IOC Report
c1.php

loading gif

Processes

Path
Cmdline
Malicious
/usr/bin/php
/usr/bin/php /tmp/c1.php
/usr/bin/php
-
/bin/dash
sh -c "gcc --version"
/bin/dash
-
/usr/bin/gcc
gcc --version
/usr/bin/php
-
/bin/dash
sh -c "perl --version"
/bin/dash
-
/usr/bin/perl
perl --version
/usr/bin/php
-
/bin/dash
sh -c "python --version"
/bin/dash
-
/usr/bin/python
python --version
/usr/bin/php
-
/bin/dash
sh -c "pkexec --version"
/bin/dash
-
/usr/bin/pkexec
pkexec --version
/usr/bin/php
-
/bin/dash
sh -c "curl --version"
/bin/dash
-
/usr/bin/curl
curl --version
/usr/bin/php
-
/bin/dash
sh -c "wget --version"
/bin/dash
-
/usr/bin/wget
wget --version
/usr/bin/php
-
/bin/dash
sh -c "mysql --version"
/usr/bin/php
-
/bin/dash
sh -c "ftp --version"
/usr/bin/php
-
/bin/dash
sh -c "ssh --version"
/bin/dash
-
/usr/bin/ssh
ssh --version
/usr/bin/php
-
/bin/dash
sh -c "mail --version"
/usr/bin/php
-
/bin/dash
sh -c "cron --version"
/bin/dash
-
/usr/sbin/cron
cron --version
/usr/bin/php
-
/bin/dash
sh -c "sendmail --version"
There are 31 hidden processes, click here to show them.