Joe Sandbox Cloud Basic Analysis Report
Create Interactive Tour

Linux Analysis Report
morte.ppc.elf

Overview

General Information

Sample name:morte.ppc.elf
Analysis ID:1646033
MD5:a07a783c9fd4dccbec567f1a76abe202
SHA1:ccbda513ae8b43917f6019d629724a916d0d9abc
SHA256:694888ff922d9c81d036538c761bfb909694747d23c51a1e6f2f40d6a32c1488
Tags:elfuser-abuse_ch
Infos:

Detection

Okiru
Score:88
Range:0 - 100

Signatures

Antivirus / Scanner detection for submitted sample
Multi AV Scanner detection for submitted file
Sample tries to kill a massive number of system processes
Yara detected Okiru
Reads system files that contain records of logged in users
Sample is packed with UPX
Sample reads /proc/mounts (often used for finding a writable filesystem)
Sample tries to kill multiple processes (SIGKILL)
Creates hidden files and/or directories
Deletes log files
Detected TCP or UDP traffic on non-standard ports
ELF contains segments with high entropy indicating compressed/encrypted content
Enumerates processes within the "proc" file system
Executes commands using a shell command-line interpreter
Executes the "grep" command used to find patterns in files or piped streams
Executes the "kill" or "pkill" command typically used to terminate processes
Executes the "rm" command used to delete files or directories
HTTP GET or POST without a user agent
Reads CPU information from /sys indicative of miner or evasive malware
Reads system information from the proc file system
Reads system version information
Reads the 'hosts' file potentially containing internal network hosts
Sample contains only a LOAD segment without any section mappings
Sample listens on a socket
Sample tries to kill a process (SIGKILL)
Sample tries to set the executable flag
Uses the "uname" system call to query kernel version information (possible evasion)

Classification

RansomwareSpreadingPhishingBankerTrojan / BotAdwareSpywareExploiterEvaderMinercleansuspiciousmalicious

General Information

Joe Sandbox version:42.0.0 Malachite
Analysis ID:1646033
Start date and time:2025-03-23 06:57:11 +01:00
Joe Sandbox product:CloudBasic
Overall analysis duration:0h 4m 25s
Hypervisor based Inspection enabled:false
Report type:full
Cookbook file name:defaultlinuxfilecookbook.jbs
Analysis system description:Ubuntu Linux 20.04 x64 (Kernel 5.4.0-72, Firefox 91.0, Evince Document Viewer 3.36.10, LibreOffice 6.4.7.2, OpenJDK 11.0.11)
Analysis Mode:default
Sample name:morte.ppc.elf
Detection:MAL
Classification:mal88.spre.troj.evad.linELF@0/47@3/0
  • Connection to analysis system has been lost, crash info: Unknown
  • Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.

Runtime Messages

Command:/tmp/morte.ppc.elf
PID:6263
Exit Code:0
Exit Code Info:
Killed:False
Standard Output:
lzrd cock fest"/proc/"/exe
Standard Error:

Process Tree

  • system is lnxubuntu20
  • dash New Fork (PID: 6224, Parent: 4331)
  • rm (PID: 6224, Parent: 4331, MD5: aa2b5496fdbfd88e38791ab81f90b95b) Arguments: rm -f /tmp/tmp.8mDCkktm5N /tmp/tmp.SSYf8xle0B /tmp/tmp.vlX7lnpvVg
  • dash New Fork (PID: 6225, Parent: 4331)
  • cat (PID: 6225, Parent: 4331, MD5: 7e9d213e404ad3bb82e4ebb2e1f2c1b3) Arguments: cat /tmp/tmp.8mDCkktm5N
  • dash New Fork (PID: 6226, Parent: 4331)
  • head (PID: 6226, Parent: 4331, MD5: fd96a67145172477dd57131396fc9608) Arguments: head -n 10
  • dash New Fork (PID: 6227, Parent: 4331)
  • tr (PID: 6227, Parent: 4331, MD5: fbd1402dd9f72d8ebfff00ce7c3a7bb5) Arguments: tr -d \\000-\\011\\013\\014\\016-\\037
  • dash New Fork (PID: 6228, Parent: 4331)
  • cut (PID: 6228, Parent: 4331, MD5: d8ed0ea8f22c0de0f8692d4d9f1759d3) Arguments: cut -c -80
  • dash New Fork (PID: 6229, Parent: 4331)
  • cat (PID: 6229, Parent: 4331, MD5: 7e9d213e404ad3bb82e4ebb2e1f2c1b3) Arguments: cat /tmp/tmp.8mDCkktm5N
  • dash New Fork (PID: 6230, Parent: 4331)
  • head (PID: 6230, Parent: 4331, MD5: fd96a67145172477dd57131396fc9608) Arguments: head -n 10
  • dash New Fork (PID: 6231, Parent: 4331)
  • tr (PID: 6231, Parent: 4331, MD5: fbd1402dd9f72d8ebfff00ce7c3a7bb5) Arguments: tr -d \\000-\\011\\013\\014\\016-\\037
  • dash New Fork (PID: 6232, Parent: 4331)
  • cut (PID: 6232, Parent: 4331, MD5: d8ed0ea8f22c0de0f8692d4d9f1759d3) Arguments: cut -c -80
  • dash New Fork (PID: 6233, Parent: 4331)
  • rm (PID: 6233, Parent: 4331, MD5: aa2b5496fdbfd88e38791ab81f90b95b) Arguments: rm -f /tmp/tmp.8mDCkktm5N /tmp/tmp.SSYf8xle0B /tmp/tmp.vlX7lnpvVg
  • systemd New Fork (PID: 6271, Parent: 1)
  • journalctl (PID: 6271, Parent: 1, MD5: bf3a987344f3bacafc44efd882abda8b) Arguments: /usr/bin/journalctl --smart-relinquish-var
  • gdm3 New Fork (PID: 6304, Parent: 1320)
  • Default (PID: 6304, Parent: 1320, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: /etc/gdm3/PrimeOff/Default
  • systemd New Fork (PID: 6305, Parent: 1)
  • dbus-daemon (PID: 6305, Parent: 1, MD5: 3089d47e3f3ab84cd81c48fd406d7a8c) Arguments: /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only
  • systemd New Fork (PID: 6307, Parent: 1)
  • rsyslogd (PID: 6307, Parent: 1, MD5: 0b8087fc907c42eb3c81a691db258e33) Arguments: /usr/sbin/rsyslogd -n -iNONE
  • gdm3 New Fork (PID: 6308, Parent: 1320)
  • Default (PID: 6308, Parent: 1320, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: /etc/gdm3/PrimeOff/Default
  • systemd New Fork (PID: 6309, Parent: 1860)
  • pulseaudio (PID: 6309, Parent: 1860, MD5: 0c3b4c789d8ffb12b25507f27e14c186) Arguments: /usr/bin/pulseaudio --daemonize=no --log-target=journal
  • fusermount (PID: 6310, Parent: 2038, MD5: 576a1b135c82bdcbc97a91acea900566) Arguments: fusermount -u -q -z -- /run/user/1000/gvfs
  • gdm3 New Fork (PID: 6311, Parent: 1320)
  • Default (PID: 6311, Parent: 1320, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: /etc/gdm3/PrimeOff/Default
  • systemd New Fork (PID: 6312, Parent: 1)
  • systemd-journald (PID: 6312, Parent: 1, MD5: 474667ece6cecb5e04c6eb897a1d0d9e) Arguments: /lib/systemd/systemd-journald
  • systemd New Fork (PID: 6317, Parent: 1)
  • dbus-daemon (PID: 6317, Parent: 1, MD5: 3089d47e3f3ab84cd81c48fd406d7a8c) Arguments: /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only
  • systemd New Fork (PID: 6321, Parent: 1)
  • systemd-journald (PID: 6321, Parent: 1, MD5: 474667ece6cecb5e04c6eb897a1d0d9e) Arguments: /lib/systemd/systemd-journald
  • systemd New Fork (PID: 6322, Parent: 1)
  • rsyslogd (PID: 6322, Parent: 1, MD5: 0b8087fc907c42eb3c81a691db258e33) Arguments: /usr/sbin/rsyslogd -n -iNONE
  • systemd New Fork (PID: 6331, Parent: 1)
  • systemd-logind (PID: 6331, Parent: 1, MD5: 8dd58a1b4c12f7a1d5fe3ce18b2aaeef) Arguments: /lib/systemd/systemd-logind
  • systemd New Fork (PID: 6389, Parent: 1)
  • gpu-manager (PID: 6389, Parent: 1, MD5: 8fae9dd5dd67e1f33d873089c2fd8761) Arguments: /usr/bin/gpu-manager --log /var/log/gpu-manager.log
    • sh (PID: 6391, Parent: 6389, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "grep -G \"^blacklist.*nvidia[[:space:]]*$\" /etc/modprobe.d/*.conf"
      • sh New Fork (PID: 6392, Parent: 6391)
      • grep (PID: 6392, Parent: 6391, MD5: 1e6ebb9dd094f774478f72727bdba0f5) Arguments: grep -G ^blacklist.*nvidia[[:space:]]*$ /etc/modprobe.d/alsa-base.conf /etc/modprobe.d/amd64-microcode-blacklist.conf /etc/modprobe.d/blacklist-ath_pci.conf /etc/modprobe.d/blacklist-firewire.conf /etc/modprobe.d/blacklist-framebuffer.conf /etc/modprobe.d/blacklist-modem.conf /etc/modprobe.d/blacklist-oss.conf /etc/modprobe.d/blacklist-rare-network.conf /etc/modprobe.d/blacklist.conf /etc/modprobe.d/intel-microcode-blacklist.conf /etc/modprobe.d/iwlwifi.conf /etc/modprobe.d/mdadm.conf
    • sh (PID: 6396, Parent: 6389, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "grep -G \"^blacklist.*nvidia[[:space:]]*$\" /lib/modprobe.d/*.conf"
      • sh New Fork (PID: 6398, Parent: 6396)
      • grep (PID: 6398, Parent: 6396, MD5: 1e6ebb9dd094f774478f72727bdba0f5) Arguments: grep -G ^blacklist.*nvidia[[:space:]]*$ /lib/modprobe.d/aliases.conf /lib/modprobe.d/blacklist_linux_5.4.0-72-generic.conf /lib/modprobe.d/blacklist_linux_5.4.0-81-generic.conf /lib/modprobe.d/fbdev-blacklist.conf /lib/modprobe.d/systemd.conf
    • sh (PID: 6399, Parent: 6389, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "grep -G \"^blacklist.*radeon[[:space:]]*$\" /etc/modprobe.d/*.conf"
      • sh New Fork (PID: 6400, Parent: 6399)
      • grep (PID: 6400, Parent: 6399, MD5: 1e6ebb9dd094f774478f72727bdba0f5) Arguments: grep -G ^blacklist.*radeon[[:space:]]*$ /etc/modprobe.d/alsa-base.conf /etc/modprobe.d/amd64-microcode-blacklist.conf /etc/modprobe.d/blacklist-ath_pci.conf /etc/modprobe.d/blacklist-firewire.conf /etc/modprobe.d/blacklist-framebuffer.conf /etc/modprobe.d/blacklist-modem.conf /etc/modprobe.d/blacklist-oss.conf /etc/modprobe.d/blacklist-rare-network.conf /etc/modprobe.d/blacklist.conf /etc/modprobe.d/intel-microcode-blacklist.conf /etc/modprobe.d/iwlwifi.conf /etc/modprobe.d/mdadm.conf
    • sh (PID: 6401, Parent: 6389, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "grep -G \"^blacklist.*radeon[[:space:]]*$\" /lib/modprobe.d/*.conf"
      • sh New Fork (PID: 6402, Parent: 6401)
      • grep (PID: 6402, Parent: 6401, MD5: 1e6ebb9dd094f774478f72727bdba0f5) Arguments: grep -G ^blacklist.*radeon[[:space:]]*$ /lib/modprobe.d/aliases.conf /lib/modprobe.d/blacklist_linux_5.4.0-72-generic.conf /lib/modprobe.d/blacklist_linux_5.4.0-81-generic.conf /lib/modprobe.d/fbdev-blacklist.conf /lib/modprobe.d/systemd.conf
    • sh (PID: 6403, Parent: 6389, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "grep -G \"^blacklist.*amdgpu[[:space:]]*$\" /etc/modprobe.d/*.conf"
      • sh New Fork (PID: 6404, Parent: 6403)
      • grep (PID: 6404, Parent: 6403, MD5: 1e6ebb9dd094f774478f72727bdba0f5) Arguments: grep -G ^blacklist.*amdgpu[[:space:]]*$ /etc/modprobe.d/alsa-base.conf /etc/modprobe.d/amd64-microcode-blacklist.conf /etc/modprobe.d/blacklist-ath_pci.conf /etc/modprobe.d/blacklist-firewire.conf /etc/modprobe.d/blacklist-framebuffer.conf /etc/modprobe.d/blacklist-modem.conf /etc/modprobe.d/blacklist-oss.conf /etc/modprobe.d/blacklist-rare-network.conf /etc/modprobe.d/blacklist.conf /etc/modprobe.d/intel-microcode-blacklist.conf /etc/modprobe.d/iwlwifi.conf /etc/modprobe.d/mdadm.conf
    • sh (PID: 6405, Parent: 6389, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "grep -G \"^blacklist.*amdgpu[[:space:]]*$\" /lib/modprobe.d/*.conf"
      • sh New Fork (PID: 6406, Parent: 6405)
      • grep (PID: 6406, Parent: 6405, MD5: 1e6ebb9dd094f774478f72727bdba0f5) Arguments: grep -G ^blacklist.*amdgpu[[:space:]]*$ /lib/modprobe.d/aliases.conf /lib/modprobe.d/blacklist_linux_5.4.0-72-generic.conf /lib/modprobe.d/blacklist_linux_5.4.0-81-generic.conf /lib/modprobe.d/fbdev-blacklist.conf /lib/modprobe.d/systemd.conf
    • sh (PID: 6407, Parent: 6389, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "grep -G \"^blacklist.*nouveau[[:space:]]*$\" /etc/modprobe.d/*.conf"
      • sh New Fork (PID: 6408, Parent: 6407)
      • grep (PID: 6408, Parent: 6407, MD5: 1e6ebb9dd094f774478f72727bdba0f5) Arguments: grep -G ^blacklist.*nouveau[[:space:]]*$ /etc/modprobe.d/alsa-base.conf /etc/modprobe.d/amd64-microcode-blacklist.conf /etc/modprobe.d/blacklist-ath_pci.conf /etc/modprobe.d/blacklist-firewire.conf /etc/modprobe.d/blacklist-framebuffer.conf /etc/modprobe.d/blacklist-modem.conf /etc/modprobe.d/blacklist-oss.conf /etc/modprobe.d/blacklist-rare-network.conf /etc/modprobe.d/blacklist.conf /etc/modprobe.d/intel-microcode-blacklist.conf /etc/modprobe.d/iwlwifi.conf /etc/modprobe.d/mdadm.conf
    • sh (PID: 6409, Parent: 6389, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "grep -G \"^blacklist.*nouveau[[:space:]]*$\" /lib/modprobe.d/*.conf"
      • sh New Fork (PID: 6410, Parent: 6409)
      • grep (PID: 6410, Parent: 6409, MD5: 1e6ebb9dd094f774478f72727bdba0f5) Arguments: grep -G ^blacklist.*nouveau[[:space:]]*$ /lib/modprobe.d/aliases.conf /lib/modprobe.d/blacklist_linux_5.4.0-72-generic.conf /lib/modprobe.d/blacklist_linux_5.4.0-81-generic.conf /lib/modprobe.d/fbdev-blacklist.conf /lib/modprobe.d/systemd.conf
  • systemd New Fork (PID: 6393, Parent: 1)
  • agetty (PID: 6393, Parent: 1, MD5: 3a374724ba7e863768139bdd60ca36f7) Arguments: /sbin/agetty -o "-p -- \\u" --noclear tty2 linux
  • systemd New Fork (PID: 6411, Parent: 1)
  • generate-config (PID: 6411, Parent: 1, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: /usr/share/gdm/generate-config
    • pkill (PID: 6414, Parent: 6411, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill --signal HUP --uid gdm dconf-service
  • systemd New Fork (PID: 6416, Parent: 1)
  • gdm-wait-for-drm (PID: 6416, Parent: 1, MD5: 82043ba752c6930b4e6aaea2f7747545) Arguments: /usr/lib/gdm3/gdm-wait-for-drm
  • systemd New Fork (PID: 6421, Parent: 1)
  • gdm3 (PID: 6421, Parent: 1, MD5: 2492e2d8d34f9377e3e530a61a15674f) Arguments: /usr/sbin/gdm3
    • gdm3 New Fork (PID: 6424, Parent: 6421)
    • plymouth (PID: 6424, Parent: 6421, MD5: 87003efd8dad470042f5e75360a8f49f) Arguments: plymouth --ping
    • gdm3 New Fork (PID: 6440, Parent: 6421)
    • gdm-session-worker (PID: 6440, Parent: 6421, MD5: 692243754bd9f38fe9bd7e230b5c060a) Arguments: "gdm-session-worker [pam/gdm-launch-environment]"
      • gdm-wayland-session (PID: 6444, Parent: 6440, MD5: d3def63cf1e83f7fb8a0f13b1744ff7c) Arguments: /usr/lib/gdm3/gdm-wayland-session "dbus-run-session -- gnome-session --autostart /usr/share/gdm/greeter/autostart"
        • dbus-daemon (PID: 6446, Parent: 6444, MD5: 3089d47e3f3ab84cd81c48fd406d7a8c) Arguments: dbus-daemon --print-address 3 --session
          • dbus-daemon New Fork (PID: 6450, Parent: 6446)
            • false (PID: 6451, Parent: 6450, MD5: 3177546c74e4f0062909eae43d948bfc) Arguments: /bin/false
        • dbus-run-session (PID: 6452, Parent: 6444, MD5: 245f3ef6a268850b33b0225a8753b7f4) Arguments: dbus-run-session -- gnome-session --autostart /usr/share/gdm/greeter/autostart
          • dbus-daemon (PID: 6453, Parent: 6452, MD5: 3089d47e3f3ab84cd81c48fd406d7a8c) Arguments: dbus-daemon --nofork --print-address 4 --session
    • gdm3 New Fork (PID: 6454, Parent: 6421)
    • Default (PID: 6454, Parent: 6421, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: /etc/gdm3/PrimeOff/Default
    • gdm3 New Fork (PID: 6455, Parent: 6421)
    • Default (PID: 6455, Parent: 6421, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: /etc/gdm3/PrimeOff/Default
  • systemd New Fork (PID: 6425, Parent: 1)
  • accounts-daemon (PID: 6425, Parent: 1, MD5: 01a899e3fb5e7e434bea1290255a1f30) Arguments: /usr/lib/accountsservice/accounts-daemon
    • language-validate (PID: 6429, Parent: 6425, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: /usr/share/language-tools/language-validate en_US.UTF-8
      • language-options (PID: 6430, Parent: 6429, MD5: 16a21f464119ea7fad1d3660de963637) Arguments: /usr/share/language-tools/language-options
        • sh (PID: 6433, Parent: 6430, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "locale -a | grep -F .utf8 "
          • sh New Fork (PID: 6434, Parent: 6433)
          • locale (PID: 6434, Parent: 6433, MD5: c72a78792469db86d91369c9057f20d2) Arguments: locale -a
          • sh New Fork (PID: 6435, Parent: 6433)
          • grep (PID: 6435, Parent: 6433, MD5: 1e6ebb9dd094f774478f72727bdba0f5) Arguments: grep -F .utf8
  • systemd New Fork (PID: 6436, Parent: 1)
  • polkitd (PID: 6436, Parent: 1, MD5: 8efc9b4b5b524210ad2ea1954a9d0e69) Arguments: /usr/lib/policykit-1/polkitd --no-debug
  • systemd New Fork (PID: 6479, Parent: 1860)
  • dbus-daemon (PID: 6479, Parent: 1860, MD5: 3089d47e3f3ab84cd81c48fd406d7a8c) Arguments: /usr/bin/dbus-daemon --session --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only
  • systemd New Fork (PID: 6482, Parent: 1860)
  • pulseaudio (PID: 6482, Parent: 1860, MD5: 0c3b4c789d8ffb12b25507f27e14c186) Arguments: /usr/bin/pulseaudio --daemonize=no --log-target=journal
  • systemd New Fork (PID: 6483, Parent: 1)
  • rtkit-daemon (PID: 6483, Parent: 1, MD5: df0cacf1db4ec95ac70f5b6e06b8ffd7) Arguments: /usr/libexec/rtkit-daemon
  • cleanup

Yara Signatures

Memory Dumps

SourceRuleDescriptionAuthorStrings
6269.1.00007f213401b000.00007f213401c000.r-x.sdmpJoeSecurity_OkiruYara detected OkiruJoe Security
    6263.1.00007f213401b000.00007f213401c000.r-x.sdmpJoeSecurity_OkiruYara detected OkiruJoe Security
      6267.1.00007f213401b000.00007f213401c000.r-x.sdmpJoeSecurity_OkiruYara detected OkiruJoe Security
        6265.1.00007f213401b000.00007f213401c000.r-x.sdmpJoeSecurity_OkiruYara detected OkiruJoe Security
          Process Memory Space: morte.ppc.elf PID: 6263JoeSecurity_OkiruYara detected OkiruJoe Security
            Click to see the 3 entries

            Suricata Signatures

            No Suricata rule has matched

            Joe Sandbox Signatures

            • AV Detection
            • Bitcoin Miner
            • Networking
            • System Summary
            • Data Obfuscation
            • Persistence and Installation Behavior
            • Hooking and other Techniques for Hiding and Protection
            • Malware Analysis System Evasion
            • Language, Device and Operating System Detection
            • Stealing of Sensitive Information
            • Remote Access Functionality

            Click to jump to signature section

            Show All Signature Results

            AV Detection

            barindex
            Source: morte.ppc.elfAvira: detected
            Source: morte.ppc.elfReversingLabs: Detection: 33%
            Source: /usr/bin/pkill (PID: 6414)Reads CPU info from /sys: /sys/devices/system/cpu/onlineJump to behavior
            Source: /usr/bin/pulseaudio (PID: 6482)Reads CPU info from /sys: /sys/devices/system/cpu/onlineJump to behavior
            Source: global trafficTCP traffic: 192.168.2.23:46300 -> 176.65.142.252:7575
            Source: global trafficHTTP traffic detected: POST /9aadafe2051348cd32033e1cad68f0a5fe46fba3240ac1e6e42158f31b8a1371790c09baf3996b4979fe8e533446c7dedf30f654c68b25357334c66911dc6a9e HTTP/1.1Host: daisy.ubuntu.comAccept: */*Content-Type: application/octet-streamX-Whoopsie-Version: 0.2.69ubuntu0.3Content-Length: 164887Expect: 100-continue
            Source: /usr/sbin/rsyslogd (PID: 6322)Reads hosts file: /etc/hostsJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6265)Socket: 127.0.0.1:43720Jump to behavior
            Source: /lib/systemd/systemd-journald (PID: 6321)Socket: unknown address familyJump to behavior
            Source: /usr/sbin/gdm3 (PID: 6421)Socket: unknown address familyJump to behavior
            Source: /usr/bin/dbus-daemon (PID: 6446)Socket: unknown address familyJump to behavior
            Source: unknownTCP traffic detected without corresponding DNS query: 91.189.91.42
            Source: unknownTCP traffic detected without corresponding DNS query: 176.65.142.252
            Source: unknownTCP traffic detected without corresponding DNS query: 176.65.142.252
            Source: unknownTCP traffic detected without corresponding DNS query: 176.65.142.252
            Source: unknownTCP traffic detected without corresponding DNS query: 176.65.142.252
            Source: unknownTCP traffic detected without corresponding DNS query: 91.189.91.43
            Source: unknownTCP traffic detected without corresponding DNS query: 176.65.142.252
            Source: unknownTCP traffic detected without corresponding DNS query: 109.202.202.202
            Source: unknownTCP traffic detected without corresponding DNS query: 176.65.142.252
            Source: unknownTCP traffic detected without corresponding DNS query: 91.189.91.42
            Source: unknownTCP traffic detected without corresponding DNS query: 91.189.91.43
            Source: unknownTCP traffic detected without corresponding DNS query: 109.202.202.202
            Source: unknownTCP traffic detected without corresponding DNS query: 91.189.91.42
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: global trafficDNS traffic detected: DNS query: daisy.ubuntu.com
            Source: unknownHTTP traffic detected: POST /9aadafe2051348cd32033e1cad68f0a5fe46fba3240ac1e6e42158f31b8a1371790c09baf3996b4979fe8e533446c7dedf30f654c68b25357334c66911dc6a9e HTTP/1.1Host: daisy.ubuntu.comAccept: */*Content-Type: application/octet-streamX-Whoopsie-Version: 0.2.69ubuntu0.3Content-Length: 164887Expect: 100-continue
            Source: morte.ppc.elfString found in binary or memory: http://upx.sf.net
            Source: syslog.63.drString found in binary or memory: https://www.rsyslog.com
            Source: unknownNetwork traffic detected: HTTP traffic on port 37612 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 43928 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 37612
            Source: unknownNetwork traffic detected: HTTP traffic on port 42836 -> 443

            System Summary

            barindex
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 1 (init), result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 491, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 658, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 720, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 721, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 759, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 761, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 772, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 774, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 777, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 785, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 793, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 797, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 936, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 2, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 3, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 4, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 6, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 9, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 10, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 11, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 12, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 13, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 14, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 15, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 16, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 17, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 18, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 20, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 21, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 22, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 23, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 24, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 25, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 26, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 27, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 28, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 29, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 30, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 35, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 77, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 78, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 79, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 80, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 81, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 82, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 83, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 84, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 85, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 88, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 89, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 91, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 92, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 93, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 94, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 95, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 96, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 97, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 98, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 99, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 100, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 101, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 102, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 103, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 104, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 105, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 106, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 107, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 108, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 109, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 110, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 111, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 112, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 113, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 114, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 115, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 116, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 117, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 118, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 119, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 120, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 121, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 122, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 123, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 124, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 125, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 126, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 127, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 128, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 130, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 132, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 141, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 144, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 157, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 201, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 202, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 203, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 204, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 205, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 206, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 207, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 208, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 209, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 210, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 211, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 212, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 213, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 214, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 215, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 216, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 217, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 218, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 219, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 220, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 221, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 222, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 223, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 224, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 225, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 226, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 227, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 228, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 229, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 230, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 231, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 232, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 233, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 234, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 235, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 236, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 237, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 243, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 248, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 249, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 250, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 251, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 252, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 253, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 254, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 255, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 256, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 257, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 258, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 259, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 260, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 261, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 262, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 263, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 264, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 265, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 266, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 267, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 269, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 270, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 272, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 274, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 278, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 281, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 286, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 322, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 324, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 326, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 327, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 328, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 333, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 346, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 379, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 419, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 420, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 517, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 654, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 655, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 656, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 657, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 667, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 670, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 674, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 675, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 676, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 677, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 896, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent to PID below 1000: pid: 910, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 1 (init), result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 491, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 658, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 720, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 721, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 759, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 761, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 772, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 774, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 777, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 785, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 793, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 797, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 936, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 1320, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 1334, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 1335, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 1344, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 1860, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 1872, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 1886, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 1983, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 2038, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 2048, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 4530, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 6064, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 6216, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 6217, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 6305, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 6306, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 6307, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 6309, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 6312, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 2, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 3, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 4, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 6, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 9, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 10, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 11, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 12, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 13, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 14, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 15, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 16, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 17, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 18, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 20, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 21, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 22, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 23, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 24, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 25, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 26, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 27, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 28, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 29, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 30, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 35, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 77, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 78, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 79, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 80, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 81, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 82, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 83, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 84, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 85, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 88, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 89, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 91, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 92, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 93, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 94, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 95, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 96, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 97, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 98, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 99, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 100, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 101, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 102, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 103, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 104, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 105, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 106, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 107, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 108, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 109, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 110, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 111, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 112, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 113, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 114, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 115, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 116, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 117, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 118, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 119, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 120, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 121, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 122, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 123, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 124, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 125, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 126, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 127, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 128, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 130, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 132, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 141, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 144, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 157, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 201, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 202, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 203, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 204, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 205, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 206, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 207, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 208, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 209, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 210, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 211, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 212, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 213, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 214, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 215, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 216, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 217, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 218, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 219, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 220, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 221, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 222, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 223, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 224, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 225, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 226, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 227, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 228, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 229, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 230, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 231, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 232, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 233, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 234, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 235, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 236, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 237, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 243, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 248, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 249, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 250, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 251, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 252, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 253, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 254, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 255, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 256, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 257, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 258, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 259, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 260, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 261, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 262, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 263, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 264, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 265, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 266, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 267, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 269, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 270, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 272, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 274, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 278, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 281, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 286, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 322, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 324, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 326, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 327, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 328, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 333, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 346, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 379, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 419, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 420, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 517, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 654, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 655, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 656, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 657, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 667, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 670, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 674, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 675, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 676, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 677, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 896, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 910, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 1207, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 2009, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 2014, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 2018, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 2033, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 2128, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 2180, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 2208, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 2281, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 2285, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 2289, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 2294, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 2302, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 2307, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 2746, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 2749, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 2761, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 2882, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 3021, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 3088, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 4339, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 4445, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 4446, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 4447, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 4448, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 4477, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 4479, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 4483, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 6123, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 6178, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 6186, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 6188, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 6265, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 6267, result: unknownJump to behavior
            Source: LOAD without section mappingsProgram segment: 0x100000
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 1 (init), result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 491, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 658, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 720, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 721, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 759, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 761, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 772, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 774, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 777, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 785, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 793, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 797, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 936, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 1320, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 1334, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 1335, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 1344, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 1860, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 1872, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 1886, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 1983, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 2038, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 2048, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 4530, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 6064, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 6216, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 6217, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 6305, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 6306, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 6307, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 6309, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 6312, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 2, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 3, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 4, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 6, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 9, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 10, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 11, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 12, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 13, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 14, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 15, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 16, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 17, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 18, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 20, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 21, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 22, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 23, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 24, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 25, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 26, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 27, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 28, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 29, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 30, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 35, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 77, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 78, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 79, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 80, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 81, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 82, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 83, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 84, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 85, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 88, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 89, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 91, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 92, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 93, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 94, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 95, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 96, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 97, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 98, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 99, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 100, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 101, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 102, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 103, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 104, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 105, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 106, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 107, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 108, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 109, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 110, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 111, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 112, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 113, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 114, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 115, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 116, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 117, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 118, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 119, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 120, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 121, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 122, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 123, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 124, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 125, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 126, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 127, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 128, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 130, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 132, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 141, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 144, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 157, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 201, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 202, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 203, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 204, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 205, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 206, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 207, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 208, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 209, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 210, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 211, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 212, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 213, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 214, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 215, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 216, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 217, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 218, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 219, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 220, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 221, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 222, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 223, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 224, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 225, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 226, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 227, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 228, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 229, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 230, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 231, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 232, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 233, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 234, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 235, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 236, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 237, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 243, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 248, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 249, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 250, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 251, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 252, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 253, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 254, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 255, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 256, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 257, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 258, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 259, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 260, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 261, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 262, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 263, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 264, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 265, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 266, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 267, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 269, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 270, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 272, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 274, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 278, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 281, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 286, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 322, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 324, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 326, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 327, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 328, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 333, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 346, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 379, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 419, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 420, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 517, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 654, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 655, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 656, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 657, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 667, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 670, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 674, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 675, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 676, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 677, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 896, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 910, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 1207, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 2009, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 2014, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 2018, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 2033, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 2128, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 2180, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 2208, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 2281, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 2285, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 2289, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 2294, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 2302, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 2307, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 2746, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 2749, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 2761, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 2882, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 3021, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 3088, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 4339, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 4445, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 4446, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 4447, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 4448, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 4477, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 4479, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 4483, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 6123, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 6178, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 6186, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 6188, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 6265, result: successfulJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)SIGKILL sent: pid: 6267, result: unknownJump to behavior
            Source: classification engineClassification label: mal88.spre.troj.evad.linELF@0/47@3/0

            Data Obfuscation

            barindex
            Source: initial sampleString containing UPX found: $Info: This file is packed with the UPX executable packer http://upx.sf.net $
            Source: initial sampleString containing UPX found: $Info: This file is packed with the UPX executable packer http://upx.sf.net $
            Source: initial sampleString containing UPX found: $Id: UPX 3.94 Copyright (C) 1996-2017 the UPX Team. All Rights Reserved. $

            Persistence and Installation Behavior

            barindex
            Source: /usr/bin/dbus-daemon (PID: 6305)File: /proc/6305/mountsJump to behavior
            Source: /bin/fusermount (PID: 6310)File: /proc/6310/mountsJump to behavior
            Source: /usr/bin/dbus-daemon (PID: 6317)File: /proc/6317/mountsJump to behavior
            Source: /usr/bin/dbus-daemon (PID: 6446)File: /proc/6446/mountsJump to behavior
            Source: /usr/bin/dbus-daemon (PID: 6453)File: /proc/6453/mountsJump to behavior
            Source: /usr/bin/dbus-daemon (PID: 6479)File: /proc/6479/mountsJump to behavior
            Source: /lib/systemd/systemd-journald (PID: 6321)File: /run/systemd/journal/streams/.#9:76908M0a63aJump to behavior
            Source: /lib/systemd/systemd-journald (PID: 6321)File: /run/systemd/journal/streams/.#9:76913VjwAiaJump to behavior
            Source: /lib/systemd/systemd-journald (PID: 6321)File: /run/systemd/journal/streams/.#9:76914PQlo29Jump to behavior
            Source: /lib/systemd/systemd-journald (PID: 6321)File: /run/systemd/journal/streams/.#9:76231uuenKaJump to behavior
            Source: /lib/systemd/systemd-journald (PID: 6321)File: /run/systemd/journal/streams/.#9:76233zN09acJump to behavior
            Source: /lib/systemd/systemd-journald (PID: 6321)File: /run/systemd/journal/streams/.#9:76235KQwjX8Jump to behavior
            Source: /lib/systemd/systemd-journald (PID: 6321)File: /run/systemd/journal/streams/.#9:762369bXC67Jump to behavior
            Source: /lib/systemd/systemd-journald (PID: 6321)File: /run/systemd/journal/streams/.#9:762439ygG4bJump to behavior
            Source: /lib/systemd/systemd-journald (PID: 6321)File: /run/systemd/journal/streams/.#9:76244t2pDH8Jump to behavior
            Source: /lib/systemd/systemd-journald (PID: 6321)File: /run/systemd/journal/streams/.#9:76253SHi6RaJump to behavior
            Source: /lib/systemd/systemd-journald (PID: 6321)File: /run/systemd/journal/streams/.#9:76254UsPoR9Jump to behavior
            Source: /lib/systemd/systemd-journald (PID: 6321)File: /run/systemd/journal/streams/.#9:76255QCwzJaJump to behavior
            Source: /lib/systemd/systemd-journald (PID: 6321)File: /run/systemd/journal/streams/.#9:76277SPbhkaJump to behavior
            Source: /lib/systemd/systemd-journald (PID: 6321)File: /run/systemd/journal/streams/.#9:770145tovOaJump to behavior
            Source: /lib/systemd/systemd-journald (PID: 6321)File: /run/systemd/journal/streams/.#9:77110Zc4iH9Jump to behavior
            Source: /lib/systemd/systemd-journald (PID: 6321)File: /run/systemd/journal/streams/.#9:77124xLMtDbJump to behavior
            Source: /lib/systemd/systemd-journald (PID: 6321)File: /run/systemd/journal/streams/.#9:771630wwgVbJump to behavior
            Source: /lib/systemd/systemd-journald (PID: 6321)File: /run/systemd/journal/streams/.#9:771652zR9lbJump to behavior
            Source: /lib/systemd/systemd-journald (PID: 6321)File: /run/systemd/journal/streams/.#9:7720497IYZ9Jump to behavior
            Source: /lib/systemd/systemd-journald (PID: 6321)File: /run/systemd/journal/streams/.#9:772062yk0dbJump to behavior
            Source: /lib/systemd/systemd-journald (PID: 6321)File: /run/systemd/journal/streams/.#9:76597j0C2VbJump to behavior
            Source: /lib/systemd/systemd-journald (PID: 6321)File: /run/systemd/journal/streams/.#9:76601GS2kw8Jump to behavior
            Source: /lib/systemd/systemd-journald (PID: 6321)File: /run/systemd/journal/streams/.#9:76611EvLym9Jump to behavior
            Source: /lib/systemd/systemd-logind (PID: 6331)Directory: <invalid fd (18)>/..Jump to behavior
            Source: /lib/systemd/systemd-logind (PID: 6331)Directory: <invalid fd (17)>/..Jump to behavior
            Source: /lib/systemd/systemd-logind (PID: 6331)File: /run/systemd/seats/.#seat0Yi3XkVJump to behavior
            Source: /lib/systemd/systemd-logind (PID: 6331)File: /run/systemd/users/.#12787DB5UJump to behavior
            Source: /lib/systemd/systemd-logind (PID: 6331)File: /run/systemd/users/.#127LT75fWJump to behavior
            Source: /lib/systemd/systemd-logind (PID: 6331)File: /run/systemd/seats/.#seat09twULVJump to behavior
            Source: /lib/systemd/systemd-logind (PID: 6331)File: /run/systemd/users/.#127A2DLSUJump to behavior
            Source: /lib/systemd/systemd-logind (PID: 6331)File: /run/systemd/users/.#127yTml4UJump to behavior
            Source: /lib/systemd/systemd-logind (PID: 6331)File: /run/systemd/users/.#1273UF5zVJump to behavior
            Source: /lib/systemd/systemd-logind (PID: 6331)File: /run/systemd/users/.#1273eKLFTJump to behavior
            Source: /usr/lib/gdm3/gdm-wayland-session (PID: 6444)Directory: /var/lib/gdm3/.cacheJump to behavior
            Source: /usr/lib/accountsservice/accounts-daemon (PID: 6425)Directory: /var/lib/gdm3/.pam_environmentJump to behavior
            Source: /usr/lib/accountsservice/accounts-daemon (PID: 6425)Directory: /root/.cacheJump to behavior
            Source: /usr/lib/policykit-1/polkitd (PID: 6436)Directory: /root/.cacheJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)File opened: /proc/3088/cmdlineJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)File opened: /proc/230/cmdlineJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)File opened: /proc/110/cmdlineJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)File opened: /proc/231/cmdlineJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)File opened: /proc/111/cmdlineJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)File opened: /proc/232/cmdlineJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)File opened: /proc/112/cmdlineJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)File opened: /proc/233/cmdlineJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)File opened: /proc/1335/net/tcpJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)File opened: /proc/1335/cmdlineJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)File opened: /proc/113/cmdlineJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)File opened: /proc/234/cmdlineJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)File opened: /proc/1334/net/tcpJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)File opened: /proc/1334/cmdlineJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)File opened: /proc/114/cmdlineJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)File opened: /proc/235/cmdlineJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)File opened: /proc/2302/cmdlineJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)File opened: /proc/115/cmdlineJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)File opened: /proc/236/cmdlineJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)File opened: /proc/116/cmdlineJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)File opened: /proc/237/cmdlineJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)File opened: /proc/117/cmdlineJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)File opened: /proc/118/cmdlineJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)File opened: /proc/910/cmdlineJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)File opened: /proc/119/cmdlineJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)File opened: /proc/10/cmdlineJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)File opened: /proc/2307/cmdlineJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)File opened: /proc/11/cmdlineJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)File opened: /proc/12/cmdlineJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)File opened: /proc/13/cmdlineJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)File opened: /proc/14/cmdlineJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)File opened: /proc/15/cmdlineJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)File opened: /proc/16/cmdlineJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)File opened: /proc/6123/cmdlineJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)File opened: /proc/17/cmdlineJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)File opened: /proc/18/cmdlineJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)File opened: /proc/120/cmdlineJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)File opened: /proc/121/cmdlineJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)File opened: /proc/1/net/tcpJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)File opened: /proc/1/cmdlineJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)File opened: /proc/122/cmdlineJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)File opened: /proc/243/cmdlineJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)File opened: /proc/2/cmdlineJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)File opened: /proc/123/cmdlineJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)File opened: /proc/3/cmdlineJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)File opened: /proc/124/cmdlineJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)File opened: /proc/4/cmdlineJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)File opened: /proc/125/cmdlineJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)File opened: /proc/1344/net/tcpJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)File opened: /proc/126/cmdlineJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)File opened: /proc/6/cmdlineJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)File opened: /proc/127/cmdlineJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)File opened: /proc/248/cmdlineJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)File opened: /proc/128/cmdlineJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)File opened: /proc/249/cmdlineJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)File opened: /proc/9/cmdlineJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)File opened: /proc/20/cmdlineJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)File opened: /proc/21/cmdlineJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)File opened: /proc/22/cmdlineJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)File opened: /proc/23/cmdlineJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)File opened: /proc/24/cmdlineJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)File opened: /proc/25/cmdlineJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)File opened: /proc/26/cmdlineJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)File opened: /proc/27/cmdlineJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)File opened: /proc/28/cmdlineJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)File opened: /proc/29/cmdlineJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)File opened: /proc/491/net/tcpJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)File opened: /proc/250/cmdlineJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)File opened: /proc/130/cmdlineJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)File opened: /proc/251/cmdlineJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)File opened: /proc/252/cmdlineJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)File opened: /proc/132/cmdlineJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)File opened: /proc/253/cmdlineJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)File opened: /proc/254/cmdlineJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)File opened: /proc/255/cmdlineJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)File opened: /proc/256/cmdlineJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)File opened: /proc/257/cmdlineJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)File opened: /proc/379/cmdlineJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)File opened: /proc/258/cmdlineJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)File opened: /proc/259/cmdlineJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)File opened: /proc/936/net/tcpJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)File opened: /proc/936/cmdlineJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)File opened: /proc/30/cmdlineJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)File opened: /proc/2208/cmdlineJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)File opened: /proc/35/cmdlineJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)File opened: /proc/6265/cmdlineJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)File opened: /proc/260/cmdlineJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)File opened: /proc/261/cmdlineJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)File opened: /proc/141/cmdlineJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)File opened: /proc/262/cmdlineJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)File opened: /proc/263/cmdlineJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)File opened: /proc/264/cmdlineJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)File opened: /proc/144/cmdlineJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)File opened: /proc/265/cmdlineJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)File opened: /proc/266/cmdlineJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)File opened: /proc/267/cmdlineJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)File opened: /proc/269/cmdlineJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)File opened: /proc/4530/net/tcpJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)File opened: /proc/270/cmdlineJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)File opened: /proc/272/cmdlineJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)File opened: /proc/274/cmdlineJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)File opened: /proc/157/cmdlineJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)File opened: /proc/278/cmdlineJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)File opened: /proc/281/cmdlineJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6267)File opened: /proc/286/cmdlineJump to behavior
            Source: /usr/bin/gpu-manager (PID: 6391)Shell command executed: sh -c "grep -G \"^blacklist.*nvidia[[:space:]]*$\" /etc/modprobe.d/*.conf"Jump to behavior
            Source: /usr/bin/gpu-manager (PID: 6396)Shell command executed: sh -c "grep -G \"^blacklist.*nvidia[[:space:]]*$\" /lib/modprobe.d/*.conf"Jump to behavior
            Source: /usr/bin/gpu-manager (PID: 6399)Shell command executed: sh -c "grep -G \"^blacklist.*radeon[[:space:]]*$\" /etc/modprobe.d/*.conf"Jump to behavior
            Source: /usr/bin/gpu-manager (PID: 6401)Shell command executed: sh -c "grep -G \"^blacklist.*radeon[[:space:]]*$\" /lib/modprobe.d/*.conf"Jump to behavior
            Source: /usr/bin/gpu-manager (PID: 6403)Shell command executed: sh -c "grep -G \"^blacklist.*amdgpu[[:space:]]*$\" /etc/modprobe.d/*.conf"Jump to behavior
            Source: /usr/bin/gpu-manager (PID: 6405)Shell command executed: sh -c "grep -G \"^blacklist.*amdgpu[[:space:]]*$\" /lib/modprobe.d/*.conf"Jump to behavior
            Source: /usr/bin/gpu-manager (PID: 6407)Shell command executed: sh -c "grep -G \"^blacklist.*nouveau[[:space:]]*$\" /etc/modprobe.d/*.conf"Jump to behavior
            Source: /usr/bin/gpu-manager (PID: 6409)Shell command executed: sh -c "grep -G \"^blacklist.*nouveau[[:space:]]*$\" /lib/modprobe.d/*.conf"Jump to behavior
            Source: /usr/share/language-tools/language-options (PID: 6433)Shell command executed: sh -c "locale -a | grep -F .utf8 "Jump to behavior
            Source: /bin/sh (PID: 6392)Grep executable: /usr/bin/grep -> grep -G ^blacklist.*nvidia[[:space:]]*$ /etc/modprobe.d/alsa-base.conf /etc/modprobe.d/amd64-microcode-blacklist.conf /etc/modprobe.d/blacklist-ath_pci.conf /etc/modprobe.d/blacklist-firewire.conf /etc/modprobe.d/blacklist-framebuffer.conf /etc/modprobe.d/blacklist-modem.conf /etc/modprobe.d/blacklist-oss.conf /etc/modprobe.d/blacklist-rare-network.conf /etc/modprobe.d/blacklist.conf /etc/modprobe.d/intel-microcode-blacklist.conf /etc/modprobe.d/iwlwifi.conf /etc/modprobe.d/mdadm.confJump to behavior
            Source: /bin/sh (PID: 6398)Grep executable: /usr/bin/grep -> grep -G ^blacklist.*nvidia[[:space:]]*$ /lib/modprobe.d/aliases.conf /lib/modprobe.d/blacklist_linux_5.4.0-72-generic.conf /lib/modprobe.d/blacklist_linux_5.4.0-81-generic.conf /lib/modprobe.d/fbdev-blacklist.conf /lib/modprobe.d/systemd.confJump to behavior
            Source: /bin/sh (PID: 6400)Grep executable: /usr/bin/grep -> grep -G ^blacklist.*radeon[[:space:]]*$ /etc/modprobe.d/alsa-base.conf /etc/modprobe.d/amd64-microcode-blacklist.conf /etc/modprobe.d/blacklist-ath_pci.conf /etc/modprobe.d/blacklist-firewire.conf /etc/modprobe.d/blacklist-framebuffer.conf /etc/modprobe.d/blacklist-modem.conf /etc/modprobe.d/blacklist-oss.conf /etc/modprobe.d/blacklist-rare-network.conf /etc/modprobe.d/blacklist.conf /etc/modprobe.d/intel-microcode-blacklist.conf /etc/modprobe.d/iwlwifi.conf /etc/modprobe.d/mdadm.confJump to behavior
            Source: /bin/sh (PID: 6402)Grep executable: /usr/bin/grep -> grep -G ^blacklist.*radeon[[:space:]]*$ /lib/modprobe.d/aliases.conf /lib/modprobe.d/blacklist_linux_5.4.0-72-generic.conf /lib/modprobe.d/blacklist_linux_5.4.0-81-generic.conf /lib/modprobe.d/fbdev-blacklist.conf /lib/modprobe.d/systemd.confJump to behavior
            Source: /bin/sh (PID: 6404)Grep executable: /usr/bin/grep -> grep -G ^blacklist.*amdgpu[[:space:]]*$ /etc/modprobe.d/alsa-base.conf /etc/modprobe.d/amd64-microcode-blacklist.conf /etc/modprobe.d/blacklist-ath_pci.conf /etc/modprobe.d/blacklist-firewire.conf /etc/modprobe.d/blacklist-framebuffer.conf /etc/modprobe.d/blacklist-modem.conf /etc/modprobe.d/blacklist-oss.conf /etc/modprobe.d/blacklist-rare-network.conf /etc/modprobe.d/blacklist.conf /etc/modprobe.d/intel-microcode-blacklist.conf /etc/modprobe.d/iwlwifi.conf /etc/modprobe.d/mdadm.confJump to behavior
            Source: /bin/sh (PID: 6406)Grep executable: /usr/bin/grep -> grep -G ^blacklist.*amdgpu[[:space:]]*$ /lib/modprobe.d/aliases.conf /lib/modprobe.d/blacklist_linux_5.4.0-72-generic.conf /lib/modprobe.d/blacklist_linux_5.4.0-81-generic.conf /lib/modprobe.d/fbdev-blacklist.conf /lib/modprobe.d/systemd.confJump to behavior
            Source: /bin/sh (PID: 6408)Grep executable: /usr/bin/grep -> grep -G ^blacklist.*nouveau[[:space:]]*$ /etc/modprobe.d/alsa-base.conf /etc/modprobe.d/amd64-microcode-blacklist.conf /etc/modprobe.d/blacklist-ath_pci.conf /etc/modprobe.d/blacklist-firewire.conf /etc/modprobe.d/blacklist-framebuffer.conf /etc/modprobe.d/blacklist-modem.conf /etc/modprobe.d/blacklist-oss.conf /etc/modprobe.d/blacklist-rare-network.conf /etc/modprobe.d/blacklist.conf /etc/modprobe.d/intel-microcode-blacklist.conf /etc/modprobe.d/iwlwifi.conf /etc/modprobe.d/mdadm.confJump to behavior
            Source: /bin/sh (PID: 6410)Grep executable: /usr/bin/grep -> grep -G ^blacklist.*nouveau[[:space:]]*$ /lib/modprobe.d/aliases.conf /lib/modprobe.d/blacklist_linux_5.4.0-72-generic.conf /lib/modprobe.d/blacklist_linux_5.4.0-81-generic.conf /lib/modprobe.d/fbdev-blacklist.conf /lib/modprobe.d/systemd.confJump to behavior
            Source: /bin/sh (PID: 6435)Grep executable: /usr/bin/grep -> grep -F .utf8Jump to behavior
            Source: /usr/share/gdm/generate-config (PID: 6414)Pkill executable: /usr/bin/pkill -> pkill --signal HUP --uid gdm dconf-serviceJump to behavior
            Source: /usr/bin/dash (PID: 6224)Rm executable: /usr/bin/rm -> rm -f /tmp/tmp.8mDCkktm5N /tmp/tmp.SSYf8xle0B /tmp/tmp.vlX7lnpvVgJump to behavior
            Source: /usr/bin/dash (PID: 6233)Rm executable: /usr/bin/rm -> rm -f /tmp/tmp.8mDCkktm5N /tmp/tmp.SSYf8xle0B /tmp/tmp.vlX7lnpvVgJump to behavior
            Source: /lib/systemd/systemd-journald (PID: 6321)Reads from proc file: /proc/meminfoJump to behavior
            Source: /sbin/agetty (PID: 6393)Reads version info: /etc/issueJump to behavior
            Source: /usr/sbin/gdm3 (PID: 6421)File: /var/run/gdm3 (bits: - usr: -x grp: x all: rwx)Jump to behavior
            Source: /usr/sbin/gdm3 (PID: 6421)File: /var/log/gdm3 (bits: - usr: -x grp: x all: rwx)Jump to behavior
            Source: /usr/lib/accountsservice/accounts-daemon (PID: 6425)File: /var/lib/AccountsService/icons (bits: - usr: rx grp: rwx all: rwx)Jump to behavior
            Source: /usr/lib/accountsservice/accounts-daemon (PID: 6425)File: /var/lib/AccountsService/users (bits: - usr: - grp: - all: rwx)Jump to behavior
            Source: /usr/sbin/rsyslogd (PID: 6322)Log file created: /var/log/kern.logJump to dropped file
            Source: /usr/sbin/rsyslogd (PID: 6322)Log file created: /var/log/auth.logJump to dropped file
            Source: /usr/bin/gpu-manager (PID: 6389)Log file created: /var/log/gpu-manager.logJump to dropped file
            Source: morte.ppc.elfSubmission file: segment LOAD with 7.978 entropy (max. 8.0)
            Source: /usr/bin/gpu-manager (PID: 6389)Truncated file: /var/log/gpu-manager.logJump to behavior
            Source: /usr/bin/pkill (PID: 6414)Reads CPU info from /sys: /sys/devices/system/cpu/onlineJump to behavior
            Source: /usr/bin/pulseaudio (PID: 6482)Reads CPU info from /sys: /sys/devices/system/cpu/onlineJump to behavior
            Source: /tmp/morte.ppc.elf (PID: 6263)Queries kernel information via 'uname': Jump to behavior
            Source: /lib/systemd/systemd-journald (PID: 6321)Queries kernel information via 'uname': Jump to behavior
            Source: /usr/sbin/rsyslogd (PID: 6322)Queries kernel information via 'uname': Jump to behavior
            Source: /usr/bin/gpu-manager (PID: 6389)Queries kernel information via 'uname': Jump to behavior
            Source: /sbin/agetty (PID: 6393)Queries kernel information via 'uname': Jump to behavior
            Source: /usr/lib/gdm3/gdm-session-worker (PID: 6440)Queries kernel information via 'uname': Jump to behavior
            Source: /usr/bin/pulseaudio (PID: 6482)Queries kernel information via 'uname': Jump to behavior
            Source: morte.ppc.elf, 6263.1.00007ffd37bfe000.00007ffd37c1f000.rw-.sdmp, morte.ppc.elf, 6265.1.00007ffd37bfe000.00007ffd37c1f000.rw-.sdmp, morte.ppc.elf, 6267.1.00007ffd37bfe000.00007ffd37c1f000.rw-.sdmp, morte.ppc.elf, 6269.1.00007ffd37bfe000.00007ffd37c1f000.rw-.sdmpBinary or memory string: &x86_64/usr/bin/qemu-ppc/tmp/morte.ppc.elfSUDO_USER=saturninoPATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/binDISPLAY=:1.0XAUTHORITY=/run/user/1000/gdm/XauthoritySUDO_UID=1000TERM=xterm-256colorCOLORTERM=truecolorLOGNAME=rootUSER=rootLANG=en_US.UTF-8SUDO_COMMAND=/bin/bashHOME=/rootMAIL=/var/mail/rootSUDO_GID=1000SHELL=/bin/bash/tmp/morte.ppc.elf
            Source: morte.ppc.elf, 6267.1.00007ffd37bfe000.00007ffd37c1f000.rw-.sdmpBinary or memory string: /tmp/qemu-open.R48yK4
            Source: morte.ppc.elf, 6263.1.0000561f01455000.0000561f01505000.rw-.sdmp, morte.ppc.elf, 6265.1.0000561f01455000.0000561f01505000.rw-.sdmpBinary or memory string: !/etc/qemu-binfmt/ppc11!hotpluggableq
            Source: morte.ppc.elf, 6267.1.00007ffd37bfe000.00007ffd37c1f000.rw-.sdmpBinary or memory string: V/tmp/qemu-open.R48yK4
            Source: morte.ppc.elf, 6267.1.0000561f01455000.0000561f01505000.rw-.sdmp, morte.ppc.elf, 6269.1.0000561f01455000.0000561f01505000.rw-.sdmpBinary or memory string: !/etc/qemu-binfmt/ppc1
            Source: morte.ppc.elf, 6263.1.0000561f01455000.0000561f01505000.rw-.sdmp, morte.ppc.elf, 6265.1.0000561f01455000.0000561f01505000.rw-.sdmp, morte.ppc.elf, 6267.1.0000561f01455000.0000561f01505000.rw-.sdmp, morte.ppc.elf, 6269.1.0000561f01455000.0000561f01505000.rw-.sdmpBinary or memory string: /etc/qemu-binfmt/ppc
            Source: morte.ppc.elf, 6263.1.00007ffd37bfe000.00007ffd37c1f000.rw-.sdmp, morte.ppc.elf, 6265.1.00007ffd37bfe000.00007ffd37c1f000.rw-.sdmp, morte.ppc.elf, 6267.1.00007ffd37bfe000.00007ffd37c1f000.rw-.sdmp, morte.ppc.elf, 6269.1.00007ffd37bfe000.00007ffd37c1f000.rw-.sdmpBinary or memory string: /usr/bin/qemu-ppc

            Language, Device and Operating System Detection

            barindex
            Source: /usr/lib/accountsservice/accounts-daemon (PID: 6425)Logged in records file read: /var/log/wtmpJump to behavior

            Stealing of Sensitive Information

            barindex
            Source: Yara matchFile source: 6269.1.00007f213401b000.00007f213401c000.r-x.sdmp, type: MEMORY
            Source: Yara matchFile source: 6263.1.00007f213401b000.00007f213401c000.r-x.sdmp, type: MEMORY
            Source: Yara matchFile source: 6267.1.00007f213401b000.00007f213401c000.r-x.sdmp, type: MEMORY
            Source: Yara matchFile source: 6265.1.00007f213401b000.00007f213401c000.r-x.sdmp, type: MEMORY
            Source: Yara matchFile source: Process Memory Space: morte.ppc.elf PID: 6263, type: MEMORYSTR
            Source: Yara matchFile source: Process Memory Space: morte.ppc.elf PID: 6265, type: MEMORYSTR
            Source: Yara matchFile source: Process Memory Space: morte.ppc.elf PID: 6267, type: MEMORYSTR
            Source: Yara matchFile source: Process Memory Space: morte.ppc.elf PID: 6269, type: MEMORYSTR

            Remote Access Functionality

            barindex
            Source: Yara matchFile source: 6269.1.00007f213401b000.00007f213401c000.r-x.sdmp, type: MEMORY
            Source: Yara matchFile source: 6263.1.00007f213401b000.00007f213401c000.r-x.sdmp, type: MEMORY
            Source: Yara matchFile source: 6267.1.00007f213401b000.00007f213401c000.r-x.sdmp, type: MEMORY
            Source: Yara matchFile source: 6265.1.00007f213401b000.00007f213401c000.r-x.sdmp, type: MEMORY
            Source: Yara matchFile source: Process Memory Space: morte.ppc.elf PID: 6263, type: MEMORYSTR
            Source: Yara matchFile source: Process Memory Space: morte.ppc.elf PID: 6265, type: MEMORYSTR
            Source: Yara matchFile source: Process Memory Space: morte.ppc.elf PID: 6267, type: MEMORYSTR
            Source: Yara matchFile source: Process Memory Space: morte.ppc.elf PID: 6269, type: MEMORYSTR

            Mitre Att&ck Matrix

            ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
            Gather Victim Identity Information1
            Scripting            		Valid AccountsWindows Management Instrumentation1
            Scripting            		Path Interception1
            File and Directory Permissions Modification            		1
            OS Credential Dumping            		11
            Security Software Discovery            		Remote ServicesData from Local System1
            Encrypted Channel            		Exfiltration Over Other Network Medium2
            Service Stop
            CredentialsDomainsDefault AccountsScheduled Task/JobBoot or Logon Initialization ScriptsBoot or Logon Initialization Scripts1
            Disable or Modify Tools            		LSASS Memory1
            System Owner/User Discovery            		Remote Desktop ProtocolData from Removable Media1
            Non-Standard Port            		Exfiltration Over BluetoothNetwork Denial of Service
            Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)Logon Script (Windows)1
            Hidden Files and Directories            		Security Account Manager11
            File and Directory Discovery            		SMB/Windows Admin SharesData from Network Shared Drive2
            Non-Application Layer Protocol            		Automated ExfiltrationData Encrypted for Impact
            Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin Hook11
            Obfuscated Files or Information            		NTDS3
            System Information Discovery            		Distributed Component Object ModelInput Capture3
            Application Layer Protocol            		Traffic DuplicationData Destruction
            Gather Victim Network InformationServerCloud AccountsLaunchdNetwork Logon ScriptNetwork Logon Script1
            Indicator Removal            		LSA SecretsInternet Connection DiscoverySSHKeyloggingFallback ChannelsScheduled TransferData Encrypted for Impact
            Domain PropertiesBotnetReplication Through Removable MediaScheduled TaskRC ScriptsRC Scripts1
            File Deletion            		Cached Domain CredentialsWi-Fi DiscoveryVNCGUI Input CaptureMultiband CommunicationData Transfer Size LimitsService Stop

            Malware Configuration

            No configs have been found

            Behavior Graph

            Hide Legend

            Legend:

            • Process
            • Signature
            • Created File
            • DNS/IP Info
            • Is Dropped
            • Number of created Files
            • Is malicious
            • Internet
            behaviorgraph top1 dnsIp2 2 Behavior Graph ID: 1646033 Sample: morte.ppc.elf Startdate: 23/03/2025 Architecture: LINUX Score: 88 78 176.65.142.252, 46300, 7575 WEBTRAFFICDE Germany 2->78 80 109.202.202.202, 80 INIT7CH Switzerland 2->80 82 4 other IPs or domains 2->82 90 Antivirus / Scanner detection for submitted sample 2->90 92 Multi AV Scanner detection for submitted file 2->92 94 Yara detected Okiru 2->94 96 Sample is packed with UPX 2->96 11 systemd gdm3 2->11         started        13 systemd gpu-manager 2->13         started        15 dash rm morte.ppc.elf 2->15         started        17 30 other processes 2->17 signatures3 process4 file5 21 gdm3 gdm-session-worker 11->21         started        35 3 other processes 11->35 23 gpu-manager sh 13->23         started        25 gpu-manager sh 13->25         started        27 gpu-manager sh 13->27         started        37 5 other processes 13->37 29 morte.ppc.elf 15->29         started        76 /var/log/wtmp, data 17->76 dropped 84 Sample reads /proc/mounts (often used for finding a writable filesystem) 17->84 86 Reads system files that contain records of logged in users 17->86 31 accounts-daemon language-validate 17->31         started        33 generate-config pkill 17->33         started        signatures6 process7 process8 39 gdm-session-worker gdm-wayland-session 21->39         started        41 sh grep 23->41         started        43 sh grep 25->43         started        45 sh grep 27->45         started        47 morte.ppc.elf 29->47         started        50 morte.ppc.elf 29->50         started        52 language-validate language-options 31->52         started        54 sh grep 37->54         started        56 4 other processes 37->56 signatures9 58 gdm-wayland-session dbus-run-session 39->58         started        60 gdm-wayland-session dbus-daemon 39->60         started        100 Sample tries to kill a massive number of system processes 47->100 102 Sample tries to kill multiple processes (SIGKILL) 47->102 63 language-options sh 52->63         started        process10 signatures11 65 dbus-run-session dbus-daemon 58->65         started        98 Sample reads /proc/mounts (often used for finding a writable filesystem) 60->98 68 dbus-daemon 60->68         started        70 sh locale 63->70         started        72 sh grep 63->72         started        process12 signatures13 88 Sample reads /proc/mounts (often used for finding a writable filesystem) 65->88 74 dbus-daemon false 68->74         started        process14

            Antivirus, Machine Learning and Genetic Malware Detection

            Initial Sample

            SourceDetectionScannerLabelLink
            morte.ppc.elf33%ReversingLabsLinux.Trojan.Mirai
            morte.ppc.elf100%AviraEXP/ELF.Agent.F.118

            Dropped Files

            No Antivirus matches

            Domains

            No Antivirus matches

            URLs

            No Antivirus matches

            Domains and IPs

            Download Network PCAP: filteredfull

            Contacted Domains

            NameIPActiveMaliciousAntivirus DetectionReputation
            daisy.ubuntu.com
            		162.213.35.25
            		truefalse
              		high

              Contacted URLs

              NameMaliciousAntivirus DetectionReputation
              https://daisy.ubuntu.com/9aadafe2051348cd32033e1cad68f0a5fe46fba3240ac1e6e42158f31b8a1371790c09baf3996b4979fe8e533446c7dedf30f654c68b25357334c66911dc6a9efalse
                		high
                NameSourceMaliciousAntivirus DetectionReputation
                https://www.rsyslog.comsyslog.63.drfalse
                  		high
                  http://upx.sf.netmorte.ppc.elffalse
                    		high

                    World Map of Contacted IPs

                    • No. of IPs < 25%
                    • 25% < No. of IPs < 50%
                    • 50% < No. of IPs < 75%
                    • 75% < No. of IPs

                    Public IPs

                    IPDomainCountryFlagASNASN NameMalicious
                    176.65.142.252
                    		unknownGermany
                    		8649WEBTRAFFICDEfalse
                    162.213.35.24
                    		unknownUnited States
                    		41231CANONICAL-ASGBfalse
                    109.202.202.202
                    		unknownSwitzerland
                    		13030INIT7CHfalse
                    91.189.91.43
                    		unknownUnited Kingdom
                    		41231CANONICAL-ASGBfalse
                    91.189.91.42
                    		unknownUnited Kingdom
                    		41231CANONICAL-ASGBfalse

                    Joe Sandbox View / Context

                    IPs

                    MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                    176.65.142.252morte.mpsl.elfGet hashmaliciousGafgyt, OkiruBrowse
                      morte.x64.elfGet hashmaliciousGafgyt, OkiruBrowse
                        morte.ppc.elfGet hashmaliciousUnknownBrowse
                          morte.mpsl.elfGet hashmaliciousUnknownBrowse
                            raw_cbot.exeGet hashmaliciousUnknownBrowse
                              raw_cbot.exeGet hashmaliciousUnknownBrowse
                                162.213.35.24eehah4.elfGet hashmaliciousUnknownBrowse
                                  efjepc.elfGet hashmaliciousUnknownBrowse
                                    drea4.elfGet hashmaliciousUnknownBrowse
                                      weje64.elfGet hashmaliciousUnknownBrowse
                                        vejfa5.elfGet hashmaliciousUnknownBrowse
                                          bejv86.elfGet hashmaliciousUnknownBrowse
                                            Aqua.arm7.elfGet hashmaliciousMiraiBrowse
                                              efjepc.elfGet hashmaliciousUnknownBrowse
                                                Aqua.arm7.elfGet hashmaliciousMiraiBrowse
                                                  vjwe68k.elfGet hashmaliciousUnknownBrowse
                                                    109.202.202.202kpLwzBouH4.elfGet hashmaliciousUnknownBrowse
                                                    • ch.archive.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_92.0%2bbuild3-0ubuntu0.20.04.1_amd64.deb
                                                    91.189.91.43na.elfGet hashmaliciousPrometeiBrowse
                                                      na.elfGet hashmaliciousPrometeiBrowse
                                                        morte.spc.elfGet hashmaliciousOkiruBrowse
                                                          na.elfGet hashmaliciousPrometeiBrowse
                                                            spc.elfGet hashmaliciousMiraiBrowse
                                                              arm7.elfGet hashmaliciousMiraiBrowse
                                                                arc.elfGet hashmaliciousUnknownBrowse
                                                                  na.elfGet hashmaliciousPrometeiBrowse
                                                                    morte.ppc.elfGet hashmaliciousUnknownBrowse
                                                                      na.elfGet hashmaliciousPrometeiBrowse

                                                                        Domains

                                                                        MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                        daisy.ubuntu.comarm5.elfGet hashmaliciousUnknownBrowse
                                                                        • 162.213.35.24
                                                                        arm6.elfGet hashmaliciousMiraiBrowse
                                                                        • 162.213.35.25
                                                                        hidakibest.arm6.elfGet hashmaliciousGafgyt, MiraiBrowse
                                                                        • 162.213.35.25
                                                                        hidakibest.mips.elfGet hashmaliciousGafgyt, MiraiBrowse
                                                                        • 162.213.35.24
                                                                        hidakibest.x86.elfGet hashmaliciousMirai, GafgytBrowse
                                                                        • 162.213.35.25
                                                                        hidakibest.mpsl.elfGet hashmaliciousGafgyt, MiraiBrowse
                                                                        • 162.213.35.25
                                                                        hidakibest.ppc.elfGet hashmaliciousGafgyt, MiraiBrowse
                                                                        • 162.213.35.24
                                                                        hidakibest.arm4.elfGet hashmaliciousGafgyt, MiraiBrowse
                                                                        • 162.213.35.24
                                                                        hidakibest.sparc.elfGet hashmaliciousGafgyt, MiraiBrowse
                                                                        • 162.213.35.25
                                                                        hidakibest.arm5.elfGet hashmaliciousGafgyt, MiraiBrowse
                                                                        • 162.213.35.24

                                                                        ASNs

                                                                        MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                        CANONICAL-ASGBna.elfGet hashmaliciousPrometeiBrowse
                                                                        • 91.189.91.42
                                                                        na.elfGet hashmaliciousPrometeiBrowse
                                                                        • 91.189.91.42
                                                                        morte.spc.elfGet hashmaliciousOkiruBrowse
                                                                        • 91.189.91.42
                                                                        na.elfGet hashmaliciousPrometeiBrowse
                                                                        • 91.189.91.42
                                                                        spc.elfGet hashmaliciousMiraiBrowse
                                                                        • 91.189.91.42
                                                                        arm7.elfGet hashmaliciousMiraiBrowse
                                                                        • 91.189.91.42
                                                                        arc.elfGet hashmaliciousUnknownBrowse
                                                                        • 91.189.91.42
                                                                        arm.elfGet hashmaliciousMiraiBrowse
                                                                        • 185.125.190.26
                                                                        na.elfGet hashmaliciousPrometeiBrowse
                                                                        • 91.189.91.42
                                                                        morte.ppc.elfGet hashmaliciousUnknownBrowse
                                                                        • 91.189.91.42
                                                                        WEBTRAFFICDEmorte.mpsl.elfGet hashmaliciousGafgyt, OkiruBrowse
                                                                        • 176.65.142.252
                                                                        morte.x64.elfGet hashmaliciousGafgyt, OkiruBrowse
                                                                        • 176.65.142.252
                                                                        morte.ppc.elfGet hashmaliciousUnknownBrowse
                                                                        • 176.65.142.252
                                                                        morte.mpsl.elfGet hashmaliciousUnknownBrowse
                                                                        • 176.65.142.252
                                                                        file2.bin.exeGet hashmaliciousRHADAMANTHYSBrowse
                                                                        • 176.65.142.216
                                                                        file3.bin.exeGet hashmaliciousRHADAMANTHYSBrowse
                                                                        • 176.65.142.209
                                                                        087296f1dee69c2624b2eddca0f347c520eb5afc96080203.vstm.ps1Get hashmaliciousRHADAMANTHYSBrowse
                                                                        • 176.65.142.209
                                                                        7fbe5fb3ba958a77f17d1d400555809e71d86fe8999830c1.wpd.ps1Get hashmaliciousRHADAMANTHYSBrowse
                                                                        • 176.65.142.216
                                                                        file2.bin.exeGet hashmaliciousRHADAMANTHYSBrowse
                                                                        • 176.65.142.216
                                                                        file3.bin.exeGet hashmaliciousRHADAMANTHYSBrowse
                                                                        • 176.65.142.209
                                                                        CANONICAL-ASGBna.elfGet hashmaliciousPrometeiBrowse
                                                                        • 91.189.91.42
                                                                        na.elfGet hashmaliciousPrometeiBrowse
                                                                        • 91.189.91.42
                                                                        morte.spc.elfGet hashmaliciousOkiruBrowse
                                                                        • 91.189.91.42
                                                                        na.elfGet hashmaliciousPrometeiBrowse
                                                                        • 91.189.91.42
                                                                        spc.elfGet hashmaliciousMiraiBrowse
                                                                        • 91.189.91.42
                                                                        arm7.elfGet hashmaliciousMiraiBrowse
                                                                        • 91.189.91.42
                                                                        arc.elfGet hashmaliciousUnknownBrowse
                                                                        • 91.189.91.42
                                                                        arm.elfGet hashmaliciousMiraiBrowse
                                                                        • 185.125.190.26
                                                                        na.elfGet hashmaliciousPrometeiBrowse
                                                                        • 91.189.91.42
                                                                        morte.ppc.elfGet hashmaliciousUnknownBrowse
                                                                        • 91.189.91.42
                                                                        INIT7CHna.elfGet hashmaliciousPrometeiBrowse
                                                                        • 109.202.202.202
                                                                        na.elfGet hashmaliciousPrometeiBrowse
                                                                        • 109.202.202.202
                                                                        morte.spc.elfGet hashmaliciousOkiruBrowse
                                                                        • 109.202.202.202
                                                                        na.elfGet hashmaliciousPrometeiBrowse
                                                                        • 109.202.202.202
                                                                        spc.elfGet hashmaliciousMiraiBrowse
                                                                        • 109.202.202.202
                                                                        arm7.elfGet hashmaliciousMiraiBrowse
                                                                        • 109.202.202.202
                                                                        arc.elfGet hashmaliciousUnknownBrowse
                                                                        • 109.202.202.202
                                                                        na.elfGet hashmaliciousPrometeiBrowse
                                                                        • 109.202.202.202
                                                                        morte.ppc.elfGet hashmaliciousUnknownBrowse
                                                                        • 109.202.202.202
                                                                        na.elfGet hashmaliciousPrometeiBrowse
                                                                        • 109.202.202.202

                                                                        JA3 Fingerprints

                                                                        No context

                                                                        Dropped Files

                                                                        No context

                                                                        Created / dropped Files

                                                                        Process:/usr/bin/pulseaudio
                                                                        File Type:ASCII text
                                                                        Category:dropped
                                                                        Size (bytes):10
                                                                        Entropy (8bit):2.9219280948873623
                                                                        Encrypted:false
                                                                        SSDEEP:3:5bkPn:pkP
                                                                        MD5:FF001A15CE15CF062A3704CEA2991B5F
                                                                        SHA1:B06F6855F376C3245B82212AC73ADED55DFE5DEF
                                                                        SHA-256:C54830B41ECFA1B6FBDC30397188DDA86B7B200E62AEAC21AE694A6192DCC38A
                                                                        SHA-512:65EBF7C31F6F65713CE01B38A112E97D0AE64A6BD1DA40CE4C1B998F10CD3912EE1A48BB2B279B24493062118AAB3B8753742E2AF28E56A31A7AAB27DE80E7BF
                                                                        Malicious:false
                                                                        Reputation:moderate, very likely benign file
                                                                        Preview:auto_null.
                                                                        Process:/usr/bin/pulseaudio
                                                                        File Type:ASCII text
                                                                        Category:dropped
                                                                        Size (bytes):18
                                                                        Entropy (8bit):3.4613201402110088
                                                                        Encrypted:false
                                                                        SSDEEP:3:5bkrIZsXvn:pkckv
                                                                        MD5:28FE6435F34B3367707BB1C5D5F6B430
                                                                        SHA1:EB8FE2D16BD6BBCCE106C94E4D284543B2573CF6
                                                                        SHA-256:721A37C69E555799B41D308849E8F8125441883AB021B723FED90A9B744F36C0
                                                                        SHA-512:6B6AB7C0979629D0FEF6BE47C5C6BCC367EDD0AAE3FC973F4DE2FD5F0A819C89E7656DB65D453B1B5398E54012B27EDFE02894AD87A7E0AF3A9C5F2EB24A9919
                                                                        Malicious:false
                                                                        Reputation:moderate, very likely benign file
                                                                        Preview:auto_null.monitor.
                                                                        Process:/usr/bin/dbus-daemon
                                                                        File Type:very short file (no magic)
                                                                        Category:dropped
                                                                        Size (bytes):1
                                                                        Entropy (8bit):0.0
                                                                        Encrypted:false
                                                                        SSDEEP:3:V:V
                                                                        MD5:CFCD208495D565EF66E7DFF9F98764DA
                                                                        SHA1:B6589FC6AB0DC82CF12099D1C2D40AB994E8410C
                                                                        SHA-256:5FECEB66FFC86F38D952786C6D696C79C2DBC239DD4E91B46729D73A27FB57E9
                                                                        SHA-512:31BCA02094EB78126A517B206A88C73CFA9EC6F704C7030D18212CACE820F025F00BF0EA68DBF3F3A5436CA63B53BF7BF80AD8D5DE7D8359D0B7FED9DBC3AB99
                                                                        Malicious:false
                                                                        Reputation:high, very likely benign file
                                                                        Preview:0
                                                                        Process:/usr/sbin/gdm3
                                                                        File Type:ASCII text
                                                                        Category:dropped
                                                                        Size (bytes):5
                                                                        Entropy (8bit):2.321928094887362
                                                                        Encrypted:false
                                                                        SSDEEP:3:Q:Q
                                                                        MD5:0734600370BC0448511F337472936A4E
                                                                        SHA1:CF281B1FD7081B1A967361A9333C6EDB5E0A6CAE
                                                                        SHA-256:B84AF58736A4B032136A9DD2856F8718D7356F9AF3FE5EFBB0BE5833820760D7
                                                                        SHA-512:7DCF4FBB85FDC32F2B22BA38F1904EBACBF5E8D8EA79484C189F6A3ECC6C2C32CA71DA2B18FB39EE3A204CBF372837491CB334F9199C46962D98C9E57C61FE62
                                                                        Malicious:false
                                                                        Reputation:low
                                                                        Preview:6421.
                                                                        Process:/lib/systemd/systemd-journald
                                                                        File Type:ASCII text
                                                                        Category:dropped
                                                                        Size (bytes):207
                                                                        Entropy (8bit):5.422210853230373
                                                                        Encrypted:false
                                                                        SSDEEP:3:SbFVVmFyinKMsPOYsn9ms954Hh6SnLAqC+h6KV+h6CQzuxmpjXAMG4UUBXgXTiSE:SbFuFyLVIg1BG+f+M1AHqBSgTjosQu
                                                                        MD5:AA804DE9D479AD09D526B1C9F9BA6CEB
                                                                        SHA1:71ED744A7A0E617B96ED75C101AF94FD8A734624
                                                                        SHA-256:0B8021851078035C8E304DEA5B35E3CA19D3E3D597F47D2A9B80547875B92F60
                                                                        SHA-512:DFD0636BEB3C3726449F2BF902C8C8491CEF4ABF8CD9A21CD9D5EB8202D243F5AA05AFD52D633281B085BF76F1864FFAD85B6F523C8BF35F0EC5F6AA6C53C4D9
                                                                        Malicious:false
                                                                        Reputation:low
                                                                        Preview:# This is private data. Do not parse.PRIORITY=30.LEVEL_PREFIX=1.FORWARD_TO_SYSLOG=0.FORWARD_TO_KMSG=0.FORWARD_TO_CONSOLE=0.STREAM_ID=c7012c278fca41139bfae294ce64afcf.IDENTIFIER=dbus-daemon.UNIT=dbus.service.
                                                                        Process:/lib/systemd/systemd-journald
                                                                        File Type:ASCII text
                                                                        Category:dropped
                                                                        Size (bytes):208
                                                                        Entropy (8bit):5.398395544839502
                                                                        Encrypted:false
                                                                        SSDEEP:3:SbFVVmFyinKMsPOYsn9ms954Hh6SnLAqC+h6KV+h6CQzuxm/i3HHIUQvqETjsmNm:SbFuFyLVIg1BG+f+Ma3IUQv7TjdCLKzK
                                                                        MD5:9F6183A0315E25AC512DDF9C143C679C
                                                                        SHA1:B51ACEBC07494F821D09D478D766B67F8212B47E
                                                                        SHA-256:DE95C1336F18ACFFFAF5E0C8CB634B03834886DA757C2BC71A8D9B93B6492628
                                                                        SHA-512:E88EFFA66A23D95B909F40E8C1154F808D682F7447EEFC33425E98CFF3D162A43733B0B3F54E83E20D250B9B3F50EFA259534D1D1732077E8520874CC31656F1
                                                                        Malicious:false
                                                                        Preview:# This is private data. Do not parse.PRIORITY=30.LEVEL_PREFIX=1.FORWARD_TO_SYSLOG=0.FORWARD_TO_KMSG=0.FORWARD_TO_CONSOLE=0.STREAM_ID=5fe207abb1ff47a89761540f8342705f.IDENTIFIER=whoopsie.UNIT=whoopsie.service.
                                                                        Process:/lib/systemd/systemd-journald
                                                                        File Type:ASCII text
                                                                        Category:dropped
                                                                        Size (bytes):188
                                                                        Entropy (8bit):5.374894434380976
                                                                        Encrypted:false
                                                                        SSDEEP:3:SbFVVmFyinKMsPOYsn9ms954Hh6SnLAqC+h6KV+h6CQzuxm4ymELlQEvRqjshQJT:SbFuFyLVIg1BG+f+M4sLOEv8jtWL0
                                                                        MD5:FE5FAFFA4FC74C8F34B7977F04692634
                                                                        SHA1:0D05383B3C951BE09FCF5EA4E310965AA4817A57
                                                                        SHA-256:BFAEABB4E3521ED80C07B25F62CCB003C1950C8A70EAC7C75A32F3110DF94747
                                                                        SHA-512:D7AE27A1BD27C858D5A969F13DCDEB10601D947DF83C491075E013B44728482A3D20CC2B062D79C996811DB46DB139477B8390294BA54CFF94388CA832814B00
                                                                        Malicious:false
                                                                        Preview:# This is private data. Do not parse.PRIORITY=30.LEVEL_PREFIX=1.FORWARD_TO_SYSLOG=0.FORWARD_TO_KMSG=0.FORWARD_TO_CONSOLE=0.STREAM_ID=23421a9221f2428dbd615f84b610c9c6.IDENTIFIER=pulseaudio.
                                                                        Process:/lib/systemd/systemd-journald
                                                                        File Type:ASCII text
                                                                        Category:dropped
                                                                        Size (bytes):207
                                                                        Entropy (8bit):5.386930810192659
                                                                        Encrypted:false
                                                                        SSDEEP:3:SbFVVmFyinKMsPOYsn9ms954Hh6SnLAqC+h6KV+h6CQzuxmoNDbC2fxHAA+sjs16:SbFuFyLVIg1BG+f+MoE2BvTjosQu
                                                                        MD5:0250B514B49B93DCC46E1C404F1C6DD2
                                                                        SHA1:FB61BA4E8F5E3D6054EDA920659427A139200245
                                                                        SHA-256:CAEDE4EE7D05C358FD0DCA6BC2FC97CBEDD18E557199E0B3B7551B81A5D0D7FD
                                                                        SHA-512:28EB5DA1B93B31E3C59F66EADC133DD572295A69C938A6CFB8528D710F3C35D8DB402EF311F755B5C9B8CAA75956B562CE06F55188189837CD088623314153E1
                                                                        Malicious:false
                                                                        Preview:# This is private data. Do not parse.PRIORITY=30.LEVEL_PREFIX=1.FORWARD_TO_SYSLOG=0.FORWARD_TO_KMSG=0.FORWARD_TO_CONSOLE=0.STREAM_ID=b28f62ec202f4cf0b3a6188b4ba480db.IDENTIFIER=dbus-daemon.UNIT=dbus.service.
                                                                        Process:/lib/systemd/systemd-journald
                                                                        File Type:ASCII text
                                                                        Category:dropped
                                                                        Size (bytes):208
                                                                        Entropy (8bit):5.331289025512417
                                                                        Encrypted:false
                                                                        SSDEEP:6:SbFuFyLVIg1BG+f+MKQtAPD5C43TjdCLKzK:qgFq6g10+f+MSDdVCLAK
                                                                        MD5:35CD0603C3C3652FADC567F864045CD4
                                                                        SHA1:F2222C4BB31469D88415DE80E2629F86A6A8E07B
                                                                        SHA-256:FF19795C4488749B65ED8AF57BDAC7AC4E5182E479BF60382F453DCA309B5BCA
                                                                        SHA-512:4A06C1CCB56ED4EF208D7884993E075EBAD0775E551A878232BA976E8AD9E5BCADDD42BDE5293C8FE1CE2A3AA4CF5176911B175674DDC28E709A94A59F9F2E32
                                                                        Malicious:false
                                                                        Preview:# This is private data. Do not parse.PRIORITY=30.LEVEL_PREFIX=1.FORWARD_TO_SYSLOG=0.FORWARD_TO_KMSG=0.FORWARD_TO_CONSOLE=0.STREAM_ID=e7495ce78e1a4fbeb214e4ec0b14ac8a.IDENTIFIER=whoopsie.UNIT=whoopsie.service.
                                                                        Process:/lib/systemd/systemd-journald
                                                                        File Type:ASCII text
                                                                        Category:dropped
                                                                        Size (bytes):220
                                                                        Entropy (8bit):5.48310967055769
                                                                        Encrypted:false
                                                                        SSDEEP:3:SbFVVmFyinKMsPOYsn9ms954Hh6SnLAqC+h6KV+h6CQzuxmuYNDBXhFR868jsicN:SbFuFyLVIg1BG+f+MuKdPK5jZcHcljX+
                                                                        MD5:E4FD1AC6BCC075C6A3FBF756C73071FF
                                                                        SHA1:7E2DA2A2A7D748FD24D201AC3ED5D657B0D882C5
                                                                        SHA-256:27C0C9C220A0F38ED9633B2F92AF4D706DE0F33AE8D4A99A7F5B7F361B630D01
                                                                        SHA-512:2E5FD83423A29088EE39567BE79C289AB80779D6D65B8B97C1E58DF5F5B922481FA38025069E4DFB5F419580AC2A0432EF354CF98E8BC1DBE062171037D89499
                                                                        Malicious:false
                                                                        Preview:# This is private data. Do not parse.PRIORITY=30.LEVEL_PREFIX=1.FORWARD_TO_SYSLOG=0.FORWARD_TO_KMSG=0.FORWARD_TO_CONSOLE=0.STREAM_ID=dc1a2c8214924f2082e6fd29519ccb95.IDENTIFIER=systemd-logind.UNIT=systemd-logind.service.
                                                                        Process:/lib/systemd/systemd-journald
                                                                        File Type:ASCII text
                                                                        Category:dropped
                                                                        Size (bytes):208
                                                                        Entropy (8bit):5.392499602030972
                                                                        Encrypted:false
                                                                        SSDEEP:6:SbFuFyLVIg1BG+f+M4DENoGSFaK86jLkGq:qgFq6g10+f+M48SFaKYT
                                                                        MD5:5C06768DE5D0827F98577FACA12695FF
                                                                        SHA1:FB22F1528AA54DD2DCEC21E4D6A53C0714FDC0DB
                                                                        SHA-256:D8F44322B8794710DEDBE5EF892F8133A12784BBF2E6B3F0C71E98820CFD7928
                                                                        SHA-512:C2E97DE86EA930EDCB4B70097719E9456A5D3ECEAC3A6170DD901535A7203A16ABCCF40D5531B6D84ABCC9430230CF604EC601A40FCCA3C8283A3E94E68B049F
                                                                        Malicious:false
                                                                        Preview:# This is private data. Do not parse.PRIORITY=30.LEVEL_PREFIX=1.FORWARD_TO_SYSLOG=0.FORWARD_TO_KMSG=0.FORWARD_TO_CONSOLE=0.STREAM_ID=2fa1ad48f2414c78a763c4b8a83f1dcc.IDENTIFIER=agetty.UNIT=getty@tty2.service.
                                                                        Process:/lib/systemd/systemd-journald
                                                                        File Type:ASCII text
                                                                        Category:dropped
                                                                        Size (bytes):210
                                                                        Entropy (8bit):5.454522807444322
                                                                        Encrypted:false
                                                                        SSDEEP:3:SbFVVmFyinKMsPOYsn9ms954Hh6SnLCHh6KV+h6CQzuxmunGh9SKBym8js2ALAXA:SbFuFyLVIg1BAf+MuM9SUyVjNALyAZD
                                                                        MD5:FB84D6565DEBE1B7578CC0F5CF503C9D
                                                                        SHA1:4B59C9282D42CB3F7162AEDD4BDBF2203389EE46
                                                                        SHA-256:AF5E38BAE9F5532206176FE7E554CE41C82CF71AAD3611245425B992104B3A79
                                                                        SHA-512:A5A388778DDA783917ADEACC0644828DF0449BD579A5E342B1934A9C2395F18C5F09134D07A508485982FB534D33FB5982A22CED166C34E98A279BBDCABCF9AD
                                                                        Malicious:false
                                                                        Preview:# This is private data. Do not parse.PRIORITY=30.LEVEL_PREFIX=1.FORWARD_TO_SYSLOG=1.FORWARD_TO_KMSG=0.FORWARD_TO_CONSOLE=0.STREAM_ID=d4e55690d9b647aa87c38a57f2b227ae.IDENTIFIER=generate-config.UNIT=gdm.service.
                                                                        Process:/lib/systemd/systemd-journald
                                                                        File Type:ASCII text
                                                                        Category:dropped
                                                                        Size (bytes):228
                                                                        Entropy (8bit):5.414148194324906
                                                                        Encrypted:false
                                                                        SSDEEP:6:SbFuFyLVIg1BG+f+M8rcAqZjdCt/rRMtq:qgFq6g10+f+M8rcfCDL
                                                                        MD5:DF6F390AF3E29B201394383D6B939A06
                                                                        SHA1:FA38FCB48B9010D88B230C9DE977FA6C6BA87941
                                                                        SHA-256:8C47F786D84780D3F71C9DDDD69C8EDCA6B4A8FC4BE54BB44C49CA6C73666EEB
                                                                        SHA-512:A95CF1E8FEBD36B04680F3F9BBC4A1F1AAA9E319C50B7B44DB22506F9D9F755828B10EFFC5FA4EFD83DF0B45205B2CCC3C54C99FFFA645C8163062EA54C65934
                                                                        Malicious:false
                                                                        Preview:# This is private data. Do not parse.PRIORITY=30.LEVEL_PREFIX=1.FORWARD_TO_SYSLOG=0.FORWARD_TO_KMSG=0.FORWARD_TO_CONSOLE=0.STREAM_ID=6a6da297c5a04ad3ba5c734a1090193b.IDENTIFIER=whoopsie-upload-all.UNIT=apport-autoreport.service.
                                                                        Process:/lib/systemd/systemd-journald
                                                                        File Type:ASCII text
                                                                        Category:dropped
                                                                        Size (bytes):211
                                                                        Entropy (8bit):5.4506398140811685
                                                                        Encrypted:false
                                                                        SSDEEP:3:SbFVVmFyinKMsPOYsn9ms954Hh6SnLCHh6KV+h6CQzuxm/f1AHddlZBATjs2BbQL:SbFuFyLVIg1BAf+Mn1AHddvijNdQIeXD
                                                                        MD5:33DEE1D43E9898103E700D62B3735799
                                                                        SHA1:398AAE20F8682A8DE0D3E10215B1E204F29957A7
                                                                        SHA-256:25560B7FC0FAF8F0D6B71AFB273376797E1212253DA9D561CF676B8D950CF810
                                                                        SHA-512:0C3821668B6410E74A789F4314B352DBCB7CFB978DC93589292C979C7C443DEA35F9112BCB3ADFFBFFBB1ACFBC77D55C42D3F9579A539379BB1F4B992F083965
                                                                        Malicious:false
                                                                        Preview:# This is private data. Do not parse.PRIORITY=30.LEVEL_PREFIX=1.FORWARD_TO_SYSLOG=1.FORWARD_TO_KMSG=0.FORWARD_TO_CONSOLE=0.STREAM_ID=5f3a3f9dd50f415882efbd750a976dae.IDENTIFIER=gdm-wait-for-drm.UNIT=gdm.service.
                                                                        Process:/lib/systemd/systemd-journald
                                                                        File Type:ASCII text
                                                                        Category:dropped
                                                                        Size (bytes):189
                                                                        Entropy (8bit):5.33589844076011
                                                                        Encrypted:false
                                                                        SSDEEP:3:SbFVVmFyinKMsPOYsn9ms954Hh6SnLAqC+h6KV+h6CQzuxm4EVMEWKVAc5qjs1Ha:SbFuFyLVIg1BG+f+M4IWO/qjoa
                                                                        MD5:EB558368A8914E8F3470F3FD9E215671
                                                                        SHA1:BE20E7FC691A593E76342EB39A78405BC2D40295
                                                                        SHA-256:5CA5ECAA36E1D854CCAC3DB0A921E1A34CC4D7E5BFCDF0979DA191880DDE9E94
                                                                        SHA-512:A516D44C3E9DF295AF6454026E634CD446952A5BCEE7C76953C212D4AC31C637B8DE37D1E62C9A545685168A47333C58F83DF5A3A914CA257CC1CA2780E38E0A
                                                                        Malicious:false
                                                                        Preview:# This is private data. Do not parse.PRIORITY=30.LEVEL_PREFIX=1.FORWARD_TO_SYSLOG=0.FORWARD_TO_KMSG=0.FORWARD_TO_CONSOLE=0.STREAM_ID=2a5ee5c972514eaba5ab14e017f94ac9.IDENTIFIER=dbus-daemon.
                                                                        Process:/lib/systemd/systemd-journald
                                                                        File Type:ASCII text
                                                                        Category:dropped
                                                                        Size (bytes):188
                                                                        Entropy (8bit):5.348626131550091
                                                                        Encrypted:false
                                                                        SSDEEP:3:SbFVVmFyinKMsPOYsn9ms954Hh6SnLAqC+h6KV+h6CQzuxm51j3fTukh1oBAD0Th:SbFuFyLVIg1BG+f+MrLig1FIjtWL0
                                                                        MD5:87F1A4E6E43A948DCB86E79F78889BFA
                                                                        SHA1:F06B62F4D05B8372DA46BEFA8D5F84E3B01F2320
                                                                        SHA-256:10DD3AFA6B3A265422B8F5D4736E37D23F3F7695BE768BBF09BF7E0148859BA7
                                                                        SHA-512:93818B7B52E3584EC6F036FD778F984DB41CDAA5D36B12BC90E4B402F7D6A0FE5D5C981EABE12830CCF63B2627B4D67E2E2821B162DB87B88673B2A6C4B03A23
                                                                        Malicious:false
                                                                        Preview:# This is private data. Do not parse.PRIORITY=30.LEVEL_PREFIX=1.FORWARD_TO_SYSLOG=0.FORWARD_TO_KMSG=0.FORWARD_TO_CONSOLE=0.STREAM_ID=34ddf977a9d34b06abedec846751def6.IDENTIFIER=pulseaudio.
                                                                        Process:/lib/systemd/systemd-journald
                                                                        File Type:ASCII text
                                                                        Category:dropped
                                                                        Size (bytes):216
                                                                        Entropy (8bit):5.448618272609424
                                                                        Encrypted:false
                                                                        SSDEEP:3:SbFVVmFyinKMsPOYsn9ms954Hh6SnLAqC+h6KV+h6CQzuxmoAF0RWRcCj2dAvs2r:SbFuFyLVIg1BG+f+MoAAC6E8jNE
                                                                        MD5:09C40C8BFB2411BB59FD81EB1690977E
                                                                        SHA1:E15C4C1FD9A0B29848024AB097CBD8DAD70B3182
                                                                        SHA-256:ABF0136E8F6ACE057229A7D6887DBA60C4EEA5CB4BCA9C0D9C836FF4DB435D67
                                                                        SHA-512:6E3DE00AB66B9F50EDE0E16B07D9CD8E88940BD54571F9AA703A1DB337DB539DAB1099895B85CA339A0510AFB9012C1ED2D6C1A582A4102317B503CD3A084E71
                                                                        Malicious:false
                                                                        Preview:# This is private data. Do not parse.PRIORITY=30.LEVEL_PREFIX=1.FORWARD_TO_SYSLOG=0.FORWARD_TO_KMSG=0.FORWARD_TO_CONSOLE=0.STREAM_ID=b3ba59ce752b43498e751f0a7819d290.IDENTIFIER=rtkit-daemon.UNIT=rtkit-daemon.service.
                                                                        Process:/lib/systemd/systemd-journald
                                                                        File Type:ASCII text
                                                                        Category:dropped
                                                                        Size (bytes):223
                                                                        Entropy (8bit):5.4755481044721455
                                                                        Encrypted:false
                                                                        SSDEEP:3:SbFVVmFyinKMsPOYsn9ms954Hh6SnLAqC+h6KV+h6CQzuxm/RMXbV6T9CDWrxsjq:SbFuFyLVIg1BG+f+MZMLa9Ctji4s
                                                                        MD5:7AF87C150832D96D466C0FD620BC7BC9
                                                                        SHA1:205FC2703A8A258BA4A2677C167A673CB418B7F7
                                                                        SHA-256:8F67F47F5B2F0CF2C109906DE0CE0217B13A1F01A580E47CD76316D3F15F7883
                                                                        SHA-512:6C6E474976436FEAEAC8F96A9A7D93B658D125D35FB8544C6CF60469448E9C5E79F27CFAF5EE0C7544D94F91D8263C14510C5EC881A30D60DED0E46C1FF04949
                                                                        Malicious:false
                                                                        Preview:# This is private data. Do not parse.PRIORITY=30.LEVEL_PREFIX=1.FORWARD_TO_SYSLOG=0.FORWARD_TO_KMSG=0.FORWARD_TO_CONSOLE=0.STREAM_ID=503ec1322fc54bafbcec0161ef560fcb.IDENTIFIER=journalctl.UNIT=systemd-journal-flush.service.
                                                                        Process:/lib/systemd/systemd-journald
                                                                        File Type:ASCII text
                                                                        Category:dropped
                                                                        Size (bytes):200
                                                                        Entropy (8bit):5.42586203006195
                                                                        Encrypted:false
                                                                        SSDEEP:6:SbFuFyLVK6g7/+BG+f+M8B3ci0jFmzXvn:qgFqo6g7/+0+f+M8B3R+QXvn
                                                                        MD5:C01FAFCEB82A82492D625985BCD44F00
                                                                        SHA1:48FDD991E66BE3854549B2EA5D8D3A001D7C2D8D
                                                                        SHA-256:DCE462DDD3194BA13F114EA856A7B37DDB74145F1661066E53BE234F86162FE3
                                                                        SHA-512:E3CB5FB39F2A52D23511624CE2876F39D68A5BA31015BFFEEBF369DFF4BF55EE1DEA02FE6ED7639C8299C501318BB10B1630E38DEC83E218432287EA81FB743A
                                                                        Malicious:false
                                                                        Preview:# This is private data. Do not parse.PRIORITY=6.LEVEL_PREFIX=0.FORWARD_TO_SYSLOG=0.FORWARD_TO_KMSG=0.FORWARD_TO_CONSOLE=0.STREAM_ID=6d0b71549afe4a7888a84023c5af83ea.IDENTIFIER=org.gnome.Shell.desktop.
                                                                        Process:/lib/systemd/systemd-journald
                                                                        File Type:ASCII text
                                                                        Category:dropped
                                                                        Size (bytes):200
                                                                        Entropy (8bit):5.404734217616036
                                                                        Encrypted:false
                                                                        SSDEEP:6:SbFuFyLVI6g7/+BG+f+MSkzug2jFmzXvn:qgFqdg7/+0+f+MSkzugEQXvn
                                                                        MD5:FE91DEAEF6A621C47B51606459B8AD33
                                                                        SHA1:8D2EC0D1720F1E3E27933B6ABDF3F6211E9AAF3E
                                                                        SHA-256:E2FEFEF483344F64EAD6A898AE2C6978B451F01C8F7CF8C159EFB1F45277EC64
                                                                        SHA-512:E4359C86A4EBC7AF78D50167CCB94960796E1262F0DDD767C1E4AD106F378D3923374869B08505A0EA254A803C3C2938E693614F6CED182CACDF83845CD98813
                                                                        Malicious:false
                                                                        Preview:# This is private data. Do not parse.PRIORITY=4.LEVEL_PREFIX=0.FORWARD_TO_SYSLOG=0.FORWARD_TO_KMSG=0.FORWARD_TO_CONSOLE=0.STREAM_ID=9d617e5450d04bbea6071a0b7c2553d9.IDENTIFIER=org.gnome.Shell.desktop.
                                                                        Process:/lib/systemd/systemd-journald
                                                                        File Type:ASCII text
                                                                        Category:dropped
                                                                        Size (bytes):199
                                                                        Entropy (8bit):5.418246291037857
                                                                        Encrypted:false
                                                                        SSDEEP:3:SbFVVmFyinKMsPOYsn9ms954Hh6SnLCHh6KV+h6CQzuxmyfTVTV3PlGTVRvXsjsa:SbFuFyLVIg1BAf+MyRTV9GTvv8jNTZD
                                                                        MD5:43FE3BF9D5C096B9E5198DAD03F4814A
                                                                        SHA1:4BE138D59DE50604C3AA269D099C2672D71B4DAA
                                                                        SHA-256:146BBBAC3CC93F411FBFE21CD78CF9C4F3B61D0291CDE2E794D1FFC747DCEC28
                                                                        SHA-512:CE54FA15F3BBC8D228F1D314D35153FB0584F7B69F067D65F71DA85D29A63E25985F71408BC8AA59C88F997059A5E41B22DA45C465BB475A04630802BB009EF8
                                                                        Malicious:false
                                                                        Preview:# This is private data. Do not parse.PRIORITY=30.LEVEL_PREFIX=1.FORWARD_TO_SYSLOG=1.FORWARD_TO_KMSG=0.FORWARD_TO_CONSOLE=0.STREAM_ID=8c9817d606044922be67356607cbd871.IDENTIFIER=gdm3.UNIT=gdm.service.
                                                                        Process:/lib/systemd/systemd-journald
                                                                        File Type:ASCII text
                                                                        Category:dropped
                                                                        Size (bytes):222
                                                                        Entropy (8bit):5.439013965593904
                                                                        Encrypted:false
                                                                        SSDEEP:3:SbFVVmFyinKMsPOYsn9ms954Hh6SnLAqC+h6KV+h6CQzuxmzjXUtRAnV2EQ2hTju:SbFuFyLVIg1BG+f+MvEyW2ZjLTTIWTIL
                                                                        MD5:5373A070F8D376057A0A4EF6E7940E1E
                                                                        SHA1:980D0DC4CD25553325D4FFBAAC3D7D88CE8A354F
                                                                        SHA-256:0943A21A6C18919A5C3B54DE6C0D2C59C06BD34007612B0009B07E4568476AB4
                                                                        SHA-512:B13546EF59DE6F7F3D5AA7EAF9B6D21062118541136E38D074504182249687CAFE25BFFCF33B9CDA0A3E7D522A2DAFEC58757C8203430234B3BA479103A763C7
                                                                        Malicious:false
                                                                        Preview:# This is private data. Do not parse.PRIORITY=30.LEVEL_PREFIX=1.FORWARD_TO_SYSLOG=0.FORWARD_TO_KMSG=0.FORWARD_TO_CONSOLE=0.STREAM_ID=9f9c3510b4c34507a201bdfba776d1df.IDENTIFIER=accounts-daemon.UNIT=accounts-daemon.service.
                                                                        Process:/lib/systemd/systemd-journald
                                                                        File Type:ASCII text
                                                                        Category:dropped
                                                                        Size (bytes):205
                                                                        Entropy (8bit):5.416934657806649
                                                                        Encrypted:false
                                                                        SSDEEP:3:SbFVVmFyinKMsPOYsn9ms954Hh6SnLAqC+h6KV+h6CQzuxmp2q0e90nmlsjshKJg:SbFuFyLVIg1BG+f+MUU0nm2jbVC
                                                                        MD5:93FDFA8B444FD1216615FFE1EBF0DCA3
                                                                        SHA1:89C76D3400BA4E4729670F30642665F345298136
                                                                        SHA-256:A69E3E4CDFF35BA2FC8780EB848251E64E8AE2D76F748446A93B8BA9F3CEBFFD
                                                                        SHA-512:39F0B396BCE31259D913532E16E398AB7BE4BB91F32CB7DCA6FCB1E5B941A12D20EA31C6304C1E43B75517D3F9CB4D3B623ACA3D97D65339D601EA2C1140673E
                                                                        Malicious:false
                                                                        Preview:# This is private data. Do not parse.PRIORITY=30.LEVEL_PREFIX=1.FORWARD_TO_SYSLOG=0.FORWARD_TO_KMSG=0.FORWARD_TO_CONSOLE=0.STREAM_ID=c300d968c47443d894ca85151b2793d3.IDENTIFIER=polkitd.UNIT=polkit.service.
                                                                        Process:/lib/systemd/systemd-journald
                                                                        File Type:ASCII text
                                                                        Category:dropped
                                                                        Size (bytes):195
                                                                        Entropy (8bit):5.423103339893979
                                                                        Encrypted:false
                                                                        SSDEEP:3:SbFVVmFyinKMsPOdvP69ms947z+h6SnLAqC+h6KV+h6CQzuxmpgwTWHjvPEB4Zsq:SbFuFyLVK6g7/+BG+f+M6wFtjNq
                                                                        MD5:4A9A4B0D653A068A5F89D561F2293C13
                                                                        SHA1:409035E11466B4696BCDFB65489F928EBB3EEBAE
                                                                        SHA-256:9B4F8801F4C2710DB90E464E8714D12A6E18FEC6CD933A20BF7D7A09DD5EE82F
                                                                        SHA-512:B81EA18BB719A5E5DFCFF365211CC705E3DBDE72CC5E8962FBE3978B1AC801C9276E3D9289F50CF9F3B9E603C2C0515A4E9FC4DA1B6F55D07B991158860F4159
                                                                        Malicious:false
                                                                        Preview:# This is private data. Do not parse.PRIORITY=6.LEVEL_PREFIX=0.FORWARD_TO_SYSLOG=0.FORWARD_TO_KMSG=0.FORWARD_TO_CONSOLE=0.STREAM_ID=c948d40e063f41b7bf5b91d14adcd77d.IDENTIFIER=gdm-session-worker.
                                                                        Process:/lib/systemd/systemd-journald
                                                                        File Type:ASCII text
                                                                        Category:dropped
                                                                        Size (bytes):195
                                                                        Entropy (8bit):5.445485534645776
                                                                        Encrypted:false
                                                                        SSDEEP:3:SbFVVmFyinKMsPOfvP69ms947z+h6SnLAqC+h6KV+h6CQzuxm+yGUHlKsZjs2BD0:SbFuFyLVI6g7/+BG+f+M+aHlKsZjNq
                                                                        MD5:55133DBD652482FFC7B9D2BCD309F949
                                                                        SHA1:759BBA56592EE0FB5A190226AB908BDBCBC99DA5
                                                                        SHA-256:51C789DA9401CFAEBCA96A5A0B8E059DA586914105C9F8A11A5099414B4AA0F9
                                                                        SHA-512:6F1D4AF34685A4180BA6BA6AC584DC6BC5792D7973964A6885EF18F7F69BE1504811D25BDD8487C021508307E15AEC5BCE39010B149318BEF063DBBE45686714
                                                                        Malicious:false
                                                                        Preview:# This is private data. Do not parse.PRIORITY=4.LEVEL_PREFIX=0.FORWARD_TO_SYSLOG=0.FORWARD_TO_KMSG=0.FORWARD_TO_CONSOLE=0.STREAM_ID=42628efd0bc6417d895e74c3e73f410f.IDENTIFIER=gdm-session-worker.
                                                                        Process:/lib/systemd/systemd-journald
                                                                        File Type:ASCII text
                                                                        Category:dropped
                                                                        Size (bytes):210
                                                                        Entropy (8bit):5.5228696966740305
                                                                        Encrypted:false
                                                                        SSDEEP:6:SbFuFyLVK6g7/+BG+f+MkIBMgXgSTjFQMzKaBu:qgFqo6g7/+0+f+MZ6agSNTmh
                                                                        MD5:97846C17A48C5AE959178C518A8F3A1D
                                                                        SHA1:C2C34032C7D6E1444AEBFC0E2AFB27F4599AFCE2
                                                                        SHA-256:4A28DBA004D6C98CAAD24617CC022E3DD13F9F203EDA86249B6DAA9B5364A928
                                                                        SHA-512:A05D3B06031969F8659653CED0695E9F94CC377182F4846243B25C309D9BE1E9FC86693C98F6DA03CBF60BAF571D9ED8538C0CF6AA8D3C4CF0CE382BF54F3F66
                                                                        Malicious:false
                                                                        Preview:# This is private data. Do not parse.PRIORITY=6.LEVEL_PREFIX=0.FORWARD_TO_SYSLOG=0.FORWARD_TO_KMSG=0.FORWARD_TO_CONSOLE=0.STREAM_ID=a5be60778b734212b3d9714759a764cd.IDENTIFIER=/usr/lib/gdm3/gdm-wayland-session.
                                                                        Process:/lib/systemd/systemd-journald
                                                                        File Type:ASCII text
                                                                        Category:dropped
                                                                        Size (bytes):210
                                                                        Entropy (8bit):5.500702925092824
                                                                        Encrypted:false
                                                                        SSDEEP:6:SbFuFyLVI6g7/+BG+f+McG8FnjFQMzKaBu:qgFqdg7/+0+f+Mv8FhTmh
                                                                        MD5:A3D3FA3D31B28E7576ED3F5A1EE510E4
                                                                        SHA1:966ECE23BE3ACF4A3D277B7F0632FA04B6E1B339
                                                                        SHA-256:9CB1F12C027C7293504AE50935F22685F75758F45CA37CE3050B9C2EB96751F5
                                                                        SHA-512:9AA9FC0108AB4CC7C345D53F15B97189FACF955598F5E61A1179C85A4DDEC9E77184EEFC8F4193BD0FC5D5915C969C3C36D989129BABC0F1F43DBEE26C09E8B8
                                                                        Malicious:false
                                                                        Preview:# This is private data. Do not parse.PRIORITY=4.LEVEL_PREFIX=0.FORWARD_TO_SYSLOG=0.FORWARD_TO_KMSG=0.FORWARD_TO_CONSOLE=0.STREAM_ID=cc15fadc30404c159f1ac2b4df7c939f.IDENTIFIER=/usr/lib/gdm3/gdm-wayland-session.
                                                                        Process:/lib/systemd/systemd-logind
                                                                        File Type:ASCII text
                                                                        Category:dropped
                                                                        Size (bytes):116
                                                                        Entropy (8bit):4.957035419463244
                                                                        Encrypted:false
                                                                        SSDEEP:3:SbFVVmFyinKMsuH47rLg205vmLUbr+ugKQ2KwshcXSv:SbFuFyLwH47Pg20ggWunQ2rNXc
                                                                        MD5:66D114877B3B4DB3BDD8A3AD4F5E7421
                                                                        SHA1:62E0CB0F51E0E3F97BE251CB917968DFF69ED344
                                                                        SHA-256:A922628916A7DDBE2BAA33F421C82250527EA3C28E429749353A1C75C0C18860
                                                                        SHA-512:5651247FA236DCF020A3C8456E4A9A74A85C5B9B3CCE94A3CF8F85FD4D66465C9F97DF7A1822E6CA4553C02BE149F3021D58DCC0C8CB6DCF37F915BD0A158187
                                                                        Malicious:false
                                                                        Preview:# This is private data. Do not parse..IS_SEAT0=1.CAN_MULTI_SESSION=1.CAN_TTY=1.CAN_GRAPHICAL=0.SESSIONS=c1.UIDS=127.
                                                                        Process:/lib/systemd/systemd-logind
                                                                        File Type:ASCII text
                                                                        Category:dropped
                                                                        Size (bytes):95
                                                                        Entropy (8bit):4.921230646592726
                                                                        Encrypted:false
                                                                        SSDEEP:3:SbFVVmFyinKMsuH47rLg205vmLUbr+v:SbFuFyLwH47Pg20ggWv
                                                                        MD5:BE58CCABC942125F5E27AF6EB1BA2F88
                                                                        SHA1:07C20F55E36EE48869B223B8FC4DBC227C7353AC
                                                                        SHA-256:551B1D1C8E5953D5D0CF49C83C1568E2FBEF8BDDB69903B3DA82240B777B4629
                                                                        SHA-512:E5A270995FDE80530927E0BACD3BF76EE820C968AABD55D2E34579326F388AFD6DE7FB8C5D54F69D3F6AC30A5B587FD3B0456FC60326E7DF4F45789A900D046C
                                                                        Malicious:false
                                                                        Preview:# This is private data. Do not parse..IS_SEAT0=1.CAN_MULTI_SESSION=1.CAN_TTY=1.CAN_GRAPHICAL=0.
                                                                        Process:/lib/systemd/systemd-logind
                                                                        File Type:ASCII text
                                                                        Category:dropped
                                                                        Size (bytes):223
                                                                        Entropy (8bit):5.46413626605563
                                                                        Encrypted:false
                                                                        SSDEEP:6:SbFuFyL3BVgdL87ynAir/0Ixff60JglME8dvWt68:qgFq30dABibB9g6/vWI8
                                                                        MD5:FD4FCC05187AD647FA2408131385FDCB
                                                                        SHA1:74B6193505BDEE26985E2E216BDBBFD83388880C
                                                                        SHA-256:9881059215CE7196985C8970B8F79FC752C8B7E02B4D45E23C44423879382F98
                                                                        SHA-512:0A584BD22F0CC7A908C1A00493234B2FF2F19C002C38005903BB2AF605FCB4C3F12B6960675E5C9E687562D7AE5A99F3590F83A08725504110106F555D13EC22
                                                                        Malicious:false
                                                                        Preview:# This is private data. Do not parse..NAME=gdm.STATE=closing.STOPPING=yes.RUNTIME=/run/user/127.SERVICE_JOB=/org/freedesktop/systemd1/job/12414.REALTIME=1742709510155943.MONOTONIC=448683988.LAST_SESSION_TIMESTAMP=448824781.
                                                                        Process:/lib/systemd/systemd-logind
                                                                        File Type:ASCII text
                                                                        Category:dropped
                                                                        Size (bytes):223
                                                                        Entropy (8bit):5.46413626605563
                                                                        Encrypted:false
                                                                        SSDEEP:6:SbFuFyL3BVgdL87ynAir/0Ixff60JglME8dvWt68:qgFq30dABibB9g6/vWI8
                                                                        MD5:FD4FCC05187AD647FA2408131385FDCB
                                                                        SHA1:74B6193505BDEE26985E2E216BDBBFD83388880C
                                                                        SHA-256:9881059215CE7196985C8970B8F79FC752C8B7E02B4D45E23C44423879382F98
                                                                        SHA-512:0A584BD22F0CC7A908C1A00493234B2FF2F19C002C38005903BB2AF605FCB4C3F12B6960675E5C9E687562D7AE5A99F3590F83A08725504110106F555D13EC22
                                                                        Malicious:false
                                                                        Preview:# This is private data. Do not parse..NAME=gdm.STATE=closing.STOPPING=yes.RUNTIME=/run/user/127.SERVICE_JOB=/org/freedesktop/systemd1/job/12414.REALTIME=1742709510155943.MONOTONIC=448683988.LAST_SESSION_TIMESTAMP=448824781.
                                                                        Process:/lib/systemd/systemd-logind
                                                                        File Type:ASCII text
                                                                        Category:dropped
                                                                        Size (bytes):188
                                                                        Entropy (8bit):4.928997328913428
                                                                        Encrypted:false
                                                                        SSDEEP:3:SbFVVmFyinKMs5BuSgVuMI2sKiYiesnAv/XS12K2hwEY8mTQ2pJi22sQ2KkmD2pi:SbFuFyL3BVgVuR257iesnAi12thQc2p4
                                                                        MD5:065A3AD1A34A9903F536410ECA748105
                                                                        SHA1:21CD684DF60D569FA96EEEB66A0819EAC1B2B1A4
                                                                        SHA-256:E80554BF0FF4E32C61D4FA3054F8EFB27A26F1C37C91AE4EA94445C400693941
                                                                        SHA-512:DB3C42E893640BAEE9F0001BDE6E93ED40CC33198AC2B47328F577D3C71E2C2E986AAAFEF5BD8ADBC639B5C24ADF715D87034AE24B697331FF6FEC5962630064
                                                                        Malicious:false
                                                                        Preview:# This is private data. Do not parse..NAME=gdm.STATE=opening.STOPPING=no.RUNTIME=/run/user/127.SESSIONS=c1.SEATS=seat0.ACTIVE_SESSIONS=.ONLINE_SESSIONS=c1.ACTIVE_SEATS=.ONLINE_SEATS=seat0.
                                                                        Process:/lib/systemd/systemd-logind
                                                                        File Type:ASCII text
                                                                        Category:dropped
                                                                        Size (bytes):282
                                                                        Entropy (8bit):5.318139107019996
                                                                        Encrypted:false
                                                                        SSDEEP:6:SbFuFyL3BVgVuR257iesnAir/0Ixff6TglME8dvN2thQc2pb02/g2p9rwB:qgFq30VuR8L/ibBUg6/vkthQHtPYq9M
                                                                        MD5:1DAA0007F8A781C473CCCD954C6BD5DA
                                                                        SHA1:0925B542A2359F9C1101B273F39BFF9496D80936
                                                                        SHA-256:8905683A752EBCF019AC0BF95F13B25A0BE982F0744CA000EC71166500EB14DE
                                                                        SHA-512:65A92FD10AA741319F69348FC7CD7BB644101289A314610445C520C152334A73AC1743A18B4D94052ABFBB89DE4F9FDCB3A5AC74A5CA2FEF8D92573E00F0AB8A
                                                                        Malicious:false
                                                                        Preview:# This is private data. Do not parse..NAME=gdm.STATE=opening.STOPPING=no.RUNTIME=/run/user/127.SERVICE_JOB=/org/freedesktop/systemd1/job/12352.REALTIME=1742709510155943.MONOTONIC=448683988.SESSIONS=c1.SEATS=seat0.ACTIVE_SESSIONS=.ONLINE_SESSIONS=c1.ACTIVE_SEATS=.ONLINE_SEATS=seat0.
                                                                        Process:/lib/systemd/systemd-logind
                                                                        File Type:ASCII text
                                                                        Category:dropped
                                                                        Size (bytes):282
                                                                        Entropy (8bit):5.318139107019996
                                                                        Encrypted:false
                                                                        SSDEEP:6:SbFuFyL3BVgVuR257iesnAir/0Ixff6TglME8dvN2thQc2pb02/g2p9rwB:qgFq30VuR8L/ibBUg6/vkthQHtPYq9M
                                                                        MD5:1DAA0007F8A781C473CCCD954C6BD5DA
                                                                        SHA1:0925B542A2359F9C1101B273F39BFF9496D80936
                                                                        SHA-256:8905683A752EBCF019AC0BF95F13B25A0BE982F0744CA000EC71166500EB14DE
                                                                        SHA-512:65A92FD10AA741319F69348FC7CD7BB644101289A314610445C520C152334A73AC1743A18B4D94052ABFBB89DE4F9FDCB3A5AC74A5CA2FEF8D92573E00F0AB8A
                                                                        Malicious:false
                                                                        Preview:# This is private data. Do not parse..NAME=gdm.STATE=opening.STOPPING=no.RUNTIME=/run/user/127.SERVICE_JOB=/org/freedesktop/systemd1/job/12352.REALTIME=1742709510155943.MONOTONIC=448683988.SESSIONS=c1.SEATS=seat0.ACTIVE_SESSIONS=.ONLINE_SESSIONS=c1.ACTIVE_SEATS=.ONLINE_SEATS=seat0.
                                                                        Process:/lib/systemd/systemd-logind
                                                                        File Type:ASCII text
                                                                        Category:dropped
                                                                        Size (bytes):174
                                                                        Entropy (8bit):5.320068282623639
                                                                        Encrypted:false
                                                                        SSDEEP:3:SbFVVmFyinKMs5BuSgdNR2sKiYiesnAv/XSHxJgwQMEV6dvW206qodMd9:SbFuFyL3BVgdL87iesnAiRJglME8dvW3
                                                                        MD5:1ABC8A44D8BB94EC75F30E41D8721FF2
                                                                        SHA1:371D6AC81C8B8B08E62E06CB268E3C7DF632CD03
                                                                        SHA-256:AB90D3E4115232CF20F9280AA99DEF054CAC16EE688AB57E3E7DB8DFC22129BE
                                                                        SHA-512:4CC295F41DAEFECBB855AC1AB91252E606C7D49D2500F46C1B9CE070CEDFE73FD0E63B21D863D480A940D0D7E27766C73A3882BAB5CD1593B77EE780B4C18EF0
                                                                        Malicious:false
                                                                        Preview:# This is private data. Do not parse..NAME=gdm.STATE=closing.STOPPING=no.RUNTIME=/run/user/127.REALTIME=1742709510155943.MONOTONIC=448683988.LAST_SESSION_TIMESTAMP=448824781.
                                                                        Process:/usr/bin/pulseaudio
                                                                        File Type:ASCII text
                                                                        Category:dropped
                                                                        Size (bytes):5
                                                                        Entropy (8bit):2.321928094887362
                                                                        Encrypted:false
                                                                        SSDEEP:3:n:n
                                                                        MD5:638CBE42CD7024845755AB4D8CE40C0D
                                                                        SHA1:1986871DF749DADE6624FA394B9B2EA6A9FB461E
                                                                        SHA-256:129632BAC9B2CA9851D60A92219EC2857BBAED929F01792FABC93B106B418CC5
                                                                        SHA-512:96CC51FF97235EA2297D4D31E083ABD3969790C2A77FBC3AB71D599F4581B3223FD0916A4D2537E37C55BB1DDA08D78B36D5F517A6ECFB30855CD1CFB043B1B1
                                                                        Malicious:false
                                                                        Preview:6482.
                                                                        Process:/sbin/agetty
                                                                        File Type:data
                                                                        Category:dropped
                                                                        Size (bytes):384
                                                                        Entropy (8bit):0.6722951801018082
                                                                        Encrypted:false
                                                                        SSDEEP:3:ylSsXlXEWtl/2ol:2v+yl+
                                                                        MD5:3D2612ABF0B85053E10AC23E7215CBB3
                                                                        SHA1:64850C565C8961AC44F5EBB4B918492CBC2751B1
                                                                        SHA-256:1963F1A27E2EA11E0BA3B8C2FB686C2B978E189378B1003865FB36A42EFBAE18
                                                                        SHA-512:228C61DA454AD4BC4AD2161DB31F045CC49B30F8BBFD5EDBCA8D3C5388AFF2E01DF107EB0D03A0DEA7C9A8C2DD9CF096DAD9265AD79CDD9F3D061FD07A8DF777
                                                                        Malicious:false
                                                                        Preview:........tty2.tty2.......................tty2LOGIN.....................................................................................................................................................................................................................................................................................................gQ.......................................
                                                                        Process:/tmp/morte.ppc.elf
                                                                        File Type:ASCII text, with no line terminators
                                                                        Category:dropped
                                                                        Size (bytes):19
                                                                        Entropy (8bit):3.47135448701393
                                                                        Encrypted:false
                                                                        SSDEEP:3:TgnRAlJ5:TgnRAl3
                                                                        MD5:B4B0FDB668732DD29134D956721FA359
                                                                        SHA1:7F0493F6F63DED1CC4937F792391787A8E646C3A
                                                                        SHA-256:ACCBC4FDFBCEC88EC115ADD331EFAF2B2DDD17633F80CC9E17FCD7E5ABEF54AE
                                                                        SHA-512:301E19A06EF9969F3DF38F7D2948EF723A6996915F1B12C2395C51A1A0B40800B83E7E9006656FE1A7B5CD1D7024589C5AD42C89B661629A3698A2CA7C3EC54C
                                                                        Malicious:false
                                                                        Preview:/tmp/morte.ppc.elf.
                                                                        Process:/usr/lib/accountsservice/accounts-daemon
                                                                        File Type:ASCII text
                                                                        Category:dropped
                                                                        Size (bytes):61
                                                                        Entropy (8bit):4.66214589518167
                                                                        Encrypted:false
                                                                        SSDEEP:3:urzMQvNT+PzKLrAan4R8AKn:gzMQIzKLrAa4M
                                                                        MD5:542BA3FB41206AE43928AF1C5E61FEBC
                                                                        SHA1:F56F574DAF50D609526B36B5B54FDD59EA4D6A26
                                                                        SHA-256:730D9509D4EAA7266829A8F5A8CFEBA6BBDDD5873FC2BD580AD464F4A237E11A
                                                                        SHA-512:D774B8F191A5C65228D1B3CA1181701CFCD07A3D91C5571B0DDF32AD3E241C2D7BDFC0697AB97DC10441EF9CDC8AEE5B19BC34E13E5C8B0B91AD06EEF42F5AEA
                                                                        Malicious:false
                                                                        Preview:[User].XSession=.Icon=/var/lib/gdm3/.face.SystemAccount=true.
                                                                        Process:/usr/bin/gpu-manager
                                                                        File Type:ASCII text
                                                                        Category:dropped
                                                                        Size (bytes):25
                                                                        Entropy (8bit):2.7550849518197795
                                                                        Encrypted:false
                                                                        SSDEEP:3:JoT/V9fDVbn:M/V3n
                                                                        MD5:078760523943E160756979906B85FB5E
                                                                        SHA1:0962643266F4C5537F7D125046F28F21D6DD0C89
                                                                        SHA-256:048416AC7A9A99690B8B53718CD39F32F637B55CC8DD8E67E58E5AEF060DD41C
                                                                        SHA-512:DEFAAE8F8B54C61A716A0B0B4884358FEB8EB44DFEA01AAA5A687FDA7182792B7DEBB34AA840672EB3B40EB59FD0186749E08E47D181786C7FAA8C8F73F0104D
                                                                        Malicious:false
                                                                        Preview:15ad:0405;0000:00:0f:0;1.
                                                                        Process:/usr/sbin/rsyslogd
                                                                        File Type:ASCII text
                                                                        Category:dropped
                                                                        Size (bytes):2183
                                                                        Entropy (8bit):4.89918418775823
                                                                        Encrypted:false
                                                                        SSDEEP:24:ptc/xmtFdpsW/xCDtFdyMjZ4GMjZeVMp5M1jM1sM1EMOksMGNAvUMGNA2+VCMQjA:mxqptxSdSvMSfVXYrkr83NrCn
                                                                        MD5:DF933D78F0C3EBCB8AD0E6C8B6FA9224
                                                                        SHA1:E2674ADC0EFB63BF323C4DB1A67D792C559EBA3A
                                                                        SHA-256:4754C49484CF7ED221626A65E6245C319E4120B38D3DF6B21C4EB2528F065B31
                                                                        SHA-512:03C53A2CB33CB6DC63804112F8252DCCB4774E57AE3AC912451D5383A737499B93AAEBEAE48CAD1818465D47188F4A1CF5EEBB79A7A5B0D52E439E89E08F777C
                                                                        Malicious:false
                                                                        Preview:Mar 23 00:58:13 galassia systemd-logind[797]: Failed to abandon session scope, ignoring: Transport endpoint is not connected.Mar 23 00:58:13 galassia systemd-logind[797]: Session 2 logged out. Waiting for processes to exit..Mar 23 00:58:13 galassia gdm-launch-environment]: pam_unix(gdm-launch-environment:session): session closed for user gdm.Mar 23 00:58:14 galassia systemd-logind[797]: Failed to abandon session scope, ignoring: Transport endpoint is not connected.Mar 23 00:58:14 galassia systemd-logind[797]: Session c2 logged out. Waiting for processes to exit..Mar 23 00:58:14 galassia systemd-logind[6331]: Failed to add user by file name 127, ignoring: Invalid argument.Mar 23 00:58:14 galassia systemd-logind[6331]: Failed to add user by file name 1000, ignoring: Invalid argument.Mar 23 00:58:14 galassia systemd-logind[6331]: User enumeration failed: Invalid argument.Mar 23 00:58:14 galassia systemd-logind[6331]: User of session c2 not known..Mar 23 00:58:14 galassia systemd-logind[63
                                                                        Process:/usr/bin/gpu-manager
                                                                        File Type:ASCII text
                                                                        Category:dropped
                                                                        Size (bytes):1371
                                                                        Entropy (8bit):4.8296848499188485
                                                                        Encrypted:false
                                                                        SSDEEP:24:wPXXX9uV6BNu3WDF3GF3XFFxFFed2uk2HUvJlfWkpPpx7uvvAdow9555cJz:wPXXXe6vejpeC2HUR5WkpPpcvAdow95O
                                                                        MD5:3AF77E630DA00B3BE24F4E8AA5D78B13
                                                                        SHA1:BCF2D99E002F6DE2413A183227B011CFBEF5673D
                                                                        SHA-256:EB1CBBA20845237B4409274D693FEAE13F835274DA3337B7A9D14F4D7FDF9DEA
                                                                        SHA-512:8524B1E8A761F962B32F396812099B9B0B2DCF3C9FCA8605424753CFCFF4DC67EDC5EE1D8C91B9C0ED7FAE6BB1E752898B8D514B7C421D1839D6FEDA609C593C
                                                                        Malicious:false
                                                                        Preview:log_file: /var/log/gpu-manager.log.last_boot_file: /var/lib/ubuntu-drivers-common/last_gfx_boot.new_boot_file: /var/lib/ubuntu-drivers-common/last_gfx_boot.can't access /run/u-d-c-nvidia-was-loaded file.can't get module info via kmodcan't access /opt/amdgpu-pro/bin/amdgpu-pro-px.Looking for nvidia modules in /lib/modules/5.4.0-72-generic/kernel.Looking for nvidia modules in /lib/modules/5.4.0-72-generic/updates/dkms.Looking for amdgpu modules in /lib/modules/5.4.0-72-generic/kernel.Looking for amdgpu modules in /lib/modules/5.4.0-72-generic/updates/dkms.Is nvidia loaded? no.Was nvidia unloaded? no.Is nvidia blacklisted? no.Is intel loaded? no.Is radeon loaded? no.Is radeon blacklisted? no.Is amdgpu loaded? no.Is amdgpu blacklisted? no.Is amdgpu versioned? no.Is amdgpu pro stack? no.Is nouveau loaded? no.Is nouveau blacklisted? no.Is nvidia kernel module available? no.Is amdgpu kernel module available? no.Vendor/Device Id: 15ad:405.BusID "PCI:0@0:15:0".Is boot vga? yes.Error: can't acce
                                                                        Process:/lib/systemd/systemd-journald
                                                                        File Type:data
                                                                        Category:dropped
                                                                        Size (bytes):240
                                                                        Entropy (8bit):1.4428593527838256
                                                                        Encrypted:false
                                                                        SSDEEP:3:F31HlkjUhUGGjUhU2l:F30jeGju
                                                                        MD5:5F30A49425A6FEBCB9CBE50A911EBB81
                                                                        SHA1:F93AA820F941A1BD36AB5B33F97D951EF959B0A6
                                                                        SHA-256:EF8C8F1253FEB5746EE3234BF75C829A628491A681DABBEA418D234594D77713
                                                                        SHA-512:E44E7BC181C96856D7B7503ADCFF8CDDC0CD92FE56502E0A4CBBAD3F6573A3A94E5946877DDC9AFD4FE90D3DED0FCAFDC08F704F4CA030265DB6F83A0A85DA7C
                                                                        Malicious:false
                                                                        Preview:LPKSHHRH................".I...B...r..c................................".I...B...r..c........................................................................................................................................................
                                                                        Process:/lib/systemd/systemd-journald
                                                                        File Type:data
                                                                        Category:dropped
                                                                        Size (bytes):240
                                                                        Entropy (8bit):1.4428593527838256
                                                                        Encrypted:false
                                                                        SSDEEP:3:F31Hlq7ghF+I7ghFul:F3a7kkI7k8
                                                                        MD5:479DCCF206B23C779EE144D39E926A2B
                                                                        SHA1:7CF7732DFA4526A9B123D052BBF8DBCC3D7B19B2
                                                                        SHA-256:597562DC4AD1427D0319EE2285A894999F6AD781A96F29D3C8D3BD89ED269237
                                                                        SHA-512:07D60C3B1793D00DAD186BDC3F4859929F0B1A921446D117E484E15B4C677A6AE0B9F1C212A6A227E42AF5537D8B5E302243C0D498FAAABB73FA39FFE55AE900
                                                                        Malicious:false
                                                                        Preview:LPKSHHRH................NpY^d3D...N...m................................NpY^d3D...N...m........................................................................................................................................................
                                                                        Process:/usr/sbin/rsyslogd
                                                                        File Type:ASCII text
                                                                        Category:dropped
                                                                        Size (bytes):8591
                                                                        Entropy (8bit):4.751339380490492
                                                                        Encrypted:false
                                                                        SSDEEP:96:VoRbReqNywdZj+sGNyDt9TbwPTy4u47HWwmbrz7QW2drIeCCN54:K7xsIobQ5x47Xmbf7QW2dXM
                                                                        MD5:E40708CEB031EE7196103A009C8FEE0D
                                                                        SHA1:C8E9B16907E73FFD5A28E6E32C790C1635D26C0B
                                                                        SHA-256:000D104F1639CC332D11B1E2AB06376394ABCF321B8C6C310DC3061A5B7EEFC3
                                                                        SHA-512:C42A81E2E8AD132094BE3EEB92986E2F03EDF811A508F3881618204FE6D6C8F25E1D6631302155CA0A47CE586BF8F704A88778CFA4B38C3084CE46D971515481
                                                                        Malicious:false
                                                                        Preview:Mar 23 00:58:02 galassia kernel: [ 418.918144] blocking signal 9: 6267 -> 797.Mar 23 00:58:02 galassia kernel: [ 418.952104] blocking signal 9: 6267 -> 936.Mar 23 00:58:02 galassia kernel: [ 418.979063] blocking signal 9: 6267 -> 1320.Mar 23 00:58:02 galassia kernel: [ 419.009863] blocking signal 9: 6267 -> 1334.Mar 23 00:58:02 galassia kernel: [ 419.032951] blocking signal 9: 6267 -> 1335.Mar 23 00:58:02 galassia kernel: [ 419.069453] blocking signal 9: 6267 -> 1860.Mar 23 00:58:02 galassia kernel: [ 419.095963] blocking signal 9: 6267 -> 1872.Mar 23 00:58:02 galassia kernel: [ 419.195223] blocking signal 9: 6267 -> 1983.Mar 23 00:58:02 galassia kernel: [ 419.252073] blocking signal 9: 6267 -> 2048.Mar 23 00:58:02 galassia kernel: [ 419.595831] blocking signal 9: 6267 -> 1.Mar 23 00:58:02 galassia kernel: [ 420.436198] New task spawned: old: (tgid 6322, tid 6322), new (tgid: 6322, tid: 6324).Mar 23 00:58:02 galassia kernel: [ 420.437708] New task spawned: old: (tgid 6322,
                                                                        Process:/usr/sbin/rsyslogd
                                                                        File Type:ASCII text, with very long lines (317)
                                                                        Category:dropped
                                                                        Size (bytes):42920
                                                                        Entropy (8bit):5.050912820005809
                                                                        Encrypted:false
                                                                        SSDEEP:768:x2u3nzJtnQquEQq2usg0OE/sT2IYmL2wrdR3UpFHhXthjs9w2Gr3RxTHFWUAi5Lg:xP0x2frhH
                                                                        MD5:15B64AB924DE3057B4711C61E4D480F9
                                                                        SHA1:1DEABE642C097875C5B8682F60D6A745D3DCB709
                                                                        SHA-256:763168AD5FDD0E4853BF209E3DA2A244105DE08917B385CC8BEEA4B25E9C3990
                                                                        SHA-512:C4B8A10F6F25064F788C6BDE59ECEE1EB32D2D25CAA893BA265F6D3E669F287E33C73DF4FABA03343A76160CA75323D612D85A8B1F1B5B3221C946BD81F3908A
                                                                        Malicious:false
                                                                        Preview:Mar 23 00:58:02 galassia kernel: [ 418.904880] systemd[1]: rsyslog.service: Main process exited, code=killed, status=9/KILL.Mar 23 00:58:02 galassia kernel: [ 418.904941] systemd[1]: rsyslog.service: Failed with result 'signal'..Mar 23 00:58:02 galassia kernel: [ 418.909075] systemd[1]: whoopsie.service: Scheduled restart job, restart counter is at 1..Mar 23 00:58:02 galassia kernel: [ 418.909088] systemd[1]: Stopped crash report submission daemon..Mar 23 00:58:02 galassia kernel: [ 418.909743] systemd[1]: Started crash report submission daemon..Mar 23 00:58:02 galassia kernel: [ 418.918144] blocking signal 9: 6267 -> 797.Mar 23 00:58:02 galassia kernel: [ 418.952104] blocking signal 9: 6267 -> 936.Mar 23 00:58:02 galassia kernel: [ 418.979063] blocking signal 9: 6267 -> 1320.Mar 23 00:58:02 galassia kernel: [ 418.986125] systemd[1]: session-c2.scope: Succeeded..Mar 23 00:58:02 galassia kernel: [ 419.009863] blocking signal 9: 6267 -> 1334.Mar 23 00:58:02 galassia kernel: [
                                                                        Process:/sbin/agetty
                                                                        File Type:data
                                                                        Category:dropped
                                                                        Size (bytes):384
                                                                        Entropy (8bit):0.6722951801018082
                                                                        Encrypted:false
                                                                        SSDEEP:3:ylSsXlXEWtl/2ol:2v+yl+
                                                                        MD5:3D2612ABF0B85053E10AC23E7215CBB3
                                                                        SHA1:64850C565C8961AC44F5EBB4B918492CBC2751B1
                                                                        SHA-256:1963F1A27E2EA11E0BA3B8C2FB686C2B978E189378B1003865FB36A42EFBAE18
                                                                        SHA-512:228C61DA454AD4BC4AD2161DB31F045CC49B30F8BBFD5EDBCA8D3C5388AFF2E01DF107EB0D03A0DEA7C9A8C2DD9CF096DAD9265AD79CDD9F3D061FD07A8DF777
                                                                        Malicious:true
                                                                        Preview:........tty2.tty2.......................tty2LOGIN.....................................................................................................................................................................................................................................................................................................gQ.......................................

                                                                        Static File Info

                                                                        General

                                                                        File type:ELF 32-bit MSB executable, PowerPC or cisco 4500, version 1 (GNU/Linux), statically linked, no section header
                                                                        Entropy (8bit):7.97668616254425
                                                                        TrID:
                                                                        • ELF Executable and Linkable format (Linux) (4029/14) 50.16%
                                                                        • ELF Executable and Linkable format (generic) (4004/1) 49.84%
                                                                        File name:morte.ppc.elf
                                                                        File size:53'560 bytes
                                                                        MD5:a07a783c9fd4dccbec567f1a76abe202
                                                                        SHA1:ccbda513ae8b43917f6019d629724a916d0d9abc
                                                                        SHA256:694888ff922d9c81d036538c761bfb909694747d23c51a1e6f2f40d6a32c1488
                                                                        SHA512:a52867abf7dc1bd9f32838c680a0b3fb292ee5fc653f1c4f94e52c4630474624a405d17eab568d423b96bfa55decb86136962cf4b71c7e5a2799d898d5fef317
                                                                        SSDEEP:1536:aF3QDioX589IMKBdQftzYpCVRn28bjMaifLTuFobr7UB4u+qgw09F:aF3QDV823BCzYpenfHxiPQB4u+qgwQ
                                                                        TLSH:0C33F181D4543DD6FE26EEB96FA7A4D22690CFA609E3FF811024C66254FF97432089DC
                                                                        File Content Preview:.ELF.......................@...4.........4. ...(.......................(...(..............w...w...w.................dt.Q................................UPX!..........3D..3D.......V.......?.E.h4...@b.............m. s]C6..L.G........B...8.Z........Bm..r\@..

                                                                        Static ELF Info

                                                                        ELF header

                                                                        Class:ELF32
                                                                        Data:2's complement, big endian
                                                                        Version:1 (current)
                                                                        Machine:PowerPC
                                                                        Version Number:0x1
                                                                        Type:EXEC (Executable file)
                                                                        OS/ABI:UNIX - Linux
                                                                        ABI Version:0
                                                                        Entry Point Address:0x10be40
                                                                        Flags:0x0
                                                                        ELF Header Size:52
                                                                        Program Header Offset:52
                                                                        Program Header Size:32
                                                                        Number of Program Headers:3
                                                                        Section Header Offset:0
                                                                        Section Header Size:40
                                                                        Number of Section Headers:0
                                                                        Header String Table Index:0

                                                                        Program Segments

                                                                        TypeOffsetVirtual AddressPhysical AddressFile SizeMemory SizeEntropyFlagsFlags DescriptionAlignProg InterpreterSection Mappings
                                                                        LOAD0x00x1000000x1000000xd0280xd0287.97800x5R E0x10000
                                                                        LOAD0x77e00x100377e00x100377e00x00x00.00000x6RW 0x10000
                                                                        GNU_STACK0x00x00x00x00x00.00000x6RW 0x4

                                                                        Network Behavior

                                                                        Download Network PCAP: filteredfull

                                                                        Network Port Distribution

                                                                        • Total Packets: 48
                                                                        • 7575 undefined
                                                                        • 443 (HTTPS)
                                                                        • 80 (HTTP)
                                                                        • 53 (DNS)
                                                                        TimestampSource PortDest PortSource IPDest IP
                                                                        Mar 23, 2025 06:57:59.716805935 CET43928443192.168.2.2391.189.91.42
                                                                        Mar 23, 2025 06:58:00.947690010 CET463007575192.168.2.23176.65.142.252
                                                                        Mar 23, 2025 06:58:01.163755894 CET757546300176.65.142.252192.168.2.23
                                                                        Mar 23, 2025 06:58:01.163851023 CET463007575192.168.2.23176.65.142.252
                                                                        Mar 23, 2025 06:58:01.375488997 CET463007575192.168.2.23176.65.142.252
                                                                        Mar 23, 2025 06:58:01.590574980 CET757546300176.65.142.252192.168.2.23
                                                                        Mar 23, 2025 06:58:01.590641022 CET463007575192.168.2.23176.65.142.252
                                                                        Mar 23, 2025 06:58:01.805880070 CET757546300176.65.142.252192.168.2.23
                                                                        Mar 23, 2025 06:58:05.347800970 CET42836443192.168.2.2391.189.91.43
                                                                        Mar 23, 2025 06:58:05.959254026 CET463007575192.168.2.23176.65.142.252
                                                                        Mar 23, 2025 06:58:06.119695902 CET4251680192.168.2.23109.202.202.202
                                                                        Mar 23, 2025 06:58:06.174976110 CET757546300176.65.142.252192.168.2.23
                                                                        Mar 23, 2025 06:58:06.175060987 CET463007575192.168.2.23176.65.142.252
                                                                        Mar 23, 2025 06:58:07.095737934 CET37612443192.168.2.23162.213.35.24
                                                                        Mar 23, 2025 06:58:07.095833063 CET44337612162.213.35.24192.168.2.23
                                                                        Mar 23, 2025 06:58:07.095906973 CET37612443192.168.2.23162.213.35.24
                                                                        Mar 23, 2025 06:58:12.070928097 CET37612443192.168.2.23162.213.35.24
                                                                        Mar 23, 2025 06:58:12.071011066 CET44337612162.213.35.24192.168.2.23
                                                                        Mar 23, 2025 06:58:12.290384054 CET44337612162.213.35.24192.168.2.23
                                                                        Mar 23, 2025 06:58:12.290491104 CET37612443192.168.2.23162.213.35.24
                                                                        Mar 23, 2025 06:58:12.290739059 CET37612443192.168.2.23162.213.35.24
                                                                        Mar 23, 2025 06:58:12.290770054 CET44337612162.213.35.24192.168.2.23
                                                                        Mar 23, 2025 06:58:12.291007996 CET37612443192.168.2.23162.213.35.24
                                                                        Mar 23, 2025 06:58:12.291033983 CET44337612162.213.35.24192.168.2.23
                                                                        Mar 23, 2025 06:58:12.291157961 CET44337612162.213.35.24192.168.2.23
                                                                        Mar 23, 2025 06:58:12.291259050 CET37612443192.168.2.23162.213.35.24
                                                                        Mar 23, 2025 06:58:12.291275024 CET44337612162.213.35.24192.168.2.23
                                                                        Mar 23, 2025 06:58:12.291318893 CET37612443192.168.2.23162.213.35.24
                                                                        Mar 23, 2025 06:58:12.291635990 CET37612443192.168.2.23162.213.35.24
                                                                        Mar 23, 2025 06:58:12.336323023 CET44337612162.213.35.24192.168.2.23
                                                                        Mar 23, 2025 06:58:12.503993988 CET44337612162.213.35.24192.168.2.23
                                                                        Mar 23, 2025 06:58:12.504069090 CET37612443192.168.2.23162.213.35.24
                                                                        Mar 23, 2025 06:58:12.504183054 CET37612443192.168.2.23162.213.35.24
                                                                        Mar 23, 2025 06:58:12.504183054 CET37612443192.168.2.23162.213.35.24
                                                                        Mar 23, 2025 06:58:12.504183054 CET37612443192.168.2.23162.213.35.24
                                                                        Mar 23, 2025 06:58:12.504239082 CET44337612162.213.35.24192.168.2.23
                                                                        Mar 23, 2025 06:58:12.504286051 CET44337612162.213.35.24192.168.2.23
                                                                        Mar 23, 2025 06:58:12.504318953 CET44337612162.213.35.24192.168.2.23
                                                                        Mar 23, 2025 06:58:12.504348993 CET37612443192.168.2.23162.213.35.24
                                                                        Mar 23, 2025 06:58:12.504348993 CET37612443192.168.2.23162.213.35.24
                                                                        Mar 23, 2025 06:58:12.504360914 CET44337612162.213.35.24192.168.2.23
                                                                        Mar 23, 2025 06:58:12.504374981 CET44337612162.213.35.24192.168.2.23
                                                                        Mar 23, 2025 06:58:12.504388094 CET37612443192.168.2.23162.213.35.24
                                                                        Mar 23, 2025 06:58:12.504395962 CET44337612162.213.35.24192.168.2.23
                                                                        Mar 23, 2025 06:58:12.504425049 CET37612443192.168.2.23162.213.35.24
                                                                        Mar 23, 2025 06:58:12.504425049 CET37612443192.168.2.23162.213.35.24
                                                                        Mar 23, 2025 06:58:12.504439116 CET44337612162.213.35.24192.168.2.23
                                                                        Mar 23, 2025 06:58:12.504452944 CET44337612162.213.35.24192.168.2.23
                                                                        Mar 23, 2025 06:58:12.504467010 CET37612443192.168.2.23162.213.35.24
                                                                        Mar 23, 2025 06:58:12.504477978 CET44337612162.213.35.24192.168.2.23
                                                                        Mar 23, 2025 06:58:12.504489899 CET37612443192.168.2.23162.213.35.24
                                                                        Mar 23, 2025 06:58:12.504498005 CET44337612162.213.35.24192.168.2.23
                                                                        Mar 23, 2025 06:58:12.504515886 CET37612443192.168.2.23162.213.35.24
                                                                        Mar 23, 2025 06:58:12.504528046 CET37612443192.168.2.23162.213.35.24
                                                                        Mar 23, 2025 06:58:12.504555941 CET37612443192.168.2.23162.213.35.24
                                                                        Mar 23, 2025 06:58:12.504565001 CET37612443192.168.2.23162.213.35.24
                                                                        Mar 23, 2025 06:58:12.504575968 CET44337612162.213.35.24192.168.2.23
                                                                        Mar 23, 2025 06:58:12.504631996 CET37612443192.168.2.23162.213.35.24
                                                                        Mar 23, 2025 06:58:12.504631996 CET37612443192.168.2.23162.213.35.24
                                                                        Mar 23, 2025 06:58:12.504648924 CET44337612162.213.35.24192.168.2.23
                                                                        Mar 23, 2025 06:58:12.504697084 CET44337612162.213.35.24192.168.2.23
                                                                        Mar 23, 2025 06:58:12.504715919 CET37612443192.168.2.23162.213.35.24
                                                                        Mar 23, 2025 06:58:12.504726887 CET44337612162.213.35.24192.168.2.23
                                                                        Mar 23, 2025 06:58:12.504744053 CET37612443192.168.2.23162.213.35.24
                                                                        Mar 23, 2025 06:58:12.504744053 CET37612443192.168.2.23162.213.35.24
                                                                        Mar 23, 2025 06:58:12.504760027 CET44337612162.213.35.24192.168.2.23
                                                                        Mar 23, 2025 06:58:12.910900116 CET44337612162.213.35.24192.168.2.23
                                                                        Mar 23, 2025 06:58:12.911011934 CET37612443192.168.2.23162.213.35.24
                                                                        Mar 23, 2025 06:58:12.911077023 CET44337612162.213.35.24192.168.2.23
                                                                        Mar 23, 2025 06:58:12.911120892 CET44337612162.213.35.24192.168.2.23
                                                                        Mar 23, 2025 06:58:12.911124945 CET37612443192.168.2.23162.213.35.24
                                                                        Mar 23, 2025 06:58:12.911166906 CET44337612162.213.35.24192.168.2.23
                                                                        Mar 23, 2025 06:58:12.911221027 CET37612443192.168.2.23162.213.35.24
                                                                        Mar 23, 2025 06:58:12.911256075 CET44337612162.213.35.24192.168.2.23
                                                                        Mar 23, 2025 06:58:19.682089090 CET43928443192.168.2.2391.189.91.42
                                                                        Mar 23, 2025 06:58:31.968214035 CET42836443192.168.2.2391.189.91.43
                                                                        Mar 23, 2025 06:58:36.063698053 CET4251680192.168.2.23109.202.202.202
                                                                        Mar 23, 2025 06:59:00.636301041 CET43928443192.168.2.2391.189.91.42
                                                                        TimestampSource PortDest PortSource IPDest IP
                                                                        Mar 23, 2025 06:58:06.388158083 CET3839253192.168.2.231.1.1.1
                                                                        Mar 23, 2025 06:58:06.388158083 CET5453153192.168.2.231.1.1.1
                                                                        Mar 23, 2025 06:58:06.488560915 CET53383921.1.1.1192.168.2.23
                                                                        Mar 23, 2025 06:58:06.488787889 CET53545311.1.1.1192.168.2.23
                                                                        Mar 23, 2025 06:58:06.986884117 CET4888853192.168.2.231.1.1.1
                                                                        Mar 23, 2025 06:58:07.085159063 CET53488881.1.1.1192.168.2.23
                                                                        TimestampSource IPDest IPChecksumCodeType
                                                                        Mar 23, 2025 06:58:09.069706917 CET192.168.2.23192.168.2.18283(Port unreachable)Destination Unreachable
                                                                        Mar 23, 2025 06:59:29.087551117 CET192.168.2.23192.168.2.18283(Port unreachable)Destination Unreachable

                                                                        DNS Queries

                                                                        TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                                                                        Mar 23, 2025 06:58:06.388158083 CET192.168.2.231.1.1.10x95cdStandard query (0)daisy.ubuntu.com28IN (0x0001)false
                                                                        Mar 23, 2025 06:58:06.388158083 CET192.168.2.231.1.1.10xd8adStandard query (0)daisy.ubuntu.comA (IP address)IN (0x0001)false
                                                                        Mar 23, 2025 06:58:06.986884117 CET192.168.2.231.1.1.10x8ffdStandard query (0)daisy.ubuntu.com28IN (0x0001)false

                                                                        DNS Answers

                                                                        TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                                                                        Mar 23, 2025 06:58:06.488787889 CET1.1.1.1192.168.2.230xd8adNo error (0)daisy.ubuntu.com162.213.35.25A (IP address)IN (0x0001)false
                                                                        Mar 23, 2025 06:58:06.488787889 CET1.1.1.1192.168.2.230xd8adNo error (0)daisy.ubuntu.com162.213.35.24A (IP address)IN (0x0001)false

                                                                        HTTP Request Dependency Graph

                                                                        • daisy.ubuntu.com

                                                                        HTTPS Proxied Packets

                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                        0192.168.2.2337612162.213.35.24443
                                                                        TimestampBytes transferredDirectionData
                                                                        2025-03-23 05:58:12 UTC307OUTPOST /9aadafe2051348cd32033e1cad68f0a5fe46fba3240ac1e6e42158f31b8a1371790c09baf3996b4979fe8e533446c7dedf30f654c68b25357334c66911dc6a9e HTTP/1.1
                                                                        Host: daisy.ubuntu.com
                                                                        Accept: */*
                                                                        Content-Type: application/octet-stream
                                                                        X-Whoopsie-Version: 0.2.69ubuntu0.3
                                                                        Content-Length: 164887
                                                                        Expect: 100-continue
                                                                        2025-03-23 05:58:12 UTC25INHTTP/1.1 100 Continue
                                                                        2025-03-23 05:58:12 UTC16384OUTData Raw: 17 84 02 00 02 50 72 6f 63 45 6e 76 69 72 6f 6e 00 4e 00 00 00 50 41 54 48 3d 28 63 75 73 74 6f 6d 2c 20 6e 6f 20 75 73 65 72 29 0a 58 44 47 5f 52 55 4e 54 49 4d 45 5f 44 49 52 3d 3c 73 65 74 3e 0a 4c 41 4e 47 3d 65 6e 5f 55 53 2e 55 54 46 2d 38 0a 53 48 45 4c 4c 3d 2f 62 69 6e 2f 62 61 73 68 00 02 5f 4c 6f 67 69 6e 64 53 65 73 73 69 6f 6e 00 02 00 00 00 35 00 02 44 61 74 65 00 19 00 00 00 54 75 65 20 41 75 67 20 31 37 20 32 30 3a 31 38 3a 30 34 20 32 30 32 31 00 02 53 6f 75 72 63 65 50 61 63 6b 61 67 65 00 0d 00 00 00 6c 69 67 68 74 2d 6c 6f 63 6b 65 72 00 02 50 61 63 6b 61 67 65 41 72 63 68 69 74 65 63 74 75 72 65 00 06 00 00 00 61 6d 64 36 34 00 02 41 72 63 68 69 74 65 63 74 75 72 65 00 06 00 00 00 61 6d 64 36 34 00 02 44 69 73 74 72 6f 52 65 6c 65 61
                                                                        Data Ascii: ProcEnvironNPATH=(custom, no user)XDG_RUNTIME_DIR=<set>LANG=en_US.UTF-8SHELL=/bin/bash_LogindSession5DateTue Aug 17 20:18:04 2021SourcePackagelight-lockerPackageArchitectureamd64Architectureamd64DistroRelea
                                                                        2025-03-23 05:58:12 UTC16384OUTData Raw: 74 75 34 2e 31 0a 6c 69 62 70 61 6d 2d 72 75 6e 74 69 6d 65 20 31 2e 33 2e 31 2d 35 75 62 75 6e 74 75 34 2e 31 0a 6c 69 62 70 61 6d 2d 73 79 73 74 65 6d 64 20 32 34 35 2e 34 2d 34 75 62 75 6e 74 75 33 2e 31 31 0a 6c 69 62 70 61 6d 30 67 20 31 2e 33 2e 31 2d 35 75 62 75 6e 74 75 34 2e 31 0a 6c 69 62 70 61 6e 67 6f 2d 31 2e 30 2d 30 20 31 2e 34 34 2e 37 2d 32 75 62 75 6e 74 75 34 0a 6c 69 62 70 61 6e 67 6f 63 61 69 72 6f 2d 31 2e 30 2d 30 20 31 2e 34 34 2e 37 2d 32 75 62 75 6e 74 75 34 0a 6c 69 62 70 61 6e 67 6f 66 74 32 2d 31 2e 30 2d 30 20 31 2e 34 34 2e 37 2d 32 75 62 75 6e 74 75 34 0a 6c 69 62 70 61 6e 67 6f 78 66 74 2d 31 2e 30 2d 30 20 31 2e 34 34 2e 37 2d 32 75 62 75 6e 74 75 34 0a 6c 69 62 70 61 70 65 72 2d 75 74 69 6c 73 20 31 2e 31 2e 32 38 0a 6c
                                                                        Data Ascii: tu4.1libpam-runtime 1.3.1-5ubuntu4.1libpam-systemd 245.4-4ubuntu3.11libpam0g 1.3.1-5ubuntu4.1libpango-1.0-0 1.44.7-2ubuntu4libpangocairo-1.0-0 1.44.7-2ubuntu4libpangoft2-1.0-0 1.44.7-2ubuntu4libpangoxft-1.0-0 1.44.7-2ubuntu4libpaper-utils 1.1.28l
                                                                        2025-03-23 05:58:12 UTC16384OUTData Raw: 20 20 20 20 20 20 20 20 30 78 30 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 30 0a 67 73 20 20 20 20 20 20 20 20 20 20 20 20 20 30 78 30 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 30 0a 6b 30 20 20 20 20 20 20 20 20 20 20 20 20 20 30 78 30 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 30 0a 6b 31 20 20 20 20 20 20 20 20 20 20 20 20 20 30 78 30 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 30 0a 6b 32 20 20 20 20 20 20 20 20 20 20 20 20 20 30 78 30 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 30 0a 6b 33 20 20 20 20 20 20 20 20 20 20 20 20 20 30 78 30 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 30 0a 6b 34 20 20 20 20 20 20 20 20 20 20 20 20 20 30 78 30 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 30 0a 6b 35 20
                                                                        Data Ascii: 0x0 0gs 0x0 0k0 0x0 0k1 0x0 0k2 0x0 0k3 0x0 0k4 0x0 0k5
                                                                        2025-03-23 05:58:12 UTC16384OUTData Raw: 20 20 20 20 20 20 20 20 20 2f 75 73 72 2f 6c 69 62 2f 78 38 36 5f 36 34 2d 6c 69 6e 75 78 2d 67 6e 75 2f 6c 69 62 78 63 62 2d 72 65 6e 64 65 72 2e 73 6f 2e 30 2e 30 2e 30 0a 37 66 37 39 31 63 30 37 34 30 30 30 2d 37 66 37 39 31 63 30 37 35 30 30 30 20 2d 2d 2d 70 20 30 30 30 30 63 30 30 30 20 66 64 3a 30 30 20 38 30 36 32 36 30 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 2f 75 73 72 2f 6c 69 62 2f 78 38 36 5f 36 34 2d 6c 69 6e 75 78 2d 67 6e 75 2f 6c 69 62 78 63 62 2d 72 65 6e 64 65 72 2e 73 6f 2e 30 2e 30 2e 30 0a 37 66 37 39 31 63 30 37 35 30 30 30 2d 37 66 37 39 31 63 30 37 36 30 30 30 20 72 2d 2d 70 20 30 30 30 30 63 30 30 30 20 66 64 3a 30 30 20 38 30 36 32 36 30 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 2f 75
                                                                        Data Ascii: /usr/lib/x86_64-linux-gnu/libxcb-render.so.0.0.07f791c074000-7f791c075000 ---p 0000c000 fd:00 806260 /usr/lib/x86_64-linux-gnu/libxcb-render.so.0.0.07f791c075000-7f791c076000 r--p 0000c000 fd:00 806260 /u
                                                                        2025-03-23 05:58:12 UTC16384OUTData Raw: 6e 75 78 2d 67 6e 75 2f 6c 69 62 67 64 6b 5f 70 69 78 62 75 66 2d 32 2e 30 2e 73 6f 2e 30 2e 34 30 30 30 2e 30 0a 37 66 37 39 31 63 37 37 33 30 30 30 2d 37 66 37 39 31 63 37 37 34 30 30 30 20 72 77 2d 70 20 30 30 30 32 36 30 30 30 20 66 64 3a 30 30 20 38 30 36 32 34 35 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 2f 75 73 72 2f 6c 69 62 2f 78 38 36 5f 36 34 2d 6c 69 6e 75 78 2d 67 6e 75 2f 6c 69 62 67 64 6b 5f 70 69 78 62 75 66 2d 32 2e 30 2e 73 6f 2e 30 2e 34 30 30 30 2e 30 0a 37 66 37 39 31 63 37 37 34 30 30 30 2d 37 66 37 39 31 63 37 37 38 30 30 30 20 72 2d 2d 70 20 30 30 30 30 30 30 30 30 20 66 64 3a 30 30 20 38 30 36 32 36 38 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 2f 75 73 72 2f 6c 69 62 2f 78 38 36 5f 36 34
                                                                        Data Ascii: nux-gnu/libgdk_pixbuf-2.0.so.0.4000.07f791c773000-7f791c774000 rw-p 00026000 fd:00 806245 /usr/lib/x86_64-linux-gnu/libgdk_pixbuf-2.0.so.0.4000.07f791c774000-7f791c778000 r--p 00000000 fd:00 806268 /usr/lib/x86_64
                                                                        2025-03-23 05:58:12 UTC16384OUTData Raw: 20 70 6c 61 74 66 6f 72 6d 20 65 69 73 61 2e 30 3a 20 43 61 6e 6e 6f 74 20 61 6c 6c 6f 63 61 74 65 20 72 65 73 6f 75 72 63 65 20 66 6f 72 20 45 49 53 41 20 73 6c 6f 74 20 37 0a 41 75 67 20 31 37 20 32 30 3a 32 34 3a 34 36 20 67 61 6c 61 73 73 69 61 20 6b 65 72 6e 65 6c 3a 20 70 6c 61 74 66 6f 72 6d 20 65 69 73 61 2e 30 3a 20 43 61 6e 6e 6f 74 20 61 6c 6c 6f 63 61 74 65 20 72 65 73 6f 75 72 63 65 20 66 6f 72 20 45 49 53 41 20 73 6c 6f 74 20 38 0a 41 75 67 20 31 37 20 32 30 3a 32 34 3a 34 36 20 67 61 6c 61 73 73 69 61 20 6b 65 72 6e 65 6c 3a 20 73 64 20 33 32 3a 30 3a 30 3a 30 3a 20 5b 73 64 61 5d 20 41 73 73 75 6d 69 6e 67 20 64 72 69 76 65 20 63 61 63 68 65 3a 20 77 72 69 74 65 20 74 68 72 6f 75 67 68 0a 41 75 67 20 31 37 20 32 30 3a 32 34 3a 34 37 20 67
                                                                        Data Ascii: platform eisa.0: Cannot allocate resource for EISA slot 7Aug 17 20:24:46 galassia kernel: platform eisa.0: Cannot allocate resource for EISA slot 8Aug 17 20:24:46 galassia kernel: sd 32:0:0:0: [sda] Assuming drive cache: write throughAug 17 20:24:47 g
                                                                        2025-03-23 05:58:12 UTC16384OUTData Raw: 35 35 31 5d 3a 20 28 49 49 29 20 4c 6f 61 64 4d 6f 64 75 6c 65 3a 20 22 66 62 64 65 76 68 77 22 0a 41 75 67 20 31 37 20 32 30 3a 32 35 3a 30 34 20 67 61 6c 61 73 73 69 61 20 2f 75 73 72 2f 6c 69 62 2f 67 64 6d 33 2f 67 64 6d 2d 78 2d 73 65 73 73 69 6f 6e 5b 31 35 35 31 5d 3a 20 28 49 49 29 20 4c 6f 61 64 69 6e 67 20 2f 75 73 72 2f 6c 69 62 2f 78 6f 72 67 2f 6d 6f 64 75 6c 65 73 2f 6c 69 62 66 62 64 65 76 68 77 2e 73 6f 0a 41 75 67 20 31 37 20 32 30 3a 32 35 3a 30 34 20 67 61 6c 61 73 73 69 61 20 2f 75 73 72 2f 6c 69 62 2f 67 64 6d 33 2f 67 64 6d 2d 78 2d 73 65 73 73 69 6f 6e 5b 31 35 35 31 5d 3a 20 28 49 49 29 20 4d 6f 64 75 6c 65 20 66 62 64 65 76 68 77 3a 20 76 65 6e 64 6f 72 3d 22 58 2e 4f 72 67 20 46 6f 75 6e 64 61 74 69 6f 6e 22 0a 41 75 67 20 31 37
                                                                        Data Ascii: 551]: (II) LoadModule: "fbdevhw"Aug 17 20:25:04 galassia /usr/lib/gdm3/gdm-x-session[1551]: (II) Loading /usr/lib/xorg/modules/libfbdevhw.soAug 17 20:25:04 galassia /usr/lib/gdm3/gdm-x-session[1551]: (II) Module fbdevhw: vendor="X.Org Foundation"Aug 17
                                                                        2025-03-23 05:58:12 UTC16384OUTData Raw: 2f 6c 69 62 2f 67 64 6d 33 2f 67 64 6d 2d 78 2d 73 65 73 73 69 6f 6e 5b 31 35 35 31 5d 3a 20 28 49 49 29 20 76 6d 77 61 72 65 28 30 29 3a 20 4e 6f 74 20 75 73 69 6e 67 20 64 65 66 61 75 6c 74 20 6d 6f 64 65 20 22 31 39 32 30 78 31 32 30 30 22 20 28 69 6e 73 75 66 66 69 63 69 65 6e 74 20 6d 65 6d 6f 72 79 20 66 6f 72 20 6d 6f 64 65 29 0a 41 75 67 20 31 37 20 32 30 3a 32 35 3a 30 35 20 67 61 6c 61 73 73 69 61 20 2f 75 73 72 2f 6c 69 62 2f 67 64 6d 33 2f 67 64 6d 2d 78 2d 73 65 73 73 69 6f 6e 5b 31 35 35 31 5d 3a 20 28 49 49 29 20 76 6d 77 61 72 65 28 30 29 3a 20 4e 6f 74 20 75 73 69 6e 67 20 64 65 66 61 75 6c 74 20 6d 6f 64 65 20 22 39 36 30 78 36 30 30 22 20 28 62 61 64 20 6d 6f 64 65 20 63 6c 6f 63 6b 2f 69 6e 74 65 72 6c 61 63 65 2f 64 6f 75 62 6c 65 73
                                                                        Data Ascii: /lib/gdm3/gdm-x-session[1551]: (II) vmware(0): Not using default mode "1920x1200" (insufficient memory for mode)Aug 17 20:25:05 galassia /usr/lib/gdm3/gdm-x-session[1551]: (II) vmware(0): Not using default mode "960x600" (bad mode clock/interlace/doubles
                                                                        2025-03-23 05:58:12 UTC16384OUTData Raw: 20 31 33 33 36 20 31 35 32 30 20 20 38 36 34 20 38 36 35 20 38 36 38 20 38 39 35 20 2d 68 73 79 6e 63 20 2b 76 73 79 6e 63 20 28 35 33 2e 37 20 6b 48 7a 20 64 29 0a 41 75 67 20 31 37 20 32 30 3a 32 35 3a 30 35 20 67 61 6c 61 73 73 69 61 20 2f 75 73 72 2f 6c 69 62 2f 67 64 6d 33 2f 67 64 6d 2d 78 2d 73 65 73 73 69 6f 6e 5b 31 35 35 31 5d 3a 20 28 2a 2a 29 20 76 6d 77 61 72 65 28 30 29 3a 20 20 44 65 66 61 75 6c 74 20 6d 6f 64 65 20 22 31 30 32 34 78 37 36 38 22 3a 20 39 34 2e 35 20 4d 48 7a 2c 20 36 38 2e 37 20 6b 48 7a 2c 20 38 35 2e 30 20 48 7a 0a 41 75 67 20 31 37 20 32 30 3a 32 35 3a 30 35 20 67 61 6c 61 73 73 69 61 20 2f 75 73 72 2f 6c 69 62 2f 67 64 6d 33 2f 67 64 6d 2d 78 2d 73 65 73 73 69 6f 6e 5b 31 35 35 31 5d 3a 20 28 49 49 29 20 76 6d 77 61 72
                                                                        Data Ascii: 1336 1520 864 865 868 895 -hsync +vsync (53.7 kHz d)Aug 17 20:25:05 galassia /usr/lib/gdm3/gdm-x-session[1551]: (**) vmware(0): Default mode "1024x768": 94.5 MHz, 68.7 kHz, 85.0 HzAug 17 20:25:05 galassia /usr/lib/gdm3/gdm-x-session[1551]: (II) vmwar
                                                                        2025-03-23 05:58:12 UTC16384OUTData Raw: 65 64 20 53 65 74 20 32 20 6b 65 79 62 6f 61 72 64 3a 20 61 6c 77 61 79 73 20 72 65 70 6f 72 74 73 20 63 6f 72 65 20 65 76 65 6e 74 73 0a 41 75 67 20 31 37 20 32 30 3a 32 35 3a 30 35 20 67 61 6c 61 73 73 69 61 20 2f 75 73 72 2f 6c 69 62 2f 67 64 6d 33 2f 67 64 6d 2d 78 2d 73 65 73 73 69 6f 6e 5b 31 35 35 31 5d 3a 20 28 2a 2a 29 20 4f 70 74 69 6f 6e 20 22 44 65 76 69 63 65 22 20 22 2f 64 65 76 2f 69 6e 70 75 74 2f 65 76 65 6e 74 31 22 0a 41 75 67 20 31 37 20 32 30 3a 32 35 3a 30 35 20 67 61 6c 61 73 73 69 61 20 2f 75 73 72 2f 6c 69 62 2f 67 64 6d 33 2f 67 64 6d 2d 78 2d 73 65 73 73 69 6f 6e 5b 31 35 35 31 5d 3a 20 28 2a 2a 29 20 4f 70 74 69 6f 6e 20 22 5f 73 6f 75 72 63 65 22 20 22 73 65 72 76 65 72 2f 75 64 65 76 22 0a 41 75 67 20 31 37 20 32 30 3a 32 35
                                                                        Data Ascii: ed Set 2 keyboard: always reports core eventsAug 17 20:25:05 galassia /usr/lib/gdm3/gdm-x-session[1551]: (**) Option "Device" "/dev/input/event1"Aug 17 20:25:05 galassia /usr/lib/gdm3/gdm-x-session[1551]: (**) Option "_source" "server/udev"Aug 17 20:25
                                                                        2025-03-23 05:58:12 UTC279INHTTP/1.1 400 Bad Request
                                                                        Date: Sun, 23 Mar 2025 05:58:12 GMT
                                                                        Server: gunicorn/19.7.1
                                                                        X-Daisy-Revision-Number: 979
                                                                        X-Oops-Repository-Version: 0.0.0
                                                                        Strict-Transport-Security: max-age=2592000
                                                                        Connection: close
                                                                        Transfer-Encoding: chunked
                                                                        17
                                                                        Crash already reported.
                                                                        0


                                                                        System Behavior

                                                                        General

                                                                        Start time (UTC):05:57:54
                                                                        Start date (UTC):23/03/2025
                                                                        Path:/usr/bin/dash
                                                                        Arguments:-
                                                                        File size:129816 bytes
                                                                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                        Process Activities


                                                                        General

                                                                        Start time (UTC):05:57:54
                                                                        Start date (UTC):23/03/2025
                                                                        Path:/usr/bin/rm
                                                                        Arguments:rm -f /tmp/tmp.8mDCkktm5N /tmp/tmp.SSYf8xle0B /tmp/tmp.vlX7lnpvVg
                                                                        File size:72056 bytes
                                                                        MD5 hash:aa2b5496fdbfd88e38791ab81f90b95b

                                                                        File Activities


                                                                        General

                                                                        Start time (UTC):05:57:54
                                                                        Start date (UTC):23/03/2025
                                                                        Path:/usr/bin/dash
                                                                        Arguments:-
                                                                        File size:129816 bytes
                                                                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                        Process Activities


                                                                        General

                                                                        Start time (UTC):05:57:54
                                                                        Start date (UTC):23/03/2025
                                                                        Path:/usr/bin/cat
                                                                        Arguments:cat /tmp/tmp.8mDCkktm5N
                                                                        File size:43416 bytes
                                                                        MD5 hash:7e9d213e404ad3bb82e4ebb2e1f2c1b3

                                                                        File Activities


                                                                        General

                                                                        Start time (UTC):05:57:54
                                                                        Start date (UTC):23/03/2025
                                                                        Path:/usr/bin/dash
                                                                        Arguments:-
                                                                        File size:129816 bytes
                                                                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                        Process Activities


                                                                        General

                                                                        Start time (UTC):05:57:54
                                                                        Start date (UTC):23/03/2025
                                                                        Path:/usr/bin/head
                                                                        Arguments:head -n 10
                                                                        File size:47480 bytes
                                                                        MD5 hash:fd96a67145172477dd57131396fc9608

                                                                        File Activities


                                                                        General

                                                                        Start time (UTC):05:57:54
                                                                        Start date (UTC):23/03/2025
                                                                        Path:/usr/bin/dash
                                                                        Arguments:-
                                                                        File size:129816 bytes
                                                                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                        Process Activities


                                                                        General

                                                                        Start time (UTC):05:57:54
                                                                        Start date (UTC):23/03/2025
                                                                        Path:/usr/bin/tr
                                                                        Arguments:tr -d \\000-\\011\\013\\014\\016-\\037
                                                                        File size:51544 bytes
                                                                        MD5 hash:fbd1402dd9f72d8ebfff00ce7c3a7bb5

                                                                        File Activities


                                                                        General

                                                                        Start time (UTC):05:57:54
                                                                        Start date (UTC):23/03/2025
                                                                        Path:/usr/bin/dash
                                                                        Arguments:-
                                                                        File size:129816 bytes
                                                                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                        Process Activities


                                                                        General

                                                                        Start time (UTC):05:57:54
                                                                        Start date (UTC):23/03/2025
                                                                        Path:/usr/bin/cut
                                                                        Arguments:cut -c -80
                                                                        File size:47480 bytes
                                                                        MD5 hash:d8ed0ea8f22c0de0f8692d4d9f1759d3

                                                                        File Activities


                                                                        General

                                                                        Start time (UTC):05:57:54
                                                                        Start date (UTC):23/03/2025
                                                                        Path:/usr/bin/dash
                                                                        Arguments:-
                                                                        File size:129816 bytes
                                                                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                        Process Activities


                                                                        General

                                                                        Start time (UTC):05:57:54
                                                                        Start date (UTC):23/03/2025
                                                                        Path:/usr/bin/cat
                                                                        Arguments:cat /tmp/tmp.8mDCkktm5N
                                                                        File size:43416 bytes
                                                                        MD5 hash:7e9d213e404ad3bb82e4ebb2e1f2c1b3

                                                                        File Activities


                                                                        General

                                                                        Start time (UTC):05:57:54
                                                                        Start date (UTC):23/03/2025
                                                                        Path:/usr/bin/dash
                                                                        Arguments:-
                                                                        File size:129816 bytes
                                                                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                        Process Activities


                                                                        General

                                                                        Start time (UTC):05:57:54
                                                                        Start date (UTC):23/03/2025
                                                                        Path:/usr/bin/head
                                                                        Arguments:head -n 10
                                                                        File size:47480 bytes
                                                                        MD5 hash:fd96a67145172477dd57131396fc9608

                                                                        File Activities


                                                                        General

                                                                        Start time (UTC):05:57:54
                                                                        Start date (UTC):23/03/2025
                                                                        Path:/usr/bin/dash
                                                                        Arguments:-
                                                                        File size:129816 bytes
                                                                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                        Process Activities


                                                                        General

                                                                        Start time (UTC):05:57:54
                                                                        Start date (UTC):23/03/2025
                                                                        Path:/usr/bin/tr
                                                                        Arguments:tr -d \\000-\\011\\013\\014\\016-\\037
                                                                        File size:51544 bytes
                                                                        MD5 hash:fbd1402dd9f72d8ebfff00ce7c3a7bb5

                                                                        File Activities


                                                                        General

                                                                        Start time (UTC):05:57:54
                                                                        Start date (UTC):23/03/2025
                                                                        Path:/usr/bin/dash
                                                                        Arguments:-
                                                                        File size:129816 bytes
                                                                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                        Process Activities


                                                                        General

                                                                        Start time (UTC):05:57:54
                                                                        Start date (UTC):23/03/2025
                                                                        Path:/usr/bin/cut
                                                                        Arguments:cut -c -80
                                                                        File size:47480 bytes
                                                                        MD5 hash:d8ed0ea8f22c0de0f8692d4d9f1759d3

                                                                        File Activities


                                                                        General

                                                                        Start time (UTC):05:57:55
                                                                        Start date (UTC):23/03/2025
                                                                        Path:/usr/bin/dash
                                                                        Arguments:-
                                                                        File size:129816 bytes
                                                                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                        Process Activities


                                                                        General

                                                                        Start time (UTC):05:57:55
                                                                        Start date (UTC):23/03/2025
                                                                        Path:/usr/bin/rm
                                                                        Arguments:rm -f /tmp/tmp.8mDCkktm5N /tmp/tmp.SSYf8xle0B /tmp/tmp.vlX7lnpvVg
                                                                        File size:72056 bytes
                                                                        MD5 hash:aa2b5496fdbfd88e38791ab81f90b95b

                                                                        File Activities


                                                                        General

                                                                        Start time (UTC):05:57:59
                                                                        Start date (UTC):23/03/2025
                                                                        Path:/tmp/morte.ppc.elf
                                                                        Arguments:/tmp/morte.ppc.elf
                                                                        File size:5388968 bytes
                                                                        MD5 hash:ae65271c943d3451b7f026d1fadccea6

                                                                        File Activities

                                                                        Process Activities

                                                                        System Activities

                                                                        Network Activities


                                                                        General

                                                                        Start time (UTC):05:57:59
                                                                        Start date (UTC):23/03/2025
                                                                        Path:/tmp/morte.ppc.elf
                                                                        Arguments:-
                                                                        File size:5388968 bytes
                                                                        MD5 hash:ae65271c943d3451b7f026d1fadccea6

                                                                        Process Activities

                                                                        Network Activities


                                                                        General

                                                                        Start time (UTC):05:57:59
                                                                        Start date (UTC):23/03/2025
                                                                        Path:/tmp/morte.ppc.elf
                                                                        Arguments:-
                                                                        File size:5388968 bytes
                                                                        MD5 hash:ae65271c943d3451b7f026d1fadccea6

                                                                        File Activities

                                                                        Process Activities


                                                                        General

                                                                        Start time (UTC):05:57:59
                                                                        Start date (UTC):23/03/2025
                                                                        Path:/tmp/morte.ppc.elf
                                                                        Arguments:-
                                                                        File size:5388968 bytes
                                                                        MD5 hash:ae65271c943d3451b7f026d1fadccea6

                                                                        File Activities

                                                                        Process Activities


                                                                        General

                                                                        Start time (UTC):05:58:00
                                                                        Start date (UTC):23/03/2025
                                                                        Path:/usr/lib/systemd/systemd
                                                                        Arguments:-
                                                                        File size:1620224 bytes
                                                                        MD5 hash:9b2bec7092a40488108543f9334aab75

                                                                        Process Activities


                                                                        General

                                                                        Start time (UTC):05:58:00
                                                                        Start date (UTC):23/03/2025
                                                                        Path:/usr/bin/journalctl
                                                                        Arguments:/usr/bin/journalctl --smart-relinquish-var
                                                                        File size:80120 bytes
                                                                        MD5 hash:bf3a987344f3bacafc44efd882abda8b

                                                                        File Activities

                                                                        Process Activities


                                                                        General

                                                                        Start time (UTC):05:58:00
                                                                        Start date (UTC):23/03/2025
                                                                        Path:/usr/sbin/gdm3
                                                                        Arguments:-
                                                                        File size:453296 bytes
                                                                        MD5 hash:2492e2d8d34f9377e3e530a61a15674f

                                                                        Process Activities


                                                                        General

                                                                        Start time (UTC):05:58:00
                                                                        Start date (UTC):23/03/2025
                                                                        Path:/etc/gdm3/PrimeOff/Default
                                                                        Arguments:/etc/gdm3/PrimeOff/Default
                                                                        File size:129816 bytes
                                                                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                        File Activities


                                                                        General

                                                                        Start time (UTC):05:58:00
                                                                        Start date (UTC):23/03/2025
                                                                        Path:/usr/lib/systemd/systemd
                                                                        Arguments:-
                                                                        File size:1620224 bytes
                                                                        MD5 hash:9b2bec7092a40488108543f9334aab75

                                                                        Process Activities


                                                                        General

                                                                        Start time (UTC):05:58:00
                                                                        Start date (UTC):23/03/2025
                                                                        Path:/usr/bin/dbus-daemon
                                                                        Arguments:/usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only
                                                                        File size:249032 bytes
                                                                        MD5 hash:3089d47e3f3ab84cd81c48fd406d7a8c

                                                                        File Activities

                                                                        Network Activities


                                                                        General

                                                                        Start time (UTC):05:58:00
                                                                        Start date (UTC):23/03/2025
                                                                        Path:/usr/lib/systemd/systemd
                                                                        Arguments:-
                                                                        File size:1620224 bytes
                                                                        MD5 hash:9b2bec7092a40488108543f9334aab75

                                                                        Process Activities


                                                                        General

                                                                        Start time (UTC):05:58:00
                                                                        Start date (UTC):23/03/2025
                                                                        Path:/usr/sbin/rsyslogd
                                                                        Arguments:/usr/sbin/rsyslogd -n -iNONE
                                                                        File size:727248 bytes
                                                                        MD5 hash:0b8087fc907c42eb3c81a691db258e33

                                                                        File Activities


                                                                        General

                                                                        Start time (UTC):05:58:00
                                                                        Start date (UTC):23/03/2025
                                                                        Path:/usr/sbin/gdm3
                                                                        Arguments:-
                                                                        File size:453296 bytes
                                                                        MD5 hash:2492e2d8d34f9377e3e530a61a15674f

                                                                        Process Activities


                                                                        General

                                                                        Start time (UTC):05:58:00
                                                                        Start date (UTC):23/03/2025
                                                                        Path:/etc/gdm3/PrimeOff/Default
                                                                        Arguments:/etc/gdm3/PrimeOff/Default
                                                                        File size:129816 bytes
                                                                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                        File Activities


                                                                        General

                                                                        Start time (UTC):05:58:00
                                                                        Start date (UTC):23/03/2025
                                                                        Path:/usr/lib/systemd/systemd
                                                                        Arguments:-
                                                                        File size:1620224 bytes
                                                                        MD5 hash:9b2bec7092a40488108543f9334aab75

                                                                        Process Activities


                                                                        General

                                                                        Start time (UTC):05:58:00
                                                                        Start date (UTC):23/03/2025
                                                                        Path:/usr/bin/pulseaudio
                                                                        Arguments:/usr/bin/pulseaudio --daemonize=no --log-target=journal
                                                                        File size:100832 bytes
                                                                        MD5 hash:0c3b4c789d8ffb12b25507f27e14c186

                                                                        File Activities


                                                                        General

                                                                        Start time (UTC):05:58:00
                                                                        Start date (UTC):23/03/2025
                                                                        Path:/usr/libexec/gvfsd-fuse
                                                                        Arguments:-
                                                                        File size:47632 bytes
                                                                        MD5 hash:d18fbf1cbf8eb57b17fac48b7b4be933

                                                                        Process Activities


                                                                        General

                                                                        Start time (UTC):05:58:00
                                                                        Start date (UTC):23/03/2025
                                                                        Path:/bin/fusermount
                                                                        Arguments:fusermount -u -q -z -- /run/user/1000/gvfs
                                                                        File size:39144 bytes
                                                                        MD5 hash:576a1b135c82bdcbc97a91acea900566

                                                                        File Activities

                                                                        Network Activities


                                                                        General

                                                                        Start time (UTC):05:58:00
                                                                        Start date (UTC):23/03/2025
                                                                        Path:/usr/sbin/gdm3
                                                                        Arguments:-
                                                                        File size:453296 bytes
                                                                        MD5 hash:2492e2d8d34f9377e3e530a61a15674f

                                                                        Process Activities


                                                                        General

                                                                        Start time (UTC):05:58:00
                                                                        Start date (UTC):23/03/2025
                                                                        Path:/etc/gdm3/PrimeOff/Default
                                                                        Arguments:/etc/gdm3/PrimeOff/Default
                                                                        File size:129816 bytes
                                                                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                        File Activities


                                                                        General

                                                                        Start time (UTC):05:58:00
                                                                        Start date (UTC):23/03/2025
                                                                        Path:/usr/lib/systemd/systemd
                                                                        Arguments:-
                                                                        File size:1620224 bytes
                                                                        MD5 hash:9b2bec7092a40488108543f9334aab75

                                                                        Process Activities


                                                                        General

                                                                        Start time (UTC):05:58:00
                                                                        Start date (UTC):23/03/2025
                                                                        Path:/lib/systemd/systemd-journald
                                                                        Arguments:/lib/systemd/systemd-journald
                                                                        File size:162032 bytes
                                                                        MD5 hash:474667ece6cecb5e04c6eb897a1d0d9e

                                                                        File Activities


                                                                        General

                                                                        Start time (UTC):05:58:01
                                                                        Start date (UTC):23/03/2025
                                                                        Path:/usr/lib/systemd/systemd
                                                                        Arguments:-
                                                                        File size:1620224 bytes
                                                                        MD5 hash:9b2bec7092a40488108543f9334aab75

                                                                        Process Activities


                                                                        General

                                                                        Start time (UTC):05:58:01
                                                                        Start date (UTC):23/03/2025
                                                                        Path:/usr/bin/dbus-daemon
                                                                        Arguments:/usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only
                                                                        File size:249032 bytes
                                                                        MD5 hash:3089d47e3f3ab84cd81c48fd406d7a8c

                                                                        File Activities

                                                                        Process Activities

                                                                        Network Activities


                                                                        General

                                                                        Start time (UTC):05:58:01
                                                                        Start date (UTC):23/03/2025
                                                                        Path:/usr/lib/systemd/systemd
                                                                        Arguments:-
                                                                        File size:1620224 bytes
                                                                        MD5 hash:9b2bec7092a40488108543f9334aab75

                                                                        Process Activities


                                                                        General

                                                                        Start time (UTC):05:58:01
                                                                        Start date (UTC):23/03/2025
                                                                        Path:/lib/systemd/systemd-journald
                                                                        Arguments:/lib/systemd/systemd-journald
                                                                        File size:162032 bytes
                                                                        MD5 hash:474667ece6cecb5e04c6eb897a1d0d9e

                                                                        File Activities

                                                                        Process Activities

                                                                        System Activities

                                                                        Network Activities


                                                                        General

                                                                        Start time (UTC):05:58:01
                                                                        Start date (UTC):23/03/2025
                                                                        Path:/usr/lib/systemd/systemd
                                                                        Arguments:-
                                                                        File size:1620224 bytes
                                                                        MD5 hash:9b2bec7092a40488108543f9334aab75

                                                                        Process Activities


                                                                        General

                                                                        Start time (UTC):05:58:01
                                                                        Start date (UTC):23/03/2025
                                                                        Path:/usr/sbin/rsyslogd
                                                                        Arguments:/usr/sbin/rsyslogd -n -iNONE
                                                                        File size:727248 bytes
                                                                        MD5 hash:0b8087fc907c42eb3c81a691db258e33

                                                                        File Activities

                                                                        Process Activities

                                                                        System Activities

                                                                        Network Activities


                                                                        General

                                                                        Start time (UTC):05:58:03
                                                                        Start date (UTC):23/03/2025
                                                                        Path:/usr/lib/systemd/systemd
                                                                        Arguments:-
                                                                        File size:1620224 bytes
                                                                        MD5 hash:9b2bec7092a40488108543f9334aab75

                                                                        Process Activities


                                                                        General

                                                                        Start time (UTC):05:58:03
                                                                        Start date (UTC):23/03/2025
                                                                        Path:/lib/systemd/systemd-logind
                                                                        Arguments:/lib/systemd/systemd-logind
                                                                        File size:268576 bytes
                                                                        MD5 hash:8dd58a1b4c12f7a1d5fe3ce18b2aaeef

                                                                        File Activities

                                                                        Process Activities

                                                                        Network Activities


                                                                        General

                                                                        Start time (UTC):05:58:04
                                                                        Start date (UTC):23/03/2025
                                                                        Path:/usr/lib/systemd/systemd
                                                                        Arguments:-
                                                                        File size:1620224 bytes
                                                                        MD5 hash:9b2bec7092a40488108543f9334aab75

                                                                        Process Activities


                                                                        General

                                                                        Start time (UTC):05:58:04
                                                                        Start date (UTC):23/03/2025
                                                                        Path:/usr/bin/gpu-manager
                                                                        Arguments:/usr/bin/gpu-manager --log /var/log/gpu-manager.log
                                                                        File size:76616 bytes
                                                                        MD5 hash:8fae9dd5dd67e1f33d873089c2fd8761

                                                                        File Activities

                                                                        Process Activities

                                                                        System Activities


                                                                        General

                                                                        Start time (UTC):05:58:05
                                                                        Start date (UTC):23/03/2025
                                                                        Path:/usr/bin/gpu-manager
                                                                        Arguments:-
                                                                        File size:76616 bytes
                                                                        MD5 hash:8fae9dd5dd67e1f33d873089c2fd8761

                                                                        Process Activities


                                                                        General

                                                                        Start time (UTC):05:58:05
                                                                        Start date (UTC):23/03/2025
                                                                        Path:/bin/sh
                                                                        Arguments:sh -c "grep -G \"^blacklist.*nvidia[[:space:]]*$\" /etc/modprobe.d/*.conf"
                                                                        File size:129816 bytes
                                                                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                        File Activities

                                                                        Process Activities


                                                                        General

                                                                        Start time (UTC):05:58:05
                                                                        Start date (UTC):23/03/2025
                                                                        Path:/bin/sh
                                                                        Arguments:-
                                                                        File size:129816 bytes
                                                                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                        Process Activities


                                                                        General

                                                                        Start time (UTC):05:58:05
                                                                        Start date (UTC):23/03/2025
                                                                        Path:/usr/bin/grep
                                                                        Arguments:grep -G ^blacklist.*nvidia[[:space:]]*$ /etc/modprobe.d/alsa-base.conf /etc/modprobe.d/amd64-microcode-blacklist.conf /etc/modprobe.d/blacklist-ath_pci.conf /etc/modprobe.d/blacklist-firewire.conf /etc/modprobe.d/blacklist-framebuffer.conf /etc/modprobe.d/blacklist-modem.conf /etc/modprobe.d/blacklist-oss.conf /etc/modprobe.d/blacklist-rare-network.conf /etc/modprobe.d/blacklist.conf /etc/modprobe.d/intel-microcode-blacklist.conf /etc/modprobe.d/iwlwifi.conf /etc/modprobe.d/mdadm.conf
                                                                        File size:199136 bytes
                                                                        MD5 hash:1e6ebb9dd094f774478f72727bdba0f5

                                                                        File Activities


                                                                        General

                                                                        Start time (UTC):05:58:06
                                                                        Start date (UTC):23/03/2025
                                                                        Path:/usr/bin/gpu-manager
                                                                        Arguments:-
                                                                        File size:76616 bytes
                                                                        MD5 hash:8fae9dd5dd67e1f33d873089c2fd8761

                                                                        Process Activities


                                                                        General

                                                                        Start time (UTC):05:58:06
                                                                        Start date (UTC):23/03/2025
                                                                        Path:/bin/sh
                                                                        Arguments:sh -c "grep -G \"^blacklist.*nvidia[[:space:]]*$\" /lib/modprobe.d/*.conf"
                                                                        File size:129816 bytes
                                                                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                        File Activities

                                                                        Process Activities


                                                                        General

                                                                        Start time (UTC):05:58:06
                                                                        Start date (UTC):23/03/2025
                                                                        Path:/bin/sh
                                                                        Arguments:-
                                                                        File size:129816 bytes
                                                                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                        Process Activities


                                                                        General

                                                                        Start time (UTC):05:58:06
                                                                        Start date (UTC):23/03/2025
                                                                        Path:/usr/bin/grep
                                                                        Arguments:grep -G ^blacklist.*nvidia[[:space:]]*$ /lib/modprobe.d/aliases.conf /lib/modprobe.d/blacklist_linux_5.4.0-72-generic.conf /lib/modprobe.d/blacklist_linux_5.4.0-81-generic.conf /lib/modprobe.d/fbdev-blacklist.conf /lib/modprobe.d/systemd.conf
                                                                        File size:199136 bytes
                                                                        MD5 hash:1e6ebb9dd094f774478f72727bdba0f5

                                                                        File Activities


                                                                        General

                                                                        Start time (UTC):05:58:06
                                                                        Start date (UTC):23/03/2025
                                                                        Path:/usr/bin/gpu-manager
                                                                        Arguments:-
                                                                        File size:76616 bytes
                                                                        MD5 hash:8fae9dd5dd67e1f33d873089c2fd8761

                                                                        Process Activities


                                                                        General

                                                                        Start time (UTC):05:58:06
                                                                        Start date (UTC):23/03/2025
                                                                        Path:/bin/sh
                                                                        Arguments:sh -c "grep -G \"^blacklist.*radeon[[:space:]]*$\" /etc/modprobe.d/*.conf"
                                                                        File size:129816 bytes
                                                                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                        File Activities

                                                                        Process Activities


                                                                        General

                                                                        Start time (UTC):05:58:06
                                                                        Start date (UTC):23/03/2025
                                                                        Path:/bin/sh
                                                                        Arguments:-
                                                                        File size:129816 bytes
                                                                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                        Process Activities


                                                                        General

                                                                        Start time (UTC):05:58:06
                                                                        Start date (UTC):23/03/2025
                                                                        Path:/usr/bin/grep
                                                                        Arguments:grep -G ^blacklist.*radeon[[:space:]]*$ /etc/modprobe.d/alsa-base.conf /etc/modprobe.d/amd64-microcode-blacklist.conf /etc/modprobe.d/blacklist-ath_pci.conf /etc/modprobe.d/blacklist-firewire.conf /etc/modprobe.d/blacklist-framebuffer.conf /etc/modprobe.d/blacklist-modem.conf /etc/modprobe.d/blacklist-oss.conf /etc/modprobe.d/blacklist-rare-network.conf /etc/modprobe.d/blacklist.conf /etc/modprobe.d/intel-microcode-blacklist.conf /etc/modprobe.d/iwlwifi.conf /etc/modprobe.d/mdadm.conf
                                                                        File size:199136 bytes
                                                                        MD5 hash:1e6ebb9dd094f774478f72727bdba0f5

                                                                        File Activities


                                                                        General

                                                                        Start time (UTC):05:58:06
                                                                        Start date (UTC):23/03/2025
                                                                        Path:/usr/bin/gpu-manager
                                                                        Arguments:-
                                                                        File size:76616 bytes
                                                                        MD5 hash:8fae9dd5dd67e1f33d873089c2fd8761

                                                                        Process Activities


                                                                        General

                                                                        Start time (UTC):05:58:06
                                                                        Start date (UTC):23/03/2025
                                                                        Path:/bin/sh
                                                                        Arguments:sh -c "grep -G \"^blacklist.*radeon[[:space:]]*$\" /lib/modprobe.d/*.conf"
                                                                        File size:129816 bytes
                                                                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                        File Activities

                                                                        Process Activities


                                                                        General

                                                                        Start time (UTC):05:58:06
                                                                        Start date (UTC):23/03/2025
                                                                        Path:/bin/sh
                                                                        Arguments:-
                                                                        File size:129816 bytes
                                                                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                        Process Activities


                                                                        General

                                                                        Start time (UTC):05:58:06
                                                                        Start date (UTC):23/03/2025
                                                                        Path:/usr/bin/grep
                                                                        Arguments:grep -G ^blacklist.*radeon[[:space:]]*$ /lib/modprobe.d/aliases.conf /lib/modprobe.d/blacklist_linux_5.4.0-72-generic.conf /lib/modprobe.d/blacklist_linux_5.4.0-81-generic.conf /lib/modprobe.d/fbdev-blacklist.conf /lib/modprobe.d/systemd.conf
                                                                        File size:199136 bytes
                                                                        MD5 hash:1e6ebb9dd094f774478f72727bdba0f5

                                                                        File Activities


                                                                        General

                                                                        Start time (UTC):05:58:07
                                                                        Start date (UTC):23/03/2025
                                                                        Path:/usr/bin/gpu-manager
                                                                        Arguments:-
                                                                        File size:76616 bytes
                                                                        MD5 hash:8fae9dd5dd67e1f33d873089c2fd8761

                                                                        Process Activities


                                                                        General

                                                                        Start time (UTC):05:58:07
                                                                        Start date (UTC):23/03/2025
                                                                        Path:/bin/sh
                                                                        Arguments:sh -c "grep -G \"^blacklist.*amdgpu[[:space:]]*$\" /etc/modprobe.d/*.conf"
                                                                        File size:129816 bytes
                                                                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                        File Activities

                                                                        Process Activities


                                                                        General

                                                                        Start time (UTC):05:58:07
                                                                        Start date (UTC):23/03/2025
                                                                        Path:/bin/sh
                                                                        Arguments:-
                                                                        File size:129816 bytes
                                                                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                        Process Activities


                                                                        General

                                                                        Start time (UTC):05:58:07
                                                                        Start date (UTC):23/03/2025
                                                                        Path:/usr/bin/grep
                                                                        Arguments:grep -G ^blacklist.*amdgpu[[:space:]]*$ /etc/modprobe.d/alsa-base.conf /etc/modprobe.d/amd64-microcode-blacklist.conf /etc/modprobe.d/blacklist-ath_pci.conf /etc/modprobe.d/blacklist-firewire.conf /etc/modprobe.d/blacklist-framebuffer.conf /etc/modprobe.d/blacklist-modem.conf /etc/modprobe.d/blacklist-oss.conf /etc/modprobe.d/blacklist-rare-network.conf /etc/modprobe.d/blacklist.conf /etc/modprobe.d/intel-microcode-blacklist.conf /etc/modprobe.d/iwlwifi.conf /etc/modprobe.d/mdadm.conf
                                                                        File size:199136 bytes
                                                                        MD5 hash:1e6ebb9dd094f774478f72727bdba0f5

                                                                        File Activities


                                                                        General

                                                                        Start time (UTC):05:58:07
                                                                        Start date (UTC):23/03/2025
                                                                        Path:/usr/bin/gpu-manager
                                                                        Arguments:-
                                                                        File size:76616 bytes
                                                                        MD5 hash:8fae9dd5dd67e1f33d873089c2fd8761

                                                                        Process Activities


                                                                        General

                                                                        Start time (UTC):05:58:07
                                                                        Start date (UTC):23/03/2025
                                                                        Path:/bin/sh
                                                                        Arguments:sh -c "grep -G \"^blacklist.*amdgpu[[:space:]]*$\" /lib/modprobe.d/*.conf"
                                                                        File size:129816 bytes
                                                                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                        File Activities

                                                                        Process Activities


                                                                        General

                                                                        Start time (UTC):05:58:07
                                                                        Start date (UTC):23/03/2025
                                                                        Path:/bin/sh
                                                                        Arguments:-
                                                                        File size:129816 bytes
                                                                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                        Process Activities


                                                                        General

                                                                        Start time (UTC):05:58:07
                                                                        Start date (UTC):23/03/2025
                                                                        Path:/usr/bin/grep
                                                                        Arguments:grep -G ^blacklist.*amdgpu[[:space:]]*$ /lib/modprobe.d/aliases.conf /lib/modprobe.d/blacklist_linux_5.4.0-72-generic.conf /lib/modprobe.d/blacklist_linux_5.4.0-81-generic.conf /lib/modprobe.d/fbdev-blacklist.conf /lib/modprobe.d/systemd.conf
                                                                        File size:199136 bytes
                                                                        MD5 hash:1e6ebb9dd094f774478f72727bdba0f5

                                                                        File Activities


                                                                        General

                                                                        Start time (UTC):05:58:08
                                                                        Start date (UTC):23/03/2025
                                                                        Path:/usr/bin/gpu-manager
                                                                        Arguments:-
                                                                        File size:76616 bytes
                                                                        MD5 hash:8fae9dd5dd67e1f33d873089c2fd8761

                                                                        Process Activities


                                                                        General

                                                                        Start time (UTC):05:58:08
                                                                        Start date (UTC):23/03/2025
                                                                        Path:/bin/sh
                                                                        Arguments:sh -c "grep -G \"^blacklist.*nouveau[[:space:]]*$\" /etc/modprobe.d/*.conf"
                                                                        File size:129816 bytes
                                                                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                        File Activities

                                                                        Process Activities


                                                                        General

                                                                        Start time (UTC):05:58:08
                                                                        Start date (UTC):23/03/2025
                                                                        Path:/bin/sh
                                                                        Arguments:-
                                                                        File size:129816 bytes
                                                                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                        Process Activities


                                                                        General

                                                                        Start time (UTC):05:58:08
                                                                        Start date (UTC):23/03/2025
                                                                        Path:/usr/bin/grep
                                                                        Arguments:grep -G ^blacklist.*nouveau[[:space:]]*$ /etc/modprobe.d/alsa-base.conf /etc/modprobe.d/amd64-microcode-blacklist.conf /etc/modprobe.d/blacklist-ath_pci.conf /etc/modprobe.d/blacklist-firewire.conf /etc/modprobe.d/blacklist-framebuffer.conf /etc/modprobe.d/blacklist-modem.conf /etc/modprobe.d/blacklist-oss.conf /etc/modprobe.d/blacklist-rare-network.conf /etc/modprobe.d/blacklist.conf /etc/modprobe.d/intel-microcode-blacklist.conf /etc/modprobe.d/iwlwifi.conf /etc/modprobe.d/mdadm.conf
                                                                        File size:199136 bytes
                                                                        MD5 hash:1e6ebb9dd094f774478f72727bdba0f5

                                                                        File Activities


                                                                        General

                                                                        Start time (UTC):05:58:08
                                                                        Start date (UTC):23/03/2025
                                                                        Path:/usr/bin/gpu-manager
                                                                        Arguments:-
                                                                        File size:76616 bytes
                                                                        MD5 hash:8fae9dd5dd67e1f33d873089c2fd8761

                                                                        Process Activities


                                                                        General

                                                                        Start time (UTC):05:58:08
                                                                        Start date (UTC):23/03/2025
                                                                        Path:/bin/sh
                                                                        Arguments:sh -c "grep -G \"^blacklist.*nouveau[[:space:]]*$\" /lib/modprobe.d/*.conf"
                                                                        File size:129816 bytes
                                                                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                        File Activities

                                                                        Process Activities


                                                                        General

                                                                        Start time (UTC):05:58:08
                                                                        Start date (UTC):23/03/2025
                                                                        Path:/bin/sh
                                                                        Arguments:-
                                                                        File size:129816 bytes
                                                                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                        Process Activities


                                                                        General

                                                                        Start time (UTC):05:58:08
                                                                        Start date (UTC):23/03/2025
                                                                        Path:/usr/bin/grep
                                                                        Arguments:grep -G ^blacklist.*nouveau[[:space:]]*$ /lib/modprobe.d/aliases.conf /lib/modprobe.d/blacklist_linux_5.4.0-72-generic.conf /lib/modprobe.d/blacklist_linux_5.4.0-81-generic.conf /lib/modprobe.d/fbdev-blacklist.conf /lib/modprobe.d/systemd.conf
                                                                        File size:199136 bytes
                                                                        MD5 hash:1e6ebb9dd094f774478f72727bdba0f5

                                                                        File Activities


                                                                        General

                                                                        Start time (UTC):05:58:10
                                                                        Start date (UTC):23/03/2025
                                                                        Path:/usr/lib/systemd/systemd
                                                                        Arguments:-
                                                                        File size:1620224 bytes
                                                                        MD5 hash:9b2bec7092a40488108543f9334aab75

                                                                        Process Activities


                                                                        General

                                                                        Start time (UTC):05:58:10
                                                                        Start date (UTC):23/03/2025
                                                                        Path:/sbin/agetty
                                                                        Arguments:/sbin/agetty -o "-p -- \\u" --noclear tty2 linux
                                                                        File size:69000 bytes
                                                                        MD5 hash:3a374724ba7e863768139bdd60ca36f7

                                                                        File Activities

                                                                        System Activities

                                                                        Network Activities


                                                                        General

                                                                        Start time (UTC):05:58:10
                                                                        Start date (UTC):23/03/2025
                                                                        Path:/usr/lib/systemd/systemd
                                                                        Arguments:-
                                                                        File size:1620224 bytes
                                                                        MD5 hash:9b2bec7092a40488108543f9334aab75

                                                                        Process Activities


                                                                        General

                                                                        Start time (UTC):05:58:10
                                                                        Start date (UTC):23/03/2025
                                                                        Path:/usr/share/gdm/generate-config
                                                                        Arguments:/usr/share/gdm/generate-config
                                                                        File size:129816 bytes
                                                                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                        File Activities

                                                                        Process Activities


                                                                        General

                                                                        Start time (UTC):05:58:10
                                                                        Start date (UTC):23/03/2025
                                                                        Path:/usr/share/gdm/generate-config
                                                                        Arguments:-
                                                                        File size:129816 bytes
                                                                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                        Process Activities


                                                                        General

                                                                        Start time (UTC):05:58:11
                                                                        Start date (UTC):23/03/2025
                                                                        Path:/usr/bin/pkill
                                                                        Arguments:pkill --signal HUP --uid gdm dconf-service
                                                                        File size:30968 bytes
                                                                        MD5 hash:fa96a75a08109d8842e4865b2907d51f

                                                                        File Activities

                                                                        Network Activities


                                                                        General

                                                                        Start time (UTC):05:58:15
                                                                        Start date (UTC):23/03/2025
                                                                        Path:/usr/lib/systemd/systemd
                                                                        Arguments:-
                                                                        File size:1620224 bytes
                                                                        MD5 hash:9b2bec7092a40488108543f9334aab75

                                                                        Process Activities


                                                                        General

                                                                        Start time (UTC):05:58:15
                                                                        Start date (UTC):23/03/2025
                                                                        Path:/usr/lib/gdm3/gdm-wait-for-drm
                                                                        Arguments:/usr/lib/gdm3/gdm-wait-for-drm
                                                                        File size:14640 bytes
                                                                        MD5 hash:82043ba752c6930b4e6aaea2f7747545

                                                                        File Activities


                                                                        General

                                                                        Start time (UTC):05:58:25
                                                                        Start date (UTC):23/03/2025
                                                                        Path:/usr/lib/systemd/systemd
                                                                        Arguments:-
                                                                        File size:1620224 bytes
                                                                        MD5 hash:9b2bec7092a40488108543f9334aab75

                                                                        Process Activities


                                                                        General

                                                                        Start time (UTC):05:58:25
                                                                        Start date (UTC):23/03/2025
                                                                        Path:/usr/sbin/gdm3
                                                                        Arguments:/usr/sbin/gdm3
                                                                        File size:453296 bytes
                                                                        MD5 hash:2492e2d8d34f9377e3e530a61a15674f

                                                                        File Activities

                                                                        Process Activities

                                                                        Network Activities


                                                                        General

                                                                        Start time (UTC):05:58:25
                                                                        Start date (UTC):23/03/2025
                                                                        Path:/usr/sbin/gdm3
                                                                        Arguments:-
                                                                        File size:453296 bytes
                                                                        MD5 hash:2492e2d8d34f9377e3e530a61a15674f

                                                                        File Activities

                                                                        Process Activities


                                                                        General

                                                                        Start time (UTC):05:58:25
                                                                        Start date (UTC):23/03/2025
                                                                        Path:/usr/bin/plymouth
                                                                        Arguments:plymouth --ping
                                                                        File size:51352 bytes
                                                                        MD5 hash:87003efd8dad470042f5e75360a8f49f

                                                                        File Activities

                                                                        Network Activities


                                                                        General

                                                                        Start time (UTC):05:58:27
                                                                        Start date (UTC):23/03/2025
                                                                        Path:/usr/sbin/gdm3
                                                                        Arguments:-
                                                                        File size:453296 bytes
                                                                        MD5 hash:2492e2d8d34f9377e3e530a61a15674f

                                                                        File Activities

                                                                        Process Activities

                                                                        Network Activities


                                                                        General

                                                                        Start time (UTC):05:58:27
                                                                        Start date (UTC):23/03/2025
                                                                        Path:/usr/lib/gdm3/gdm-session-worker
                                                                        Arguments:"gdm-session-worker [pam/gdm-launch-environment]"
                                                                        File size:293360 bytes
                                                                        MD5 hash:692243754bd9f38fe9bd7e230b5c060a

                                                                        File Activities

                                                                        Process Activities

                                                                        System Activities

                                                                        Network Activities


                                                                        General

                                                                        Start time (UTC):05:58:30
                                                                        Start date (UTC):23/03/2025
                                                                        Path:/usr/lib/gdm3/gdm-session-worker
                                                                        Arguments:-
                                                                        File size:293360 bytes
                                                                        MD5 hash:692243754bd9f38fe9bd7e230b5c060a

                                                                        Process Activities

                                                                        Network Activities


                                                                        General

                                                                        Start time (UTC):05:58:30
                                                                        Start date (UTC):23/03/2025
                                                                        Path:/usr/lib/gdm3/gdm-wayland-session
                                                                        Arguments:/usr/lib/gdm3/gdm-wayland-session "dbus-run-session -- gnome-session --autostart /usr/share/gdm/greeter/autostart"
                                                                        File size:76368 bytes
                                                                        MD5 hash:d3def63cf1e83f7fb8a0f13b1744ff7c

                                                                        File Activities

                                                                        Process Activities

                                                                        Network Activities


                                                                        General

                                                                        Start time (UTC):05:58:30
                                                                        Start date (UTC):23/03/2025
                                                                        Path:/usr/lib/gdm3/gdm-wayland-session
                                                                        Arguments:-
                                                                        File size:76368 bytes
                                                                        MD5 hash:d3def63cf1e83f7fb8a0f13b1744ff7c

                                                                        File Activities

                                                                        Process Activities


                                                                        General

                                                                        Start time (UTC):05:58:30
                                                                        Start date (UTC):23/03/2025
                                                                        Path:/usr/bin/dbus-daemon
                                                                        Arguments:dbus-daemon --print-address 3 --session
                                                                        File size:249032 bytes
                                                                        MD5 hash:3089d47e3f3ab84cd81c48fd406d7a8c

                                                                        File Activities

                                                                        Process Activities

                                                                        Network Activities


                                                                        General

                                                                        Start time (UTC):05:58:31
                                                                        Start date (UTC):23/03/2025
                                                                        Path:/usr/bin/dbus-daemon
                                                                        Arguments:-
                                                                        File size:249032 bytes
                                                                        MD5 hash:3089d47e3f3ab84cd81c48fd406d7a8c

                                                                        Process Activities


                                                                        General

                                                                        Start time (UTC):05:58:31
                                                                        Start date (UTC):23/03/2025
                                                                        Path:/usr/bin/dbus-daemon
                                                                        Arguments:-
                                                                        File size:249032 bytes
                                                                        MD5 hash:3089d47e3f3ab84cd81c48fd406d7a8c

                                                                        File Activities

                                                                        Process Activities


                                                                        General

                                                                        Start time (UTC):05:58:31
                                                                        Start date (UTC):23/03/2025
                                                                        Path:/bin/false
                                                                        Arguments:/bin/false
                                                                        File size:39256 bytes
                                                                        MD5 hash:3177546c74e4f0062909eae43d948bfc

                                                                        File Activities


                                                                        General

                                                                        Start time (UTC):05:58:31
                                                                        Start date (UTC):23/03/2025
                                                                        Path:/usr/lib/gdm3/gdm-wayland-session
                                                                        Arguments:-
                                                                        File size:76368 bytes
                                                                        MD5 hash:d3def63cf1e83f7fb8a0f13b1744ff7c

                                                                        File Activities

                                                                        Process Activities


                                                                        General

                                                                        Start time (UTC):05:58:31
                                                                        Start date (UTC):23/03/2025
                                                                        Path:/usr/bin/dbus-run-session
                                                                        Arguments:dbus-run-session -- gnome-session --autostart /usr/share/gdm/greeter/autostart
                                                                        File size:14480 bytes
                                                                        MD5 hash:245f3ef6a268850b33b0225a8753b7f4

                                                                        File Activities

                                                                        Process Activities


                                                                        General

                                                                        Start time (UTC):05:58:31
                                                                        Start date (UTC):23/03/2025
                                                                        Path:/usr/bin/dbus-run-session
                                                                        Arguments:-
                                                                        File size:14480 bytes
                                                                        MD5 hash:245f3ef6a268850b33b0225a8753b7f4

                                                                        Process Activities


                                                                        General

                                                                        Start time (UTC):05:58:31
                                                                        Start date (UTC):23/03/2025
                                                                        Path:/usr/bin/dbus-daemon
                                                                        Arguments:dbus-daemon --nofork --print-address 4 --session
                                                                        File size:249032 bytes
                                                                        MD5 hash:3089d47e3f3ab84cd81c48fd406d7a8c

                                                                        File Activities


                                                                        General

                                                                        Start time (UTC):05:58:32
                                                                        Start date (UTC):23/03/2025
                                                                        Path:/usr/sbin/gdm3
                                                                        Arguments:-
                                                                        File size:453296 bytes
                                                                        MD5 hash:2492e2d8d34f9377e3e530a61a15674f

                                                                        File Activities

                                                                        Process Activities


                                                                        General

                                                                        Start time (UTC):05:58:32
                                                                        Start date (UTC):23/03/2025
                                                                        Path:/etc/gdm3/PrimeOff/Default
                                                                        Arguments:/etc/gdm3/PrimeOff/Default
                                                                        File size:129816 bytes
                                                                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                        File Activities


                                                                        General

                                                                        Start time (UTC):05:58:32
                                                                        Start date (UTC):23/03/2025
                                                                        Path:/usr/sbin/gdm3
                                                                        Arguments:-
                                                                        File size:453296 bytes
                                                                        MD5 hash:2492e2d8d34f9377e3e530a61a15674f

                                                                        File Activities

                                                                        Process Activities


                                                                        General

                                                                        Start time (UTC):05:58:32
                                                                        Start date (UTC):23/03/2025
                                                                        Path:/etc/gdm3/PrimeOff/Default
                                                                        Arguments:/etc/gdm3/PrimeOff/Default
                                                                        File size:129816 bytes
                                                                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                        File Activities


                                                                        General

                                                                        Start time (UTC):05:58:25
                                                                        Start date (UTC):23/03/2025
                                                                        Path:/usr/lib/systemd/systemd
                                                                        Arguments:-
                                                                        File size:1620224 bytes
                                                                        MD5 hash:9b2bec7092a40488108543f9334aab75

                                                                        Process Activities


                                                                        General

                                                                        Start time (UTC):05:58:25
                                                                        Start date (UTC):23/03/2025
                                                                        Path:/usr/lib/accountsservice/accounts-daemon
                                                                        Arguments:/usr/lib/accountsservice/accounts-daemon
                                                                        File size:203192 bytes
                                                                        MD5 hash:01a899e3fb5e7e434bea1290255a1f30

                                                                        File Activities

                                                                        Process Activities

                                                                        Network Activities


                                                                        General

                                                                        Start time (UTC):05:58:25
                                                                        Start date (UTC):23/03/2025
                                                                        Path:/usr/lib/accountsservice/accounts-daemon
                                                                        Arguments:-
                                                                        File size:203192 bytes
                                                                        MD5 hash:01a899e3fb5e7e434bea1290255a1f30

                                                                        File Activities

                                                                        Process Activities


                                                                        General

                                                                        Start time (UTC):05:58:25
                                                                        Start date (UTC):23/03/2025
                                                                        Path:/usr/share/language-tools/language-validate
                                                                        Arguments:/usr/share/language-tools/language-validate en_US.UTF-8
                                                                        File size:129816 bytes
                                                                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                        File Activities

                                                                        Process Activities


                                                                        General

                                                                        Start time (UTC):05:58:25
                                                                        Start date (UTC):23/03/2025
                                                                        Path:/usr/share/language-tools/language-validate
                                                                        Arguments:-
                                                                        File size:129816 bytes
                                                                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                        Process Activities


                                                                        General

                                                                        Start time (UTC):05:58:25
                                                                        Start date (UTC):23/03/2025
                                                                        Path:/usr/share/language-tools/language-options
                                                                        Arguments:/usr/share/language-tools/language-options
                                                                        File size:3478464 bytes
                                                                        MD5 hash:16a21f464119ea7fad1d3660de963637

                                                                        File Activities

                                                                        Process Activities


                                                                        General

                                                                        Start time (UTC):05:58:26
                                                                        Start date (UTC):23/03/2025
                                                                        Path:/usr/share/language-tools/language-options
                                                                        Arguments:-
                                                                        File size:3478464 bytes
                                                                        MD5 hash:16a21f464119ea7fad1d3660de963637

                                                                        Process Activities


                                                                        General

                                                                        Start time (UTC):05:58:26
                                                                        Start date (UTC):23/03/2025
                                                                        Path:/bin/sh
                                                                        Arguments:sh -c "locale -a | grep -F .utf8 "
                                                                        File size:129816 bytes
                                                                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                        File Activities

                                                                        Process Activities


                                                                        General

                                                                        Start time (UTC):05:58:26
                                                                        Start date (UTC):23/03/2025
                                                                        Path:/bin/sh
                                                                        Arguments:-
                                                                        File size:129816 bytes
                                                                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                        Process Activities


                                                                        General

                                                                        Start time (UTC):05:58:26
                                                                        Start date (UTC):23/03/2025
                                                                        Path:/usr/bin/locale
                                                                        Arguments:locale -a
                                                                        File size:58944 bytes
                                                                        MD5 hash:c72a78792469db86d91369c9057f20d2

                                                                        File Activities


                                                                        General

                                                                        Start time (UTC):05:58:26
                                                                        Start date (UTC):23/03/2025
                                                                        Path:/bin/sh
                                                                        Arguments:-
                                                                        File size:129816 bytes
                                                                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                        Process Activities


                                                                        General

                                                                        Start time (UTC):05:58:26
                                                                        Start date (UTC):23/03/2025
                                                                        Path:/usr/bin/grep
                                                                        Arguments:grep -F .utf8
                                                                        File size:199136 bytes
                                                                        MD5 hash:1e6ebb9dd094f774478f72727bdba0f5

                                                                        File Activities


                                                                        General

                                                                        Start time (UTC):05:58:26
                                                                        Start date (UTC):23/03/2025
                                                                        Path:/usr/lib/systemd/systemd
                                                                        Arguments:-
                                                                        File size:1620224 bytes
                                                                        MD5 hash:9b2bec7092a40488108543f9334aab75

                                                                        Process Activities


                                                                        General

                                                                        Start time (UTC):05:58:26
                                                                        Start date (UTC):23/03/2025
                                                                        Path:/usr/lib/policykit-1/polkitd
                                                                        Arguments:/usr/lib/policykit-1/polkitd --no-debug
                                                                        File size:121504 bytes
                                                                        MD5 hash:8efc9b4b5b524210ad2ea1954a9d0e69

                                                                        File Activities

                                                                        Process Activities

                                                                        Network Activities


                                                                        General

                                                                        Start time (UTC):05:59:30
                                                                        Start date (UTC):23/03/2025
                                                                        Path:/usr/lib/systemd/systemd
                                                                        Arguments:-
                                                                        File size:1620224 bytes
                                                                        MD5 hash:9b2bec7092a40488108543f9334aab75

                                                                        Process Activities


                                                                        General

                                                                        Start time (UTC):05:59:30
                                                                        Start date (UTC):23/03/2025
                                                                        Path:/usr/bin/dbus-daemon
                                                                        Arguments:/usr/bin/dbus-daemon --session --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only
                                                                        File size:249032 bytes
                                                                        MD5 hash:3089d47e3f3ab84cd81c48fd406d7a8c

                                                                        File Activities

                                                                        Network Activities


                                                                        General

                                                                        Start time (UTC):05:59:31
                                                                        Start date (UTC):23/03/2025
                                                                        Path:/usr/lib/systemd/systemd
                                                                        Arguments:-
                                                                        File size:1620224 bytes
                                                                        MD5 hash:9b2bec7092a40488108543f9334aab75

                                                                        Process Activities


                                                                        General

                                                                        Start time (UTC):05:59:31
                                                                        Start date (UTC):23/03/2025
                                                                        Path:/usr/bin/pulseaudio
                                                                        Arguments:/usr/bin/pulseaudio --daemonize=no --log-target=journal
                                                                        File size:100832 bytes
                                                                        MD5 hash:0c3b4c789d8ffb12b25507f27e14c186

                                                                        File Activities

                                                                        Process Activities

                                                                        System Activities

                                                                        Network Activities


                                                                        General

                                                                        Start time (UTC):05:59:31
                                                                        Start date (UTC):23/03/2025
                                                                        Path:/usr/lib/systemd/systemd
                                                                        Arguments:-
                                                                        File size:1620224 bytes
                                                                        MD5 hash:9b2bec7092a40488108543f9334aab75

                                                                        Process Activities


                                                                        General

                                                                        Start time (UTC):05:59:31
                                                                        Start date (UTC):23/03/2025
                                                                        Path:/usr/libexec/rtkit-daemon
                                                                        Arguments:/usr/libexec/rtkit-daemon
                                                                        File size:68096 bytes
                                                                        MD5 hash:df0cacf1db4ec95ac70f5b6e06b8ffd7

                                                                        File Activities

                                                                        Process Activities

                                                                        Network Activities