Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
/tmp/205.185.120.123-skid.x86_64-2024-07-27T10_33_39.elf
|
/tmp/205.185.120.123-skid.x86_64-2024-07-27T10_33_39.elf
|
||
|
/tmp/205.185.120.123-skid.x86_64-2024-07-27T10_33_39.elf
|
-
|
||
|
/bin/sh
|
sh -c "rm -rf bin/systemd && mkdir bin; >bin/systemd && mv /tmp/205.185.120.123-skid.x86_64-2024-07-27T10_33_39.elf bin/systemd;
chmod 777 bin/systemd"
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/rm
|
rm -rf bin/systemd
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/mkdir
|
mkdir bin
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/mv
|
mv /tmp/205.185.120.123-skid.x86_64-2024-07-27T10_33_39.elf bin/systemd
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/chmod
|
chmod 777 bin/systemd
|
||
|
/tmp/205.185.120.123-skid.x86_64-2024-07-27T10_33_39.elf
|
-
|
||
|
/tmp/205.185.120.123-skid.x86_64-2024-07-27T10_33_39.elf
|
-
|
||
|
/tmp/205.185.120.123-skid.x86_64-2024-07-27T10_33_39.elf
|
-
|
There are 4 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://schemas.xmlsoap.org/soap/encoding/
|
unknown
|
||
|
http://schemas.xmlsoap.org/soap/envelope/
|
unknown
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
cnc.gay
|
92.249.48.34
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
41.220.60.220
|
unknown
|
unknown
|
 |
|
|
41.245.154.127
|
unknown
|
Nigeria
|
|
|
|
41.65.235.149
|
unknown
|
Egypt
|
|
|
|
41.145.255.177
|
unknown
|
South Africa
|
||
|
156.130.158.121
|
unknown
|
United States
|
||
|
41.114.147.144
|
unknown
|
South Africa
|
||
|
156.99.129.73
|
unknown
|
United States
|
||
|
41.122.47.175
|
unknown
|
South Africa
|
||
|
197.129.147.201
|
unknown
|
Morocco
|
||
|
41.68.96.133
|
unknown
|
Egypt
|
||
|
156.241.35.59
|
unknown
|
Seychelles
|
||
|
41.195.197.48
|
unknown
|
South Africa
|
||
|
41.3.151.122
|
unknown
|
South Africa
|
||
|
186.178.176.171
|
unknown
|
Ecuador
|
||
|
101.6.166.21
|
unknown
|
China
|
||
|
197.173.155.54
|
unknown
|
South Africa
|
||
|
156.91.128.201
|
unknown
|
United States
|
||
|
197.187.29.137
|
unknown
|
Tanzania United Republic of
|
||
|
197.177.40.144
|
unknown
|
Kenya
|
||
|
197.214.107.220
|
unknown
|
Nigeria
|
||
|
156.176.96.211
|
unknown
|
Egypt
|
||
|
196.166.66.31
|
unknown
|
South Africa
|
||
|
41.152.155.76
|
unknown
|
Egypt
|
||
|
138.32.228.243
|
unknown
|
United States
|
||
|
219.229.222.119
|
unknown
|
China
|
||
|
197.159.177.44
|
unknown
|
Sao Tome and Principe
|
||
|
197.211.114.14
|
unknown
|
Malawi
|
||
|
41.44.156.69
|
unknown
|
Egypt
|
||
|
197.106.106.154
|
unknown
|
South Africa
|
||
|
41.239.38.19
|
unknown
|
Egypt
|
||
|
154.160.107.207
|
unknown
|
Ghana
|
||
|
12.79.208.7
|
unknown
|
United States
|
||
|
156.89.9.161
|
unknown
|
United States
|
||
|
41.21.187.206
|
unknown
|
South Africa
|
||
|
41.65.235.158
|
unknown
|
Egypt
|
||
|
41.62.154.169
|
unknown
|
unknown
|
||
|
156.70.114.23
|
unknown
|
United States
|
||
|
197.102.171.170
|
unknown
|
South Africa
|
||
|
90.61.165.83
|
unknown
|
France
|
||
|
213.74.160.75
|
unknown
|
Turkey
|
||
|
41.145.207.241
|
unknown
|
South Africa
|
||
|
158.198.222.90
|
unknown
|
Japan
|
||
|
197.25.176.195
|
unknown
|
Tunisia
|
||
|
197.122.183.174
|
unknown
|
Egypt
|
||
|
120.97.103.29
|
unknown
|
Taiwan; Republic of China (ROC)
|
||
|
156.99.130.95
|
unknown
|
United States
|
||
|
156.195.49.23
|
unknown
|
Egypt
|
||
|
156.56.100.94
|
unknown
|
United States
|
||
|
156.220.30.171
|
unknown
|
Egypt
|
||
|
156.158.196.205
|
unknown
|
Tanzania United Republic of
|
||
|
156.168.70.5
|
unknown
|
Egypt
|
||
|
197.46.129.95
|
unknown
|
Egypt
|
||
|
197.158.204.204
|
unknown
|
Seychelles
|
||
|
197.193.220.64
|
unknown
|
Egypt
|
||
|
197.62.124.113
|
unknown
|
Egypt
|
||
|
37.182.107.105
|
unknown
|
Italy
|
||
|
207.198.229.29
|
unknown
|
United States
|
||
|
32.23.213.158
|
unknown
|
United States
|
||
|
197.187.29.144
|
unknown
|
Tanzania United Republic of
|
||
|
197.69.11.71
|
unknown
|
South Africa
|
||
|
41.71.246.149
|
unknown
|
Nigeria
|
||
|
41.108.223.51
|
unknown
|
Algeria
|
||
|
41.21.140.227
|
unknown
|
South Africa
|
||
|
200.214.152.214
|
unknown
|
Brazil
|
||
|
102.38.28.206
|
unknown
|
Libyan Arab Jamahiriya
|
||
|
156.246.3.226
|
unknown
|
Seychelles
|
||
|
195.132.167.208
|
unknown
|
France
|
||
|
62.208.124.160
|
unknown
|
United Kingdom
|
||
|
41.7.130.8
|
unknown
|
South Africa
|
||
|
197.121.74.183
|
unknown
|
Egypt
|
||
|
41.136.36.181
|
unknown
|
Mauritius
|
||
|
41.41.152.219
|
unknown
|
Egypt
|
||
|
41.50.156.221
|
unknown
|
South Africa
|
||
|
201.160.49.82
|
unknown
|
Mexico
|
||
|
216.28.163.204
|
unknown
|
United States
|
||
|
41.121.224.199
|
unknown
|
South Africa
|
||
|
41.35.117.59
|
unknown
|
Egypt
|
||
|
41.21.203.11
|
unknown
|
South Africa
|
||
|
156.190.95.246
|
unknown
|
Egypt
|
||
|
41.5.88.222
|
unknown
|
South Africa
|
||
|
41.76.243.150
|
unknown
|
Botswana
|
||
|
18.228.80.85
|
unknown
|
United States
|
||
|
156.237.86.230
|
unknown
|
Seychelles
|
||
|
80.182.13.109
|
unknown
|
Italy
|
||
|
156.125.137.55
|
unknown
|
United States
|
||
|
54.192.176.93
|
unknown
|
United States
|
||
|
105.218.51.248
|
unknown
|
South Africa
|
||
|
206.232.17.95
|
unknown
|
United States
|
||
|
156.208.228.153
|
unknown
|
Egypt
|
||
|
67.111.92.188
|
unknown
|
United States
|
||
|
41.17.61.240
|
unknown
|
South Africa
|
||
|
197.252.104.3
|
unknown
|
Sudan
|
||
|
197.67.29.106
|
unknown
|
South Africa
|
||
|
197.51.239.227
|
unknown
|
Egypt
|
||
|
107.37.78.190
|
unknown
|
United States
|
||
|
86.168.160.255
|
unknown
|
United Kingdom
|
||
|
156.241.153.177
|
unknown
|
Seychelles
|
||
|
156.20.119.19
|
unknown
|
United States
|
||
|
156.244.80.222
|
unknown
|
Seychelles
|
||
|
176.0.170.33
|
unknown
|
Germany
|
There are 90 hidden IPs, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
411000
|
page execute read
|
|
||
|
7ffc629ea000
|
page execute read
|
|||
|
7ffc628fc000
|
page read and write
|
|||
|
514000
|
page read and write
|
|||
|
1f48000
|
page read and write
|
|||
|
511000
|
page read and write
|