Processes
Path
|
Cmdline
|
Malicious
|
|
---|---|---|---|
/usr/bin/dash
|
-
|
||
/usr/bin/rm
|
rm -f /tmp/tmp.2mTlcPBJjk /tmp/tmp.nuGrOYCp1R /tmp/tmp.TRM9LkJZVG
|
||
/usr/bin/dash
|
-
|
||
/usr/bin/rm
|
rm -f /tmp/tmp.2mTlcPBJjk /tmp/tmp.nuGrOYCp1R /tmp/tmp.TRM9LkJZVG
|
||
/tmp/X1lngf4tz7.elf
|
/tmp/X1lngf4tz7.elf
|
Domains
Name
|
IP
|
Malicious
|
|
---|---|---|---|
daisy.ubuntu.com
|
162.213.35.24
|
Memdumps
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
---|---|---|---|---|
7faa8c036000
|
page execute read
|
|||
7fab93eb3000
|
page read and write
|
|||
7faa8c04f000
|
page read and write
|
|||
7fab93cd1000
|
page read and write
|
|||
56094c129000
|
page read and write
|
|||
7ffe747df000
|
page execute read
|
|||
56094becf000
|
page execute read
|
|||
7fab92cdb000
|
page read and write
|
|||
56094e13e000
|
page read and write
|
|||
7faa8c042000
|
page read and write
|
|||
7fab93b65000
|
page read and write
|
|||
7ffe74780000
|
page read and write
|
|||
7fab941e1000
|
page read and write
|
|||
560950193000
|
page read and write
|
|||
56094e127000
|
page execute and read and write
|
|||
56094c120000
|
page read and write
|
|||
7fab934e3000
|
page read and write
|
|||
7fab941bd000
|
page read and write
|
|||
7fab8bfff000
|
page read and write
|
|||
7fab94226000
|
page read and write
|
|||
7fab93b42000
|
page read and write
|
|||
7fab938d7000
|
page read and write
|
|||
7fab93575000
|
page read and write
|
|||
7fab94094000
|
page read and write
|
|||
7fab8c021000
|
page read and write
|
There are 15 hidden memdumps, click here to show them.