Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
/usr/bin/dash
|
-
|
||
|
/usr/bin/rm
|
rm -f /tmp/tmp.o6Plogs1yr /tmp/tmp.qA58EAPoKE /tmp/tmp.KPTn6A0K4J
|
||
|
/tmp/gJxUBR0ghC.elf
|
/tmp/gJxUBR0ghC.elf
|
||
|
/tmp/gJxUBR0ghC.elf
|
-
|
||
|
/tmp/gJxUBR0ghC.elf
|
-
|
||
|
/tmp/gJxUBR0ghC.elf
|
-
|
||
|
/tmp/gJxUBR0ghC.elf
|
-
|
||
|
/usr/bin/xfce4-panel
|
-
|
||
|
/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0
|
/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 /usr/lib/x86_64-linux-gnu/xfce4/panel/plugins/libsystray.so 6 12582920 systray
"Notification Area" "Area where notification icons appear"
|
||
|
/usr/bin/xfce4-panel
|
-
|
||
|
/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0
|
/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 /usr/lib/x86_64-linux-gnu/xfce4/panel/plugins/libstatusnotifier.so 7 12582921
statusnotifier "Status Notifier Plugin" "Provides a panel area for status notifier items (application indicators)"
|
||
|
/usr/bin/xfce4-panel
|
-
|
||
|
/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0
|
/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 /usr/lib/x86_64-linux-gnu/xfce4/panel/plugins/libpulseaudio-plugin.so 8
12582922 pulseaudio "PulseAudio Plugin" "Adjust the audio volume of the PulseAudio sound system"
|
||
|
/usr/bin/xfce4-panel
|
-
|
||
|
/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0
|
/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 /usr/lib/x86_64-linux-gnu/xfce4/panel/plugins/libxfce4powermanager.so 9
12582923 power-manager-plugin "Power Manager Plugin" "Display the battery levels of your devices and control the brightness
of your display"
|
||
|
/usr/bin/xfce4-panel
|
-
|
||
|
/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0
|
/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 /usr/lib/x86_64-linux-gnu/xfce4/panel/plugins/libnotification-plugin.so
10 12582924 notification-plugin "Notification Plugin" "Notification plugin for the Xfce panel"
|
||
|
/usr/bin/xfce4-panel
|
-
|
||
|
/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0
|
/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 /usr/lib/x86_64-linux-gnu/xfce4/panel/plugins/libactions.so 14 12582925
actions "Action Buttons" "Log out, lock or other system actions"
|
There are 9 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://scan.chromies.cf/9x83HE5AFD/arm7.jade
|
unknown
|
||
|
http://schemas.xmlsoap.org/soap/encoding/
|
unknown
|
||
|
http://schemas.xmlsoap.org/soap/envelope/
|
unknown
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
cnc.chromies.cf
|
5.181.156.131
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
173.217.11.11
|
unknown
|
United States
|
||
|
182.97.230.143
|
unknown
|
China
|
||
|
5.66.125.248
|
unknown
|
United Kingdom
|
||
|
206.233.36.85
|
unknown
|
United States
|
||
|
192.238.125.37
|
unknown
|
United States
|
||
|
198.116.95.129
|
unknown
|
United States
|
||
|
2.86.196.205
|
unknown
|
Greece
|
||
|
136.10.238.101
|
unknown
|
United States
|
||
|
114.144.40.144
|
unknown
|
Japan
|
||
|
36.177.143.178
|
unknown
|
China
|
||
|
9.103.119.12
|
unknown
|
United States
|
||
|
8.55.107.13
|
unknown
|
United States
|
||
|
160.170.20.178
|
unknown
|
Morocco
|
||
|
86.21.85.147
|
unknown
|
United Kingdom
|
||
|
13.107.147.93
|
unknown
|
United States
|
||
|
74.6.53.55
|
unknown
|
United States
|
||
|
183.23.9.13
|
unknown
|
China
|
||
|
2.231.108.50
|
unknown
|
Italy
|
||
|
81.20.57.158
|
unknown
|
United Kingdom
|
||
|
197.175.215.206
|
unknown
|
South Africa
|
||
|
148.150.66.156
|
unknown
|
United States
|
||
|
147.137.52.31
|
unknown
|
United States
|
||
|
73.21.179.160
|
unknown
|
United States
|
||
|
63.199.153.54
|
unknown
|
United States
|
||
|
116.8.184.202
|
unknown
|
China
|
||
|
92.175.97.230
|
unknown
|
France
|
||
|
148.120.207.154
|
unknown
|
Norway
|
||
|
44.111.81.163
|
unknown
|
United States
|
||
|
91.227.188.16
|
unknown
|
Russian Federation
|
||
|
143.248.128.229
|
unknown
|
Korea Republic of
|
||
|
162.133.201.146
|
unknown
|
United States
|
||
|
207.26.39.241
|
unknown
|
United States
|
||
|
95.55.215.53
|
unknown
|
Russian Federation
|
||
|
32.120.85.129
|
unknown
|
United States
|
||
|
161.209.231.221
|
unknown
|
United States
|
||
|
67.107.25.112
|
unknown
|
United States
|
||
|
114.215.150.98
|
unknown
|
China
|
||
|
174.34.117.8
|
unknown
|
United States
|
||
|
71.119.151.194
|
unknown
|
United States
|
||
|
88.132.148.79
|
unknown
|
Hungary
|
||
|
149.74.18.35
|
unknown
|
United States
|
||
|
24.76.212.86
|
unknown
|
Canada
|
||
|
203.145.104.248
|
unknown
|
Japan
|
||
|
222.116.158.139
|
unknown
|
Korea Republic of
|
||
|
41.159.239.185
|
unknown
|
Gabon
|
||
|
62.192.73.173
|
unknown
|
Netherlands
|
||
|
101.134.6.245
|
unknown
|
China
|
||
|
94.65.203.202
|
unknown
|
Greece
|
||
|
103.6.198.217
|
unknown
|
Malaysia
|
||
|
189.186.3.110
|
unknown
|
Mexico
|
||
|
99.73.102.72
|
unknown
|
United States
|
||
|
151.240.16.181
|
unknown
|
Iran (ISLAMIC Republic Of)
|
||
|
209.246.21.234
|
unknown
|
United States
|
||
|
107.77.169.67
|
unknown
|
United States
|
||
|
116.188.172.132
|
unknown
|
China
|
||
|
85.187.214.253
|
unknown
|
Bulgaria
|
||
|
208.192.162.43
|
unknown
|
United States
|
||
|
97.240.224.6
|
unknown
|
United States
|
||
|
43.193.194.147
|
unknown
|
Japan
|
||
|
206.91.211.181
|
unknown
|
United States
|
||
|
209.199.160.59
|
unknown
|
United States
|
||
|
63.110.206.131
|
unknown
|
United States
|
||
|
46.12.147.93
|
unknown
|
Greece
|
||
|
37.246.133.17
|
unknown
|
Moldova Republic of
|
||
|
36.63.136.157
|
unknown
|
China
|
||
|
1.208.186.85
|
unknown
|
Korea Republic of
|
||
|
1.79.242.52
|
unknown
|
Japan
|
||
|
220.107.236.139
|
unknown
|
Japan
|
||
|
44.10.72.133
|
unknown
|
United States
|
||
|
103.85.139.164
|
unknown
|
China
|
||
|
141.233.155.22
|
unknown
|
United States
|
||
|
45.132.115.131
|
unknown
|
Netherlands
|
||
|
117.162.32.76
|
unknown
|
China
|
||
|
211.138.229.105
|
unknown
|
China
|
||
|
174.245.42.124
|
unknown
|
United States
|
||
|
170.247.211.250
|
unknown
|
Brazil
|
||
|
4.114.178.4
|
unknown
|
United States
|
||
|
179.39.215.8
|
unknown
|
Argentina
|
||
|
95.16.70.8
|
unknown
|
Spain
|
||
|
165.145.48.2
|
unknown
|
South Africa
|
||
|
157.40.207.134
|
unknown
|
India
|
||
|
168.111.24.158
|
unknown
|
United States
|
||
|
160.81.34.97
|
unknown
|
United States
|
||
|
113.30.22.9
|
unknown
|
Korea Republic of
|
||
|
223.178.195.72
|
unknown
|
India
|
||
|
166.98.219.27
|
unknown
|
United States
|
||
|
153.118.20.101
|
unknown
|
China
|
||
|
193.88.59.156
|
unknown
|
Denmark
|
||
|
217.4.37.228
|
unknown
|
Germany
|
||
|
58.209.233.170
|
unknown
|
China
|
||
|
162.119.67.199
|
unknown
|
United States
|
||
|
200.74.21.215
|
unknown
|
Chile
|
||
|
120.224.137.140
|
unknown
|
China
|
||
|
205.180.168.102
|
unknown
|
United States
|
||
|
40.62.111.153
|
unknown
|
United States
|
||
|
36.68.129.6
|
unknown
|
Indonesia
|
||
|
202.224.194.246
|
unknown
|
Japan
|
||
|
18.43.147.123
|
unknown
|
United States
|
||
|
145.71.37.225
|
unknown
|
Netherlands
|
||
|
13.44.198.176
|
unknown
|
United States
|
There are 90 hidden IPs, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
7f4ae402f000
|
page execute read
|
 |
||
|
7f4ae402f000
|
page execute read
|
|
||
|
7f4ae402f000
|
page execute read
|
|
||
|
7f4be92e2000
|
page read and write
|
|||
|
564d29370000
|
page execute and read and write
|
|||
|
564d29387000
|
page read and write
|
|||
|
7f4be962d000
|
page read and write
|
|||
|
7f4be97a3000
|
page read and write
|
|||
|
7f4be4000000
|
page read and write
|
|||
|
7f4be8efb000
|
page read and write
|
|||
|
7f4be92bd000
|
page read and write
|
|||
|
7f4ae4044000
|
page read and write
|
|||
|
7f4be97a3000
|
page read and write
|
|||
|
7f4be8c5e000
|
page read and write
|
|||
|
564d27372000
|
page read and write
|
|||
|
564d2b064000
|
page read and write
|
|||
|
564d2b064000
|
page read and write
|
|||
|
7f4be975e000
|
page read and write
|
|||
|
564d2713b000
|
page execute read
|
|||
|
7f4be97a3000
|
page read and write
|
|||
|
7fffbe687000
|
page read and write
|
|||
|
564d27369000
|
page read and write
|
|||
|
564d2b064000
|
page read and write
|
|||
|
7f4be92e2000
|
page read and write
|
|||
|
7f4ae403f000
|
page read and write
|
|||
|
7f4be4021000
|
page read and write
|
|||
|
7f4ae403f000
|
page read and write
|
|||
|
564d27369000
|
page read and write
|
|||
|
7f4be9756000
|
page read and write
|
|||
|
564d27372000
|
page read and write
|
|||
|
7f4be975e000
|
page read and write
|
|||
|
7f4be845b000
|
page read and write
|
|||
|
7f4be92bd000
|
page read and write
|
|||
|
7f4be8c6c000
|
page read and write
|
|||
|
7f4be8c5e000
|
page read and write
|
|||
|
7fffbe7db000
|
page execute read
|
|||
|
7f4ae404e000
|
page read and write
|
|||
|
564d29370000
|
page execute and read and write
|
|||
|
7f4be8c6c000
|
page read and write
|
|||
|
564d29387000
|
page read and write
|
|||
|
564d29370000
|
page execute and read and write
|
|||
|
7fffbe7db000
|
page execute read
|
|||
|
7f4ae4042000
|
page read and write
|
|||
|
7f4be845b000
|
page read and write
|
|||
|
7f4be962d000
|
page read and write
|
|||
|
564d2713b000
|
page execute read
|
|||
|
564d27372000
|
page read and write
|
|||
|
7f4ae4042000
|
page read and write
|
|||
|
564d29387000
|
page read and write
|
|||
|
7f4be9756000
|
page read and write
|
|||
|
7f4be4000000
|
page read and write
|
|||
|
7f4be845b000
|
page read and write
|
|||
|
7fffbe687000
|
page read and write
|
|||
|
7f4be9756000
|
page read and write
|
|||
|
7f4be4021000
|
page read and write
|
|||
|
7fffbe7db000
|
page execute read
|
|||
|
7fffbe687000
|
page read and write
|
|||
|
7f4be4021000
|
page read and write
|
|||
|
7f4ae403f000
|
page read and write
|
|||
|
7f4be92e2000
|
page read and write
|
|||
|
7f4be8c6c000
|
page read and write
|
|||
|
7f4be92bd000
|
page read and write
|
|||
|
7f4be4000000
|
page read and write
|
|||
|
7f4be975e000
|
page read and write
|
|||
|
564d2713b000
|
page execute read
|
|||
|
7f4be8efb000
|
page read and write
|
|||
|
7f4be962d000
|
page read and write
|
|||
|
7f4ae4042000
|
page read and write
|
|||
|
7f4be8efb000
|
page read and write
|
|||
|
564d27369000
|
page read and write
|
|||
|
7f4be8c5e000
|
page read and write
|
There are 61 hidden memdumps, click here to show them.