Automated Malware Analysis IOC Report for

Processes

Path

Cmdline

Malicious

/tmp/mips.elf

URLs

Name

Malicious

https://root_senpai.selly.store/

unknown

https://bugs.launchpad.net/ubuntu/

unknown

Domains

Name

Malicious

daisy.ubuntu.com

162.213.35.25

IPs

Domain

Country

Malicious

209.200.246.150

unknown

United States

Details

IP:	209.200.246.150
TargetID:	-1
Country:	United States
Countrycode:	USA
ASN number:	15244
ASN name:	ADDD2NET-INCUS
Private:	false

Signature Hits	Behavior Group	Mitre Attack
Suricata IDS alerts for network traffic	Networking
Detected TCP or UDP traffic on non-standard ports	Networking	Non-Standard Port
Connects to IPs without corresponding DNS lookups	Networking

Memdumps

Base Address

Regiontype

Protect

Malicious

7f96b44b0000

page execute read

7f9734000000

page read and write

7ffeae9f6000

page execute read

7f97397b8000

page read and write

7f9739dfb000

page read and write

7f9739cca000

page read and write

5591ccee8000

page read and write

7f973979b000

page read and write

5591cbb1b000

page read and write

5591c9874000

page execute read

7f96b4500000

page read and write

5591cbb04000

page execute and read and write

7f9734021000

page read and write

7f9738911000

page read and write

7f9739ae9000

page read and write

5591c9afc000

page read and write

7f9739e40000

page read and write

7f97393d7000

page read and write

7f9739127000

page read and write

5591c9b06000

page read and write

7ffeae9e6000

page read and write

7f9739778000

page read and write

7f9739119000

page read and write

7f9739df3000

page read and write

7f96b44ca000

page read and write

There are 15 hidden memdumps, click here to show them.

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

IOC Report
mips.elf

Processes

URLs

Domains

IPs

Memdumps

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

IOC Reportmips.elf

Processes

URLs

Domains

IPs

Memdumps

IOC Report
mips.elf