Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
na.elf
|
ELF 32-bit MSB executable, SPARC, version 1 (SYSV), statically linked, stripped
|
initial sample
|
 |
|
|
/tmp/qemu-open.UOBCA6 (deleted)
|
ASCII text
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
/tmp/na.elf
|
/tmp/na.elf
|
||
|
/tmp/na.elf
|
-
|
||
|
/tmp/na.elf
|
-
|
||
|
/tmp/na.elf
|
-
|
||
|
/tmp/na.elf
|
-
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
14.48.15.228
|
unknown
|
Korea Republic of
|
||
|
4.108.122.160
|
unknown
|
United States
|
||
|
17.246.15.28
|
unknown
|
United States
|
||
|
12.92.144.40
|
unknown
|
United States
|
||
|
17.66.80.69
|
unknown
|
United States
|
||
|
14.131.74.88
|
unknown
|
China
|
||
|
5.110.201.160
|
unknown
|
Saudi Arabia
|
||
|
14.34.26.253
|
unknown
|
Korea Republic of
|
||
|
12.234.229.175
|
unknown
|
United States
|
||
|
23.203.40.40
|
unknown
|
United States
|
||
|
1.77.255.124
|
unknown
|
Japan
|
||
|
9.85.146.62
|
unknown
|
United States
|
||
|
22.247.206.122
|
unknown
|
United States
|
||
|
8.118.146.78
|
unknown
|
United States
|
||
|
13.254.105.191
|
unknown
|
United States
|
||
|
23.163.160.184
|
unknown
|
United States
|
||
|
23.151.125.75
|
unknown
|
Reserved
|
||
|
5.72.180.9
|
unknown
|
Iran (ISLAMIC Republic Of)
|
||
|
14.228.128.138
|
unknown
|
Viet Nam
|
||
|
18.144.218.130
|
unknown
|
United States
|
||
|
17.99.94.108
|
unknown
|
United States
|
||
|
1.22.116.173
|
unknown
|
India
|
||
|
12.224.246.63
|
unknown
|
United States
|
||
|
8.72.107.114
|
unknown
|
United States
|
||
|
13.135.119.26
|
unknown
|
United States
|
||
|
8.90.239.34
|
unknown
|
United States
|
||
|
9.147.16.187
|
unknown
|
United States
|
||
|
9.75.67.12
|
unknown
|
United States
|
||
|
17.88.89.193
|
unknown
|
United States
|
||
|
17.57.239.123
|
unknown
|
United States
|
||
|
9.75.18.51
|
unknown
|
United States
|
||
|
20.233.119.198
|
unknown
|
United States
|
||
|
14.242.154.138
|
unknown
|
Viet Nam
|
||
|
9.37.30.243
|
unknown
|
United States
|
||
|
1.66.52.1
|
unknown
|
Japan
|
||
|
17.36.102.216
|
unknown
|
United States
|
||
|
1.140.112.34
|
unknown
|
Australia
|
||
|
20.79.93.117
|
unknown
|
United States
|
||
|
13.49.131.140
|
unknown
|
United States
|
||
|
12.45.10.226
|
unknown
|
United States
|
||
|
1.147.212.171
|
unknown
|
Australia
|
||
|
5.251.149.231
|
unknown
|
Kazakhstan
|
||
|
4.225.37.81
|
unknown
|
United States
|
||
|
9.213.236.15
|
unknown
|
United States
|
||
|
9.37.6.88
|
unknown
|
United States
|
||
|
12.81.6.41
|
unknown
|
United States
|
||
|
8.125.111.98
|
unknown
|
United States
|
||
|
17.236.73.227
|
unknown
|
United States
|
||
|
13.14.140.28
|
unknown
|
United States
|
||
|
14.135.254.244
|
unknown
|
China
|
||
|
18.189.238.68
|
unknown
|
United States
|
||
|
4.165.15.180
|
unknown
|
United States
|
||
|
18.11.110.23
|
unknown
|
United States
|
||
|
1.64.180.222
|
unknown
|
Hong Kong
|
||
|
19.152.33.116
|
unknown
|
United States
|
||
|
17.11.239.91
|
unknown
|
United States
|
||
|
9.197.122.116
|
unknown
|
United States
|
||
|
20.100.221.238
|
unknown
|
United States
|
||
|
20.32.43.140
|
unknown
|
United States
|
||
|
19.181.248.123
|
unknown
|
United States
|
||
|
20.104.11.51
|
unknown
|
United States
|
||
|
18.165.26.232
|
unknown
|
United States
|
||
|
12.15.64.238
|
unknown
|
United States
|
||
|
5.85.86.175
|
unknown
|
Italy
|
||
|
23.109.86.240
|
unknown
|
Netherlands
|
||
|
20.216.247.84
|
unknown
|
United States
|
||
|
19.212.190.192
|
unknown
|
United States
|
||
|
17.254.82.77
|
unknown
|
United States
|
||
|
9.63.23.60
|
unknown
|
United States
|
||
|
5.110.196.218
|
unknown
|
Saudi Arabia
|
||
|
23.82.106.111
|
unknown
|
United States
|
||
|
20.253.71.243
|
unknown
|
United States
|
||
|
12.94.212.227
|
unknown
|
United States
|
||
|
23.164.201.62
|
unknown
|
Reserved
|
||
|
22.92.218.68
|
unknown
|
United States
|
||
|
17.70.42.210
|
unknown
|
United States
|
||
|
5.194.156.21
|
unknown
|
United Arab Emirates
|
||
|
22.44.164.112
|
unknown
|
United States
|
||
|
8.125.111.70
|
unknown
|
United States
|
||
|
23.231.52.166
|
unknown
|
United States
|
||
|
14.85.6.142
|
unknown
|
Korea Republic of
|
||
|
13.223.33.171
|
unknown
|
United States
|
||
|
17.139.169.81
|
unknown
|
United States
|
||
|
20.64.77.252
|
unknown
|
United States
|
||
|
13.40.198.210
|
unknown
|
United States
|
||
|
5.242.109.199
|
unknown
|
Sweden
|
||
|
1.174.125.216
|
unknown
|
Taiwan; Republic of China (ROC)
|
||
|
19.88.233.176
|
unknown
|
United States
|
||
|
12.108.167.255
|
unknown
|
United States
|
||
|
9.239.97.67
|
unknown
|
United States
|
||
|
19.189.10.137
|
unknown
|
United States
|
||
|
12.215.220.13
|
unknown
|
United States
|
||
|
12.208.118.155
|
unknown
|
United States
|
||
|
1.58.46.34
|
unknown
|
China
|
||
|
18.169.186.23
|
unknown
|
United States
|
||
|
4.230.201.167
|
unknown
|
United States
|
||
|
12.107.189.60
|
unknown
|
United States
|
||
|
19.11.150.205
|
unknown
|
United States
|
||
|
14.211.0.215
|
unknown
|
China
|
||
|
13.185.138.54
|
unknown
|
United States
|
There are 90 hidden IPs, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
7f3c44023000
|
page execute read
|
|
||
|
7f3c44023000
|
page execute read
|
|
||
|
55d652382000
|
page read and write
|
|||
|
7f3d4bc34000
|
page read and write
|
|||
|
55d654380000
|
page execute and read and write
|
|||
|
7f3d4c366000
|
page read and write
|
|||
|
7f3d4bc34000
|
page read and write
|
|||
|
55d654397000
|
page read and write
|
|||
|
7f3d4c366000
|
page read and write
|
|||
|
7f3d4b997000
|
page read and write
|
|||
|
7f3d4c497000
|
page read and write
|
|||
|
7f3c44033000
|
page read and write
|
|||
|
7ffe69ddb000
|
page execute read
|
|||
|
7f3d44000000
|
page read and write
|
|||
|
7f3c44036000
|
page read and write
|
|||
|
7f3d4c48f000
|
page read and write
|
|||
|
7f3d4b997000
|
page read and write
|
|||
|
55d652379000
|
page read and write
|
|||
|
55d65214b000
|
page execute read
|
|||
|
7f3d4b194000
|
page read and write
|
|||
|
7ffe69ddb000
|
page execute read
|
|||
|
7f3d4c01b000
|
page read and write
|
|||
|
7f3d4b9a5000
|
page read and write
|
|||
|
7f3d4c4dc000
|
page read and write
|
|||
|
7f3d4b194000
|
page read and write
|
|||
|
7f3d44021000
|
page read and write
|
|||
|
7f3c44033000
|
page read and write
|
|||
|
55d652379000
|
page read and write
|
|||
|
7ffe69d85000
|
page read and write
|
|||
|
55d655ee5000
|
page read and write
|
|||
|
7f3d4c48f000
|
page read and write
|
|||
|
7f3d4bff6000
|
page read and write
|
|||
|
7f3d4bff6000
|
page read and write
|
|||
|
55d654380000
|
page execute and read and write
|
|||
|
55d652382000
|
page read and write
|
|||
|
55d655ee5000
|
page read and write
|
|||
|
7f3d4c01b000
|
page read and write
|
|||
|
7f3d44021000
|
page read and write
|
|||
|
55d65214b000
|
page execute read
|
|||
|
7f3c44036000
|
page read and write
|
|||
|
7f3d44000000
|
page read and write
|
|||
|
7f3d4b9a5000
|
page read and write
|
|||
|
7f3d4c497000
|
page read and write
|
|||
|
7ffe69d85000
|
page read and write
|
|||
|
7f3d4c4dc000
|
page read and write
|
|||
|
55d654397000
|
page read and write
|
There are 36 hidden memdumps, click here to show them.