Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
/tmp/ppc.elf
|
/tmp/ppc.elf
|
||
|
/tmp/ppc.elf
|
-
|
||
|
/tmp/ppc.elf
|
-
|
||
|
/tmp/ppc.elf
|
-
|
||
|
/tmp/ppc.elf
|
-
|
||
|
/tmp/ppc.elf
|
-
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://hailcocks.ru/wget.sh;
|
unknown
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
kingstonwikkerink.dyn
|
88.151.195.22
|
 |
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
217.28.130.41
|
unknown
|
United Kingdom
|
|
|
|
213.182.204.57
|
unknown
|
Latvia
|
|
|
|
31.13.248.89
|
unknown
|
Bulgaria
|
|
|
|
86.107.100.80
|
unknown
|
Romania
|
|
|
|
88.151.195.22
|
kingstonwikkerink.dyn
|
Azerbaijan
|
|
|
|
91.149.218.232
|
unknown
|
Poland
|
|
|
|
81.29.149.178
|
unknown
|
Switzerland
|
||
|
91.149.238.18
|
unknown
|
Poland
|
||
|
91.189.91.43
|
unknown
|
United Kingdom
|
||
|
91.189.91.42
|
unknown
|
United Kingdom
|
||
|
109.202.202.202
|
unknown
|
Switzerland
|
There are 1 hidden IPs, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
7f386a823000
|
page read and write
|
|||
|
7f386a0f1000
|
page read and write
|
|||
|
7f3774024000
|
page read and write
|
|||
|
7f3869651000
|
page read and write
|
|||
|
7f386a954000
|
page read and write
|
|||
|
7f386a0f1000
|
page read and write
|
|||
|
7f386a94c000
|
page read and write
|
|||
|
7f377402a000
|
page read and write
|
|||
|
7f386a4d8000
|
page read and write
|
|||
|
7f3864021000
|
page read and write
|
|||
|
55a21378c000
|
page execute read
|
|||
|
7fff69f16000
|
page read and write
|
|||
|
7f377402a000
|
page read and write
|
|||
|
55a213a0f000
|
page read and write
|
|||
|
7f3869e54000
|
page read and write
|
|||
|
55a21378c000
|
page execute read
|
|||
|
7f3869e62000
|
page read and write
|
|||
|
7f3869651000
|
page read and write
|
|||
|
7f386a4b3000
|
page read and write
|
|||
|
7f3774013000
|
page execute read
|
|||
|
7f386a4b3000
|
page read and write
|
|||
|
7fff69f16000
|
page read and write
|
|||
|
7f3869e54000
|
page read and write
|
|||
|
55a213a0f000
|
page read and write
|
|||
|
7f386a999000
|
page read and write
|
|||
|
55a215a2b000
|
page read and write
|
|||
|
7f3774013000
|
page execute read
|
|||
|
7f3869e62000
|
page read and write
|
|||
|
7f386a4d8000
|
page read and write
|
|||
|
7f3864000000
|
page read and write
|
|||
|
55a213a17000
|
page read and write
|
|||
|
55a213a17000
|
page read and write
|
|||
|
7f3864000000
|
page read and write
|
|||
|
55a216723000
|
page read and write
|
|||
|
7f386a954000
|
page read and write
|
|||
|
55a215a2b000
|
page read and write
|
|||
|
55a215a15000
|
page execute and read and write
|
|||
|
7f386a999000
|
page read and write
|
|||
|
7fff69f92000
|
page execute read
|
|||
|
55a216723000
|
page read and write
|
|||
|
55a215a15000
|
page execute and read and write
|
|||
|
7f386a94c000
|
page read and write
|
|||
|
7fff69f92000
|
page execute read
|
|||
|
7f386a823000
|
page read and write
|
|||
|
7f3774024000
|
page read and write
|
|||
|
7f3864021000
|
page read and write
|
There are 36 hidden memdumps, click here to show them.