Joe Sandbox Cloud Basic Analysis Report
Create Interactive Tour

Linux Analysis Report
morte.m68k.elf

Overview

General Information

Sample name:morte.m68k.elf
Analysis ID:1646156
MD5:891f7257228944a4ecb3e2fdd77970a9
SHA1:28e048c61b74e840c21c33e911e0fd883aaa1e61
SHA256:4c52735364bfe70ccf08ae3c5f28ea3500167b4b54301cc148d1cf36580a004d
Tags:elfuser-abuse_ch
Infos:

Detection

Gafgyt, Okiru
Score:84
Range:0 - 100

Signatures

Multi AV Scanner detection for submitted file
Sample tries to kill a massive number of system processes
Yara detected Gafgyt
Yara detected Okiru
Reads system files that contain records of logged in users
Sample reads /proc/mounts (often used for finding a writable filesystem)
Sample tries to kill multiple processes (SIGKILL)
Creates hidden files and/or directories
Deletes log files
Detected TCP or UDP traffic on non-standard ports
Enumerates processes within the "proc" file system
Executes commands using a shell command-line interpreter
Executes the "grep" command used to find patterns in files or piped streams
Executes the "kill" or "pkill" command typically used to terminate processes
Executes the "rm" command used to delete files or directories
Found strings indicative of a multi-platform dropper
HTTP GET or POST without a user agent
Reads CPU information from /sys indicative of miner or evasive malware
Reads system information from the proc file system
Reads system version information
Reads the 'hosts' file potentially containing internal network hosts
Sample contains strings indicative of BusyBox which embeds multiple Unix commands in a single executable
Sample has stripped symbol table
Sample listens on a socket
Sample tries to kill a process (SIGKILL)
Sample tries to set the executable flag
Uses the "uname" system call to query kernel version information (possible evasion)

Classification

RansomwareSpreadingPhishingBankerTrojan / BotAdwareSpywareExploiterEvaderMinercleansuspiciousmalicious

General Information

Joe Sandbox version:42.0.0 Malachite
Analysis ID:1646156
Start date and time:2025-03-23 13:17:12 +01:00
Joe Sandbox product:CloudBasic
Overall analysis duration:0h 4m 23s
Hypervisor based Inspection enabled:false
Report type:full
Cookbook file name:defaultlinuxfilecookbook.jbs
Analysis system description:Ubuntu Linux 20.04 x64 (Kernel 5.4.0-72, Firefox 91.0, Evince Document Viewer 3.36.10, LibreOffice 6.4.7.2, OpenJDK 11.0.11)
Analysis Mode:default
Sample name:morte.m68k.elf
Detection:MAL
Classification:mal84.spre.troj.linELF@0/48@3/0
  • Connection to analysis system has been lost, crash info: Unknown
  • Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.

Runtime Messages

Command:/tmp/morte.m68k.elf
PID:6257
Exit Code:0
Exit Code Info:
Killed:False
Standard Output:
lzrd cock fest"/proc/"/exe
Standard Error:

Process Tree

  • system is lnxubuntu20
  • dash New Fork (PID: 6219, Parent: 4331)
  • rm (PID: 6219, Parent: 4331, MD5: aa2b5496fdbfd88e38791ab81f90b95b) Arguments: rm -f /tmp/tmp.aACo8Vpbiz /tmp/tmp.mEDPDhwjSS /tmp/tmp.4orw0uknMO
  • dash New Fork (PID: 6220, Parent: 4331)
  • cat (PID: 6220, Parent: 4331, MD5: 7e9d213e404ad3bb82e4ebb2e1f2c1b3) Arguments: cat /tmp/tmp.aACo8Vpbiz
  • dash New Fork (PID: 6221, Parent: 4331)
  • head (PID: 6221, Parent: 4331, MD5: fd96a67145172477dd57131396fc9608) Arguments: head -n 10
  • dash New Fork (PID: 6222, Parent: 4331)
  • tr (PID: 6222, Parent: 4331, MD5: fbd1402dd9f72d8ebfff00ce7c3a7bb5) Arguments: tr -d \\000-\\011\\013\\014\\016-\\037
  • dash New Fork (PID: 6223, Parent: 4331)
  • cut (PID: 6223, Parent: 4331, MD5: d8ed0ea8f22c0de0f8692d4d9f1759d3) Arguments: cut -c -80
  • dash New Fork (PID: 6224, Parent: 4331)
  • cat (PID: 6224, Parent: 4331, MD5: 7e9d213e404ad3bb82e4ebb2e1f2c1b3) Arguments: cat /tmp/tmp.aACo8Vpbiz
  • dash New Fork (PID: 6225, Parent: 4331)
  • head (PID: 6225, Parent: 4331, MD5: fd96a67145172477dd57131396fc9608) Arguments: head -n 10
  • dash New Fork (PID: 6226, Parent: 4331)
  • tr (PID: 6226, Parent: 4331, MD5: fbd1402dd9f72d8ebfff00ce7c3a7bb5) Arguments: tr -d \\000-\\011\\013\\014\\016-\\037
  • dash New Fork (PID: 6227, Parent: 4331)
  • cut (PID: 6227, Parent: 4331, MD5: d8ed0ea8f22c0de0f8692d4d9f1759d3) Arguments: cut -c -80
  • dash New Fork (PID: 6228, Parent: 4331)
  • rm (PID: 6228, Parent: 4331, MD5: aa2b5496fdbfd88e38791ab81f90b95b) Arguments: rm -f /tmp/tmp.aACo8Vpbiz /tmp/tmp.mEDPDhwjSS /tmp/tmp.4orw0uknMO
  • systemd New Fork (PID: 6265, Parent: 1)
  • journalctl (PID: 6265, Parent: 1, MD5: bf3a987344f3bacafc44efd882abda8b) Arguments: /usr/bin/journalctl --smart-relinquish-var
  • systemd New Fork (PID: 6293, Parent: 1)
  • dbus-daemon (PID: 6293, Parent: 1, MD5: 3089d47e3f3ab84cd81c48fd406d7a8c) Arguments: /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only
  • systemd New Fork (PID: 6302, Parent: 1)
  • rsyslogd (PID: 6302, Parent: 1, MD5: 0b8087fc907c42eb3c81a691db258e33) Arguments: /usr/sbin/rsyslogd -n -iNONE
  • systemd New Fork (PID: 6303, Parent: 1860)
  • pulseaudio (PID: 6303, Parent: 1860, MD5: 0c3b4c789d8ffb12b25507f27e14c186) Arguments: /usr/bin/pulseaudio --daemonize=no --log-target=journal
  • fusermount (PID: 6304, Parent: 2038, MD5: 576a1b135c82bdcbc97a91acea900566) Arguments: fusermount -u -q -z -- /run/user/1000/gvfs
  • systemd New Fork (PID: 6310, Parent: 1)
  • systemd-journald (PID: 6310, Parent: 1, MD5: 474667ece6cecb5e04c6eb897a1d0d9e) Arguments: /lib/systemd/systemd-journald
  • systemd New Fork (PID: 6311, Parent: 1)
  • dbus-daemon (PID: 6311, Parent: 1, MD5: 3089d47e3f3ab84cd81c48fd406d7a8c) Arguments: /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only
  • systemd New Fork (PID: 6312, Parent: 1)
  • rsyslogd (PID: 6312, Parent: 1, MD5: 0b8087fc907c42eb3c81a691db258e33) Arguments: /usr/sbin/rsyslogd -n -iNONE
  • systemd New Fork (PID: 6321, Parent: 1)
  • systemd-logind (PID: 6321, Parent: 1, MD5: 8dd58a1b4c12f7a1d5fe3ce18b2aaeef) Arguments: /lib/systemd/systemd-logind
  • gdm3 New Fork (PID: 6378, Parent: 1320)
  • Default (PID: 6378, Parent: 1320, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: /etc/gdm3/PrimeOff/Default
  • gdm3 New Fork (PID: 6381, Parent: 1320)
  • Default (PID: 6381, Parent: 1320, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: /etc/gdm3/PrimeOff/Default
  • gdm3 New Fork (PID: 6383, Parent: 1320)
  • Default (PID: 6383, Parent: 1320, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: /etc/gdm3/PrimeOff/Default
  • systemd New Fork (PID: 6385, Parent: 1)
  • agetty (PID: 6385, Parent: 1, MD5: 3a374724ba7e863768139bdd60ca36f7) Arguments: /sbin/agetty -o "-p -- \\u" --noclear tty2 linux
  • systemd New Fork (PID: 6386, Parent: 1)
  • gpu-manager (PID: 6386, Parent: 1, MD5: 8fae9dd5dd67e1f33d873089c2fd8761) Arguments: /usr/bin/gpu-manager --log /var/log/gpu-manager.log
    • sh (PID: 6387, Parent: 6386, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "grep -G \"^blacklist.*nvidia[[:space:]]*$\" /etc/modprobe.d/*.conf"
      • sh New Fork (PID: 6388, Parent: 6387)
      • grep (PID: 6388, Parent: 6387, MD5: 1e6ebb9dd094f774478f72727bdba0f5) Arguments: grep -G ^blacklist.*nvidia[[:space:]]*$ /etc/modprobe.d/alsa-base.conf /etc/modprobe.d/amd64-microcode-blacklist.conf /etc/modprobe.d/blacklist-ath_pci.conf /etc/modprobe.d/blacklist-firewire.conf /etc/modprobe.d/blacklist-framebuffer.conf /etc/modprobe.d/blacklist-modem.conf /etc/modprobe.d/blacklist-oss.conf /etc/modprobe.d/blacklist-rare-network.conf /etc/modprobe.d/blacklist.conf /etc/modprobe.d/intel-microcode-blacklist.conf /etc/modprobe.d/iwlwifi.conf /etc/modprobe.d/mdadm.conf
    • sh (PID: 6389, Parent: 6386, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "grep -G \"^blacklist.*nvidia[[:space:]]*$\" /lib/modprobe.d/*.conf"
      • sh New Fork (PID: 6390, Parent: 6389)
      • grep (PID: 6390, Parent: 6389, MD5: 1e6ebb9dd094f774478f72727bdba0f5) Arguments: grep -G ^blacklist.*nvidia[[:space:]]*$ /lib/modprobe.d/aliases.conf /lib/modprobe.d/blacklist_linux_5.4.0-72-generic.conf /lib/modprobe.d/blacklist_linux_5.4.0-81-generic.conf /lib/modprobe.d/fbdev-blacklist.conf /lib/modprobe.d/systemd.conf
    • sh (PID: 6391, Parent: 6386, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "grep -G \"^blacklist.*radeon[[:space:]]*$\" /etc/modprobe.d/*.conf"
      • sh New Fork (PID: 6392, Parent: 6391)
      • grep (PID: 6392, Parent: 6391, MD5: 1e6ebb9dd094f774478f72727bdba0f5) Arguments: grep -G ^blacklist.*radeon[[:space:]]*$ /etc/modprobe.d/alsa-base.conf /etc/modprobe.d/amd64-microcode-blacklist.conf /etc/modprobe.d/blacklist-ath_pci.conf /etc/modprobe.d/blacklist-firewire.conf /etc/modprobe.d/blacklist-framebuffer.conf /etc/modprobe.d/blacklist-modem.conf /etc/modprobe.d/blacklist-oss.conf /etc/modprobe.d/blacklist-rare-network.conf /etc/modprobe.d/blacklist.conf /etc/modprobe.d/intel-microcode-blacklist.conf /etc/modprobe.d/iwlwifi.conf /etc/modprobe.d/mdadm.conf
    • sh (PID: 6393, Parent: 6386, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "grep -G \"^blacklist.*radeon[[:space:]]*$\" /lib/modprobe.d/*.conf"
      • sh New Fork (PID: 6394, Parent: 6393)
      • grep (PID: 6394, Parent: 6393, MD5: 1e6ebb9dd094f774478f72727bdba0f5) Arguments: grep -G ^blacklist.*radeon[[:space:]]*$ /lib/modprobe.d/aliases.conf /lib/modprobe.d/blacklist_linux_5.4.0-72-generic.conf /lib/modprobe.d/blacklist_linux_5.4.0-81-generic.conf /lib/modprobe.d/fbdev-blacklist.conf /lib/modprobe.d/systemd.conf
    • sh (PID: 6395, Parent: 6386, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "grep -G \"^blacklist.*amdgpu[[:space:]]*$\" /etc/modprobe.d/*.conf"
      • sh New Fork (PID: 6396, Parent: 6395)
      • grep (PID: 6396, Parent: 6395, MD5: 1e6ebb9dd094f774478f72727bdba0f5) Arguments: grep -G ^blacklist.*amdgpu[[:space:]]*$ /etc/modprobe.d/alsa-base.conf /etc/modprobe.d/amd64-microcode-blacklist.conf /etc/modprobe.d/blacklist-ath_pci.conf /etc/modprobe.d/blacklist-firewire.conf /etc/modprobe.d/blacklist-framebuffer.conf /etc/modprobe.d/blacklist-modem.conf /etc/modprobe.d/blacklist-oss.conf /etc/modprobe.d/blacklist-rare-network.conf /etc/modprobe.d/blacklist.conf /etc/modprobe.d/intel-microcode-blacklist.conf /etc/modprobe.d/iwlwifi.conf /etc/modprobe.d/mdadm.conf
    • sh (PID: 6397, Parent: 6386, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "grep -G \"^blacklist.*amdgpu[[:space:]]*$\" /lib/modprobe.d/*.conf"
      • sh New Fork (PID: 6398, Parent: 6397)
      • grep (PID: 6398, Parent: 6397, MD5: 1e6ebb9dd094f774478f72727bdba0f5) Arguments: grep -G ^blacklist.*amdgpu[[:space:]]*$ /lib/modprobe.d/aliases.conf /lib/modprobe.d/blacklist_linux_5.4.0-72-generic.conf /lib/modprobe.d/blacklist_linux_5.4.0-81-generic.conf /lib/modprobe.d/fbdev-blacklist.conf /lib/modprobe.d/systemd.conf
    • sh (PID: 6399, Parent: 6386, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "grep -G \"^blacklist.*nouveau[[:space:]]*$\" /etc/modprobe.d/*.conf"
      • sh New Fork (PID: 6400, Parent: 6399)
      • grep (PID: 6400, Parent: 6399, MD5: 1e6ebb9dd094f774478f72727bdba0f5) Arguments: grep -G ^blacklist.*nouveau[[:space:]]*$ /etc/modprobe.d/alsa-base.conf /etc/modprobe.d/amd64-microcode-blacklist.conf /etc/modprobe.d/blacklist-ath_pci.conf /etc/modprobe.d/blacklist-firewire.conf /etc/modprobe.d/blacklist-framebuffer.conf /etc/modprobe.d/blacklist-modem.conf /etc/modprobe.d/blacklist-oss.conf /etc/modprobe.d/blacklist-rare-network.conf /etc/modprobe.d/blacklist.conf /etc/modprobe.d/intel-microcode-blacklist.conf /etc/modprobe.d/iwlwifi.conf /etc/modprobe.d/mdadm.conf
    • sh (PID: 6401, Parent: 6386, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "grep -G \"^blacklist.*nouveau[[:space:]]*$\" /lib/modprobe.d/*.conf"
      • sh New Fork (PID: 6402, Parent: 6401)
      • grep (PID: 6402, Parent: 6401, MD5: 1e6ebb9dd094f774478f72727bdba0f5) Arguments: grep -G ^blacklist.*nouveau[[:space:]]*$ /lib/modprobe.d/aliases.conf /lib/modprobe.d/blacklist_linux_5.4.0-72-generic.conf /lib/modprobe.d/blacklist_linux_5.4.0-81-generic.conf /lib/modprobe.d/fbdev-blacklist.conf /lib/modprobe.d/systemd.conf
  • systemd New Fork (PID: 6406, Parent: 1)
  • generate-config (PID: 6406, Parent: 1, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: /usr/share/gdm/generate-config
    • pkill (PID: 6407, Parent: 6406, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill --signal HUP --uid gdm dconf-service
  • systemd New Fork (PID: 6408, Parent: 1)
  • journalctl (PID: 6408, Parent: 1, MD5: bf3a987344f3bacafc44efd882abda8b) Arguments: /usr/bin/journalctl --flush
  • systemd New Fork (PID: 6413, Parent: 1)
  • gdm-wait-for-drm (PID: 6413, Parent: 1, MD5: 82043ba752c6930b4e6aaea2f7747545) Arguments: /usr/lib/gdm3/gdm-wait-for-drm
  • systemd New Fork (PID: 6418, Parent: 1)
  • gdm3 (PID: 6418, Parent: 1, MD5: 2492e2d8d34f9377e3e530a61a15674f) Arguments: /usr/sbin/gdm3
    • gdm3 New Fork (PID: 6421, Parent: 6418)
    • plymouth (PID: 6421, Parent: 6418, MD5: 87003efd8dad470042f5e75360a8f49f) Arguments: plymouth --ping
    • gdm3 New Fork (PID: 6435, Parent: 6418)
    • gdm-session-worker (PID: 6435, Parent: 6418, MD5: 692243754bd9f38fe9bd7e230b5c060a) Arguments: "gdm-session-worker [pam/gdm-launch-environment]"
      • gdm-wayland-session (PID: 6441, Parent: 6435, MD5: d3def63cf1e83f7fb8a0f13b1744ff7c) Arguments: /usr/lib/gdm3/gdm-wayland-session "dbus-run-session -- gnome-session --autostart /usr/share/gdm/greeter/autostart"
        • dbus-daemon (PID: 6443, Parent: 6441, MD5: 3089d47e3f3ab84cd81c48fd406d7a8c) Arguments: dbus-daemon --print-address 3 --session
          • dbus-daemon New Fork (PID: 6445, Parent: 6443)
            • false (PID: 6446, Parent: 6445, MD5: 3177546c74e4f0062909eae43d948bfc) Arguments: /bin/false
        • dbus-run-session (PID: 6447, Parent: 6441, MD5: 245f3ef6a268850b33b0225a8753b7f4) Arguments: dbus-run-session -- gnome-session --autostart /usr/share/gdm/greeter/autostart
          • dbus-daemon (PID: 6448, Parent: 6447, MD5: 3089d47e3f3ab84cd81c48fd406d7a8c) Arguments: dbus-daemon --nofork --print-address 4 --session
    • gdm3 New Fork (PID: 6449, Parent: 6418)
    • Default (PID: 6449, Parent: 6418, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: /etc/gdm3/PrimeOff/Default
    • gdm3 New Fork (PID: 6450, Parent: 6418)
    • Default (PID: 6450, Parent: 6418, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: /etc/gdm3/PrimeOff/Default
  • systemd New Fork (PID: 6422, Parent: 1)
  • accounts-daemon (PID: 6422, Parent: 1, MD5: 01a899e3fb5e7e434bea1290255a1f30) Arguments: /usr/lib/accountsservice/accounts-daemon
    • language-validate (PID: 6426, Parent: 6422, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: /usr/share/language-tools/language-validate en_US.UTF-8
      • language-options (PID: 6427, Parent: 6426, MD5: 16a21f464119ea7fad1d3660de963637) Arguments: /usr/share/language-tools/language-options
        • sh (PID: 6428, Parent: 6427, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "locale -a | grep -F .utf8 "
          • sh New Fork (PID: 6429, Parent: 6428)
          • locale (PID: 6429, Parent: 6428, MD5: c72a78792469db86d91369c9057f20d2) Arguments: locale -a
          • sh New Fork (PID: 6430, Parent: 6428)
          • grep (PID: 6430, Parent: 6428, MD5: 1e6ebb9dd094f774478f72727bdba0f5) Arguments: grep -F .utf8
  • systemd New Fork (PID: 6431, Parent: 1)
  • polkitd (PID: 6431, Parent: 1, MD5: 8efc9b4b5b524210ad2ea1954a9d0e69) Arguments: /usr/lib/policykit-1/polkitd --no-debug
  • systemd New Fork (PID: 6476, Parent: 1860)
  • dbus-daemon (PID: 6476, Parent: 1860, MD5: 3089d47e3f3ab84cd81c48fd406d7a8c) Arguments: /usr/bin/dbus-daemon --session --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only
  • systemd New Fork (PID: 6477, Parent: 1860)
  • pulseaudio (PID: 6477, Parent: 1860, MD5: 0c3b4c789d8ffb12b25507f27e14c186) Arguments: /usr/bin/pulseaudio --daemonize=no --log-target=journal
  • systemd New Fork (PID: 6478, Parent: 1)
  • rtkit-daemon (PID: 6478, Parent: 1, MD5: df0cacf1db4ec95ac70f5b6e06b8ffd7) Arguments: /usr/libexec/rtkit-daemon
  • cleanup

Malware Threat Intel

Provided by

NameDescriptionAttributionBlogpost URLsLink
Bashlite, GafgytBashlite is a malware family which infects Linux systems in order to launch distributed denial-of-service attacks (DDoS). Originally it was also known under the name Bashdoor, but this term now refers to the exploit method used by the malware. It has been used to launch attacks of up to 400 Gbps.No Attributionhttps://malpedia.caad.fkie.fraunhofer.de/details/elf.bashlite

Yara Signatures

Initial Sample

SourceRuleDescriptionAuthorStrings
morte.m68k.elfJoeSecurity_GafgytYara detected GafgytJoe Security
    morte.m68k.elfJoeSecurity_OkiruYara detected OkiruJoe Security

      Memory Dumps

      SourceRuleDescriptionAuthorStrings
      6259.1.00007f2374001000.00007f2374024000.r-x.sdmpJoeSecurity_GafgytYara detected GafgytJoe Security
        6259.1.00007f2374001000.00007f2374024000.r-x.sdmpJoeSecurity_OkiruYara detected OkiruJoe Security
          6262.1.00007f2374001000.00007f2374024000.r-x.sdmpJoeSecurity_GafgytYara detected GafgytJoe Security
            6262.1.00007f2374001000.00007f2374024000.r-x.sdmpJoeSecurity_OkiruYara detected OkiruJoe Security
              6261.1.00007f2374001000.00007f2374024000.r-x.sdmpJoeSecurity_GafgytYara detected GafgytJoe Security
                Click to see the 7 entries

                Suricata Signatures

                No Suricata rule has matched

                Joe Sandbox Signatures

                • AV Detection
                • Bitcoin Miner
                • Spreading
                • Networking
                • System Summary
                • Persistence and Installation Behavior
                • Malware Analysis System Evasion
                • Language, Device and Operating System Detection
                • Stealing of Sensitive Information
                • Remote Access Functionality

                Click to jump to signature section

                Show All Signature Results

                AV Detection

                barindex
                Source: morte.m68k.elfVirustotal: Detection: 44%Perma Link
                Source: morte.m68k.elfReversingLabs: Detection: 36%
                Source: /usr/bin/pkill (PID: 6407)Reads CPU info from /sys: /sys/devices/system/cpu/onlineJump to behavior
                Source: /usr/bin/pulseaudio (PID: 6477)Reads CPU info from /sys: /sys/devices/system/cpu/onlineJump to behavior
                Source: morte.m68k.elfString: pN^Nubyte/proc/%d/net/tcp %*d: %*x:%x/proc//proc/%s/exe/proc/self/exe/proc/proc/%d/cmdlinenetstatwgettftpcurl/bin/busyboxvar/Challengeapp/hi3511gmDVRiboxusr/dvr_main _8182T_1108mnt/mtd/app/guivar/Kylinl0 c/udevdanko-app/ankosample _8182T_1104var/tmp/soniahicorestm_hi3511_dvr/usr/lib/systemd/systemd/usr/libexec/openssh/sftp-servershellmnt/sys/boot/media/srv/var/run/sbin/lib/etc/dev/home/Davincitelnetsshwatchdog/var/spool/var/Sofiasshd/usr/compress/bin//compress/bin/compress/usr/bashhttpdtelnetddropbearencodersystem/root/dvr_gui//root/dvr_app//anko-app//opt/soraJoshohajime902i13BzSxLxBxeYHOHO-LUGO7HOHO-U79OLJuYfouyf87NiGGeR69xdSO190Ij1XLOLKIKEEEDDEekjheory98escansh4MDMAfdevalvexscanspcMELTEDNINJAREALZflexsonskidsscanx86MISAKI-U79OLfoAxi102kxeswodjwodjwojMmKiy7f87lfreecookiex86sysgpufrgegesysupdater0DnAzepdNiGGeRD0nks69frgreu0x766f6964NiGGeRd0nks1337gafturasgbsigboa120i3UI49OaF3geaevaiolmao123123aOfurain0n4H34DggTrexewwasads1293194hjXDOthLaLosnggtwget-log1337SoraLOADERSAIAKINAggtq1378bfp919GRB1Q2SAIAKUSOggtr14FaSEXSLAVE1337ggtt1902a3u912u3u4haetrghbr19ju3dSORAojkf120hehahejeje922U2JDJA901F91SlaVLav12helpmedaddthhhhh2wgg9qphbqSlav3Th3seD3viceshzSmYZjYMQ5GbfSoRAxD123LOLiaGv5aA3SoRAxD420LOLinsomni640277SoraBeReppin1337ipcamCache66tlGg9QjUYfouyf876ke3TOKYO3lyEeaXul2dULCVxh93OfjHZ2zTY2gD6MZvKc7KU6rmMkiy6f87lA023UU4U24UIUTheWeekndmioribitchesA5p9TheWeekndsmnblkjpoiAbAdTokyosnebAkiruU8inTznetstatsAlexW9RCAKM20TnewnetwordAyo215WordnloadsWordmanenotyakuzaaBelchWordnetsobpBigN0gg0r420X0102I34fofhasfhiafhoiX19I239124UIUoismXSHJEHHEIIHWOolsVNwo12DeportedDeportedXkTer0GbA1onry0v03FortniteDownLOLZY0urM0mGaypussyfartlmaojkGrAcEnIgGeRaNnYvdGkqndCOqGeoRBe6BEGuiltyCrownZEuS69s4beBsEQhdHOHO-KSNDOZEuz69sat1234aj93hJ23scanHAalie293z0k2LscanJoshoARMHellInSideayyyGangShitscanJoshoARM5HighFryb1glscanJoshoARM6IWhPyucDbJboatnetzscanJoshoARM7IuYgujeIqnbtbatrtahzexsexscanJoshoM68KJJDUHEWBBBIBscanJoshoMIPSJSDGIEVIVAVIGcKbVkzGOPascanJoshoMPSLccADscanJoshoPPCKAZEN-OIU97chickenxingsscanJoshoSH4yakuskzm8KAZEN-PO78HcleanerscanJoshoSPCKAZEN-U79OLdbeefscanJoshoX86yakuz4c24KETASHI32ddrwelperscanarm5zPnr6HpQj2Kaishi-Iz90Ydeexecscanarm6zdrtfxcgyKatrina32doCP3fVjscanarm7zxcfhuioKsif91je39scanm68kKuasadvrhelperl33t_feetl33tl33tfeetscanmipsKuasaBinsMateeQnOhRk85rscanmpslLOLHHHOHOHBUIeXK20CL12ZnyamezyQBotBladeSPOOKYhikariwasherep4029x91xx32uhj4gbejhwizardzhra.outboatnetcondiheroshimaskid.dbglzrdPownedSecurity69.aresfxlyazsxhyUNSTABLEunstable_is_the_story_of_the_universemoobotjnsd9sdoilayourmomgaeissdfjiougsiojOasisSEGRJIJHFVNHSNHEIHFOSapep999KOWAI-BAdAsVKOWAI-SADjHKipU7Ylairdropmalwareyour_verry_fucking_gayBig-Bro-Brightsefaexecshirololieagle.For-Gai-Mezy0x6axNLcloqkisvspookymythSwergjmioGKILLEJW(IU(JIWERGFJGJWJRGHetrhwewrtheIuFdKssCxzjSDFJIjioOnrYoXd666ewrtkjokethajbdf89wu823AAaasrdgsWsGA4@F6FGhostWuzHere666BOGOMIPSbeastmodedvrHelperbestmodesfc6aJfIuYDemon.xeno-is-godICY-P-0ODIJgSHUIHIfhwrgLhu87VhvQPzlunadakuexecbinTacoBellGodYololigangExecutionorbitclientAmnesiaOwariUnHAnaAWz3hirobbomiorie
                Source: global trafficTCP traffic: 192.168.2.23:46292 -> 176.65.142.252:7575
                Source: global trafficHTTP traffic detected: POST /9aadafe2051348cd32033e1cad68f0a5fe46fba3240ac1e6e42158f31b8a1371790c09baf3996b4979fe8e533446c7dedf30f654c68b25357334c66911dc6a9e HTTP/1.1Host: daisy.ubuntu.comAccept: */*Content-Type: application/octet-streamX-Whoopsie-Version: 0.2.69ubuntu0.3Content-Length: 164887Expect: 100-continue
                Source: /usr/sbin/rsyslogd (PID: 6302)Reads hosts file: /etc/hostsJump to behavior
                Source: /usr/sbin/rsyslogd (PID: 6312)Reads hosts file: /etc/hostsJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6259)Socket: 127.0.0.1:18094Jump to behavior
                Source: /lib/systemd/systemd-journald (PID: 6310)Socket: unknown address familyJump to behavior
                Source: /usr/sbin/gdm3 (PID: 6418)Socket: unknown address familyJump to behavior
                Source: /usr/bin/dbus-daemon (PID: 6443)Socket: unknown address familyJump to behavior
                Source: unknownTCP traffic detected without corresponding DNS query: 176.65.142.252
                Source: unknownTCP traffic detected without corresponding DNS query: 176.65.142.252
                Source: unknownTCP traffic detected without corresponding DNS query: 176.65.142.252
                Source: unknownTCP traffic detected without corresponding DNS query: 176.65.142.252
                Source: unknownTCP traffic detected without corresponding DNS query: 91.189.91.43
                Source: unknownTCP traffic detected without corresponding DNS query: 109.202.202.202
                Source: unknownTCP traffic detected without corresponding DNS query: 176.65.142.252
                Source: unknownTCP traffic detected without corresponding DNS query: 176.65.142.252
                Source: unknownTCP traffic detected without corresponding DNS query: 91.189.91.42
                Source: unknownTCP traffic detected without corresponding DNS query: 91.189.91.43
                Source: unknownTCP traffic detected without corresponding DNS query: 109.202.202.202
                Source: unknownTCP traffic detected without corresponding DNS query: 91.189.91.42
                Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
                Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
                Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
                Source: global trafficDNS traffic detected: DNS query: daisy.ubuntu.com
                Source: unknownHTTP traffic detected: POST /9aadafe2051348cd32033e1cad68f0a5fe46fba3240ac1e6e42158f31b8a1371790c09baf3996b4979fe8e533446c7dedf30f654c68b25357334c66911dc6a9e HTTP/1.1Host: daisy.ubuntu.comAccept: */*Content-Type: application/octet-streamX-Whoopsie-Version: 0.2.69ubuntu0.3Content-Length: 164887Expect: 100-continue
                Source: syslog.55.drString found in binary or memory: https://www.rsyslog.com
                Source: unknownNetwork traffic detected: HTTP traffic on port 37604 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 43928 -> 443
                Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 37604
                Source: unknownNetwork traffic detected: HTTP traffic on port 42836 -> 443

                System Summary

                barindex
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 1 (init), result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 491, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 658, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 720, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 721, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 759, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 761, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 772, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 774, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 777, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 785, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 793, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 797, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 936, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 2, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 3, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 4, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 6, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 9, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 10, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 11, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 12, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 13, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 14, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 15, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 16, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 17, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 18, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 20, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 21, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 22, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 23, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 24, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 25, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 26, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 27, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 28, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 29, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 30, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 35, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 77, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 78, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 79, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 80, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 81, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 82, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 83, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 84, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 85, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 88, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 89, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 91, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 92, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 93, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 94, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 95, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 96, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 97, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 98, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 99, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 100, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 101, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 102, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 103, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 104, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 105, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 106, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 107, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 108, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 109, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 110, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 111, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 112, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 113, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 114, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 115, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 116, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 117, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 118, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 119, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 120, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 121, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 122, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 123, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 124, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 125, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 126, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 127, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 128, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 130, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 132, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 141, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 144, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 157, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 201, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 202, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 203, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 204, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 205, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 206, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 207, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 208, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 209, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 210, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 211, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 212, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 213, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 214, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 215, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 216, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 217, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 218, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 219, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 220, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 221, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 222, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 223, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 224, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 225, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 226, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 227, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 228, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 229, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 230, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 231, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 232, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 233, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 234, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 235, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 236, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 237, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 243, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 248, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 249, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 250, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 251, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 252, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 253, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 254, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 255, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 256, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 257, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 258, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 259, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 260, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 261, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 262, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 263, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 264, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 265, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 266, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 267, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 269, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 270, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 272, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 274, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 278, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 281, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 286, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 322, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 324, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 326, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 327, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 328, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 333, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 346, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 379, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 419, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 420, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 517, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 654, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 655, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 656, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 657, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 667, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 670, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 674, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 675, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 676, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent to PID below 1000: pid: 677, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 1 (init), result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 491, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 658, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 720, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 721, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 759, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 761, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 772, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 774, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 777, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 785, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 793, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 797, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 936, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 1320, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 1334, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 1335, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 1344, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 1389, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 1476, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 1601, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 1809, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 1860, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 1872, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 1886, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 1983, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 2038, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 2048, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 4509, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 6064, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 6212, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 6213, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 6265, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 6293, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 6301, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 6302, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 6303, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 2, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 3, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 4, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 6, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 9, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 10, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 11, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 12, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 13, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 14, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 15, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 16, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 17, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 18, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 20, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 21, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 22, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 23, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 24, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 25, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 26, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 27, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 28, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 29, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 30, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 35, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 77, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 78, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 79, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 80, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 81, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 82, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 83, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 84, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 85, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 88, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 89, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 91, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 92, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 93, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 94, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 95, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 96, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 97, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 98, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 99, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 100, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 101, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 102, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 103, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 104, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 105, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 106, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 107, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 108, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 109, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 110, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 111, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 112, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 113, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 114, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 115, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 116, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 117, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 118, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 119, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 120, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 121, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 122, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 123, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 124, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 125, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 126, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 127, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 128, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 130, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 132, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 141, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 144, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 157, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 201, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 202, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 203, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 204, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 205, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 206, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 207, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 208, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 209, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 210, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 211, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 212, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 213, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 214, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 215, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 216, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 217, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 218, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 219, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 220, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 221, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 222, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 223, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 224, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 225, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 226, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 227, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 228, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 229, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 230, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 231, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 232, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 233, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 234, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 235, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 236, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 237, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 243, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 248, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 249, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 250, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 251, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 252, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 253, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 254, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 255, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 256, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 257, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 258, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 259, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 260, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 261, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 262, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 263, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 264, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 265, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 266, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 267, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 269, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 270, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 272, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 274, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 278, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 281, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 286, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 322, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 324, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 326, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 327, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 328, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 333, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 346, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 379, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 419, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 420, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 517, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 654, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 655, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 656, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 657, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 667, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 670, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 674, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 675, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 676, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 677, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 1207, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 2014, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 2128, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 2180, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 2208, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 2289, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 2302, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 2746, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 2749, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 2761, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 2882, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 3021, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 3088, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 4392, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 4443, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 4444, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 4445, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 4446, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 4477, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 4483, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 6034, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 6177, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 6184, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 6259, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 6261, result: unknownJump to behavior
                Source: Initial sampleString containing 'busybox' found: /bin/busybox
                Source: Initial sampleString containing 'busybox' found: busyboxxx
                Source: Initial sampleString containing 'busybox' found: busyboxx
                Source: Initial sampleString containing 'busybox' found: pN^Nubyte/proc/%d/net/tcp %*d: %*x:%x/proc//proc/%s/exe/proc/self/exe/proc/proc/%d/cmdlinenetstatwgettftpcurl/bin/busyboxvar/Challengeapp/hi3511gmDVRiboxusr/dvr_main _8182T_1108mnt/mtd/app/guivar/Kylinl0 c/udevdanko-app/ankosample _8182T_1104var/tmp/soniahicorestm_hi3511_dvr/usr/lib/systemd/systemd/usr/libexec/openssh/sftp-servershellmnt/sys/boot/media/srv/var/run/sbin/lib/etc/dev/home/Davincitelnetsshwatchdog/var/spool/var/Sofiasshd/usr/compress/bin//compress/bin/compress/usr/bashhttpdtelnetddropbearencodersystem/root/dvr_gui//root/dvr_app//anko-app//opt/soraJoshohajime902i13BzSxLxBxeYHOHO-LUGO7HOHO-U79OLJuYfouyf87NiGGeR69xdSO190Ij1XLOLKIKEEEDDEekjheory98escansh4MDMAfdevalvexscanspcMELTEDNINJAREALZflexsonskidsscanx86MISAKI-U79OLfoAxi102kxeswodjwodjwojMmKiy7f87lfreecookiex86sysgpufrgegesysupdater0DnAzepdNiGGeRD0nks69frgreu0x766f6964NiGGeRd0nks1337gafturasgbsigboa120i3UI49OaF3geaevaiolmao123123aOfurain0n4H34DggTrexewwasads1293194hjXDOthLaLosnggtwget-log1337SoraLOADERSAIAKINAggtq1378bfp919GRB1Q2SAIAKUSOggtr14Fa
                Source: ELF static info symbol of initial sample.symtab present: no
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 1 (init), result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 491, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 658, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 720, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 721, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 759, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 761, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 772, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 774, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 777, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 785, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 793, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 797, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 936, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 1320, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 1334, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 1335, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 1344, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 1389, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 1476, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 1601, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 1809, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 1860, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 1872, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 1886, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 1983, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 2038, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 2048, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 4509, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 6064, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 6212, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 6213, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 6265, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 6293, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 6301, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 6302, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 6303, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 2, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 3, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 4, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 6, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 9, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 10, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 11, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 12, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 13, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 14, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 15, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 16, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 17, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 18, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 20, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 21, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 22, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 23, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 24, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 25, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 26, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 27, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 28, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 29, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 30, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 35, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 77, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 78, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 79, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 80, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 81, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 82, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 83, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 84, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 85, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 88, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 89, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 91, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 92, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 93, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 94, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 95, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 96, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 97, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 98, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 99, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 100, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 101, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 102, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 103, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 104, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 105, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 106, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 107, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 108, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 109, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 110, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 111, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 112, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 113, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 114, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 115, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 116, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 117, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 118, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 119, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 120, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 121, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 122, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 123, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 124, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 125, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 126, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 127, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 128, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 130, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 132, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 141, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 144, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 157, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 201, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 202, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 203, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 204, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 205, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 206, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 207, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 208, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 209, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 210, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 211, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 212, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 213, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 214, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 215, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 216, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 217, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 218, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 219, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 220, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 221, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 222, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 223, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 224, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 225, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 226, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 227, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 228, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 229, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 230, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 231, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 232, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 233, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 234, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 235, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 236, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 237, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 243, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 248, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 249, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 250, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 251, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 252, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 253, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 254, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 255, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 256, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 257, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 258, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 259, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 260, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 261, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 262, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 263, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 264, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 265, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 266, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 267, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 269, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 270, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 272, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 274, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 278, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 281, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 286, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 322, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 324, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 326, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 327, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 328, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 333, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 346, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 379, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 419, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 420, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 517, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 654, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 655, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 656, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 657, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 667, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 670, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 674, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 675, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 676, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 677, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 1207, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 2014, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 2128, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 2180, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 2208, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 2289, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 2302, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 2746, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 2749, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 2761, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 2882, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 3021, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 3088, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 4392, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 4443, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 4444, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 4445, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 4446, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 4477, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 4483, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 6034, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 6177, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 6184, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 6259, result: successfulJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6261)SIGKILL sent: pid: 6261, result: unknownJump to behavior
                Source: classification engineClassification label: mal84.spre.troj.linELF@0/48@3/0

                Persistence and Installation Behavior

                barindex
                Source: /usr/bin/dbus-daemon (PID: 6293)File: /proc/6293/mountsJump to behavior
                Source: /bin/fusermount (PID: 6304)File: /proc/6304/mountsJump to behavior
                Source: /usr/bin/dbus-daemon (PID: 6311)File: /proc/6311/mountsJump to behavior
                Source: /usr/bin/dbus-daemon (PID: 6443)File: /proc/6443/mountsJump to behavior
                Source: /usr/bin/dbus-daemon (PID: 6448)File: /proc/6448/mountsJump to behavior
                Source: /usr/bin/dbus-daemon (PID: 6476)File: /proc/6476/mountsJump to behavior
                Source: /lib/systemd/systemd-journald (PID: 6310)File: /run/systemd/journal/streams/.#9:76582OtQJOmJump to behavior
                Source: /lib/systemd/systemd-journald (PID: 6310)File: /run/systemd/journal/streams/.#9:76583tYKHviJump to behavior
                Source: /lib/systemd/systemd-journald (PID: 6310)File: /run/systemd/journal/streams/.#9:76584iuIkYiJump to behavior
                Source: /lib/systemd/systemd-journald (PID: 6310)File: /run/systemd/journal/streams/.#9:76590jZZp0lJump to behavior
                Source: /lib/systemd/systemd-journald (PID: 6310)File: /run/systemd/journal/streams/.#9:76591ebGhSkJump to behavior
                Source: /lib/systemd/systemd-journald (PID: 6310)File: /run/systemd/journal/streams/.#9:76592YS6KwjJump to behavior
                Source: /lib/systemd/systemd-journald (PID: 6310)File: /run/systemd/journal/streams/.#9:76593IeHZKiJump to behavior
                Source: /lib/systemd/systemd-journald (PID: 6310)File: /run/systemd/journal/streams/.#9:76600Lrkb1kJump to behavior
                Source: /lib/systemd/systemd-journald (PID: 6310)File: /run/systemd/journal/streams/.#9:76601zJzUAmJump to behavior
                Source: /lib/systemd/systemd-journald (PID: 6310)File: /run/systemd/journal/streams/.#9:766106ulsQkJump to behavior
                Source: /lib/systemd/systemd-journald (PID: 6310)File: /run/systemd/journal/streams/.#9:766111m1FMmJump to behavior
                Source: /lib/systemd/systemd-journald (PID: 6310)File: /run/systemd/journal/streams/.#9:76612KX8F1lJump to behavior
                Source: /lib/systemd/systemd-journald (PID: 6310)File: /run/systemd/journal/streams/.#9:7661327JT4iJump to behavior
                Source: /lib/systemd/systemd-journald (PID: 6310)File: /run/systemd/journal/streams/.#9:76705elXDPiJump to behavior
                Source: /lib/systemd/systemd-journald (PID: 6310)File: /run/systemd/journal/streams/.#9:75499Q4movmJump to behavior
                Source: /lib/systemd/systemd-journald (PID: 6310)File: /run/systemd/journal/streams/.#9:76809LkF3wmJump to behavior
                Source: /lib/systemd/systemd-journald (PID: 6310)File: /run/systemd/journal/streams/.#9:76828UOUdpjJump to behavior
                Source: /lib/systemd/systemd-journald (PID: 6310)File: /run/systemd/journal/streams/.#9:76852coTRAiJump to behavior
                Source: /lib/systemd/systemd-journald (PID: 6310)File: /run/systemd/journal/streams/.#9:76853Y0BU8jJump to behavior
                Source: /lib/systemd/systemd-journald (PID: 6310)File: /run/systemd/journal/streams/.#9:768736sIEIjJump to behavior
                Source: /lib/systemd/systemd-journald (PID: 6310)File: /run/systemd/journal/streams/.#9:768750mo60lJump to behavior
                Source: /lib/systemd/systemd-journald (PID: 6310)File: /run/systemd/journal/streams/.#9:76982RgoiMjJump to behavior
                Source: /lib/systemd/systemd-journald (PID: 6310)File: /run/systemd/journal/streams/.#9:76987GawOXjJump to behavior
                Source: /lib/systemd/systemd-journald (PID: 6310)File: /run/systemd/journal/streams/.#9:77001fuHFulJump to behavior
                Source: /lib/systemd/systemd-logind (PID: 6321)Directory: <invalid fd (18)>/..Jump to behavior
                Source: /lib/systemd/systemd-logind (PID: 6321)Directory: <invalid fd (17)>/..Jump to behavior
                Source: /lib/systemd/systemd-logind (PID: 6321)File: /run/systemd/seats/.#seat0sJNsvbJump to behavior
                Source: /lib/systemd/systemd-logind (PID: 6321)File: /run/systemd/users/.#127lrqc89Jump to behavior
                Source: /lib/systemd/systemd-logind (PID: 6321)File: /run/systemd/users/.#1279BQ7r9Jump to behavior
                Source: /lib/systemd/systemd-logind (PID: 6321)File: /run/systemd/seats/.#seat0efK3YaJump to behavior
                Source: /lib/systemd/systemd-logind (PID: 6321)File: /run/systemd/users/.#1271YEVxaJump to behavior
                Source: /lib/systemd/systemd-logind (PID: 6321)File: /run/systemd/users/.#127eYR4B9Jump to behavior
                Source: /lib/systemd/systemd-logind (PID: 6321)File: /run/systemd/users/.#127PNE7nbJump to behavior
                Source: /lib/systemd/systemd-logind (PID: 6321)File: /run/systemd/users/.#127rO1Vn9Jump to behavior
                Source: /usr/lib/gdm3/gdm-wayland-session (PID: 6441)Directory: /var/lib/gdm3/.cacheJump to behavior
                Source: /usr/lib/accountsservice/accounts-daemon (PID: 6422)Directory: /var/lib/gdm3/.pam_environmentJump to behavior
                Source: /usr/lib/accountsservice/accounts-daemon (PID: 6422)Directory: /root/.cacheJump to behavior
                Source: /usr/lib/policykit-1/polkitd (PID: 6431)Directory: /root/.cacheJump to behavior
                Source: /usr/bin/dbus-daemon (PID: 6311)File opened: /proc/6441/cmdlineJump to behavior
                Source: /usr/bin/dbus-daemon (PID: 6311)File opened: /proc/6311/statusJump to behavior
                Source: /usr/bin/dbus-daemon (PID: 6311)File opened: /proc/6311/attr/currentJump to behavior
                Source: /usr/bin/dbus-daemon (PID: 6311)File opened: /proc/6321/cmdlineJump to behavior
                Source: /usr/bin/dbus-daemon (PID: 6311)File opened: /proc/6431/cmdlineJump to behavior
                Source: /usr/bin/dbus-daemon (PID: 6311)File opened: /proc/6313/cmdlineJump to behavior
                Source: /usr/bin/dbus-daemon (PID: 6311)File opened: /proc/6313/cmdlineJump to behavior
                Source: /usr/bin/dbus-daemon (PID: 6311)File opened: /proc/6478/cmdlineJump to behavior
                Source: /usr/bin/dbus-daemon (PID: 6311)File opened: /proc/1809/cmdlineJump to behavior
                Source: /usr/bin/dbus-daemon (PID: 6311)File opened: /proc/6422/cmdlineJump to behavior
                Source: /usr/bin/dbus-daemon (PID: 6311)File opened: /proc/6477/cmdlineJump to behavior
                Source: /usr/bin/dbus-daemon (PID: 6311)File opened: /proc/6477/cmdlineJump to behavior
                Source: /usr/bin/dbus-daemon (PID: 6311)File opened: /proc/6477/cmdlineJump to behavior
                Source: /usr/bin/dbus-daemon (PID: 6311)File opened: /proc/1/cmdlineJump to behavior
                Source: /usr/bin/dbus-daemon (PID: 6311)File opened: /proc/1389/cmdlineJump to behavior
                Source: /usr/bin/dbus-daemon (PID: 6311)File opened: /proc/6435/cmdlineJump to behavior
                Source: /usr/bin/dbus-daemon (PID: 6311)File opened: /proc/6435/cmdlineJump to behavior
                Source: /usr/bin/dbus-daemon (PID: 6311)File opened: /proc/6418/cmdlineJump to behavior
                Source: /lib/systemd/systemd-journald (PID: 6310)File opened: /proc/6311/commJump to behavior
                Source: /lib/systemd/systemd-journald (PID: 6310)File opened: /proc/6311/cmdlineJump to behavior
                Source: /lib/systemd/systemd-journald (PID: 6310)File opened: /proc/6311/statusJump to behavior
                Source: /lib/systemd/systemd-journald (PID: 6310)File opened: /proc/6311/attr/currentJump to behavior
                Source: /lib/systemd/systemd-journald (PID: 6310)File opened: /proc/6311/sessionidJump to behavior
                Source: /lib/systemd/systemd-journald (PID: 6310)File opened: /proc/6311/loginuidJump to behavior
                Source: /lib/systemd/systemd-journald (PID: 6310)File opened: /proc/6311/cgroupJump to behavior
                Source: /lib/systemd/systemd-journald (PID: 6310)File opened: /proc/6311/commJump to behavior
                Source: /lib/systemd/systemd-journald (PID: 6310)File opened: /proc/6311/cmdlineJump to behavior
                Source: /lib/systemd/systemd-journald (PID: 6310)File opened: /proc/6311/statusJump to behavior
                Source: /lib/systemd/systemd-journald (PID: 6310)File opened: /proc/6311/attr/currentJump to behavior
                Source: /lib/systemd/systemd-journald (PID: 6310)File opened: /proc/6311/sessionidJump to behavior
                Source: /lib/systemd/systemd-journald (PID: 6310)File opened: /proc/6311/loginuidJump to behavior
                Source: /lib/systemd/systemd-journald (PID: 6310)File opened: /proc/6311/cgroupJump to behavior
                Source: /lib/systemd/systemd-journald (PID: 6310)File opened: /proc/6311/commJump to behavior
                Source: /lib/systemd/systemd-journald (PID: 6310)File opened: /proc/6311/cmdlineJump to behavior
                Source: /lib/systemd/systemd-journald (PID: 6310)File opened: /proc/6311/statusJump to behavior
                Source: /lib/systemd/systemd-journald (PID: 6310)File opened: /proc/6311/attr/currentJump to behavior
                Source: /lib/systemd/systemd-journald (PID: 6310)File opened: /proc/6311/sessionidJump to behavior
                Source: /lib/systemd/systemd-journald (PID: 6310)File opened: /proc/6311/loginuidJump to behavior
                Source: /lib/systemd/systemd-journald (PID: 6310)File opened: /proc/6311/cgroupJump to behavior
                Source: /lib/systemd/systemd-journald (PID: 6310)File opened: /proc/6311/commJump to behavior
                Source: /lib/systemd/systemd-journald (PID: 6310)File opened: /proc/6311/cmdlineJump to behavior
                Source: /lib/systemd/systemd-journald (PID: 6310)File opened: /proc/6311/statusJump to behavior
                Source: /lib/systemd/systemd-journald (PID: 6310)File opened: /proc/6311/attr/currentJump to behavior
                Source: /lib/systemd/systemd-journald (PID: 6310)File opened: /proc/6311/sessionidJump to behavior
                Source: /lib/systemd/systemd-journald (PID: 6310)File opened: /proc/6311/loginuidJump to behavior
                Source: /lib/systemd/systemd-journald (PID: 6310)File opened: /proc/6311/cgroupJump to behavior
                Source: /lib/systemd/systemd-journald (PID: 6310)File opened: /proc/6476/commJump to behavior
                Source: /lib/systemd/systemd-journald (PID: 6310)File opened: /proc/6476/cmdlineJump to behavior
                Source: /lib/systemd/systemd-journald (PID: 6310)File opened: /proc/6476/statusJump to behavior
                Source: /lib/systemd/systemd-journald (PID: 6310)File opened: /proc/6476/attr/currentJump to behavior
                Source: /lib/systemd/systemd-journald (PID: 6310)File opened: /proc/6476/sessionidJump to behavior
                Source: /lib/systemd/systemd-journald (PID: 6310)File opened: /proc/6476/loginuidJump to behavior
                Source: /lib/systemd/systemd-journald (PID: 6310)File opened: /proc/6476/cgroupJump to behavior
                Source: /lib/systemd/systemd-journald (PID: 6310)File opened: /proc/6310/cmdlineJump to behavior
                Source: /lib/systemd/systemd-journald (PID: 6310)File opened: /proc/6310/statusJump to behavior
                Source: /lib/systemd/systemd-journald (PID: 6310)File opened: /proc/6310/attr/currentJump to behavior
                Source: /lib/systemd/systemd-journald (PID: 6310)File opened: /proc/6310/sessionidJump to behavior
                Source: /lib/systemd/systemd-journald (PID: 6310)File opened: /proc/6310/loginuidJump to behavior
                Source: /lib/systemd/systemd-journald (PID: 6310)File opened: /proc/6310/cgroupJump to behavior
                Source: /lib/systemd/systemd-journald (PID: 6310)File opened: /proc/6431/commJump to behavior
                Source: /lib/systemd/systemd-journald (PID: 6310)File opened: /proc/6431/cmdlineJump to behavior
                Source: /lib/systemd/systemd-journald (PID: 6310)File opened: /proc/6431/statusJump to behavior
                Source: /lib/systemd/systemd-journald (PID: 6310)File opened: /proc/6431/attr/currentJump to behavior
                Source: /lib/systemd/systemd-journald (PID: 6310)File opened: /proc/6431/sessionidJump to behavior
                Source: /lib/systemd/systemd-journald (PID: 6310)File opened: /proc/6431/loginuidJump to behavior
                Source: /lib/systemd/systemd-journald (PID: 6310)File opened: /proc/6431/cgroupJump to behavior
                Source: /lib/systemd/systemd-journald (PID: 6310)File opened: /proc/6313/commJump to behavior
                Source: /lib/systemd/systemd-journald (PID: 6310)File opened: /proc/6313/cmdlineJump to behavior
                Source: /lib/systemd/systemd-journald (PID: 6310)File opened: /proc/6313/statusJump to behavior
                Source: /lib/systemd/systemd-journald (PID: 6310)File opened: /proc/6313/attr/currentJump to behavior
                Source: /lib/systemd/systemd-journald (PID: 6310)File opened: /proc/6313/sessionidJump to behavior
                Source: /lib/systemd/systemd-journald (PID: 6310)File opened: /proc/6313/loginuidJump to behavior
                Source: /lib/systemd/systemd-journald (PID: 6310)File opened: /proc/6313/cgroupJump to behavior
                Source: /lib/systemd/systemd-journald (PID: 6310)File opened: /proc/6478/commJump to behavior
                Source: /lib/systemd/systemd-journald (PID: 6310)File opened: /proc/6478/cmdlineJump to behavior
                Source: /lib/systemd/systemd-journald (PID: 6310)File opened: /proc/6478/statusJump to behavior
                Source: /lib/systemd/systemd-journald (PID: 6310)File opened: /proc/6478/attr/currentJump to behavior
                Source: /lib/systemd/systemd-journald (PID: 6310)File opened: /proc/6478/sessionidJump to behavior
                Source: /lib/systemd/systemd-journald (PID: 6310)File opened: /proc/6478/loginuidJump to behavior
                Source: /lib/systemd/systemd-journald (PID: 6310)File opened: /proc/6478/cgroupJump to behavior
                Source: /lib/systemd/systemd-journald (PID: 6310)File opened: /proc/6312/commJump to behavior
                Source: /lib/systemd/systemd-journald (PID: 6310)File opened: /proc/6312/cmdlineJump to behavior
                Source: /lib/systemd/systemd-journald (PID: 6310)File opened: /proc/6312/statusJump to behavior
                Source: /lib/systemd/systemd-journald (PID: 6310)File opened: /proc/6312/attr/currentJump to behavior
                Source: /lib/systemd/systemd-journald (PID: 6310)File opened: /proc/6312/sessionidJump to behavior
                Source: /lib/systemd/systemd-journald (PID: 6310)File opened: /proc/6312/loginuidJump to behavior
                Source: /lib/systemd/systemd-journald (PID: 6310)File opened: /proc/6312/cgroupJump to behavior
                Source: /lib/systemd/systemd-journald (PID: 6310)File opened: /proc/6477/commJump to behavior
                Source: /lib/systemd/systemd-journald (PID: 6310)File opened: /proc/6477/cmdlineJump to behavior
                Source: /lib/systemd/systemd-journald (PID: 6310)File opened: /proc/6477/statusJump to behavior
                Source: /lib/systemd/systemd-journald (PID: 6310)File opened: /proc/6477/attr/currentJump to behavior
                Source: /lib/systemd/systemd-journald (PID: 6310)File opened: /proc/6477/sessionidJump to behavior
                Source: /lib/systemd/systemd-journald (PID: 6310)File opened: /proc/6477/loginuidJump to behavior
                Source: /lib/systemd/systemd-journald (PID: 6310)File opened: /proc/6477/cgroupJump to behavior
                Source: /lib/systemd/systemd-journald (PID: 6310)File opened: /proc/2078/commJump to behavior
                Source: /lib/systemd/systemd-journald (PID: 6310)File opened: /proc/2078/cmdlineJump to behavior
                Source: /lib/systemd/systemd-journald (PID: 6310)File opened: /proc/2078/statusJump to behavior
                Source: /lib/systemd/systemd-journald (PID: 6310)File opened: /proc/2078/attr/currentJump to behavior
                Source: /lib/systemd/systemd-journald (PID: 6310)File opened: /proc/2078/sessionidJump to behavior
                Source: /lib/systemd/systemd-journald (PID: 6310)File opened: /proc/2078/loginuidJump to behavior
                Source: /lib/systemd/systemd-journald (PID: 6310)File opened: /proc/2078/cgroupJump to behavior
                Source: /lib/systemd/systemd-journald (PID: 6310)File opened: /proc/2077/commJump to behavior
                Source: /lib/systemd/systemd-journald (PID: 6310)File opened: /proc/2077/cmdlineJump to behavior
                Source: /lib/systemd/systemd-journald (PID: 6310)File opened: /proc/2077/statusJump to behavior
                Source: /lib/systemd/systemd-journald (PID: 6310)File opened: /proc/2077/attr/currentJump to behavior
                Source: /lib/systemd/systemd-journald (PID: 6310)File opened: /proc/2077/sessionidJump to behavior
                Source: /lib/systemd/systemd-journald (PID: 6310)File opened: /proc/2077/loginuidJump to behavior
                Source: /lib/systemd/systemd-journald (PID: 6310)File opened: /proc/2077/cgroupJump to behavior
                Source: /usr/bin/gpu-manager (PID: 6387)Shell command executed: sh -c "grep -G \"^blacklist.*nvidia[[:space:]]*$\" /etc/modprobe.d/*.conf"Jump to behavior
                Source: /usr/bin/gpu-manager (PID: 6389)Shell command executed: sh -c "grep -G \"^blacklist.*nvidia[[:space:]]*$\" /lib/modprobe.d/*.conf"Jump to behavior
                Source: /usr/bin/gpu-manager (PID: 6391)Shell command executed: sh -c "grep -G \"^blacklist.*radeon[[:space:]]*$\" /etc/modprobe.d/*.conf"Jump to behavior
                Source: /usr/bin/gpu-manager (PID: 6393)Shell command executed: sh -c "grep -G \"^blacklist.*radeon[[:space:]]*$\" /lib/modprobe.d/*.conf"Jump to behavior
                Source: /usr/bin/gpu-manager (PID: 6395)Shell command executed: sh -c "grep -G \"^blacklist.*amdgpu[[:space:]]*$\" /etc/modprobe.d/*.conf"Jump to behavior
                Source: /usr/bin/gpu-manager (PID: 6397)Shell command executed: sh -c "grep -G \"^blacklist.*amdgpu[[:space:]]*$\" /lib/modprobe.d/*.conf"Jump to behavior
                Source: /usr/bin/gpu-manager (PID: 6399)Shell command executed: sh -c "grep -G \"^blacklist.*nouveau[[:space:]]*$\" /etc/modprobe.d/*.conf"Jump to behavior
                Source: /usr/bin/gpu-manager (PID: 6401)Shell command executed: sh -c "grep -G \"^blacklist.*nouveau[[:space:]]*$\" /lib/modprobe.d/*.conf"Jump to behavior
                Source: /usr/share/language-tools/language-options (PID: 6428)Shell command executed: sh -c "locale -a | grep -F .utf8 "Jump to behavior
                Source: /bin/sh (PID: 6388)Grep executable: /usr/bin/grep -> grep -G ^blacklist.*nvidia[[:space:]]*$ /etc/modprobe.d/alsa-base.conf /etc/modprobe.d/amd64-microcode-blacklist.conf /etc/modprobe.d/blacklist-ath_pci.conf /etc/modprobe.d/blacklist-firewire.conf /etc/modprobe.d/blacklist-framebuffer.conf /etc/modprobe.d/blacklist-modem.conf /etc/modprobe.d/blacklist-oss.conf /etc/modprobe.d/blacklist-rare-network.conf /etc/modprobe.d/blacklist.conf /etc/modprobe.d/intel-microcode-blacklist.conf /etc/modprobe.d/iwlwifi.conf /etc/modprobe.d/mdadm.confJump to behavior
                Source: /bin/sh (PID: 6390)Grep executable: /usr/bin/grep -> grep -G ^blacklist.*nvidia[[:space:]]*$ /lib/modprobe.d/aliases.conf /lib/modprobe.d/blacklist_linux_5.4.0-72-generic.conf /lib/modprobe.d/blacklist_linux_5.4.0-81-generic.conf /lib/modprobe.d/fbdev-blacklist.conf /lib/modprobe.d/systemd.confJump to behavior
                Source: /bin/sh (PID: 6392)Grep executable: /usr/bin/grep -> grep -G ^blacklist.*radeon[[:space:]]*$ /etc/modprobe.d/alsa-base.conf /etc/modprobe.d/amd64-microcode-blacklist.conf /etc/modprobe.d/blacklist-ath_pci.conf /etc/modprobe.d/blacklist-firewire.conf /etc/modprobe.d/blacklist-framebuffer.conf /etc/modprobe.d/blacklist-modem.conf /etc/modprobe.d/blacklist-oss.conf /etc/modprobe.d/blacklist-rare-network.conf /etc/modprobe.d/blacklist.conf /etc/modprobe.d/intel-microcode-blacklist.conf /etc/modprobe.d/iwlwifi.conf /etc/modprobe.d/mdadm.confJump to behavior
                Source: /bin/sh (PID: 6394)Grep executable: /usr/bin/grep -> grep -G ^blacklist.*radeon[[:space:]]*$ /lib/modprobe.d/aliases.conf /lib/modprobe.d/blacklist_linux_5.4.0-72-generic.conf /lib/modprobe.d/blacklist_linux_5.4.0-81-generic.conf /lib/modprobe.d/fbdev-blacklist.conf /lib/modprobe.d/systemd.confJump to behavior
                Source: /bin/sh (PID: 6396)Grep executable: /usr/bin/grep -> grep -G ^blacklist.*amdgpu[[:space:]]*$ /etc/modprobe.d/alsa-base.conf /etc/modprobe.d/amd64-microcode-blacklist.conf /etc/modprobe.d/blacklist-ath_pci.conf /etc/modprobe.d/blacklist-firewire.conf /etc/modprobe.d/blacklist-framebuffer.conf /etc/modprobe.d/blacklist-modem.conf /etc/modprobe.d/blacklist-oss.conf /etc/modprobe.d/blacklist-rare-network.conf /etc/modprobe.d/blacklist.conf /etc/modprobe.d/intel-microcode-blacklist.conf /etc/modprobe.d/iwlwifi.conf /etc/modprobe.d/mdadm.confJump to behavior
                Source: /bin/sh (PID: 6398)Grep executable: /usr/bin/grep -> grep -G ^blacklist.*amdgpu[[:space:]]*$ /lib/modprobe.d/aliases.conf /lib/modprobe.d/blacklist_linux_5.4.0-72-generic.conf /lib/modprobe.d/blacklist_linux_5.4.0-81-generic.conf /lib/modprobe.d/fbdev-blacklist.conf /lib/modprobe.d/systemd.confJump to behavior
                Source: /bin/sh (PID: 6400)Grep executable: /usr/bin/grep -> grep -G ^blacklist.*nouveau[[:space:]]*$ /etc/modprobe.d/alsa-base.conf /etc/modprobe.d/amd64-microcode-blacklist.conf /etc/modprobe.d/blacklist-ath_pci.conf /etc/modprobe.d/blacklist-firewire.conf /etc/modprobe.d/blacklist-framebuffer.conf /etc/modprobe.d/blacklist-modem.conf /etc/modprobe.d/blacklist-oss.conf /etc/modprobe.d/blacklist-rare-network.conf /etc/modprobe.d/blacklist.conf /etc/modprobe.d/intel-microcode-blacklist.conf /etc/modprobe.d/iwlwifi.conf /etc/modprobe.d/mdadm.confJump to behavior
                Source: /bin/sh (PID: 6402)Grep executable: /usr/bin/grep -> grep -G ^blacklist.*nouveau[[:space:]]*$ /lib/modprobe.d/aliases.conf /lib/modprobe.d/blacklist_linux_5.4.0-72-generic.conf /lib/modprobe.d/blacklist_linux_5.4.0-81-generic.conf /lib/modprobe.d/fbdev-blacklist.conf /lib/modprobe.d/systemd.confJump to behavior
                Source: /bin/sh (PID: 6430)Grep executable: /usr/bin/grep -> grep -F .utf8Jump to behavior
                Source: /usr/share/gdm/generate-config (PID: 6407)Pkill executable: /usr/bin/pkill -> pkill --signal HUP --uid gdm dconf-serviceJump to behavior
                Source: /usr/bin/dash (PID: 6219)Rm executable: /usr/bin/rm -> rm -f /tmp/tmp.aACo8Vpbiz /tmp/tmp.mEDPDhwjSS /tmp/tmp.4orw0uknMOJump to behavior
                Source: /usr/bin/dash (PID: 6228)Rm executable: /usr/bin/rm -> rm -f /tmp/tmp.aACo8Vpbiz /tmp/tmp.mEDPDhwjSS /tmp/tmp.4orw0uknMOJump to behavior
                Source: /lib/systemd/systemd-journald (PID: 6310)Reads from proc file: /proc/meminfoJump to behavior
                Source: /sbin/agetty (PID: 6385)Reads version info: /etc/issueJump to behavior
                Source: /usr/sbin/gdm3 (PID: 6418)File: /var/run/gdm3 (bits: - usr: -x grp: x all: rwx)Jump to behavior
                Source: /usr/sbin/gdm3 (PID: 6418)File: /var/log/gdm3 (bits: - usr: -x grp: x all: rwx)Jump to behavior
                Source: /usr/lib/accountsservice/accounts-daemon (PID: 6422)File: /var/lib/AccountsService/icons (bits: - usr: rx grp: rwx all: rwx)Jump to behavior
                Source: /usr/lib/accountsservice/accounts-daemon (PID: 6422)File: /var/lib/AccountsService/users (bits: - usr: - grp: - all: rwx)Jump to behavior
                Source: /usr/sbin/rsyslogd (PID: 6312)Log file created: /var/log/kern.logJump to dropped file
                Source: /usr/sbin/rsyslogd (PID: 6312)Log file created: /var/log/auth.logJump to dropped file
                Source: /usr/bin/gpu-manager (PID: 6386)Log file created: /var/log/gpu-manager.logJump to dropped file
                Source: /usr/bin/gpu-manager (PID: 6386)Truncated file: /var/log/gpu-manager.logJump to behavior
                Source: /usr/bin/pkill (PID: 6407)Reads CPU info from /sys: /sys/devices/system/cpu/onlineJump to behavior
                Source: /usr/bin/pulseaudio (PID: 6477)Reads CPU info from /sys: /sys/devices/system/cpu/onlineJump to behavior
                Source: /tmp/morte.m68k.elf (PID: 6257)Queries kernel information via 'uname': Jump to behavior
                Source: /usr/sbin/rsyslogd (PID: 6302)Queries kernel information via 'uname': Jump to behavior
                Source: /lib/systemd/systemd-journald (PID: 6310)Queries kernel information via 'uname': Jump to behavior
                Source: /usr/sbin/rsyslogd (PID: 6312)Queries kernel information via 'uname': Jump to behavior
                Source: /sbin/agetty (PID: 6385)Queries kernel information via 'uname': Jump to behavior
                Source: /usr/bin/gpu-manager (PID: 6386)Queries kernel information via 'uname': Jump to behavior
                Source: /usr/lib/gdm3/gdm-session-worker (PID: 6435)Queries kernel information via 'uname': Jump to behavior
                Source: /usr/bin/pulseaudio (PID: 6477)Queries kernel information via 'uname': Jump to behavior
                Source: syslog.55.drBinary or memory string: Mar 23 07:18:03 galassia kernel: [ 419.533265] Hardware name: VMware, Inc. VMware Virtual Platform/440BX Desktop Reference Platform, BIOS 6.00 12/12/2018
                Source: morte.m68k.elf, 6257.1.00007fff19171000.00007fff19192000.rw-.sdmp, morte.m68k.elf, 6259.1.00007fff19171000.00007fff19192000.rw-.sdmp, morte.m68k.elf, 6261.1.00007fff19171000.00007fff19192000.rw-.sdmp, morte.m68k.elf, 6262.1.00007fff19171000.00007fff19192000.rw-.sdmpBinary or memory string: x86_64/usr/bin/qemu-m68k/tmp/morte.m68k.elfSUDO_USER=saturninoPATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/binDISPLAY=:1.0XAUTHORITY=/run/user/1000/gdm/XauthoritySUDO_UID=1000TERM=xterm-256colorCOLORTERM=truecolorLOGNAME=rootUSER=rootLANG=en_US.UTF-8SUDO_COMMAND=/bin/bashHOME=/rootMAIL=/var/mail/rootSUDO_GID=1000SHELL=/bin/bash/tmp/morte.m68k.elf
                Source: morte.m68k.elf, 6261.1.00007fff19171000.00007fff19192000.rw-.sdmpBinary or memory string: ]U/tmp/qemu-open.rsiLKB
                Source: syslog.55.drBinary or memory string: Mar 23 07:18:03 galassia kernel: [ 419.533247] Modules linked in: monitor(OE) md4 cmac cifs libarc4 fscache libdes vmw_vsock_vmci_transport vsock binfmt_misc dm_multipath scsi_dh_rdac scsi_dh_emc scsi_dh_alua vmw_balloon joydev input_leds serio_raw vmw_vmci sch_fq_codel drm parport_pc ppdev lp parport ip_tables x_tables autofs4 btrfs zstd_compress raid10 raid456 async_raid6_recov async_memcpy async_pq async_xor async_tx xor raid6_pq libcrc32c raid1 raid0 multipath linear crct10dif_pclmul crc32_pclmul ghash_clmulni_intel aesni_intel crypto_simd cryptd glue_helper psmouse ahci mptspi vmxnet3 scsi_transport_spi mptscsih libahci mptbase
                Source: morte.m68k.elf, 6257.1.00007fff19171000.00007fff19192000.rw-.sdmp, morte.m68k.elf, 6259.1.00007fff19171000.00007fff19192000.rw-.sdmp, morte.m68k.elf, 6261.1.00007fff19171000.00007fff19192000.rw-.sdmp, morte.m68k.elf, 6262.1.00007fff19171000.00007fff19192000.rw-.sdmpBinary or memory string: /usr/bin/qemu-m68k
                Source: morte.m68k.elf, 6257.1.0000555dd2e77000.0000555dd2efc000.rw-.sdmp, morte.m68k.elf, 6259.1.0000555dd2e77000.0000555dd2efc000.rw-.sdmp, morte.m68k.elf, 6261.1.0000555dd2e77000.0000555dd2efc000.rw-.sdmp, morte.m68k.elf, 6262.1.0000555dd2e77000.0000555dd2efc000.rw-.sdmpBinary or memory string: /etc/qemu-binfmt/m68k
                Source: morte.m68k.elf, 6257.1.0000555dd2e77000.0000555dd2efc000.rw-.sdmp, morte.m68k.elf, 6259.1.0000555dd2e77000.0000555dd2efc000.rw-.sdmp, morte.m68k.elf, 6261.1.0000555dd2e77000.0000555dd2efc000.rw-.sdmp, morte.m68k.elf, 6262.1.0000555dd2e77000.0000555dd2efc000.rw-.sdmpBinary or memory string: ]U!/etc/qemu-binfmt/m68k
                Source: morte.m68k.elf, 6261.1.00007fff19171000.00007fff19192000.rw-.sdmpBinary or memory string: /tmp/qemu-open.rsiLKB

                Language, Device and Operating System Detection

                barindex
                Source: /usr/lib/accountsservice/accounts-daemon (PID: 6422)Logged in records file read: /var/log/wtmpJump to behavior

                Stealing of Sensitive Information

                barindex
                Source: Yara matchFile source: morte.m68k.elf, type: SAMPLE
                Source: Yara matchFile source: 6259.1.00007f2374001000.00007f2374024000.r-x.sdmp, type: MEMORY
                Source: Yara matchFile source: 6262.1.00007f2374001000.00007f2374024000.r-x.sdmp, type: MEMORY
                Source: Yara matchFile source: 6261.1.00007f2374001000.00007f2374024000.r-x.sdmp, type: MEMORY
                Source: Yara matchFile source: 6257.1.00007f2374001000.00007f2374024000.r-x.sdmp, type: MEMORY
                Source: Yara matchFile source: morte.m68k.elf, type: SAMPLE
                Source: Yara matchFile source: 6259.1.00007f2374001000.00007f2374024000.r-x.sdmp, type: MEMORY
                Source: Yara matchFile source: 6262.1.00007f2374001000.00007f2374024000.r-x.sdmp, type: MEMORY
                Source: Yara matchFile source: 6261.1.00007f2374001000.00007f2374024000.r-x.sdmp, type: MEMORY
                Source: Yara matchFile source: 6257.1.00007f2374001000.00007f2374024000.r-x.sdmp, type: MEMORY
                Source: Yara matchFile source: Process Memory Space: morte.m68k.elf PID: 6257, type: MEMORYSTR
                Source: Yara matchFile source: Process Memory Space: morte.m68k.elf PID: 6259, type: MEMORYSTR
                Source: Yara matchFile source: Process Memory Space: morte.m68k.elf PID: 6261, type: MEMORYSTR
                Source: Yara matchFile source: Process Memory Space: morte.m68k.elf PID: 6262, type: MEMORYSTR

                Remote Access Functionality

                barindex
                Source: Yara matchFile source: morte.m68k.elf, type: SAMPLE
                Source: Yara matchFile source: 6259.1.00007f2374001000.00007f2374024000.r-x.sdmp, type: MEMORY
                Source: Yara matchFile source: 6262.1.00007f2374001000.00007f2374024000.r-x.sdmp, type: MEMORY
                Source: Yara matchFile source: 6261.1.00007f2374001000.00007f2374024000.r-x.sdmp, type: MEMORY
                Source: Yara matchFile source: 6257.1.00007f2374001000.00007f2374024000.r-x.sdmp, type: MEMORY
                Source: Yara matchFile source: morte.m68k.elf, type: SAMPLE
                Source: Yara matchFile source: 6259.1.00007f2374001000.00007f2374024000.r-x.sdmp, type: MEMORY
                Source: Yara matchFile source: 6262.1.00007f2374001000.00007f2374024000.r-x.sdmp, type: MEMORY
                Source: Yara matchFile source: 6261.1.00007f2374001000.00007f2374024000.r-x.sdmp, type: MEMORY
                Source: Yara matchFile source: 6257.1.00007f2374001000.00007f2374024000.r-x.sdmp, type: MEMORY
                Source: Yara matchFile source: Process Memory Space: morte.m68k.elf PID: 6257, type: MEMORYSTR
                Source: Yara matchFile source: Process Memory Space: morte.m68k.elf PID: 6259, type: MEMORYSTR
                Source: Yara matchFile source: Process Memory Space: morte.m68k.elf PID: 6261, type: MEMORYSTR
                Source: Yara matchFile source: Process Memory Space: morte.m68k.elf PID: 6262, type: MEMORYSTR

                Mitre Att&ck Matrix

                ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
                Gather Victim Identity Information2
                Scripting                		Valid AccountsWindows Management Instrumentation2
                Scripting                		Path Interception1
                File and Directory Permissions Modification                		1
                OS Credential Dumping                		11
                Security Software Discovery                		Remote ServicesData from Local System1
                Encrypted Channel                		Exfiltration Over Other Network Medium2
                Service Stop
                CredentialsDomainsDefault AccountsScheduled Task/JobBoot or Logon Initialization ScriptsBoot or Logon Initialization Scripts1
                Disable or Modify Tools                		LSASS Memory1
                System Owner/User Discovery                		Remote Desktop ProtocolData from Removable Media1
                Non-Standard Port                		Exfiltration Over BluetoothNetwork Denial of Service
                Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)Logon Script (Windows)1
                Hidden Files and Directories                		Security Account Manager11
                File and Directory Discovery                		SMB/Windows Admin SharesData from Network Shared Drive2
                Non-Application Layer Protocol                		Automated ExfiltrationData Encrypted for Impact
                Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin Hook1
                Indicator Removal                		NTDS3
                System Information Discovery                		Distributed Component Object ModelInput Capture3
                Application Layer Protocol                		Traffic DuplicationData Destruction
                Gather Victim Network InformationServerCloud AccountsLaunchdNetwork Logon ScriptNetwork Logon Script1
                File Deletion                		LSA SecretsInternet Connection DiscoverySSHKeyloggingFallback ChannelsScheduled TransferData Encrypted for Impact

                Malware Configuration

                No configs have been found

                Behavior Graph

                Hide Legend

                Legend:

                • Process
                • Signature
                • Created File
                • DNS/IP Info
                • Is Dropped
                • Number of created Files
                • Is malicious
                • Internet
                behaviorgraph top1 dnsIp2 2 Behavior Graph ID: 1646156 Sample: morte.m68k.elf Startdate: 23/03/2025 Architecture: LINUX Score: 84 78 176.65.142.252, 46292, 7575 WEBTRAFFICDE Germany 2->78 80 109.202.202.202, 80 INIT7CH Switzerland 2->80 82 4 other IPs or domains 2->82 90 Multi AV Scanner detection for submitted file 2->90 92 Yara detected Okiru 2->92 94 Yara detected Gafgyt 2->94 11 systemd gdm3 2->11         started        13 systemd gpu-manager 2->13         started        15 dash rm morte.m68k.elf 2->15         started        17 30 other processes 2->17 signatures3 process4 file5 21 gdm3 gdm-session-worker 11->21         started        35 3 other processes 11->35 23 gpu-manager sh 13->23         started        25 gpu-manager sh 13->25         started        27 gpu-manager sh 13->27         started        37 5 other processes 13->37 29 morte.m68k.elf 15->29         started        76 /var/log/wtmp, data 17->76 dropped 84 Sample reads /proc/mounts (often used for finding a writable filesystem) 17->84 86 Reads system files that contain records of logged in users 17->86 31 accounts-daemon language-validate 17->31         started        33 generate-config pkill 17->33         started        signatures6 process7 process8 39 gdm-session-worker gdm-wayland-session 21->39         started        41 sh grep 23->41         started        43 sh grep 25->43         started        45 sh grep 27->45         started        47 morte.m68k.elf 29->47         started        50 morte.m68k.elf 29->50         started        52 language-validate language-options 31->52         started        54 sh grep 37->54         started        56 4 other processes 37->56 signatures9 58 gdm-wayland-session dbus-run-session 39->58         started        60 gdm-wayland-session dbus-daemon 39->60         started        98 Sample tries to kill a massive number of system processes 47->98 100 Sample tries to kill multiple processes (SIGKILL) 47->100 63 language-options sh 52->63         started        process10 signatures11 65 dbus-run-session dbus-daemon 58->65         started        96 Sample reads /proc/mounts (often used for finding a writable filesystem) 60->96 68 dbus-daemon 60->68         started        70 sh locale 63->70         started        72 sh grep 63->72         started        process12 signatures13 88 Sample reads /proc/mounts (often used for finding a writable filesystem) 65->88 74 dbus-daemon false 68->74         started        process14

                Antivirus, Machine Learning and Genetic Malware Detection

                Initial Sample

                SourceDetectionScannerLabelLink
                morte.m68k.elf44%VirustotalBrowse
                morte.m68k.elf36%ReversingLabsLinux.Trojan.Mirai

                Dropped Files

                No Antivirus matches

                Domains

                No Antivirus matches

                URLs

                No Antivirus matches

                Domains and IPs

                Download Network PCAP: filteredfull

                Contacted Domains

                NameIPActiveMaliciousAntivirus DetectionReputation
                daisy.ubuntu.com
                		162.213.35.25
                		truefalse
                  		high

                  Contacted URLs

                  NameMaliciousAntivirus DetectionReputation
                  https://daisy.ubuntu.com/9aadafe2051348cd32033e1cad68f0a5fe46fba3240ac1e6e42158f31b8a1371790c09baf3996b4979fe8e533446c7dedf30f654c68b25357334c66911dc6a9efalse
                    		high
                    NameSourceMaliciousAntivirus DetectionReputation
                    https://www.rsyslog.comsyslog.55.drfalse
                      		high

                      World Map of Contacted IPs

                      • No. of IPs < 25%
                      • 25% < No. of IPs < 50%
                      • 50% < No. of IPs < 75%
                      • 75% < No. of IPs

                      Public IPs

                      IPDomainCountryFlagASNASN NameMalicious
                      176.65.142.252
                      		unknownGermany
                      		8649WEBTRAFFICDEfalse
                      162.213.35.24
                      		unknownUnited States
                      		41231CANONICAL-ASGBfalse
                      109.202.202.202
                      		unknownSwitzerland
                      		13030INIT7CHfalse
                      91.189.91.43
                      		unknownUnited Kingdom
                      		41231CANONICAL-ASGBfalse
                      91.189.91.42
                      		unknownUnited Kingdom
                      		41231CANONICAL-ASGBfalse

                      Joe Sandbox View / Context

                      IPs

                      MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                      176.65.142.252morte.ppc.elfGet hashmaliciousOkiruBrowse
                        morte.mpsl.elfGet hashmaliciousGafgyt, OkiruBrowse
                          morte.x64.elfGet hashmaliciousGafgyt, OkiruBrowse
                            morte.ppc.elfGet hashmaliciousUnknownBrowse
                              morte.mpsl.elfGet hashmaliciousUnknownBrowse
                                raw_cbot.exeGet hashmaliciousUnknownBrowse
                                  raw_cbot.exeGet hashmaliciousUnknownBrowse
                                    162.213.35.24drea4.elfGet hashmaliciousUnknownBrowse
                                      morte.ppc.elfGet hashmaliciousOkiruBrowse
                                        eehah4.elfGet hashmaliciousUnknownBrowse
                                          efjepc.elfGet hashmaliciousUnknownBrowse
                                            drea4.elfGet hashmaliciousUnknownBrowse
                                              weje64.elfGet hashmaliciousUnknownBrowse
                                                vejfa5.elfGet hashmaliciousUnknownBrowse
                                                  bejv86.elfGet hashmaliciousUnknownBrowse
                                                    Aqua.arm7.elfGet hashmaliciousMiraiBrowse
                                                      efjepc.elfGet hashmaliciousUnknownBrowse
                                                        109.202.202.202kpLwzBouH4.elfGet hashmaliciousUnknownBrowse
                                                        • ch.archive.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_92.0%2bbuild3-0ubuntu0.20.04.1_amd64.deb
                                                        91.189.91.43na.elfGet hashmaliciousPrometeiBrowse
                                                          na.elfGet hashmaliciousPrometeiBrowse
                                                            na.elfGet hashmaliciousPrometeiBrowse
                                                              .i.elfGet hashmaliciousUnknownBrowse
                                                                mpsl.elfGet hashmaliciousMiraiBrowse
                                                                  na.elfGet hashmaliciousPrometeiBrowse
                                                                    na.elfGet hashmaliciousPrometeiBrowse
                                                                      sshd.elfGet hashmaliciousUnknownBrowse
                                                                        na.elfGet hashmaliciousPrometeiBrowse
                                                                          i.elfGet hashmaliciousUnknownBrowse

                                                                            Domains

                                                                            MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                            daisy.ubuntu.comsshd.elfGet hashmaliciousUnknownBrowse
                                                                            • 162.213.35.25
                                                                            arm6.elfGet hashmaliciousMiraiBrowse
                                                                            • 162.213.35.24
                                                                            .i.elfGet hashmaliciousUnknownBrowse
                                                                            • 162.213.35.25
                                                                            drea4.elfGet hashmaliciousUnknownBrowse
                                                                            • 162.213.35.25
                                                                            efea6.elfGet hashmaliciousUnknownBrowse
                                                                            • 162.213.35.25
                                                                            boatnet.ppc.elfGet hashmaliciousMiraiBrowse
                                                                            • 162.213.35.25
                                                                            boatnet.m68k.elfGet hashmaliciousMiraiBrowse
                                                                            • 162.213.35.24
                                                                            boatnet.arm7.elfGet hashmaliciousMiraiBrowse
                                                                            • 162.213.35.25
                                                                            boatnet.x86.elfGet hashmaliciousMiraiBrowse
                                                                            • 162.213.35.25
                                                                            boatnet.sh4.elfGet hashmaliciousMiraiBrowse
                                                                            • 162.213.35.25

                                                                            ASNs

                                                                            MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                            CANONICAL-ASGBna.elfGet hashmaliciousPrometeiBrowse
                                                                            • 91.189.91.42
                                                                            na.elfGet hashmaliciousPrometeiBrowse
                                                                            • 91.189.91.42
                                                                            na.elfGet hashmaliciousPrometeiBrowse
                                                                            • 91.189.91.42
                                                                            .i.elfGet hashmaliciousUnknownBrowse
                                                                            • 91.189.91.42
                                                                            x86.elfGet hashmaliciousMiraiBrowse
                                                                            • 185.125.190.26
                                                                            mpsl.elfGet hashmaliciousMiraiBrowse
                                                                            • 91.189.91.42
                                                                            arm5.elfGet hashmaliciousUnknownBrowse
                                                                            • 185.125.190.26
                                                                            na.elfGet hashmaliciousPrometeiBrowse
                                                                            • 91.189.91.42
                                                                            na.elfGet hashmaliciousPrometeiBrowse
                                                                            • 91.189.91.42
                                                                            na.elfGet hashmaliciousPrometeiBrowse
                                                                            • 185.125.190.26
                                                                            WEBTRAFFICDEmorte.ppc.elfGet hashmaliciousOkiruBrowse
                                                                            • 176.65.142.252
                                                                            morte.mpsl.elfGet hashmaliciousGafgyt, OkiruBrowse
                                                                            • 176.65.142.252
                                                                            morte.x64.elfGet hashmaliciousGafgyt, OkiruBrowse
                                                                            • 176.65.142.252
                                                                            morte.ppc.elfGet hashmaliciousUnknownBrowse
                                                                            • 176.65.142.252
                                                                            morte.mpsl.elfGet hashmaliciousUnknownBrowse
                                                                            • 176.65.142.252
                                                                            file2.bin.exeGet hashmaliciousRHADAMANTHYSBrowse
                                                                            • 176.65.142.216
                                                                            file3.bin.exeGet hashmaliciousRHADAMANTHYSBrowse
                                                                            • 176.65.142.209
                                                                            087296f1dee69c2624b2eddca0f347c520eb5afc96080203.vstm.ps1Get hashmaliciousRHADAMANTHYSBrowse
                                                                            • 176.65.142.209
                                                                            7fbe5fb3ba958a77f17d1d400555809e71d86fe8999830c1.wpd.ps1Get hashmaliciousRHADAMANTHYSBrowse
                                                                            • 176.65.142.216
                                                                            file2.bin.exeGet hashmaliciousRHADAMANTHYSBrowse
                                                                            • 176.65.142.216
                                                                            CANONICAL-ASGBna.elfGet hashmaliciousPrometeiBrowse
                                                                            • 91.189.91.42
                                                                            na.elfGet hashmaliciousPrometeiBrowse
                                                                            • 91.189.91.42
                                                                            na.elfGet hashmaliciousPrometeiBrowse
                                                                            • 91.189.91.42
                                                                            .i.elfGet hashmaliciousUnknownBrowse
                                                                            • 91.189.91.42
                                                                            x86.elfGet hashmaliciousMiraiBrowse
                                                                            • 185.125.190.26
                                                                            mpsl.elfGet hashmaliciousMiraiBrowse
                                                                            • 91.189.91.42
                                                                            arm5.elfGet hashmaliciousUnknownBrowse
                                                                            • 185.125.190.26
                                                                            na.elfGet hashmaliciousPrometeiBrowse
                                                                            • 91.189.91.42
                                                                            na.elfGet hashmaliciousPrometeiBrowse
                                                                            • 91.189.91.42
                                                                            na.elfGet hashmaliciousPrometeiBrowse
                                                                            • 185.125.190.26
                                                                            INIT7CHna.elfGet hashmaliciousPrometeiBrowse
                                                                            • 109.202.202.202
                                                                            na.elfGet hashmaliciousPrometeiBrowse
                                                                            • 109.202.202.202
                                                                            na.elfGet hashmaliciousPrometeiBrowse
                                                                            • 109.202.202.202
                                                                            .i.elfGet hashmaliciousUnknownBrowse
                                                                            • 109.202.202.202
                                                                            mpsl.elfGet hashmaliciousMiraiBrowse
                                                                            • 109.202.202.202
                                                                            na.elfGet hashmaliciousPrometeiBrowse
                                                                            • 109.202.202.202
                                                                            na.elfGet hashmaliciousPrometeiBrowse
                                                                            • 109.202.202.202
                                                                            sshd.elfGet hashmaliciousUnknownBrowse
                                                                            • 109.202.202.202
                                                                            na.elfGet hashmaliciousPrometeiBrowse
                                                                            • 109.202.202.202
                                                                            i.elfGet hashmaliciousUnknownBrowse
                                                                            • 109.202.202.202

                                                                            JA3 Fingerprints

                                                                            No context

                                                                            Dropped Files

                                                                            No context

                                                                            Created / dropped Files

                                                                            Process:/usr/bin/pulseaudio
                                                                            File Type:ASCII text
                                                                            Category:dropped
                                                                            Size (bytes):10
                                                                            Entropy (8bit):2.9219280948873623
                                                                            Encrypted:false
                                                                            SSDEEP:3:5bkPn:pkP
                                                                            MD5:FF001A15CE15CF062A3704CEA2991B5F
                                                                            SHA1:B06F6855F376C3245B82212AC73ADED55DFE5DEF
                                                                            SHA-256:C54830B41ECFA1B6FBDC30397188DDA86B7B200E62AEAC21AE694A6192DCC38A
                                                                            SHA-512:65EBF7C31F6F65713CE01B38A112E97D0AE64A6BD1DA40CE4C1B998F10CD3912EE1A48BB2B279B24493062118AAB3B8753742E2AF28E56A31A7AAB27DE80E7BF
                                                                            Malicious:false
                                                                            Reputation:moderate, very likely benign file
                                                                            Preview:auto_null.
                                                                            Process:/usr/bin/pulseaudio
                                                                            File Type:ASCII text
                                                                            Category:dropped
                                                                            Size (bytes):18
                                                                            Entropy (8bit):3.4613201402110088
                                                                            Encrypted:false
                                                                            SSDEEP:3:5bkrIZsXvn:pkckv
                                                                            MD5:28FE6435F34B3367707BB1C5D5F6B430
                                                                            SHA1:EB8FE2D16BD6BBCCE106C94E4D284543B2573CF6
                                                                            SHA-256:721A37C69E555799B41D308849E8F8125441883AB021B723FED90A9B744F36C0
                                                                            SHA-512:6B6AB7C0979629D0FEF6BE47C5C6BCC367EDD0AAE3FC973F4DE2FD5F0A819C89E7656DB65D453B1B5398E54012B27EDFE02894AD87A7E0AF3A9C5F2EB24A9919
                                                                            Malicious:false
                                                                            Reputation:moderate, very likely benign file
                                                                            Preview:auto_null.monitor.
                                                                            Process:/usr/bin/dbus-daemon
                                                                            File Type:very short file (no magic)
                                                                            Category:dropped
                                                                            Size (bytes):1
                                                                            Entropy (8bit):0.0
                                                                            Encrypted:false
                                                                            SSDEEP:3:V:V
                                                                            MD5:CFCD208495D565EF66E7DFF9F98764DA
                                                                            SHA1:B6589FC6AB0DC82CF12099D1C2D40AB994E8410C
                                                                            SHA-256:5FECEB66FFC86F38D952786C6D696C79C2DBC239DD4E91B46729D73A27FB57E9
                                                                            SHA-512:31BCA02094EB78126A517B206A88C73CFA9EC6F704C7030D18212CACE820F025F00BF0EA68DBF3F3A5436CA63B53BF7BF80AD8D5DE7D8359D0B7FED9DBC3AB99
                                                                            Malicious:false
                                                                            Reputation:high, very likely benign file
                                                                            Preview:0
                                                                            Process:/usr/sbin/gdm3
                                                                            File Type:ASCII text
                                                                            Category:dropped
                                                                            Size (bytes):5
                                                                            Entropy (8bit):2.321928094887362
                                                                            Encrypted:false
                                                                            SSDEEP:3:k:k
                                                                            MD5:C443E4093AC3588642DA6C2CD6FCC7AD
                                                                            SHA1:49407998F39E7D885F8BFF3FD8F82724B49D5B31
                                                                            SHA-256:F6C7FCCC015F9E0F9773640E6881A877325085642457EB0FBEFD47F7998D8909
                                                                            SHA-512:83D76411B3503B613C266B8B8B869B7C049517CBCF5582B538049A40944CFB4195E2744DDA2FE529B1A5F95F1F2187C216D60405031DC7E4CA487F4591C5D250
                                                                            Malicious:false
                                                                            Reputation:low
                                                                            Preview:6418.
                                                                            Process:/lib/systemd/systemd-journald
                                                                            File Type:ASCII text
                                                                            Category:dropped
                                                                            Size (bytes):199
                                                                            Entropy (8bit):5.3463542986436
                                                                            Encrypted:false
                                                                            SSDEEP:6:SbFuFyLVIg1BAf+M6hDBcaGp1/Rv8jNTZD:qgFq6g1af+MsIpZRv+TZD
                                                                            MD5:439CD5F522D8E24739D41597ADAE2373
                                                                            SHA1:120024505FDC52736428790677BDDF8F5B4B4EB2
                                                                            SHA-256:5D7E1655557EF55858303C2FF43EBED9CAF8A8FDB025CA62C297F6891D134715
                                                                            SHA-512:996F2CFA1FBB9E91434372F3110E889784BDE481AD5FF76F724243100DA50F9DEEF53AFA7DAC1375FFD623F23D3C08338216D05EA10F9E10F326C4267E5472D8
                                                                            Malicious:false
                                                                            Reputation:low
                                                                            Preview:# This is private data. Do not parse.PRIORITY=30.LEVEL_PREFIX=1.FORWARD_TO_SYSLOG=1.FORWARD_TO_KMSG=0.FORWARD_TO_CONSOLE=0.STREAM_ID=0dc3dffc338e408cb0913ca23df1e244.IDENTIFIER=gdm3.UNIT=gdm.service.
                                                                            Process:/lib/systemd/systemd-journald
                                                                            File Type:ASCII text
                                                                            Category:dropped
                                                                            Size (bytes):223
                                                                            Entropy (8bit):5.5068498305357
                                                                            Encrypted:false
                                                                            SSDEEP:3:SbFVVmFyinKMsPOYsn9ms954Hh6SnLAqC+h6KV+h6CQzuxmsKU8xqA6Ud4Flsjsv:SbFuFyLVIg1BG+f+MsP0W2ji4s
                                                                            MD5:8E838863B3D7082696EAC4F29FBD6900
                                                                            SHA1:86FFCC8AA960458F8A970E10B4EA14888BC2258A
                                                                            SHA-256:C5E699FC80AC865A9EAB76FD30BD86B5450001E8FF2D8BA8D08A4DBABC3A20F3
                                                                            SHA-512:08303B713A1C335F2B77FFA234E84CAF0DF57EDBFC43D7A1890213D8C224988FA64A1BA0BF9F04B17AF3E60486562E4A8F062990613105E29C8ADB9A3B29B2FE
                                                                            Malicious:false
                                                                            Reputation:low
                                                                            Preview:# This is private data. Do not parse.PRIORITY=30.LEVEL_PREFIX=1.FORWARD_TO_SYSLOG=0.FORWARD_TO_KMSG=0.FORWARD_TO_CONSOLE=0.STREAM_ID=f3f31ae175eb4d9ea6e4fc94950de72c.IDENTIFIER=journalctl.UNIT=systemd-journal-flush.service.
                                                                            Process:/lib/systemd/systemd-journald
                                                                            File Type:ASCII text
                                                                            Category:dropped
                                                                            Size (bytes):207
                                                                            Entropy (8bit):5.350651703891564
                                                                            Encrypted:false
                                                                            SSDEEP:3:SbFVVmFyinKMsPOYsn9ms954Hh6SnLAqC+h6KV+h6CQzuxm5EIQhHJQhlR+sjs16:SbFuFyLVIg1BG+f+MFcpojosQu
                                                                            MD5:7294479F78334F1D95A1DF87F13769CB
                                                                            SHA1:5A2165508369922AAFFC61098C88E02C1BC017E5
                                                                            SHA-256:457875E3159E98692AC649FFDE178CCCE6332ABBAE69313F51DA4C3E879D01FD
                                                                            SHA-512:FA4B950B16D202A354E8683A1E2D2632B9DA760C8CDA0ECEC3B26F381AE12574AF8D692BC6F65BE2D5D62057B18B72F52737587CC10C1FDF39D1A9B38B7BF5DC
                                                                            Malicious:false
                                                                            Preview:# This is private data. Do not parse.PRIORITY=30.LEVEL_PREFIX=1.FORWARD_TO_SYSLOG=0.FORWARD_TO_KMSG=0.FORWARD_TO_CONSOLE=0.STREAM_ID=369458bcd53c4e50aba3dd45e8c0ee50.IDENTIFIER=dbus-daemon.UNIT=dbus.service.
                                                                            Process:/lib/systemd/systemd-journald
                                                                            File Type:ASCII text
                                                                            Category:dropped
                                                                            Size (bytes):200
                                                                            Entropy (8bit):5.418299435227021
                                                                            Encrypted:false
                                                                            SSDEEP:6:SbFuFyLVK6g7/+BG+f+MocQAEAajl6O22jFmzXvn:qgFqo6g7/+0+f+MocVEAgsO2EQXvn
                                                                            MD5:6143D7FA3E624161F7600057D3016535
                                                                            SHA1:721DEA3FEDA8D6F8E1241C7A1E48D74F93B36005
                                                                            SHA-256:F72AD5B866BA4A8BCCE34B7C582ABD00DF69D821F28D000F51A21F55F4F53D5E
                                                                            SHA-512:DA261C5F2980558E46CC0D8D5F8F9C8A4BA4FFBF6E959014D9A391BBB2AB0E69CBA6149C2AFB42AC0E127898E21DC834C3E40E6AFF1B4639474A12F98DA903B3
                                                                            Malicious:false
                                                                            Preview:# This is private data. Do not parse.PRIORITY=6.LEVEL_PREFIX=0.FORWARD_TO_SYSLOG=0.FORWARD_TO_KMSG=0.FORWARD_TO_CONSOLE=0.STREAM_ID=bee38170ce2148ac8d45a4facbb70028.IDENTIFIER=org.gnome.Shell.desktop.
                                                                            Process:/lib/systemd/systemd-journald
                                                                            File Type:ASCII text
                                                                            Category:dropped
                                                                            Size (bytes):200
                                                                            Entropy (8bit):5.4253627027114
                                                                            Encrypted:false
                                                                            SSDEEP:6:SbFuFyLVI6g7/+BG+f+M4Z3ERQQ0jFmzXvn:qgFqdg7/+0+f+M4WQPQXvn
                                                                            MD5:E1992A038A793D25FE4A1CE53AC85BB2
                                                                            SHA1:33F50224FEAF5DF7C74A81B7B3E3D05491B77F99
                                                                            SHA-256:BB7DA08A9CB719816BEB1DBF374136F7D3B29C47F6EE2E343394EA46FB3AC9EE
                                                                            SHA-512:B53169CE9360128DE6A1FE5B667682D508CAEB0277F53302B08FCF3CF00E1F9958D3E4F278BDDD93AD297843B1D44AE24D952552FD806C7FA7099F04C97E70B9
                                                                            Malicious:false
                                                                            Preview:# This is private data. Do not parse.PRIORITY=4.LEVEL_PREFIX=0.FORWARD_TO_SYSLOG=0.FORWARD_TO_KMSG=0.FORWARD_TO_CONSOLE=0.STREAM_ID=2956d5e15313425abe159a548907993c.IDENTIFIER=org.gnome.Shell.desktop.
                                                                            Process:/lib/systemd/systemd-journald
                                                                            File Type:ASCII text
                                                                            Category:dropped
                                                                            Size (bytes):208
                                                                            Entropy (8bit):5.358057277889679
                                                                            Encrypted:false
                                                                            SSDEEP:6:SbFuFyLVIg1BG+f+MyNRg9KWRhv8jdCLKzK:qgFq6g10+f+MkC9KWRhvuCLAK
                                                                            MD5:CB8496D6975E5D64DBC0D5076AE7FCC2
                                                                            SHA1:9942710E491A27B98CD947703ECAA69C578A087D
                                                                            SHA-256:28E8652F6422697A6094B936106AE261182C995559F8AD42A1956CC332AF87F2
                                                                            SHA-512:62531DAC7D6345092951ADF382959C1E2100CC0B1182175BF0F15164234F72986E168E7A190B2FF3382EBD1E2824087B0B5312D0C12D3AA31AD85476F4F6A36A
                                                                            Malicious:false
                                                                            Preview:# This is private data. Do not parse.PRIORITY=30.LEVEL_PREFIX=1.FORWARD_TO_SYSLOG=0.FORWARD_TO_KMSG=0.FORWARD_TO_CONSOLE=0.STREAM_ID=8ab4733b50e34dc4a5b02ac3f3bf7477.IDENTIFIER=whoopsie.UNIT=whoopsie.service.
                                                                            Process:/lib/systemd/systemd-journald
                                                                            File Type:ASCII text
                                                                            Category:dropped
                                                                            Size (bytes):188
                                                                            Entropy (8bit):5.36411873465245
                                                                            Encrypted:false
                                                                            SSDEEP:3:SbFVVmFyinKMsPOYsn9ms954Hh6SnLAqC+h6KV+h6CQzuxmuMEDQS3NULmEvA+sh:SbFuFyLVIg1BG+f+Mu8LmG8jtWL0
                                                                            MD5:A8C74339CA835E70804A4A55DB283055
                                                                            SHA1:B3BED22463AA1A52B7A4CACD6D301F8F42883C7A
                                                                            SHA-256:78050E4003DBF2874CDD9A08A0E45FC5843056BE4F7A2256EB15CC7C92089522
                                                                            SHA-512:68D09B5845C1FA076E33CAABA061647B796189A38468BB47CB4D8E553A174A6D97ADE0F1B8E76DF12DC3F2AB36D1D42F763EC02447627AADBE889A51A2BF0C2D
                                                                            Malicious:false
                                                                            Preview:# This is private data. Do not parse.PRIORITY=30.LEVEL_PREFIX=1.FORWARD_TO_SYSLOG=0.FORWARD_TO_KMSG=0.FORWARD_TO_CONSOLE=0.STREAM_ID=d913a53577a44927bee59d8e2fb64f5a.IDENTIFIER=pulseaudio.
                                                                            Process:/lib/systemd/systemd-journald
                                                                            File Type:ASCII text
                                                                            Category:dropped
                                                                            Size (bytes):207
                                                                            Entropy (8bit):5.410676478530351
                                                                            Encrypted:false
                                                                            SSDEEP:6:SbFuFyLVIg1BG+f+M82SRXGAbCA1UjosQu:qgFq6g10+f+M82SxGtbQu
                                                                            MD5:1E2FA93FFB8A2665BE6EAA3BB7430240
                                                                            SHA1:F4B7A067248E0D0B82161675E3C37D50BBD12284
                                                                            SHA-256:7D330E9E790EA5BF484CF75C7C0293C656CB9C6562F991C0DAD810AD788CF26F
                                                                            SHA-512:F539BE0BEFACAAF50069598608AA8D2DACDEC2536C3B0F13EA87699B6F7978244720DAA87C73E0BFE1E4284151E40601A258B06445FAE74E64EC2A74AF7F77E0
                                                                            Malicious:false
                                                                            Preview:# This is private data. Do not parse.PRIORITY=30.LEVEL_PREFIX=1.FORWARD_TO_SYSLOG=0.FORWARD_TO_KMSG=0.FORWARD_TO_CONSOLE=0.STREAM_ID=69b795b2ce374f0fb2aba462eea9fac6.IDENTIFIER=dbus-daemon.UNIT=dbus.service.
                                                                            Process:/lib/systemd/systemd-journald
                                                                            File Type:ASCII text
                                                                            Category:dropped
                                                                            Size (bytes):208
                                                                            Entropy (8bit):5.3837105260294384
                                                                            Encrypted:false
                                                                            SSDEEP:3:SbFVVmFyinKMsPOYsn9ms954Hh6SnLAqC+h6KV+h6CQzuxm/zCwMi17vH+sjsmNm:SbFuFyLVIg1BG+f+MeRi17vHTjdCLKzK
                                                                            MD5:4C4C05964E1150F6C710B0A750A26242
                                                                            SHA1:3E6FD687DF11B3B4D0A4BC75B20F37BA076B7748
                                                                            SHA-256:B50A446C81A91D3BF41ACBE00B97B54CE6409DD4CC50BB258EC11CA444B340B6
                                                                            SHA-512:0F7042FDDD08D53BF99A60873780BE80A44D98A19C4D065888C518103DC126C53B6EF468245048A67148858D7F984C1A144ADDA49336E85EA6AF63869189EAA0
                                                                            Malicious:false
                                                                            Preview:# This is private data. Do not parse.PRIORITY=30.LEVEL_PREFIX=1.FORWARD_TO_SYSLOG=0.FORWARD_TO_KMSG=0.FORWARD_TO_CONSOLE=0.STREAM_ID=524c6afff3334efcb963b5afac1790c2.IDENTIFIER=whoopsie.UNIT=whoopsie.service.
                                                                            Process:/lib/systemd/systemd-journald
                                                                            File Type:ASCII text
                                                                            Category:dropped
                                                                            Size (bytes):220
                                                                            Entropy (8bit):5.491524285987795
                                                                            Encrypted:false
                                                                            SSDEEP:6:SbFuFyLVIg1BG+f+M8ckWABcD8jZcHcljX+:qgFq6g10+f+M81WAqDqmAu
                                                                            MD5:011429B0715147320FA832849165EB30
                                                                            SHA1:E2643E6AE544E2C1D1DC8E38A6201C327FC80472
                                                                            SHA-256:52425EA1BBCA81B6B6FE94E84BCA6C4AFF43E8F37A8E113DFF5CF92EBEB368B8
                                                                            SHA-512:3D881383AF03DB5BF067CCFBF21C203338A141C26593F9EB08BB55665B2E922230F005D26C0BB2306DF0DF4EB123E634D74BA9FCC419A76A3C3C2BE9D8200A41
                                                                            Malicious:false
                                                                            Preview:# This is private data. Do not parse.PRIORITY=30.LEVEL_PREFIX=1.FORWARD_TO_SYSLOG=0.FORWARD_TO_KMSG=0.FORWARD_TO_CONSOLE=0.STREAM_ID=63abdab2a409447282393ef04c5159e3.IDENTIFIER=systemd-logind.UNIT=systemd-logind.service.
                                                                            Process:/lib/systemd/systemd-journald
                                                                            File Type:ASCII text
                                                                            Category:dropped
                                                                            Size (bytes):228
                                                                            Entropy (8bit):5.468757667566975
                                                                            Encrypted:false
                                                                            SSDEEP:6:SbFuFyLVIg1BG+f+MuVHxUGZjdCt/rRMtq:qgFq6g10+f+MMqG3CDL
                                                                            MD5:672C73BAA12037219F997767465348AD
                                                                            SHA1:EFD9DE893B934C3E82236D311D1E3D41D28CEDE4
                                                                            SHA-256:8AE7255310830D45C1180CB0A7BA57CCFFE08478731567C87E71E661CB4F9524
                                                                            SHA-512:253C033A0E91B9796E2067ADAF29A22F0D0E06A1767BCBAA357324AC3D5D6511DB09AF318503A85D2E71082DA22C7AE349AD570A236EF720FE267CF46BAA6249
                                                                            Malicious:false
                                                                            Preview:# This is private data. Do not parse.PRIORITY=30.LEVEL_PREFIX=1.FORWARD_TO_SYSLOG=0.FORWARD_TO_KMSG=0.FORWARD_TO_CONSOLE=0.STREAM_ID=def69c61e0544b6883f507cbc2e4e3a2.IDENTIFIER=whoopsie-upload-all.UNIT=apport-autoreport.service.
                                                                            Process:/lib/systemd/systemd-journald
                                                                            File Type:ASCII text
                                                                            Category:dropped
                                                                            Size (bytes):210
                                                                            Entropy (8bit):5.430088227461947
                                                                            Encrypted:false
                                                                            SSDEEP:3:SbFVVmFyinKMsPOYsn9ms954Hh6SnLCHh6KV+h6CQzuxm8GGDrvHPgVDs22js2Ax:SbFuFyLVIg1BAf+M8lrfPfZjNALyAZD
                                                                            MD5:87888943109B3B31713002A33DE58A2E
                                                                            SHA1:AF485A2A02003F95F4E1E1184564418B4160726D
                                                                            SHA-256:37647FF04E877658052B5B39E2955A0AE97F956CB682CB3FCCF41C13B965A5CC
                                                                            SHA-512:2D32D64C04CA7CF7643CE6E34BD5FA2C53EFB8E39A2F9130673614410F79A4209ACFF2F3A1E83C555964232A7EB4393CC470BBC202078171E2CFA69F9E5B3FF7
                                                                            Malicious:false
                                                                            Preview:# This is private data. Do not parse.PRIORITY=30.LEVEL_PREFIX=1.FORWARD_TO_SYSLOG=1.FORWARD_TO_KMSG=0.FORWARD_TO_CONSOLE=0.STREAM_ID=6ccf31d7317e4e8da92b13c7582a747e.IDENTIFIER=generate-config.UNIT=gdm.service.
                                                                            Process:/lib/systemd/systemd-journald
                                                                            File Type:ASCII text
                                                                            Category:dropped
                                                                            Size (bytes):223
                                                                            Entropy (8bit):5.535027337169449
                                                                            Encrypted:false
                                                                            SSDEEP:3:SbFVVmFyinKMsPOYsn9ms954Hh6SnLAqC+h6KV+h6CQzuxmpdG1VOWuRWDCrqjsv:SbFuFyLVIg1BG+f+MXuVObR/2ji4s
                                                                            MD5:4B6E8519B8003238EA4036EEC85B46D6
                                                                            SHA1:CB39BD7C4FB4F4DFB3E7AFDF10570BDA2AC5383A
                                                                            SHA-256:22D1D1F6BC5DD944AB9D18092C26099A73A4D34FD3B6A78552553F3EF1478CA1
                                                                            SHA-512:5C796C84441E16F4F6C64BAEB0A729EDFF8DD930BEB470832447C244BB174F57D80BB427A5B2F4AC09EFE1277127645234484DD72F61CF61F0FB02BE8AF273AF
                                                                            Malicious:false
                                                                            Preview:# This is private data. Do not parse.PRIORITY=30.LEVEL_PREFIX=1.FORWARD_TO_SYSLOG=0.FORWARD_TO_KMSG=0.FORWARD_TO_CONSOLE=0.STREAM_ID=c075fb4c2d624cec88752843ab43f144.IDENTIFIER=journalctl.UNIT=systemd-journal-flush.service.
                                                                            Process:/lib/systemd/systemd-journald
                                                                            File Type:ASCII text
                                                                            Category:dropped
                                                                            Size (bytes):208
                                                                            Entropy (8bit):5.40103055160221
                                                                            Encrypted:false
                                                                            SSDEEP:3:SbFVVmFyinKMsPOYsn9ms954Hh6SnLAqC+h6KV+h6CQzuxm8BGbDpnRWidBAkhTS:SbFuFyLVIg1BG+f+M8BG2itZjLkGq
                                                                            MD5:569DF5B6F269ECD22EB62517A82B96B2
                                                                            SHA1:4314167C2AAED34858A05AF2A355FB4A677F4306
                                                                            SHA-256:FA670FA58FB011AE5FC2C81FFA2EA69855F88FFD9BC8661DD556D897FF7169D2
                                                                            SHA-512:6F25E95555B6286023D9BB04A0907BF904D5CEF1E6FB7EE630D4692552F1367E5DC1C5A9712B8A3922E2B48365BFBC39B160DDE1FAE02984E38E0A743ABE2BA5
                                                                            Malicious:false
                                                                            Preview:# This is private data. Do not parse.PRIORITY=30.LEVEL_PREFIX=1.FORWARD_TO_SYSLOG=0.FORWARD_TO_KMSG=0.FORWARD_TO_CONSOLE=0.STREAM_ID=6dca3d15061340a2abb43d18d732795d.IDENTIFIER=agetty.UNIT=getty@tty2.service.
                                                                            Process:/lib/systemd/systemd-journald
                                                                            File Type:ASCII text
                                                                            Category:dropped
                                                                            Size (bytes):211
                                                                            Entropy (8bit):5.492056283612731
                                                                            Encrypted:false
                                                                            SSDEEP:3:SbFVVmFyinKMsPOYsn9ms954Hh6SnLCHh6KV+h6CQzuxmuxSAU2dDEglsjs2BbQL:SbFuFyLVIg1BAf+Mucx2KjNdQIeXD
                                                                            MD5:05F26F22B5E9ADC88FE672B9345889E3
                                                                            SHA1:B2CE6776CC881D86254BF0D321C40A8E47F86D5D
                                                                            SHA-256:0F75B42B2415232F9F28DFA35266D935F59EFD1BE5CC32DD737B64D272FA2831
                                                                            SHA-512:3EFBE7B49DBF011885454CB2B82A6598F339C7D462ADDF342AA8CF42ADDA081E2EB25534C8A346189D86DF807C665EFE3CEF5B59B2DFF34A12952A949312BD80
                                                                            Malicious:false
                                                                            Preview:# This is private data. Do not parse.PRIORITY=30.LEVEL_PREFIX=1.FORWARD_TO_SYSLOG=1.FORWARD_TO_KMSG=0.FORWARD_TO_CONSOLE=0.STREAM_ID=da01b6c2565648e6a53919b5b72f2fc1.IDENTIFIER=gdm-wait-for-drm.UNIT=gdm.service.
                                                                            Process:/lib/systemd/systemd-journald
                                                                            File Type:ASCII text
                                                                            Category:dropped
                                                                            Size (bytes):222
                                                                            Entropy (8bit):5.428331068603358
                                                                            Encrypted:false
                                                                            SSDEEP:3:SbFVVmFyinKMsPOYsn9ms954Hh6SnLAqC+h6KV+h6CQzuxm772dCyicaYuqjswxM:SbFuFyLVIg1BG+f+MeUca0jLTTIWTIL
                                                                            MD5:12577DDBF1F5B69871C35BE06FFB76D2
                                                                            SHA1:032C3A08AAC25267A81AAB8838ECBE75CD979BB4
                                                                            SHA-256:313097883A86973BBA12097FD74853558DC778D4F2FA7618026D512326FACCB1
                                                                            SHA-512:81B135F3BF7538C0DD624777F2F9C8C230B91B1013EE3A85E533AEFA24A09BA33B1F6967DFADC773565DA3F76891EFA568A27C263F7041D121F77CABE28D71C1
                                                                            Malicious:false
                                                                            Preview:# This is private data. Do not parse.PRIORITY=30.LEVEL_PREFIX=1.FORWARD_TO_SYSLOG=0.FORWARD_TO_KMSG=0.FORWARD_TO_CONSOLE=0.STREAM_ID=11c60f89f8414e24abc4b867ecc4294d.IDENTIFIER=accounts-daemon.UNIT=accounts-daemon.service.
                                                                            Process:/lib/systemd/systemd-journald
                                                                            File Type:ASCII text
                                                                            Category:dropped
                                                                            Size (bytes):205
                                                                            Entropy (8bit):5.44252057243024
                                                                            Encrypted:false
                                                                            SSDEEP:6:SbFuFyLVIg1BG+f+M8BUdUTDNHC5qjbVC:qgFq6g10+f+M8BUdUTRHC1
                                                                            MD5:A9A4153446385F16B8BBA978323013C3
                                                                            SHA1:4BE15533D9F990EE4E44B784382AFFB8A4A504C5
                                                                            SHA-256:71C669B469FD1DD567A2B81C8E17E11ADBE700DF3AC8497F106DECF84747BF2D
                                                                            SHA-512:66145D3D35000157073D99FB7EA9A61110C529C83B3C7D689E06CB53F210FCBBC836A129F87D9D6A37CB92FDB7BE0C35EA8A75C8CBC6BA6A0FEFD163DE7161CF
                                                                            Malicious:false
                                                                            Preview:# This is private data. Do not parse.PRIORITY=30.LEVEL_PREFIX=1.FORWARD_TO_SYSLOG=0.FORWARD_TO_KMSG=0.FORWARD_TO_CONSOLE=0.STREAM_ID=6d182df9fc1b48ef9290faf7b45b6a33.IDENTIFIER=polkitd.UNIT=polkit.service.
                                                                            Process:/lib/systemd/systemd-journald
                                                                            File Type:ASCII text
                                                                            Category:dropped
                                                                            Size (bytes):195
                                                                            Entropy (8bit):5.414716303876545
                                                                            Encrypted:false
                                                                            SSDEEP:6:SbFuFyLVK6g7/+BG+f+MOUR+WGEzc2jNq:qgFqo6g7/+0+f+M7RpBzJq
                                                                            MD5:EAD18847883E31ABAEA992A1036C4CF3
                                                                            SHA1:AACCA453D381D8ABCAFFA03D33E0081CAC29C10A
                                                                            SHA-256:B832A108EDBEA5C8846A4DFE5BDE8056675915E09F83FCD5E731CD0CC3FAC202
                                                                            SHA-512:B40536BE6A70F41A15E3336BF83E992D754640D33200DF602C94CDF949BBD433F030C59BE5590850BF733DE32ED91ADB6B2ACB83AA947E90F543D1B757382DF1
                                                                            Malicious:false
                                                                            Preview:# This is private data. Do not parse.PRIORITY=6.LEVEL_PREFIX=0.FORWARD_TO_SYSLOG=0.FORWARD_TO_KMSG=0.FORWARD_TO_CONSOLE=0.STREAM_ID=e3dd1864252c4c23b159a3184ea24eb2.IDENTIFIER=gdm-session-worker.
                                                                            Process:/lib/systemd/systemd-journald
                                                                            File Type:ASCII text
                                                                            Category:dropped
                                                                            Size (bytes):195
                                                                            Entropy (8bit):5.399743562653243
                                                                            Encrypted:false
                                                                            SSDEEP:3:SbFVVmFyinKMsPOfvP69ms947z+h6SnLAqC+h6KV+h6CQzuxmru/gAM8kBAOQVJq:SbFuFyLVI6g7/+BG+f+MaIAMHiOEjNq
                                                                            MD5:9F8D0943AAC22AEB781383AC8EF0D41F
                                                                            SHA1:1821DBC0A1EAB3B51DBAF0B930E35AFD7F5706E3
                                                                            SHA-256:4EC97AB705D1F668944AA667CB13BCF2D54A1918358C3A1589DC3DBE99C736BB
                                                                            SHA-512:E43538433317862AF661C30E650050A088185DFDBF0A8F85B12785A1E57B0C1EF0738875451EED5225706D269FBF5FF2F338587BE89C3182400C16AEBC0A84CC
                                                                            Malicious:false
                                                                            Preview:# This is private data. Do not parse.PRIORITY=4.LEVEL_PREFIX=0.FORWARD_TO_SYSLOG=0.FORWARD_TO_KMSG=0.FORWARD_TO_CONSOLE=0.STREAM_ID=a308543b3bef445fa4d7ce4c2f750894.IDENTIFIER=gdm-session-worker.
                                                                            Process:/lib/systemd/systemd-journald
                                                                            File Type:ASCII text
                                                                            Category:dropped
                                                                            Size (bytes):210
                                                                            Entropy (8bit):5.552625173223969
                                                                            Encrypted:false
                                                                            SSDEEP:6:SbFuFyLVK6g7/+BG+f+M4kRZGZrqjFQMzKaBu:qgFqo6g7/+0+f+M4k44Tmh
                                                                            MD5:93A5CA08BFC3B264FC665601F87F16F8
                                                                            SHA1:BAB7C30538EFBB5D1966ECA2149B5768C3DD762A
                                                                            SHA-256:B1606AF1730F986FF9427BE7A9B19BA7592167A0CC38E676FF4F8EB5BD633F55
                                                                            SHA-512:ECF2B7F4AA889C2C76C01B25290BAB6AAA81056EB180BB2E8F2275D341707C6A055532036D44F46E2BC71E7A0ED5E0E369E1AC70213E835F83DF39C78C7D2562
                                                                            Malicious:false
                                                                            Preview:# This is private data. Do not parse.PRIORITY=6.LEVEL_PREFIX=0.FORWARD_TO_SYSLOG=0.FORWARD_TO_KMSG=0.FORWARD_TO_CONSOLE=0.STREAM_ID=2c5bd94f7d614f488e99f1d4c06bb2e5.IDENTIFIER=/usr/lib/gdm3/gdm-wayland-session.
                                                                            Process:/lib/systemd/systemd-journald
                                                                            File Type:ASCII text
                                                                            Category:dropped
                                                                            Size (bytes):210
                                                                            Entropy (8bit):5.544960218583793
                                                                            Encrypted:false
                                                                            SSDEEP:6:SbFuFyLVI6g7/+BG+f+MAweTjA9jFQMzKaBu:qgFqdg7/+0+f+MNe4DTmh
                                                                            MD5:E58C671AB3E00E9D486B0E1F56AB4605
                                                                            SHA1:563FA9E60455D4A315C2A8AE8923ED35CC1ED14A
                                                                            SHA-256:F7EC901160F260C2F0FDD6AC5AF51422FE07865FEE947E70A614D777F1AE4A49
                                                                            SHA-512:31313C1FB3CBCECD0D7AF397C78EC1B5E6D9BC135AD98AEAFACCEAB54F8C74F97D48A619DF7181EE24136637A1431AE1543CA04CD2F9CDECA94BCAD2DDA2DE83
                                                                            Malicious:false
                                                                            Preview:# This is private data. Do not parse.PRIORITY=4.LEVEL_PREFIX=0.FORWARD_TO_SYSLOG=0.FORWARD_TO_KMSG=0.FORWARD_TO_CONSOLE=0.STREAM_ID=5c1af17b904e4ee5b383cbc3f86db259.IDENTIFIER=/usr/lib/gdm3/gdm-wayland-session.
                                                                            Process:/lib/systemd/systemd-journald
                                                                            File Type:ASCII text
                                                                            Category:dropped
                                                                            Size (bytes):189
                                                                            Entropy (8bit):5.32250125041281
                                                                            Encrypted:false
                                                                            SSDEEP:3:SbFVVmFyinKMsPOYsn9ms954Hh6SnLAqC+h6KV+h6CQzuxmu0Xd31Vc1QYrqjs16:SbFuFyLVIg1BG+f+MuWVc1+joa
                                                                            MD5:00D9B6A1AB32B09FF1AFDBAA9471D042
                                                                            SHA1:08CC9374888B9F9151363C0D9E5C6BAD22491FC4
                                                                            SHA-256:B3A3ED859962413BE3DB502197F5A3B1B405BCE7B22E8C20BF8F7E15FC10B662
                                                                            SHA-512:F2B505CD86364E423CD6F4D2F108086F2A9AC14073260771A03706CE723E4D6C0C16CD11018FFF53F29BC2B09AE05C91FB2DD5ADFDB64ACD88779064705405B9
                                                                            Malicious:false
                                                                            Preview:# This is private data. Do not parse.PRIORITY=30.LEVEL_PREFIX=1.FORWARD_TO_SYSLOG=0.FORWARD_TO_KMSG=0.FORWARD_TO_CONSOLE=0.STREAM_ID=d7db88bddbb648fb865a65e65315a578.IDENTIFIER=dbus-daemon.
                                                                            Process:/lib/systemd/systemd-journald
                                                                            File Type:ASCII text
                                                                            Category:dropped
                                                                            Size (bytes):188
                                                                            Entropy (8bit):5.333749022181457
                                                                            Encrypted:false
                                                                            SSDEEP:3:SbFVVmFyinKMsPOYsn9ms954Hh6SnLAqC+h6KV+h6CQzuxmzl6QVVUT7hTjshQJT:SbFuFyLVIg1BG+f+MZ6QV4hTjtWL0
                                                                            MD5:7BC460ECBEFF26A613A067C278FC3B3E
                                                                            SHA1:7E52FA220C0A07EB2C506125F2D58B5CA00E1C54
                                                                            SHA-256:4D42568C5B5A3521F94E0F8175246521733B1D61358752952585AE9F57207536
                                                                            SHA-512:8B7E16AD85DEAFA3324AD17E214DFD307DC673375BD6D0F9753A14DF7D3AB5D9FE3A85095616FF8A0CB616D6EECB4281DA1EBB7ED64B2277849587127E577AB7
                                                                            Malicious:false
                                                                            Preview:# This is private data. Do not parse.PRIORITY=30.LEVEL_PREFIX=1.FORWARD_TO_SYSLOG=0.FORWARD_TO_KMSG=0.FORWARD_TO_CONSOLE=0.STREAM_ID=976e81452a63464a960eaf1701123d54.IDENTIFIER=pulseaudio.
                                                                            Process:/lib/systemd/systemd-journald
                                                                            File Type:ASCII text
                                                                            Category:dropped
                                                                            Size (bytes):216
                                                                            Entropy (8bit):5.422949088215939
                                                                            Encrypted:false
                                                                            SSDEEP:3:SbFVVmFyinKMsPOYsn9ms954Hh6SnLAqC+h6KV+h6CQzuxmutWIvdBUmdViO0GvJ:SbFuFyLVIg1BG+f+MutdFimRqjNE
                                                                            MD5:142FEB38736FD5128460308F15C58C7C
                                                                            SHA1:E003A9D42B017FCFC32AA48857017BDD1CCA3B49
                                                                            SHA-256:1857FB140CB5B533C9426E5AE0CB3F685C87703021A90AB84DAE92C1F5C647A2
                                                                            SHA-512:E17B2CEE1F61721ECE010C194CE9AFC9D2E0F1B72960F8075D1A27984A9256130C93EF5EF405898A841854F4CB513D3FE2432F58D39147AABA800EC9409A9DEA
                                                                            Malicious:false
                                                                            Preview:# This is private data. Do not parse.PRIORITY=30.LEVEL_PREFIX=1.FORWARD_TO_SYSLOG=0.FORWARD_TO_KMSG=0.FORWARD_TO_CONSOLE=0.STREAM_ID=d1977c95013143fc8d185080eb418b1c.IDENTIFIER=rtkit-daemon.UNIT=rtkit-daemon.service.
                                                                            Process:/lib/systemd/systemd-logind
                                                                            File Type:ASCII text
                                                                            Category:dropped
                                                                            Size (bytes):116
                                                                            Entropy (8bit):4.957035419463244
                                                                            Encrypted:false
                                                                            SSDEEP:3:SbFVVmFyinKMsuH47rLg205vmLUbr+ugKQ2KwshcXSv:SbFuFyLwH47Pg20ggWunQ2rNXc
                                                                            MD5:66D114877B3B4DB3BDD8A3AD4F5E7421
                                                                            SHA1:62E0CB0F51E0E3F97BE251CB917968DFF69ED344
                                                                            SHA-256:A922628916A7DDBE2BAA33F421C82250527EA3C28E429749353A1C75C0C18860
                                                                            SHA-512:5651247FA236DCF020A3C8456E4A9A74A85C5B9B3CCE94A3CF8F85FD4D66465C9F97DF7A1822E6CA4553C02BE149F3021D58DCC0C8CB6DCF37F915BD0A158187
                                                                            Malicious:false
                                                                            Preview:# This is private data. Do not parse..IS_SEAT0=1.CAN_MULTI_SESSION=1.CAN_TTY=1.CAN_GRAPHICAL=0.SESSIONS=c1.UIDS=127.
                                                                            Process:/lib/systemd/systemd-logind
                                                                            File Type:ASCII text
                                                                            Category:dropped
                                                                            Size (bytes):95
                                                                            Entropy (8bit):4.921230646592726
                                                                            Encrypted:false
                                                                            SSDEEP:3:SbFVVmFyinKMsuH47rLg205vmLUbr+v:SbFuFyLwH47Pg20ggWv
                                                                            MD5:BE58CCABC942125F5E27AF6EB1BA2F88
                                                                            SHA1:07C20F55E36EE48869B223B8FC4DBC227C7353AC
                                                                            SHA-256:551B1D1C8E5953D5D0CF49C83C1568E2FBEF8BDDB69903B3DA82240B777B4629
                                                                            SHA-512:E5A270995FDE80530927E0BACD3BF76EE820C968AABD55D2E34579326F388AFD6DE7FB8C5D54F69D3F6AC30A5B587FD3B0456FC60326E7DF4F45789A900D046C
                                                                            Malicious:false
                                                                            Preview:# This is private data. Do not parse..IS_SEAT0=1.CAN_MULTI_SESSION=1.CAN_TTY=1.CAN_GRAPHICAL=0.
                                                                            Process:/lib/systemd/systemd-logind
                                                                            File Type:ASCII text
                                                                            Category:dropped
                                                                            Size (bytes):282
                                                                            Entropy (8bit):5.288775011496968
                                                                            Encrypted:false
                                                                            SSDEEP:6:SbFuFyL3BVgVuR257iesnAir/0Ixff6z0gbTN2thQc2pb02/g2p9rwB:qgFq30VuR8L/ibBngcthQHtPYq9M
                                                                            MD5:651F02ED1BB10B308B254D38C0252645
                                                                            SHA1:56457A6586B0CE502EDCFFE886CAD59C783154E3
                                                                            SHA-256:FC212366B226CB4D8071E96D69762B1BBF207E787020430448F58348ED50DA0B
                                                                            SHA-512:4198625AC5CD313093B1F30AD336E9F0B4155629C6C7C2A6E1A1978DFC26274748753C7C0B77D7A17BBB975D42B1ABECD1B94E9288B78DA453FC9F00EABA3293
                                                                            Malicious:false
                                                                            Preview:# This is private data. Do not parse..NAME=gdm.STATE=opening.STOPPING=no.RUNTIME=/run/user/127.SERVICE_JOB=/org/freedesktop/systemd1/job/12409.REALTIME=1742732312133845.MONOTONIC=450328129.SESSIONS=c1.SEATS=seat0.ACTIVE_SESSIONS=.ONLINE_SESSIONS=c1.ACTIVE_SEATS=.ONLINE_SEATS=seat0.
                                                                            Process:/lib/systemd/systemd-logind
                                                                            File Type:ASCII text
                                                                            Category:dropped
                                                                            Size (bytes):282
                                                                            Entropy (8bit):5.288775011496968
                                                                            Encrypted:false
                                                                            SSDEEP:6:SbFuFyL3BVgVuR257iesnAir/0Ixff6z0gbTN2thQc2pb02/g2p9rwB:qgFq30VuR8L/ibBngcthQHtPYq9M
                                                                            MD5:651F02ED1BB10B308B254D38C0252645
                                                                            SHA1:56457A6586B0CE502EDCFFE886CAD59C783154E3
                                                                            SHA-256:FC212366B226CB4D8071E96D69762B1BBF207E787020430448F58348ED50DA0B
                                                                            SHA-512:4198625AC5CD313093B1F30AD336E9F0B4155629C6C7C2A6E1A1978DFC26274748753C7C0B77D7A17BBB975D42B1ABECD1B94E9288B78DA453FC9F00EABA3293
                                                                            Malicious:false
                                                                            Preview:# This is private data. Do not parse..NAME=gdm.STATE=opening.STOPPING=no.RUNTIME=/run/user/127.SERVICE_JOB=/org/freedesktop/systemd1/job/12409.REALTIME=1742732312133845.MONOTONIC=450328129.SESSIONS=c1.SEATS=seat0.ACTIVE_SESSIONS=.ONLINE_SESSIONS=c1.ACTIVE_SEATS=.ONLINE_SEATS=seat0.
                                                                            Process:/lib/systemd/systemd-logind
                                                                            File Type:ASCII text
                                                                            Category:dropped
                                                                            Size (bytes):223
                                                                            Entropy (8bit):5.444752032886868
                                                                            Encrypted:false
                                                                            SSDEEP:6:SbFuFyL3BVgdL87ynAir/0Ixff6tzgbTWt6p:qgFq30dABibBCguIp
                                                                            MD5:3C19ABA0F8028CD1B5164AAC4EE91F35
                                                                            SHA1:2FB292C46F4328DDED0F1DF937B15CEA54D7C6D5
                                                                            SHA-256:EEA2525DD7AEB3012EF6178ABAA31BD6681A72CB91E264DB32A82E3AC04A7AFE
                                                                            SHA-512:7DE9A6553F193CF777C3DB86D6BA498AB8E73891A6E7C9136D704DA4E22C6FA52324461BD70C25B3533B758DB89DE9F4D0FD3C0C575D8EBE8078BA70774F2898
                                                                            Malicious:false
                                                                            Preview:# This is private data. Do not parse..NAME=gdm.STATE=closing.STOPPING=yes.RUNTIME=/run/user/127.SERVICE_JOB=/org/freedesktop/systemd1/job/12471.REALTIME=1742732312133845.MONOTONIC=450328129.LAST_SESSION_TIMESTAMP=450485227.
                                                                            Process:/lib/systemd/systemd-logind
                                                                            File Type:ASCII text
                                                                            Category:dropped
                                                                            Size (bytes):174
                                                                            Entropy (8bit):5.29474335713088
                                                                            Encrypted:false
                                                                            SSDEEP:3:SbFVVmFyinKMs5BuSgdNR2sKiYiesnAv/XSHxJgbTD54qxtxi206qodLb:SbFuFyL3BVgdL87iesnAiRJgbTWt6p
                                                                            MD5:3F417BC0FB5EC24789BAEF1071F4EB4E
                                                                            SHA1:1310A9E0593C1067B2758F6BD4B65CF198F40E16
                                                                            SHA-256:DCF8ED27F97A57C15CD7C69EB8DA0BCC40E58A77E81E067E75BEE4F51FB61032
                                                                            SHA-512:A2B7003130FDDA4208D181F9ABD9AE4490FE32AA16E9335EBE8B67E933E06E0155F7DBB8E5BD06323D08D53B8EB2713D5FB0FDCE5AFC4E8D2AA9B13953EFDA5A
                                                                            Malicious:false
                                                                            Preview:# This is private data. Do not parse..NAME=gdm.STATE=closing.STOPPING=no.RUNTIME=/run/user/127.REALTIME=1742732312133845.MONOTONIC=450328129.LAST_SESSION_TIMESTAMP=450485227.
                                                                            Process:/lib/systemd/systemd-logind
                                                                            File Type:ASCII text
                                                                            Category:dropped
                                                                            Size (bytes):188
                                                                            Entropy (8bit):4.928997328913428
                                                                            Encrypted:false
                                                                            SSDEEP:3:SbFVVmFyinKMs5BuSgVuMI2sKiYiesnAv/XS12K2hwEY8mTQ2pJi22sQ2KkmD2pi:SbFuFyL3BVgVuR257iesnAi12thQc2p4
                                                                            MD5:065A3AD1A34A9903F536410ECA748105
                                                                            SHA1:21CD684DF60D569FA96EEEB66A0819EAC1B2B1A4
                                                                            SHA-256:E80554BF0FF4E32C61D4FA3054F8EFB27A26F1C37C91AE4EA94445C400693941
                                                                            SHA-512:DB3C42E893640BAEE9F0001BDE6E93ED40CC33198AC2B47328F577D3C71E2C2E986AAAFEF5BD8ADBC639B5C24ADF715D87034AE24B697331FF6FEC5962630064
                                                                            Malicious:false
                                                                            Preview:# This is private data. Do not parse..NAME=gdm.STATE=opening.STOPPING=no.RUNTIME=/run/user/127.SESSIONS=c1.SEATS=seat0.ACTIVE_SESSIONS=.ONLINE_SESSIONS=c1.ACTIVE_SEATS=.ONLINE_SEATS=seat0.
                                                                            Process:/lib/systemd/systemd-logind
                                                                            File Type:ASCII text
                                                                            Category:dropped
                                                                            Size (bytes):223
                                                                            Entropy (8bit):5.444752032886868
                                                                            Encrypted:false
                                                                            SSDEEP:6:SbFuFyL3BVgdL87ynAir/0Ixff6tzgbTWt6p:qgFq30dABibBCguIp
                                                                            MD5:3C19ABA0F8028CD1B5164AAC4EE91F35
                                                                            SHA1:2FB292C46F4328DDED0F1DF937B15CEA54D7C6D5
                                                                            SHA-256:EEA2525DD7AEB3012EF6178ABAA31BD6681A72CB91E264DB32A82E3AC04A7AFE
                                                                            SHA-512:7DE9A6553F193CF777C3DB86D6BA498AB8E73891A6E7C9136D704DA4E22C6FA52324461BD70C25B3533B758DB89DE9F4D0FD3C0C575D8EBE8078BA70774F2898
                                                                            Malicious:false
                                                                            Preview:# This is private data. Do not parse..NAME=gdm.STATE=closing.STOPPING=yes.RUNTIME=/run/user/127.SERVICE_JOB=/org/freedesktop/systemd1/job/12471.REALTIME=1742732312133845.MONOTONIC=450328129.LAST_SESSION_TIMESTAMP=450485227.
                                                                            Process:/usr/bin/pulseaudio
                                                                            File Type:ASCII text
                                                                            Category:dropped
                                                                            Size (bytes):5
                                                                            Entropy (8bit):1.9219280948873623
                                                                            Encrypted:false
                                                                            SSDEEP:3:P:P
                                                                            MD5:2919E01C70E68339BF676A2F50F70362
                                                                            SHA1:E8A645893EB435BE4FFD4DB4DD1E4CCB2F63B68A
                                                                            SHA-256:9EF6515F0EBA785D8671BDFF76361D85DF76D337D284A65D8F94916A3299E615
                                                                            SHA-512:47E77F42433F1992FE786D197DE09FED44CD2580ED038B1F6296CAFA26A8A9DC484571F77DA151F5BA5EBAA27636765CE4B8FE25A038694D5723C2517BF64117
                                                                            Malicious:false
                                                                            Preview:6477.
                                                                            Process:/sbin/agetty
                                                                            File Type:data
                                                                            Category:dropped
                                                                            Size (bytes):384
                                                                            Entropy (8bit):0.6670868467684749
                                                                            Encrypted:false
                                                                            SSDEEP:3:+61sXlXEWtl/jZUl/ll:TQ+ylLa/
                                                                            MD5:7C7FE6F469CCFAAD1D7CAE58D9AF594B
                                                                            SHA1:367BAD65CB8FC74E497E2F79D3F74D728E58E1E6
                                                                            SHA-256:D6015D344C34932445D330C9F92A3F7408391B0F8D90CE0555F3DC3073F6366E
                                                                            SHA-512:3DE4E4B3643E1E276C16981C546A7DA63CBA8C2E7C7E7F160B1E440E6BE45C566C0BE708837FD91FC9A32DBE79CF972EE1073525BB901BEE15ED37A6AFA54CEB
                                                                            Malicious:false
                                                                            Preview:........tty2.tty2.......................tty2LOGIN......................................................................................................................................................................................................................................................................................................gN.......................................
                                                                            Process:/tmp/morte.m68k.elf
                                                                            File Type:data
                                                                            Category:dropped
                                                                            Size (bytes):20
                                                                            Entropy (8bit):3.6841837197791887
                                                                            Encrypted:false
                                                                            SSDEEP:3:TgnRACdOw5:TgnRARC
                                                                            MD5:2DDDAFE67DAC89013EC667D94670D5C6
                                                                            SHA1:5EC0B3118235A4AC652DA1DF859F7D3E7E327E03
                                                                            SHA-256:8A2ED2EFB48F8A309D99C9F15198C0FB52249098238E5A6CF0AC0EED3B9507D9
                                                                            SHA-512:6B63656786D5FAF8C513E3DDF693ADF25F5C043D2F3A0F8797F010DA86270A38EA6C548CE3C1787264268E3D3D22A4A267ECEF4248B6E2A85B14F2E23E6547C6
                                                                            Malicious:false
                                                                            Preview:/tmp/morte.m68k.elf.
                                                                            Process:/usr/lib/accountsservice/accounts-daemon
                                                                            File Type:ASCII text
                                                                            Category:dropped
                                                                            Size (bytes):61
                                                                            Entropy (8bit):4.66214589518167
                                                                            Encrypted:false
                                                                            SSDEEP:3:urzMQvNT+PzKLrAan4R8AKn:gzMQIzKLrAa4M
                                                                            MD5:542BA3FB41206AE43928AF1C5E61FEBC
                                                                            SHA1:F56F574DAF50D609526B36B5B54FDD59EA4D6A26
                                                                            SHA-256:730D9509D4EAA7266829A8F5A8CFEBA6BBDDD5873FC2BD580AD464F4A237E11A
                                                                            SHA-512:D774B8F191A5C65228D1B3CA1181701CFCD07A3D91C5571B0DDF32AD3E241C2D7BDFC0697AB97DC10441EF9CDC8AEE5B19BC34E13E5C8B0B91AD06EEF42F5AEA
                                                                            Malicious:false
                                                                            Preview:[User].XSession=.Icon=/var/lib/gdm3/.face.SystemAccount=true.
                                                                            Process:/usr/bin/gpu-manager
                                                                            File Type:ASCII text
                                                                            Category:dropped
                                                                            Size (bytes):25
                                                                            Entropy (8bit):2.7550849518197795
                                                                            Encrypted:false
                                                                            SSDEEP:3:JoT/V9fDVbn:M/V3n
                                                                            MD5:078760523943E160756979906B85FB5E
                                                                            SHA1:0962643266F4C5537F7D125046F28F21D6DD0C89
                                                                            SHA-256:048416AC7A9A99690B8B53718CD39F32F637B55CC8DD8E67E58E5AEF060DD41C
                                                                            SHA-512:DEFAAE8F8B54C61A716A0B0B4884358FEB8EB44DFEA01AAA5A687FDA7182792B7DEBB34AA840672EB3B40EB59FD0186749E08E47D181786C7FAA8C8F73F0104D
                                                                            Malicious:false
                                                                            Preview:15ad:0405;0000:00:0f:0;1.
                                                                            Process:/usr/sbin/rsyslogd
                                                                            File Type:ASCII text
                                                                            Category:dropped
                                                                            Size (bytes):1963
                                                                            Entropy (8bit):4.898288667709807
                                                                            Encrypted:false
                                                                            SSDEEP:24:ptbub4dqKJZ4SJZe935LPL8LUck88Avk8A2+Vm1XD0pYrn7JrbdHrCQU:204KNiJTYoMRvkRfVm1XiYrnNrRHrCn
                                                                            MD5:9F167E615AB745D32432BA48C07CAFE6
                                                                            SHA1:589AB80A18CF50DD12E8BEB5974854960D09DC57
                                                                            SHA-256:BD44598D1CAA290E95035117DAF0A64F2859B07D29A5CC72C84506237E3CA451
                                                                            SHA-512:654D12EDB9D0D68639508FDB538D4476B9493352A1915AA99CACC8F466D4C3DA73365687D79127DFC52FE475196BCFBAC89C8C2618D41B19E88432B055B9B3AF
                                                                            Malicious:false
                                                                            Preview:Mar 23 07:18:15 galassia gdm-launch-environment]: pam_unix(gdm-launch-environment:session): session closed for user gdm.Mar 23 07:18:15 galassia gdm-password]: pam_unix(gdm-password:session): session closed for user saturnino.Mar 23 07:18:16 galassia gdm-password]: pam_systemd(gdm-password:session): Failed to release session: No session '2' known.Mar 23 07:18:17 galassia systemd-logind[6321]: Failed to add user by file name 127, ignoring: Invalid argument.Mar 23 07:18:17 galassia systemd-logind[6321]: Failed to add user by file name 1000, ignoring: Invalid argument.Mar 23 07:18:17 galassia systemd-logind[6321]: User enumeration failed: Invalid argument.Mar 23 07:18:17 galassia systemd-logind[6321]: User of session c2 not known..Mar 23 07:18:17 galassia systemd-logind[6321]: User of session 2 not known..Mar 23 07:18:17 galassia systemd-logind[6321]: User of session c1 not known..Mar 23 07:18:17 galassia systemd-logind[6321]: Session enumeration failed: No such file or directory.Mar 23 0
                                                                            Process:/usr/bin/gpu-manager
                                                                            File Type:ASCII text
                                                                            Category:dropped
                                                                            Size (bytes):1371
                                                                            Entropy (8bit):4.8296848499188485
                                                                            Encrypted:false
                                                                            SSDEEP:24:wPXXX9uV6BNu3WDF3GF3XFFxFFed2uk2HUvJlfWkpPpx7uvvAdow9555cJz:wPXXXe6vejpeC2HUR5WkpPpcvAdow95O
                                                                            MD5:3AF77E630DA00B3BE24F4E8AA5D78B13
                                                                            SHA1:BCF2D99E002F6DE2413A183227B011CFBEF5673D
                                                                            SHA-256:EB1CBBA20845237B4409274D693FEAE13F835274DA3337B7A9D14F4D7FDF9DEA
                                                                            SHA-512:8524B1E8A761F962B32F396812099B9B0B2DCF3C9FCA8605424753CFCFF4DC67EDC5EE1D8C91B9C0ED7FAE6BB1E752898B8D514B7C421D1839D6FEDA609C593C
                                                                            Malicious:false
                                                                            Preview:log_file: /var/log/gpu-manager.log.last_boot_file: /var/lib/ubuntu-drivers-common/last_gfx_boot.new_boot_file: /var/lib/ubuntu-drivers-common/last_gfx_boot.can't access /run/u-d-c-nvidia-was-loaded file.can't get module info via kmodcan't access /opt/amdgpu-pro/bin/amdgpu-pro-px.Looking for nvidia modules in /lib/modules/5.4.0-72-generic/kernel.Looking for nvidia modules in /lib/modules/5.4.0-72-generic/updates/dkms.Looking for amdgpu modules in /lib/modules/5.4.0-72-generic/kernel.Looking for amdgpu modules in /lib/modules/5.4.0-72-generic/updates/dkms.Is nvidia loaded? no.Was nvidia unloaded? no.Is nvidia blacklisted? no.Is intel loaded? no.Is radeon loaded? no.Is radeon blacklisted? no.Is amdgpu loaded? no.Is amdgpu blacklisted? no.Is amdgpu versioned? no.Is amdgpu pro stack? no.Is nouveau loaded? no.Is nouveau blacklisted? no.Is nvidia kernel module available? no.Is amdgpu kernel module available? no.Vendor/Device Id: 15ad:405.BusID "PCI:0@0:15:0".Is boot vga? yes.Error: can't acce
                                                                            Process:/lib/systemd/systemd-journald
                                                                            File Type:data
                                                                            Category:dropped
                                                                            Size (bytes):240
                                                                            Entropy (8bit):1.4261926861171588
                                                                            Encrypted:false
                                                                            SSDEEP:3:F31HlOKMCHZUp/+KMCHZUZ/:F3eS5UIS5U
                                                                            MD5:05BDAD7646D17F299C78F1A4B33F885B
                                                                            SHA1:C5FA9FD1BB39CAF3E866628759123DDF38D04617
                                                                            SHA-256:24F8490DC9D472286AA65F5195784159CB2EFA9245AAC29EBBAE998DF26A28A8
                                                                            SHA-512:AA5607F420DA273FAD78D9596A49D8061BD7911EB7991FCFDDAD071D0F9A3168239E18C0565A281023E61E558AA831DA8C2E6A89D291ECCE19E7D2490D0FAEFE
                                                                            Malicious:false
                                                                            Preview:LPKSHHRH................r../i.O...Ft.2.................................r../i.O...Ft.2.........................................................................................................................................................
                                                                            Process:/lib/systemd/systemd-journald
                                                                            File Type:data
                                                                            Category:dropped
                                                                            Size (bytes):240
                                                                            Entropy (8bit):1.4595260194504922
                                                                            Encrypted:false
                                                                            SSDEEP:3:F31HlI2plt42pVt:F3YB
                                                                            MD5:2C1AB7F8A1A40CA8D1BC8039AEE78903
                                                                            SHA1:8976C3D3DEE01743CF42EE494C9197CED5C6AD74
                                                                            SHA-256:749C5EA37039420EEDBD0188C7D8E9C5ECC3871403DE64339ED39CB35430EA38
                                                                            SHA-512:4784BF593150B9463A94E6543ED5BC2F1EB58349FEACA2147E086BF4702FB1C42CD9B2B0F8F97A19B2E23B63C8EB8B7CE71905CE42F1373FCF111BED45E8DD97
                                                                            Malicious:false
                                                                            Preview:LPKSHHRH.................F....G....X.J#.................................F....G....X.J#........................................................................................................................................................
                                                                            Process:/usr/sbin/rsyslogd
                                                                            File Type:ASCII text, with very long lines (641)
                                                                            Category:dropped
                                                                            Size (bytes):14014
                                                                            Entropy (8bit):4.991600809163
                                                                            Encrypted:false
                                                                            SSDEEP:192:M8r8s6eQ59tXf8MDa+xzxh83uptbtkvdwRCdQ:tG1lDAupl
                                                                            MD5:F17AC3CBA6ED275DA10E223B69AA88E8
                                                                            SHA1:C254CF674609DFF16789B4579D2295BBF6E9A8D8
                                                                            SHA-256:DCD5F401513734CA2CDF556B2470893F8A30553D7D020ABB1459126825B44459
                                                                            SHA-512:62F4B3135BC0548B98B6442CC2430CBAACEADCDA2EF719C86563888EA031E6869B25FDDDE887DF23C8EA31752450357300514A478321AE9B682D3ECE07AB45A2
                                                                            Malicious:false
                                                                            Preview:Mar 23 07:18:03 galassia kernel: [ 419.533227] ------------[ cut here ]------------.Mar 23 07:18:03 galassia kernel: [ 419.533228] kernel_write_unchecked failed with: -512.Mar 23 07:18:03 galassia kernel: [ 419.533246] WARNING: CPU: 1 PID: 6300 at /root/joeboxdriver/monitor/syscall_log.c:76 _log_vprintf+0xb9/0xc0 [monitor].Mar 23 07:18:03 galassia kernel: [ 419.533247] Modules linked in: monitor(OE) md4 cmac cifs libarc4 fscache libdes vmw_vsock_vmci_transport vsock binfmt_misc dm_multipath scsi_dh_rdac scsi_dh_emc scsi_dh_alua vmw_balloon joydev input_leds serio_raw vmw_vmci sch_fq_codel drm parport_pc ppdev lp parport ip_tables x_tables autofs4 btrfs zstd_compress raid10 raid456 async_raid6_recov async_memcpy async_pq async_xor async_tx xor raid6_pq libcrc32c raid1 raid0 multipath linear crct10dif_pclmul crc32_pclmul ghash_clmulni_intel aesni_intel crypto_simd cryptd glue_helper psmouse ahci mptspi vmxnet3 scsi_transport_spi mptscsih libahci mptbase.Mar 23 07:18:03 galassia kerne
                                                                            Process:/usr/sbin/rsyslogd
                                                                            File Type:ASCII text, with very long lines (641)
                                                                            Category:dropped
                                                                            Size (bytes):49010
                                                                            Entropy (8bit):5.104505254257943
                                                                            Encrypted:false
                                                                            SSDEEP:768:2cDeCpq28Aq28Aq289c/Dpl/0nOcwHR9L42asaZCuEDlpD9b/Bm8+PS4EVf3DLaJ:2cDdsSuqEB
                                                                            MD5:90C9F07702FEDA1D3C2ED9463C376481
                                                                            SHA1:4F5C115926E1BD8FF108D582114A6DD9AE29F282
                                                                            SHA-256:96CCD589B4B00363CF046BBA1874D87B855F3503E4FCDDC07F39B516065ADDC5
                                                                            SHA-512:BD9D9FCBB78C1B881CA5E70636E2EAFC17A9282C888C90883CF68B96BC7AA4F8AE9706AE167938509C618248884B94B3923CC6B1FDE8B27A1C161A7C6DC58FA7
                                                                            Malicious:false
                                                                            Preview:Mar 23 07:18:03 galassia kernel: [ 419.530737] systemd[1]: rsyslog.service: Main process exited, code=killed, status=9/KILL.Mar 23 07:18:03 galassia kernel: [ 419.530812] systemd[1]: rsyslog.service: Failed with result 'signal'..Mar 23 07:18:03 galassia kernel: [ 419.533227] ------------[ cut here ]------------.Mar 23 07:18:03 galassia kernel: [ 419.533228] kernel_write_unchecked failed with: -512.Mar 23 07:18:03 galassia kernel: [ 419.533246] WARNING: CPU: 1 PID: 6300 at /root/joeboxdriver/monitor/syscall_log.c:76 _log_vprintf+0xb9/0xc0 [monitor].Mar 23 07:18:03 galassia kernel: [ 419.533247] Modules linked in: monitor(OE) md4 cmac cifs libarc4 fscache libdes vmw_vsock_vmci_transport vsock binfmt_misc dm_multipath scsi_dh_rdac scsi_dh_emc scsi_dh_alua vmw_balloon joydev input_leds serio_raw vmw_vmci sch_fq_codel drm parport_pc ppdev lp parport ip_tables x_tables autofs4 btrfs zstd_compress raid10 raid456 async_raid6_recov async_memcpy async_pq async_xor async_tx xor raid6_pq lib
                                                                            Process:/sbin/agetty
                                                                            File Type:data
                                                                            Category:dropped
                                                                            Size (bytes):384
                                                                            Entropy (8bit):0.6670868467684749
                                                                            Encrypted:false
                                                                            SSDEEP:3:+61sXlXEWtl/jZUl/ll:TQ+ylLa/
                                                                            MD5:7C7FE6F469CCFAAD1D7CAE58D9AF594B
                                                                            SHA1:367BAD65CB8FC74E497E2F79D3F74D728E58E1E6
                                                                            SHA-256:D6015D344C34932445D330C9F92A3F7408391B0F8D90CE0555F3DC3073F6366E
                                                                            SHA-512:3DE4E4B3643E1E276C16981C546A7DA63CBA8C2E7C7E7F160B1E440E6BE45C566C0BE708837FD91FC9A32DBE79CF972EE1073525BB901BEE15ED37A6AFA54CEB
                                                                            Malicious:true
                                                                            Preview:........tty2.tty2.......................tty2LOGIN......................................................................................................................................................................................................................................................................................................gN.......................................

                                                                            Static File Info

                                                                            General

                                                                            File type:ELF 32-bit MSB executable, Motorola m68k, 68020, version 1 (SYSV), statically linked, stripped
                                                                            Entropy (8bit):5.759657426101944
                                                                            TrID:
                                                                            • ELF Executable and Linkable format (generic) (4004/1) 100.00%
                                                                            File name:morte.m68k.elf
                                                                            File size:162'028 bytes
                                                                            MD5:891f7257228944a4ecb3e2fdd77970a9
                                                                            SHA1:28e048c61b74e840c21c33e911e0fd883aaa1e61
                                                                            SHA256:4c52735364bfe70ccf08ae3c5f28ea3500167b4b54301cc148d1cf36580a004d
                                                                            SHA512:9423ef2210b8576fe6f419ca92e1e4cb004f681a6dc8f2e7c06150c5d07be9302afbeb9965461bf5edda455ce4118fb253b8fb81b00b187090b7fbbe43aa0830
                                                                            SSDEEP:3072:1lP6MRyl/PWDgc63DGf3SiA+shX0/8pfX7IQ6VyjbizLAqQxtyL2bLps:2Oyl/PWDgclTA+uX7TIQOLAqGyLA6
                                                                            TLSH:71F34AC7F800DDFAF80AF33748530919B230B7A155920B377297796BEC3A1991967E86
                                                                            File Content Preview:.ELF.......................D...4..w\.....4. ...(......................&...&....... .......&$..F$..F$..P....H...... .dt.Q............................NV..a....da....`N^NuNV..J9....f>"y..FD QJ.g.X.#...FDN."y..FD QJ.f.A.....J.g.Hy..& N.X.........N^NuNV..N^NuN

                                                                            Static ELF Info

                                                                            ELF header

                                                                            Class:ELF32
                                                                            Data:2's complement, big endian
                                                                            Version:1 (current)
                                                                            Machine:MC68000
                                                                            Version Number:0x1
                                                                            Type:EXEC (Executable file)
                                                                            OS/ABI:UNIX - System V
                                                                            ABI Version:0
                                                                            Entry Point Address:0x80000144
                                                                            Flags:0x0
                                                                            ELF Header Size:52
                                                                            Program Header Offset:52
                                                                            Program Header Size:32
                                                                            Number of Program Headers:3
                                                                            Section Header Offset:161628
                                                                            Section Header Size:40
                                                                            Number of Section Headers:10
                                                                            Header String Table Index:9

                                                                            Sections

                                                                            NameTypeAddressOffsetSizeEntSizeFlagsFlags DescriptionLinkInfoAlign
                                                                            NULL0x00x00x00x00x0000
                                                                            .initPROGBITS0x800000940x940x140x00x6AX002
                                                                            .textPROGBITS0x800000a80xa80x1f98a0x00x6AX004
                                                                            .finiPROGBITS0x8001fa320x1fa320xe0x00x6AX002
                                                                            .rodataPROGBITS0x8001fa400x1fa400x2bdf0x00x2A002
                                                                            .ctorsPROGBITS0x800246240x226240xc0x00x3WA004
                                                                            .dtorsPROGBITS0x800246300x226300x80x00x3WA004
                                                                            .dataPROGBITS0x800246400x226400x50dc0x00x3WA0032
                                                                            .bssNOBITS0x8002971c0x2771c0x46500x00x3WA004
                                                                            .shstrtabSTRTAB0x00x2771c0x3e0x00x0001

                                                                            Program Segments

                                                                            TypeOffsetVirtual AddressPhysical AddressFile SizeMemory SizeEntropyFlagsFlags DescriptionAlignProg InterpreterSection Mappings
                                                                            LOAD0x00x800000000x800000000x2261f0x2261f6.15210x5R E0x2000.init .text .fini .rodata
                                                                            LOAD0x226240x800246240x800246240x50f80x97481.19700x6RW 0x2000.ctors .dtors .data .bss
                                                                            GNU_STACK0x00x00x00x00x00.00000x6RW 0x4

                                                                            Network Behavior

                                                                            Download Network PCAP: filteredfull

                                                                            Network Port Distribution

                                                                            • Total Packets: 45
                                                                            • 7575 undefined
                                                                            • 443 (HTTPS)
                                                                            • 80 (HTTP)
                                                                            • 53 (DNS)
                                                                            TimestampSource PortDest PortSource IPDest IP
                                                                            Mar 23, 2025 13:18:01.707767963 CET462927575192.168.2.23176.65.142.252
                                                                            Mar 23, 2025 13:18:01.911555052 CET757546292176.65.142.252192.168.2.23
                                                                            Mar 23, 2025 13:18:01.911643028 CET462927575192.168.2.23176.65.142.252
                                                                            Mar 23, 2025 13:18:01.923000097 CET462927575192.168.2.23176.65.142.252
                                                                            Mar 23, 2025 13:18:02.134056091 CET757546292176.65.142.252192.168.2.23
                                                                            Mar 23, 2025 13:18:02.134131908 CET462927575192.168.2.23176.65.142.252
                                                                            Mar 23, 2025 13:18:02.337627888 CET757546292176.65.142.252192.168.2.23
                                                                            Mar 23, 2025 13:18:04.810878992 CET42836443192.168.2.2391.189.91.43
                                                                            Mar 23, 2025 13:18:05.582906961 CET4251680192.168.2.23109.202.202.202
                                                                            Mar 23, 2025 13:18:07.159010887 CET462927575192.168.2.23176.65.142.252
                                                                            Mar 23, 2025 13:18:07.362651110 CET757546292176.65.142.252192.168.2.23
                                                                            Mar 23, 2025 13:18:07.362735033 CET462927575192.168.2.23176.65.142.252
                                                                            Mar 23, 2025 13:18:08.562195063 CET37604443192.168.2.23162.213.35.24
                                                                            Mar 23, 2025 13:18:08.562222004 CET44337604162.213.35.24192.168.2.23
                                                                            Mar 23, 2025 13:18:08.562463999 CET37604443192.168.2.23162.213.35.24
                                                                            Mar 23, 2025 13:18:11.822063923 CET37604443192.168.2.23162.213.35.24
                                                                            Mar 23, 2025 13:18:11.822092056 CET44337604162.213.35.24192.168.2.23
                                                                            Mar 23, 2025 13:18:12.037873983 CET44337604162.213.35.24192.168.2.23
                                                                            Mar 23, 2025 13:18:12.038095951 CET37604443192.168.2.23162.213.35.24
                                                                            Mar 23, 2025 13:18:12.038280964 CET37604443192.168.2.23162.213.35.24
                                                                            Mar 23, 2025 13:18:12.038290024 CET44337604162.213.35.24192.168.2.23
                                                                            Mar 23, 2025 13:18:12.038681984 CET37604443192.168.2.23162.213.35.24
                                                                            Mar 23, 2025 13:18:12.038691998 CET44337604162.213.35.24192.168.2.23
                                                                            Mar 23, 2025 13:18:12.038821936 CET44337604162.213.35.24192.168.2.23
                                                                            Mar 23, 2025 13:18:12.038986921 CET37604443192.168.2.23162.213.35.24
                                                                            Mar 23, 2025 13:18:12.038994074 CET44337604162.213.35.24192.168.2.23
                                                                            Mar 23, 2025 13:18:12.039046049 CET37604443192.168.2.23162.213.35.24
                                                                            Mar 23, 2025 13:18:12.039047003 CET37604443192.168.2.23162.213.35.24
                                                                            Mar 23, 2025 13:18:12.084326029 CET44337604162.213.35.24192.168.2.23
                                                                            Mar 23, 2025 13:18:12.222712040 CET44337604162.213.35.24192.168.2.23
                                                                            Mar 23, 2025 13:18:12.222794056 CET37604443192.168.2.23162.213.35.24
                                                                            Mar 23, 2025 13:18:12.222944021 CET37604443192.168.2.23162.213.35.24
                                                                            Mar 23, 2025 13:18:12.222944021 CET37604443192.168.2.23162.213.35.24
                                                                            Mar 23, 2025 13:18:12.222966909 CET44337604162.213.35.24192.168.2.23
                                                                            Mar 23, 2025 13:18:12.222975969 CET44337604162.213.35.24192.168.2.23
                                                                            Mar 23, 2025 13:18:12.222990036 CET37604443192.168.2.23162.213.35.24
                                                                            Mar 23, 2025 13:18:12.222990036 CET37604443192.168.2.23162.213.35.24
                                                                            Mar 23, 2025 13:18:12.222999096 CET44337604162.213.35.24192.168.2.23
                                                                            Mar 23, 2025 13:18:12.223006964 CET44337604162.213.35.24192.168.2.23
                                                                            Mar 23, 2025 13:18:12.223026037 CET37604443192.168.2.23162.213.35.24
                                                                            Mar 23, 2025 13:18:12.223026037 CET37604443192.168.2.23162.213.35.24
                                                                            Mar 23, 2025 13:18:12.223048925 CET44337604162.213.35.24192.168.2.23
                                                                            Mar 23, 2025 13:18:12.223057985 CET37604443192.168.2.23162.213.35.24
                                                                            Mar 23, 2025 13:18:12.223068953 CET44337604162.213.35.24192.168.2.23
                                                                            Mar 23, 2025 13:18:12.223257065 CET37604443192.168.2.23162.213.35.24
                                                                            Mar 23, 2025 13:18:12.223257065 CET37604443192.168.2.23162.213.35.24
                                                                            Mar 23, 2025 13:18:12.223263979 CET44337604162.213.35.24192.168.2.23
                                                                            Mar 23, 2025 13:18:12.223272085 CET44337604162.213.35.24192.168.2.23
                                                                            Mar 23, 2025 13:18:12.223278046 CET37604443192.168.2.23162.213.35.24
                                                                            Mar 23, 2025 13:18:12.223284960 CET44337604162.213.35.24192.168.2.23
                                                                            Mar 23, 2025 13:18:12.223299980 CET37604443192.168.2.23162.213.35.24
                                                                            Mar 23, 2025 13:18:12.223299980 CET37604443192.168.2.23162.213.35.24
                                                                            Mar 23, 2025 13:18:12.223305941 CET44337604162.213.35.24192.168.2.23
                                                                            Mar 23, 2025 13:18:12.223310947 CET44337604162.213.35.24192.168.2.23
                                                                            Mar 23, 2025 13:18:12.223314047 CET37604443192.168.2.23162.213.35.24
                                                                            Mar 23, 2025 13:18:12.223352909 CET37604443192.168.2.23162.213.35.24
                                                                            Mar 23, 2025 13:18:12.223367929 CET37604443192.168.2.23162.213.35.24
                                                                            Mar 23, 2025 13:18:12.223472118 CET44337604162.213.35.24192.168.2.23
                                                                            Mar 23, 2025 13:18:12.223555088 CET37604443192.168.2.23162.213.35.24
                                                                            Mar 23, 2025 13:18:12.223571062 CET44337604162.213.35.24192.168.2.23
                                                                            Mar 23, 2025 13:18:12.223584890 CET37604443192.168.2.23162.213.35.24
                                                                            Mar 23, 2025 13:18:12.223593950 CET44337604162.213.35.24192.168.2.23
                                                                            Mar 23, 2025 13:18:12.630388975 CET44337604162.213.35.24192.168.2.23
                                                                            Mar 23, 2025 13:18:12.630480051 CET37604443192.168.2.23162.213.35.24
                                                                            Mar 23, 2025 13:18:12.630496979 CET44337604162.213.35.24192.168.2.23
                                                                            Mar 23, 2025 13:18:12.630542994 CET37604443192.168.2.23162.213.35.24
                                                                            Mar 23, 2025 13:18:12.630542994 CET37604443192.168.2.23162.213.35.24
                                                                            Mar 23, 2025 13:18:12.630548000 CET44337604162.213.35.24192.168.2.23
                                                                            Mar 23, 2025 13:18:12.630651951 CET44337604162.213.35.24192.168.2.23
                                                                            Mar 23, 2025 13:18:19.656879902 CET43928443192.168.2.2391.189.91.42
                                                                            Mar 23, 2025 13:18:31.943130970 CET42836443192.168.2.2391.189.91.43
                                                                            Mar 23, 2025 13:18:36.038729906 CET4251680192.168.2.23109.202.202.202
                                                                            Mar 23, 2025 13:19:00.611398935 CET43928443192.168.2.2391.189.91.42
                                                                            TimestampSource PortDest PortSource IPDest IP
                                                                            Mar 23, 2025 13:18:07.809348106 CET5817453192.168.2.231.1.1.1
                                                                            Mar 23, 2025 13:18:07.809443951 CET3632853192.168.2.231.1.1.1
                                                                            Mar 23, 2025 13:18:07.907167912 CET53581741.1.1.1192.168.2.23
                                                                            Mar 23, 2025 13:18:07.908766985 CET53363281.1.1.1192.168.2.23
                                                                            Mar 23, 2025 13:18:08.404815912 CET5769553192.168.2.231.1.1.1
                                                                            Mar 23, 2025 13:18:08.536323071 CET53576951.1.1.1192.168.2.23
                                                                            TimestampSource IPDest IPChecksumCodeType
                                                                            Mar 23, 2025 13:18:08.653803110 CET192.168.2.23192.168.2.18283(Port unreachable)Destination Unreachable
                                                                            Mar 23, 2025 13:19:28.673244953 CET192.168.2.23192.168.2.18283(Port unreachable)Destination Unreachable

                                                                            DNS Queries

                                                                            TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                                                                            Mar 23, 2025 13:18:07.809348106 CET192.168.2.231.1.1.10x28b0Standard query (0)daisy.ubuntu.comA (IP address)IN (0x0001)false
                                                                            Mar 23, 2025 13:18:07.809443951 CET192.168.2.231.1.1.10x593bStandard query (0)daisy.ubuntu.com28IN (0x0001)false
                                                                            Mar 23, 2025 13:18:08.404815912 CET192.168.2.231.1.1.10x2cc9Standard query (0)daisy.ubuntu.com28IN (0x0001)false

                                                                            DNS Answers

                                                                            TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                                                                            Mar 23, 2025 13:18:07.907167912 CET1.1.1.1192.168.2.230x28b0No error (0)daisy.ubuntu.com162.213.35.25A (IP address)IN (0x0001)false
                                                                            Mar 23, 2025 13:18:07.907167912 CET1.1.1.1192.168.2.230x28b0No error (0)daisy.ubuntu.com162.213.35.24A (IP address)IN (0x0001)false

                                                                            HTTP Request Dependency Graph

                                                                            • daisy.ubuntu.com

                                                                            HTTPS Proxied Packets

                                                                            Session IDSource IPSource PortDestination IPDestination Port
                                                                            0192.168.2.2337604162.213.35.24443
                                                                            TimestampBytes transferredDirectionData
                                                                            2025-03-23 12:18:12 UTC307OUTPOST /9aadafe2051348cd32033e1cad68f0a5fe46fba3240ac1e6e42158f31b8a1371790c09baf3996b4979fe8e533446c7dedf30f654c68b25357334c66911dc6a9e HTTP/1.1
                                                                            Host: daisy.ubuntu.com
                                                                            Accept: */*
                                                                            Content-Type: application/octet-stream
                                                                            X-Whoopsie-Version: 0.2.69ubuntu0.3
                                                                            Content-Length: 164887
                                                                            Expect: 100-continue
                                                                            2025-03-23 12:18:12 UTC25INHTTP/1.1 100 Continue
                                                                            2025-03-23 12:18:12 UTC16384OUTData Raw: 17 84 02 00 02 50 72 6f 63 45 6e 76 69 72 6f 6e 00 4e 00 00 00 50 41 54 48 3d 28 63 75 73 74 6f 6d 2c 20 6e 6f 20 75 73 65 72 29 0a 58 44 47 5f 52 55 4e 54 49 4d 45 5f 44 49 52 3d 3c 73 65 74 3e 0a 4c 41 4e 47 3d 65 6e 5f 55 53 2e 55 54 46 2d 38 0a 53 48 45 4c 4c 3d 2f 62 69 6e 2f 62 61 73 68 00 02 5f 4c 6f 67 69 6e 64 53 65 73 73 69 6f 6e 00 02 00 00 00 35 00 02 44 61 74 65 00 19 00 00 00 54 75 65 20 41 75 67 20 31 37 20 32 30 3a 31 38 3a 30 34 20 32 30 32 31 00 02 53 6f 75 72 63 65 50 61 63 6b 61 67 65 00 0d 00 00 00 6c 69 67 68 74 2d 6c 6f 63 6b 65 72 00 02 50 61 63 6b 61 67 65 41 72 63 68 69 74 65 63 74 75 72 65 00 06 00 00 00 61 6d 64 36 34 00 02 41 72 63 68 69 74 65 63 74 75 72 65 00 06 00 00 00 61 6d 64 36 34 00 02 44 69 73 74 72 6f 52 65 6c 65 61
                                                                            Data Ascii: ProcEnvironNPATH=(custom, no user)XDG_RUNTIME_DIR=<set>LANG=en_US.UTF-8SHELL=/bin/bash_LogindSession5DateTue Aug 17 20:18:04 2021SourcePackagelight-lockerPackageArchitectureamd64Architectureamd64DistroRelea
                                                                            2025-03-23 12:18:12 UTC16384OUTData Raw: 74 75 34 2e 31 0a 6c 69 62 70 61 6d 2d 72 75 6e 74 69 6d 65 20 31 2e 33 2e 31 2d 35 75 62 75 6e 74 75 34 2e 31 0a 6c 69 62 70 61 6d 2d 73 79 73 74 65 6d 64 20 32 34 35 2e 34 2d 34 75 62 75 6e 74 75 33 2e 31 31 0a 6c 69 62 70 61 6d 30 67 20 31 2e 33 2e 31 2d 35 75 62 75 6e 74 75 34 2e 31 0a 6c 69 62 70 61 6e 67 6f 2d 31 2e 30 2d 30 20 31 2e 34 34 2e 37 2d 32 75 62 75 6e 74 75 34 0a 6c 69 62 70 61 6e 67 6f 63 61 69 72 6f 2d 31 2e 30 2d 30 20 31 2e 34 34 2e 37 2d 32 75 62 75 6e 74 75 34 0a 6c 69 62 70 61 6e 67 6f 66 74 32 2d 31 2e 30 2d 30 20 31 2e 34 34 2e 37 2d 32 75 62 75 6e 74 75 34 0a 6c 69 62 70 61 6e 67 6f 78 66 74 2d 31 2e 30 2d 30 20 31 2e 34 34 2e 37 2d 32 75 62 75 6e 74 75 34 0a 6c 69 62 70 61 70 65 72 2d 75 74 69 6c 73 20 31 2e 31 2e 32 38 0a 6c
                                                                            Data Ascii: tu4.1libpam-runtime 1.3.1-5ubuntu4.1libpam-systemd 245.4-4ubuntu3.11libpam0g 1.3.1-5ubuntu4.1libpango-1.0-0 1.44.7-2ubuntu4libpangocairo-1.0-0 1.44.7-2ubuntu4libpangoft2-1.0-0 1.44.7-2ubuntu4libpangoxft-1.0-0 1.44.7-2ubuntu4libpaper-utils 1.1.28l
                                                                            2025-03-23 12:18:12 UTC16384OUTData Raw: 20 20 20 20 20 20 20 20 30 78 30 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 30 0a 67 73 20 20 20 20 20 20 20 20 20 20 20 20 20 30 78 30 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 30 0a 6b 30 20 20 20 20 20 20 20 20 20 20 20 20 20 30 78 30 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 30 0a 6b 31 20 20 20 20 20 20 20 20 20 20 20 20 20 30 78 30 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 30 0a 6b 32 20 20 20 20 20 20 20 20 20 20 20 20 20 30 78 30 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 30 0a 6b 33 20 20 20 20 20 20 20 20 20 20 20 20 20 30 78 30 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 30 0a 6b 34 20 20 20 20 20 20 20 20 20 20 20 20 20 30 78 30 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 30 0a 6b 35 20
                                                                            Data Ascii: 0x0 0gs 0x0 0k0 0x0 0k1 0x0 0k2 0x0 0k3 0x0 0k4 0x0 0k5
                                                                            2025-03-23 12:18:12 UTC16384OUTData Raw: 20 20 20 20 20 20 20 20 20 2f 75 73 72 2f 6c 69 62 2f 78 38 36 5f 36 34 2d 6c 69 6e 75 78 2d 67 6e 75 2f 6c 69 62 78 63 62 2d 72 65 6e 64 65 72 2e 73 6f 2e 30 2e 30 2e 30 0a 37 66 37 39 31 63 30 37 34 30 30 30 2d 37 66 37 39 31 63 30 37 35 30 30 30 20 2d 2d 2d 70 20 30 30 30 30 63 30 30 30 20 66 64 3a 30 30 20 38 30 36 32 36 30 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 2f 75 73 72 2f 6c 69 62 2f 78 38 36 5f 36 34 2d 6c 69 6e 75 78 2d 67 6e 75 2f 6c 69 62 78 63 62 2d 72 65 6e 64 65 72 2e 73 6f 2e 30 2e 30 2e 30 0a 37 66 37 39 31 63 30 37 35 30 30 30 2d 37 66 37 39 31 63 30 37 36 30 30 30 20 72 2d 2d 70 20 30 30 30 30 63 30 30 30 20 66 64 3a 30 30 20 38 30 36 32 36 30 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 2f 75
                                                                            Data Ascii: /usr/lib/x86_64-linux-gnu/libxcb-render.so.0.0.07f791c074000-7f791c075000 ---p 0000c000 fd:00 806260 /usr/lib/x86_64-linux-gnu/libxcb-render.so.0.0.07f791c075000-7f791c076000 r--p 0000c000 fd:00 806260 /u
                                                                            2025-03-23 12:18:12 UTC16384OUTData Raw: 6e 75 78 2d 67 6e 75 2f 6c 69 62 67 64 6b 5f 70 69 78 62 75 66 2d 32 2e 30 2e 73 6f 2e 30 2e 34 30 30 30 2e 30 0a 37 66 37 39 31 63 37 37 33 30 30 30 2d 37 66 37 39 31 63 37 37 34 30 30 30 20 72 77 2d 70 20 30 30 30 32 36 30 30 30 20 66 64 3a 30 30 20 38 30 36 32 34 35 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 2f 75 73 72 2f 6c 69 62 2f 78 38 36 5f 36 34 2d 6c 69 6e 75 78 2d 67 6e 75 2f 6c 69 62 67 64 6b 5f 70 69 78 62 75 66 2d 32 2e 30 2e 73 6f 2e 30 2e 34 30 30 30 2e 30 0a 37 66 37 39 31 63 37 37 34 30 30 30 2d 37 66 37 39 31 63 37 37 38 30 30 30 20 72 2d 2d 70 20 30 30 30 30 30 30 30 30 20 66 64 3a 30 30 20 38 30 36 32 36 38 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 2f 75 73 72 2f 6c 69 62 2f 78 38 36 5f 36 34
                                                                            Data Ascii: nux-gnu/libgdk_pixbuf-2.0.so.0.4000.07f791c773000-7f791c774000 rw-p 00026000 fd:00 806245 /usr/lib/x86_64-linux-gnu/libgdk_pixbuf-2.0.so.0.4000.07f791c774000-7f791c778000 r--p 00000000 fd:00 806268 /usr/lib/x86_64
                                                                            2025-03-23 12:18:12 UTC16384OUTData Raw: 20 70 6c 61 74 66 6f 72 6d 20 65 69 73 61 2e 30 3a 20 43 61 6e 6e 6f 74 20 61 6c 6c 6f 63 61 74 65 20 72 65 73 6f 75 72 63 65 20 66 6f 72 20 45 49 53 41 20 73 6c 6f 74 20 37 0a 41 75 67 20 31 37 20 32 30 3a 32 34 3a 34 36 20 67 61 6c 61 73 73 69 61 20 6b 65 72 6e 65 6c 3a 20 70 6c 61 74 66 6f 72 6d 20 65 69 73 61 2e 30 3a 20 43 61 6e 6e 6f 74 20 61 6c 6c 6f 63 61 74 65 20 72 65 73 6f 75 72 63 65 20 66 6f 72 20 45 49 53 41 20 73 6c 6f 74 20 38 0a 41 75 67 20 31 37 20 32 30 3a 32 34 3a 34 36 20 67 61 6c 61 73 73 69 61 20 6b 65 72 6e 65 6c 3a 20 73 64 20 33 32 3a 30 3a 30 3a 30 3a 20 5b 73 64 61 5d 20 41 73 73 75 6d 69 6e 67 20 64 72 69 76 65 20 63 61 63 68 65 3a 20 77 72 69 74 65 20 74 68 72 6f 75 67 68 0a 41 75 67 20 31 37 20 32 30 3a 32 34 3a 34 37 20 67
                                                                            Data Ascii: platform eisa.0: Cannot allocate resource for EISA slot 7Aug 17 20:24:46 galassia kernel: platform eisa.0: Cannot allocate resource for EISA slot 8Aug 17 20:24:46 galassia kernel: sd 32:0:0:0: [sda] Assuming drive cache: write throughAug 17 20:24:47 g
                                                                            2025-03-23 12:18:12 UTC16384OUTData Raw: 35 35 31 5d 3a 20 28 49 49 29 20 4c 6f 61 64 4d 6f 64 75 6c 65 3a 20 22 66 62 64 65 76 68 77 22 0a 41 75 67 20 31 37 20 32 30 3a 32 35 3a 30 34 20 67 61 6c 61 73 73 69 61 20 2f 75 73 72 2f 6c 69 62 2f 67 64 6d 33 2f 67 64 6d 2d 78 2d 73 65 73 73 69 6f 6e 5b 31 35 35 31 5d 3a 20 28 49 49 29 20 4c 6f 61 64 69 6e 67 20 2f 75 73 72 2f 6c 69 62 2f 78 6f 72 67 2f 6d 6f 64 75 6c 65 73 2f 6c 69 62 66 62 64 65 76 68 77 2e 73 6f 0a 41 75 67 20 31 37 20 32 30 3a 32 35 3a 30 34 20 67 61 6c 61 73 73 69 61 20 2f 75 73 72 2f 6c 69 62 2f 67 64 6d 33 2f 67 64 6d 2d 78 2d 73 65 73 73 69 6f 6e 5b 31 35 35 31 5d 3a 20 28 49 49 29 20 4d 6f 64 75 6c 65 20 66 62 64 65 76 68 77 3a 20 76 65 6e 64 6f 72 3d 22 58 2e 4f 72 67 20 46 6f 75 6e 64 61 74 69 6f 6e 22 0a 41 75 67 20 31 37
                                                                            Data Ascii: 551]: (II) LoadModule: "fbdevhw"Aug 17 20:25:04 galassia /usr/lib/gdm3/gdm-x-session[1551]: (II) Loading /usr/lib/xorg/modules/libfbdevhw.soAug 17 20:25:04 galassia /usr/lib/gdm3/gdm-x-session[1551]: (II) Module fbdevhw: vendor="X.Org Foundation"Aug 17
                                                                            2025-03-23 12:18:12 UTC16384OUTData Raw: 2f 6c 69 62 2f 67 64 6d 33 2f 67 64 6d 2d 78 2d 73 65 73 73 69 6f 6e 5b 31 35 35 31 5d 3a 20 28 49 49 29 20 76 6d 77 61 72 65 28 30 29 3a 20 4e 6f 74 20 75 73 69 6e 67 20 64 65 66 61 75 6c 74 20 6d 6f 64 65 20 22 31 39 32 30 78 31 32 30 30 22 20 28 69 6e 73 75 66 66 69 63 69 65 6e 74 20 6d 65 6d 6f 72 79 20 66 6f 72 20 6d 6f 64 65 29 0a 41 75 67 20 31 37 20 32 30 3a 32 35 3a 30 35 20 67 61 6c 61 73 73 69 61 20 2f 75 73 72 2f 6c 69 62 2f 67 64 6d 33 2f 67 64 6d 2d 78 2d 73 65 73 73 69 6f 6e 5b 31 35 35 31 5d 3a 20 28 49 49 29 20 76 6d 77 61 72 65 28 30 29 3a 20 4e 6f 74 20 75 73 69 6e 67 20 64 65 66 61 75 6c 74 20 6d 6f 64 65 20 22 39 36 30 78 36 30 30 22 20 28 62 61 64 20 6d 6f 64 65 20 63 6c 6f 63 6b 2f 69 6e 74 65 72 6c 61 63 65 2f 64 6f 75 62 6c 65 73
                                                                            Data Ascii: /lib/gdm3/gdm-x-session[1551]: (II) vmware(0): Not using default mode "1920x1200" (insufficient memory for mode)Aug 17 20:25:05 galassia /usr/lib/gdm3/gdm-x-session[1551]: (II) vmware(0): Not using default mode "960x600" (bad mode clock/interlace/doubles
                                                                            2025-03-23 12:18:12 UTC16384OUTData Raw: 20 31 33 33 36 20 31 35 32 30 20 20 38 36 34 20 38 36 35 20 38 36 38 20 38 39 35 20 2d 68 73 79 6e 63 20 2b 76 73 79 6e 63 20 28 35 33 2e 37 20 6b 48 7a 20 64 29 0a 41 75 67 20 31 37 20 32 30 3a 32 35 3a 30 35 20 67 61 6c 61 73 73 69 61 20 2f 75 73 72 2f 6c 69 62 2f 67 64 6d 33 2f 67 64 6d 2d 78 2d 73 65 73 73 69 6f 6e 5b 31 35 35 31 5d 3a 20 28 2a 2a 29 20 76 6d 77 61 72 65 28 30 29 3a 20 20 44 65 66 61 75 6c 74 20 6d 6f 64 65 20 22 31 30 32 34 78 37 36 38 22 3a 20 39 34 2e 35 20 4d 48 7a 2c 20 36 38 2e 37 20 6b 48 7a 2c 20 38 35 2e 30 20 48 7a 0a 41 75 67 20 31 37 20 32 30 3a 32 35 3a 30 35 20 67 61 6c 61 73 73 69 61 20 2f 75 73 72 2f 6c 69 62 2f 67 64 6d 33 2f 67 64 6d 2d 78 2d 73 65 73 73 69 6f 6e 5b 31 35 35 31 5d 3a 20 28 49 49 29 20 76 6d 77 61 72
                                                                            Data Ascii: 1336 1520 864 865 868 895 -hsync +vsync (53.7 kHz d)Aug 17 20:25:05 galassia /usr/lib/gdm3/gdm-x-session[1551]: (**) vmware(0): Default mode "1024x768": 94.5 MHz, 68.7 kHz, 85.0 HzAug 17 20:25:05 galassia /usr/lib/gdm3/gdm-x-session[1551]: (II) vmwar
                                                                            2025-03-23 12:18:12 UTC16384OUTData Raw: 65 64 20 53 65 74 20 32 20 6b 65 79 62 6f 61 72 64 3a 20 61 6c 77 61 79 73 20 72 65 70 6f 72 74 73 20 63 6f 72 65 20 65 76 65 6e 74 73 0a 41 75 67 20 31 37 20 32 30 3a 32 35 3a 30 35 20 67 61 6c 61 73 73 69 61 20 2f 75 73 72 2f 6c 69 62 2f 67 64 6d 33 2f 67 64 6d 2d 78 2d 73 65 73 73 69 6f 6e 5b 31 35 35 31 5d 3a 20 28 2a 2a 29 20 4f 70 74 69 6f 6e 20 22 44 65 76 69 63 65 22 20 22 2f 64 65 76 2f 69 6e 70 75 74 2f 65 76 65 6e 74 31 22 0a 41 75 67 20 31 37 20 32 30 3a 32 35 3a 30 35 20 67 61 6c 61 73 73 69 61 20 2f 75 73 72 2f 6c 69 62 2f 67 64 6d 33 2f 67 64 6d 2d 78 2d 73 65 73 73 69 6f 6e 5b 31 35 35 31 5d 3a 20 28 2a 2a 29 20 4f 70 74 69 6f 6e 20 22 5f 73 6f 75 72 63 65 22 20 22 73 65 72 76 65 72 2f 75 64 65 76 22 0a 41 75 67 20 31 37 20 32 30 3a 32 35
                                                                            Data Ascii: ed Set 2 keyboard: always reports core eventsAug 17 20:25:05 galassia /usr/lib/gdm3/gdm-x-session[1551]: (**) Option "Device" "/dev/input/event1"Aug 17 20:25:05 galassia /usr/lib/gdm3/gdm-x-session[1551]: (**) Option "_source" "server/udev"Aug 17 20:25
                                                                            2025-03-23 12:18:12 UTC279INHTTP/1.1 400 Bad Request
                                                                            Date: Sun, 23 Mar 2025 12:18:12 GMT
                                                                            Server: gunicorn/19.7.1
                                                                            X-Daisy-Revision-Number: 979
                                                                            X-Oops-Repository-Version: 0.0.0
                                                                            Strict-Transport-Security: max-age=2592000
                                                                            Connection: close
                                                                            Transfer-Encoding: chunked
                                                                            17
                                                                            Crash already reported.
                                                                            0


                                                                            System Behavior

                                                                            General

                                                                            Start time (UTC):12:17:53
                                                                            Start date (UTC):23/03/2025
                                                                            Path:/usr/bin/dash
                                                                            Arguments:-
                                                                            File size:129816 bytes
                                                                            MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                            Process Activities


                                                                            General

                                                                            Start time (UTC):12:17:53
                                                                            Start date (UTC):23/03/2025
                                                                            Path:/usr/bin/rm
                                                                            Arguments:rm -f /tmp/tmp.aACo8Vpbiz /tmp/tmp.mEDPDhwjSS /tmp/tmp.4orw0uknMO
                                                                            File size:72056 bytes
                                                                            MD5 hash:aa2b5496fdbfd88e38791ab81f90b95b

                                                                            File Activities


                                                                            General

                                                                            Start time (UTC):12:17:53
                                                                            Start date (UTC):23/03/2025
                                                                            Path:/usr/bin/dash
                                                                            Arguments:-
                                                                            File size:129816 bytes
                                                                            MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                            Process Activities


                                                                            General

                                                                            Start time (UTC):12:17:53
                                                                            Start date (UTC):23/03/2025
                                                                            Path:/usr/bin/cat
                                                                            Arguments:cat /tmp/tmp.aACo8Vpbiz
                                                                            File size:43416 bytes
                                                                            MD5 hash:7e9d213e404ad3bb82e4ebb2e1f2c1b3

                                                                            File Activities


                                                                            General

                                                                            Start time (UTC):12:17:53
                                                                            Start date (UTC):23/03/2025
                                                                            Path:/usr/bin/dash
                                                                            Arguments:-
                                                                            File size:129816 bytes
                                                                            MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                            Process Activities


                                                                            General

                                                                            Start time (UTC):12:17:53
                                                                            Start date (UTC):23/03/2025
                                                                            Path:/usr/bin/head
                                                                            Arguments:head -n 10
                                                                            File size:47480 bytes
                                                                            MD5 hash:fd96a67145172477dd57131396fc9608

                                                                            File Activities


                                                                            General

                                                                            Start time (UTC):12:17:53
                                                                            Start date (UTC):23/03/2025
                                                                            Path:/usr/bin/dash
                                                                            Arguments:-
                                                                            File size:129816 bytes
                                                                            MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                            Process Activities


                                                                            General

                                                                            Start time (UTC):12:17:53
                                                                            Start date (UTC):23/03/2025
                                                                            Path:/usr/bin/tr
                                                                            Arguments:tr -d \\000-\\011\\013\\014\\016-\\037
                                                                            File size:51544 bytes
                                                                            MD5 hash:fbd1402dd9f72d8ebfff00ce7c3a7bb5

                                                                            File Activities


                                                                            General

                                                                            Start time (UTC):12:17:53
                                                                            Start date (UTC):23/03/2025
                                                                            Path:/usr/bin/dash
                                                                            Arguments:-
                                                                            File size:129816 bytes
                                                                            MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                            Process Activities


                                                                            General

                                                                            Start time (UTC):12:17:53
                                                                            Start date (UTC):23/03/2025
                                                                            Path:/usr/bin/cut
                                                                            Arguments:cut -c -80
                                                                            File size:47480 bytes
                                                                            MD5 hash:d8ed0ea8f22c0de0f8692d4d9f1759d3

                                                                            File Activities


                                                                            General

                                                                            Start time (UTC):12:17:54
                                                                            Start date (UTC):23/03/2025
                                                                            Path:/usr/bin/dash
                                                                            Arguments:-
                                                                            File size:129816 bytes
                                                                            MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                            Process Activities


                                                                            General

                                                                            Start time (UTC):12:17:54
                                                                            Start date (UTC):23/03/2025
                                                                            Path:/usr/bin/cat
                                                                            Arguments:cat /tmp/tmp.aACo8Vpbiz
                                                                            File size:43416 bytes
                                                                            MD5 hash:7e9d213e404ad3bb82e4ebb2e1f2c1b3

                                                                            File Activities


                                                                            General

                                                                            Start time (UTC):12:17:54
                                                                            Start date (UTC):23/03/2025
                                                                            Path:/usr/bin/dash
                                                                            Arguments:-
                                                                            File size:129816 bytes
                                                                            MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                            Process Activities


                                                                            General

                                                                            Start time (UTC):12:17:54
                                                                            Start date (UTC):23/03/2025
                                                                            Path:/usr/bin/head
                                                                            Arguments:head -n 10
                                                                            File size:47480 bytes
                                                                            MD5 hash:fd96a67145172477dd57131396fc9608

                                                                            File Activities


                                                                            General

                                                                            Start time (UTC):12:17:54
                                                                            Start date (UTC):23/03/2025
                                                                            Path:/usr/bin/dash
                                                                            Arguments:-
                                                                            File size:129816 bytes
                                                                            MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                            Process Activities


                                                                            General

                                                                            Start time (UTC):12:17:54
                                                                            Start date (UTC):23/03/2025
                                                                            Path:/usr/bin/tr
                                                                            Arguments:tr -d \\000-\\011\\013\\014\\016-\\037
                                                                            File size:51544 bytes
                                                                            MD5 hash:fbd1402dd9f72d8ebfff00ce7c3a7bb5

                                                                            File Activities


                                                                            General

                                                                            Start time (UTC):12:17:54
                                                                            Start date (UTC):23/03/2025
                                                                            Path:/usr/bin/dash
                                                                            Arguments:-
                                                                            File size:129816 bytes
                                                                            MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                            Process Activities


                                                                            General

                                                                            Start time (UTC):12:17:54
                                                                            Start date (UTC):23/03/2025
                                                                            Path:/usr/bin/cut
                                                                            Arguments:cut -c -80
                                                                            File size:47480 bytes
                                                                            MD5 hash:d8ed0ea8f22c0de0f8692d4d9f1759d3

                                                                            File Activities


                                                                            General

                                                                            Start time (UTC):12:17:54
                                                                            Start date (UTC):23/03/2025
                                                                            Path:/usr/bin/dash
                                                                            Arguments:-
                                                                            File size:129816 bytes
                                                                            MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                            Process Activities


                                                                            General

                                                                            Start time (UTC):12:17:54
                                                                            Start date (UTC):23/03/2025
                                                                            Path:/usr/bin/rm
                                                                            Arguments:rm -f /tmp/tmp.aACo8Vpbiz /tmp/tmp.mEDPDhwjSS /tmp/tmp.4orw0uknMO
                                                                            File size:72056 bytes
                                                                            MD5 hash:aa2b5496fdbfd88e38791ab81f90b95b

                                                                            File Activities


                                                                            General

                                                                            Start time (UTC):12:18:00
                                                                            Start date (UTC):23/03/2025
                                                                            Path:/tmp/morte.m68k.elf
                                                                            Arguments:/tmp/morte.m68k.elf
                                                                            File size:4463432 bytes
                                                                            MD5 hash:cd177594338c77b895ae27c33f8f86cc

                                                                            File Activities

                                                                            Process Activities

                                                                            System Activities

                                                                            Network Activities


                                                                            General

                                                                            Start time (UTC):12:18:01
                                                                            Start date (UTC):23/03/2025
                                                                            Path:/tmp/morte.m68k.elf
                                                                            Arguments:-
                                                                            File size:4463432 bytes
                                                                            MD5 hash:cd177594338c77b895ae27c33f8f86cc

                                                                            Process Activities

                                                                            Network Activities


                                                                            General

                                                                            Start time (UTC):12:18:01
                                                                            Start date (UTC):23/03/2025
                                                                            Path:/tmp/morte.m68k.elf
                                                                            Arguments:-
                                                                            File size:4463432 bytes
                                                                            MD5 hash:cd177594338c77b895ae27c33f8f86cc

                                                                            File Activities

                                                                            Process Activities


                                                                            General

                                                                            Start time (UTC):12:18:01
                                                                            Start date (UTC):23/03/2025
                                                                            Path:/tmp/morte.m68k.elf
                                                                            Arguments:-
                                                                            File size:4463432 bytes
                                                                            MD5 hash:cd177594338c77b895ae27c33f8f86cc

                                                                            File Activities

                                                                            Process Activities


                                                                            General

                                                                            Start time (UTC):12:18:01
                                                                            Start date (UTC):23/03/2025
                                                                            Path:/usr/lib/systemd/systemd
                                                                            Arguments:-
                                                                            File size:1620224 bytes
                                                                            MD5 hash:9b2bec7092a40488108543f9334aab75

                                                                            Process Activities


                                                                            General

                                                                            Start time (UTC):12:18:01
                                                                            Start date (UTC):23/03/2025
                                                                            Path:/usr/bin/journalctl
                                                                            Arguments:/usr/bin/journalctl --smart-relinquish-var
                                                                            File size:80120 bytes
                                                                            MD5 hash:bf3a987344f3bacafc44efd882abda8b

                                                                            File Activities

                                                                            Process Activities


                                                                            General

                                                                            Start time (UTC):12:18:01
                                                                            Start date (UTC):23/03/2025
                                                                            Path:/usr/lib/systemd/systemd
                                                                            Arguments:-
                                                                            File size:1620224 bytes
                                                                            MD5 hash:9b2bec7092a40488108543f9334aab75

                                                                            Process Activities


                                                                            General

                                                                            Start time (UTC):12:18:01
                                                                            Start date (UTC):23/03/2025
                                                                            Path:/usr/bin/dbus-daemon
                                                                            Arguments:/usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only
                                                                            File size:249032 bytes
                                                                            MD5 hash:3089d47e3f3ab84cd81c48fd406d7a8c

                                                                            File Activities

                                                                            Network Activities


                                                                            General

                                                                            Start time (UTC):12:18:01
                                                                            Start date (UTC):23/03/2025
                                                                            Path:/usr/lib/systemd/systemd
                                                                            Arguments:-
                                                                            File size:1620224 bytes
                                                                            MD5 hash:9b2bec7092a40488108543f9334aab75

                                                                            Process Activities


                                                                            General

                                                                            Start time (UTC):12:18:01
                                                                            Start date (UTC):23/03/2025
                                                                            Path:/usr/sbin/rsyslogd
                                                                            Arguments:/usr/sbin/rsyslogd -n -iNONE
                                                                            File size:727248 bytes
                                                                            MD5 hash:0b8087fc907c42eb3c81a691db258e33

                                                                            File Activities

                                                                            System Activities

                                                                            Network Activities


                                                                            General

                                                                            Start time (UTC):12:18:01
                                                                            Start date (UTC):23/03/2025
                                                                            Path:/usr/lib/systemd/systemd
                                                                            Arguments:-
                                                                            File size:1620224 bytes
                                                                            MD5 hash:9b2bec7092a40488108543f9334aab75

                                                                            Process Activities


                                                                            General

                                                                            Start time (UTC):12:18:01
                                                                            Start date (UTC):23/03/2025
                                                                            Path:/usr/bin/pulseaudio
                                                                            Arguments:/usr/bin/pulseaudio --daemonize=no --log-target=journal
                                                                            File size:100832 bytes
                                                                            MD5 hash:0c3b4c789d8ffb12b25507f27e14c186

                                                                            File Activities


                                                                            General

                                                                            Start time (UTC):12:18:01
                                                                            Start date (UTC):23/03/2025
                                                                            Path:/usr/libexec/gvfsd-fuse
                                                                            Arguments:-
                                                                            File size:47632 bytes
                                                                            MD5 hash:d18fbf1cbf8eb57b17fac48b7b4be933

                                                                            Process Activities


                                                                            General

                                                                            Start time (UTC):12:18:01
                                                                            Start date (UTC):23/03/2025
                                                                            Path:/bin/fusermount
                                                                            Arguments:fusermount -u -q -z -- /run/user/1000/gvfs
                                                                            File size:39144 bytes
                                                                            MD5 hash:576a1b135c82bdcbc97a91acea900566

                                                                            File Activities

                                                                            Network Activities


                                                                            General

                                                                            Start time (UTC):12:18:02
                                                                            Start date (UTC):23/03/2025
                                                                            Path:/usr/lib/systemd/systemd
                                                                            Arguments:-
                                                                            File size:1620224 bytes
                                                                            MD5 hash:9b2bec7092a40488108543f9334aab75

                                                                            Process Activities


                                                                            General

                                                                            Start time (UTC):12:18:02
                                                                            Start date (UTC):23/03/2025
                                                                            Path:/lib/systemd/systemd-journald
                                                                            Arguments:/lib/systemd/systemd-journald
                                                                            File size:162032 bytes
                                                                            MD5 hash:474667ece6cecb5e04c6eb897a1d0d9e

                                                                            File Activities

                                                                            Process Activities

                                                                            System Activities

                                                                            Network Activities


                                                                            General

                                                                            Start time (UTC):12:18:02
                                                                            Start date (UTC):23/03/2025
                                                                            Path:/usr/lib/systemd/systemd
                                                                            Arguments:-
                                                                            File size:1620224 bytes
                                                                            MD5 hash:9b2bec7092a40488108543f9334aab75

                                                                            Process Activities


                                                                            General

                                                                            Start time (UTC):12:18:02
                                                                            Start date (UTC):23/03/2025
                                                                            Path:/usr/bin/dbus-daemon
                                                                            Arguments:/usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only
                                                                            File size:249032 bytes
                                                                            MD5 hash:3089d47e3f3ab84cd81c48fd406d7a8c

                                                                            File Activities

                                                                            Process Activities

                                                                            Network Activities


                                                                            General

                                                                            Start time (UTC):12:18:02
                                                                            Start date (UTC):23/03/2025
                                                                            Path:/usr/lib/systemd/systemd
                                                                            Arguments:-
                                                                            File size:1620224 bytes
                                                                            MD5 hash:9b2bec7092a40488108543f9334aab75

                                                                            Process Activities


                                                                            General

                                                                            Start time (UTC):12:18:02
                                                                            Start date (UTC):23/03/2025
                                                                            Path:/usr/sbin/rsyslogd
                                                                            Arguments:/usr/sbin/rsyslogd -n -iNONE
                                                                            File size:727248 bytes
                                                                            MD5 hash:0b8087fc907c42eb3c81a691db258e33

                                                                            File Activities

                                                                            Process Activities

                                                                            System Activities

                                                                            Network Activities


                                                                            General

                                                                            Start time (UTC):12:18:06
                                                                            Start date (UTC):23/03/2025
                                                                            Path:/usr/lib/systemd/systemd
                                                                            Arguments:-
                                                                            File size:1620224 bytes
                                                                            MD5 hash:9b2bec7092a40488108543f9334aab75

                                                                            Process Activities


                                                                            General

                                                                            Start time (UTC):12:18:06
                                                                            Start date (UTC):23/03/2025
                                                                            Path:/lib/systemd/systemd-logind
                                                                            Arguments:/lib/systemd/systemd-logind
                                                                            File size:268576 bytes
                                                                            MD5 hash:8dd58a1b4c12f7a1d5fe3ce18b2aaeef

                                                                            File Activities

                                                                            Process Activities

                                                                            Network Activities


                                                                            General

                                                                            Start time (UTC):12:18:06
                                                                            Start date (UTC):23/03/2025
                                                                            Path:/usr/sbin/gdm3
                                                                            Arguments:-
                                                                            File size:453296 bytes
                                                                            MD5 hash:2492e2d8d34f9377e3e530a61a15674f

                                                                            Process Activities


                                                                            General

                                                                            Start time (UTC):12:18:06
                                                                            Start date (UTC):23/03/2025
                                                                            Path:/etc/gdm3/PrimeOff/Default
                                                                            Arguments:/etc/gdm3/PrimeOff/Default
                                                                            File size:129816 bytes
                                                                            MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                            File Activities


                                                                            General

                                                                            Start time (UTC):12:18:06
                                                                            Start date (UTC):23/03/2025
                                                                            Path:/usr/sbin/gdm3
                                                                            Arguments:-
                                                                            File size:453296 bytes
                                                                            MD5 hash:2492e2d8d34f9377e3e530a61a15674f

                                                                            Process Activities


                                                                            General

                                                                            Start time (UTC):12:18:06
                                                                            Start date (UTC):23/03/2025
                                                                            Path:/etc/gdm3/PrimeOff/Default
                                                                            Arguments:/etc/gdm3/PrimeOff/Default
                                                                            File size:129816 bytes
                                                                            MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                            File Activities


                                                                            General

                                                                            Start time (UTC):12:18:06
                                                                            Start date (UTC):23/03/2025
                                                                            Path:/usr/sbin/gdm3
                                                                            Arguments:-
                                                                            File size:453296 bytes
                                                                            MD5 hash:2492e2d8d34f9377e3e530a61a15674f

                                                                            Process Activities


                                                                            General

                                                                            Start time (UTC):12:18:06
                                                                            Start date (UTC):23/03/2025
                                                                            Path:/etc/gdm3/PrimeOff/Default
                                                                            Arguments:/etc/gdm3/PrimeOff/Default
                                                                            File size:129816 bytes
                                                                            MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                            File Activities


                                                                            General

                                                                            Start time (UTC):12:18:12
                                                                            Start date (UTC):23/03/2025
                                                                            Path:/usr/lib/systemd/systemd
                                                                            Arguments:-
                                                                            File size:1620224 bytes
                                                                            MD5 hash:9b2bec7092a40488108543f9334aab75

                                                                            Process Activities


                                                                            General

                                                                            Start time (UTC):12:18:12
                                                                            Start date (UTC):23/03/2025
                                                                            Path:/sbin/agetty
                                                                            Arguments:/sbin/agetty -o "-p -- \\u" --noclear tty2 linux
                                                                            File size:69000 bytes
                                                                            MD5 hash:3a374724ba7e863768139bdd60ca36f7

                                                                            File Activities

                                                                            System Activities

                                                                            Network Activities


                                                                            General

                                                                            Start time (UTC):12:18:07
                                                                            Start date (UTC):23/03/2025
                                                                            Path:/usr/lib/systemd/systemd
                                                                            Arguments:-
                                                                            File size:1620224 bytes
                                                                            MD5 hash:9b2bec7092a40488108543f9334aab75

                                                                            Process Activities


                                                                            General

                                                                            Start time (UTC):12:18:07
                                                                            Start date (UTC):23/03/2025
                                                                            Path:/usr/bin/gpu-manager
                                                                            Arguments:/usr/bin/gpu-manager --log /var/log/gpu-manager.log
                                                                            File size:76616 bytes
                                                                            MD5 hash:8fae9dd5dd67e1f33d873089c2fd8761

                                                                            File Activities

                                                                            Process Activities

                                                                            System Activities


                                                                            General

                                                                            Start time (UTC):12:18:08
                                                                            Start date (UTC):23/03/2025
                                                                            Path:/usr/bin/gpu-manager
                                                                            Arguments:-
                                                                            File size:76616 bytes
                                                                            MD5 hash:8fae9dd5dd67e1f33d873089c2fd8761

                                                                            Process Activities


                                                                            General

                                                                            Start time (UTC):12:18:08
                                                                            Start date (UTC):23/03/2025
                                                                            Path:/bin/sh
                                                                            Arguments:sh -c "grep -G \"^blacklist.*nvidia[[:space:]]*$\" /etc/modprobe.d/*.conf"
                                                                            File size:129816 bytes
                                                                            MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                            File Activities

                                                                            Process Activities


                                                                            General

                                                                            Start time (UTC):12:18:08
                                                                            Start date (UTC):23/03/2025
                                                                            Path:/bin/sh
                                                                            Arguments:-
                                                                            File size:129816 bytes
                                                                            MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                            Process Activities


                                                                            General

                                                                            Start time (UTC):12:18:08
                                                                            Start date (UTC):23/03/2025
                                                                            Path:/usr/bin/grep
                                                                            Arguments:grep -G ^blacklist.*nvidia[[:space:]]*$ /etc/modprobe.d/alsa-base.conf /etc/modprobe.d/amd64-microcode-blacklist.conf /etc/modprobe.d/blacklist-ath_pci.conf /etc/modprobe.d/blacklist-firewire.conf /etc/modprobe.d/blacklist-framebuffer.conf /etc/modprobe.d/blacklist-modem.conf /etc/modprobe.d/blacklist-oss.conf /etc/modprobe.d/blacklist-rare-network.conf /etc/modprobe.d/blacklist.conf /etc/modprobe.d/intel-microcode-blacklist.conf /etc/modprobe.d/iwlwifi.conf /etc/modprobe.d/mdadm.conf
                                                                            File size:199136 bytes
                                                                            MD5 hash:1e6ebb9dd094f774478f72727bdba0f5

                                                                            File Activities


                                                                            General

                                                                            Start time (UTC):12:18:08
                                                                            Start date (UTC):23/03/2025
                                                                            Path:/usr/bin/gpu-manager
                                                                            Arguments:-
                                                                            File size:76616 bytes
                                                                            MD5 hash:8fae9dd5dd67e1f33d873089c2fd8761

                                                                            Process Activities


                                                                            General

                                                                            Start time (UTC):12:18:08
                                                                            Start date (UTC):23/03/2025
                                                                            Path:/bin/sh
                                                                            Arguments:sh -c "grep -G \"^blacklist.*nvidia[[:space:]]*$\" /lib/modprobe.d/*.conf"
                                                                            File size:129816 bytes
                                                                            MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                            File Activities

                                                                            Process Activities


                                                                            General

                                                                            Start time (UTC):12:18:08
                                                                            Start date (UTC):23/03/2025
                                                                            Path:/bin/sh
                                                                            Arguments:-
                                                                            File size:129816 bytes
                                                                            MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                            Process Activities


                                                                            General

                                                                            Start time (UTC):12:18:08
                                                                            Start date (UTC):23/03/2025
                                                                            Path:/usr/bin/grep
                                                                            Arguments:grep -G ^blacklist.*nvidia[[:space:]]*$ /lib/modprobe.d/aliases.conf /lib/modprobe.d/blacklist_linux_5.4.0-72-generic.conf /lib/modprobe.d/blacklist_linux_5.4.0-81-generic.conf /lib/modprobe.d/fbdev-blacklist.conf /lib/modprobe.d/systemd.conf
                                                                            File size:199136 bytes
                                                                            MD5 hash:1e6ebb9dd094f774478f72727bdba0f5

                                                                            File Activities


                                                                            General

                                                                            Start time (UTC):12:18:08
                                                                            Start date (UTC):23/03/2025
                                                                            Path:/usr/bin/gpu-manager
                                                                            Arguments:-
                                                                            File size:76616 bytes
                                                                            MD5 hash:8fae9dd5dd67e1f33d873089c2fd8761

                                                                            Process Activities


                                                                            General

                                                                            Start time (UTC):12:18:08
                                                                            Start date (UTC):23/03/2025
                                                                            Path:/bin/sh
                                                                            Arguments:sh -c "grep -G \"^blacklist.*radeon[[:space:]]*$\" /etc/modprobe.d/*.conf"
                                                                            File size:129816 bytes
                                                                            MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                            File Activities

                                                                            Process Activities


                                                                            General

                                                                            Start time (UTC):12:18:08
                                                                            Start date (UTC):23/03/2025
                                                                            Path:/bin/sh
                                                                            Arguments:-
                                                                            File size:129816 bytes
                                                                            MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                            Process Activities


                                                                            General

                                                                            Start time (UTC):12:18:08
                                                                            Start date (UTC):23/03/2025
                                                                            Path:/usr/bin/grep
                                                                            Arguments:grep -G ^blacklist.*radeon[[:space:]]*$ /etc/modprobe.d/alsa-base.conf /etc/modprobe.d/amd64-microcode-blacklist.conf /etc/modprobe.d/blacklist-ath_pci.conf /etc/modprobe.d/blacklist-firewire.conf /etc/modprobe.d/blacklist-framebuffer.conf /etc/modprobe.d/blacklist-modem.conf /etc/modprobe.d/blacklist-oss.conf /etc/modprobe.d/blacklist-rare-network.conf /etc/modprobe.d/blacklist.conf /etc/modprobe.d/intel-microcode-blacklist.conf /etc/modprobe.d/iwlwifi.conf /etc/modprobe.d/mdadm.conf
                                                                            File size:199136 bytes
                                                                            MD5 hash:1e6ebb9dd094f774478f72727bdba0f5

                                                                            File Activities


                                                                            General

                                                                            Start time (UTC):12:18:08
                                                                            Start date (UTC):23/03/2025
                                                                            Path:/usr/bin/gpu-manager
                                                                            Arguments:-
                                                                            File size:76616 bytes
                                                                            MD5 hash:8fae9dd5dd67e1f33d873089c2fd8761

                                                                            Process Activities


                                                                            General

                                                                            Start time (UTC):12:18:08
                                                                            Start date (UTC):23/03/2025
                                                                            Path:/bin/sh
                                                                            Arguments:sh -c "grep -G \"^blacklist.*radeon[[:space:]]*$\" /lib/modprobe.d/*.conf"
                                                                            File size:129816 bytes
                                                                            MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                            File Activities

                                                                            Process Activities


                                                                            General

                                                                            Start time (UTC):12:18:08
                                                                            Start date (UTC):23/03/2025
                                                                            Path:/bin/sh
                                                                            Arguments:-
                                                                            File size:129816 bytes
                                                                            MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                            Process Activities


                                                                            General

                                                                            Start time (UTC):12:18:08
                                                                            Start date (UTC):23/03/2025
                                                                            Path:/usr/bin/grep
                                                                            Arguments:grep -G ^blacklist.*radeon[[:space:]]*$ /lib/modprobe.d/aliases.conf /lib/modprobe.d/blacklist_linux_5.4.0-72-generic.conf /lib/modprobe.d/blacklist_linux_5.4.0-81-generic.conf /lib/modprobe.d/fbdev-blacklist.conf /lib/modprobe.d/systemd.conf
                                                                            File size:199136 bytes
                                                                            MD5 hash:1e6ebb9dd094f774478f72727bdba0f5

                                                                            File Activities


                                                                            General

                                                                            Start time (UTC):12:18:08
                                                                            Start date (UTC):23/03/2025
                                                                            Path:/usr/bin/gpu-manager
                                                                            Arguments:-
                                                                            File size:76616 bytes
                                                                            MD5 hash:8fae9dd5dd67e1f33d873089c2fd8761

                                                                            Process Activities


                                                                            General

                                                                            Start time (UTC):12:18:09
                                                                            Start date (UTC):23/03/2025
                                                                            Path:/bin/sh
                                                                            Arguments:sh -c "grep -G \"^blacklist.*amdgpu[[:space:]]*$\" /etc/modprobe.d/*.conf"
                                                                            File size:129816 bytes
                                                                            MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                            File Activities

                                                                            Process Activities


                                                                            General

                                                                            Start time (UTC):12:18:09
                                                                            Start date (UTC):23/03/2025
                                                                            Path:/bin/sh
                                                                            Arguments:-
                                                                            File size:129816 bytes
                                                                            MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                            Process Activities


                                                                            General

                                                                            Start time (UTC):12:18:09
                                                                            Start date (UTC):23/03/2025
                                                                            Path:/usr/bin/grep
                                                                            Arguments:grep -G ^blacklist.*amdgpu[[:space:]]*$ /etc/modprobe.d/alsa-base.conf /etc/modprobe.d/amd64-microcode-blacklist.conf /etc/modprobe.d/blacklist-ath_pci.conf /etc/modprobe.d/blacklist-firewire.conf /etc/modprobe.d/blacklist-framebuffer.conf /etc/modprobe.d/blacklist-modem.conf /etc/modprobe.d/blacklist-oss.conf /etc/modprobe.d/blacklist-rare-network.conf /etc/modprobe.d/blacklist.conf /etc/modprobe.d/intel-microcode-blacklist.conf /etc/modprobe.d/iwlwifi.conf /etc/modprobe.d/mdadm.conf
                                                                            File size:199136 bytes
                                                                            MD5 hash:1e6ebb9dd094f774478f72727bdba0f5

                                                                            File Activities


                                                                            General

                                                                            Start time (UTC):12:18:09
                                                                            Start date (UTC):23/03/2025
                                                                            Path:/usr/bin/gpu-manager
                                                                            Arguments:-
                                                                            File size:76616 bytes
                                                                            MD5 hash:8fae9dd5dd67e1f33d873089c2fd8761

                                                                            Process Activities


                                                                            General

                                                                            Start time (UTC):12:18:09
                                                                            Start date (UTC):23/03/2025
                                                                            Path:/bin/sh
                                                                            Arguments:sh -c "grep -G \"^blacklist.*amdgpu[[:space:]]*$\" /lib/modprobe.d/*.conf"
                                                                            File size:129816 bytes
                                                                            MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                            File Activities

                                                                            Process Activities


                                                                            General

                                                                            Start time (UTC):12:18:09
                                                                            Start date (UTC):23/03/2025
                                                                            Path:/bin/sh
                                                                            Arguments:-
                                                                            File size:129816 bytes
                                                                            MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                            Process Activities


                                                                            General

                                                                            Start time (UTC):12:18:09
                                                                            Start date (UTC):23/03/2025
                                                                            Path:/usr/bin/grep
                                                                            Arguments:grep -G ^blacklist.*amdgpu[[:space:]]*$ /lib/modprobe.d/aliases.conf /lib/modprobe.d/blacklist_linux_5.4.0-72-generic.conf /lib/modprobe.d/blacklist_linux_5.4.0-81-generic.conf /lib/modprobe.d/fbdev-blacklist.conf /lib/modprobe.d/systemd.conf
                                                                            File size:199136 bytes
                                                                            MD5 hash:1e6ebb9dd094f774478f72727bdba0f5

                                                                            File Activities


                                                                            General

                                                                            Start time (UTC):12:18:09
                                                                            Start date (UTC):23/03/2025
                                                                            Path:/usr/bin/gpu-manager
                                                                            Arguments:-
                                                                            File size:76616 bytes
                                                                            MD5 hash:8fae9dd5dd67e1f33d873089c2fd8761

                                                                            Process Activities


                                                                            General

                                                                            Start time (UTC):12:18:09
                                                                            Start date (UTC):23/03/2025
                                                                            Path:/bin/sh
                                                                            Arguments:sh -c "grep -G \"^blacklist.*nouveau[[:space:]]*$\" /etc/modprobe.d/*.conf"
                                                                            File size:129816 bytes
                                                                            MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                            File Activities

                                                                            Process Activities


                                                                            General

                                                                            Start time (UTC):12:18:09
                                                                            Start date (UTC):23/03/2025
                                                                            Path:/bin/sh
                                                                            Arguments:-
                                                                            File size:129816 bytes
                                                                            MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                            Process Activities


                                                                            General

                                                                            Start time (UTC):12:18:09
                                                                            Start date (UTC):23/03/2025
                                                                            Path:/usr/bin/grep
                                                                            Arguments:grep -G ^blacklist.*nouveau[[:space:]]*$ /etc/modprobe.d/alsa-base.conf /etc/modprobe.d/amd64-microcode-blacklist.conf /etc/modprobe.d/blacklist-ath_pci.conf /etc/modprobe.d/blacklist-firewire.conf /etc/modprobe.d/blacklist-framebuffer.conf /etc/modprobe.d/blacklist-modem.conf /etc/modprobe.d/blacklist-oss.conf /etc/modprobe.d/blacklist-rare-network.conf /etc/modprobe.d/blacklist.conf /etc/modprobe.d/intel-microcode-blacklist.conf /etc/modprobe.d/iwlwifi.conf /etc/modprobe.d/mdadm.conf
                                                                            File size:199136 bytes
                                                                            MD5 hash:1e6ebb9dd094f774478f72727bdba0f5

                                                                            File Activities


                                                                            General

                                                                            Start time (UTC):12:18:10
                                                                            Start date (UTC):23/03/2025
                                                                            Path:/usr/bin/gpu-manager
                                                                            Arguments:-
                                                                            File size:76616 bytes
                                                                            MD5 hash:8fae9dd5dd67e1f33d873089c2fd8761

                                                                            Process Activities


                                                                            General

                                                                            Start time (UTC):12:18:10
                                                                            Start date (UTC):23/03/2025
                                                                            Path:/bin/sh
                                                                            Arguments:sh -c "grep -G \"^blacklist.*nouveau[[:space:]]*$\" /lib/modprobe.d/*.conf"
                                                                            File size:129816 bytes
                                                                            MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                            File Activities

                                                                            Process Activities


                                                                            General

                                                                            Start time (UTC):12:18:10
                                                                            Start date (UTC):23/03/2025
                                                                            Path:/bin/sh
                                                                            Arguments:-
                                                                            File size:129816 bytes
                                                                            MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                            Process Activities


                                                                            General

                                                                            Start time (UTC):12:18:10
                                                                            Start date (UTC):23/03/2025
                                                                            Path:/usr/bin/grep
                                                                            Arguments:grep -G ^blacklist.*nouveau[[:space:]]*$ /lib/modprobe.d/aliases.conf /lib/modprobe.d/blacklist_linux_5.4.0-72-generic.conf /lib/modprobe.d/blacklist_linux_5.4.0-81-generic.conf /lib/modprobe.d/fbdev-blacklist.conf /lib/modprobe.d/systemd.conf
                                                                            File size:199136 bytes
                                                                            MD5 hash:1e6ebb9dd094f774478f72727bdba0f5

                                                                            File Activities


                                                                            General

                                                                            Start time (UTC):12:18:12
                                                                            Start date (UTC):23/03/2025
                                                                            Path:/usr/lib/systemd/systemd
                                                                            Arguments:-
                                                                            File size:1620224 bytes
                                                                            MD5 hash:9b2bec7092a40488108543f9334aab75

                                                                            Process Activities


                                                                            General

                                                                            Start time (UTC):12:18:12
                                                                            Start date (UTC):23/03/2025
                                                                            Path:/usr/share/gdm/generate-config
                                                                            Arguments:/usr/share/gdm/generate-config
                                                                            File size:129816 bytes
                                                                            MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                            File Activities

                                                                            Process Activities


                                                                            General

                                                                            Start time (UTC):12:18:12
                                                                            Start date (UTC):23/03/2025
                                                                            Path:/usr/share/gdm/generate-config
                                                                            Arguments:-
                                                                            File size:129816 bytes
                                                                            MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                            Process Activities


                                                                            General

                                                                            Start time (UTC):12:18:12
                                                                            Start date (UTC):23/03/2025
                                                                            Path:/usr/bin/pkill
                                                                            Arguments:pkill --signal HUP --uid gdm dconf-service
                                                                            File size:30968 bytes
                                                                            MD5 hash:fa96a75a08109d8842e4865b2907d51f

                                                                            File Activities

                                                                            Network Activities


                                                                            General

                                                                            Start time (UTC):12:18:12
                                                                            Start date (UTC):23/03/2025
                                                                            Path:/usr/lib/systemd/systemd
                                                                            Arguments:-
                                                                            File size:1620224 bytes
                                                                            MD5 hash:9b2bec7092a40488108543f9334aab75

                                                                            Process Activities


                                                                            General

                                                                            Start time (UTC):12:18:12
                                                                            Start date (UTC):23/03/2025
                                                                            Path:/usr/bin/journalctl
                                                                            Arguments:/usr/bin/journalctl --flush
                                                                            File size:80120 bytes
                                                                            MD5 hash:bf3a987344f3bacafc44efd882abda8b

                                                                            File Activities

                                                                            Process Activities

                                                                            Network Activities


                                                                            General

                                                                            Start time (UTC):12:18:17
                                                                            Start date (UTC):23/03/2025
                                                                            Path:/usr/lib/systemd/systemd
                                                                            Arguments:-
                                                                            File size:1620224 bytes
                                                                            MD5 hash:9b2bec7092a40488108543f9334aab75

                                                                            Process Activities


                                                                            General

                                                                            Start time (UTC):12:18:17
                                                                            Start date (UTC):23/03/2025
                                                                            Path:/usr/lib/gdm3/gdm-wait-for-drm
                                                                            Arguments:/usr/lib/gdm3/gdm-wait-for-drm
                                                                            File size:14640 bytes
                                                                            MD5 hash:82043ba752c6930b4e6aaea2f7747545

                                                                            File Activities


                                                                            General

                                                                            Start time (UTC):12:18:27
                                                                            Start date (UTC):23/03/2025
                                                                            Path:/usr/lib/systemd/systemd
                                                                            Arguments:-
                                                                            File size:1620224 bytes
                                                                            MD5 hash:9b2bec7092a40488108543f9334aab75

                                                                            Process Activities


                                                                            General

                                                                            Start time (UTC):12:18:27
                                                                            Start date (UTC):23/03/2025
                                                                            Path:/usr/sbin/gdm3
                                                                            Arguments:/usr/sbin/gdm3
                                                                            File size:453296 bytes
                                                                            MD5 hash:2492e2d8d34f9377e3e530a61a15674f

                                                                            File Activities

                                                                            Process Activities

                                                                            Network Activities


                                                                            General

                                                                            Start time (UTC):12:18:28
                                                                            Start date (UTC):23/03/2025
                                                                            Path:/usr/sbin/gdm3
                                                                            Arguments:-
                                                                            File size:453296 bytes
                                                                            MD5 hash:2492e2d8d34f9377e3e530a61a15674f

                                                                            File Activities

                                                                            Process Activities


                                                                            General

                                                                            Start time (UTC):12:18:28
                                                                            Start date (UTC):23/03/2025
                                                                            Path:/usr/bin/plymouth
                                                                            Arguments:plymouth --ping
                                                                            File size:51352 bytes
                                                                            MD5 hash:87003efd8dad470042f5e75360a8f49f

                                                                            File Activities

                                                                            Network Activities


                                                                            General

                                                                            Start time (UTC):12:18:29
                                                                            Start date (UTC):23/03/2025
                                                                            Path:/usr/sbin/gdm3
                                                                            Arguments:-
                                                                            File size:453296 bytes
                                                                            MD5 hash:2492e2d8d34f9377e3e530a61a15674f

                                                                            File Activities

                                                                            Process Activities

                                                                            Network Activities


                                                                            General

                                                                            Start time (UTC):12:18:29
                                                                            Start date (UTC):23/03/2025
                                                                            Path:/usr/lib/gdm3/gdm-session-worker
                                                                            Arguments:"gdm-session-worker [pam/gdm-launch-environment]"
                                                                            File size:293360 bytes
                                                                            MD5 hash:692243754bd9f38fe9bd7e230b5c060a

                                                                            File Activities

                                                                            Process Activities

                                                                            System Activities

                                                                            Network Activities


                                                                            General

                                                                            Start time (UTC):12:18:32
                                                                            Start date (UTC):23/03/2025
                                                                            Path:/usr/lib/gdm3/gdm-session-worker
                                                                            Arguments:-
                                                                            File size:293360 bytes
                                                                            MD5 hash:692243754bd9f38fe9bd7e230b5c060a

                                                                            Process Activities

                                                                            Network Activities


                                                                            General

                                                                            Start time (UTC):12:18:32
                                                                            Start date (UTC):23/03/2025
                                                                            Path:/usr/lib/gdm3/gdm-wayland-session
                                                                            Arguments:/usr/lib/gdm3/gdm-wayland-session "dbus-run-session -- gnome-session --autostart /usr/share/gdm/greeter/autostart"
                                                                            File size:76368 bytes
                                                                            MD5 hash:d3def63cf1e83f7fb8a0f13b1744ff7c

                                                                            File Activities

                                                                            Process Activities

                                                                            Network Activities


                                                                            General

                                                                            Start time (UTC):12:18:32
                                                                            Start date (UTC):23/03/2025
                                                                            Path:/usr/lib/gdm3/gdm-wayland-session
                                                                            Arguments:-
                                                                            File size:76368 bytes
                                                                            MD5 hash:d3def63cf1e83f7fb8a0f13b1744ff7c

                                                                            File Activities

                                                                            Process Activities


                                                                            General

                                                                            Start time (UTC):12:18:32
                                                                            Start date (UTC):23/03/2025
                                                                            Path:/usr/bin/dbus-daemon
                                                                            Arguments:dbus-daemon --print-address 3 --session
                                                                            File size:249032 bytes
                                                                            MD5 hash:3089d47e3f3ab84cd81c48fd406d7a8c

                                                                            File Activities

                                                                            Process Activities

                                                                            Network Activities


                                                                            General

                                                                            Start time (UTC):12:18:33
                                                                            Start date (UTC):23/03/2025
                                                                            Path:/usr/bin/dbus-daemon
                                                                            Arguments:-
                                                                            File size:249032 bytes
                                                                            MD5 hash:3089d47e3f3ab84cd81c48fd406d7a8c

                                                                            Process Activities


                                                                            General

                                                                            Start time (UTC):12:18:33
                                                                            Start date (UTC):23/03/2025
                                                                            Path:/usr/bin/dbus-daemon
                                                                            Arguments:-
                                                                            File size:249032 bytes
                                                                            MD5 hash:3089d47e3f3ab84cd81c48fd406d7a8c

                                                                            File Activities

                                                                            Process Activities


                                                                            General

                                                                            Start time (UTC):12:18:33
                                                                            Start date (UTC):23/03/2025
                                                                            Path:/bin/false
                                                                            Arguments:/bin/false
                                                                            File size:39256 bytes
                                                                            MD5 hash:3177546c74e4f0062909eae43d948bfc

                                                                            File Activities


                                                                            General

                                                                            Start time (UTC):12:18:33
                                                                            Start date (UTC):23/03/2025
                                                                            Path:/usr/lib/gdm3/gdm-wayland-session
                                                                            Arguments:-
                                                                            File size:76368 bytes
                                                                            MD5 hash:d3def63cf1e83f7fb8a0f13b1744ff7c

                                                                            File Activities

                                                                            Process Activities


                                                                            General

                                                                            Start time (UTC):12:18:33
                                                                            Start date (UTC):23/03/2025
                                                                            Path:/usr/bin/dbus-run-session
                                                                            Arguments:dbus-run-session -- gnome-session --autostart /usr/share/gdm/greeter/autostart
                                                                            File size:14480 bytes
                                                                            MD5 hash:245f3ef6a268850b33b0225a8753b7f4

                                                                            File Activities

                                                                            Process Activities


                                                                            General

                                                                            Start time (UTC):12:18:33
                                                                            Start date (UTC):23/03/2025
                                                                            Path:/usr/bin/dbus-run-session
                                                                            Arguments:-
                                                                            File size:14480 bytes
                                                                            MD5 hash:245f3ef6a268850b33b0225a8753b7f4

                                                                            Process Activities


                                                                            General

                                                                            Start time (UTC):12:18:33
                                                                            Start date (UTC):23/03/2025
                                                                            Path:/usr/bin/dbus-daemon
                                                                            Arguments:dbus-daemon --nofork --print-address 4 --session
                                                                            File size:249032 bytes
                                                                            MD5 hash:3089d47e3f3ab84cd81c48fd406d7a8c

                                                                            File Activities

                                                                            Network Activities


                                                                            General

                                                                            Start time (UTC):12:18:34
                                                                            Start date (UTC):23/03/2025
                                                                            Path:/usr/sbin/gdm3
                                                                            Arguments:-
                                                                            File size:453296 bytes
                                                                            MD5 hash:2492e2d8d34f9377e3e530a61a15674f

                                                                            File Activities

                                                                            Process Activities


                                                                            General

                                                                            Start time (UTC):12:18:34
                                                                            Start date (UTC):23/03/2025
                                                                            Path:/etc/gdm3/PrimeOff/Default
                                                                            Arguments:/etc/gdm3/PrimeOff/Default
                                                                            File size:129816 bytes
                                                                            MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                            File Activities


                                                                            General

                                                                            Start time (UTC):12:18:34
                                                                            Start date (UTC):23/03/2025
                                                                            Path:/usr/sbin/gdm3
                                                                            Arguments:-
                                                                            File size:453296 bytes
                                                                            MD5 hash:2492e2d8d34f9377e3e530a61a15674f

                                                                            File Activities

                                                                            Process Activities


                                                                            General

                                                                            Start time (UTC):12:18:34
                                                                            Start date (UTC):23/03/2025
                                                                            Path:/etc/gdm3/PrimeOff/Default
                                                                            Arguments:/etc/gdm3/PrimeOff/Default
                                                                            File size:129816 bytes
                                                                            MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                            File Activities


                                                                            General

                                                                            Start time (UTC):12:18:28
                                                                            Start date (UTC):23/03/2025
                                                                            Path:/usr/lib/systemd/systemd
                                                                            Arguments:-
                                                                            File size:1620224 bytes
                                                                            MD5 hash:9b2bec7092a40488108543f9334aab75

                                                                            Process Activities


                                                                            General

                                                                            Start time (UTC):12:18:28
                                                                            Start date (UTC):23/03/2025
                                                                            Path:/usr/lib/accountsservice/accounts-daemon
                                                                            Arguments:/usr/lib/accountsservice/accounts-daemon
                                                                            File size:203192 bytes
                                                                            MD5 hash:01a899e3fb5e7e434bea1290255a1f30

                                                                            File Activities

                                                                            Process Activities

                                                                            Network Activities


                                                                            General

                                                                            Start time (UTC):12:18:28
                                                                            Start date (UTC):23/03/2025
                                                                            Path:/usr/lib/accountsservice/accounts-daemon
                                                                            Arguments:-
                                                                            File size:203192 bytes
                                                                            MD5 hash:01a899e3fb5e7e434bea1290255a1f30

                                                                            File Activities

                                                                            Process Activities


                                                                            General

                                                                            Start time (UTC):12:18:28
                                                                            Start date (UTC):23/03/2025
                                                                            Path:/usr/share/language-tools/language-validate
                                                                            Arguments:/usr/share/language-tools/language-validate en_US.UTF-8
                                                                            File size:129816 bytes
                                                                            MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                            File Activities

                                                                            Process Activities


                                                                            General

                                                                            Start time (UTC):12:18:28
                                                                            Start date (UTC):23/03/2025
                                                                            Path:/usr/share/language-tools/language-validate
                                                                            Arguments:-
                                                                            File size:129816 bytes
                                                                            MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                            Process Activities


                                                                            General

                                                                            Start time (UTC):12:18:28
                                                                            Start date (UTC):23/03/2025
                                                                            Path:/usr/share/language-tools/language-options
                                                                            Arguments:/usr/share/language-tools/language-options
                                                                            File size:3478464 bytes
                                                                            MD5 hash:16a21f464119ea7fad1d3660de963637

                                                                            File Activities

                                                                            Process Activities


                                                                            General

                                                                            Start time (UTC):12:18:28
                                                                            Start date (UTC):23/03/2025
                                                                            Path:/usr/share/language-tools/language-options
                                                                            Arguments:-
                                                                            File size:3478464 bytes
                                                                            MD5 hash:16a21f464119ea7fad1d3660de963637

                                                                            Process Activities


                                                                            General

                                                                            Start time (UTC):12:18:28
                                                                            Start date (UTC):23/03/2025
                                                                            Path:/bin/sh
                                                                            Arguments:sh -c "locale -a | grep -F .utf8 "
                                                                            File size:129816 bytes
                                                                            MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                            File Activities

                                                                            Process Activities


                                                                            General

                                                                            Start time (UTC):12:18:28
                                                                            Start date (UTC):23/03/2025
                                                                            Path:/bin/sh
                                                                            Arguments:-
                                                                            File size:129816 bytes
                                                                            MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                            Process Activities


                                                                            General

                                                                            Start time (UTC):12:18:28
                                                                            Start date (UTC):23/03/2025
                                                                            Path:/usr/bin/locale
                                                                            Arguments:locale -a
                                                                            File size:58944 bytes
                                                                            MD5 hash:c72a78792469db86d91369c9057f20d2

                                                                            File Activities


                                                                            General

                                                                            Start time (UTC):12:18:28
                                                                            Start date (UTC):23/03/2025
                                                                            Path:/bin/sh
                                                                            Arguments:-
                                                                            File size:129816 bytes
                                                                            MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                            Process Activities


                                                                            General

                                                                            Start time (UTC):12:18:28
                                                                            Start date (UTC):23/03/2025
                                                                            Path:/usr/bin/grep
                                                                            Arguments:grep -F .utf8
                                                                            File size:199136 bytes
                                                                            MD5 hash:1e6ebb9dd094f774478f72727bdba0f5

                                                                            File Activities


                                                                            General

                                                                            Start time (UTC):12:18:28
                                                                            Start date (UTC):23/03/2025
                                                                            Path:/usr/lib/systemd/systemd
                                                                            Arguments:-
                                                                            File size:1620224 bytes
                                                                            MD5 hash:9b2bec7092a40488108543f9334aab75

                                                                            Process Activities


                                                                            General

                                                                            Start time (UTC):12:18:28
                                                                            Start date (UTC):23/03/2025
                                                                            Path:/usr/lib/policykit-1/polkitd
                                                                            Arguments:/usr/lib/policykit-1/polkitd --no-debug
                                                                            File size:121504 bytes
                                                                            MD5 hash:8efc9b4b5b524210ad2ea1954a9d0e69

                                                                            File Activities

                                                                            Process Activities

                                                                            Network Activities


                                                                            General

                                                                            Start time (UTC):12:19:31
                                                                            Start date (UTC):23/03/2025
                                                                            Path:/usr/lib/systemd/systemd
                                                                            Arguments:-
                                                                            File size:1620224 bytes
                                                                            MD5 hash:9b2bec7092a40488108543f9334aab75

                                                                            Process Activities


                                                                            General

                                                                            Start time (UTC):12:19:31
                                                                            Start date (UTC):23/03/2025
                                                                            Path:/usr/bin/dbus-daemon
                                                                            Arguments:/usr/bin/dbus-daemon --session --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only
                                                                            File size:249032 bytes
                                                                            MD5 hash:3089d47e3f3ab84cd81c48fd406d7a8c

                                                                            File Activities

                                                                            Network Activities


                                                                            General

                                                                            Start time (UTC):12:19:32
                                                                            Start date (UTC):23/03/2025
                                                                            Path:/usr/lib/systemd/systemd
                                                                            Arguments:-
                                                                            File size:1620224 bytes
                                                                            MD5 hash:9b2bec7092a40488108543f9334aab75

                                                                            Process Activities


                                                                            General

                                                                            Start time (UTC):12:19:32
                                                                            Start date (UTC):23/03/2025
                                                                            Path:/usr/bin/pulseaudio
                                                                            Arguments:/usr/bin/pulseaudio --daemonize=no --log-target=journal
                                                                            File size:100832 bytes
                                                                            MD5 hash:0c3b4c789d8ffb12b25507f27e14c186

                                                                            File Activities

                                                                            Process Activities

                                                                            System Activities

                                                                            Network Activities


                                                                            General

                                                                            Start time (UTC):12:19:32
                                                                            Start date (UTC):23/03/2025
                                                                            Path:/usr/lib/systemd/systemd
                                                                            Arguments:-
                                                                            File size:1620224 bytes
                                                                            MD5 hash:9b2bec7092a40488108543f9334aab75

                                                                            Process Activities


                                                                            General

                                                                            Start time (UTC):12:19:32
                                                                            Start date (UTC):23/03/2025
                                                                            Path:/usr/libexec/rtkit-daemon
                                                                            Arguments:/usr/libexec/rtkit-daemon
                                                                            File size:68096 bytes
                                                                            MD5 hash:df0cacf1db4ec95ac70f5b6e06b8ffd7

                                                                            File Activities

                                                                            Process Activities

                                                                            Network Activities