Automated Malware Analysis IOC Report for

Processes

Path

Cmdline

Malicious

/tmp/na.elf

Domains

Name

Malicious

ru.coziest.lol

38.60.198.180

f.codingdrunk.cc

38.54.57.248

2joints.libre

156.244.7.75

r3racegame.indy

154.223.21.228

kr3ddnsnet1.indy

154.223.21.228

kr2ddnsnet.dyn

154.90.62.142

subcarrace.indy

154.223.21.228

nineteen.libre. [malformed]

unknown

imaverygoodbadboy.libre. [malformed]

unknown

fortyfivehundred.dyn. [malformed]

unknown

2joints.libre. [malformed]

unknown

eighteen.pirate

unknown

kr2ddnsnet.dyn. [malformed]

unknown

eighteen.pirate. [malformed]

unknown

r3racegame.indy. [malformed]

unknown

krddnsnet.dyn. [malformed]

unknown

21savage.dyn. [malformed]

unknown

ru.coziest.lol. [malformed]

unknown

daisy.ubuntu.com

162.213.35.25

There are 9 hidden domains, click here to show them.

IPs

Domain

Country

Malicious

38.54.57.248

f.codingdrunk.cc

United States

Details

IP:	38.54.57.248
TargetID:	-1
Country:	United States
Countrycode:	USA
ASN number:	174
ASN name:	COGENT-174US
Private:	false
Domain:	f.codingdrunk.cc

Signature Hits	Behavior Group	Mitre Attack
Connects to many ports of the same IP (likely port scanning)	Networking
Detected TCP or UDP traffic on non-standard ports	Networking	Non-Standard Port

154.90.62.142

kr2ddnsnet.dyn

Seychelles

Details

IP:	154.90.62.142
TargetID:	-1
Country:	Seychelles
Countrycode:	SYC
ASN number:	40065
ASN name:	CNSERVERSUS
Private:	false
Domain:	kr2ddnsnet.dyn

Signature Hits	Behavior Group	Mitre Attack
Detected TCP or UDP traffic on non-standard ports	Networking	Non-Standard Port

156.244.7.75

2joints.libre

Seychelles

Details

IP:	156.244.7.75
TargetID:	-1
Country:	Seychelles
Countrycode:	SYC
ASN number:	132839
ASN name:	POWERLINE-AS-APPOWERLINEDATACENTERHK
Private:	false
Domain:	2joints.libre

Signature Hits	Behavior Group	Mitre Attack
Connects to many ports of the same IP (likely port scanning)	Networking
Detected TCP or UDP traffic on non-standard ports	Networking	Non-Standard Port

154.223.21.228

r3racegame.indy

Seychelles

Details

IP:	154.223.21.228
TargetID:	-1
Country:	Seychelles
Countrycode:	SYC
ASN number:	134705
ASN name:	ITACE-AS-APItaceInternationalLimitedHK
Private:	false
Domain:	r3racegame.indy

Signature Hits	Behavior Group	Mitre Attack
Connects to many ports of the same IP (likely port scanning)	Networking
Detected TCP or UDP traffic on non-standard ports	Networking	Non-Standard Port

38.60.198.180

ru.coziest.lol

United States

Details

IP:	38.60.198.180
TargetID:	-1
Country:	United States
Countrycode:	USA
ASN number:	174
ASN name:	COGENT-174US
Private:	false
Domain:	ru.coziest.lol

Signature Hits	Behavior Group	Mitre Attack
Connects to many ports of the same IP (likely port scanning)	Networking
Detected TCP or UDP traffic on non-standard ports	Networking	Non-Standard Port

Memdumps

Base Address

Regiontype

Protect

Malicious

7ffcb15f9000

page read and write

559cafadf000

page read and write

7fa93b8bc000

page read and write

7fa93bc80000

page read and write

559cb1af4000

page read and write

7fa934000000

page read and write

559cb273e000

page read and write

7fa93c325000

page read and write

7fa934021000

page read and write

7fa93c2d8000

page read and write

7fa93bfce000

page read and write

7fa93bc5d000

page read and write

7fa93adf6000

page read and write

7fa93c1af000

page read and write

559cb1add000

page execute and read and write

7fa8b4458000

page read and write

7fa93b5fe000

page read and write

7fa93bc9d000

page read and write

7fa8b4410000

page execute read

7ffcb1600000

page execute read

7fa93b60c000

page read and write

7fa8b4451000

page read and write

559cafad5000

page read and write

7fa93c2e0000

page read and write

559caf84d000

page execute read

There are 15 hidden memdumps, click here to show them.

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

IOC Report
na.elf

Processes

Domains

IPs

Memdumps

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

IOC Reportna.elf

Processes

Domains

IPs

Memdumps

IOC Report
na.elf