Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
/tmp/205.185.120.123-skid.x86-2024-07-27T10_33_39.elf
|
/tmp/205.185.120.123-skid.x86-2024-07-27T10_33_39.elf
|
||
|
/tmp/205.185.120.123-skid.x86-2024-07-27T10_33_39.elf
|
-
|
||
|
/bin/sh
|
sh -c "rm -rf bin/busybox && mkdir bin; >bin/busybox && mv /tmp/205.185.120.123-skid.x86-2024-07-27T10_33_39.elf bin/busybox;
chmod 777 bin/busybox"
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/rm
|
rm -rf bin/busybox
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/mkdir
|
mkdir bin
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/mv
|
mv /tmp/205.185.120.123-skid.x86-2024-07-27T10_33_39.elf bin/busybox
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/chmod
|
chmod 777 bin/busybox
|
||
|
/tmp/205.185.120.123-skid.x86-2024-07-27T10_33_39.elf
|
-
|
||
|
/tmp/205.185.120.123-skid.x86-2024-07-27T10_33_39.elf
|
-
|
||
|
/tmp/205.185.120.123-skid.x86-2024-07-27T10_33_39.elf
|
-
|
There are 4 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://schemas.xmlsoap.org/soap/encoding/
|
unknown
|
||
|
http://schemas.xmlsoap.org/soap/envelope/
|
unknown
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
cnc.gay
|
92.249.48.34
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
197.254.119.38
|
unknown
|
Kenya
|
 |
|
|
197.12.117.104
|
unknown
|
Tunisia
|
|
|
|
197.73.219.20
|
unknown
|
South Africa
|
||
|
217.211.238.98
|
unknown
|
Sweden
|
||
|
156.56.100.80
|
unknown
|
United States
|
||
|
197.59.230.18
|
unknown
|
Egypt
|
||
|
188.2.197.62
|
unknown
|
Serbia
|
||
|
197.221.180.253
|
unknown
|
South Africa
|
||
|
156.135.155.181
|
unknown
|
Switzerland
|
||
|
150.220.169.177
|
unknown
|
United States
|
||
|
194.25.68.36
|
unknown
|
Germany
|
||
|
41.44.181.28
|
unknown
|
Egypt
|
||
|
128.53.180.149
|
unknown
|
Japan
|
||
|
156.22.182.74
|
unknown
|
Australia
|
||
|
156.127.228.123
|
unknown
|
United States
|
||
|
156.197.159.146
|
unknown
|
Egypt
|
||
|
41.108.83.75
|
unknown
|
Algeria
|
||
|
116.246.233.167
|
unknown
|
China
|
||
|
77.180.5.162
|
unknown
|
Germany
|
||
|
156.234.199.244
|
unknown
|
Seychelles
|
||
|
197.221.180.241
|
unknown
|
South Africa
|
||
|
156.199.203.236
|
unknown
|
Egypt
|
||
|
156.141.254.119
|
unknown
|
United States
|
||
|
197.39.153.38
|
unknown
|
Egypt
|
||
|
206.162.114.210
|
unknown
|
United States
|
||
|
41.115.248.30
|
unknown
|
South Africa
|
||
|
143.93.54.149
|
unknown
|
Germany
|
||
|
41.228.223.104
|
unknown
|
Tunisia
|
||
|
156.158.248.186
|
unknown
|
Tanzania United Republic of
|
||
|
197.129.195.131
|
unknown
|
Morocco
|
||
|
197.73.219.208
|
unknown
|
South Africa
|
||
|
95.156.76.187
|
unknown
|
Russian Federation
|
||
|
156.253.67.13
|
unknown
|
Seychelles
|
||
|
17.58.253.241
|
unknown
|
United States
|
||
|
23.241.177.92
|
unknown
|
United States
|
||
|
120.61.210.125
|
unknown
|
India
|
||
|
192.20.144.76
|
unknown
|
United States
|
||
|
40.158.40.92
|
unknown
|
United States
|
||
|
41.133.87.44
|
unknown
|
South Africa
|
||
|
187.23.102.66
|
unknown
|
Brazil
|
||
|
156.55.64.36
|
unknown
|
United States
|
||
|
41.30.192.112
|
unknown
|
South Africa
|
||
|
197.213.165.212
|
unknown
|
Zambia
|
||
|
62.166.56.15
|
unknown
|
Belgium
|
||
|
197.57.40.45
|
unknown
|
Egypt
|
||
|
39.3.14.231
|
unknown
|
Japan
|
||
|
156.65.163.95
|
unknown
|
United States
|
||
|
197.202.157.201
|
unknown
|
Algeria
|
||
|
197.114.121.167
|
unknown
|
Algeria
|
||
|
41.59.48.93
|
unknown
|
Tanzania United Republic of
|
||
|
174.114.169.188
|
unknown
|
Canada
|
||
|
61.73.159.231
|
unknown
|
Korea Republic of
|
||
|
197.118.9.109
|
unknown
|
Algeria
|
||
|
100.188.132.78
|
unknown
|
United States
|
||
|
41.121.79.53
|
unknown
|
South Africa
|
||
|
41.110.52.220
|
unknown
|
Algeria
|
||
|
156.51.42.240
|
unknown
|
Sweden
|
||
|
109.44.93.147
|
unknown
|
Germany
|
||
|
168.149.243.154
|
unknown
|
United States
|
||
|
35.36.182.5
|
unknown
|
United States
|
||
|
41.108.247.88
|
unknown
|
Algeria
|
||
|
8.45.253.6
|
unknown
|
United States
|
||
|
156.132.102.78
|
unknown
|
United States
|
||
|
156.161.229.69
|
unknown
|
Egypt
|
||
|
177.245.37.148
|
unknown
|
Mexico
|
||
|
197.141.89.115
|
unknown
|
Algeria
|
||
|
41.145.255.135
|
unknown
|
South Africa
|
||
|
220.214.166.137
|
unknown
|
Japan
|
||
|
41.152.76.218
|
unknown
|
Egypt
|
||
|
156.42.234.42
|
unknown
|
United States
|
||
|
156.250.157.160
|
unknown
|
Seychelles
|
||
|
197.166.142.29
|
unknown
|
Egypt
|
||
|
202.72.65.89
|
unknown
|
Japan
|
||
|
197.128.32.83
|
unknown
|
Morocco
|
||
|
41.169.49.73
|
unknown
|
South Africa
|
||
|
156.134.140.88
|
unknown
|
United States
|
||
|
197.240.131.180
|
unknown
|
unknown
|
||
|
41.254.251.2
|
unknown
|
Libyan Arab Jamahiriya
|
||
|
223.88.197.19
|
unknown
|
China
|
||
|
197.179.230.89
|
unknown
|
Kenya
|
||
|
197.50.174.119
|
unknown
|
Egypt
|
||
|
156.230.19.138
|
unknown
|
Seychelles
|
||
|
156.158.201.155
|
unknown
|
Tanzania United Republic of
|
||
|
41.206.191.204
|
unknown
|
South Africa
|
||
|
41.138.189.20
|
unknown
|
Nigeria
|
||
|
41.85.112.56
|
unknown
|
South Africa
|
||
|
193.201.11.196
|
unknown
|
Germany
|
||
|
12.27.1.158
|
unknown
|
United States
|
||
|
223.126.165.5
|
unknown
|
China
|
||
|
206.113.96.200
|
unknown
|
United States
|
||
|
35.246.126.235
|
unknown
|
United States
|
||
|
41.228.168.99
|
unknown
|
Tunisia
|
||
|
197.202.79.116
|
unknown
|
Algeria
|
||
|
125.197.76.49
|
unknown
|
Japan
|
||
|
147.43.253.45
|
unknown
|
Korea Republic of
|
||
|
41.227.67.29
|
unknown
|
Tunisia
|
||
|
156.147.203.66
|
unknown
|
Korea Republic of
|
||
|
223.32.132.255
|
unknown
|
Korea Republic of
|
||
|
112.205.62.143
|
unknown
|
Philippines
|
||
|
197.82.0.21
|
unknown
|
South Africa
|
There are 90 hidden IPs, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
8058000
|
page execute read
|
|
||
|
805b000
|
page read and write
|
|||
|
f7fdf000
|
page execute read
|
|||
|
8059000
|
page read and write
|
|||
|
ff8ce000
|
page read and write
|
|||
|
8950000
|
page read and write
|