Automated Malware Analysis IOC Report for

Processes

Path

Cmdline

Malicious

/tmp/arm7.elf

URLs

Name

Malicious

https://root_senpai.selly.store/

unknown

https://bugs.launchpad.net/ubuntu/

unknown

Domains

Name

Malicious

daisy.ubuntu.com

162.213.35.25

IPs

Domain

Country

Malicious

209.200.246.150

unknown

United States

Details

IP:	209.200.246.150
TargetID:	-1
Country:	United States
Countrycode:	USA
ASN number:	15244
ASN name:	ADDD2NET-INCUS
Private:	false

Signature Hits	Behavior Group	Mitre Attack
Suricata IDS alerts for network traffic	Networking
Detected TCP or UDP traffic on non-standard ports	Networking	Non-Standard Port
Connects to IPs without corresponding DNS lookups	Networking

Memdumps

Base Address

Regiontype

Protect

Malicious

7f5c2408e000

page execute read

7f5d2a9c7000

page read and write

7f5d2a0e1000

page read and write

7f5d24021000

page read and write

7f5d29d7f000

page read and write

7f5d2a4db000

page read and write

55c101b70000

page read and write

7f5d2a9eb000

page read and write

7f5d2a36f000

page read and write

7f5c240a2000

page read and write

7f5d2a89e000

page read and write

7f5d29ced000

page read and write

7fff49d61000

page execute read

55c0ff593000

page read and write

7f5d2a34c000

page read and write

55c101591000

page execute and read and write

55c0ff58a000

page read and write

7fff49cc5000

page read and write

7f5c240d8000

page read and write

7f5d294e5000

page read and write

7f5d23fff000

page read and write

7f5d2aa30000

page read and write

55c0ff339000

page execute read

7f5d2a6bd000

page read and write

55c1015a8000

page read and write

There are 15 hidden memdumps, click here to show them.

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

IOC Report
arm7.elf

Processes

URLs

Domains

IPs

Memdumps

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

IOC Reportarm7.elf

Processes

URLs

Domains

IPs

Memdumps

IOC Report
arm7.elf