Automated Malware Analysis IOC Report for

Processes

Path

Cmdline

Malicious

/tmp/main_m68k.elf

IPs

Domain

Country

Malicious

109.202.202.202

unknown

Switzerland

Details

IP:	109.202.202.202
TargetID:	-1
Country:	Switzerland
Countrycode:	CHE
ASN number:	13030
ASN name:	INIT7CH
Private:	false

Signature Hits	Behavior Group	Mitre Attack
Tries to connect to HTTP servers, but all servers are down (expired dropper behavior)	Networking
Connects to IPs without corresponding DNS lookups	Networking

91.189.91.43

unknown

United Kingdom

Details

IP:	91.189.91.43
TargetID:	-1
Country:	United Kingdom
Countrycode:	GBR
ASN number:	41231
ASN name:	CANONICAL-ASGB
Private:	false

Signature Hits	Behavior Group	Mitre Attack
Tries to connect to HTTP servers, but all servers are down (expired dropper behavior)	Networking
Connects to IPs without corresponding DNS lookups	Networking

91.189.91.42

unknown

United Kingdom

Details

IP:	91.189.91.42
TargetID:	-1
Country:	United Kingdom
Countrycode:	GBR
ASN number:	41231
ASN name:	CANONICAL-ASGB
Private:	false

Signature Hits	Behavior Group	Mitre Attack
Tries to connect to HTTP servers, but all servers are down (expired dropper behavior)	Networking
Connects to IPs without corresponding DNS lookups	Networking

Memdumps

Base Address

Regiontype

Protect

Malicious

7f0278022000

page execute read

55f519f32000

page read and write

7f02fd6d1000

page read and write

7f02f8000000

page read and write

7f02fe0a0000

page read and write

55f51a5dc000

page read and write

7f02f8021000

page read and write

55f517e95000

page read and write

7f02fe1c9000

page read and write

55f517c63000

page execute read

7f027802e000

page read and write

7ffe125c9000

page execute read

7f02fcece000

page read and write

7f02fd6df000

page read and write

7ffe12403000

page read and write

7f02fdd55000

page read and write

7f02fdd30000

page read and write

7f02fd96e000

page read and write

55f519e9b000

page execute and read and write

55f517e9d000

page read and write

7f02fe1d1000

page read and write

7f0278028000

page read and write

7f02fe216000

page read and write

There are 13 hidden memdumps, click here to show them.

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

IOC Report
main_m68k.elf

Processes

IPs

Memdumps

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

IOC Reportmain_m68k.elf

Processes

IPs

Memdumps

IOC Report
main_m68k.elf