Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
/tmp/YEnJbXAPeu.elf
|
/tmp/YEnJbXAPeu.elf
|
||
|
/tmp/YEnJbXAPeu.elf
|
-
|
||
|
/tmp/YEnJbXAPeu.elf
|
-
|
||
|
/tmp/YEnJbXAPeu.elf
|
-
|
||
|
/tmp/YEnJbXAPeu.elf
|
-
|
||
|
/usr/bin/xfce4-panel
|
-
|
||
|
/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0
|
/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 /usr/lib/x86_64-linux-gnu/xfce4/panel/plugins/libsystray.so 6 12582920 systray
"Notification Area" "Area where notification icons appear"
|
||
|
/usr/bin/xfce4-panel
|
-
|
||
|
/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0
|
/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 /usr/lib/x86_64-linux-gnu/xfce4/panel/plugins/libstatusnotifier.so 7 12582921
statusnotifier "Status Notifier Plugin" "Provides a panel area for status notifier items (application indicators)"
|
||
|
/usr/bin/xfce4-panel
|
-
|
||
|
/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0
|
/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 /usr/lib/x86_64-linux-gnu/xfce4/panel/plugins/libpulseaudio-plugin.so 8
12582922 pulseaudio "PulseAudio Plugin" "Adjust the audio volume of the PulseAudio sound system"
|
||
|
/usr/bin/xfce4-panel
|
-
|
||
|
/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0
|
/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 /usr/lib/x86_64-linux-gnu/xfce4/panel/plugins/libxfce4powermanager.so 9
12582923 power-manager-plugin "Power Manager Plugin" "Display the battery levels of your devices and control the brightness
of your display"
|
||
|
/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0
|
-
|
||
|
/usr/sbin/xfpm-power-backlight-helper
|
/usr/sbin/xfpm-power-backlight-helper --get-max-brightness
|
||
|
/usr/bin/xfce4-panel
|
-
|
||
|
/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0
|
/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 /usr/lib/x86_64-linux-gnu/xfce4/panel/plugins/libnotification-plugin.so
10 12582924 notification-plugin "Notification Plugin" "Notification plugin for the Xfce panel"
|
||
|
/usr/bin/xfce4-panel
|
-
|
||
|
/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0
|
/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 /usr/lib/x86_64-linux-gnu/xfce4/panel/plugins/libactions.so 14 12582925
actions "Action Buttons" "Log out, lock or other system actions"
|
||
|
/usr/bin/dbus-daemon
|
-
|
||
|
/usr/lib/x86_64-linux-gnu/xfce4/xfconf/xfconfd
|
/usr/lib/x86_64-linux-gnu/xfce4/xfconf/xfconfd
|
There are 11 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://scan.chromies.cf/9x83HE5AFD/arm7.jade
|
unknown
|
||
|
http://schemas.xmlsoap.org/soap/encoding/
|
unknown
|
||
|
http://schemas.xmlsoap.org/soap/envelope/
|
unknown
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
cnc.chromies.cf
|
5.181.156.131
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
156.73.58.160
|
unknown
|
United States
|
 |
|
|
41.172.232.50
|
unknown
|
South Africa
|
||
|
156.57.244.138
|
unknown
|
Canada
|
||
|
41.137.215.212
|
unknown
|
Morocco
|
||
|
197.116.8.239
|
unknown
|
Algeria
|
||
|
156.56.110.229
|
unknown
|
United States
|
||
|
156.248.104.100
|
unknown
|
Seychelles
|
||
|
41.168.67.37
|
unknown
|
South Africa
|
||
|
197.85.138.194
|
unknown
|
South Africa
|
||
|
41.39.185.124
|
unknown
|
Egypt
|
||
|
41.170.77.148
|
unknown
|
South Africa
|
||
|
41.228.232.154
|
unknown
|
Tunisia
|
||
|
41.151.36.216
|
unknown
|
South Africa
|
||
|
197.66.244.148
|
unknown
|
South Africa
|
||
|
41.33.168.49
|
unknown
|
Egypt
|
||
|
197.23.213.146
|
unknown
|
Tunisia
|
||
|
41.177.231.153
|
unknown
|
South Africa
|
||
|
41.28.91.155
|
unknown
|
South Africa
|
||
|
41.103.245.141
|
unknown
|
Algeria
|
||
|
156.253.128.17
|
unknown
|
Seychelles
|
||
|
197.249.124.152
|
unknown
|
Mozambique
|
||
|
41.103.76.210
|
unknown
|
Algeria
|
||
|
156.105.73.70
|
unknown
|
United States
|
||
|
41.158.242.61
|
unknown
|
Gabon
|
||
|
156.153.195.183
|
unknown
|
United States
|
||
|
197.10.64.28
|
unknown
|
Tunisia
|
||
|
41.132.93.41
|
unknown
|
South Africa
|
||
|
41.76.254.5
|
unknown
|
Nigeria
|
||
|
41.191.112.207
|
unknown
|
unknown
|
||
|
41.65.244.193
|
unknown
|
Egypt
|
||
|
41.195.197.26
|
unknown
|
South Africa
|
||
|
41.76.234.146
|
unknown
|
unknown
|
||
|
41.208.142.56
|
unknown
|
Senegal
|
||
|
156.69.119.230
|
unknown
|
New Zealand
|
||
|
41.3.119.159
|
unknown
|
South Africa
|
||
|
156.105.17.214
|
unknown
|
United States
|
||
|
156.100.73.43
|
unknown
|
United States
|
||
|
197.205.95.161
|
unknown
|
Algeria
|
||
|
156.86.38.14
|
unknown
|
United States
|
||
|
156.199.32.9
|
unknown
|
Egypt
|
||
|
41.83.26.251
|
unknown
|
Senegal
|
||
|
156.87.225.131
|
unknown
|
United States
|
||
|
41.129.14.44
|
unknown
|
Egypt
|
||
|
41.15.24.219
|
unknown
|
South Africa
|
||
|
156.62.49.130
|
unknown
|
New Zealand
|
||
|
197.222.55.63
|
unknown
|
Egypt
|
||
|
41.156.166.63
|
unknown
|
South Africa
|
||
|
41.55.61.241
|
unknown
|
South Africa
|
||
|
197.105.164.171
|
unknown
|
South Africa
|
||
|
197.219.124.69
|
unknown
|
Mozambique
|
||
|
41.210.3.248
|
unknown
|
Ghana
|
||
|
197.239.159.207
|
unknown
|
South Africa
|
||
|
41.80.241.8
|
unknown
|
Kenya
|
||
|
41.65.125.56
|
unknown
|
Egypt
|
||
|
156.41.178.187
|
unknown
|
United States
|
||
|
41.103.206.248
|
unknown
|
Algeria
|
||
|
197.23.186.149
|
unknown
|
Tunisia
|
||
|
41.129.239.116
|
unknown
|
Egypt
|
||
|
41.139.222.43
|
unknown
|
Kenya
|
||
|
41.128.139.128
|
unknown
|
Egypt
|
||
|
156.199.67.83
|
unknown
|
Egypt
|
||
|
41.145.80.253
|
unknown
|
South Africa
|
||
|
41.182.199.80
|
unknown
|
Namibia
|
||
|
41.65.91.235
|
unknown
|
Egypt
|
||
|
197.211.92.105
|
unknown
|
South Africa
|
||
|
41.21.113.64
|
unknown
|
South Africa
|
||
|
41.217.82.108
|
unknown
|
Nigeria
|
||
|
156.105.36.80
|
unknown
|
United States
|
||
|
156.24.131.93
|
unknown
|
United States
|
||
|
197.222.44.208
|
unknown
|
Egypt
|
||
|
156.38.160.18
|
unknown
|
South Africa
|
||
|
41.70.146.191
|
unknown
|
Angola
|
||
|
197.184.64.6
|
unknown
|
South Africa
|
||
|
156.163.227.20
|
unknown
|
Egypt
|
||
|
156.199.105.56
|
unknown
|
Egypt
|
||
|
156.122.79.231
|
unknown
|
United States
|
||
|
197.10.162.11
|
unknown
|
Tunisia
|
||
|
156.154.228.64
|
unknown
|
United States
|
||
|
41.38.186.204
|
unknown
|
Egypt
|
||
|
41.247.202.59
|
unknown
|
South Africa
|
||
|
41.100.175.82
|
unknown
|
Algeria
|
||
|
156.88.151.236
|
unknown
|
United States
|
||
|
41.249.173.122
|
unknown
|
Morocco
|
||
|
41.13.79.59
|
unknown
|
South Africa
|
||
|
156.16.201.73
|
unknown
|
unknown
|
||
|
156.95.106.18
|
unknown
|
United States
|
||
|
41.7.248.36
|
unknown
|
South Africa
|
||
|
41.18.78.244
|
unknown
|
South Africa
|
||
|
197.95.232.68
|
unknown
|
South Africa
|
||
|
156.92.204.74
|
unknown
|
United States
|
||
|
41.90.219.176
|
unknown
|
Kenya
|
||
|
41.105.239.253
|
unknown
|
Algeria
|
||
|
197.107.127.5
|
unknown
|
South Africa
|
||
|
156.32.79.30
|
unknown
|
United States
|
||
|
197.166.165.193
|
unknown
|
Egypt
|
||
|
197.42.240.217
|
unknown
|
Egypt
|
||
|
41.66.77.194
|
unknown
|
South Africa
|
||
|
41.12.8.214
|
unknown
|
South Africa
|
||
|
41.68.219.170
|
unknown
|
Egypt
|
||
|
41.231.158.73
|
unknown
|
Tunisia
|
There are 90 hidden IPs, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
7fa508033000
|
page execute read
|
|
||
|
7fa508033000
|
page execute read
|
|
||
|
7fa508033000
|
page execute read
|
|
||
|
55c317dd7000
|
page execute and read and write
|
|||
|
7fa60f85f000
|
page read and write
|
|||
|
55c315b7f000
|
page execute read
|
|||
|
55c317dee000
|
page read and write
|
|||
|
7fa60f85f000
|
page read and write
|
|||
|
55c315dd9000
|
page read and write
|
|||
|
7fa60f85f000
|
page read and write
|
|||
|
7fa50803f000
|
page read and write
|
|||
|
7fa60f103000
|
page read and write
|
|||
|
7fa60e869000
|
page read and write
|
|||
|
7fa60fdb4000
|
page read and write
|
|||
|
7fa60f465000
|
page read and write
|
|||
|
7fa60e869000
|
page read and write
|
|||
|
7ffcc2a18000
|
page read and write
|
|||
|
55c315dd0000
|
page read and write
|
|||
|
7fa60f071000
|
page read and write
|
|||
|
7fa608021000
|
page read and write
|
|||
|
7ffcc2bce000
|
page execute read
|
|||
|
55c317dee000
|
page read and write
|
|||
|
7fa60f6d0000
|
page read and write
|
|||
|
55c315b7f000
|
page execute read
|
|||
|
7ffcc2bce000
|
page execute read
|
|||
|
7fa60f6f3000
|
page read and write
|
|||
|
55c315b7f000
|
page execute read
|
|||
|
7fa60fa41000
|
page read and write
|
|||
|
7fa608021000
|
page read and write
|
|||
|
7fa60f465000
|
page read and write
|
|||
|
7fa60f071000
|
page read and write
|
|||
|
55c315dd0000
|
page read and write
|
|||
|
7fa5080eb000
|
page read and write
|
|||
|
7fa608021000
|
page read and write
|
|||
|
55c317dee000
|
page read and write
|
|||
|
55c319eed000
|
page read and write
|
|||
|
7fa508041000
|
page read and write
|
|||
|
7fa50803f000
|
page read and write
|
|||
|
55c319eed000
|
page read and write
|
|||
|
7fa60fd4b000
|
page read and write
|
|||
|
55c315dd0000
|
page read and write
|
|||
|
7fa60fd4b000
|
page read and write
|
|||
|
55c319f0d000
|
page read and write
|
|||
|
7fa50803c000
|
page read and write
|
|||
|
55c315dd9000
|
page read and write
|
|||
|
7fa60fc22000
|
page read and write
|
|||
|
55c317dd7000
|
page execute and read and write
|
|||
|
7fa60f103000
|
page read and write
|
|||
|
7ffcc2a18000
|
page read and write
|
|||
|
7fa60fd6f000
|
page read and write
|
|||
|
7fa50803f000
|
page read and write
|
|||
|
7ffcc2a18000
|
page read and write
|
|||
|
7fa607fff000
|
page read and write
|
|||
|
7fa60fc22000
|
page read and write
|
|||
|
7fa60f6d0000
|
page read and write
|
|||
|
7fa60fdb4000
|
page read and write
|
|||
|
55c315dd9000
|
page read and write
|
|||
|
7fa60f6d0000
|
page read and write
|
|||
|
7fa60fa41000
|
page read and write
|
|||
|
7fa60f465000
|
page read and write
|
|||
|
7fa50803c000
|
page read and write
|
|||
|
7fa60fdb4000
|
page read and write
|
|||
|
55c319eed000
|
page read and write
|
|||
|
7fa607fff000
|
page read and write
|
|||
|
7fa60fc22000
|
page read and write
|
|||
|
7fa60e869000
|
page read and write
|
|||
|
7fa60fa41000
|
page read and write
|
|||
|
7fa60f071000
|
page read and write
|
|||
|
7ffcc2bce000
|
page execute read
|
|||
|
7fa60f6f3000
|
page read and write
|
|||
|
55c317dd7000
|
page execute and read and write
|
|||
|
7fa60f103000
|
page read and write
|
|||
|
7fa607fff000
|
page read and write
|
|||
|
7fa60fd6f000
|
page read and write
|
|||
|
7fa60fd4b000
|
page read and write
|
|||
|
7fa50803c000
|
page read and write
|
|||
|
7fa60f6f3000
|
page read and write
|
|||
|
7fa60fd6f000
|
page read and write
|
There are 68 hidden memdumps, click here to show them.