Automated Malware Analysis IOC Report for

Processes

Path

Cmdline

Malicious

/tmp/armv4l.elf

URLs

Name

Malicious

https://root_senpai.selly.store/

unknown

https://bugs.launchpad.net/ubuntu/

unknown

Domains

Name

Malicious

daisy.ubuntu.com

162.213.35.25

IPs

Domain

Country

Malicious

209.200.246.150

unknown

United States

Details

IP:	209.200.246.150
TargetID:	-1
Country:	United States
Countrycode:	USA
ASN number:	15244
ASN name:	ADDD2NET-INCUS
Private:	false

Signature Hits	Behavior Group	Mitre Attack
Suricata IDS alerts for network traffic	Networking
Detected TCP or UDP traffic on non-standard ports	Networking	Non-Standard Port
Connects to IPs without corresponding DNS lookups	Networking

Memdumps

Base Address

Regiontype

Protect

Malicious

7f9f2c0b8000

page execute read

7fa03406a000

page read and write

7fa0346ec000

page read and write

558dc7d4d000

page execute read

558dc9fa5000

page execute and read and write

7fa0340fc000

page read and write

7f9f2c0cc000

page read and write

7fa034d68000

page read and write

7fa034dad000

page read and write

7ffc2bb01000

page execute read

7fa03445e000

page read and write

558dc9fbc000

page read and write

7fa033862000

page read and write

7fa034a3a000

page read and write

558dc7f9e000

page read and write

7fa034c1b000

page read and write

558dc7fa7000

page read and write

7fa02c021000

page read and write

7fa0346c9000

page read and write

7fa02bfff000

page read and write

558dcbed8000

page read and write

7fa034858000

page read and write

7fa034d44000

page read and write

7f9f2c102000

page read and write

7ffc2bab4000

page read and write

There are 15 hidden memdumps, click here to show them.

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

IOC Report
armv4l.elf

Processes

URLs

Domains

IPs

Memdumps

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

IOC Reportarmv4l.elf

Processes

URLs

Domains

IPs

Memdumps

IOC Report
armv4l.elf