IOC Report
SecuriteInfo.com.ELF.Mirai-CVD.5487.13505.elf

loading gif

Processes

Path
Cmdline
Malicious
/usr/bin/dash
-
/usr/bin/rm
rm -f /tmp/tmp.O4CuIEpsBu /tmp/tmp.vVFwAXA4E6 /tmp/tmp.brf0F1ZgS2
/usr/bin/dash
-
/usr/bin/rm
rm -f /tmp/tmp.O4CuIEpsBu /tmp/tmp.vVFwAXA4E6 /tmp/tmp.brf0F1ZgS2
/tmp/SecuriteInfo.com.ELF.Mirai-CVD.5487.13505.elf
/tmp/SecuriteInfo.com.ELF.Mirai-CVD.5487.13505.elf
/tmp/SecuriteInfo.com.ELF.Mirai-CVD.5487.13505.elf
-
/tmp/SecuriteInfo.com.ELF.Mirai-CVD.5487.13505.elf
-

Domains

Name
IP
Malicious
iranistrash.libre
unknown
 malicious

IPs

IP
Domain
Country
Malicious
5.230.171.8
unknown
Germany
malicious
5.230.122.80
unknown
Germany
malicious
5.230.228.47
unknown
Germany
malicious
5.230.228.46
unknown
Germany
malicious
5.230.228.42
unknown
Germany
malicious
5.230.228.44
unknown
Germany
malicious
94.131.118.154
unknown
Ukraine
malicious
5.230.228.62
unknown
Germany
malicious
5.230.171.9
unknown
Germany
5.230.122.82
unknown
Germany
172.217.192.127
unknown
United States
185.248.144.209
unknown
France
194.156.98.15
unknown
Russian Federation
5.230.118.247
unknown
Germany
There are 4 hidden IPs, click here to show them.

Memdumps

Base Address
Regiontype
Protect
Malicious
55bd1a124000
page read and write
7ffd67543000
page execute read
55bd1a10d000
page execute and read and write
7f7a4f919000
page read and write
7f7a4f433000
page read and write
55bd18106000
page read and write
7f7a4f458000
page read and write
55bd1bbc1000
page read and write
7f7948025000
page execute read
7f7a4edd4000
page read and write
55bd17ed8000
page execute read
7f794803b000
page read and write
7f7a4f7a3000
page read and write
7f7a4e5d1000
page read and write
7f7a48000000
page read and write
7f7a4f8d4000
page read and write
7ffd67532000
page read and write
7f7a4f8cc000
page read and write
7f7a48021000
page read and write
7f7a4ede2000
page read and write
7f7948036000
page read and write
7f7a4f071000
page read and write
55bd1810f000
page read and write
There are 13 hidden memdumps, click here to show them.