Automated Malware Analysis IOC Report for

Processes

Path

Cmdline

Malicious

/tmp/debug.dbg.elf

Domains

Name

Malicious

flklin.com

156.238.253.51

Details

Name:	flklin.com
IP:	156.238.253.51
TargetID:	-1
Active:	true

Signature Hits	Behavior Group	Mitre Attack
Suricata IDS alerts for network traffic	Networking
Detected TCP or UDP traffic on non-standard ports	Networking	Non-Standard Port
Performs DNS lookups	Networking	Application Layer Protocol Non-Application Layer Protocol

IPs

Domain

Country

Malicious

156.238.253.51

flklin.com

Seychelles

Details

IP:	156.238.253.51
TargetID:	-1
Country:	Seychelles
Countrycode:	SYC
ASN number:	394281
ASN name:	XHOSTSERVERUS
Private:	false
Domain:	flklin.com

Signature Hits	Behavior Group	Mitre Attack
Suricata IDS alerts for network traffic	Networking
Detected TCP or UDP traffic on non-standard ports	Networking	Non-Standard Port

Memdumps

Base Address

Regiontype

Protect

Malicious

8057000

page execute read

8057000

page execute read

8057000

page execute read

9517000

page read and write

f7f25000

page execute read

ffe0b000

page read and write

ffe0b000

page read and write

8058000

page read and write

805a000

page read and write

805a000

page read and write

9517000

page read and write

8058000

page read and write

8058000

page read and write

f7f25000

page execute read

ffe0b000

page read and write

9517000

page read and write

f7f25000

page execute read

805a000

page read and write

There are 8 hidden memdumps, click here to show them.

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

IOC Report
debug.dbg.elf

Processes

Domains

IPs

Memdumps

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

IOC Reportdebug.dbg.elf

Processes

Domains

IPs

Memdumps

IOC Report
debug.dbg.elf