Files
File Path
|
Type
|
Category
|
Malicious
|
|
---|---|---|---|---|
bluefish-data_2.2.12-1.1_all(1).deb
|
Debian binary package (format 2.0), with control.tar.xz, data compression xz
|
initial sample
|
||
/home/james/.cache/dconf/user
|
data
|
dropped
|
||
/home/james/.local/share/gnome-software/ubuntu-reviews.db
|
SQLite 3.x database, last written using SQLite version 3011000, page size 1024, file counter 1, database pages 3, cookie 0x1,
schema 4, UTF-8, version-valid-for 1
|
dropped
|
||
/home/james/.local/share/gnome-software/ubuntu-reviews.db-journal
|
SQLite Rollback Journal
|
dropped
|
||
/tmp/dpkg-deb.YO0WnW/control
|
ASCII text
|
dropped
|
||
/tmp/dpkg-deb.YO0WnW/md5sums
|
ASCII text
|
dropped
|
||
/var/lib/fwupd/pending.db
|
SQLite 3.x database, last written using SQLite version 3011000, page size 1024, file counter 1, database pages 3, cookie 0x1,
schema 4, UTF-8, version-valid-for 1
|
dropped
|
||
/var/lib/fwupd/pending.db-journal
|
data
|
dropped
|
Processes
Path
|
Cmdline
|
Malicious
|
|
---|---|---|---|
/usr/bin/exo-open
|
exo-open /tmp/bluefish-data_2.2.12-1.1_all(1).deb
|
||
/usr/bin/exo-open
|
-
|
||
/usr/bin/dbus-launch
|
dbus-launch --autolaunch=11ced2f07072c6ae389b731c5cc84014 --binary-syntax --close-stderr
|
||
/usr/bin/exo-open
|
-
|
||
/usr/bin/exo-open
|
-
|
||
/usr/bin/gnome-software
|
gnome-software --local-filename=/tmp/bluefish-data_2.2.12-1.1_all(1).deb
|
||
/usr/bin/gnome-software
|
-
|
||
/usr/bin/dbus-launch
|
dbus-launch --autolaunch=11ced2f07072c6ae389b731c5cc84014 --binary-syntax --close-stderr
|
||
/usr/bin/gnome-software
|
-
|
||
/usr/bin/dpkg-deb
|
/usr/bin/dpkg-deb --showformat=${Package}\\n${Version}\\n${Installed-Size}\\n${Homepage}\\n${Description} -W /tmp/bluefish-data_2.2.12-1.1_all(1).deb
|
||
/usr/bin/dpkg-deb
|
-
|
||
/usr/bin/dpkg-deb
|
-
|
||
/usr/bin/dpkg-deb
|
-
|
||
/bin/tar
|
tar -x -m -f - --warning=no-timestamp
|
||
/usr/bin/dpkg-deb
|
-
|
||
/bin/rm
|
rm -rf -- /tmp/dpkg-deb.YO0WnW
|
||
/usr/bin/gnome-software
|
-
|
||
/usr/bin/dpkg
|
/usr/bin/dpkg --print-foreign-architectures
|
||
/usr/bin/gnome-software
|
-
|
||
/usr/bin/dpkg
|
/usr/bin/dpkg --print-foreign-architectures
|
||
/lib/systemd/systemd
|
-
|
||
/usr/lib/x86_64-linux-gnu/fwupd/fwupd
|
/usr/lib/x86_64-linux-gnu/fwupd/fwupd
|
There are 12 hidden processes, click here to show them.
URLs
Name
|
IP
|
Malicious
|
|
---|---|---|---|
http://bluefish.openoffice.nl
|
unknown
|
Domains
Name
|
IP
|
Malicious
|
|
---|---|---|---|
reviews.ubuntu.com
|
unknown
|