Automated Malware Analysis IOC Report for

Processes

Path

Cmdline

Malicious

/tmp/LM762mO6Jt.elf

URLs

Name

Malicious

http://upx.sf.net

unknown

Details

Name:	http://upx.sf.net
TargetID:	16
From Memory:	true
Current Path:	/tmp/LM762mO6Jt.elf
Source:	LM762mO6Jt.elf

Signature Hits	Behavior Group	Mitre Attack
Sample is packed with UPX	Data Obfuscation	Obfuscated Files or Information
URLs found in memory or binary data	Networking

IPs

Domain

Country

Malicious

45.131.65.138

unknown

Germany

Details

IP:	45.131.65.138
TargetID:	-1
Country:	Germany
Countrycode:	DEU
ASN number:	47987
ASN name:	LOVESERVERSGB
Private:	false

Signature Hits	Behavior Group	Mitre Attack
Detected TCP or UDP traffic on non-standard ports	Networking	Non-Standard Port
Connects to IPs without corresponding DNS lookups	Networking

Memdumps

Base Address

Regiontype

Protect

Malicious

805d000

page read and write

9045000

page read and write

c02000

page execute read

f7f59000

page execute read

805d000

page read and write

805d000

page read and write

ffd64000

page read and write

f7f59000

page execute read

c02000

page execute read

9045000

page read and write

f7f59000

page execute read

f7f59000

page execute read

ffd64000

page read and write

ffd64000

page read and write

805c000

page execute read

ffd64000

page read and write

805d000

page read and write

9046000

page read and write

c02000

page execute read

9046000

page read and write

805c000

page execute read

805c000

page execute read

c02000

page execute read

805c000

page execute read

There are 14 hidden memdumps, click here to show them.

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

IOC Report
LM762mO6Jt.elf

Processes

URLs

IPs

Memdumps

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

IOC ReportLM762mO6Jt.elf

Processes

URLs

IPs

Memdumps

IOC Report
LM762mO6Jt.elf