Automated Malware Analysis IOC Report for

Processes

Path

Cmdline

Malicious

/tmp/SecuriteInfo.com.Trojan.Linux.Generic.23983.22081.elf

Domains

Name

Malicious

daisy.ubuntu.com

162.213.35.24

IPs

Domain

Country

Malicious

185.125.190.26

unknown

United Kingdom

Details

IP:	185.125.190.26
TargetID:	-1
Country:	United Kingdom
Countrycode:	GBR
ASN number:	41231
ASN name:	CANONICAL-ASGB
Private:	false

Signature Hits	Behavior Group	Mitre Attack
Tries to connect to HTTP servers, but all servers are down (expired dropper behavior)	Networking
Connects to IPs without corresponding DNS lookups	Networking

Memdumps

Base Address

Regiontype

Protect

Malicious

7ffd36fcc000

page execute read

691000

page execute read

92f000

page read and write

7ffd36f52000

page read and write

971000

page read and write

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

IOC Report
SecuriteInfo.com.Trojan.Linux.Generic.23983.22081.elf

Processes

Domains

IPs

Memdumps

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

IOC ReportSecuriteInfo.com.Trojan.Linux.Generic.23983.22081.elf

Processes

Domains

IPs

Memdumps

IOC Report
SecuriteInfo.com.Trojan.Linux.Generic.23983.22081.elf