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51177
Source: unknown Network traffic detected: HTTP traffic on port 33982 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 44111 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 53104 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 30463 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 43796 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 45003 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51179
Source: unknown Network traffic detected: HTTP traffic on port 50079 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 26712 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 6039 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49066 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 26160
Source: unknown Network traffic detected: HTTP traffic on port 33453 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 26165
Source: unknown Network traffic detected: HTTP traffic on port 16909 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 19647 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 41788
Source: unknown Network traffic detected: HTTP traffic on port 34345 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 30499 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 2902 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 53562 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56576 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 18792 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 44160 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 2880 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50055 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 53760
Source: unknown Network traffic detected: HTTP traffic on port 9534 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 41157 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 2951 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 29449 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 61988 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 41074 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 19214 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50848 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57503 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 26724 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 5904 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 45941 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 37876 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 23710 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 2879 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 43760 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49054 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 33536 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51112
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 53772
Source: unknown Network traffic detected: HTTP traffic on port 13920 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 10895 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 53550 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51114
Source: unknown Network traffic detected: HTTP traffic on port 29498 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 40290 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 51704 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 6719
Source: unknown Network traffic detected: HTTP traffic on port 2892 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50067 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 29437 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 41062 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57493 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 19202 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51126
Source: unknown Network traffic detected: HTTP traffic on port 63388 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 37888 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 16177 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 45953 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 10378 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57432 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 33548 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 63104
Source: unknown Network traffic detected: HTTP traffic on port 47654 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 6701
Source: unknown Network traffic detected: HTTP traffic on port 28582 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 8691 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 54478 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51139
Source: unknown Network traffic detected: HTTP traffic on port 25807 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 36502 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 1108 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 22771 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 53796
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 53794
Source: unknown Network traffic detected: HTTP traffic on port 60614 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 43314 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 53549 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 51140
Source: unknown Network traffic detected: HTTP traffic on port 45027 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 19660 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 9546 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 13079 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 3831 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 19118 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 2855 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 33428 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 45040 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 13944 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 28570 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56540 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 12968 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 10437 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 34382 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 51728 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 6763
Source: unknown Network traffic detected: HTTP traffic on port 44218 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 55718 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 6765
Source: unknown Network traffic detected: HTTP traffic on port 61531 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 6767
Source: unknown Network traffic detected: HTTP traffic on port 27616 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 54491 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 40228 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 46749 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 45039 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 1169 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 19106 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 58361 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 30380 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 6757
Source: unknown Network traffic detected: HTTP traffic on port 8642 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 32607 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 41194 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 41169 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 13956 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 58373 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 46750 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 332 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 64185 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 57515 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 16116 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 6749
Source: unknown Network traffic detected: HTTP traffic on port 55706 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50043 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 16946 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 6743
Source: unknown Network traffic detected: HTTP traffic on port 11271 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56527 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 56552 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 40194 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 12981 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 6821 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49029 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 9499 -> 443
Sample has stripped symbol table
Source: ELF static info symbol of initial sample .symtab present: no
Sample tries to kill a process (SIGKILL)
Source: /tmp/na.elf (PID: 5478) SIGKILL sent: pid: 5476, result: successful Jump to behavior
Source: /tmp/na.elf (PID: 5490) SIGKILL sent: pid: 5488, result: successful Jump to behavior
Source: /tmp/na.elf (PID: 5502) SIGKILL sent: pid: 5500, result: successful Jump to behavior
Source: /tmp/na.elf (PID: 5517) SIGKILL sent: pid: 5515, result: successful Jump to behavior
Source: classification engine Classification label: mal56.linELF@0/0@18/0
Enumerates processes within the "proc" file system
Source: /tmp/na.elf (PID: 5444) File opened: /proc/5261/status Jump to behavior
Source: /tmp/na.elf (PID: 5444) File opened: /proc/230/status Jump to behavior
Source: /tmp/na.elf (PID: 5444) File opened: /proc/110/status Jump to behavior
Source: /tmp/na.elf (PID: 5444) File opened: /proc/231/status Jump to behavior
Source: /tmp/na.elf (PID: 5444) File opened: /proc/111/status Jump to behavior
Source: /tmp/na.elf (PID: 5444) File opened: /proc/232/status Jump to behavior
Source: /tmp/na.elf (PID: 5444) File opened: /proc/112/status Jump to behavior
Source: /tmp/na.elf (PID: 5444) File opened: /proc/233/status Jump to behavior
Source: /tmp/na.elf (PID: 5444) File opened: /proc/113/status Jump to behavior
Source: /tmp/na.elf (PID: 5444) File opened: /proc/234/status Jump to behavior
Source: /tmp/na.elf (PID: 5444) File opened: /proc/114/status Jump to behavior
Source: /tmp/na.elf (PID: 5444) File opened: /proc/235/status Jump to behavior
Source: /tmp/na.elf (PID: 5444) File opened: /proc/115/status Jump to behavior
Source: /tmp/na.elf (PID: 5444) File opened: /proc/236/status Jump to behavior
Source: /tmp/na.elf (PID: 5444) File opened: /proc/116/status Jump to behavior
Source: /tmp/na.elf (PID: 5444) File opened: /proc/237/status Jump to behavior
Source: /tmp/na.elf (PID: 5444) File opened: /proc/117/status Jump to behavior
Source: /tmp/na.elf (PID: 5444) File opened: /proc/238/status Jump to behavior
Source: /tmp/na.elf (PID: 5444) File opened: /proc/118/status Jump to behavior
Source: /tmp/na.elf (PID: 5444) File opened: /proc/239/status Jump to behavior
Source: /tmp/na.elf (PID: 5444) File opened: /proc/119/status Jump to behavior
Source: /tmp/na.elf (PID: 5444) File opened: /proc/914/status Jump to behavior
Source: /tmp/na.elf (PID: 5444) File opened: /proc/10/status Jump to behavior
Source: /tmp/na.elf (PID: 5444) File opened: /proc/917/status Jump to behavior
Source: /tmp/na.elf (PID: 5444) File opened: /proc/11/status Jump to behavior
Source: /tmp/na.elf (PID: 5444) File opened: /proc/12/status Jump to behavior
Source: /tmp/na.elf (PID: 5444) File opened: /proc/13/status Jump to behavior
Source: /tmp/na.elf (PID: 5444) File opened: /proc/14/status Jump to behavior
Source: /tmp/na.elf (PID: 5444) File opened: /proc/15/status Jump to behavior
Source: /tmp/na.elf (PID: 5444) File opened: /proc/16/status Jump to behavior
Source: /tmp/na.elf (PID: 5444) File opened: /proc/17/status Jump to behavior
Source: /tmp/na.elf (PID: 5444) File opened: /proc/18/status Jump to behavior
Source: /tmp/na.elf (PID: 5444) File opened: /proc/19/status Jump to behavior
Source: /tmp/na.elf (PID: 5444) File opened: /proc/240/status Jump to behavior
Source: /tmp/na.elf (PID: 5444) File opened: /proc/3095/status Jump to behavior
Source: /tmp/na.elf (PID: 5444) File opened: /proc/120/status Jump to behavior
Source: /tmp/na.elf (PID: 5444) File opened: /proc/241/status Jump to behavior
Source: /tmp/na.elf (PID: 5444) File opened: /proc/121/status Jump to behavior
Source: /tmp/na.elf (PID: 5444) File opened: /proc/242/status Jump to behavior
Source: /tmp/na.elf (PID: 5444) File opened: /proc/1/status Jump to behavior
Source: /tmp/na.elf (PID: 5444) File opened: /proc/122/status Jump to behavior
Source: /tmp/na.elf (PID: 5444) File opened: /proc/243/status Jump to behavior
Source: /tmp/na.elf (PID: 5444) File opened: /proc/2/status Jump to behavior
Source: /tmp/na.elf (PID: 5444) File opened: /proc/123/status Jump to behavior
Source: /tmp/na.elf (PID: 5444) File opened: /proc/244/status Jump to behavior
Source: /tmp/na.elf (PID: 5444) File opened: /proc/3/status Jump to behavior
Source: /tmp/na.elf (PID: 5444) File opened: /proc/124/status Jump to behavior
Source: /tmp/na.elf (PID: 5444) File opened: /proc/245/status Jump to behavior
Source: /tmp/na.elf (PID: 5444) File opened: /proc/1588/status Jump to behavior
Source: /tmp/na.elf (PID: 5444) File opened: /proc/125/status Jump to behavior
Source: /tmp/na.elf (PID: 5444) File opened: /proc/4/status Jump to behavior
Source: /tmp/na.elf (PID: 5444) File opened: /proc/246/status Jump to behavior
Source: /tmp/na.elf (PID: 5444) File opened: /proc/126/status Jump to behavior
Source: /tmp/na.elf (PID: 5444) File opened: /proc/5/status Jump to behavior
Source: /tmp/na.elf (PID: 5444) File opened: /proc/247/status Jump to behavior
Source: /tmp/na.elf (PID: 5444) File opened: /proc/127/status Jump to behavior
Source: /tmp/na.elf (PID: 5444) File opened: /proc/6/status Jump to behavior
Source: /tmp/na.elf (PID: 5444) File opened: /proc/248/status Jump to behavior
Source: /tmp/na.elf (PID: 5444) File opened: /proc/128/status Jump to behavior
Source: /tmp/na.elf (PID: 5444) File opened: /proc/7/status Jump to behavior
Source: /tmp/na.elf (PID: 5444) File opened: /proc/249/status Jump to behavior
Source: /tmp/na.elf (PID: 5444) File opened: /proc/129/status Jump to behavior
Source: /tmp/na.elf (PID: 5444) File opened: /proc/8/status Jump to behavior
Source: /tmp/na.elf (PID: 5444) File opened: /proc/800/status Jump to behavior
Source: /tmp/na.elf (PID: 5444) File opened: /proc/9/status Jump to behavior
Source: /tmp/na.elf (PID: 5444) File opened: /proc/1906/status Jump to behavior
Source: /tmp/na.elf (PID: 5444) File opened: /proc/802/status Jump to behavior
Source: /tmp/na.elf (PID: 5444) File opened: /proc/3643/status Jump to behavior
Source: /tmp/na.elf (PID: 5444) File opened: /proc/803/status Jump to behavior
Source: /tmp/na.elf (PID: 5444) File opened: /proc/20/status Jump to behavior
Source: /tmp/na.elf (PID: 5444) File opened: /proc/21/status Jump to behavior
Source: /tmp/na.elf (PID: 5444) File opened: /proc/22/status Jump to behavior
Source: /tmp/na.elf (PID: 5444) File opened: /proc/23/status Jump to behavior
Source: /tmp/na.elf (PID: 5444) File opened: /proc/24/status Jump to behavior
Source: /tmp/na.elf (PID: 5444) File opened: /proc/25/status Jump to behavior
Source: /tmp/na.elf (PID: 5444) File opened: /proc/26/status Jump to behavior
Source: /tmp/na.elf (PID: 5444) File opened: /proc/27/status Jump to behavior
Source: /tmp/na.elf (PID: 5444) File opened: /proc/3781/status Jump to behavior
Source: /tmp/na.elf (PID: 5444) File opened: /proc/28/status Jump to behavior
Source: /tmp/na.elf (PID: 5444) File opened: /proc/29/status Jump to behavior
Source: /tmp/na.elf (PID: 5444) File opened: /proc/3420/status Jump to behavior
Source: /tmp/na.elf (PID: 5444) File opened: /proc/1482/status Jump to behavior
Source: /tmp/na.elf (PID: 5444) File opened: /proc/490/status Jump to behavior
Source: /tmp/na.elf (PID: 5444) File opened: /proc/1480/status Jump to behavior
Source: /tmp/na.elf (PID: 5444) File opened: /proc/250/status Jump to behavior
Source: /tmp/na.elf (PID: 5444) File opened: /proc/371/status Jump to behavior
Source: /tmp/na.elf (PID: 5444) File opened: /proc/130/status Jump to behavior
Source: /tmp/na.elf (PID: 5444) File opened: /proc/251/status Jump to behavior
Source: /tmp/na.elf (PID: 5444) File opened: /proc/131/status Jump to behavior
Source: /tmp/na.elf (PID: 5444) File opened: /proc/252/status Jump to behavior
Source: /tmp/na.elf (PID: 5444) File opened: /proc/132/status Jump to behavior
Source: /tmp/na.elf (PID: 5444) File opened: /proc/253/status Jump to behavior
Source: /tmp/na.elf (PID: 5444) File opened: /proc/254/status Jump to behavior
Source: /tmp/na.elf (PID: 5444) File opened: /proc/1238/status Jump to behavior
Source: /tmp/na.elf (PID: 5444) File opened: /proc/134/status Jump to behavior
Source: /tmp/na.elf (PID: 5444) File opened: /proc/255/status Jump to behavior
Source: /tmp/na.elf (PID: 5444) File opened: /proc/256/status Jump to behavior
Source: /tmp/na.elf (PID: 5444) File opened: /proc/257/status Jump to behavior
Source: /tmp/na.elf (PID: 5444) File opened: /proc/378/status Jump to behavior
Source: /tmp/na.elf (PID: 5444) File opened: /proc/3413/status Jump to behavior
Source: /tmp/na.elf (PID: 5444) File opened: /proc/258/status Jump to behavior
Source: /tmp/na.elf (PID: 5444) File opened: /proc/259/status Jump to behavior
Source: /tmp/na.elf (PID: 5444) File opened: /proc/1475/status Jump to behavior
Source: /tmp/na.elf (PID: 5444) File opened: /proc/936/status Jump to behavior
Source: /tmp/na.elf (PID: 5444) File opened: /proc/30/status Jump to behavior
Uses the "uname" system call to query kernel version information (possible evasion)
Source: /tmp/na.elf (PID: 5444) Queries kernel information via 'uname': Jump to behavior
Source: na.elf, 5444.1.00007ffc14cc5000.00007ffc14ce6000.rw-.sdmp, na.elf, 5476.1.00007ffc14cc5000.00007ffc14ce6000.rw-.sdmp, na.elf, 5478.1.00007ffc14cc5000.00007ffc14ce6000.rw-.sdmp, na.elf, 5488.1.00007ffc14cc5000.00007ffc14ce6000.rw-.sdmp, na.elf, 5490.1.00007ffc14cc5000.00007ffc14ce6000.rw-.sdmp, na.elf, 5500.1.00007ffc14cc5000.00007ffc14ce6000.rw-.sdmp, na.elf, 5502.1.00007ffc14cc5000.00007ffc14ce6000.rw-.sdmp, na.elf, 5515.1.00007ffc14cc5000.00007ffc14ce6000.rw-.sdmp, na.elf, 5517.1.00007ffc14cc5000.00007ffc14ce6000.rw-.sdmp Binary or memory string: x86_64/usr/bin/qemu-sh4/tmp/na.elfSUDO_USER=saturninoPATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/binDISPLAY=:1.0XAUTHORITY=/run/user/1000/gdm/XauthoritySUDO_UID=1000TERM=xterm-256colorCOLORTERM=truecolorLOGNAME=rootUSER=rootLANG=en_US.UTF-8SUDO_COMMAND=/bin/bashHOME=/rootMAIL=/var/mail/rootSUDO_GID=1000SHELL=/bin/bash/tmp/na.elf
Source: na.elf, 5444.1.00007ffc14cc5000.00007ffc14ce6000.rw-.sdmp, na.elf, 5476.1.00007ffc14cc5000.00007ffc14ce6000.rw-.sdmp, na.elf, 5478.1.00007ffc14cc5000.00007ffc14ce6000.rw-.sdmp, na.elf, 5488.1.00007ffc14cc5000.00007ffc14ce6000.rw-.sdmp, na.elf, 5490.1.00007ffc14cc5000.00007ffc14ce6000.rw-.sdmp, na.elf, 5500.1.00007ffc14cc5000.00007ffc14ce6000.rw-.sdmp, na.elf, 5502.1.00007ffc14cc5000.00007ffc14ce6000.rw-.sdmp, na.elf, 5515.1.00007ffc14cc5000.00007ffc14ce6000.rw-.sdmp, na.elf, 5517.1.00007ffc14cc5000.00007ffc14ce6000.rw-.sdmp Binary or memory string: /usr/bin/qemu-sh4
Source: na.elf, 5444.1.000055c05cc11000.000055c05cc94000.rw-.sdmp, na.elf, 5476.1.000055c05cc11000.000055c05cc94000.rw-.sdmp, na.elf, 5478.1.000055c05cc11000.000055c05cc94000.rw-.sdmp, na.elf, 5488.1.000055c05cc11000.000055c05cc94000.rw-.sdmp, na.elf, 5490.1.000055c05cc11000.000055c05cc94000.rw-.sdmp, na.elf, 5500.1.000055c05cc11000.000055c05cc94000.rw-.sdmp, na.elf, 5502.1.000055c05cc11000.000055c05cc94000.rw-.sdmp, na.elf, 5515.1.000055c05cc11000.000055c05cc94000.rw-.sdmp, na.elf, 5517.1.000055c05cc11000.000055c05cc94000.rw-.sdmp Binary or memory string: U5!/etc/qemu-binfmt/sh4
Source: na.elf, 5444.1.000055c05cc11000.000055c05cc94000.rw-.sdmp, na.elf, 5476.1.000055c05cc11000.000055c05cc94000.rw-.sdmp, na.elf, 5478.1.000055c05cc11000.000055c05cc94000.rw-.sdmp, na.elf, 5488.1.000055c05cc11000.000055c05cc94000.rw-.sdmp, na.elf, 5490.1.000055c05cc11000.000055c05cc94000.rw-.sdmp, na.elf, 5500.1.000055c05cc11000.000055c05cc94000.rw-.sdmp, na.elf, 5502.1.000055c05cc11000.000055c05cc94000.rw-.sdmp, na.elf, 5515.1.000055c05cc11000.000055c05cc94000.rw-.sdmp, na.elf, 5517.1.000055c05cc11000.000055c05cc94000.rw-.sdmp Binary or memory string: /etc/qemu-binfmt/sh4

No Screenshots

  • No. of IPs < 25%
  • 25% < No. of IPs < 50%
  • 50% < No. of IPs < 75%
  • 75% < No. of IPs

Contacted Public IPs

IP Domain Country Flag ASN ASN Name Malicious
194.120.116.196
 india-scam-call-center.cfd unknown
207451 AGROSVITUA false
206.189.6.247
 unknown United States
14061 DIGITALOCEAN-ASNUS false
37.34.235.98
 unknown Kuwait
42961 GPRS-ASZAINKW false
78.89.197.195
 unknown Kuwait
29357 WATANIYATELECOM-ASKW false

Contacted Domains

Name IP Active
india-scam-call-center.cfd 194.120.116.196 true
ns3.my-ndns.com 67.21.83.164 true