Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
/tmp/zersh4.elf
|
/tmp/zersh4.elf
|
||
|
/tmp/zersh4.elf
|
-
|
||
|
/tmp/zersh4.elf
|
-
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
netfags.geek
|
45.156.86.24
|
 |
|
|
yellowchink.pirate
|
45.156.86.24
|
|
|
|
chinklabs.dyn
|
185.150.24.67
|
|
|
|
burnthe.libre
|
45.156.86.24
|
|
|
|
chinklabs.dyn. [malformed]
|
unknown
|
|
|
|
netfags.geek. [malformed]
|
unknown
|
|
|
|
burnthe.libre. [malformed]
|
unknown
|
|
|
|
yellowchink.pirate. [malformed]
|
unknown
|
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
185.150.24.67
|
chinklabs.dyn
|
Netherlands
|
|
|
|
45.156.86.24
|
netfags.geek
|
Germany
|
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
7fb25c214000
|
page read and write
|
|||
|
7ffd96cc5000
|
page read and write
|
|||
|
7fb25d50f000
|
page read and write
|
|||
|
7fb25d517000
|
page read and write
|
|||
|
7ffd96d0e000
|
page execute read
|
|||
|
7fb258021000
|
page read and write
|
|||
|
55ed7f3f0000
|
page read and write
|
|||
|
55ed7e707000
|
page execute and read and write
|
|||
|
7fb25ca17000
|
page read and write
|
|||
|
7fb25d076000
|
page read and write
|
|||
|
7fb258000000
|
page read and write
|
|||
|
7fb25d3e6000
|
page read and write
|
|||
|
7fb25ccb4000
|
page read and write
|
|||
|
55ed7c709000
|
page read and write
|
|||
|
55ed7c4eb000
|
page execute read
|
|||
|
55ed7e71e000
|
page read and write
|
|||
|
7fb1d841b000
|
page read and write
|
|||
|
7fb1d841c000
|
page read and write
|
|||
|
7fb25ca25000
|
page read and write
|
|||
|
7fb25d55c000
|
page read and write
|
|||
|
7fb25d09b000
|
page read and write
|
|||
|
7fb1d840b000
|
page execute read
|
|||
|
55ed7c701000
|
page read and write
|
There are 13 hidden memdumps, click here to show them.