Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
/tmp/arm6.nn-20241122-0008.elf
|
/tmp/arm6.nn-20241122-0008.elf
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://193.143.1.70/oro1vk/usr/sbin/reboot/usr/bin/reboot/usr/sbin/shutdown/usr/bin/shutdown/usr/sbi
|
unknown
|
||
|
http://193.143.1.70/curl.sh
|
unknown
|
||
|
http://193.143.1.70/lol.sh
|
unknown
|
||
|
http://193.143.1.70/
|
unknown
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
daisy.ubuntu.com
|
162.213.35.24
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
7f6de8033000
|
page execute read
|
 |
||
|
55eb42c64000
|
page execute and read and write
|
|||
|
55eb43c42000
|
page read and write
|
|||
|
7f6eee2e4000
|
page read and write
|
|||
|
7f6eee657000
|
page read and write
|
|||
|
7f6eee4c5000
|
page read and write
|
|||
|
7f6eed10c000
|
page read and write
|
|||
|
7f6eee102000
|
page read and write
|
|||
|
7f6eedf96000
|
page read and write
|
|||
|
7f6eedf73000
|
page read and write
|
|||
|
7f6eee612000
|
page read and write
|
|||
|
55eb40a0c000
|
page execute read
|
|||
|
55eb40c5d000
|
page read and write
|
|||
|
7ffc0bb20000
|
page read and write
|
|||
|
7ffc0bb3a000
|
page execute read
|
|||
|
7f6eed914000
|
page read and write
|
|||
|
7f6de8045000
|
page read and write
|
|||
|
7f6ee8021000
|
page read and write
|
|||
|
7f6eedd08000
|
page read and write
|
|||
|
55eb40c66000
|
page read and write
|
|||
|
7f6eee5ee000
|
page read and write
|
|||
|
7f6ee7fff000
|
page read and write
|
|||
|
55eb42c7b000
|
page read and write
|
|||
|
7f6de803b000
|
page read and write
|
|||
|
7f6eed9a6000
|
page read and write
|
There are 15 hidden memdumps, click here to show them.