IOC Report
n7Nzys6TF5.elf

loading gif

Processes

Path
Cmdline
Malicious
/tmp/n7Nzys6TF5.elf
/tmp/n7Nzys6TF5.elf
/usr/bin/dash
-
/usr/bin/rm
rm -f /tmp/tmp.wzb3ueiOr7 /tmp/tmp.uaEUOMbJbC /tmp/tmp.T3QHwrztAq
/usr/bin/dash
-
/usr/bin/cat
cat /tmp/tmp.wzb3ueiOr7
/usr/bin/dash
-
/usr/bin/head
head -n 10
/usr/bin/dash
-
/usr/bin/tr
tr -d \\000-\\011\\013\\014\\016-\\037
/usr/bin/dash
-
/usr/bin/cut
cut -c -80
/usr/bin/dash
-
/usr/bin/cat
cat /tmp/tmp.wzb3ueiOr7
/usr/bin/dash
-
/usr/bin/head
head -n 10
/usr/bin/dash
-
/usr/bin/tr
tr -d \\000-\\011\\013\\014\\016-\\037
/usr/bin/dash
-
/usr/bin/cut
cut -c -80
/usr/bin/dash
-
/usr/bin/rm
rm -f /tmp/tmp.wzb3ueiOr7 /tmp/tmp.uaEUOMbJbC /tmp/tmp.T3QHwrztAq
There are 11 hidden processes, click here to show them.

IPs

IP
Domain
Country
Malicious
54.171.230.55
unknown
United States

Memdumps

Base Address
Regiontype
Protect
Malicious
7fb4c0418000
page execute read
 malicious
7fb547ad2000
page read and write
56089544a000
page execute read
560897666000
page execute and read and write
7fb4c0433000
page read and write
7fff4b5a4000
page execute read
7fb548ca4000
page read and write
560895660000
page read and write
7fb5482d5000
page read and write
7fb540000000
page read and write
7fb548dd5000
page read and write
7fff4b59a000
page read and write
56089767d000
page read and write
7fb540021000
page read and write
7fb4c042d000
page read and write
7fb5482e3000
page read and write
560897bf0000
page read and write
7fb548959000
page read and write
7fb548572000
page read and write
7fb548934000
page read and write
560895668000
page read and write
7fb548e1a000
page read and write
7fb548dcd000
page read and write
There are 13 hidden memdumps, click here to show them.