Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
/tmp/zmap.ppc.elf
|
/tmp/zmap.ppc.elf
|
||
|
/tmp/zmap.ppc.elf
|
-
|
||
|
/tmp/zmap.ppc.elf
|
-
|
||
|
/usr/bin/dash
|
-
|
||
|
/usr/bin/rm
|
rm -f /tmp/tmp.r4ZsRGYnl7 /tmp/tmp.rfp6uBcgf2 /tmp/tmp.GiuztDFEu7
|
||
|
/usr/bin/dash
|
-
|
||
|
/usr/bin/cat
|
cat /tmp/tmp.r4ZsRGYnl7
|
||
|
/usr/bin/dash
|
-
|
||
|
/usr/bin/head
|
head -n 10
|
||
|
/usr/bin/dash
|
-
|
||
|
/usr/bin/tr
|
tr -d \\000-\\011\\013\\014\\016-\\037
|
||
|
/usr/bin/dash
|
-
|
||
|
/usr/bin/cut
|
cut -c -80
|
||
|
/usr/bin/dash
|
-
|
||
|
/usr/bin/cat
|
cat /tmp/tmp.r4ZsRGYnl7
|
||
|
/usr/bin/dash
|
-
|
||
|
/usr/bin/head
|
head -n 10
|
||
|
/usr/bin/dash
|
-
|
||
|
/usr/bin/tr
|
tr -d \\000-\\011\\013\\014\\016-\\037
|
||
|
/usr/bin/dash
|
-
|
||
|
/usr/bin/cut
|
cut -c -80
|
||
|
/usr/bin/dash
|
-
|
||
|
/usr/bin/rm
|
rm -f /tmp/tmp.r4ZsRGYnl7 /tmp/tmp.rfp6uBcgf2 /tmp/tmp.GiuztDFEu7
|
There are 13 hidden processes, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
server.dico-inside.com
|
154.216.16.38
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
54.171.230.55
|
unknown
|
United States
|
||
|
154.216.16.38
|
server.dico-inside.com
|
Seychelles
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
7f7b90012000
|
page execute read
|
 |
||
|
7f7b90012000
|
page execute read
|
|
||
|
7f7c8649d000
|
page read and write
|
|||
|
7f7c85ffc000
|
page read and write
|
|||
|
7f7c80021000
|
page read and write
|
|||
|
7ffc27684000
|
page execute read
|
|||
|
7f7c8599d000
|
page read and write
|
|||
|
7f7c8519a000
|
page read and write
|
|||
|
7f7c86021000
|
page read and write
|
|||
|
7ffc2763c000
|
page read and write
|
|||
|
7ffc27684000
|
page execute read
|
|||
|
5599dca1d000
|
page read and write
|
|||
|
7f7c8636c000
|
page read and write
|
|||
|
7f7c864e2000
|
page read and write
|
|||
|
5599da5a5000
|
page read and write
|
|||
|
7f7b90023000
|
page read and write
|
|||
|
7f7c86495000
|
page read and write
|
|||
|
7f7b90023000
|
page read and write
|
|||
|
7ffc2763c000
|
page read and write
|
|||
|
7f7c864e2000
|
page read and write
|
|||
|
5599da5ad000
|
page read and write
|
|||
|
7f7c80021000
|
page read and write
|
|||
|
7f7c80000000
|
page read and write
|
|||
|
5599dca1d000
|
page read and write
|
|||
|
7f7c86021000
|
page read and write
|
|||
|
7f7b90026000
|
page read and write
|
|||
|
5599dc5c1000
|
page read and write
|
|||
|
5599da5ad000
|
page read and write
|
|||
|
7f7c80000000
|
page read and write
|
|||
|
7f7c85c3a000
|
page read and write
|
|||
|
5599da322000
|
page execute read
|
|||
|
5599dc5ab000
|
page execute and read and write
|
|||
|
7f7c8636c000
|
page read and write
|
|||
|
7f7c85c3a000
|
page read and write
|
|||
|
7f7c859ab000
|
page read and write
|
|||
|
5599dc5ab000
|
page execute and read and write
|
|||
|
7f7c8519a000
|
page read and write
|
|||
|
5599dc5c1000
|
page read and write
|
|||
|
7f7c859ab000
|
page read and write
|
|||
|
5599da5a5000
|
page read and write
|
|||
|
7f7c8649d000
|
page read and write
|
|||
|
7f7c8599d000
|
page read and write
|
|||
|
5599da322000
|
page execute read
|
|||
|
7f7b90026000
|
page read and write
|
|||
|
7f7c86495000
|
page read and write
|
|||
|
7f7c85ffc000
|
page read and write
|
There are 36 hidden memdumps, click here to show them.