Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
/tmp/RjeN8EvCIF.elf
|
/tmp/RjeN8EvCIF.elf
|
||
|
/tmp/RjeN8EvCIF.elf
|
-
|
||
|
/tmp/RjeN8EvCIF.elf
|
-
|
||
|
/tmp/RjeN8EvCIF.elf
|
-
|
||
|
/tmp/RjeN8EvCIF.elf
|
-
|
||
|
/usr/bin/xfce4-panel
|
-
|
||
|
/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0
|
/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 /usr/lib/x86_64-linux-gnu/xfce4/panel/plugins/libsystray.so 6 12582920 systray
"Notification Area" "Area where notification icons appear"
|
||
|
/usr/bin/xfce4-panel
|
-
|
||
|
/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0
|
/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 /usr/lib/x86_64-linux-gnu/xfce4/panel/plugins/libstatusnotifier.so 7 12582921
statusnotifier "Status Notifier Plugin" "Provides a panel area for status notifier items (application indicators)"
|
||
|
/usr/bin/xfce4-panel
|
-
|
||
|
/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0
|
/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 /usr/lib/x86_64-linux-gnu/xfce4/panel/plugins/libpulseaudio-plugin.so 8
12582922 pulseaudio "PulseAudio Plugin" "Adjust the audio volume of the PulseAudio sound system"
|
||
|
/usr/bin/xfce4-panel
|
-
|
||
|
/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0
|
/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 /usr/lib/x86_64-linux-gnu/xfce4/panel/plugins/libxfce4powermanager.so 9
12582923 power-manager-plugin "Power Manager Plugin" "Display the battery levels of your devices and control the brightness
of your display"
|
||
|
/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0
|
-
|
||
|
/usr/sbin/xfpm-power-backlight-helper
|
/usr/sbin/xfpm-power-backlight-helper --get-max-brightness
|
||
|
/usr/bin/xfce4-panel
|
-
|
||
|
/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0
|
/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 /usr/lib/x86_64-linux-gnu/xfce4/panel/plugins/libnotification-plugin.so
10 12582924 notification-plugin "Notification Plugin" "Notification plugin for the Xfce panel"
|
||
|
/usr/bin/xfce4-panel
|
-
|
||
|
/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0
|
/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 /usr/lib/x86_64-linux-gnu/xfce4/panel/plugins/libactions.so 14 12582925
actions "Action Buttons" "Log out, lock or other system actions"
|
||
|
/usr/bin/dbus-daemon
|
-
|
||
|
/usr/lib/x86_64-linux-gnu/xfce4/xfconf/xfconfd
|
/usr/lib/x86_64-linux-gnu/xfce4/xfconf/xfconfd
|
There are 11 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://scan.chromies.cf/9x83HE5AFD/arm7.jade
|
unknown
|
||
|
http://schemas.xmlsoap.org/soap/encoding/
|
unknown
|
||
|
http://schemas.xmlsoap.org/soap/envelope/
|
unknown
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
cnc.chromies.cf
|
5.181.156.131
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
61.217.208.168
|
unknown
|
Taiwan; Republic of China (ROC)
|
||
|
190.198.131.121
|
unknown
|
Venezuela
|
||
|
94.24.183.152
|
unknown
|
Russian Federation
|
||
|
24.24.87.141
|
unknown
|
United States
|
||
|
88.244.161.224
|
unknown
|
Turkey
|
||
|
2.247.18.29
|
unknown
|
Germany
|
||
|
190.20.213.10
|
unknown
|
Chile
|
||
|
85.93.84.168
|
unknown
|
Germany
|
||
|
61.107.183.12
|
unknown
|
Korea Republic of
|
||
|
213.65.26.92
|
unknown
|
Sweden
|
||
|
85.160.108.146
|
unknown
|
Czech Republic
|
||
|
24.90.23.153
|
unknown
|
United States
|
||
|
213.92.116.120
|
unknown
|
Italy
|
||
|
85.149.45.150
|
unknown
|
Netherlands
|
||
|
61.75.63.250
|
unknown
|
Korea Republic of
|
||
|
190.208.104.252
|
unknown
|
Chile
|
||
|
213.249.153.175
|
unknown
|
United Kingdom
|
||
|
61.35.213.227
|
unknown
|
Korea Republic of
|
||
|
88.25.183.29
|
unknown
|
Spain
|
||
|
94.170.181.160
|
unknown
|
Netherlands
|
||
|
190.26.43.107
|
unknown
|
Colombia
|
||
|
2.41.155.108
|
unknown
|
Italy
|
||
|
213.106.196.108
|
unknown
|
United Kingdom
|
||
|
24.193.139.222
|
unknown
|
United States
|
||
|
94.122.118.85
|
unknown
|
Turkey
|
||
|
94.178.250.169
|
unknown
|
Ukraine
|
||
|
61.138.32.13
|
unknown
|
China
|
||
|
61.137.5.1
|
unknown
|
China
|
||
|
213.113.97.40
|
unknown
|
Sweden
|
||
|
85.56.234.207
|
unknown
|
Spain
|
||
|
117.58.119.99
|
unknown
|
China
|
||
|
94.100.72.105
|
unknown
|
Germany
|
||
|
117.40.39.49
|
unknown
|
China
|
||
|
190.223.176.174
|
unknown
|
Peru
|
||
|
24.123.18.137
|
unknown
|
United States
|
||
|
61.172.150.92
|
unknown
|
China
|
||
|
2.43.246.202
|
unknown
|
Italy
|
||
|
88.182.56.37
|
unknown
|
France
|
||
|
94.64.44.99
|
unknown
|
Greece
|
||
|
61.100.72.150
|
unknown
|
Korea Republic of
|
||
|
94.35.200.81
|
unknown
|
Italy
|
||
|
213.181.23.14
|
unknown
|
Russian Federation
|
||
|
2.250.87.246
|
unknown
|
Sweden
|
||
|
85.164.56.9
|
unknown
|
Norway
|
||
|
85.182.227.84
|
unknown
|
Germany
|
||
|
88.18.1.194
|
unknown
|
Spain
|
||
|
88.213.59.221
|
unknown
|
Saudi Arabia
|
||
|
213.144.252.58
|
unknown
|
Netherlands
|
||
|
213.231.234.210
|
unknown
|
Poland
|
||
|
24.200.111.200
|
unknown
|
Canada
|
||
|
117.91.212.202
|
unknown
|
China
|
||
|
2.219.13.137
|
unknown
|
United Kingdom
|
||
|
190.88.108.42
|
unknown
|
Curacao
|
||
|
190.251.83.241
|
unknown
|
Colombia
|
||
|
94.220.78.188
|
unknown
|
Germany
|
||
|
88.149.39.151
|
unknown
|
Iceland
|
||
|
213.50.24.148
|
unknown
|
Sweden
|
||
|
88.117.234.161
|
unknown
|
Austria
|
||
|
213.116.155.32
|
unknown
|
European Union
|
||
|
2.222.114.197
|
unknown
|
United Kingdom
|
||
|
88.206.84.185
|
unknown
|
Russian Federation
|
||
|
24.21.174.31
|
unknown
|
United States
|
||
|
213.110.50.40
|
unknown
|
Russian Federation
|
||
|
94.176.13.45
|
unknown
|
Iran (ISLAMIC Republic Of)
|
||
|
88.91.218.13
|
unknown
|
Norway
|
||
|
24.148.143.214
|
unknown
|
United States
|
||
|
213.17.152.205
|
unknown
|
Poland
|
||
|
85.115.143.224
|
unknown
|
Gibraltar
|
||
|
213.145.226.185
|
unknown
|
Austria
|
||
|
61.2.114.5
|
unknown
|
India
|
||
|
24.3.64.41
|
unknown
|
United States
|
||
|
2.34.179.124
|
unknown
|
Italy
|
||
|
117.240.18.116
|
unknown
|
India
|
||
|
94.114.203.247
|
unknown
|
Germany
|
||
|
88.117.155.171
|
unknown
|
Austria
|
||
|
2.125.139.77
|
unknown
|
United Kingdom
|
||
|
24.83.40.55
|
unknown
|
Canada
|
||
|
2.174.1.103
|
unknown
|
Germany
|
||
|
88.211.50.159
|
unknown
|
United Kingdom
|
||
|
213.191.169.184
|
unknown
|
Bulgaria
|
||
|
2.121.243.50
|
unknown
|
United Kingdom
|
||
|
24.231.144.52
|
unknown
|
United States
|
||
|
190.241.241.39
|
unknown
|
Costa Rica
|
||
|
88.30.5.72
|
unknown
|
Spain
|
||
|
88.6.158.229
|
unknown
|
Spain
|
||
|
61.177.181.231
|
unknown
|
China
|
||
|
85.183.190.202
|
unknown
|
Germany
|
||
|
94.19.11.122
|
unknown
|
Russian Federation
|
||
|
24.68.238.154
|
unknown
|
Canada
|
||
|
24.108.3.92
|
unknown
|
Canada
|
||
|
2.99.61.41
|
unknown
|
United Kingdom
|
||
|
61.176.151.235
|
unknown
|
China
|
||
|
24.222.143.167
|
unknown
|
Canada
|
||
|
117.21.79.247
|
unknown
|
China
|
||
|
85.170.100.102
|
unknown
|
France
|
||
|
88.18.157.93
|
unknown
|
Spain
|
||
|
117.246.249.248
|
unknown
|
India
|
||
|
85.204.194.61
|
unknown
|
Denmark
|
||
|
190.13.134.45
|
unknown
|
Chile
|
||
|
2.140.120.190
|
unknown
|
Spain
|
There are 90 hidden IPs, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
7f6398423000
|
page execute read
|
 |
||
|
7f6398423000
|
page execute read
|
|
||
|
7f6398423000
|
page execute read
|
|
||
|
7f641f1e2000
|
page read and write
|
|||
|
55949c1e7000
|
page execute and read and write
|
|||
|
7f641ee8b000
|
page read and write
|
|||
|
55949e0e2000
|
page read and write
|
|||
|
7f641f195000
|
page read and write
|
|||
|
7fffa33c5000
|
page execute read
|
|||
|
7f641ee8b000
|
page read and write
|
|||
|
559499f57000
|
page execute read
|
|||
|
7f6418021000
|
page read and write
|
|||
|
55949c1e7000
|
page execute and read and write
|
|||
|
7f641eb3d000
|
page read and write
|
|||
|
7f641f06c000
|
page read and write
|
|||
|
7f6418021000
|
page read and write
|
|||
|
55949a1df000
|
page read and write
|
|||
|
7f641eb1a000
|
page read and write
|
|||
|
7f6398468000
|
page read and write
|
|||
|
7f641ee8b000
|
page read and write
|
|||
|
55949c1e7000
|
page execute and read and write
|
|||
|
7fffa3366000
|
page read and write
|
|||
|
7f641eb5a000
|
page read and write
|
|||
|
7f6418021000
|
page read and write
|
|||
|
7f641e779000
|
page read and write
|
|||
|
55949a1e9000
|
page read and write
|
|||
|
7f641f1e2000
|
page read and write
|
|||
|
7f641eb3d000
|
page read and write
|
|||
|
7f641e4c9000
|
page read and write
|
|||
|
7f6398468000
|
page read and write
|
|||
|
55949a1df000
|
page read and write
|
|||
|
7fffa3366000
|
page read and write
|
|||
|
7f641f195000
|
page read and write
|
|||
|
55949c1fe000
|
page read and write
|
|||
|
7f6418000000
|
page read and write
|
|||
|
7f641f06c000
|
page read and write
|
|||
|
7f641e4c9000
|
page read and write
|
|||
|
7f641e4bb000
|
page read and write
|
|||
|
55949e0e2000
|
page read and write
|
|||
|
7f6398464000
|
page read and write
|
|||
|
7f641f1e2000
|
page read and write
|
|||
|
7f641eb5a000
|
page read and write
|
|||
|
7f641dcb3000
|
page read and write
|
|||
|
7f6398464000
|
page read and write
|
|||
|
55949a1df000
|
page read and write
|
|||
|
7f641eb1a000
|
page read and write
|
|||
|
7f641f06c000
|
page read and write
|
|||
|
7f6418000000
|
page read and write
|
|||
|
7fffa33c5000
|
page execute read
|
|||
|
7f641e4bb000
|
page read and write
|
|||
|
55949a1e9000
|
page read and write
|
|||
|
7f641dcb3000
|
page read and write
|
|||
|
7f641f19d000
|
page read and write
|
|||
|
7f641eb1a000
|
page read and write
|
|||
|
7fffa3366000
|
page read and write
|
|||
|
7f641e779000
|
page read and write
|
|||
|
55949a1e9000
|
page read and write
|
|||
|
7f641e4bb000
|
page read and write
|
|||
|
559499f57000
|
page execute read
|
|||
|
7f6418000000
|
page read and write
|
|||
|
7f641e4c9000
|
page read and write
|
|||
|
7f641dcb3000
|
page read and write
|
|||
|
55949c1fe000
|
page read and write
|
|||
|
7f641eb5a000
|
page read and write
|
|||
|
7f639846a000
|
page read and write
|
|||
|
7f641f19d000
|
page read and write
|
|||
|
7fffa33c5000
|
page execute read
|
|||
|
7f6398493000
|
page read and write
|
|||
|
7f6398464000
|
page read and write
|
|||
|
55949e0e2000
|
page read and write
|
|||
|
559499f57000
|
page execute read
|
|||
|
7f641f195000
|
page read and write
|
|||
|
7f641eb3d000
|
page read and write
|
|||
|
55949c1fe000
|
page read and write
|
|||
|
7f6398468000
|
page read and write
|
|||
|
7f641e779000
|
page read and write
|
|||
|
7f641f19d000
|
page read and write
|
There are 67 hidden memdumps, click here to show them.