Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
/usr/bin/dash
|
-
|
||
|
/usr/bin/rm
|
rm -f /tmp/tmp.6H7I0iaIFI /tmp/tmp.cvE0P4snFx /tmp/tmp.B7wEQI0wtu
|
||
|
/usr/bin/dash
|
-
|
||
|
/usr/bin/rm
|
rm -f /tmp/tmp.6H7I0iaIFI /tmp/tmp.cvE0P4snFx /tmp/tmp.B7wEQI0wtu
|
||
|
/tmp/GbY7rLP11G.elf
|
/tmp/GbY7rLP11G.elf
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://upx.sf.net
|
unknown
|
 |
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
109.202.202.202
|
unknown
|
Switzerland
|
||
|
91.189.91.43
|
unknown
|
United Kingdom
|
||
|
91.189.91.42
|
unknown
|
United Kingdom
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
7f814c01e000
|
page execute read
|
|||
|
7f824c021000
|
page read and write
|
|||
|
55738b7e1000
|
page execute read
|
|||
|
55738ba32000
|
page read and write
|
|||
|
7f82523eb000
|
page read and write
|
|||
|
7ffeeffb8000
|
page read and write
|
|||
|
7f82538f1000
|
page read and write
|
|||
|
7f814c030000
|
page read and write
|
|||
|
7f8252bf3000
|
page read and write
|
|||
|
7f8252fe7000
|
page read and write
|
|||
|
7f824b7fe000
|
page read and write
|
|||
|
7f8253275000
|
page read and write
|
|||
|
7f82535c3000
|
page read and write
|
|||
|
55738f33a000
|
page read and write
|
|||
|
7ffeeffd4000
|
page execute read
|
|||
|
55738da50000
|
page read and write
|
|||
|
7f824bfff000
|
page read and write
|
|||
|
7f8253252000
|
page read and write
|
|||
|
7f82537a4000
|
page read and write
|
|||
|
7f8252c85000
|
page read and write
|
|||
|
55738da39000
|
page execute and read and write
|
|||
|
7f8253936000
|
page read and write
|
|||
|
7f82533e1000
|
page read and write
|
|||
|
7f82538cd000
|
page read and write
|
|||
|
55738ba3b000
|
page read and write
|
There are 15 hidden memdumps, click here to show them.