Loading... Additional Content is being loaded
Linux
Analysis Report
kkkmips.elf
Overview
General Information
| Sample name: | kkkmips.elf |
| Analysis ID: | 1542907 |
| MD5: | 2f062e17fbb7780a5f276ab5ed52decc |
| SHA1: | 0e83f57c4ce01b4ae4b77e2b13f34d2a84936505 |
| SHA256: | d773993b0901239af1ffdd4b0e32b672a60a1485fc904aaa93b66997a4c02816 |
| Tags: | elfkkkMiraiuser-NDA0E |
| Infos: |
Detection
| Score: | 56 |
| Range: | 0 - 100 |
| Whitelisted: | false |
Signatures
Antivirus / Scanner detection for submitted sample
Multi AV Scanner detection for submitted file
Detected TCP or UDP traffic on non-standard ports
Sample has stripped symbol table
Uses the "uname" system call to query kernel version information (possible evasion)
Classification
AV Detection |
  |
|---|
| Source: |
Avira: |
||
| Source: |
ReversingLabs: |
||
| Source: |
TCP traffic: |
||
| Source: |
TCP traffic detected without corresponding DNS query: |
||
| Source: |
TCP traffic detected without corresponding DNS query: |
||
| Source: |
TCP traffic detected without corresponding DNS query: |
||
| Source: |
TCP traffic detected without corresponding DNS query: |
||
| Source: |
TCP traffic detected without corresponding DNS query: |
||
| Source: |
TCP traffic detected without corresponding DNS query: |
||
| Source: |
TCP traffic detected without corresponding DNS query: |
||
| Source: |
TCP traffic detected without corresponding DNS query: |
||
| Source: |
TCP traffic detected without corresponding DNS query: |
||
| Source: |
TCP traffic detected without corresponding DNS query: |
||
| Source: |
TCP traffic detected without corresponding DNS query: |
||
| Source: |
TCP traffic detected without corresponding DNS query: |
||
| Source: |
TCP traffic detected without corresponding DNS query: |
||
| Source: |
TCP traffic detected without corresponding DNS query: |
||
| Source: |
TCP traffic detected without corresponding DNS query: |
||
| Source: |
TCP traffic detected without corresponding DNS query: |
||
| Source: |
TCP traffic detected without corresponding DNS query: |
||
| Source: |
TCP traffic detected without corresponding DNS query: |
||
| Source: |
TCP traffic detected without corresponding DNS query: |
||
| Source: |
TCP traffic detected without corresponding DNS query: |
||
| Source: |
TCP traffic detected without corresponding DNS query: |
||
| Source: |
TCP traffic detected without corresponding DNS query: |
||
| Source: |
TCP traffic detected without corresponding DNS query: |
||
| Source: |
TCP traffic detected without corresponding DNS query: |
||
| Source: |
TCP traffic detected without corresponding DNS query: |
||
| Source: |
TCP traffic detected without corresponding DNS query: |
||
| Source: |
TCP traffic detected without corresponding DNS query: |
||
| Source: |
TCP traffic detected without corresponding DNS query: |
||
| Source: |
TCP traffic detected without corresponding DNS query: |
||
| Source: |
TCP traffic detected without corresponding DNS query: |
||
| Source: |
TCP traffic detected without corresponding DNS query: |
||
| Source: |
TCP traffic detected without corresponding DNS query: |
||
| Source: |
TCP traffic detected without corresponding DNS query: |
||
| Source: |
TCP traffic detected without corresponding DNS query: |
||
| Source: |
TCP traffic detected without corresponding DNS query: |
||
| Source: |
TCP traffic detected without corresponding DNS query: |
||
| Source: |
TCP traffic detected without corresponding DNS query: |
||
| Source: |
TCP traffic detected without corresponding DNS query: |
||
| Source: |
TCP traffic detected without corresponding DNS query: |
||
| Source: |
TCP traffic detected without corresponding DNS query: |
||
| Source: |
TCP traffic detected without corresponding DNS query: |
||
| Source: |
TCP traffic detected without corresponding DNS query: |
||
| Source: |
TCP traffic detected without corresponding DNS query: |
||
| Source: |
TCP traffic detected without corresponding DNS query: |
||
| Source: |
TCP traffic detected without corresponding DNS query: |
||
| Source: |
TCP traffic detected without corresponding DNS query: |
||
| Source: |
TCP traffic detected without corresponding DNS query: |
||
| Source: |
TCP traffic detected without corresponding DNS query: |
||
| Source: |
TCP traffic detected without corresponding DNS query: |
||
| Source: |
TCP traffic detected without corresponding DNS query: |
||
| Source: |
.symtab present: |
||
| Source: |
Classification label: |
||
| Source: |
Queries kernel information via 'uname': |
Jump to behavior | ||
| Source: |
Binary or memory string: |
||
| Source: |
Binary or memory string: |
||
| Source: |
Binary or memory string: |
||
| Source: |
Binary or memory string: |
||
No Screenshots
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
Contacted Public IPs
| IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
|---|---|---|---|---|---|---|
| 174.51.89.250 | unknown | United States | 7922 | COMCAST-7922US | false | |
| 171.56.47.56 | unknown | India | 9874 | STARHUB-MOBILEStarHubLtdSG | false | |
| 82.91.75.209 | unknown | Italy | 3269 | ASN-IBSNAZIT | false | |
| 177.22.225.28 | unknown | Brazil | 262669 | KONNETINFORMATICAEIRELI-EPPBR | false | |
| 59.133.39.28 | unknown | Japan | 2516 | KDDIKDDICORPORATIONJP | false | |
| 104.156.53.55 | unknown | United States | 29802 | HVC-ASUS | false | |
| 162.67.161.198 | unknown | United States | 395784 | MERS-ASNUS | false | |
| 145.74.62.49 | unknown | Netherlands | 1103 | SURFNET-NLSURFnetTheNetherlandsNL | false | |
| 250.25.150.210 | unknown | Reserved | unknown | unknown | false | |
| 101.187.129.185 | unknown | Australia | 1221 | ASN-TELSTRATelstraCorporationLtdAU | false | |
| 86.55.62.154 | unknown | Iran (ISLAMIC Republic Of) | 197207 | MCCI-ASIR | false | |
| 162.59.146.196 | unknown | United States | 30449 | AZSTATEUS | false | |
| 47.216.89.59 | unknown | United States | 19108 | SUDDENLINK-COMMUNICATIONSUS | false | |
| 189.55.145.205 | unknown | Brazil | 28573 | CLAROSABR | false | |
| 149.165.233.152 | unknown | United States | 10680 | IU-RESEARCHUS | false | |
| 117.31.78.162 | unknown | China | 133776 | CHINATELECOM-FUJIAN-QUANZHOU-IDC1QuanzhouCN | false | |
| 79.152.26.154 | unknown | Spain | 3352 | TELEFONICA_DE_ESPANAES | false | |
| 162.73.172.180 | unknown | Canada | 40676 | AS40676US | false | |
| 80.130.45.92 | unknown | Germany | 3320 | DTAGInternetserviceprovideroperationsDE | false | |
| 95.244.130.136 | unknown | Italy | 3269 | ASN-IBSNAZIT | false | |
| 147.54.151.162 | unknown | Germany | 6867 | UCNETGR | false | |
| 36.2.28.34 | unknown | Japan | 2519 | VECTANTARTERIANetworksCorporationJP | false | |
| 104.239.180.92 | unknown | United States | 27357 | RACKSPACEUS | false | |
| 14.253.102.33 | unknown | Viet Nam | 45899 | VNPT-AS-VNVNPTCorpVN | false | |
| 124.162.191.223 | unknown | China | 4837 | CHINA169-BACKBONECHINAUNICOMChina169BackboneCN | false | |
| 187.235.203.1 | unknown | Mexico | 8151 | UninetSAdeCVMX | false | |
| 179.202.241.149 | unknown | Brazil | 26615 | TIMSABR | false | |
| 247.135.70.158 | unknown | Reserved | unknown | unknown | false | |
| 143.39.152.54 | unknown | United States | 11003 | PANDGUS | false | |
| 218.176.202.234 | unknown | Japan | 17676 | GIGAINFRASoftbankBBCorpJP | false | |
| 111.105.202.195 | unknown | Japan | 2516 | KDDIKDDICORPORATIONJP | false | |
| 243.111.13.234 | unknown | Reserved | unknown | unknown | false | |
| 216.156.15.109 | unknown | United States | 2828 | XO-AS15US | false | |
| 187.151.5.71 | unknown | Mexico | 8151 | UninetSAdeCVMX | false | |
| 18.150.11.234 | unknown | United States | 16509 | AMAZON-02US | false | |
| 142.165.15.166 | unknown | Canada | 803 | SASKTELCA | false | |
| 54.61.128.78 | unknown | United States | 14618 | AMAZON-AESUS | false | |
| 195.121.17.107 | unknown | Netherlands | 8737 | PTNL | false | |
| 219.65.101.148 | unknown | India | 4755 | TATACOMM-ASTATACommunicationsformerlyVSNLisLeadingISP | false | |
| 102.139.37.131 | unknown | Cote D'ivoire | 36974 | AFNET-ASCI | false | |
| 112.29.156.66 | unknown | China | 9808 | CMNET-GDGuangdongMobileCommunicationCoLtdCN | false | |
| 112.217.21.38 | unknown | Korea Republic of | 3786 | LGDACOMLGDACOMCorporationKR | false | |
| 141.61.34.241 | unknown | Germany | 680 | DFNVereinzurFoerderungeinesDeutschenForschungsnetzese | false | |
| 138.221.136.149 | unknown | Switzerland | 10497 | WORLDBANKUS | false | |
| 185.246.165.82 | unknown | Greece | 204932 | FRIKTORIANETGR | false | |
| 148.40.242.230 | unknown | United States | 6400 | CompaniaDominicanadeTelefonosSADO | false | |
| 106.212.14.97 | unknown | India | 45609 | BHARTI-MOBILITY-AS-APBhartiAirtelLtdASforGPRSService | false | |
| 125.66.3.199 | unknown | China | 38283 | CHINANET-SCIDC-AS-APCHINANETSiChuanTelecomInternetData | false | |
| 246.229.141.164 | unknown | Reserved | unknown | unknown | false | |
| 208.81.174.146 | unknown | Puerto Rico | 30526 | NEPTUNO-NETPR | false | |
| 118.106.74.144 | unknown | Japan | 18126 | CTCXChubuTelecommunicationsCompanyIncJP | false | |
| 200.174.166.140 | unknown | Brazil | 4230 | CLAROSABR | false | |
| 13.14.140.23 | unknown | United States | 22390 | XEROX-WBUS | false | |
| 176.90.148.147 | unknown | Turkey | 16135 | TURKCELL-ASTurkcellASTR | false | |
| 103.33.9.61 | unknown | China | 7575 | AARNET-AS-APAustralianAcademicandResearchNetworkAARNe | false | |
| 223.130.210.125 | unknown | Korea Republic of | 4766 | KIXS-AS-KRKoreaTelecomKR | false | |
| 12.51.188.77 | unknown | United States | 7018 | ATT-INTERNET4US | false | |
| 84.128.113.44 | unknown | Germany | 3320 | DTAGInternetserviceprovideroperationsDE | false | |
| 71.242.116.18 | unknown | United States | 701 | UUNETUS | false | |
| 116.74.225.76 | unknown | India | 17488 | HATHWAY-NET-APHathwayIPOverCableInternetIN | false | |
| 76.80.101.3 | unknown | United States | 20001 | TWC-20001-PACWESTUS | false | |
| 180.77.219.114 | unknown | China | 17429 | BGCTVNETBEIJINGGEHUACATVNETWORKCOLTDCN | false | |
| 35.115.167.100 | unknown | United States | 237 | MERIT-AS-14US | false | |
| 159.192.246.95 | unknown | Thailand | 131090 | CAT-IDC-4BYTENET-AS-APCATTELECOMPublicCompanyLtdCATT | false | |
| 121.101.51.54 | unknown | China | 38158 | CBN-NETWORKS-AS-IDPTCyberindoAditamaID | false | |
| 96.126.221.216 | unknown | United States | 2386 | INS-ASUS | false | |
| 248.235.158.8 | unknown | Reserved | unknown | unknown | false | |
| 9.7.223.23 | unknown | United States | 3356 | LEVEL3US | false | |
| 218.99.193.104 | unknown | China | 17966 | CIBNChinaInformationBroadcastNetworkLtdCoCN | false | |
| 95.11.62.101 | unknown | Turkey | 9121 | TTNETTR | false | |
| 250.10.8.235 | unknown | Reserved | unknown | unknown | false | |
| 193.201.11.181 | unknown | Germany | 15436 | WITBE-ASFR | false | |
| 177.23.26.195 | unknown | unknown | 262887 | RAPIXINTERNETBR | false | |
| 153.228.108.242 | unknown | Japan | 4713 | OCNNTTCommunicationsCorporationJP | false | |
| 178.151.147.74 | unknown | Ukraine | 13188 | TRIOLANUA | false | |
| 151.86.180.195 | unknown | Italy | 8217 | ASN-ENIIT | false | |
| 58.63.30.139 | unknown | China | 4134 | CHINANET-BACKBONENo31Jin-rongStreetCN | false | |
| 254.122.33.162 | unknown | Reserved | unknown | unknown | false | |
| 174.49.218.7 | unknown | United States | 7922 | COMCAST-7922US | false | |
| 99.35.224.124 | unknown | United States | 7018 | ATT-INTERNET4US | false | |
| 67.1.99.199 | unknown | United States | 209 | CENTURYLINK-US-LEGACY-QWESTUS | false | |
| 16.192.62.152 | unknown | United States | unknown | unknown | false | |
| 111.24.180.234 | unknown | China | 24444 | CMNET-V4SHANDONG-AS-APShandongMobileCommunicationCompany | false | |
| 194.37.27.75 | unknown | Austria | 8445 | SALZBURG-AG-ASAT | false | |
| 71.239.35.233 | unknown | United States | 7922 | COMCAST-7922US | false | |
| 62.156.228.139 | unknown | Germany | 3320 | DTAGInternetserviceprovideroperationsDE | false | |
| 211.150.223.163 | unknown | China | 9803 | JINGXUNBeijingJingxunPublicInformationTechnologyCoL | false | |
| 58.177.246.242 | unknown | Hong Kong | 9269 | HKBN-AS-APHongKongBroadbandNetworkLtdHK | false | |
| 179.209.165.143 | unknown | Brazil | 28573 | CLAROSABR | false | |
| 191.9.42.49 | unknown | Brazil | 27699 | TELEFONICABRASILSABR | false | |
| 78.87.232.149 | unknown | Greece | 3329 | HOL-GRAthensGreeceGR | false | |
| 220.237.75.236 | unknown | Australia | 4804 | MPX-ASMicroplexPTYLTDAU | false | |
| 253.198.45.52 | unknown | Reserved | unknown | unknown | false | |
| 241.81.83.49 | unknown | Reserved | unknown | unknown | false | |
| 168.44.111.82 | unknown | United States | 1761 | TDIR-CAPNETUS | false | |
| 141.96.53.68 | unknown | Belgium | 25367 | AS-ADTS-LUForIDARroutingLU | false | |
| 78.203.110.252 | unknown | France | 12322 | PROXADFR | false | |
| 245.13.36.180 | unknown | Reserved | unknown | unknown | false | |
| 255.228.205.226 | unknown | Reserved | unknown | unknown | false | |
| 61.228.136.34 | unknown | Taiwan; Republic of China (ROC) | 3462 | HINETDataCommunicationBusinessGroupTW | false |