Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
/usr/bin/dash
|
-
|
||
|
/usr/bin/rm
|
rm -f /tmp/tmp.uxGVCf1ieD /tmp/tmp.BcFYK5GTyY /tmp/tmp.r6SilTGQD0
|
||
|
/usr/bin/dash
|
-
|
||
|
/usr/bin/rm
|
rm -f /tmp/tmp.uxGVCf1ieD /tmp/tmp.BcFYK5GTyY /tmp/tmp.r6SilTGQD0
|
||
|
/tmp/oTkRt5RqnR.elf
|
/tmp/oTkRt5RqnR.elf
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
daisy.ubuntu.com
|
162.213.35.24
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
7faae042a000
|
page execute read
|
 |
||
|
7fab64dc1000
|
page read and write
|
|||
|
564b97769000
|
page read and write
|
|||
|
7fab65972000
|
page read and write
|
|||
|
7fab65443000
|
page read and write
|
|||
|
7fab65420000
|
page read and write
|
|||
|
564b99788000
|
page read and write
|
|||
|
564b99771000
|
page execute and read and write
|
|||
|
7fab65a9b000
|
page read and write
|
|||
|
7fab65aa3000
|
page read and write
|
|||
|
7fab65460000
|
page read and write
|
|||
|
564b9a187000
|
page read and write
|
|||
|
7fab64dcf000
|
page read and write
|
|||
|
7fab6507f000
|
page read and write
|
|||
|
7fab645b9000
|
page read and write
|
|||
|
7fab65ae8000
|
page read and write
|
|||
|
564b97773000
|
page read and write
|
|||
|
7fff92bb8000
|
page execute read
|
|||
|
7faae046f000
|
page read and write
|
|||
|
7fab65791000
|
page read and write
|
|||
|
564b974e1000
|
page execute read
|
|||
|
7fab60021000
|
page read and write
|
|||
|
7fff92b76000
|
page read and write
|
|||
|
7fab60000000
|
page read and write
|
There are 14 hidden memdumps, click here to show them.