Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
/tmp/nklsh4.elf
|
/tmp/nklsh4.elf
|
||
|
/tmp/nklsh4.elf
|
-
|
||
|
/tmp/nklsh4.elf
|
-
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http:///wget.sh
|
unknown
|
||
|
http:///curl.sh
|
unknown
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
netfags.geek
|
45.156.86.24
|
 |
|
|
yellowchink.pirate
|
45.156.86.24
|
|
|
|
chinklabs.dyn
|
185.150.24.67
|
|
|
|
burnthe.libre
|
45.156.86.24
|
|
|
|
chinklabs.dyn. [malformed]
|
unknown
|
|
|
|
netfags.geek. [malformed]
|
unknown
|
|
|
|
yellowchink.pirate. [malformed]
|
unknown
|
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
32.79.46.66
|
unknown
|
United States
|
||
|
23.242.192.207
|
unknown
|
United States
|
||
|
3.109.8.167
|
unknown
|
United States
|
||
|
223.22.41.191
|
unknown
|
Taiwan; Republic of China (ROC)
|
||
|
188.204.246.35
|
unknown
|
Netherlands
|
||
|
147.54.151.165
|
unknown
|
Germany
|
||
|
105.39.166.204
|
unknown
|
Egypt
|
||
|
99.143.113.148
|
unknown
|
United States
|
||
|
3.60.60.34
|
unknown
|
United States
|
||
|
13.232.124.78
|
unknown
|
United States
|
||
|
123.160.244.6
|
unknown
|
China
|
||
|
6.4.70.14
|
unknown
|
United States
|
||
|
73.48.182.185
|
unknown
|
United States
|
||
|
202.93.60.211
|
unknown
|
Thailand
|
||
|
138.20.119.18
|
unknown
|
United States
|
||
|
1.71.181.129
|
unknown
|
China
|
||
|
184.235.195.124
|
unknown
|
United States
|
||
|
140.123.53.253
|
unknown
|
Taiwan; Republic of China (ROC)
|
||
|
65.106.129.60
|
unknown
|
United States
|
||
|
114.28.76.174
|
unknown
|
China
|
||
|
207.25.46.166
|
unknown
|
United States
|
||
|
157.112.148.18
|
unknown
|
Japan
|
||
|
110.39.206.22
|
unknown
|
Pakistan
|
||
|
164.79.219.253
|
unknown
|
United States
|
||
|
206.46.224.54
|
unknown
|
United States
|
||
|
149.139.209.214
|
unknown
|
Italy
|
||
|
7.103.84.55
|
unknown
|
United States
|
||
|
211.166.212.5
|
unknown
|
China
|
||
|
38.239.134.118
|
unknown
|
United States
|
||
|
92.197.36.55
|
unknown
|
Germany
|
||
|
15.67.172.20
|
unknown
|
United States
|
||
|
162.95.203.88
|
unknown
|
United States
|
||
|
43.187.109.36
|
unknown
|
Japan
|
||
|
96.58.97.60
|
unknown
|
United States
|
||
|
184.178.190.89
|
unknown
|
United States
|
||
|
28.102.18.246
|
unknown
|
United States
|
||
|
180.33.60.6
|
unknown
|
Japan
|
||
|
8.125.159.87
|
unknown
|
United States
|
||
|
145.81.44.113
|
unknown
|
Netherlands
|
||
|
141.160.157.185
|
unknown
|
United States
|
||
|
79.118.35.51
|
unknown
|
Romania
|
||
|
23.172.164.161
|
unknown
|
Reserved
|
||
|
154.122.0.255
|
unknown
|
Kenya
|
||
|
59.118.194.190
|
unknown
|
Taiwan; Republic of China (ROC)
|
||
|
96.144.49.78
|
unknown
|
United States
|
||
|
161.102.214.234
|
unknown
|
United States
|
||
|
158.80.177.74
|
unknown
|
United States
|
||
|
111.33.21.199
|
unknown
|
China
|
||
|
142.67.215.104
|
unknown
|
Canada
|
||
|
88.110.185.21
|
unknown
|
United Kingdom
|
||
|
63.12.254.114
|
unknown
|
United States
|
||
|
8.126.17.170
|
unknown
|
United States
|
||
|
164.90.42.37
|
unknown
|
United States
|
||
|
52.67.118.221
|
unknown
|
United States
|
||
|
107.6.182.133
|
unknown
|
United States
|
||
|
169.147.23.237
|
unknown
|
United States
|
||
|
74.177.254.8
|
unknown
|
United States
|
||
|
85.242.161.166
|
unknown
|
Portugal
|
||
|
16.130.229.3
|
unknown
|
United States
|
||
|
202.54.157.112
|
unknown
|
India
|
||
|
112.157.34.220
|
unknown
|
Korea Republic of
|
||
|
197.183.197.216
|
unknown
|
Kenya
|
||
|
208.205.30.83
|
unknown
|
United States
|
||
|
150.28.106.36
|
unknown
|
Japan
|
||
|
192.179.82.189
|
unknown
|
United States
|
||
|
27.245.178.97
|
unknown
|
Taiwan; Republic of China (ROC)
|
||
|
176.251.59.23
|
unknown
|
United Kingdom
|
||
|
210.89.174.146
|
unknown
|
Korea Republic of
|
||
|
120.125.25.191
|
unknown
|
Taiwan; Republic of China (ROC)
|
||
|
95.245.54.112
|
unknown
|
Italy
|
||
|
141.174.246.167
|
unknown
|
United States
|
||
|
84.31.184.4
|
unknown
|
Netherlands
|
||
|
25.248.228.117
|
unknown
|
United Kingdom
|
||
|
51.134.66.39
|
unknown
|
United States
|
||
|
34.220.176.237
|
unknown
|
United States
|
||
|
194.180.92.108
|
unknown
|
Germany
|
||
|
210.152.164.59
|
unknown
|
Japan
|
||
|
54.190.3.108
|
unknown
|
United States
|
||
|
71.104.119.61
|
unknown
|
United States
|
||
|
47.254.32.243
|
unknown
|
United States
|
||
|
14.14.23.189
|
unknown
|
Japan
|
||
|
67.218.35.19
|
unknown
|
United States
|
||
|
42.242.49.192
|
unknown
|
China
|
||
|
144.149.209.114
|
unknown
|
United States
|
||
|
147.46.172.209
|
unknown
|
Korea Republic of
|
||
|
195.225.46.176
|
unknown
|
Israel
|
||
|
132.200.69.231
|
unknown
|
United States
|
||
|
184.87.33.70
|
unknown
|
United States
|
||
|
36.81.229.50
|
unknown
|
Indonesia
|
||
|
69.205.195.57
|
unknown
|
United States
|
||
|
126.229.79.55
|
unknown
|
Japan
|
||
|
108.42.89.67
|
unknown
|
United States
|
||
|
187.211.32.181
|
unknown
|
Mexico
|
||
|
76.215.110.143
|
unknown
|
United States
|
||
|
80.215.129.166
|
unknown
|
France
|
||
|
161.161.183.59
|
unknown
|
United States
|
||
|
21.117.50.183
|
unknown
|
United States
|
||
|
58.93.35.77
|
unknown
|
Japan
|
||
|
144.138.237.114
|
unknown
|
Australia
|
||
|
158.4.153.47
|
unknown
|
United States
|
There are 90 hidden IPs, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
7f8914ca3000
|
page read and write
|
|||
|
7f8915743000
|
page read and write
|
|||
|
7f889040d000
|
page execute read
|
|||
|
55ff10bde000
|
page read and write
|
|||
|
7fff70dfe000
|
page execute read
|
|||
|
55ff12bf3000
|
page read and write
|
|||
|
7f8915feb000
|
page read and write
|
|||
|
55ff10bd6000
|
page read and write
|
|||
|
55ff13d04000
|
page read and write
|
|||
|
7f889041e000
|
page read and write
|
|||
|
55ff109c0000
|
page execute read
|
|||
|
7f89154b4000
|
page read and write
|
|||
|
7f8910021000
|
page read and write
|
|||
|
7f8915b05000
|
page read and write
|
|||
|
7f889041d000
|
page read and write
|
|||
|
55ff12bdc000
|
page execute and read and write
|
|||
|
7f8915fa6000
|
page read and write
|
|||
|
7f8915e75000
|
page read and write
|
|||
|
7f89154a6000
|
page read and write
|
|||
|
7f8915f9e000
|
page read and write
|
|||
|
7f8915b2a000
|
page read and write
|
|||
|
7f8910000000
|
page read and write
|
|||
|
7fff70de4000
|
page read and write
|
There are 13 hidden memdumps, click here to show them.