Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
/usr/bin/dash
|
-
|
||
|
/usr/bin/rm
|
rm -f /tmp/tmp.ytr2HPcKEc /tmp/tmp.dGj8diqzht /tmp/tmp.Q3Yk49PI3M
|
||
|
/usr/bin/dash
|
-
|
||
|
/usr/bin/rm
|
rm -f /tmp/tmp.ytr2HPcKEc /tmp/tmp.dGj8diqzht /tmp/tmp.Q3Yk49PI3M
|
||
|
/tmp/botnet.ppc.elf
|
/tmp/botnet.ppc.elf
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://upx.sf.net
|
unknown
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
daisy.ubuntu.com
|
162.213.35.25
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
185.125.190.26
|
unknown
|
United Kingdom
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
560c9cee9000
|
page execute and read and write
|
|||
|
7fa16c000000
|
page read and write
|
|||
|
560c9da72000
|
page read and write
|
|||
|
7fa16c021000
|
page read and write
|
|||
|
560c9ac60000
|
page execute read
|
|||
|
560c9aee3000
|
page read and write
|
|||
|
7fa1738fa000
|
page read and write
|
|||
|
7fa173459000
|
page read and write
|
|||
|
7fa173097000
|
page read and write
|
|||
|
7fa1738f2000
|
page read and write
|
|||
|
7fa17393f000
|
page read and write
|
|||
|
7fa1737c9000
|
page read and write
|
|||
|
7fa17347e000
|
page read and write
|
|||
|
7fa1725f7000
|
page read and write
|
|||
|
7ffdb0e96000
|
page read and write
|
|||
|
560c9ceff000
|
page read and write
|
|||
|
560c9aeeb000
|
page read and write
|
|||
|
7fa172e08000
|
page read and write
|
|||
|
7fa16b7ff000
|
page read and write
|
|||
|
7fa07c027000
|
page read and write
|
|||
|
7fa07c00a000
|
page execute read
|
|||
|
7fa172dfa000
|
page read and write
|
|||
|
7ffdb0ec0000
|
page execute read
|
There are 13 hidden memdumps, click here to show them.