Automated Malware Analysis IOC Report for

Processes

Path

Cmdline

Malicious

/tmp/na.elf

Domains

Name

Malicious

eighteen.pirate

38.60.249.66

Details

Name:	eighteen.pirate
IP:	38.60.249.66
TargetID:	-1
Active:	true

Signature Hits	Behavior Group	Mitre Attack
Connects to many ports of the same IP (likely port scanning)	Networking
Detected TCP or UDP traffic on non-standard ports	Networking	Non-Standard Port
Performs DNS lookups	Networking	Application Layer Protocol Non-Application Layer Protocol

daisy.ubuntu.com

162.213.35.25

IPs

Domain

Country

Malicious

38.60.249.66

eighteen.pirate

United States

Details

IP:	38.60.249.66
TargetID:	-1
Country:	United States
Countrycode:	USA
ASN number:	174
ASN name:	COGENT-174US
Private:	false
Domain:	eighteen.pirate

Signature Hits	Behavior Group	Mitre Attack
Connects to many ports of the same IP (likely port scanning)	Networking
Detected TCP or UDP traffic on non-standard ports	Networking	Non-Standard Port

Memdumps

Base Address

Regiontype

Protect

Malicious

55685e265000

page read and write

55685e26d000

page read and write

55686026b000

page execute and read and write

55685e04f000

page execute read

7fe546fd4000

page read and write

7fe4c0423000

page read and write

556860370000

page read and write

7fe4c040c000

page execute read

556860282000

page read and write

7fe4c041c000

page read and write

7fe546613000

page read and write

7ffe9118d000

page read and write

7fe545e02000

page read and write

7fe540021000

page read and write

7fe546605000

page read and write

7fe5470fd000

page read and write

7fe546c64000

page read and write

7fe5468a2000

page read and write

7ffe911ff000

page execute read

7fe54714a000

page read and write

7fe546c89000

page read and write

7fe540000000

page read and write

7fe547105000

page read and write

There are 13 hidden memdumps, click here to show them.

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

IOC Report
na.elf

Processes

Domains

IPs

Memdumps

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

IOC Reportna.elf

Processes

Domains

IPs

Memdumps

IOC Report
na.elf