Joe Sandbox Cloud Basic Analysis Report
Create Interactive Tour

Linux Analysis Report
morte.arm.elf

Overview

General Information

Sample name:morte.arm.elf
Analysis ID:1646165
MD5:5eef75a7c56186dcbd885717b0f29ad6
SHA1:f10cb2d6e11ac47e1d193a0e96452a153ac3460c
SHA256:b5eae4525e66181d6a4c48979b143acbda90d5404e8faecc9cb48fd2e1a7723d
Tags:elfuser-abuse_ch
Infos:

Detection

Gafgyt, Okiru
Score:88
Range:0 - 100

Signatures

Multi AV Scanner detection for submitted file
Sample tries to kill a massive number of system processes
Yara detected Gafgyt
Yara detected Okiru
Reads system files that contain records of logged in users
Sample is packed with UPX
Sample reads /proc/mounts (often used for finding a writable filesystem)
Sample tries to kill multiple processes (SIGKILL)
Creates hidden files and/or directories
Deletes log files
Detected TCP or UDP traffic on non-standard ports
ELF contains segments with high entropy indicating compressed/encrypted content
Enumerates processes within the "proc" file system
Executes commands using a shell command-line interpreter
Executes the "grep" command used to find patterns in files or piped streams
Executes the "kill" or "pkill" command typically used to terminate processes
HTTP GET or POST without a user agent
Reads CPU information from /sys indicative of miner or evasive malware
Reads system information from the proc file system
Reads system version information
Reads the 'hosts' file potentially containing internal network hosts
Sample contains only a LOAD segment without any section mappings
Sample listens on a socket
Sample tries to kill a process (SIGKILL)
Sample tries to set the executable flag
Uses the "uname" system call to query kernel version information (possible evasion)

Classification

RansomwareSpreadingPhishingBankerTrojan / BotAdwareSpywareExploiterEvaderMinercleansuspiciousmalicious

General Information

Joe Sandbox version:42.0.0 Malachite
Analysis ID:1646165
Start date and time:2025-03-23 14:02:05 +01:00
Joe Sandbox product:CloudBasic
Overall analysis duration:0h 4m 23s
Hypervisor based Inspection enabled:false
Report type:full
Cookbook file name:defaultlinuxfilecookbook.jbs
Analysis system description:Ubuntu Linux 20.04 x64 (Kernel 5.4.0-72, Firefox 91.0, Evince Document Viewer 3.36.10, LibreOffice 6.4.7.2, OpenJDK 11.0.11)
Analysis Mode:default
Sample name:morte.arm.elf
Detection:MAL
Classification:mal88.spre.troj.evad.linELF@0/46@4/0
  • Connection to analysis system has been lost, crash info: Unknown
  • Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.

Runtime Messages

Command:/tmp/morte.arm.elf
PID:6231
Exit Code:0
Exit Code Info:
Killed:False
Standard Output:
lzrd cock fest"/proc/"/exe
Standard Error:

Process Tree

  • system is lnxubuntu20
  • systemd New Fork (PID: 6244, Parent: 1)
  • journalctl (PID: 6244, Parent: 1, MD5: bf3a987344f3bacafc44efd882abda8b) Arguments: /usr/bin/journalctl --smart-relinquish-var
  • systemd New Fork (PID: 6263, Parent: 1)
  • dbus-daemon (PID: 6263, Parent: 1, MD5: 3089d47e3f3ab84cd81c48fd406d7a8c) Arguments: /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only
  • gdm3 New Fork (PID: 6273, Parent: 1320)
  • Default (PID: 6273, Parent: 1320, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: /etc/gdm3/PrimeOff/Default
  • systemd New Fork (PID: 6280, Parent: 1)
  • rsyslogd (PID: 6280, Parent: 1, MD5: 0b8087fc907c42eb3c81a691db258e33) Arguments: /usr/sbin/rsyslogd -n -iNONE
  • systemd New Fork (PID: 6281, Parent: 1860)
  • pulseaudio (PID: 6281, Parent: 1860, MD5: 0c3b4c789d8ffb12b25507f27e14c186) Arguments: /usr/bin/pulseaudio --daemonize=no --log-target=journal
  • gdm3 New Fork (PID: 6282, Parent: 1320)
  • Default (PID: 6282, Parent: 1320, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: /etc/gdm3/PrimeOff/Default
  • fusermount (PID: 6283, Parent: 2038, MD5: 576a1b135c82bdcbc97a91acea900566) Arguments: fusermount -u -q -z -- /run/user/1000/gvfs
  • gdm3 New Fork (PID: 6284, Parent: 1320)
  • Default (PID: 6284, Parent: 1320, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: /etc/gdm3/PrimeOff/Default
  • systemd New Fork (PID: 6287, Parent: 1)
  • systemd-journald (PID: 6287, Parent: 1, MD5: 474667ece6cecb5e04c6eb897a1d0d9e) Arguments: /lib/systemd/systemd-journald
  • systemd New Fork (PID: 6288, Parent: 1)
  • dbus-daemon (PID: 6288, Parent: 1, MD5: 3089d47e3f3ab84cd81c48fd406d7a8c) Arguments: /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only
  • systemd New Fork (PID: 6293, Parent: 1)
  • rsyslogd (PID: 6293, Parent: 1, MD5: 0b8087fc907c42eb3c81a691db258e33) Arguments: /usr/sbin/rsyslogd -n -iNONE
  • systemd New Fork (PID: 6303, Parent: 1)
  • systemd-logind (PID: 6303, Parent: 1, MD5: 8dd58a1b4c12f7a1d5fe3ce18b2aaeef) Arguments: /lib/systemd/systemd-logind
  • systemd New Fork (PID: 6362, Parent: 1)
  • gpu-manager (PID: 6362, Parent: 1, MD5: 8fae9dd5dd67e1f33d873089c2fd8761) Arguments: /usr/bin/gpu-manager --log /var/log/gpu-manager.log
    • sh (PID: 6363, Parent: 6362, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "grep -G \"^blacklist.*nvidia[[:space:]]*$\" /etc/modprobe.d/*.conf"
      • sh New Fork (PID: 6364, Parent: 6363)
      • grep (PID: 6364, Parent: 6363, MD5: 1e6ebb9dd094f774478f72727bdba0f5) Arguments: grep -G ^blacklist.*nvidia[[:space:]]*$ /etc/modprobe.d/alsa-base.conf /etc/modprobe.d/amd64-microcode-blacklist.conf /etc/modprobe.d/blacklist-ath_pci.conf /etc/modprobe.d/blacklist-firewire.conf /etc/modprobe.d/blacklist-framebuffer.conf /etc/modprobe.d/blacklist-modem.conf /etc/modprobe.d/blacklist-oss.conf /etc/modprobe.d/blacklist-rare-network.conf /etc/modprobe.d/blacklist.conf /etc/modprobe.d/intel-microcode-blacklist.conf /etc/modprobe.d/iwlwifi.conf /etc/modprobe.d/mdadm.conf
    • sh (PID: 6366, Parent: 6362, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "grep -G \"^blacklist.*nvidia[[:space:]]*$\" /lib/modprobe.d/*.conf"
      • sh New Fork (PID: 6367, Parent: 6366)
      • grep (PID: 6367, Parent: 6366, MD5: 1e6ebb9dd094f774478f72727bdba0f5) Arguments: grep -G ^blacklist.*nvidia[[:space:]]*$ /lib/modprobe.d/aliases.conf /lib/modprobe.d/blacklist_linux_5.4.0-72-generic.conf /lib/modprobe.d/blacklist_linux_5.4.0-81-generic.conf /lib/modprobe.d/fbdev-blacklist.conf /lib/modprobe.d/systemd.conf
    • sh (PID: 6369, Parent: 6362, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "grep -G \"^blacklist.*radeon[[:space:]]*$\" /etc/modprobe.d/*.conf"
      • sh New Fork (PID: 6370, Parent: 6369)
      • grep (PID: 6370, Parent: 6369, MD5: 1e6ebb9dd094f774478f72727bdba0f5) Arguments: grep -G ^blacklist.*radeon[[:space:]]*$ /etc/modprobe.d/alsa-base.conf /etc/modprobe.d/amd64-microcode-blacklist.conf /etc/modprobe.d/blacklist-ath_pci.conf /etc/modprobe.d/blacklist-firewire.conf /etc/modprobe.d/blacklist-framebuffer.conf /etc/modprobe.d/blacklist-modem.conf /etc/modprobe.d/blacklist-oss.conf /etc/modprobe.d/blacklist-rare-network.conf /etc/modprobe.d/blacklist.conf /etc/modprobe.d/intel-microcode-blacklist.conf /etc/modprobe.d/iwlwifi.conf /etc/modprobe.d/mdadm.conf
    • sh (PID: 6371, Parent: 6362, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "grep -G \"^blacklist.*radeon[[:space:]]*$\" /lib/modprobe.d/*.conf"
      • sh New Fork (PID: 6372, Parent: 6371)
      • grep (PID: 6372, Parent: 6371, MD5: 1e6ebb9dd094f774478f72727bdba0f5) Arguments: grep -G ^blacklist.*radeon[[:space:]]*$ /lib/modprobe.d/aliases.conf /lib/modprobe.d/blacklist_linux_5.4.0-72-generic.conf /lib/modprobe.d/blacklist_linux_5.4.0-81-generic.conf /lib/modprobe.d/fbdev-blacklist.conf /lib/modprobe.d/systemd.conf
    • sh (PID: 6373, Parent: 6362, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "grep -G \"^blacklist.*amdgpu[[:space:]]*$\" /etc/modprobe.d/*.conf"
      • sh New Fork (PID: 6374, Parent: 6373)
      • grep (PID: 6374, Parent: 6373, MD5: 1e6ebb9dd094f774478f72727bdba0f5) Arguments: grep -G ^blacklist.*amdgpu[[:space:]]*$ /etc/modprobe.d/alsa-base.conf /etc/modprobe.d/amd64-microcode-blacklist.conf /etc/modprobe.d/blacklist-ath_pci.conf /etc/modprobe.d/blacklist-firewire.conf /etc/modprobe.d/blacklist-framebuffer.conf /etc/modprobe.d/blacklist-modem.conf /etc/modprobe.d/blacklist-oss.conf /etc/modprobe.d/blacklist-rare-network.conf /etc/modprobe.d/blacklist.conf /etc/modprobe.d/intel-microcode-blacklist.conf /etc/modprobe.d/iwlwifi.conf /etc/modprobe.d/mdadm.conf
    • sh (PID: 6375, Parent: 6362, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "grep -G \"^blacklist.*amdgpu[[:space:]]*$\" /lib/modprobe.d/*.conf"
      • sh New Fork (PID: 6376, Parent: 6375)
      • grep (PID: 6376, Parent: 6375, MD5: 1e6ebb9dd094f774478f72727bdba0f5) Arguments: grep -G ^blacklist.*amdgpu[[:space:]]*$ /lib/modprobe.d/aliases.conf /lib/modprobe.d/blacklist_linux_5.4.0-72-generic.conf /lib/modprobe.d/blacklist_linux_5.4.0-81-generic.conf /lib/modprobe.d/fbdev-blacklist.conf /lib/modprobe.d/systemd.conf
    • sh (PID: 6377, Parent: 6362, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "grep -G \"^blacklist.*nouveau[[:space:]]*$\" /etc/modprobe.d/*.conf"
      • sh New Fork (PID: 6378, Parent: 6377)
      • grep (PID: 6378, Parent: 6377, MD5: 1e6ebb9dd094f774478f72727bdba0f5) Arguments: grep -G ^blacklist.*nouveau[[:space:]]*$ /etc/modprobe.d/alsa-base.conf /etc/modprobe.d/amd64-microcode-blacklist.conf /etc/modprobe.d/blacklist-ath_pci.conf /etc/modprobe.d/blacklist-firewire.conf /etc/modprobe.d/blacklist-framebuffer.conf /etc/modprobe.d/blacklist-modem.conf /etc/modprobe.d/blacklist-oss.conf /etc/modprobe.d/blacklist-rare-network.conf /etc/modprobe.d/blacklist.conf /etc/modprobe.d/intel-microcode-blacklist.conf /etc/modprobe.d/iwlwifi.conf /etc/modprobe.d/mdadm.conf
    • sh (PID: 6381, Parent: 6362, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "grep -G \"^blacklist.*nouveau[[:space:]]*$\" /lib/modprobe.d/*.conf"
      • sh New Fork (PID: 6382, Parent: 6381)
      • grep (PID: 6382, Parent: 6381, MD5: 1e6ebb9dd094f774478f72727bdba0f5) Arguments: grep -G ^blacklist.*nouveau[[:space:]]*$ /lib/modprobe.d/aliases.conf /lib/modprobe.d/blacklist_linux_5.4.0-72-generic.conf /lib/modprobe.d/blacklist_linux_5.4.0-81-generic.conf /lib/modprobe.d/fbdev-blacklist.conf /lib/modprobe.d/systemd.conf
  • systemd New Fork (PID: 6368, Parent: 1)
  • agetty (PID: 6368, Parent: 1, MD5: 3a374724ba7e863768139bdd60ca36f7) Arguments: /sbin/agetty -o "-p -- \\u" --noclear tty2 linux
  • systemd New Fork (PID: 6383, Parent: 1)
  • generate-config (PID: 6383, Parent: 1, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: /usr/share/gdm/generate-config
    • pkill (PID: 6384, Parent: 6383, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill --signal HUP --uid gdm dconf-service
  • systemd New Fork (PID: 6385, Parent: 1)
  • journalctl (PID: 6385, Parent: 1, MD5: bf3a987344f3bacafc44efd882abda8b) Arguments: /usr/bin/journalctl --flush
  • systemd New Fork (PID: 6390, Parent: 1)
  • gdm-wait-for-drm (PID: 6390, Parent: 1, MD5: 82043ba752c6930b4e6aaea2f7747545) Arguments: /usr/lib/gdm3/gdm-wait-for-drm
  • systemd New Fork (PID: 6396, Parent: 1)
  • gdm3 (PID: 6396, Parent: 1, MD5: 2492e2d8d34f9377e3e530a61a15674f) Arguments: /usr/sbin/gdm3
    • gdm3 New Fork (PID: 6399, Parent: 6396)
    • plymouth (PID: 6399, Parent: 6396, MD5: 87003efd8dad470042f5e75360a8f49f) Arguments: plymouth --ping
    • gdm3 New Fork (PID: 6413, Parent: 6396)
    • gdm-session-worker (PID: 6413, Parent: 6396, MD5: 692243754bd9f38fe9bd7e230b5c060a) Arguments: "gdm-session-worker [pam/gdm-launch-environment]"
      • gdm-wayland-session (PID: 6419, Parent: 6413, MD5: d3def63cf1e83f7fb8a0f13b1744ff7c) Arguments: /usr/lib/gdm3/gdm-wayland-session "dbus-run-session -- gnome-session --autostart /usr/share/gdm/greeter/autostart"
        • dbus-daemon (PID: 6421, Parent: 6419, MD5: 3089d47e3f3ab84cd81c48fd406d7a8c) Arguments: dbus-daemon --print-address 3 --session
          • dbus-daemon New Fork (PID: 6423, Parent: 6421)
            • false (PID: 6424, Parent: 6423, MD5: 3177546c74e4f0062909eae43d948bfc) Arguments: /bin/false
        • dbus-run-session (PID: 6425, Parent: 6419, MD5: 245f3ef6a268850b33b0225a8753b7f4) Arguments: dbus-run-session -- gnome-session --autostart /usr/share/gdm/greeter/autostart
          • dbus-daemon (PID: 6426, Parent: 6425, MD5: 3089d47e3f3ab84cd81c48fd406d7a8c) Arguments: dbus-daemon --nofork --print-address 4 --session
    • gdm3 New Fork (PID: 6427, Parent: 6396)
    • Default (PID: 6427, Parent: 6396, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: /etc/gdm3/PrimeOff/Default
    • gdm3 New Fork (PID: 6428, Parent: 6396)
    • Default (PID: 6428, Parent: 6396, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: /etc/gdm3/PrimeOff/Default
  • systemd New Fork (PID: 6400, Parent: 1)
  • accounts-daemon (PID: 6400, Parent: 1, MD5: 01a899e3fb5e7e434bea1290255a1f30) Arguments: /usr/lib/accountsservice/accounts-daemon
    • language-validate (PID: 6404, Parent: 6400, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: /usr/share/language-tools/language-validate en_US.UTF-8
      • language-options (PID: 6405, Parent: 6404, MD5: 16a21f464119ea7fad1d3660de963637) Arguments: /usr/share/language-tools/language-options
        • sh (PID: 6406, Parent: 6405, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "locale -a | grep -F .utf8 "
          • sh New Fork (PID: 6407, Parent: 6406)
          • locale (PID: 6407, Parent: 6406, MD5: c72a78792469db86d91369c9057f20d2) Arguments: locale -a
          • sh New Fork (PID: 6408, Parent: 6406)
          • grep (PID: 6408, Parent: 6406, MD5: 1e6ebb9dd094f774478f72727bdba0f5) Arguments: grep -F .utf8
  • systemd New Fork (PID: 6409, Parent: 1)
  • polkitd (PID: 6409, Parent: 1, MD5: 8efc9b4b5b524210ad2ea1954a9d0e69) Arguments: /usr/lib/policykit-1/polkitd --no-debug
  • systemd New Fork (PID: 6454, Parent: 1860)
  • dbus-daemon (PID: 6454, Parent: 1860, MD5: 3089d47e3f3ab84cd81c48fd406d7a8c) Arguments: /usr/bin/dbus-daemon --session --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only
  • systemd New Fork (PID: 6455, Parent: 1860)
  • pulseaudio (PID: 6455, Parent: 1860, MD5: 0c3b4c789d8ffb12b25507f27e14c186) Arguments: /usr/bin/pulseaudio --daemonize=no --log-target=journal
  • systemd New Fork (PID: 6456, Parent: 1)
  • rtkit-daemon (PID: 6456, Parent: 1, MD5: df0cacf1db4ec95ac70f5b6e06b8ffd7) Arguments: /usr/libexec/rtkit-daemon
  • cleanup

Malware Threat Intel

Provided by

NameDescriptionAttributionBlogpost URLsLink
Bashlite, GafgytBashlite is a malware family which infects Linux systems in order to launch distributed denial-of-service attacks (DDoS). Originally it was also known under the name Bashdoor, but this term now refers to the exploit method used by the malware. It has been used to launch attacks of up to 400 Gbps.No Attributionhttps://malpedia.caad.fkie.fraunhofer.de/details/elf.bashlite

Yara Signatures

Memory Dumps

SourceRuleDescriptionAuthorStrings
6238.1.00007f2974017000.00007f2974035000.r-x.sdmpJoeSecurity_GafgytYara detected GafgytJoe Security
    6238.1.00007f2974017000.00007f2974035000.r-x.sdmpJoeSecurity_OkiruYara detected OkiruJoe Security
      6234.1.00007f2974017000.00007f2974035000.r-x.sdmpJoeSecurity_GafgytYara detected GafgytJoe Security
        6234.1.00007f2974017000.00007f2974035000.r-x.sdmpJoeSecurity_OkiruYara detected OkiruJoe Security
          6231.1.00007f2974017000.00007f2974035000.r-x.sdmpJoeSecurity_GafgytYara detected GafgytJoe Security
            Click to see the 7 entries

            Suricata Signatures

            No Suricata rule has matched

            Joe Sandbox Signatures

            • AV Detection
            • Bitcoin Miner
            • Networking
            • System Summary
            • Data Obfuscation
            • Persistence and Installation Behavior
            • Hooking and other Techniques for Hiding and Protection
            • Malware Analysis System Evasion
            • Language, Device and Operating System Detection
            • Stealing of Sensitive Information
            • Remote Access Functionality

            Click to jump to signature section

            Show All Signature Results

            AV Detection

            barindex
            Source: morte.arm.elfReversingLabs: Detection: 33%
            Source: /usr/bin/pkill (PID: 6384)Reads CPU info from /sys: /sys/devices/system/cpu/onlineJump to behavior
            Source: /usr/bin/pulseaudio (PID: 6455)Reads CPU info from /sys: /sys/devices/system/cpu/onlineJump to behavior
            Source: global trafficTCP traffic: 192.168.2.23:46292 -> 176.65.142.252:7575
            Source: global trafficHTTP traffic detected: POST /9aadafe2051348cd32033e1cad68f0a5fe46fba3240ac1e6e42158f31b8a1371790c09baf3996b4979fe8e533446c7dedf30f654c68b25357334c66911dc6a9e HTTP/1.1Host: daisy.ubuntu.comAccept: */*Content-Type: application/octet-streamX-Whoopsie-Version: 0.2.69ubuntu0.3Content-Length: 164887Expect: 100-continue
            Source: /usr/sbin/rsyslogd (PID: 6293)Reads hosts file: /etc/hostsJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6234)Socket: 127.0.0.1:256Jump to behavior
            Source: /lib/systemd/systemd-journald (PID: 6287)Socket: unknown address familyJump to behavior
            Source: /usr/sbin/gdm3 (PID: 6396)Socket: unknown address familyJump to behavior
            Source: /usr/bin/dbus-daemon (PID: 6421)Socket: unknown address familyJump to behavior
            Source: unknownTCP traffic detected without corresponding DNS query: 91.189.91.42
            Source: unknownTCP traffic detected without corresponding DNS query: 176.65.142.252
            Source: unknownTCP traffic detected without corresponding DNS query: 176.65.142.252
            Source: unknownTCP traffic detected without corresponding DNS query: 176.65.142.252
            Source: unknownTCP traffic detected without corresponding DNS query: 176.65.142.252
            Source: unknownTCP traffic detected without corresponding DNS query: 176.65.142.252
            Source: unknownTCP traffic detected without corresponding DNS query: 176.65.142.252
            Source: unknownTCP traffic detected without corresponding DNS query: 91.189.91.43
            Source: unknownTCP traffic detected without corresponding DNS query: 109.202.202.202
            Source: unknownTCP traffic detected without corresponding DNS query: 91.189.91.42
            Source: unknownTCP traffic detected without corresponding DNS query: 91.189.91.43
            Source: unknownTCP traffic detected without corresponding DNS query: 109.202.202.202
            Source: unknownTCP traffic detected without corresponding DNS query: 91.189.91.42
            Source: unknownTCP traffic detected without corresponding DNS query: 91.189.91.43
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: global trafficDNS traffic detected: DNS query: daisy.ubuntu.com
            Source: unknownHTTP traffic detected: POST /9aadafe2051348cd32033e1cad68f0a5fe46fba3240ac1e6e42158f31b8a1371790c09baf3996b4979fe8e533446c7dedf30f654c68b25357334c66911dc6a9e HTTP/1.1Host: daisy.ubuntu.comAccept: */*Content-Type: application/octet-streamX-Whoopsie-Version: 0.2.69ubuntu0.3Content-Length: 164887Expect: 100-continue
            Source: morte.arm.elfString found in binary or memory: http://upx.sf.net
            Source: syslog.41.drString found in binary or memory: https://www.rsyslog.com
            Source: unknownNetwork traffic detected: HTTP traffic on port 43928 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 53070 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53070
            Source: unknownNetwork traffic detected: HTTP traffic on port 42836 -> 443

            System Summary

            barindex
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 1 (init), result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 491, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 658, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 720, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 721, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 759, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 761, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 772, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 774, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 777, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 785, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 793, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 797, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 936, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 2, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 3, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 4, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 6, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 9, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 10, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 11, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 12, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 13, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 14, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 15, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 16, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 17, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 18, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 20, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 21, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 22, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 23, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 24, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 25, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 26, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 27, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 28, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 29, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 30, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 35, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 77, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 78, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 79, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 80, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 81, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 82, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 83, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 84, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 85, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 88, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 89, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 91, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 92, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 93, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 94, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 95, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 96, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 97, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 98, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 99, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 100, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 101, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 102, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 103, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 104, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 105, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 106, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 107, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 108, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 109, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 110, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 111, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 112, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 113, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 114, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 115, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 116, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 117, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 118, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 119, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 120, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 121, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 122, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 123, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 124, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 125, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 126, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 127, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 128, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 130, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 132, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 141, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 144, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 157, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 201, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 202, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 203, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 204, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 205, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 206, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 207, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 208, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 209, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 210, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 211, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 212, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 213, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 214, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 215, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 216, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 217, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 218, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 219, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 220, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 221, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 222, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 223, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 224, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 225, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 226, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 227, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 228, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 229, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 230, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 231, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 232, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 233, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 234, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 235, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 236, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 237, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 243, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 248, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 249, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 250, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 251, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 252, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 253, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 254, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 255, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 256, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 257, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 258, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 259, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 260, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 261, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 262, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 263, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 264, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 265, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 266, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 267, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 269, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 270, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 272, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 274, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 278, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 281, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 286, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 322, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 324, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 326, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 327, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 328, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 333, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 346, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 379, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 419, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 420, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 517, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 654, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 655, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 656, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 657, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 667, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 670, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 674, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 675, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 676, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent to PID below 1000: pid: 677, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 1 (init), result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 491, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 658, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 720, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 721, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 759, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 761, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 772, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 774, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 777, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 785, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 793, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 797, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 936, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 1320, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 1334, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 1335, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 1344, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 1860, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 1872, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 1886, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 1983, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 2038, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 2048, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 4334, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 4510, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 6058, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 6216, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 6217, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 6244, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 6263, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 6278, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 6280, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 6281, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 2, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 3, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 4, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 6, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 9, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 10, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 11, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 12, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 13, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 14, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 15, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 16, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 17, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 18, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 20, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 21, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 22, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 23, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 24, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 25, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 26, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 27, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 28, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 29, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 30, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 35, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 77, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 78, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 79, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 80, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 81, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 82, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 83, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 84, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 85, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 88, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 89, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 91, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 92, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 93, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 94, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 95, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 96, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 97, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 98, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 99, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 100, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 101, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 102, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 103, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 104, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 105, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 106, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 107, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 108, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 109, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 110, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 111, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 112, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 113, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 114, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 115, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 116, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 117, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 118, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 119, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 120, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 121, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 122, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 123, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 124, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 125, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 126, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 127, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 128, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 130, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 132, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 141, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 144, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 157, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 201, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 202, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 203, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 204, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 205, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 206, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 207, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 208, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 209, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 210, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 211, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 212, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 213, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 214, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 215, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 216, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 217, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 218, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 219, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 220, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 221, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 222, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 223, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 224, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 225, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 226, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 227, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 228, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 229, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 230, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 231, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 232, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 233, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 234, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 235, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 236, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 237, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 243, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 248, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 249, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 250, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 251, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 252, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 253, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 254, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 255, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 256, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 257, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 258, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 259, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 260, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 261, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 262, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 263, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 264, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 265, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 266, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 267, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 269, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 270, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 272, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 274, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 278, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 281, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 286, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 322, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 324, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 326, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 327, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 328, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 333, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 346, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 379, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 419, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 420, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 517, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 654, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 655, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 656, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 657, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 667, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 670, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 674, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 675, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 676, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 677, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 1207, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 2009, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 2014, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 2180, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 2208, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 2289, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 2302, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 2746, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 2749, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 2761, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 2882, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 3021, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 3088, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 4443, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 4444, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 4445, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 4446, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 4476, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 4479, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 4484, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 6099, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 6178, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 6186, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 6234, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 6236, result: unknownJump to behavior
            Source: LOAD without section mappingsProgram segment: 0x8000
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 1 (init), result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 491, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 658, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 720, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 721, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 759, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 761, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 772, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 774, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 777, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 785, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 793, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 797, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 936, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 1320, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 1334, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 1335, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 1344, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 1860, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 1872, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 1886, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 1983, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 2038, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 2048, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 4334, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 4510, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 6058, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 6216, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 6217, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 6244, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 6263, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 6278, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 6280, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 6281, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 2, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 3, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 4, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 6, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 9, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 10, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 11, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 12, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 13, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 14, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 15, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 16, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 17, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 18, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 20, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 21, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 22, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 23, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 24, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 25, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 26, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 27, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 28, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 29, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 30, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 35, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 77, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 78, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 79, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 80, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 81, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 82, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 83, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 84, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 85, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 88, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 89, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 91, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 92, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 93, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 94, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 95, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 96, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 97, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 98, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 99, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 100, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 101, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 102, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 103, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 104, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 105, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 106, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 107, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 108, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 109, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 110, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 111, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 112, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 113, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 114, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 115, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 116, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 117, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 118, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 119, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 120, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 121, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 122, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 123, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 124, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 125, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 126, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 127, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 128, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 130, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 132, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 141, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 144, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 157, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 201, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 202, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 203, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 204, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 205, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 206, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 207, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 208, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 209, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 210, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 211, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 212, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 213, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 214, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 215, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 216, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 217, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 218, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 219, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 220, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 221, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 222, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 223, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 224, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 225, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 226, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 227, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 228, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 229, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 230, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 231, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 232, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 233, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 234, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 235, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 236, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 237, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 243, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 248, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 249, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 250, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 251, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 252, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 253, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 254, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 255, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 256, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 257, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 258, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 259, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 260, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 261, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 262, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 263, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 264, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 265, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 266, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 267, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 269, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 270, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 272, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 274, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 278, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 281, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 286, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 322, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 324, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 326, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 327, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 328, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 333, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 346, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 379, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 419, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 420, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 517, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 654, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 655, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 656, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 657, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 667, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 670, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 674, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 675, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 676, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 677, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 1207, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 2009, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 2014, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 2180, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 2208, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 2289, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 2302, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 2746, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 2749, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 2761, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 2882, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 3021, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 3088, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 4443, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 4444, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 4445, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 4446, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 4476, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 4479, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 4484, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 6099, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 6178, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 6186, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 6234, result: successfulJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6236)SIGKILL sent: pid: 6236, result: unknownJump to behavior
            Source: classification engineClassification label: mal88.spre.troj.evad.linELF@0/46@4/0

            Data Obfuscation

            barindex
            Source: initial sampleString containing UPX found: $Info: This file is packed with the UPX executable packer http://upx.sf.net $
            Source: initial sampleString containing UPX found: $Info: This file is packed with the UPX executable packer http://upx.sf.net $
            Source: initial sampleString containing UPX found: $Id: UPX 3.94 Copyright (C) 1996-2017 the UPX Team. All Rights Reserved. $

            Persistence and Installation Behavior

            barindex
            Source: /usr/bin/dbus-daemon (PID: 6263)File: /proc/6263/mountsJump to behavior
            Source: /bin/fusermount (PID: 6283)File: /proc/6283/mountsJump to behavior
            Source: /usr/bin/dbus-daemon (PID: 6288)File: /proc/6288/mountsJump to behavior
            Source: /usr/bin/dbus-daemon (PID: 6421)File: /proc/6421/mountsJump to behavior
            Source: /usr/bin/dbus-daemon (PID: 6454)File: /proc/6454/mountsJump to behavior
            Source: /lib/systemd/systemd-journald (PID: 6287)File: /run/systemd/journal/streams/.#9:76811XASBcBJump to behavior
            Source: /lib/systemd/systemd-journald (PID: 6287)File: /run/systemd/journal/streams/.#9:76812yFNu7CJump to behavior
            Source: /lib/systemd/systemd-journald (PID: 6287)File: /run/systemd/journal/streams/.#9:76815PmpAYCJump to behavior
            Source: /lib/systemd/systemd-journald (PID: 6287)File: /run/systemd/journal/streams/.#9:76816eFdrFBJump to behavior
            Source: /lib/systemd/systemd-journald (PID: 6287)File: /run/systemd/journal/streams/.#9:76817xO0cGBJump to behavior
            Source: /lib/systemd/systemd-journald (PID: 6287)File: /run/systemd/journal/streams/.#9:76818cMlD7yJump to behavior
            Source: /lib/systemd/systemd-journald (PID: 6287)File: /run/systemd/journal/streams/.#9:76820N6hwxAJump to behavior
            Source: /lib/systemd/systemd-journald (PID: 6287)File: /run/systemd/journal/streams/.#9:76827YkPiDBJump to behavior
            Source: /lib/systemd/systemd-journald (PID: 6287)File: /run/systemd/journal/streams/.#9:76828S35TrzJump to behavior
            Source: /lib/systemd/systemd-journald (PID: 6287)File: /run/systemd/journal/streams/.#9:768377kSoABJump to behavior
            Source: /lib/systemd/systemd-journald (PID: 6287)File: /run/systemd/journal/streams/.#9:76838UuAq3BJump to behavior
            Source: /lib/systemd/systemd-journald (PID: 6287)File: /run/systemd/journal/streams/.#9:76839vo1HDAJump to behavior
            Source: /lib/systemd/systemd-journald (PID: 6287)File: /run/systemd/journal/streams/.#9:76855J69rnAJump to behavior
            Source: /lib/systemd/systemd-journald (PID: 6287)File: /run/systemd/journal/streams/.#9:76856zBZ50zJump to behavior
            Source: /lib/systemd/systemd-journald (PID: 6287)File: /run/systemd/journal/streams/.#9:76702SFeE6CJump to behavior
            Source: /lib/systemd/systemd-journald (PID: 6287)File: /run/systemd/journal/streams/.#9:76800oyJCLBJump to behavior
            Source: /lib/systemd/systemd-journald (PID: 6287)File: /run/systemd/journal/streams/.#9:77853z8DseBJump to behavior
            Source: /lib/systemd/systemd-journald (PID: 6287)File: /run/systemd/journal/streams/.#9:77892vQwMSCJump to behavior
            Source: /lib/systemd/systemd-journald (PID: 6287)File: /run/systemd/journal/streams/.#9:77894IjobECJump to behavior
            Source: /lib/systemd/systemd-journald (PID: 6287)File: /run/systemd/journal/streams/.#9:77932hgoamAJump to behavior
            Source: /lib/systemd/systemd-journald (PID: 6287)File: /run/systemd/journal/streams/.#9:77933gsbGEzJump to behavior
            Source: /lib/systemd/systemd-journald (PID: 6287)File: /run/systemd/journal/streams/.#9:780256uJKIAJump to behavior
            Source: /lib/systemd/systemd-journald (PID: 6287)File: /run/systemd/journal/streams/.#9:78029flvYVzJump to behavior
            Source: /lib/systemd/systemd-journald (PID: 6287)File: /run/systemd/journal/streams/.#9:78048beXvIzJump to behavior
            Source: /lib/systemd/systemd-logind (PID: 6303)Directory: <invalid fd (18)>/..Jump to behavior
            Source: /lib/systemd/systemd-logind (PID: 6303)Directory: <invalid fd (17)>/..Jump to behavior
            Source: /lib/systemd/systemd-logind (PID: 6303)File: /run/systemd/seats/.#seat0SMDpAMJump to behavior
            Source: /lib/systemd/systemd-logind (PID: 6303)File: /run/systemd/users/.#127gCXlXLJump to behavior
            Source: /lib/systemd/systemd-logind (PID: 6303)File: /run/systemd/users/.#127wxyJROJump to behavior
            Source: /lib/systemd/systemd-logind (PID: 6303)File: /run/systemd/seats/.#seat04YZeQNJump to behavior
            Source: /lib/systemd/systemd-logind (PID: 6303)File: /run/systemd/users/.#127zUpnNLJump to behavior
            Source: /lib/systemd/systemd-logind (PID: 6303)File: /run/systemd/users/.#127iAQyeQJump to behavior
            Source: /lib/systemd/systemd-logind (PID: 6303)File: /run/systemd/users/.#127O9bsfPJump to behavior
            Source: /usr/lib/gdm3/gdm-wayland-session (PID: 6419)Directory: /var/lib/gdm3/.cacheJump to behavior
            Source: /usr/lib/accountsservice/accounts-daemon (PID: 6400)Directory: /var/lib/gdm3/.pam_environmentJump to behavior
            Source: /usr/lib/accountsservice/accounts-daemon (PID: 6400)Directory: /root/.cacheJump to behavior
            Source: /usr/lib/policykit-1/polkitd (PID: 6409)Directory: /root/.cacheJump to behavior
            Source: /usr/bin/pkill (PID: 6384)File opened: /proc/6234/statusJump to behavior
            Source: /usr/bin/pkill (PID: 6384)File opened: /proc/6234/cmdlineJump to behavior
            Source: /usr/bin/pkill (PID: 6384)File opened: /proc/6236/statusJump to behavior
            Source: /usr/bin/pkill (PID: 6384)File opened: /proc/6236/cmdlineJump to behavior
            Source: /usr/bin/pkill (PID: 6384)File opened: /proc/3088/statusJump to behavior
            Source: /usr/bin/pkill (PID: 6384)File opened: /proc/3088/cmdlineJump to behavior
            Source: /usr/bin/pkill (PID: 6384)File opened: /proc/230/statusJump to behavior
            Source: /usr/bin/pkill (PID: 6384)File opened: /proc/230/cmdlineJump to behavior
            Source: /usr/bin/pkill (PID: 6384)File opened: /proc/110/statusJump to behavior
            Source: /usr/bin/pkill (PID: 6384)File opened: /proc/110/cmdlineJump to behavior
            Source: /usr/bin/pkill (PID: 6384)File opened: /proc/231/statusJump to behavior
            Source: /usr/bin/pkill (PID: 6384)File opened: /proc/231/cmdlineJump to behavior
            Source: /usr/bin/pkill (PID: 6384)File opened: /proc/111/statusJump to behavior
            Source: /usr/bin/pkill (PID: 6384)File opened: /proc/111/cmdlineJump to behavior
            Source: /usr/bin/pkill (PID: 6384)File opened: /proc/232/statusJump to behavior
            Source: /usr/bin/pkill (PID: 6384)File opened: /proc/232/cmdlineJump to behavior
            Source: /usr/bin/pkill (PID: 6384)File opened: /proc/112/statusJump to behavior
            Source: /usr/bin/pkill (PID: 6384)File opened: /proc/112/cmdlineJump to behavior
            Source: /usr/bin/pkill (PID: 6384)File opened: /proc/233/statusJump to behavior
            Source: /usr/bin/pkill (PID: 6384)File opened: /proc/233/cmdlineJump to behavior
            Source: /usr/bin/pkill (PID: 6384)File opened: /proc/113/statusJump to behavior
            Source: /usr/bin/pkill (PID: 6384)File opened: /proc/113/cmdlineJump to behavior
            Source: /usr/bin/pkill (PID: 6384)File opened: /proc/234/statusJump to behavior
            Source: /usr/bin/pkill (PID: 6384)File opened: /proc/234/cmdlineJump to behavior
            Source: /usr/bin/pkill (PID: 6384)File opened: /proc/1335/statusJump to behavior
            Source: /usr/bin/pkill (PID: 6384)File opened: /proc/1335/cmdlineJump to behavior
            Source: /usr/bin/pkill (PID: 6384)File opened: /proc/114/statusJump to behavior
            Source: /usr/bin/pkill (PID: 6384)File opened: /proc/114/cmdlineJump to behavior
            Source: /usr/bin/pkill (PID: 6384)File opened: /proc/235/statusJump to behavior
            Source: /usr/bin/pkill (PID: 6384)File opened: /proc/235/cmdlineJump to behavior
            Source: /usr/bin/pkill (PID: 6384)File opened: /proc/1334/statusJump to behavior
            Source: /usr/bin/pkill (PID: 6384)File opened: /proc/1334/cmdlineJump to behavior
            Source: /usr/bin/pkill (PID: 6384)File opened: /proc/2302/statusJump to behavior
            Source: /usr/bin/pkill (PID: 6384)File opened: /proc/2302/cmdlineJump to behavior
            Source: /usr/bin/pkill (PID: 6384)File opened: /proc/115/statusJump to behavior
            Source: /usr/bin/pkill (PID: 6384)File opened: /proc/115/cmdlineJump to behavior
            Source: /usr/bin/pkill (PID: 6384)File opened: /proc/236/statusJump to behavior
            Source: /usr/bin/pkill (PID: 6384)File opened: /proc/236/cmdlineJump to behavior
            Source: /usr/bin/pkill (PID: 6384)File opened: /proc/116/statusJump to behavior
            Source: /usr/bin/pkill (PID: 6384)File opened: /proc/116/cmdlineJump to behavior
            Source: /usr/bin/pkill (PID: 6384)File opened: /proc/237/statusJump to behavior
            Source: /usr/bin/pkill (PID: 6384)File opened: /proc/237/cmdlineJump to behavior
            Source: /usr/bin/pkill (PID: 6384)File opened: /proc/117/statusJump to behavior
            Source: /usr/bin/pkill (PID: 6384)File opened: /proc/117/cmdlineJump to behavior
            Source: /usr/bin/pkill (PID: 6384)File opened: /proc/118/statusJump to behavior
            Source: /usr/bin/pkill (PID: 6384)File opened: /proc/118/cmdlineJump to behavior
            Source: /usr/bin/pkill (PID: 6384)File opened: /proc/910/statusJump to behavior
            Source: /usr/bin/pkill (PID: 6384)File opened: /proc/910/cmdlineJump to behavior
            Source: /usr/bin/pkill (PID: 6384)File opened: /proc/119/statusJump to behavior
            Source: /usr/bin/pkill (PID: 6384)File opened: /proc/119/cmdlineJump to behavior
            Source: /usr/bin/pkill (PID: 6384)File opened: /proc/10/statusJump to behavior
            Source: /usr/bin/pkill (PID: 6384)File opened: /proc/10/cmdlineJump to behavior
            Source: /usr/bin/pkill (PID: 6384)File opened: /proc/11/statusJump to behavior
            Source: /usr/bin/pkill (PID: 6384)File opened: /proc/11/cmdlineJump to behavior
            Source: /usr/bin/pkill (PID: 6384)File opened: /proc/12/statusJump to behavior
            Source: /usr/bin/pkill (PID: 6384)File opened: /proc/12/cmdlineJump to behavior
            Source: /usr/bin/pkill (PID: 6384)File opened: /proc/13/statusJump to behavior
            Source: /usr/bin/pkill (PID: 6384)File opened: /proc/13/cmdlineJump to behavior
            Source: /usr/bin/pkill (PID: 6384)File opened: /proc/14/statusJump to behavior
            Source: /usr/bin/pkill (PID: 6384)File opened: /proc/14/cmdlineJump to behavior
            Source: /usr/bin/pkill (PID: 6384)File opened: /proc/15/statusJump to behavior
            Source: /usr/bin/pkill (PID: 6384)File opened: /proc/15/cmdlineJump to behavior
            Source: /usr/bin/pkill (PID: 6384)File opened: /proc/16/statusJump to behavior
            Source: /usr/bin/pkill (PID: 6384)File opened: /proc/16/cmdlineJump to behavior
            Source: /usr/bin/pkill (PID: 6384)File opened: /proc/17/statusJump to behavior
            Source: /usr/bin/pkill (PID: 6384)File opened: /proc/17/cmdlineJump to behavior
            Source: /usr/bin/pkill (PID: 6384)File opened: /proc/6368/statusJump to behavior
            Source: /usr/bin/pkill (PID: 6384)File opened: /proc/6368/cmdlineJump to behavior
            Source: /usr/bin/pkill (PID: 6384)File opened: /proc/18/statusJump to behavior
            Source: /usr/bin/pkill (PID: 6384)File opened: /proc/18/cmdlineJump to behavior
            Source: /usr/bin/pkill (PID: 6384)File opened: /proc/120/statusJump to behavior
            Source: /usr/bin/pkill (PID: 6384)File opened: /proc/120/cmdlineJump to behavior
            Source: /usr/bin/pkill (PID: 6384)File opened: /proc/121/statusJump to behavior
            Source: /usr/bin/pkill (PID: 6384)File opened: /proc/121/cmdlineJump to behavior
            Source: /usr/bin/pkill (PID: 6384)File opened: /proc/1/statusJump to behavior
            Source: /usr/bin/pkill (PID: 6384)File opened: /proc/1/cmdlineJump to behavior
            Source: /usr/bin/pkill (PID: 6384)File opened: /proc/122/statusJump to behavior
            Source: /usr/bin/pkill (PID: 6384)File opened: /proc/122/cmdlineJump to behavior
            Source: /usr/bin/pkill (PID: 6384)File opened: /proc/243/statusJump to behavior
            Source: /usr/bin/pkill (PID: 6384)File opened: /proc/243/cmdlineJump to behavior
            Source: /usr/bin/pkill (PID: 6384)File opened: /proc/123/statusJump to behavior
            Source: /usr/bin/pkill (PID: 6384)File opened: /proc/123/cmdlineJump to behavior
            Source: /usr/bin/pkill (PID: 6384)File opened: /proc/2/statusJump to behavior
            Source: /usr/bin/pkill (PID: 6384)File opened: /proc/2/cmdlineJump to behavior
            Source: /usr/bin/pkill (PID: 6384)File opened: /proc/124/statusJump to behavior
            Source: /usr/bin/pkill (PID: 6384)File opened: /proc/124/cmdlineJump to behavior
            Source: /usr/bin/pkill (PID: 6384)File opened: /proc/3/statusJump to behavior
            Source: /usr/bin/pkill (PID: 6384)File opened: /proc/3/cmdlineJump to behavior
            Source: /usr/bin/pkill (PID: 6384)File opened: /proc/4/statusJump to behavior
            Source: /usr/bin/pkill (PID: 6384)File opened: /proc/4/cmdlineJump to behavior
            Source: /usr/bin/pkill (PID: 6384)File opened: /proc/125/statusJump to behavior
            Source: /usr/bin/pkill (PID: 6384)File opened: /proc/125/cmdlineJump to behavior
            Source: /usr/bin/pkill (PID: 6384)File opened: /proc/126/statusJump to behavior
            Source: /usr/bin/pkill (PID: 6384)File opened: /proc/126/cmdlineJump to behavior
            Source: /usr/bin/pkill (PID: 6384)File opened: /proc/248/statusJump to behavior
            Source: /usr/bin/pkill (PID: 6384)File opened: /proc/248/cmdlineJump to behavior
            Source: /usr/bin/pkill (PID: 6384)File opened: /proc/6/statusJump to behavior
            Source: /usr/bin/pkill (PID: 6384)File opened: /proc/6/cmdlineJump to behavior
            Source: /usr/bin/pkill (PID: 6384)File opened: /proc/127/statusJump to behavior
            Source: /usr/bin/pkill (PID: 6384)File opened: /proc/127/cmdlineJump to behavior
            Source: /usr/bin/pkill (PID: 6384)File opened: /proc/128/statusJump to behavior
            Source: /usr/bin/pkill (PID: 6384)File opened: /proc/128/cmdlineJump to behavior
            Source: /usr/bin/pkill (PID: 6384)File opened: /proc/249/statusJump to behavior
            Source: /usr/bin/pkill (PID: 6384)File opened: /proc/249/cmdlineJump to behavior
            Source: /usr/bin/pkill (PID: 6384)File opened: /proc/9/statusJump to behavior
            Source: /usr/bin/pkill (PID: 6384)File opened: /proc/9/cmdlineJump to behavior
            Source: /usr/bin/gpu-manager (PID: 6363)Shell command executed: sh -c "grep -G \"^blacklist.*nvidia[[:space:]]*$\" /etc/modprobe.d/*.conf"Jump to behavior
            Source: /usr/bin/gpu-manager (PID: 6366)Shell command executed: sh -c "grep -G \"^blacklist.*nvidia[[:space:]]*$\" /lib/modprobe.d/*.conf"Jump to behavior
            Source: /usr/bin/gpu-manager (PID: 6369)Shell command executed: sh -c "grep -G \"^blacklist.*radeon[[:space:]]*$\" /etc/modprobe.d/*.conf"Jump to behavior
            Source: /usr/bin/gpu-manager (PID: 6371)Shell command executed: sh -c "grep -G \"^blacklist.*radeon[[:space:]]*$\" /lib/modprobe.d/*.conf"Jump to behavior
            Source: /usr/bin/gpu-manager (PID: 6373)Shell command executed: sh -c "grep -G \"^blacklist.*amdgpu[[:space:]]*$\" /etc/modprobe.d/*.conf"Jump to behavior
            Source: /usr/bin/gpu-manager (PID: 6375)Shell command executed: sh -c "grep -G \"^blacklist.*amdgpu[[:space:]]*$\" /lib/modprobe.d/*.conf"Jump to behavior
            Source: /usr/bin/gpu-manager (PID: 6377)Shell command executed: sh -c "grep -G \"^blacklist.*nouveau[[:space:]]*$\" /etc/modprobe.d/*.conf"Jump to behavior
            Source: /usr/bin/gpu-manager (PID: 6381)Shell command executed: sh -c "grep -G \"^blacklist.*nouveau[[:space:]]*$\" /lib/modprobe.d/*.conf"Jump to behavior
            Source: /usr/share/language-tools/language-options (PID: 6406)Shell command executed: sh -c "locale -a | grep -F .utf8 "Jump to behavior
            Source: /bin/sh (PID: 6364)Grep executable: /usr/bin/grep -> grep -G ^blacklist.*nvidia[[:space:]]*$ /etc/modprobe.d/alsa-base.conf /etc/modprobe.d/amd64-microcode-blacklist.conf /etc/modprobe.d/blacklist-ath_pci.conf /etc/modprobe.d/blacklist-firewire.conf /etc/modprobe.d/blacklist-framebuffer.conf /etc/modprobe.d/blacklist-modem.conf /etc/modprobe.d/blacklist-oss.conf /etc/modprobe.d/blacklist-rare-network.conf /etc/modprobe.d/blacklist.conf /etc/modprobe.d/intel-microcode-blacklist.conf /etc/modprobe.d/iwlwifi.conf /etc/modprobe.d/mdadm.confJump to behavior
            Source: /bin/sh (PID: 6367)Grep executable: /usr/bin/grep -> grep -G ^blacklist.*nvidia[[:space:]]*$ /lib/modprobe.d/aliases.conf /lib/modprobe.d/blacklist_linux_5.4.0-72-generic.conf /lib/modprobe.d/blacklist_linux_5.4.0-81-generic.conf /lib/modprobe.d/fbdev-blacklist.conf /lib/modprobe.d/systemd.confJump to behavior
            Source: /bin/sh (PID: 6370)Grep executable: /usr/bin/grep -> grep -G ^blacklist.*radeon[[:space:]]*$ /etc/modprobe.d/alsa-base.conf /etc/modprobe.d/amd64-microcode-blacklist.conf /etc/modprobe.d/blacklist-ath_pci.conf /etc/modprobe.d/blacklist-firewire.conf /etc/modprobe.d/blacklist-framebuffer.conf /etc/modprobe.d/blacklist-modem.conf /etc/modprobe.d/blacklist-oss.conf /etc/modprobe.d/blacklist-rare-network.conf /etc/modprobe.d/blacklist.conf /etc/modprobe.d/intel-microcode-blacklist.conf /etc/modprobe.d/iwlwifi.conf /etc/modprobe.d/mdadm.confJump to behavior
            Source: /bin/sh (PID: 6372)Grep executable: /usr/bin/grep -> grep -G ^blacklist.*radeon[[:space:]]*$ /lib/modprobe.d/aliases.conf /lib/modprobe.d/blacklist_linux_5.4.0-72-generic.conf /lib/modprobe.d/blacklist_linux_5.4.0-81-generic.conf /lib/modprobe.d/fbdev-blacklist.conf /lib/modprobe.d/systemd.confJump to behavior
            Source: /bin/sh (PID: 6374)Grep executable: /usr/bin/grep -> grep -G ^blacklist.*amdgpu[[:space:]]*$ /etc/modprobe.d/alsa-base.conf /etc/modprobe.d/amd64-microcode-blacklist.conf /etc/modprobe.d/blacklist-ath_pci.conf /etc/modprobe.d/blacklist-firewire.conf /etc/modprobe.d/blacklist-framebuffer.conf /etc/modprobe.d/blacklist-modem.conf /etc/modprobe.d/blacklist-oss.conf /etc/modprobe.d/blacklist-rare-network.conf /etc/modprobe.d/blacklist.conf /etc/modprobe.d/intel-microcode-blacklist.conf /etc/modprobe.d/iwlwifi.conf /etc/modprobe.d/mdadm.confJump to behavior
            Source: /bin/sh (PID: 6376)Grep executable: /usr/bin/grep -> grep -G ^blacklist.*amdgpu[[:space:]]*$ /lib/modprobe.d/aliases.conf /lib/modprobe.d/blacklist_linux_5.4.0-72-generic.conf /lib/modprobe.d/blacklist_linux_5.4.0-81-generic.conf /lib/modprobe.d/fbdev-blacklist.conf /lib/modprobe.d/systemd.confJump to behavior
            Source: /bin/sh (PID: 6378)Grep executable: /usr/bin/grep -> grep -G ^blacklist.*nouveau[[:space:]]*$ /etc/modprobe.d/alsa-base.conf /etc/modprobe.d/amd64-microcode-blacklist.conf /etc/modprobe.d/blacklist-ath_pci.conf /etc/modprobe.d/blacklist-firewire.conf /etc/modprobe.d/blacklist-framebuffer.conf /etc/modprobe.d/blacklist-modem.conf /etc/modprobe.d/blacklist-oss.conf /etc/modprobe.d/blacklist-rare-network.conf /etc/modprobe.d/blacklist.conf /etc/modprobe.d/intel-microcode-blacklist.conf /etc/modprobe.d/iwlwifi.conf /etc/modprobe.d/mdadm.confJump to behavior
            Source: /bin/sh (PID: 6382)Grep executable: /usr/bin/grep -> grep -G ^blacklist.*nouveau[[:space:]]*$ /lib/modprobe.d/aliases.conf /lib/modprobe.d/blacklist_linux_5.4.0-72-generic.conf /lib/modprobe.d/blacklist_linux_5.4.0-81-generic.conf /lib/modprobe.d/fbdev-blacklist.conf /lib/modprobe.d/systemd.confJump to behavior
            Source: /bin/sh (PID: 6408)Grep executable: /usr/bin/grep -> grep -F .utf8Jump to behavior
            Source: /usr/share/gdm/generate-config (PID: 6384)Pkill executable: /usr/bin/pkill -> pkill --signal HUP --uid gdm dconf-serviceJump to behavior
            Source: /lib/systemd/systemd-journald (PID: 6287)Reads from proc file: /proc/meminfoJump to behavior
            Source: /sbin/agetty (PID: 6368)Reads version info: /etc/issueJump to behavior
            Source: /usr/sbin/gdm3 (PID: 6396)File: /var/run/gdm3 (bits: - usr: -x grp: x all: rwx)Jump to behavior
            Source: /usr/sbin/gdm3 (PID: 6396)File: /var/log/gdm3 (bits: - usr: -x grp: x all: rwx)Jump to behavior
            Source: /usr/lib/accountsservice/accounts-daemon (PID: 6400)File: /var/lib/AccountsService/icons (bits: - usr: rx grp: rwx all: rwx)Jump to behavior
            Source: /usr/lib/accountsservice/accounts-daemon (PID: 6400)File: /var/lib/AccountsService/users (bits: - usr: - grp: - all: rwx)Jump to behavior
            Source: /usr/sbin/rsyslogd (PID: 6293)Log file created: /var/log/kern.logJump to dropped file
            Source: /usr/sbin/rsyslogd (PID: 6293)Log file created: /var/log/auth.logJump to dropped file
            Source: /usr/bin/gpu-manager (PID: 6362)Log file created: /var/log/gpu-manager.logJump to dropped file
            Source: morte.arm.elfSubmission file: segment LOAD with 7.9813 entropy (max. 8.0)
            Source: /usr/bin/gpu-manager (PID: 6362)Truncated file: /var/log/gpu-manager.logJump to behavior
            Source: /usr/bin/pkill (PID: 6384)Reads CPU info from /sys: /sys/devices/system/cpu/onlineJump to behavior
            Source: /usr/bin/pulseaudio (PID: 6455)Reads CPU info from /sys: /sys/devices/system/cpu/onlineJump to behavior
            Source: /tmp/morte.arm.elf (PID: 6231)Queries kernel information via 'uname': Jump to behavior
            Source: /usr/sbin/rsyslogd (PID: 6280)Queries kernel information via 'uname': Jump to behavior
            Source: /lib/systemd/systemd-journald (PID: 6287)Queries kernel information via 'uname': Jump to behavior
            Source: /usr/sbin/rsyslogd (PID: 6293)Queries kernel information via 'uname': Jump to behavior
            Source: /usr/bin/gpu-manager (PID: 6362)Queries kernel information via 'uname': Jump to behavior
            Source: /sbin/agetty (PID: 6368)Queries kernel information via 'uname': Jump to behavior
            Source: /usr/lib/gdm3/gdm-session-worker (PID: 6413)Queries kernel information via 'uname': Jump to behavior
            Source: /usr/bin/pulseaudio (PID: 6455)Queries kernel information via 'uname': Jump to behavior
            Source: morte.arm.elf, 6231.1.00007ffffcb54000.00007ffffcb75000.rw-.sdmp, morte.arm.elf, 6234.1.00007ffffcb54000.00007ffffcb75000.rw-.sdmp, morte.arm.elf, 6236.1.00007ffffcb54000.00007ffffcb75000.rw-.sdmp, morte.arm.elf, 6238.1.00007ffffcb54000.00007ffffcb75000.rw-.sdmpBinary or memory string: x86_64/usr/bin/qemu-arm/tmp/morte.arm.elfSUDO_USER=saturninoPATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/binDISPLAY=:1.0XAUTHORITY=/run/user/1000/gdm/XauthoritySUDO_UID=1000TERM=xterm-256colorCOLORTERM=truecolorLOGNAME=rootUSER=rootLANG=en_US.UTF-8SUDO_COMMAND=/bin/bashHOME=/rootMAIL=/var/mail/rootSUDO_GID=1000SHELL=/bin/bash/tmp/morte.arm.elf
            Source: morte.arm.elf, 6236.1.00007ffffcb54000.00007ffffcb75000.rw-.sdmpBinary or memory string: /tmp/qemu-open.XjUDBH
            Source: morte.arm.elf, 6231.1.000055611869d000.000055611882b000.rw-.sdmp, morte.arm.elf, 6234.1.000055611869d000.000055611882b000.rw-.sdmp, morte.arm.elf, 6236.1.000055611869d000.000055611882b000.rw-.sdmp, morte.arm.elf, 6238.1.000055611869d000.000055611882b000.rw-.sdmpBinary or memory string: /etc/qemu-binfmt/arm
            Source: morte.arm.elf, 6231.1.00007ffffcb54000.00007ffffcb75000.rw-.sdmp, morte.arm.elf, 6234.1.00007ffffcb54000.00007ffffcb75000.rw-.sdmp, morte.arm.elf, 6236.1.00007ffffcb54000.00007ffffcb75000.rw-.sdmp, morte.arm.elf, 6238.1.00007ffffcb54000.00007ffffcb75000.rw-.sdmpBinary or memory string: /usr/bin/qemu-arm
            Source: morte.arm.elf, 6236.1.00007ffffcb54000.00007ffffcb75000.rw-.sdmpBinary or memory string: aU/tmp/qemu-open.XjUDBH
            Source: morte.arm.elf, 6231.1.000055611869d000.000055611882b000.rw-.sdmp, morte.arm.elf, 6234.1.000055611869d000.000055611882b000.rw-.sdmp, morte.arm.elf, 6236.1.000055611869d000.000055611882b000.rw-.sdmp, morte.arm.elf, 6238.1.000055611869d000.000055611882b000.rw-.sdmpBinary or memory string: aU!/etc/qemu-binfmt/arm

            Language, Device and Operating System Detection

            barindex
            Source: /usr/lib/accountsservice/accounts-daemon (PID: 6400)Logged in records file read: /var/log/wtmpJump to behavior

            Stealing of Sensitive Information

            barindex
            Source: Yara matchFile source: 6238.1.00007f2974017000.00007f2974035000.r-x.sdmp, type: MEMORY
            Source: Yara matchFile source: 6234.1.00007f2974017000.00007f2974035000.r-x.sdmp, type: MEMORY
            Source: Yara matchFile source: 6231.1.00007f2974017000.00007f2974035000.r-x.sdmp, type: MEMORY
            Source: Yara matchFile source: 6236.1.00007f2974017000.00007f2974035000.r-x.sdmp, type: MEMORY
            Source: Yara matchFile source: 6238.1.00007f2974017000.00007f2974035000.r-x.sdmp, type: MEMORY
            Source: Yara matchFile source: 6234.1.00007f2974017000.00007f2974035000.r-x.sdmp, type: MEMORY
            Source: Yara matchFile source: 6231.1.00007f2974017000.00007f2974035000.r-x.sdmp, type: MEMORY
            Source: Yara matchFile source: 6236.1.00007f2974017000.00007f2974035000.r-x.sdmp, type: MEMORY
            Source: Yara matchFile source: Process Memory Space: morte.arm.elf PID: 6231, type: MEMORYSTR
            Source: Yara matchFile source: Process Memory Space: morte.arm.elf PID: 6234, type: MEMORYSTR
            Source: Yara matchFile source: Process Memory Space: morte.arm.elf PID: 6236, type: MEMORYSTR
            Source: Yara matchFile source: Process Memory Space: morte.arm.elf PID: 6238, type: MEMORYSTR

            Remote Access Functionality

            barindex
            Source: Yara matchFile source: 6238.1.00007f2974017000.00007f2974035000.r-x.sdmp, type: MEMORY
            Source: Yara matchFile source: 6234.1.00007f2974017000.00007f2974035000.r-x.sdmp, type: MEMORY
            Source: Yara matchFile source: 6231.1.00007f2974017000.00007f2974035000.r-x.sdmp, type: MEMORY
            Source: Yara matchFile source: 6236.1.00007f2974017000.00007f2974035000.r-x.sdmp, type: MEMORY
            Source: Yara matchFile source: 6238.1.00007f2974017000.00007f2974035000.r-x.sdmp, type: MEMORY
            Source: Yara matchFile source: 6234.1.00007f2974017000.00007f2974035000.r-x.sdmp, type: MEMORY
            Source: Yara matchFile source: 6231.1.00007f2974017000.00007f2974035000.r-x.sdmp, type: MEMORY
            Source: Yara matchFile source: 6236.1.00007f2974017000.00007f2974035000.r-x.sdmp, type: MEMORY
            Source: Yara matchFile source: Process Memory Space: morte.arm.elf PID: 6231, type: MEMORYSTR
            Source: Yara matchFile source: Process Memory Space: morte.arm.elf PID: 6234, type: MEMORYSTR
            Source: Yara matchFile source: Process Memory Space: morte.arm.elf PID: 6236, type: MEMORYSTR
            Source: Yara matchFile source: Process Memory Space: morte.arm.elf PID: 6238, type: MEMORYSTR

            Mitre Att&ck Matrix

            ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
            Gather Victim Identity Information1
            Scripting            		Valid AccountsWindows Management Instrumentation1
            Scripting            		Path Interception1
            File and Directory Permissions Modification            		1
            OS Credential Dumping            		11
            Security Software Discovery            		Remote ServicesData from Local System1
            Encrypted Channel            		Exfiltration Over Other Network Medium2
            Service Stop
            CredentialsDomainsDefault AccountsScheduled Task/JobBoot or Logon Initialization ScriptsBoot or Logon Initialization Scripts1
            Disable or Modify Tools            		LSASS Memory1
            System Owner/User Discovery            		Remote Desktop ProtocolData from Removable Media1
            Non-Standard Port            		Exfiltration Over BluetoothNetwork Denial of Service
            Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)Logon Script (Windows)1
            Hidden Files and Directories            		Security Account Manager11
            File and Directory Discovery            		SMB/Windows Admin SharesData from Network Shared Drive2
            Non-Application Layer Protocol            		Automated ExfiltrationData Encrypted for Impact
            Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin Hook11
            Obfuscated Files or Information            		NTDS3
            System Information Discovery            		Distributed Component Object ModelInput Capture3
            Application Layer Protocol            		Traffic DuplicationData Destruction
            Gather Victim Network InformationServerCloud AccountsLaunchdNetwork Logon ScriptNetwork Logon Script1
            Indicator Removal            		LSA SecretsInternet Connection DiscoverySSHKeyloggingFallback ChannelsScheduled TransferData Encrypted for Impact

            Malware Configuration

            No configs have been found

            Behavior Graph

            Hide Legend

            Legend:

            • Process
            • Signature
            • Created File
            • DNS/IP Info
            • Is Dropped
            • Number of created Files
            • Is malicious
            • Internet
            behaviorgraph top1 dnsIp2 2 Behavior Graph ID: 1646165 Sample: morte.arm.elf Startdate: 23/03/2025 Architecture: LINUX Score: 88 77 176.65.142.252, 46292, 7575 WEBTRAFFICDE Germany 2->77 79 109.202.202.202, 80 INIT7CH Switzerland 2->79 81 4 other IPs or domains 2->81 87 Multi AV Scanner detection for submitted file 2->87 89 Yara detected Okiru 2->89 91 Yara detected Gafgyt 2->91 93 Sample is packed with UPX 2->93 11 systemd gdm3 2->11         started        13 systemd gpu-manager 2->13         started        15 morte.arm.elf 2->15         started        17 21 other processes 2->17 signatures3 process4 file5 21 gdm3 gdm-session-worker 11->21         started        35 3 other processes 11->35 23 gpu-manager sh 13->23         started        25 gpu-manager sh 13->25         started        27 gpu-manager sh 13->27         started        37 5 other processes 13->37 29 morte.arm.elf 15->29         started        75 /var/log/wtmp, data 17->75 dropped 83 Sample reads /proc/mounts (often used for finding a writable filesystem) 17->83 85 Reads system files that contain records of logged in users 17->85 31 accounts-daemon language-validate 17->31         started        33 generate-config pkill 17->33         started        signatures6 process7 process8 39 gdm-session-worker gdm-wayland-session 21->39         started        41 sh grep 23->41         started        43 sh grep 25->43         started        45 sh grep 27->45         started        47 morte.arm.elf 29->47         started        50 morte.arm.elf 29->50         started        52 language-validate language-options 31->52         started        54 sh grep 37->54         started        56 4 other processes 37->56 signatures9 58 gdm-wayland-session dbus-daemon 39->58         started        61 gdm-wayland-session dbus-run-session 39->61         started        97 Sample tries to kill a massive number of system processes 47->97 99 Sample tries to kill multiple processes (SIGKILL) 47->99 63 language-options sh 52->63         started        process10 signatures11 95 Sample reads /proc/mounts (often used for finding a writable filesystem) 58->95 65 dbus-daemon 58->65         started        67 dbus-run-session dbus-daemon 61->67         started        69 sh locale 63->69         started        71 sh grep 63->71         started        process12 process13 73 dbus-daemon false 65->73         started       

            Antivirus, Machine Learning and Genetic Malware Detection

            Initial Sample

            SourceDetectionScannerLabelLink
            morte.arm.elf33%ReversingLabsLinux.Backdoor.Bushido

            Dropped Files

            No Antivirus matches

            Domains

            No Antivirus matches

            URLs

            No Antivirus matches

            Domains and IPs

            Download Network PCAP: filteredfull

            Contacted Domains

            NameIPActiveMaliciousAntivirus DetectionReputation
            daisy.ubuntu.com
            		162.213.35.24
            		truefalse
              		high

              Contacted URLs

              NameMaliciousAntivirus DetectionReputation
              https://daisy.ubuntu.com/9aadafe2051348cd32033e1cad68f0a5fe46fba3240ac1e6e42158f31b8a1371790c09baf3996b4979fe8e533446c7dedf30f654c68b25357334c66911dc6a9efalse
                		high
                NameSourceMaliciousAntivirus DetectionReputation
                https://www.rsyslog.comsyslog.41.drfalse
                  		high
                  http://upx.sf.netmorte.arm.elffalse
                    		high

                    World Map of Contacted IPs

                    • No. of IPs < 25%
                    • 25% < No. of IPs < 50%
                    • 50% < No. of IPs < 75%
                    • 75% < No. of IPs

                    Public IPs

                    IPDomainCountryFlagASNASN NameMalicious
                    162.213.35.25
                    		unknownUnited States
                    		41231CANONICAL-ASGBfalse
                    176.65.142.252
                    		unknownGermany
                    		8649WEBTRAFFICDEfalse
                    109.202.202.202
                    		unknownSwitzerland
                    		13030INIT7CHfalse
                    91.189.91.43
                    		unknownUnited Kingdom
                    		41231CANONICAL-ASGBfalse
                    91.189.91.42
                    		unknownUnited Kingdom
                    		41231CANONICAL-ASGBfalse

                    Joe Sandbox View / Context

                    IPs

                    MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                    162.213.35.25rjfe686.elfGet hashmaliciousUnknownBrowse
                      weje64.elfGet hashmaliciousUnknownBrowse
                        vjwe68k.elfGet hashmaliciousUnknownBrowse
                          eehah4.elfGet hashmaliciousUnknownBrowse
                            drea4.elfGet hashmaliciousUnknownBrowse
                              rrrdsl.elfGet hashmaliciousUnknownBrowse
                                Aqua.arm7.elfGet hashmaliciousMiraiBrowse
                                  weje64.elfGet hashmaliciousUnknownBrowse
                                    efefa7.elfGet hashmaliciousMiraiBrowse
                                      Aqua.arm7.elfGet hashmaliciousMiraiBrowse
                                        176.65.142.252morte.x86.elfGet hashmaliciousOkiruBrowse
                                          morte.m68k.elfGet hashmaliciousGafgyt, OkiruBrowse
                                            morte.ppc.elfGet hashmaliciousOkiruBrowse
                                              morte.mpsl.elfGet hashmaliciousGafgyt, OkiruBrowse
                                                morte.x64.elfGet hashmaliciousGafgyt, OkiruBrowse
                                                  morte.ppc.elfGet hashmaliciousUnknownBrowse
                                                    morte.mpsl.elfGet hashmaliciousUnknownBrowse
                                                      raw_cbot.exeGet hashmaliciousUnknownBrowse
                                                        raw_cbot.exeGet hashmaliciousUnknownBrowse
                                                          109.202.202.202kpLwzBouH4.elfGet hashmaliciousUnknownBrowse
                                                          • ch.archive.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_92.0%2bbuild3-0ubuntu0.20.04.1_amd64.deb
                                                          91.189.91.43na.elfGet hashmaliciousPrometeiBrowse
                                                            na.elfGet hashmaliciousPrometeiBrowse
                                                              na.elfGet hashmaliciousPrometeiBrowse
                                                                Aqua.mips.elfGet hashmaliciousUnknownBrowse
                                                                  na.elfGet hashmaliciousPrometeiBrowse
                                                                    morte.m68k.elfGet hashmaliciousGafgyt, OkiruBrowse
                                                                      na.elfGet hashmaliciousPrometeiBrowse
                                                                        na.elfGet hashmaliciousPrometeiBrowse
                                                                          na.elfGet hashmaliciousPrometeiBrowse
                                                                            .i.elfGet hashmaliciousUnknownBrowse

                                                                              Domains

                                                                              MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                              daisy.ubuntu.commorte.arm6.elfGet hashmaliciousGafgyt, OkiruBrowse
                                                                              • 162.213.35.24
                                                                              morte.m68k.elfGet hashmaliciousGafgyt, OkiruBrowse
                                                                              • 162.213.35.25
                                                                              sshd.elfGet hashmaliciousUnknownBrowse
                                                                              • 162.213.35.25
                                                                              arm6.elfGet hashmaliciousMiraiBrowse
                                                                              • 162.213.35.24
                                                                              .i.elfGet hashmaliciousUnknownBrowse
                                                                              • 162.213.35.25
                                                                              drea4.elfGet hashmaliciousUnknownBrowse
                                                                              • 162.213.35.25
                                                                              efea6.elfGet hashmaliciousUnknownBrowse
                                                                              • 162.213.35.25
                                                                              boatnet.ppc.elfGet hashmaliciousMiraiBrowse
                                                                              • 162.213.35.25
                                                                              boatnet.m68k.elfGet hashmaliciousMiraiBrowse
                                                                              • 162.213.35.24
                                                                              boatnet.arm7.elfGet hashmaliciousMiraiBrowse
                                                                              • 162.213.35.25

                                                                              ASNs

                                                                              MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                              CANONICAL-ASGBna.elfGet hashmaliciousPrometeiBrowse
                                                                              • 91.189.91.42
                                                                              na.elfGet hashmaliciousPrometeiBrowse
                                                                              • 91.189.91.42
                                                                              na.elfGet hashmaliciousPrometeiBrowse
                                                                              • 91.189.91.42
                                                                              Aqua.mips.elfGet hashmaliciousUnknownBrowse
                                                                              • 91.189.91.42
                                                                              na.elfGet hashmaliciousPrometeiBrowse
                                                                              • 91.189.91.42
                                                                              morte.m68k.elfGet hashmaliciousGafgyt, OkiruBrowse
                                                                              • 91.189.91.42
                                                                              na.elfGet hashmaliciousPrometeiBrowse
                                                                              • 91.189.91.42
                                                                              na.elfGet hashmaliciousPrometeiBrowse
                                                                              • 91.189.91.42
                                                                              na.elfGet hashmaliciousPrometeiBrowse
                                                                              • 91.189.91.42
                                                                              .i.elfGet hashmaliciousUnknownBrowse
                                                                              • 91.189.91.42
                                                                              CANONICAL-ASGBna.elfGet hashmaliciousPrometeiBrowse
                                                                              • 91.189.91.42
                                                                              na.elfGet hashmaliciousPrometeiBrowse
                                                                              • 91.189.91.42
                                                                              na.elfGet hashmaliciousPrometeiBrowse
                                                                              • 91.189.91.42
                                                                              Aqua.mips.elfGet hashmaliciousUnknownBrowse
                                                                              • 91.189.91.42
                                                                              na.elfGet hashmaliciousPrometeiBrowse
                                                                              • 91.189.91.42
                                                                              morte.m68k.elfGet hashmaliciousGafgyt, OkiruBrowse
                                                                              • 91.189.91.42
                                                                              na.elfGet hashmaliciousPrometeiBrowse
                                                                              • 91.189.91.42
                                                                              na.elfGet hashmaliciousPrometeiBrowse
                                                                              • 91.189.91.42
                                                                              na.elfGet hashmaliciousPrometeiBrowse
                                                                              • 91.189.91.42
                                                                              .i.elfGet hashmaliciousUnknownBrowse
                                                                              • 91.189.91.42
                                                                              WEBTRAFFICDEmorte.x86.elfGet hashmaliciousOkiruBrowse
                                                                              • 176.65.142.252
                                                                              morte.m68k.elfGet hashmaliciousGafgyt, OkiruBrowse
                                                                              • 176.65.142.252
                                                                              morte.ppc.elfGet hashmaliciousOkiruBrowse
                                                                              • 176.65.142.252
                                                                              morte.mpsl.elfGet hashmaliciousGafgyt, OkiruBrowse
                                                                              • 176.65.142.252
                                                                              morte.x64.elfGet hashmaliciousGafgyt, OkiruBrowse
                                                                              • 176.65.142.252
                                                                              morte.ppc.elfGet hashmaliciousUnknownBrowse
                                                                              • 176.65.142.252
                                                                              morte.mpsl.elfGet hashmaliciousUnknownBrowse
                                                                              • 176.65.142.252
                                                                              file2.bin.exeGet hashmaliciousRHADAMANTHYSBrowse
                                                                              • 176.65.142.216
                                                                              file3.bin.exeGet hashmaliciousRHADAMANTHYSBrowse
                                                                              • 176.65.142.209
                                                                              087296f1dee69c2624b2eddca0f347c520eb5afc96080203.vstm.ps1Get hashmaliciousRHADAMANTHYSBrowse
                                                                              • 176.65.142.209
                                                                              INIT7CHna.elfGet hashmaliciousPrometeiBrowse
                                                                              • 109.202.202.202
                                                                              na.elfGet hashmaliciousPrometeiBrowse
                                                                              • 109.202.202.202
                                                                              na.elfGet hashmaliciousPrometeiBrowse
                                                                              • 109.202.202.202
                                                                              Aqua.mips.elfGet hashmaliciousUnknownBrowse
                                                                              • 109.202.202.202
                                                                              na.elfGet hashmaliciousPrometeiBrowse
                                                                              • 109.202.202.202
                                                                              morte.m68k.elfGet hashmaliciousGafgyt, OkiruBrowse
                                                                              • 109.202.202.202
                                                                              na.elfGet hashmaliciousPrometeiBrowse
                                                                              • 109.202.202.202
                                                                              na.elfGet hashmaliciousPrometeiBrowse
                                                                              • 109.202.202.202
                                                                              na.elfGet hashmaliciousPrometeiBrowse
                                                                              • 109.202.202.202
                                                                              .i.elfGet hashmaliciousUnknownBrowse
                                                                              • 109.202.202.202
                                                                              CANONICAL-ASGBna.elfGet hashmaliciousPrometeiBrowse
                                                                              • 91.189.91.42
                                                                              na.elfGet hashmaliciousPrometeiBrowse
                                                                              • 91.189.91.42
                                                                              na.elfGet hashmaliciousPrometeiBrowse
                                                                              • 91.189.91.42
                                                                              Aqua.mips.elfGet hashmaliciousUnknownBrowse
                                                                              • 91.189.91.42
                                                                              na.elfGet hashmaliciousPrometeiBrowse
                                                                              • 91.189.91.42
                                                                              morte.m68k.elfGet hashmaliciousGafgyt, OkiruBrowse
                                                                              • 91.189.91.42
                                                                              na.elfGet hashmaliciousPrometeiBrowse
                                                                              • 91.189.91.42
                                                                              na.elfGet hashmaliciousPrometeiBrowse
                                                                              • 91.189.91.42
                                                                              na.elfGet hashmaliciousPrometeiBrowse
                                                                              • 91.189.91.42
                                                                              .i.elfGet hashmaliciousUnknownBrowse
                                                                              • 91.189.91.42

                                                                              JA3 Fingerprints

                                                                              No context

                                                                              Dropped Files

                                                                              No context

                                                                              Created / dropped Files

                                                                              Process:/usr/bin/pulseaudio
                                                                              File Type:ASCII text
                                                                              Category:dropped
                                                                              Size (bytes):10
                                                                              Entropy (8bit):2.9219280948873623
                                                                              Encrypted:false
                                                                              SSDEEP:3:5bkPn:pkP
                                                                              MD5:FF001A15CE15CF062A3704CEA2991B5F
                                                                              SHA1:B06F6855F376C3245B82212AC73ADED55DFE5DEF
                                                                              SHA-256:C54830B41ECFA1B6FBDC30397188DDA86B7B200E62AEAC21AE694A6192DCC38A
                                                                              SHA-512:65EBF7C31F6F65713CE01B38A112E97D0AE64A6BD1DA40CE4C1B998F10CD3912EE1A48BB2B279B24493062118AAB3B8753742E2AF28E56A31A7AAB27DE80E7BF
                                                                              Malicious:false
                                                                              Reputation:moderate, very likely benign file
                                                                              Preview:auto_null.
                                                                              Process:/usr/bin/pulseaudio
                                                                              File Type:ASCII text
                                                                              Category:dropped
                                                                              Size (bytes):18
                                                                              Entropy (8bit):3.4613201402110088
                                                                              Encrypted:false
                                                                              SSDEEP:3:5bkrIZsXvn:pkckv
                                                                              MD5:28FE6435F34B3367707BB1C5D5F6B430
                                                                              SHA1:EB8FE2D16BD6BBCCE106C94E4D284543B2573CF6
                                                                              SHA-256:721A37C69E555799B41D308849E8F8125441883AB021B723FED90A9B744F36C0
                                                                              SHA-512:6B6AB7C0979629D0FEF6BE47C5C6BCC367EDD0AAE3FC973F4DE2FD5F0A819C89E7656DB65D453B1B5398E54012B27EDFE02894AD87A7E0AF3A9C5F2EB24A9919
                                                                              Malicious:false
                                                                              Reputation:moderate, very likely benign file
                                                                              Preview:auto_null.monitor.
                                                                              Process:/usr/bin/dbus-daemon
                                                                              File Type:very short file (no magic)
                                                                              Category:dropped
                                                                              Size (bytes):1
                                                                              Entropy (8bit):0.0
                                                                              Encrypted:false
                                                                              SSDEEP:3:V:V
                                                                              MD5:CFCD208495D565EF66E7DFF9F98764DA
                                                                              SHA1:B6589FC6AB0DC82CF12099D1C2D40AB994E8410C
                                                                              SHA-256:5FECEB66FFC86F38D952786C6D696C79C2DBC239DD4E91B46729D73A27FB57E9
                                                                              SHA-512:31BCA02094EB78126A517B206A88C73CFA9EC6F704C7030D18212CACE820F025F00BF0EA68DBF3F3A5436CA63B53BF7BF80AD8D5DE7D8359D0B7FED9DBC3AB99
                                                                              Malicious:false
                                                                              Reputation:high, very likely benign file
                                                                              Preview:0
                                                                              Process:/usr/sbin/gdm3
                                                                              File Type:ASCII text
                                                                              Category:dropped
                                                                              Size (bytes):5
                                                                              Entropy (8bit):1.9219280948873623
                                                                              Encrypted:false
                                                                              SSDEEP:3:Xj:z
                                                                              MD5:33527F59735A918ED7B0F100007A2043
                                                                              SHA1:C0D55F1DD6FB879ED50EDD68AD8FF1A5179287CC
                                                                              SHA-256:650FA2286D50A071D6EC309786D3B2AB22397BDC77B7B94FF4BBC0946E72EE88
                                                                              SHA-512:2B200E5DA8EB0309FE3DCFE2973774CB28DBFF18D0685CB2E1282E6D0CCE3135ED92E07C8B7C056E63DDBE37D8A047A35C4570211D8DE07C97D0A27006AC2F42
                                                                              Malicious:false
                                                                              Reputation:low
                                                                              Preview:6396.
                                                                              Process:/lib/systemd/systemd-journald
                                                                              File Type:ASCII text
                                                                              Category:dropped
                                                                              Size (bytes):199
                                                                              Entropy (8bit):5.406866077437401
                                                                              Encrypted:false
                                                                              SSDEEP:6:SbFuFyLVIg1BAf+M8Q/Anbovs2rqjNTZD:qgFq6g1af+M8MAM02rwTZD
                                                                              MD5:958CDAC012898DB8B8D6788A963AC980
                                                                              SHA1:BF8855041A4768C8186666196C8300A0107429E3
                                                                              SHA-256:F0AF2044C98D12C44ADA63DF154C35021E9003C8892AB2D3291DC5BA5EE4EBAE
                                                                              SHA-512:A5176000D42F9967A47D162AA300FA0EF666E560C4FBF9A4EA4B0584C44C93B07E74582125E6891B42E11B6F265E34177B16FA0B50EE033ACDBD8E13BC9BA55E
                                                                              Malicious:false
                                                                              Reputation:low
                                                                              Preview:# This is private data. Do not parse.PRIORITY=30.LEVEL_PREFIX=1.FORWARD_TO_SYSLOG=1.FORWARD_TO_KMSG=0.FORWARD_TO_CONSOLE=0.STREAM_ID=3390a40f65ff48bea699c587fffcd183.IDENTIFIER=gdm3.UNIT=gdm.service.
                                                                              Process:/lib/systemd/systemd-journald
                                                                              File Type:ASCII text
                                                                              Category:dropped
                                                                              Size (bytes):222
                                                                              Entropy (8bit):5.429151040481559
                                                                              Encrypted:false
                                                                              SSDEEP:6:SbFuFyLVIg1BG+f+MWTczKHqSc1ZjLTTIWTIL:qgFq6g10+f+MWTczKHQjEWEL
                                                                              MD5:D4ED2AB475BF1BF6931BFE1E1992C427
                                                                              SHA1:57265DC44AD746E04EAD800AED88081521B95978
                                                                              SHA-256:116E3F3C5D63E3EEB1330855B448CBC679B82F767962E3E37A796AF1E1D5D287
                                                                              SHA-512:14694BBD1F2C1D7B34528E56CC13211DFB48B69C4DB0B66DF16B658DE5623CF027E4CECC29EDC72E3102E95D6C792421DE801CF5196AB048337127C327163EE6
                                                                              Malicious:false
                                                                              Preview:# This is private data. Do not parse.PRIORITY=30.LEVEL_PREFIX=1.FORWARD_TO_SYSLOG=0.FORWARD_TO_KMSG=0.FORWARD_TO_CONSOLE=0.STREAM_ID=1a24d069c6124d4995af357fab5b9aea.IDENTIFIER=accounts-daemon.UNIT=accounts-daemon.service.
                                                                              Process:/lib/systemd/systemd-journald
                                                                              File Type:ASCII text
                                                                              Category:dropped
                                                                              Size (bytes):223
                                                                              Entropy (8bit):5.543983642269634
                                                                              Encrypted:false
                                                                              SSDEEP:3:SbFVVmFyinKMsPOYsn9ms954Hh6SnLAqC+h6KV+h6CQzuxmoGAVkYQf6+sjs7Lbr:SbFuFyLVIg1BG+f+MoGAVDQKji4s
                                                                              MD5:6BE2D16739CF39A5BC46D7A9529206FF
                                                                              SHA1:BA181570331841F766BE83907B6F1B64D042781E
                                                                              SHA-256:514F835C3C16672BE4F42C77B918B79FD8716B9D67A36723291608FC9D260899
                                                                              SHA-512:B266A8BA05447E8209414FB9184684F525BC6164E0F220D9C55D4823D0928CD9508BD3A80FEF3BA4901443B8384E5ADEE6A875E814057FC9C2CB786BB33215BA
                                                                              Malicious:false
                                                                              Preview:# This is private data. Do not parse.PRIORITY=30.LEVEL_PREFIX=1.FORWARD_TO_SYSLOG=0.FORWARD_TO_KMSG=0.FORWARD_TO_CONSOLE=0.STREAM_ID=b190b7e74de143ba85c371d56fb2380c.IDENTIFIER=journalctl.UNIT=systemd-journal-flush.service.
                                                                              Process:/lib/systemd/systemd-journald
                                                                              File Type:ASCII text
                                                                              Category:dropped
                                                                              Size (bytes):207
                                                                              Entropy (8bit):5.38208280257116
                                                                              Encrypted:false
                                                                              SSDEEP:3:SbFVVmFyinKMsPOYsn9ms954Hh6SnLAqC+h6KV+h6CQzuxmoRcAVDdRNlXSv8jsc:SbFuFyLVIg1BG+f+MorVDWv8josQu
                                                                              MD5:934323EFC799E016852A0489720E062C
                                                                              SHA1:B051BB4BEA76363EA4FCF0C233F4AF76E28A441C
                                                                              SHA-256:0FBDBB05ABFB138FCA49E96EC2E742821EE7931F606596E944BC7B69870A751A
                                                                              SHA-512:7F31BFE904D67157F825093055077009DDA039CFC4C0BDE2C47DE3AC9C7DCBA850D93E0C13373B4DC45722432A4AE9A3656AACDDDABBEEEF794E2220219AA78C
                                                                              Malicious:false
                                                                              Preview:# This is private data. Do not parse.PRIORITY=30.LEVEL_PREFIX=1.FORWARD_TO_SYSLOG=0.FORWARD_TO_KMSG=0.FORWARD_TO_CONSOLE=0.STREAM_ID=b3114e9e046b482d9593dd110ea62106.IDENTIFIER=dbus-daemon.UNIT=dbus.service.
                                                                              Process:/lib/systemd/systemd-journald
                                                                              File Type:ASCII text
                                                                              Category:dropped
                                                                              Size (bytes):208
                                                                              Entropy (8bit):5.377489220101057
                                                                              Encrypted:false
                                                                              SSDEEP:3:SbFVVmFyinKMsPOYsn9ms954Hh6SnLAqC+h6KV+h6CQzuxm/c0Xb1GEQd+GUvA+V:SbFuFyLVIg1BG+f+MuEyxU0jdCLKzK
                                                                              MD5:3D197E1076DD5CAED09713D3241963F2
                                                                              SHA1:E5DC4593747BDE3DDABBBD985E308BC2297F75A3
                                                                              SHA-256:5A680937E8A6BA6098177BB91170D8E9C72CA0A88961672E465212028E11301C
                                                                              SHA-512:49A841A6858D59B1076C1B9FB5DAA15D68DD77A2AE4B9CDD14D8A968D72EEB65A31705FDDAF3A167C7782DC7A174ED58963F052D0530B87BD7294EAE824F8DED
                                                                              Malicious:false
                                                                              Preview:# This is private data. Do not parse.PRIORITY=30.LEVEL_PREFIX=1.FORWARD_TO_SYSLOG=0.FORWARD_TO_KMSG=0.FORWARD_TO_CONSOLE=0.STREAM_ID=506dcc792f2f4004b0cc6691a19ab4e1.IDENTIFIER=whoopsie.UNIT=whoopsie.service.
                                                                              Process:/lib/systemd/systemd-journald
                                                                              File Type:ASCII text
                                                                              Category:dropped
                                                                              Size (bytes):200
                                                                              Entropy (8bit):5.404538717529497
                                                                              Encrypted:false
                                                                              SSDEEP:6:SbFuFyLVK6g7/+BG+f+M6kq/0b5qjFmzXvn:qgFqo6g7/+0+f+MYw+QXvn
                                                                              MD5:6C96DC3B798A3FFD589AF5568FF009AF
                                                                              SHA1:BC921E1D969731897CAA755BE740FAF814E16A40
                                                                              SHA-256:CCDB96D9370DF83CF4578443B119739222AB42EE34E4F9334ADB3E05DF3AA514
                                                                              SHA-512:53D89F2557862DAE76879135014C8285AEFB9D2CA348728AE04CDDEFEC3F952D22C355AFF33085B31B9B20E7A4B1207A9D27A897AD0DFAA2607978D5C40DF014
                                                                              Malicious:false
                                                                              Preview:# This is private data. Do not parse.PRIORITY=6.LEVEL_PREFIX=0.FORWARD_TO_SYSLOG=0.FORWARD_TO_KMSG=0.FORWARD_TO_CONSOLE=0.STREAM_ID=0900b22df4a34e7f8dfe6818ee65d42a.IDENTIFIER=org.gnome.Shell.desktop.
                                                                              Process:/lib/systemd/systemd-journald
                                                                              File Type:ASCII text
                                                                              Category:dropped
                                                                              Size (bytes):200
                                                                              Entropy (8bit):5.439217202377235
                                                                              Encrypted:false
                                                                              SSDEEP:6:SbFuFyLVI6g7/+BG+f+M9eHKVkjFmzXvn:qgFqdg7/+0+f+M9YKEQXvn
                                                                              MD5:1A9B73C39368956FB10D2625D65CF918
                                                                              SHA1:F5915DA2CF9785A6B2F360F9967722A0B26D37C2
                                                                              SHA-256:47557E12243016DB205C59F1AF34914BD6CD9944812B835ED937146FDB85D4F4
                                                                              SHA-512:F82C1D5B9EBC1A3B6F9B5FE9B4F13E0348B75FFD625E2D8692669F0912FEBF9B9DA082E17C961F9717DD21CD2C90F9C46DD0D8B358CF7F750ED8C5B8D5ED43BE
                                                                              Malicious:false
                                                                              Preview:# This is private data. Do not parse.PRIORITY=4.LEVEL_PREFIX=0.FORWARD_TO_SYSLOG=0.FORWARD_TO_KMSG=0.FORWARD_TO_CONSOLE=0.STREAM_ID=a3a839d663c74224bcfae8a61cd13780.IDENTIFIER=org.gnome.Shell.desktop.
                                                                              Process:/lib/systemd/systemd-journald
                                                                              File Type:ASCII text
                                                                              Category:dropped
                                                                              Size (bytes):188
                                                                              Entropy (8bit):5.2807809852619885
                                                                              Encrypted:false
                                                                              SSDEEP:3:SbFVVmFyinKMsPOYsn9ms954Hh6SnLAqC+h6KV+h6CQzuxmsKO/AUaEzn4H2swsh:SbFuFyLVIg1BG+f+MsKOpa0nKFjtWL0
                                                                              MD5:1D65DE25EEC10726E14A898C446727FE
                                                                              SHA1:B942300F9E952FF634DDA30635F8FCB57AEAA45D
                                                                              SHA-256:C0D3ED4F384D0110E9460366E07603A69AD680B1128FB24B01064A68F664F412
                                                                              SHA-512:3C5ABF46E48CCB3DB24D351AE1104B33E97C3D49BDC29954375293DD21BDBF4014558AABF96F7EA9DEDBBD201FD24BE3518C695431C7CE9817A5677B87EA7A3D
                                                                              Malicious:false
                                                                              Preview:# This is private data. Do not parse.PRIORITY=30.LEVEL_PREFIX=1.FORWARD_TO_SYSLOG=0.FORWARD_TO_KMSG=0.FORWARD_TO_CONSOLE=0.STREAM_ID=f1699e800e1c4004893a68ae0893e8b1.IDENTIFIER=pulseaudio.
                                                                              Process:/lib/systemd/systemd-journald
                                                                              File Type:ASCII text
                                                                              Category:dropped
                                                                              Size (bytes):207
                                                                              Entropy (8bit):5.40890221795422
                                                                              Encrypted:false
                                                                              SSDEEP:3:SbFVVmFyinKMsPOYsn9ms954Hh6SnLAqC+h6KV+h6CQzuxm8HUYSQw7sQ6ASYTjx:SbFuFyLVIg1BG+f+M8HU//JSYTjosQu
                                                                              MD5:E583A18FB1B8F3DEEDF5A0051031A134
                                                                              SHA1:23E2FD02455589CAF02617A92224714CF40A0F22
                                                                              SHA-256:9880ABD45E44F96971634EFCD17BE3CEF729C4A6C85C4C2625B28852427AE5D7
                                                                              SHA-512:59D8AA634CCA65188021D30141EED2F05A72A52E0B9970A80BF9532F11EF0DA0020E30047023BDB43F6DC412FFECE5900A61182B7B697A8AC288A925ABA2D2A4
                                                                              Malicious:false
                                                                              Preview:# This is private data. Do not parse.PRIORITY=30.LEVEL_PREFIX=1.FORWARD_TO_SYSLOG=0.FORWARD_TO_KMSG=0.FORWARD_TO_CONSOLE=0.STREAM_ID=6b1617294e004d2c84542b9de9d4ae17.IDENTIFIER=dbus-daemon.UNIT=dbus.service.
                                                                              Process:/lib/systemd/systemd-journald
                                                                              File Type:ASCII text
                                                                              Category:dropped
                                                                              Size (bytes):208
                                                                              Entropy (8bit):5.3451379895568225
                                                                              Encrypted:false
                                                                              SSDEEP:6:SbFuFyLVIg1BG+f+M4FHqQGRI8jdCLKzK:qgFq6g10+f+M48dR1CLAK
                                                                              MD5:71EB2DFB61366409AB41AD1BE81E88A1
                                                                              SHA1:5BB2C10C29DC5FC6DBF4EA16872D5C2EA1D1ACE8
                                                                              SHA-256:7FA5D2E1D29F79795B8FF6B8D122807784D78F4470D34E1DECABA9FF1F788D16
                                                                              SHA-512:1EADD4C522CE716C438A416BB7F4C0824E293D06AA04ADF443C020E5FAB39FCE30AE10DF8009902C31FF4BEB478E404E876EEE9235A73D1E5E800A6CC7756F1E
                                                                              Malicious:false
                                                                              Preview:# This is private data. Do not parse.PRIORITY=30.LEVEL_PREFIX=1.FORWARD_TO_SYSLOG=0.FORWARD_TO_KMSG=0.FORWARD_TO_CONSOLE=0.STREAM_ID=2c47b824ef884bc7810e40a7e748d3f0.IDENTIFIER=whoopsie.UNIT=whoopsie.service.
                                                                              Process:/lib/systemd/systemd-journald
                                                                              File Type:ASCII text
                                                                              Category:dropped
                                                                              Size (bytes):220
                                                                              Entropy (8bit):5.448193092394018
                                                                              Encrypted:false
                                                                              SSDEEP:3:SbFVVmFyinKMsPOYsn9ms954Hh6SnLAqC+h6KV+h6CQzuxmujiXQIFRh+sjsicWg:SbFuFyLVIg1BG+f+MujnCRZjZcHcljX+
                                                                              MD5:B9ED9BCDC1C535E529A09681E66FAE12
                                                                              SHA1:8BA0BA17EEDD8413119C31F3806D6BA1879B6B36
                                                                              SHA-256:235CE16702E6317BFE964BD09A03CF9EB8635B3E10DBA01A4CD07D1D36FC0B73
                                                                              SHA-512:77522792B55DDF71E414529985939B2F5461592F1816BD09733B6B8EB71452204C4B683DF9658D7D6FBF5C06B3FA850DD096F3E612D0F1ADEBAE2C6045215126
                                                                              Malicious:false
                                                                              Preview:# This is private data. Do not parse.PRIORITY=30.LEVEL_PREFIX=1.FORWARD_TO_SYSLOG=0.FORWARD_TO_KMSG=0.FORWARD_TO_CONSOLE=0.STREAM_ID=d34057feea4a444d9e17c9bfd8b0f34b.IDENTIFIER=systemd-logind.UNIT=systemd-logind.service.
                                                                              Process:/lib/systemd/systemd-journald
                                                                              File Type:ASCII text
                                                                              Category:dropped
                                                                              Size (bytes):210
                                                                              Entropy (8bit):5.45395794142636
                                                                              Encrypted:false
                                                                              SSDEEP:3:SbFVVmFyinKMsPOYsn9ms954Hh6SnLCHh6KV+h6CQzuxmy1t+lxTQnosZjs2ALAQ:SbFuFyLVIg1BAf+Myj+l6nxZjNALyAZD
                                                                              MD5:5F618A70BF566775D585CF8C53849123
                                                                              SHA1:2DA52AEE8BBA065FA899667FA5624B73AFC1C8C0
                                                                              SHA-256:E64B128CC5040C0521C9FF72BBFCD44B82A0A79371C4BD86B701ED00926999EF
                                                                              SHA-512:0A90F8FC335853A75B27780A5F523E63B63195D170DE1B0FE0F14B34249EF962D747B957B6DE53D389B2EB283B3874D35C20CA149035A95BB23C93AD59C84802
                                                                              Malicious:false
                                                                              Preview:# This is private data. Do not parse.PRIORITY=30.LEVEL_PREFIX=1.FORWARD_TO_SYSLOG=1.FORWARD_TO_KMSG=0.FORWARD_TO_CONSOLE=0.STREAM_ID=87c3257a60174b52bdad5b465d721634.IDENTIFIER=generate-config.UNIT=gdm.service.
                                                                              Process:/lib/systemd/systemd-journald
                                                                              File Type:ASCII text
                                                                              Category:dropped
                                                                              Size (bytes):223
                                                                              Entropy (8bit):5.544171283435403
                                                                              Encrypted:false
                                                                              SSDEEP:3:SbFVVmFyinKMsPOYsn9ms954Hh6SnLAqC+h6KV+h6CQzuxm7UmGcAGwAxqjs7Lbr:SbFuFyLVIg1BG+f+MoD6cji4s
                                                                              MD5:735E4DC8C70AAD6020478D07F7FF29EE
                                                                              SHA1:3B373DFB94F4F52BD24A7AA491F8971FDEB333AA
                                                                              SHA-256:D779A4DA986782F66B18ADA90DAA98C3BE1AD88873E0DD4FD586A13510A43743
                                                                              SHA-512:0D04ACF8614C102D280758267E515D8CE28A13A614E304EC30552762780DC68BE44D770AA5A88F5428487FB2368546F3C114EC9BE828BE0F358C3C619C249C39
                                                                              Malicious:false
                                                                              Preview:# This is private data. Do not parse.PRIORITY=30.LEVEL_PREFIX=1.FORWARD_TO_SYSLOG=0.FORWARD_TO_KMSG=0.FORWARD_TO_CONSOLE=0.STREAM_ID=183bc66829d749a59ec198d6e51edff4.IDENTIFIER=journalctl.UNIT=systemd-journal-flush.service.
                                                                              Process:/lib/systemd/systemd-journald
                                                                              File Type:ASCII text
                                                                              Category:dropped
                                                                              Size (bytes):208
                                                                              Entropy (8bit):5.370230686426409
                                                                              Encrypted:false
                                                                              SSDEEP:3:SbFVVmFyinKMsPOYsn9ms954Hh6SnLAqC+h6KV+h6CQzuxmyu19CVTEGftlsjswK:SbFuFyLVIg1BG+f+MyM9CCG12jLkGq
                                                                              MD5:14DC854449B65FE3968E5872AFD35A53
                                                                              SHA1:06AF6B5B73319FEEA275CC300B529C7E8DE11598
                                                                              SHA-256:CA9BB71581FA88004C785A287FD0A85EDBE453D08BC85598AF9E8A73869D85F9
                                                                              SHA-512:865CDE7AD77E34D4D741E809AEC3A0A62FF231E1AF0D930B46C55561378D34798506CF50DEC7AC4E5C5574D5126231075FE7ADFC8EC8D12204B6B8306FFE22F4
                                                                              Malicious:false
                                                                              Preview:# This is private data. Do not parse.PRIORITY=30.LEVEL_PREFIX=1.FORWARD_TO_SYSLOG=0.FORWARD_TO_KMSG=0.FORWARD_TO_CONSOLE=0.STREAM_ID=8ec7462e41844e06aaa02c9c473079db.IDENTIFIER=agetty.UNIT=getty@tty2.service.
                                                                              Process:/lib/systemd/systemd-journald
                                                                              File Type:ASCII text
                                                                              Category:dropped
                                                                              Size (bytes):211
                                                                              Entropy (8bit):5.4344791053881965
                                                                              Encrypted:false
                                                                              SSDEEP:6:SbFuFyLVIg1BAf+MyVd2D1BTKjNdQIeXD:qgFq6g1af+Mm2Dbs2D
                                                                              MD5:548FE7616E28F2BBE68810E8BF992C4B
                                                                              SHA1:EC21FF334A6381E0F39853EE89B6E635DF2E0569
                                                                              SHA-256:A2F5B2B0CEBB43B36DFE67A0B942567B9806AEEF003067E94337F3735C013211
                                                                              SHA-512:64E22BB9DD0BEACC28ECBBA9DDFC8EE5FD0CC299B39D48A4ABD3243E4045D0055D44784EB16CB988BD236E032F2A860AA72A36C5D0717F4BC4485F8EC7F4DB25
                                                                              Malicious:false
                                                                              Preview:# This is private data. Do not parse.PRIORITY=30.LEVEL_PREFIX=1.FORWARD_TO_SYSLOG=1.FORWARD_TO_KMSG=0.FORWARD_TO_CONSOLE=0.STREAM_ID=8151935518ae4620845fa96d6616a36e.IDENTIFIER=gdm-wait-for-drm.UNIT=gdm.service.
                                                                              Process:/lib/systemd/systemd-journald
                                                                              File Type:ASCII text
                                                                              Category:dropped
                                                                              Size (bytes):228
                                                                              Entropy (8bit):5.4461907946383485
                                                                              Encrypted:false
                                                                              SSDEEP:6:SbFuFyLVIg1BG+f+Mu+4rADQG0ZjdCt/rRMtq:qgFq6g10+f+Mtr103CDL
                                                                              MD5:CB6BB5E34936E939C7E48C6E4708A8EE
                                                                              SHA1:5B37754A2B6662C8AAB5E88970B3DF91898B0941
                                                                              SHA-256:7661571A60A8C7D22E8A374F1C13B10CEFD0DACC2FF1095E6D4636BF902A3532
                                                                              SHA-512:07026D3AE703963F6E9F4062DB9415E0F4CC3CD91B02C7009AD17A400C1B2BEF4F76643A985A9FC2FDDE4BD6A04336C2DEAECD36949275E10DA13715DADAB9C6
                                                                              Malicious:false
                                                                              Preview:# This is private data. Do not parse.PRIORITY=30.LEVEL_PREFIX=1.FORWARD_TO_SYSLOG=0.FORWARD_TO_KMSG=0.FORWARD_TO_CONSOLE=0.STREAM_ID=dd7db3bf98b543efb0ef9ef5046d9bcc.IDENTIFIER=whoopsie-upload-all.UNIT=apport-autoreport.service.
                                                                              Process:/lib/systemd/systemd-journald
                                                                              File Type:ASCII text
                                                                              Category:dropped
                                                                              Size (bytes):205
                                                                              Entropy (8bit):5.412922155215951
                                                                              Encrypted:false
                                                                              SSDEEP:3:SbFVVmFyinKMsPOYsn9ms954Hh6SnLAqC+h6KV+h6CQzuxm7WZfdc9PGtS59Frq4:SbFuFyLVIg1BG+f+My9M5P2jbVC
                                                                              MD5:993F1663B9DFCC517C248D7379137C8D
                                                                              SHA1:24934F5C868C09F121ECD05ED200B3109CF53EEC
                                                                              SHA-256:0F1842CA613DF25B133A7359C7249DA8AF9E0256285E1FDE18E435296ECB2803
                                                                              SHA-512:9EDE3343CBEE3FB60E0A1B5E8BD69AD473A659A1C593A15C964756D5EE284639CA9E8D72055EFBD3E2839BF1F3BE28D4A0FF4CB145E3FB8FA9236DBEEE9FB19D
                                                                              Malicious:false
                                                                              Preview:# This is private data. Do not parse.PRIORITY=30.LEVEL_PREFIX=1.FORWARD_TO_SYSLOG=0.FORWARD_TO_KMSG=0.FORWARD_TO_CONSOLE=0.STREAM_ID=11a13af681c247e69b1a1b5c5eb7a528.IDENTIFIER=polkitd.UNIT=polkit.service.
                                                                              Process:/lib/systemd/systemd-journald
                                                                              File Type:ASCII text
                                                                              Category:dropped
                                                                              Size (bytes):195
                                                                              Entropy (8bit):5.368676785780713
                                                                              Encrypted:false
                                                                              SSDEEP:3:SbFVVmFyinKMsPOdvP69ms947z+h6SnLAqC+h6KV+h6CQzuxm69Sq8K2SRYTjs2q:SbFuFyLVK6g7/+BG+f+M6wqH2i0jNq
                                                                              MD5:79FE420F826F4CD7DDD2247C86A0DCEB
                                                                              SHA1:3F1EF5F41A548CF3101DE750950D44A7D1719433
                                                                              SHA-256:802F1C03E77978DE6E9F4605A080E67C9D93BA9C877410F8B10D7C01E6DB8A6E
                                                                              SHA-512:22ED3FD1A7F16DF10E988847A8AD76E72D92D982D17A1F117D7533738F1DAC0F7DBF8ED474D24E364B635C9D4DD387164E5F79669F43C29297D37BF5D0BD828A
                                                                              Malicious:false
                                                                              Preview:# This is private data. Do not parse.PRIORITY=6.LEVEL_PREFIX=0.FORWARD_TO_SYSLOG=0.FORWARD_TO_KMSG=0.FORWARD_TO_CONSOLE=0.STREAM_ID=0b1a7a84a14740d49dddea9128686374.IDENTIFIER=gdm-session-worker.
                                                                              Process:/lib/systemd/systemd-journald
                                                                              File Type:ASCII text
                                                                              Category:dropped
                                                                              Size (bytes):195
                                                                              Entropy (8bit):5.4262115598775
                                                                              Encrypted:false
                                                                              SSDEEP:3:SbFVVmFyinKMsPOfvP69ms947z+h6SnLAqC+h6KV+h6CQzuxmuLdgiRUQc0hF2jk:SbFuFyLVI6g7/+BG+f+MuLvyH0h8jNq
                                                                              MD5:61522992F14B29EEF42DBAC46F273D5F
                                                                              SHA1:637D1FF9B385AEC4843C392910C5FE2F06AB7B35
                                                                              SHA-256:3235A7C70EECA3BB5DF889D686E6570BF2F6DC3F9F5DDA66FBE25EEF904A3283
                                                                              SHA-512:94AB61E75B688C710752C14E255C10C18AAB8E7D6E69DEB0D9BD55854DA63BB1AB71FD064B86EDE4561DC874B73556721DD7D50BAFB4AC9B7A1E40169711C9F6
                                                                              Malicious:false
                                                                              Preview:# This is private data. Do not parse.PRIORITY=4.LEVEL_PREFIX=0.FORWARD_TO_SYSLOG=0.FORWARD_TO_KMSG=0.FORWARD_TO_CONSOLE=0.STREAM_ID=d32eec5528be4a4197a8fe15cbf8b215.IDENTIFIER=gdm-session-worker.
                                                                              Process:/lib/systemd/systemd-journald
                                                                              File Type:ASCII text
                                                                              Category:dropped
                                                                              Size (bytes):210
                                                                              Entropy (8bit):5.502671720863621
                                                                              Encrypted:false
                                                                              SSDEEP:6:SbFuFyLVK6g7/+BG+f+M47YGnF2jFQMzKaBu:qgFqo6g7/+0+f+M4Xn2Tmh
                                                                              MD5:A630813834FDCD4220FFD5487916A10D
                                                                              SHA1:D4B562A67C0808D4387F0FA19AFEBA112E106439
                                                                              SHA-256:AABE10DB862E69233A394F22DEEA643D75A6152D3F6E330C0003F0CA1A443246
                                                                              SHA-512:C406AAB66DE03450406604C8625D9CF6689939FE0517FB07F7B4F695B584F64E9511ED56D1FE6CC3850059ED00A5362E85CAC69F4DA00F0FA2490AC047947EEE
                                                                              Malicious:false
                                                                              Preview:# This is private data. Do not parse.PRIORITY=6.LEVEL_PREFIX=0.FORWARD_TO_SYSLOG=0.FORWARD_TO_KMSG=0.FORWARD_TO_CONSOLE=0.STREAM_ID=2cb232c94fc34e52acd900c103c289f0.IDENTIFIER=/usr/lib/gdm3/gdm-wayland-session.
                                                                              Process:/lib/systemd/systemd-journald
                                                                              File Type:ASCII text
                                                                              Category:dropped
                                                                              Size (bytes):210
                                                                              Entropy (8bit):5.50753978739368
                                                                              Encrypted:false
                                                                              SSDEEP:6:SbFuFyLVI6g7/+BG+f+M8BAHPblZjFQMzKaBu:qgFqdg7/+0+f+M8BAvblvTmh
                                                                              MD5:045D5083F5E891058AAFA7133A74B643
                                                                              SHA1:B928332D6178FC994662870012CD7BF04D947F86
                                                                              SHA-256:1FBDEDD48BFDA6D209CF810421BBF26653ABE22472A139B2BA942508CD6D5C39
                                                                              SHA-512:27671E4AC755FD4AEEAF966F9DD5039A48FB1FCD5384C877C13C395ECAFCB96CF96CC7522071D2F974602BD4AC80460ECDD400BA576367282F4B88824061183B
                                                                              Malicious:false
                                                                              Preview:# This is private data. Do not parse.PRIORITY=4.LEVEL_PREFIX=0.FORWARD_TO_SYSLOG=0.FORWARD_TO_KMSG=0.FORWARD_TO_CONSOLE=0.STREAM_ID=6debb1560b1c4dafb7f39a8f36433be8.IDENTIFIER=/usr/lib/gdm3/gdm-wayland-session.
                                                                              Process:/lib/systemd/systemd-journald
                                                                              File Type:ASCII text
                                                                              Category:dropped
                                                                              Size (bytes):189
                                                                              Entropy (8bit):5.400003614840074
                                                                              Encrypted:false
                                                                              SSDEEP:3:SbFVVmFyinKMsPOYsn9ms954Hh6SnLAqC+h6KV+h6CQzuxm4G/mENg37ETjs1Han:SbFuFyLVIg1BG+f+M4GxRjoa
                                                                              MD5:60007A914FE3674CB9BD5C24285394E1
                                                                              SHA1:D884B5A258D4702FDBE76BFDE2B57F834656D43D
                                                                              SHA-256:07E1503A0539A6088A34581E726C608730E75854E734BD88D56E3A8258742655
                                                                              SHA-512:2350AFBD3AB9BF878FFADE7CBA6186A9100FD89E908B6BA93027CA6BA57945A0477682A295B6591DBA1A1C447C6D443EBD7B8C1C70C401373EABF052ED30668D
                                                                              Malicious:false
                                                                              Preview:# This is private data. Do not parse.PRIORITY=30.LEVEL_PREFIX=1.FORWARD_TO_SYSLOG=0.FORWARD_TO_KMSG=0.FORWARD_TO_CONSOLE=0.STREAM_ID=23d994f92a594a54a12d9987c8e68c7f.IDENTIFIER=dbus-daemon.
                                                                              Process:/lib/systemd/systemd-journald
                                                                              File Type:ASCII text
                                                                              Category:dropped
                                                                              Size (bytes):188
                                                                              Entropy (8bit):5.358509777671104
                                                                              Encrypted:false
                                                                              SSDEEP:3:SbFVVmFyinKMsPOYsn9ms954Hh6SnLAqC+h6KV+h6CQzuxmu+KABSz+3acF2jshQ:SbFuFyLVIg1BG+f+MuHkSz+3XF2jtWL0
                                                                              MD5:5418E26CC729C068BAA2C4C3A1120FBF
                                                                              SHA1:5DA7FB85F840394FED12E78ED5C2D3528C553788
                                                                              SHA-256:CD6119E9FC3C2108FFF6387BEFFAFC591D625965F5F0778F18D2A941C2654900
                                                                              SHA-512:E3979662C2EFD1B46D6EE23845C1DBAA8B5BB8A9B197654182584AC6A8EC7E0CA6EC2FF244950BAE944AFE0B4E74792604AE07D517EF61BF488EE6B233DA6230
                                                                              Malicious:false
                                                                              Preview:# This is private data. Do not parse.PRIORITY=30.LEVEL_PREFIX=1.FORWARD_TO_SYSLOG=0.FORWARD_TO_KMSG=0.FORWARD_TO_CONSOLE=0.STREAM_ID=d725ef3f9d8540f7b0f0856f52c2808e.IDENTIFIER=pulseaudio.
                                                                              Process:/lib/systemd/systemd-journald
                                                                              File Type:ASCII text
                                                                              Category:dropped
                                                                              Size (bytes):216
                                                                              Entropy (8bit):5.436178240692477
                                                                              Encrypted:false
                                                                              SSDEEP:3:SbFVVmFyinKMsPOYsn9ms954Hh6SnLAqC+h6KV+h6CQzuxmoGzF9Wkhd3lsjsjOA:SbFuFyLVIg1BG+f+MoUrhd32jNE
                                                                              MD5:E1CBB755EE59DA0A7F18AC5D5AF336DA
                                                                              SHA1:80E4156F3A886A9405AE1688385ADDF62C13E19F
                                                                              SHA-256:27367C0B301E9545B3B797AE59AB7A4ED0F47E61E805016F9B8B591D3368354A
                                                                              SHA-512:597C161EDC870594B29CC9584E502DAADA0A58FDFC4F79A97C9E6DDB8073EF2D3053218E212557035B396F2A04A158A710ABD71BF5548D6EF53AFA349B594E5B
                                                                              Malicious:false
                                                                              Preview:# This is private data. Do not parse.PRIORITY=30.LEVEL_PREFIX=1.FORWARD_TO_SYSLOG=0.FORWARD_TO_KMSG=0.FORWARD_TO_CONSOLE=0.STREAM_ID=bcd5ae39d10740e69502394227788e4c.IDENTIFIER=rtkit-daemon.UNIT=rtkit-daemon.service.
                                                                              Process:/lib/systemd/systemd-logind
                                                                              File Type:ASCII text
                                                                              Category:dropped
                                                                              Size (bytes):116
                                                                              Entropy (8bit):4.957035419463244
                                                                              Encrypted:false
                                                                              SSDEEP:3:SbFVVmFyinKMsuH47rLg205vmLUbr+ugKQ2KwshcXSv:SbFuFyLwH47Pg20ggWunQ2rNXc
                                                                              MD5:66D114877B3B4DB3BDD8A3AD4F5E7421
                                                                              SHA1:62E0CB0F51E0E3F97BE251CB917968DFF69ED344
                                                                              SHA-256:A922628916A7DDBE2BAA33F421C82250527EA3C28E429749353A1C75C0C18860
                                                                              SHA-512:5651247FA236DCF020A3C8456E4A9A74A85C5B9B3CCE94A3CF8F85FD4D66465C9F97DF7A1822E6CA4553C02BE149F3021D58DCC0C8CB6DCF37F915BD0A158187
                                                                              Malicious:false
                                                                              Preview:# This is private data. Do not parse..IS_SEAT0=1.CAN_MULTI_SESSION=1.CAN_TTY=1.CAN_GRAPHICAL=0.SESSIONS=c1.UIDS=127.
                                                                              Process:/lib/systemd/systemd-logind
                                                                              File Type:ASCII text
                                                                              Category:dropped
                                                                              Size (bytes):95
                                                                              Entropy (8bit):4.921230646592726
                                                                              Encrypted:false
                                                                              SSDEEP:3:SbFVVmFyinKMsuH47rLg205vmLUbr+v:SbFuFyLwH47Pg20ggWv
                                                                              MD5:BE58CCABC942125F5E27AF6EB1BA2F88
                                                                              SHA1:07C20F55E36EE48869B223B8FC4DBC227C7353AC
                                                                              SHA-256:551B1D1C8E5953D5D0CF49C83C1568E2FBEF8BDDB69903B3DA82240B777B4629
                                                                              SHA-512:E5A270995FDE80530927E0BACD3BF76EE820C968AABD55D2E34579326F388AFD6DE7FB8C5D54F69D3F6AC30A5B587FD3B0456FC60326E7DF4F45789A900D046C
                                                                              Malicious:false
                                                                              Preview:# This is private data. Do not parse..IS_SEAT0=1.CAN_MULTI_SESSION=1.CAN_TTY=1.CAN_GRAPHICAL=0.
                                                                              Process:/lib/systemd/systemd-logind
                                                                              File Type:ASCII text
                                                                              Category:dropped
                                                                              Size (bytes):223
                                                                              Entropy (8bit):5.449032833076927
                                                                              Encrypted:false
                                                                              SSDEEP:6:SbFuFyL3BVgdL87ynAir/0Ixff6ztQCgt0Mot6vz:qgFq30dABibBUQCgtuIvz
                                                                              MD5:128114169A650678B601E2671206A6DE
                                                                              SHA1:A1766FA2E27080963BEC56A6CBC0ABFC136F94E9
                                                                              SHA-256:915C35B2F15E8020131E781E45F3FB135D21C6FEE99712B14F606C082071FDF9
                                                                              SHA-512:DC83DA2A978F9708A883E5E360A23106A5C97D74F5481DEE6C1D150C399FA8772102425A9DB9849A5EE8F1BBD03E8721E6C19A0B46BAADD39557E6C9428813C4
                                                                              Malicious:false
                                                                              Preview:# This is private data. Do not parse..NAME=gdm.STATE=closing.STOPPING=yes.RUNTIME=/run/user/127.SERVICE_JOB=/org/freedesktop/systemd1/job/12408.REALTIME=1742735001541851.MONOTONIC=445803189.LAST_SESSION_TIMESTAMP=445944858.
                                                                              Process:/lib/systemd/systemd-logind
                                                                              File Type:ASCII text
                                                                              Category:dropped
                                                                              Size (bytes):188
                                                                              Entropy (8bit):4.928997328913428
                                                                              Encrypted:false
                                                                              SSDEEP:3:SbFVVmFyinKMs5BuSgVuMI2sKiYiesnAv/XS12K2hwEY8mTQ2pJi22sQ2KkmD2pi:SbFuFyL3BVgVuR257iesnAi12thQc2p4
                                                                              MD5:065A3AD1A34A9903F536410ECA748105
                                                                              SHA1:21CD684DF60D569FA96EEEB66A0819EAC1B2B1A4
                                                                              SHA-256:E80554BF0FF4E32C61D4FA3054F8EFB27A26F1C37C91AE4EA94445C400693941
                                                                              SHA-512:DB3C42E893640BAEE9F0001BDE6E93ED40CC33198AC2B47328F577D3C71E2C2E986AAAFEF5BD8ADBC639B5C24ADF715D87034AE24B697331FF6FEC5962630064
                                                                              Malicious:false
                                                                              Preview:# This is private data. Do not parse..NAME=gdm.STATE=opening.STOPPING=no.RUNTIME=/run/user/127.SESSIONS=c1.SEATS=seat0.ACTIVE_SESSIONS=.ONLINE_SESSIONS=c1.ACTIVE_SEATS=.ONLINE_SEATS=seat0.
                                                                              Process:/lib/systemd/systemd-logind
                                                                              File Type:ASCII text
                                                                              Category:dropped
                                                                              Size (bytes):174
                                                                              Entropy (8bit):5.291552802177181
                                                                              Encrypted:false
                                                                              SSDEEP:3:SbFVVmFyinKMs5BuSgdNR2sKiYiesnAv/XSHxJgtfMr5X81x/g206qodB5tn:SbFuFyL3BVgdL87iesnAiRJgt0Mot6vz
                                                                              MD5:CF0D11323D8F6758448B560F76F7A02A
                                                                              SHA1:05FC77B5D506A9C84E15CDEBA33A9F70F65210C2
                                                                              SHA-256:B6C720C33517D84258E9A63AD9D706F053020C8092FB2F8178A6E5DC88116A60
                                                                              SHA-512:DB6E326FBC0E54214F70B0084F544CF38C098949156A9F1608D59C01AD962A4DB20C31937BB6F8DBB60DDE6EEC78703075FB988B895703B41B822C470F0D74B2
                                                                              Malicious:false
                                                                              Preview:# This is private data. Do not parse..NAME=gdm.STATE=closing.STOPPING=no.RUNTIME=/run/user/127.REALTIME=1742735001541851.MONOTONIC=445803189.LAST_SESSION_TIMESTAMP=445944858.
                                                                              Process:/lib/systemd/systemd-logind
                                                                              File Type:ASCII text
                                                                              Category:dropped
                                                                              Size (bytes):282
                                                                              Entropy (8bit):5.2997226197862695
                                                                              Encrypted:false
                                                                              SSDEEP:6:SbFuFyL3BVgVuR257iesnAir/0Ixff6mxJgt0E2thQc2pb02/g2p9rwB:qgFq30VuR8L/ibBjgtcthQHtPYq9M
                                                                              MD5:E81C7BE9EFF1B1C88CD2C59AE7A88101
                                                                              SHA1:8DE7D4B5E582F75970339436A30FFC3CD7A1F80A
                                                                              SHA-256:01877C121BA4B2472D5948DEF8FBCEAF841678E338275D3EA5D996D41DE715C3
                                                                              SHA-512:6433A9AC0F7123C3954B796C60CDA40F9CADC9EDC5CBEF1B399E6E528AA9755076940D5E98490C637A4C15B1B7B93B807EDDF00FC2742C2D04D156C0046AC3CA
                                                                              Malicious:false
                                                                              Preview:# This is private data. Do not parse..NAME=gdm.STATE=opening.STOPPING=no.RUNTIME=/run/user/127.SERVICE_JOB=/org/freedesktop/systemd1/job/12346.REALTIME=1742735001541851.MONOTONIC=445803189.SESSIONS=c1.SEATS=seat0.ACTIVE_SESSIONS=.ONLINE_SESSIONS=c1.ACTIVE_SEATS=.ONLINE_SEATS=seat0.
                                                                              Process:/lib/systemd/systemd-logind
                                                                              File Type:ASCII text
                                                                              Category:dropped
                                                                              Size (bytes):282
                                                                              Entropy (8bit):5.2997226197862695
                                                                              Encrypted:false
                                                                              SSDEEP:6:SbFuFyL3BVgVuR257iesnAir/0Ixff6mxJgt0E2thQc2pb02/g2p9rwB:qgFq30VuR8L/ibBjgtcthQHtPYq9M
                                                                              MD5:E81C7BE9EFF1B1C88CD2C59AE7A88101
                                                                              SHA1:8DE7D4B5E582F75970339436A30FFC3CD7A1F80A
                                                                              SHA-256:01877C121BA4B2472D5948DEF8FBCEAF841678E338275D3EA5D996D41DE715C3
                                                                              SHA-512:6433A9AC0F7123C3954B796C60CDA40F9CADC9EDC5CBEF1B399E6E528AA9755076940D5E98490C637A4C15B1B7B93B807EDDF00FC2742C2D04D156C0046AC3CA
                                                                              Malicious:false
                                                                              Preview:# This is private data. Do not parse..NAME=gdm.STATE=opening.STOPPING=no.RUNTIME=/run/user/127.SERVICE_JOB=/org/freedesktop/systemd1/job/12346.REALTIME=1742735001541851.MONOTONIC=445803189.SESSIONS=c1.SEATS=seat0.ACTIVE_SESSIONS=.ONLINE_SESSIONS=c1.ACTIVE_SEATS=.ONLINE_SEATS=seat0.
                                                                              Process:/usr/bin/pulseaudio
                                                                              File Type:ASCII text
                                                                              Category:dropped
                                                                              Size (bytes):5
                                                                              Entropy (8bit):1.9219280948873623
                                                                              Encrypted:false
                                                                              SSDEEP:3:T:T
                                                                              MD5:B2A9E464D4BA09AA6C1A59D44E7AFFBB
                                                                              SHA1:15D171632139B5A8EC8C830F1B03D06CC95A9A93
                                                                              SHA-256:78D22D016DBEC1300C385694EB257DED2F63DD92488A4B86CB0FDCA520D99447
                                                                              SHA-512:185EA2C46678957470F679DFBA4373DDDB67B88056C37A254CF8690B951AA700DB2F42FD329F2A723224E742E75FE9770251431A1059D1134E37BBBDEBEEA225
                                                                              Malicious:false
                                                                              Preview:6455.
                                                                              Process:/sbin/agetty
                                                                              File Type:data
                                                                              Category:dropped
                                                                              Size (bytes):384
                                                                              Entropy (8bit):0.6651209938982576
                                                                              Encrypted:false
                                                                              SSDEEP:3:5CsXlXEWtl/vlx:d+ylf
                                                                              MD5:81551832F111483A1947EB7D2E083E8A
                                                                              SHA1:37266829BF74AAF0522155FB0812DE89EEDF948A
                                                                              SHA-256:DFD717D5C56B2770F89320A29856885E494DDB76EE8DD3C316D5531D4529888E
                                                                              SHA-512:D9FB3405FC2F5B4EFEB8A2676B54E42CC1947935163FD15A2C496454C4CCB844F488D7442B95442F6B2AEACD9AF64D81E019A956200A9C727682B26C23F406B2
                                                                              Malicious:false
                                                                              Preview:........tty2.tty2.......................tty2LOGIN......................................................................................................................................................................................................................................................................................................g."......................................
                                                                              Process:/tmp/morte.arm.elf
                                                                              File Type:ASCII text, with no line terminators
                                                                              Category:dropped
                                                                              Size (bytes):19
                                                                              Entropy (8bit):3.47135448701393
                                                                              Encrypted:false
                                                                              SSDEEP:3:TgnRAiJ5:TgnRAU5
                                                                              MD5:942865711F399798F000692D45CFACA9
                                                                              SHA1:8243E009FDE89E5146833454D63BD0390A0AB641
                                                                              SHA-256:6F2101D8899BC4276F62EEF7350D1E7D02E92F1FDE12A6DEC4743FD42996417A
                                                                              SHA-512:D84FBC7667E99F79BE5480EE57F72BF5A9586792B47748CD9088FB2E94BA34371C3862FAB5C224609E991EFD3A948B765B92A4EE26676D6E54AAFD317D05B407
                                                                              Malicious:false
                                                                              Preview:/tmp/morte.arm.elf.
                                                                              Process:/usr/lib/accountsservice/accounts-daemon
                                                                              File Type:ASCII text
                                                                              Category:dropped
                                                                              Size (bytes):61
                                                                              Entropy (8bit):4.66214589518167
                                                                              Encrypted:false
                                                                              SSDEEP:3:urzMQvNT+PzKLrAan4R8AKn:gzMQIzKLrAa4M
                                                                              MD5:542BA3FB41206AE43928AF1C5E61FEBC
                                                                              SHA1:F56F574DAF50D609526B36B5B54FDD59EA4D6A26
                                                                              SHA-256:730D9509D4EAA7266829A8F5A8CFEBA6BBDDD5873FC2BD580AD464F4A237E11A
                                                                              SHA-512:D774B8F191A5C65228D1B3CA1181701CFCD07A3D91C5571B0DDF32AD3E241C2D7BDFC0697AB97DC10441EF9CDC8AEE5B19BC34E13E5C8B0B91AD06EEF42F5AEA
                                                                              Malicious:false
                                                                              Preview:[User].XSession=.Icon=/var/lib/gdm3/.face.SystemAccount=true.
                                                                              Process:/usr/bin/gpu-manager
                                                                              File Type:ASCII text
                                                                              Category:dropped
                                                                              Size (bytes):25
                                                                              Entropy (8bit):2.7550849518197795
                                                                              Encrypted:false
                                                                              SSDEEP:3:JoT/V9fDVbn:M/V3n
                                                                              MD5:078760523943E160756979906B85FB5E
                                                                              SHA1:0962643266F4C5537F7D125046F28F21D6DD0C89
                                                                              SHA-256:048416AC7A9A99690B8B53718CD39F32F637B55CC8DD8E67E58E5AEF060DD41C
                                                                              SHA-512:DEFAAE8F8B54C61A716A0B0B4884358FEB8EB44DFEA01AAA5A687FDA7182792B7DEBB34AA840672EB3B40EB59FD0186749E08E47D181786C7FAA8C8F73F0104D
                                                                              Malicious:false
                                                                              Preview:15ad:0405;0000:00:0f:0;1.
                                                                              Process:/usr/sbin/rsyslogd
                                                                              File Type:ASCII text
                                                                              Category:dropped
                                                                              Size (bytes):2183
                                                                              Entropy (8bit):4.8624629976841
                                                                              Encrypted:false
                                                                              SSDEEP:48:vnxV5xIxdsR/ygYMvPMfVhN5YrCrGprCn:vnx7x9v0fbY2Sa
                                                                              MD5:94740A6BAF7F1F3A3144AEC8354BECF7
                                                                              SHA1:29C5BE47D53A86D79B677408E97C7473A338F0C2
                                                                              SHA-256:98E2568E9BA50CC3108564DFE4D6C14815EB88CE61147E685DE26E69D26E7BE8
                                                                              SHA-512:E4A4C8866800AB300B29F46CED609359C07B13A85C51A4F42979D702E51A5AAD00D25ED53EB5FB8D8DE5AA8D4DC936C7F812C7F23C4C7C4DA201B1B44305B340
                                                                              Malicious:false
                                                                              Preview:Mar 23 08:03:04 galassia gdm-launch-environment]: pam_unix(gdm-launch-environment:session): session closed for user gdm.Mar 23 08:03:05 galassia systemd-logind[797]: Failed to abandon session scope, ignoring: Transport endpoint is not connected.Mar 23 08:03:05 galassia systemd-logind[797]: Session 2 logged out. Waiting for processes to exit..Mar 23 08:03:05 galassia systemd-logind[797]: Failed to abandon session scope, ignoring: Transport endpoint is not connected.Mar 23 08:03:05 galassia systemd-logind[797]: Session c2 logged out. Waiting for processes to exit..Mar 23 08:03:05 galassia systemd-logind[6303]: Failed to add user by file name 127, ignoring: Invalid argument.Mar 23 08:03:05 galassia systemd-logind[6303]: Failed to add user by file name 1000, ignoring: Invalid argument.Mar 23 08:03:05 galassia systemd-logind[6303]: User enumeration failed: Invalid argument.Mar 23 08:03:05 galassia systemd-logind[6303]: User of session c2 not known..Mar 23 08:03:05 galassia systemd-logind[63
                                                                              Process:/usr/bin/gpu-manager
                                                                              File Type:ASCII text
                                                                              Category:dropped
                                                                              Size (bytes):1371
                                                                              Entropy (8bit):4.8296848499188485
                                                                              Encrypted:false
                                                                              SSDEEP:24:wPXXX9uV6BNu3WDF3GF3XFFxFFed2uk2HUvJlfWkpPpx7uvvAdow9555cJz:wPXXXe6vejpeC2HUR5WkpPpcvAdow95O
                                                                              MD5:3AF77E630DA00B3BE24F4E8AA5D78B13
                                                                              SHA1:BCF2D99E002F6DE2413A183227B011CFBEF5673D
                                                                              SHA-256:EB1CBBA20845237B4409274D693FEAE13F835274DA3337B7A9D14F4D7FDF9DEA
                                                                              SHA-512:8524B1E8A761F962B32F396812099B9B0B2DCF3C9FCA8605424753CFCFF4DC67EDC5EE1D8C91B9C0ED7FAE6BB1E752898B8D514B7C421D1839D6FEDA609C593C
                                                                              Malicious:false
                                                                              Preview:log_file: /var/log/gpu-manager.log.last_boot_file: /var/lib/ubuntu-drivers-common/last_gfx_boot.new_boot_file: /var/lib/ubuntu-drivers-common/last_gfx_boot.can't access /run/u-d-c-nvidia-was-loaded file.can't get module info via kmodcan't access /opt/amdgpu-pro/bin/amdgpu-pro-px.Looking for nvidia modules in /lib/modules/5.4.0-72-generic/kernel.Looking for nvidia modules in /lib/modules/5.4.0-72-generic/updates/dkms.Looking for amdgpu modules in /lib/modules/5.4.0-72-generic/kernel.Looking for amdgpu modules in /lib/modules/5.4.0-72-generic/updates/dkms.Is nvidia loaded? no.Was nvidia unloaded? no.Is nvidia blacklisted? no.Is intel loaded? no.Is radeon loaded? no.Is radeon blacklisted? no.Is amdgpu loaded? no.Is amdgpu blacklisted? no.Is amdgpu versioned? no.Is amdgpu pro stack? no.Is nouveau loaded? no.Is nouveau blacklisted? no.Is nvidia kernel module available? no.Is amdgpu kernel module available? no.Vendor/Device Id: 15ad:405.BusID "PCI:0@0:15:0".Is boot vga? yes.Error: can't acce
                                                                              Process:/lib/systemd/systemd-journald
                                                                              File Type:data
                                                                              Category:dropped
                                                                              Size (bytes):240
                                                                              Entropy (8bit):1.4226312153993532
                                                                              Encrypted:false
                                                                              SSDEEP:3:F31HlK4P8/l84PE:F36u8/l8u
                                                                              MD5:B4FC0C2B40231FE732B256076CEE51A5
                                                                              SHA1:31BEFF588A82D2F433A1059DBE899D8F3669A5B3
                                                                              SHA-256:7C6AD71450E2E1E9DC19018768DBCF7740FF231DB9744FE46F854684B93D7455
                                                                              SHA-512:C568BAB1F5C103A08B2BBAD3F87F05B20C1AF8C2F36440FFE83950F41153BCCFC505A1F649DA69A192C2E6455B7A50400695C98FA2D3597467A0FE00F2EE720E
                                                                              Malicious:false
                                                                              Preview:LPKSHHRH................rI^B..Hr....";..................................rI^B..Hr....";..........................................................................................................................................................
                                                                              Process:/usr/sbin/rsyslogd
                                                                              File Type:ASCII text
                                                                              Category:dropped
                                                                              Size (bytes):9075
                                                                              Entropy (8bit):4.757897323295167
                                                                              Encrypted:false
                                                                              SSDEEP:192:5z+RBdhFs0u37lud2fNGmD4lqCpodsdmd1dVdDfdC6pVmc4VYThH+kbM5ZiZln:Mc98qX3xZvexgn
                                                                              MD5:D765940F8C7D7019B14E05F5C9C04101
                                                                              SHA1:8EAA9C5097944200BBAABD3FEE69544B73789735
                                                                              SHA-256:4A93FBF93F56AE8EC551F71694B91FB355754720D3AF7B10C4C0C20A58B428B5
                                                                              SHA-512:1F7ECFF1B26F1F8416F9E93B1F66A3DE21C6496FCA9B0242342EF48728380A8CB44FCB2B291D0740E8B1D89E376A0D3B5769E4B4C69A3765C0A256E4B14005A3
                                                                              Malicious:false
                                                                              Preview:Mar 23 08:02:54 galassia kernel: [ 417.570070] blocking signal 9: 6236 -> 797.Mar 23 08:02:54 galassia kernel: [ 417.610718] blocking signal 9: 6236 -> 936.Mar 23 08:02:54 galassia kernel: [ 417.640749] blocking signal 9: 6236 -> 1320.Mar 23 08:02:54 galassia kernel: [ 417.725306] blocking signal 9: 6236 -> 1334.Mar 23 08:02:54 galassia kernel: [ 417.765769] blocking signal 9: 6236 -> 1335.Mar 23 08:02:54 galassia kernel: [ 417.846490] blocking signal 9: 6236 -> 1860.Mar 23 08:02:54 galassia kernel: [ 417.877838] blocking signal 9: 6236 -> 1872.Mar 23 08:02:54 galassia kernel: [ 417.962465] blocking signal 9: 6236 -> 1983.Mar 23 08:02:54 galassia kernel: [ 418.036090] blocking signal 9: 6236 -> 2048.Mar 23 08:02:54 galassia kernel: [ 418.337401] blocking signal 9: 6236 -> 1.Mar 23 08:02:54 galassia kernel: [ 419.007907] New task spawned: old: (tgid 6293, tid 6293), new (tgid: 6293, tid: 6294).Mar 23 08:02:54 galassia kernel: [ 419.008703] New task spawned: old: (tgid 6293,
                                                                              Process:/usr/sbin/rsyslogd
                                                                              File Type:ASCII text, with very long lines (317)
                                                                              Category:dropped
                                                                              Size (bytes):42733
                                                                              Entropy (8bit):5.048292258049439
                                                                              Encrypted:false
                                                                              SSDEEP:768:jnGyrv8qX3x8mYTHNJTHN/Dk+10wUAq9/s12wCDWasdjvZKn9r/VV+qAm4sakNZG:jtb8qX3x8mkk+1+5+Z1D9
                                                                              MD5:CC9B72A747359B31F8AC751E2C0FA3B7
                                                                              SHA1:1D050939F7562CE1DD89C8B98145FBFF34403D46
                                                                              SHA-256:CE3D3CA524421AE5FB8D7DBA0F1238F625CE54941DD01074074AC28CD6113D58
                                                                              SHA-512:86125713E71546A27667E7AEC92BF6B9C07F965FA81491095A1305CCC0C0341AA1963BAF28C94DF98277E347D31B7B32A016FA822AD49713DD0AC77C51D41C10
                                                                              Malicious:false
                                                                              Preview:Mar 23 08:02:54 galassia kernel: [ 417.539032] systemd[1]: rsyslog.service: Main process exited, code=killed, status=9/KILL.Mar 23 08:02:54 galassia kernel: [ 417.539182] systemd[1]: rsyslog.service: Failed with result 'signal'..Mar 23 08:02:54 galassia kernel: [ 417.570070] blocking signal 9: 6236 -> 797.Mar 23 08:02:54 galassia kernel: [ 417.610718] blocking signal 9: 6236 -> 936.Mar 23 08:02:54 galassia kernel: [ 417.640749] blocking signal 9: 6236 -> 1320.Mar 23 08:02:54 galassia kernel: [ 417.651400] systemd[1]: rsyslog.service: Scheduled restart job, restart counter is at 1..Mar 23 08:02:54 galassia kernel: [ 417.651569] systemd[1]: Stopped System Logging Service..Mar 23 08:02:54 galassia kernel: [ 417.652443] systemd[1]: Starting System Logging Service....Mar 23 08:02:54 galassia kernel: [ 417.656619] systemd[1]: session-c2.scope: Succeeded..Mar 23 08:02:54 galassia kernel: [ 417.725306] blocking signal 9: 6236 -> 1334.Mar 23 08:02:54 galassia kernel: [ 417.765769] bl
                                                                              Process:/sbin/agetty
                                                                              File Type:data
                                                                              Category:dropped
                                                                              Size (bytes):384
                                                                              Entropy (8bit):0.6651209938982576
                                                                              Encrypted:false
                                                                              SSDEEP:3:5CsXlXEWtl/vlx:d+ylf
                                                                              MD5:81551832F111483A1947EB7D2E083E8A
                                                                              SHA1:37266829BF74AAF0522155FB0812DE89EEDF948A
                                                                              SHA-256:DFD717D5C56B2770F89320A29856885E494DDB76EE8DD3C316D5531D4529888E
                                                                              SHA-512:D9FB3405FC2F5B4EFEB8A2676B54E42CC1947935163FD15A2C496454C4CCB844F488D7442B95442F6B2AEACD9AF64D81E019A956200A9C727682B26C23F406B2
                                                                              Malicious:true
                                                                              Preview:........tty2.tty2.......................tty2LOGIN......................................................................................................................................................................................................................................................................................................g."......................................

                                                                              Static File Info

                                                                              General

                                                                              File type:ELF 32-bit LSB executable, ARM, version 1 (ARM), statically linked, no section header
                                                                              Entropy (8bit):7.980000150151754
                                                                              TrID:
                                                                              • ELF Executable and Linkable format (generic) (4004/1) 100.00%
                                                                              File name:morte.arm.elf
                                                                              File size:54'640 bytes
                                                                              MD5:5eef75a7c56186dcbd885717b0f29ad6
                                                                              SHA1:f10cb2d6e11ac47e1d193a0e96452a153ac3460c
                                                                              SHA256:b5eae4525e66181d6a4c48979b143acbda90d5404e8faecc9cb48fd2e1a7723d
                                                                              SHA512:d2c3563bfc4321f93950d5aaaed80a42e4603da5eab840aa0ada3320d29a2f5a9122de2471c6f16d7048bf2f9c844c4764e7fe12756ff17c36c409af3e962715
                                                                              SSDEEP:1536:Ass9OmFy0yqbBaqn0eebZyizVJg43cIWE/ntQZK96nzY:Asbm40yYBRnFoMiz3g43z/ntQZg6nc
                                                                              TLSH:B9330261334E6E716EB50432F900EBC2A2B347DEB06E1E74674017BE9AB99051B703C7
                                                                              File Content Preview:.ELF...a..........(......B..4...........4. ...(.....................w...w................w...w...w..................Q.td............................t.6.UPX!.........2...2......T..........?.E.h;.}...^..........e....)x.6*..Z.Ef^.hq.M.mA..._.....E.....S.(.![

                                                                              Static ELF Info

                                                                              ELF header

                                                                              Class:ELF32
                                                                              Data:2's complement, little endian
                                                                              Version:1 (current)
                                                                              Machine:ARM
                                                                              Version Number:0x1
                                                                              Type:EXEC (Executable file)
                                                                              OS/ABI:ARM - ABI
                                                                              ABI Version:0
                                                                              Entry Point Address:0x142c8
                                                                              Flags:0x202
                                                                              ELF Header Size:52
                                                                              Program Header Offset:52
                                                                              Program Header Size:32
                                                                              Number of Program Headers:3
                                                                              Section Header Offset:0
                                                                              Section Header Size:40
                                                                              Number of Section Headers:0
                                                                              Header String Table Index:0

                                                                              Program Segments

                                                                              TypeOffsetVirtual AddressPhysical AddressFile SizeMemory SizeEntropyFlagsFlags DescriptionAlignProg InterpreterSection Mappings
                                                                              LOAD0x00x80000x80000xd4770xd4777.98130x5R E0x8000
                                                                              LOAD0x77c00x377c00x377c00x00x00.00000x6RW 0x8000
                                                                              GNU_STACK0x00x00x00x00x00.00000x7RWE0x4

                                                                              Network Behavior

                                                                              Download Network PCAP: filteredfull

                                                                              Network Port Distribution

                                                                              • Total Packets: 49
                                                                              • 7575 undefined
                                                                              • 443 (HTTPS)
                                                                              • 80 (HTTP)
                                                                              • 53 (DNS)
                                                                              TimestampSource PortDest PortSource IPDest IP
                                                                              Mar 23, 2025 14:02:52.950855970 CET43928443192.168.2.2391.189.91.42
                                                                              Mar 23, 2025 14:02:53.672332048 CET462927575192.168.2.23176.65.142.252
                                                                              Mar 23, 2025 14:02:53.875111103 CET757546292176.65.142.252192.168.2.23
                                                                              Mar 23, 2025 14:02:53.875284910 CET462927575192.168.2.23176.65.142.252
                                                                              Mar 23, 2025 14:02:54.086258888 CET462927575192.168.2.23176.65.142.252
                                                                              Mar 23, 2025 14:02:54.289778948 CET757546292176.65.142.252192.168.2.23
                                                                              Mar 23, 2025 14:02:54.289906025 CET462927575192.168.2.23176.65.142.252
                                                                              Mar 23, 2025 14:02:54.493815899 CET757546292176.65.142.252192.168.2.23
                                                                              Mar 23, 2025 14:02:58.095963001 CET462927575192.168.2.23176.65.142.252
                                                                              Mar 23, 2025 14:02:58.299169064 CET757546292176.65.142.252192.168.2.23
                                                                              Mar 23, 2025 14:02:58.299242020 CET462927575192.168.2.23176.65.142.252
                                                                              Mar 23, 2025 14:02:58.326033115 CET42836443192.168.2.2391.189.91.43
                                                                              Mar 23, 2025 14:02:59.861855030 CET4251680192.168.2.23109.202.202.202
                                                                              Mar 23, 2025 14:03:04.386428118 CET53070443192.168.2.23162.213.35.25
                                                                              Mar 23, 2025 14:03:04.386468887 CET44353070162.213.35.25192.168.2.23
                                                                              Mar 23, 2025 14:03:04.386538982 CET53070443192.168.2.23162.213.35.25
                                                                              Mar 23, 2025 14:03:07.590877056 CET53070443192.168.2.23162.213.35.25
                                                                              Mar 23, 2025 14:03:07.590904951 CET44353070162.213.35.25192.168.2.23
                                                                              Mar 23, 2025 14:03:07.816225052 CET44353070162.213.35.25192.168.2.23
                                                                              Mar 23, 2025 14:03:07.816699982 CET53070443192.168.2.23162.213.35.25
                                                                              Mar 23, 2025 14:03:07.816699982 CET53070443192.168.2.23162.213.35.25
                                                                              Mar 23, 2025 14:03:07.816740036 CET44353070162.213.35.25192.168.2.23
                                                                              Mar 23, 2025 14:03:07.816853046 CET53070443192.168.2.23162.213.35.25
                                                                              Mar 23, 2025 14:03:07.816862106 CET44353070162.213.35.25192.168.2.23
                                                                              Mar 23, 2025 14:03:07.816998005 CET44353070162.213.35.25192.168.2.23
                                                                              Mar 23, 2025 14:03:07.817152977 CET53070443192.168.2.23162.213.35.25
                                                                              Mar 23, 2025 14:03:07.817152977 CET53070443192.168.2.23162.213.35.25
                                                                              Mar 23, 2025 14:03:07.817163944 CET44353070162.213.35.25192.168.2.23
                                                                              Mar 23, 2025 14:03:07.817228079 CET53070443192.168.2.23162.213.35.25
                                                                              Mar 23, 2025 14:03:07.864334106 CET44353070162.213.35.25192.168.2.23
                                                                              Mar 23, 2025 14:03:07.998900890 CET44353070162.213.35.25192.168.2.23
                                                                              Mar 23, 2025 14:03:07.999306917 CET53070443192.168.2.23162.213.35.25
                                                                              Mar 23, 2025 14:03:07.999306917 CET53070443192.168.2.23162.213.35.25
                                                                              Mar 23, 2025 14:03:07.999306917 CET53070443192.168.2.23162.213.35.25
                                                                              Mar 23, 2025 14:03:07.999306917 CET53070443192.168.2.23162.213.35.25
                                                                              Mar 23, 2025 14:03:07.999355078 CET44353070162.213.35.25192.168.2.23
                                                                              Mar 23, 2025 14:03:07.999367952 CET44353070162.213.35.25192.168.2.23
                                                                              Mar 23, 2025 14:03:07.999372959 CET44353070162.213.35.25192.168.2.23
                                                                              Mar 23, 2025 14:03:07.999432087 CET53070443192.168.2.23162.213.35.25
                                                                              Mar 23, 2025 14:03:07.999439955 CET44353070162.213.35.25192.168.2.23
                                                                              Mar 23, 2025 14:03:07.999543905 CET53070443192.168.2.23162.213.35.25
                                                                              Mar 23, 2025 14:03:07.999543905 CET53070443192.168.2.23162.213.35.25
                                                                              Mar 23, 2025 14:03:07.999561071 CET44353070162.213.35.25192.168.2.23
                                                                              Mar 23, 2025 14:03:07.999568939 CET44353070162.213.35.25192.168.2.23
                                                                              Mar 23, 2025 14:03:07.999686003 CET53070443192.168.2.23162.213.35.25
                                                                              Mar 23, 2025 14:03:07.999686003 CET53070443192.168.2.23162.213.35.25
                                                                              Mar 23, 2025 14:03:07.999700069 CET44353070162.213.35.25192.168.2.23
                                                                              Mar 23, 2025 14:03:07.999706984 CET44353070162.213.35.25192.168.2.23
                                                                              Mar 23, 2025 14:03:07.999726057 CET53070443192.168.2.23162.213.35.25
                                                                              Mar 23, 2025 14:03:07.999733925 CET44353070162.213.35.25192.168.2.23
                                                                              Mar 23, 2025 14:03:07.999747992 CET53070443192.168.2.23162.213.35.25
                                                                              Mar 23, 2025 14:03:07.999907970 CET44353070162.213.35.25192.168.2.23
                                                                              Mar 23, 2025 14:03:07.999969006 CET53070443192.168.2.23162.213.35.25
                                                                              Mar 23, 2025 14:03:07.999969006 CET53070443192.168.2.23162.213.35.25
                                                                              Mar 23, 2025 14:03:07.999982119 CET44353070162.213.35.25192.168.2.23
                                                                              Mar 23, 2025 14:03:07.999999046 CET53070443192.168.2.23162.213.35.25
                                                                              Mar 23, 2025 14:03:07.999999046 CET53070443192.168.2.23162.213.35.25
                                                                              Mar 23, 2025 14:03:08.000020027 CET53070443192.168.2.23162.213.35.25
                                                                              Mar 23, 2025 14:03:08.000020027 CET53070443192.168.2.23162.213.35.25
                                                                              Mar 23, 2025 14:03:08.000035048 CET53070443192.168.2.23162.213.35.25
                                                                              Mar 23, 2025 14:03:08.000072002 CET44353070162.213.35.25192.168.2.23
                                                                              Mar 23, 2025 14:03:08.000104904 CET53070443192.168.2.23162.213.35.25
                                                                              Mar 23, 2025 14:03:08.000112057 CET44353070162.213.35.25192.168.2.23
                                                                              Mar 23, 2025 14:03:08.000164032 CET53070443192.168.2.23162.213.35.25
                                                                              Mar 23, 2025 14:03:08.000180006 CET44353070162.213.35.25192.168.2.23
                                                                              Mar 23, 2025 14:03:08.411919117 CET44353070162.213.35.25192.168.2.23
                                                                              Mar 23, 2025 14:03:08.412301064 CET53070443192.168.2.23162.213.35.25
                                                                              Mar 23, 2025 14:03:08.412339926 CET44353070162.213.35.25192.168.2.23
                                                                              Mar 23, 2025 14:03:08.412688017 CET44353070162.213.35.25192.168.2.23
                                                                              Mar 23, 2025 14:03:08.412782907 CET44353070162.213.35.25192.168.2.23
                                                                              Mar 23, 2025 14:03:08.413395882 CET53070443192.168.2.23162.213.35.25
                                                                              Mar 23, 2025 14:03:13.940165043 CET43928443192.168.2.2391.189.91.42
                                                                              Mar 23, 2025 14:03:24.178563118 CET42836443192.168.2.2391.189.91.43
                                                                              Mar 23, 2025 14:03:30.321984053 CET4251680192.168.2.23109.202.202.202
                                                                              Mar 23, 2025 14:03:54.894700050 CET43928443192.168.2.2391.189.91.42
                                                                              Mar 23, 2025 14:04:15.371990919 CET42836443192.168.2.2391.189.91.43
                                                                              TimestampSource PortDest PortSource IPDest IP
                                                                              Mar 23, 2025 14:02:58.672513962 CET3472553192.168.2.231.1.1.1
                                                                              Mar 23, 2025 14:02:58.672624111 CET5421653192.168.2.231.1.1.1
                                                                              Mar 23, 2025 14:02:58.771395922 CET53347251.1.1.1192.168.2.23
                                                                              Mar 23, 2025 14:02:58.771760941 CET53542161.1.1.1192.168.2.23
                                                                              Mar 23, 2025 14:02:59.285465956 CET5814653192.168.2.231.1.1.1
                                                                              Mar 23, 2025 14:03:04.285454988 CET4191653192.168.2.238.8.8.8
                                                                              Mar 23, 2025 14:03:04.375960112 CET53419168.8.8.8192.168.2.23
                                                                              TimestampSource IPDest IPChecksumCodeType
                                                                              Mar 23, 2025 14:03:02.071644068 CET192.168.2.23192.168.2.18283(Port unreachable)Destination Unreachable
                                                                              Mar 23, 2025 14:04:22.088610888 CET192.168.2.23192.168.2.18283(Port unreachable)Destination Unreachable

                                                                              DNS Queries

                                                                              TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                                                                              Mar 23, 2025 14:02:58.672513962 CET192.168.2.231.1.1.10x1a8aStandard query (0)daisy.ubuntu.comA (IP address)IN (0x0001)false
                                                                              Mar 23, 2025 14:02:58.672624111 CET192.168.2.231.1.1.10x6f9aStandard query (0)daisy.ubuntu.com28IN (0x0001)false
                                                                              Mar 23, 2025 14:02:59.285465956 CET192.168.2.231.1.1.10x8851Standard query (0)daisy.ubuntu.com28IN (0x0001)false
                                                                              Mar 23, 2025 14:03:04.285454988 CET192.168.2.238.8.8.80x8851Standard query (0)daisy.ubuntu.com28IN (0x0001)false

                                                                              DNS Answers

                                                                              TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                                                                              Mar 23, 2025 14:02:58.771395922 CET1.1.1.1192.168.2.230x1a8aNo error (0)daisy.ubuntu.com162.213.35.24A (IP address)IN (0x0001)false
                                                                              Mar 23, 2025 14:02:58.771395922 CET1.1.1.1192.168.2.230x1a8aNo error (0)daisy.ubuntu.com162.213.35.25A (IP address)IN (0x0001)false

                                                                              HTTP Request Dependency Graph

                                                                              • daisy.ubuntu.com

                                                                              HTTPS Proxied Packets

                                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                                              0192.168.2.2353070162.213.35.25443
                                                                              TimestampBytes transferredDirectionData
                                                                              2025-03-23 13:03:07 UTC307OUTPOST /9aadafe2051348cd32033e1cad68f0a5fe46fba3240ac1e6e42158f31b8a1371790c09baf3996b4979fe8e533446c7dedf30f654c68b25357334c66911dc6a9e HTTP/1.1
                                                                              Host: daisy.ubuntu.com
                                                                              Accept: */*
                                                                              Content-Type: application/octet-stream
                                                                              X-Whoopsie-Version: 0.2.69ubuntu0.3
                                                                              Content-Length: 164887
                                                                              Expect: 100-continue
                                                                              2025-03-23 13:03:07 UTC25INHTTP/1.1 100 Continue
                                                                              2025-03-23 13:03:07 UTC16384OUTData Raw: 17 84 02 00 02 50 72 6f 63 45 6e 76 69 72 6f 6e 00 4e 00 00 00 50 41 54 48 3d 28 63 75 73 74 6f 6d 2c 20 6e 6f 20 75 73 65 72 29 0a 58 44 47 5f 52 55 4e 54 49 4d 45 5f 44 49 52 3d 3c 73 65 74 3e 0a 4c 41 4e 47 3d 65 6e 5f 55 53 2e 55 54 46 2d 38 0a 53 48 45 4c 4c 3d 2f 62 69 6e 2f 62 61 73 68 00 02 5f 4c 6f 67 69 6e 64 53 65 73 73 69 6f 6e 00 02 00 00 00 35 00 02 44 61 74 65 00 19 00 00 00 54 75 65 20 41 75 67 20 31 37 20 32 30 3a 31 38 3a 30 34 20 32 30 32 31 00 02 53 6f 75 72 63 65 50 61 63 6b 61 67 65 00 0d 00 00 00 6c 69 67 68 74 2d 6c 6f 63 6b 65 72 00 02 50 61 63 6b 61 67 65 41 72 63 68 69 74 65 63 74 75 72 65 00 06 00 00 00 61 6d 64 36 34 00 02 41 72 63 68 69 74 65 63 74 75 72 65 00 06 00 00 00 61 6d 64 36 34 00 02 44 69 73 74 72 6f 52 65 6c 65 61
                                                                              Data Ascii: ProcEnvironNPATH=(custom, no user)XDG_RUNTIME_DIR=<set>LANG=en_US.UTF-8SHELL=/bin/bash_LogindSession5DateTue Aug 17 20:18:04 2021SourcePackagelight-lockerPackageArchitectureamd64Architectureamd64DistroRelea
                                                                              2025-03-23 13:03:07 UTC16384OUTData Raw: 74 75 34 2e 31 0a 6c 69 62 70 61 6d 2d 72 75 6e 74 69 6d 65 20 31 2e 33 2e 31 2d 35 75 62 75 6e 74 75 34 2e 31 0a 6c 69 62 70 61 6d 2d 73 79 73 74 65 6d 64 20 32 34 35 2e 34 2d 34 75 62 75 6e 74 75 33 2e 31 31 0a 6c 69 62 70 61 6d 30 67 20 31 2e 33 2e 31 2d 35 75 62 75 6e 74 75 34 2e 31 0a 6c 69 62 70 61 6e 67 6f 2d 31 2e 30 2d 30 20 31 2e 34 34 2e 37 2d 32 75 62 75 6e 74 75 34 0a 6c 69 62 70 61 6e 67 6f 63 61 69 72 6f 2d 31 2e 30 2d 30 20 31 2e 34 34 2e 37 2d 32 75 62 75 6e 74 75 34 0a 6c 69 62 70 61 6e 67 6f 66 74 32 2d 31 2e 30 2d 30 20 31 2e 34 34 2e 37 2d 32 75 62 75 6e 74 75 34 0a 6c 69 62 70 61 6e 67 6f 78 66 74 2d 31 2e 30 2d 30 20 31 2e 34 34 2e 37 2d 32 75 62 75 6e 74 75 34 0a 6c 69 62 70 61 70 65 72 2d 75 74 69 6c 73 20 31 2e 31 2e 32 38 0a 6c
                                                                              Data Ascii: tu4.1libpam-runtime 1.3.1-5ubuntu4.1libpam-systemd 245.4-4ubuntu3.11libpam0g 1.3.1-5ubuntu4.1libpango-1.0-0 1.44.7-2ubuntu4libpangocairo-1.0-0 1.44.7-2ubuntu4libpangoft2-1.0-0 1.44.7-2ubuntu4libpangoxft-1.0-0 1.44.7-2ubuntu4libpaper-utils 1.1.28l
                                                                              2025-03-23 13:03:07 UTC16384OUTData Raw: 20 20 20 20 20 20 20 20 30 78 30 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 30 0a 67 73 20 20 20 20 20 20 20 20 20 20 20 20 20 30 78 30 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 30 0a 6b 30 20 20 20 20 20 20 20 20 20 20 20 20 20 30 78 30 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 30 0a 6b 31 20 20 20 20 20 20 20 20 20 20 20 20 20 30 78 30 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 30 0a 6b 32 20 20 20 20 20 20 20 20 20 20 20 20 20 30 78 30 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 30 0a 6b 33 20 20 20 20 20 20 20 20 20 20 20 20 20 30 78 30 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 30 0a 6b 34 20 20 20 20 20 20 20 20 20 20 20 20 20 30 78 30 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 30 0a 6b 35 20
                                                                              Data Ascii: 0x0 0gs 0x0 0k0 0x0 0k1 0x0 0k2 0x0 0k3 0x0 0k4 0x0 0k5
                                                                              2025-03-23 13:03:07 UTC16384OUTData Raw: 20 20 20 20 20 20 20 20 20 2f 75 73 72 2f 6c 69 62 2f 78 38 36 5f 36 34 2d 6c 69 6e 75 78 2d 67 6e 75 2f 6c 69 62 78 63 62 2d 72 65 6e 64 65 72 2e 73 6f 2e 30 2e 30 2e 30 0a 37 66 37 39 31 63 30 37 34 30 30 30 2d 37 66 37 39 31 63 30 37 35 30 30 30 20 2d 2d 2d 70 20 30 30 30 30 63 30 30 30 20 66 64 3a 30 30 20 38 30 36 32 36 30 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 2f 75 73 72 2f 6c 69 62 2f 78 38 36 5f 36 34 2d 6c 69 6e 75 78 2d 67 6e 75 2f 6c 69 62 78 63 62 2d 72 65 6e 64 65 72 2e 73 6f 2e 30 2e 30 2e 30 0a 37 66 37 39 31 63 30 37 35 30 30 30 2d 37 66 37 39 31 63 30 37 36 30 30 30 20 72 2d 2d 70 20 30 30 30 30 63 30 30 30 20 66 64 3a 30 30 20 38 30 36 32 36 30 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 2f 75
                                                                              Data Ascii: /usr/lib/x86_64-linux-gnu/libxcb-render.so.0.0.07f791c074000-7f791c075000 ---p 0000c000 fd:00 806260 /usr/lib/x86_64-linux-gnu/libxcb-render.so.0.0.07f791c075000-7f791c076000 r--p 0000c000 fd:00 806260 /u
                                                                              2025-03-23 13:03:07 UTC16384OUTData Raw: 6e 75 78 2d 67 6e 75 2f 6c 69 62 67 64 6b 5f 70 69 78 62 75 66 2d 32 2e 30 2e 73 6f 2e 30 2e 34 30 30 30 2e 30 0a 37 66 37 39 31 63 37 37 33 30 30 30 2d 37 66 37 39 31 63 37 37 34 30 30 30 20 72 77 2d 70 20 30 30 30 32 36 30 30 30 20 66 64 3a 30 30 20 38 30 36 32 34 35 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 2f 75 73 72 2f 6c 69 62 2f 78 38 36 5f 36 34 2d 6c 69 6e 75 78 2d 67 6e 75 2f 6c 69 62 67 64 6b 5f 70 69 78 62 75 66 2d 32 2e 30 2e 73 6f 2e 30 2e 34 30 30 30 2e 30 0a 37 66 37 39 31 63 37 37 34 30 30 30 2d 37 66 37 39 31 63 37 37 38 30 30 30 20 72 2d 2d 70 20 30 30 30 30 30 30 30 30 20 66 64 3a 30 30 20 38 30 36 32 36 38 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 2f 75 73 72 2f 6c 69 62 2f 78 38 36 5f 36 34
                                                                              Data Ascii: nux-gnu/libgdk_pixbuf-2.0.so.0.4000.07f791c773000-7f791c774000 rw-p 00026000 fd:00 806245 /usr/lib/x86_64-linux-gnu/libgdk_pixbuf-2.0.so.0.4000.07f791c774000-7f791c778000 r--p 00000000 fd:00 806268 /usr/lib/x86_64
                                                                              2025-03-23 13:03:07 UTC16384OUTData Raw: 20 70 6c 61 74 66 6f 72 6d 20 65 69 73 61 2e 30 3a 20 43 61 6e 6e 6f 74 20 61 6c 6c 6f 63 61 74 65 20 72 65 73 6f 75 72 63 65 20 66 6f 72 20 45 49 53 41 20 73 6c 6f 74 20 37 0a 41 75 67 20 31 37 20 32 30 3a 32 34 3a 34 36 20 67 61 6c 61 73 73 69 61 20 6b 65 72 6e 65 6c 3a 20 70 6c 61 74 66 6f 72 6d 20 65 69 73 61 2e 30 3a 20 43 61 6e 6e 6f 74 20 61 6c 6c 6f 63 61 74 65 20 72 65 73 6f 75 72 63 65 20 66 6f 72 20 45 49 53 41 20 73 6c 6f 74 20 38 0a 41 75 67 20 31 37 20 32 30 3a 32 34 3a 34 36 20 67 61 6c 61 73 73 69 61 20 6b 65 72 6e 65 6c 3a 20 73 64 20 33 32 3a 30 3a 30 3a 30 3a 20 5b 73 64 61 5d 20 41 73 73 75 6d 69 6e 67 20 64 72 69 76 65 20 63 61 63 68 65 3a 20 77 72 69 74 65 20 74 68 72 6f 75 67 68 0a 41 75 67 20 31 37 20 32 30 3a 32 34 3a 34 37 20 67
                                                                              Data Ascii: platform eisa.0: Cannot allocate resource for EISA slot 7Aug 17 20:24:46 galassia kernel: platform eisa.0: Cannot allocate resource for EISA slot 8Aug 17 20:24:46 galassia kernel: sd 32:0:0:0: [sda] Assuming drive cache: write throughAug 17 20:24:47 g
                                                                              2025-03-23 13:03:07 UTC16384OUTData Raw: 35 35 31 5d 3a 20 28 49 49 29 20 4c 6f 61 64 4d 6f 64 75 6c 65 3a 20 22 66 62 64 65 76 68 77 22 0a 41 75 67 20 31 37 20 32 30 3a 32 35 3a 30 34 20 67 61 6c 61 73 73 69 61 20 2f 75 73 72 2f 6c 69 62 2f 67 64 6d 33 2f 67 64 6d 2d 78 2d 73 65 73 73 69 6f 6e 5b 31 35 35 31 5d 3a 20 28 49 49 29 20 4c 6f 61 64 69 6e 67 20 2f 75 73 72 2f 6c 69 62 2f 78 6f 72 67 2f 6d 6f 64 75 6c 65 73 2f 6c 69 62 66 62 64 65 76 68 77 2e 73 6f 0a 41 75 67 20 31 37 20 32 30 3a 32 35 3a 30 34 20 67 61 6c 61 73 73 69 61 20 2f 75 73 72 2f 6c 69 62 2f 67 64 6d 33 2f 67 64 6d 2d 78 2d 73 65 73 73 69 6f 6e 5b 31 35 35 31 5d 3a 20 28 49 49 29 20 4d 6f 64 75 6c 65 20 66 62 64 65 76 68 77 3a 20 76 65 6e 64 6f 72 3d 22 58 2e 4f 72 67 20 46 6f 75 6e 64 61 74 69 6f 6e 22 0a 41 75 67 20 31 37
                                                                              Data Ascii: 551]: (II) LoadModule: "fbdevhw"Aug 17 20:25:04 galassia /usr/lib/gdm3/gdm-x-session[1551]: (II) Loading /usr/lib/xorg/modules/libfbdevhw.soAug 17 20:25:04 galassia /usr/lib/gdm3/gdm-x-session[1551]: (II) Module fbdevhw: vendor="X.Org Foundation"Aug 17
                                                                              2025-03-23 13:03:07 UTC16384OUTData Raw: 2f 6c 69 62 2f 67 64 6d 33 2f 67 64 6d 2d 78 2d 73 65 73 73 69 6f 6e 5b 31 35 35 31 5d 3a 20 28 49 49 29 20 76 6d 77 61 72 65 28 30 29 3a 20 4e 6f 74 20 75 73 69 6e 67 20 64 65 66 61 75 6c 74 20 6d 6f 64 65 20 22 31 39 32 30 78 31 32 30 30 22 20 28 69 6e 73 75 66 66 69 63 69 65 6e 74 20 6d 65 6d 6f 72 79 20 66 6f 72 20 6d 6f 64 65 29 0a 41 75 67 20 31 37 20 32 30 3a 32 35 3a 30 35 20 67 61 6c 61 73 73 69 61 20 2f 75 73 72 2f 6c 69 62 2f 67 64 6d 33 2f 67 64 6d 2d 78 2d 73 65 73 73 69 6f 6e 5b 31 35 35 31 5d 3a 20 28 49 49 29 20 76 6d 77 61 72 65 28 30 29 3a 20 4e 6f 74 20 75 73 69 6e 67 20 64 65 66 61 75 6c 74 20 6d 6f 64 65 20 22 39 36 30 78 36 30 30 22 20 28 62 61 64 20 6d 6f 64 65 20 63 6c 6f 63 6b 2f 69 6e 74 65 72 6c 61 63 65 2f 64 6f 75 62 6c 65 73
                                                                              Data Ascii: /lib/gdm3/gdm-x-session[1551]: (II) vmware(0): Not using default mode "1920x1200" (insufficient memory for mode)Aug 17 20:25:05 galassia /usr/lib/gdm3/gdm-x-session[1551]: (II) vmware(0): Not using default mode "960x600" (bad mode clock/interlace/doubles
                                                                              2025-03-23 13:03:07 UTC16384OUTData Raw: 20 31 33 33 36 20 31 35 32 30 20 20 38 36 34 20 38 36 35 20 38 36 38 20 38 39 35 20 2d 68 73 79 6e 63 20 2b 76 73 79 6e 63 20 28 35 33 2e 37 20 6b 48 7a 20 64 29 0a 41 75 67 20 31 37 20 32 30 3a 32 35 3a 30 35 20 67 61 6c 61 73 73 69 61 20 2f 75 73 72 2f 6c 69 62 2f 67 64 6d 33 2f 67 64 6d 2d 78 2d 73 65 73 73 69 6f 6e 5b 31 35 35 31 5d 3a 20 28 2a 2a 29 20 76 6d 77 61 72 65 28 30 29 3a 20 20 44 65 66 61 75 6c 74 20 6d 6f 64 65 20 22 31 30 32 34 78 37 36 38 22 3a 20 39 34 2e 35 20 4d 48 7a 2c 20 36 38 2e 37 20 6b 48 7a 2c 20 38 35 2e 30 20 48 7a 0a 41 75 67 20 31 37 20 32 30 3a 32 35 3a 30 35 20 67 61 6c 61 73 73 69 61 20 2f 75 73 72 2f 6c 69 62 2f 67 64 6d 33 2f 67 64 6d 2d 78 2d 73 65 73 73 69 6f 6e 5b 31 35 35 31 5d 3a 20 28 49 49 29 20 76 6d 77 61 72
                                                                              Data Ascii: 1336 1520 864 865 868 895 -hsync +vsync (53.7 kHz d)Aug 17 20:25:05 galassia /usr/lib/gdm3/gdm-x-session[1551]: (**) vmware(0): Default mode "1024x768": 94.5 MHz, 68.7 kHz, 85.0 HzAug 17 20:25:05 galassia /usr/lib/gdm3/gdm-x-session[1551]: (II) vmwar
                                                                              2025-03-23 13:03:07 UTC16384OUTData Raw: 65 64 20 53 65 74 20 32 20 6b 65 79 62 6f 61 72 64 3a 20 61 6c 77 61 79 73 20 72 65 70 6f 72 74 73 20 63 6f 72 65 20 65 76 65 6e 74 73 0a 41 75 67 20 31 37 20 32 30 3a 32 35 3a 30 35 20 67 61 6c 61 73 73 69 61 20 2f 75 73 72 2f 6c 69 62 2f 67 64 6d 33 2f 67 64 6d 2d 78 2d 73 65 73 73 69 6f 6e 5b 31 35 35 31 5d 3a 20 28 2a 2a 29 20 4f 70 74 69 6f 6e 20 22 44 65 76 69 63 65 22 20 22 2f 64 65 76 2f 69 6e 70 75 74 2f 65 76 65 6e 74 31 22 0a 41 75 67 20 31 37 20 32 30 3a 32 35 3a 30 35 20 67 61 6c 61 73 73 69 61 20 2f 75 73 72 2f 6c 69 62 2f 67 64 6d 33 2f 67 64 6d 2d 78 2d 73 65 73 73 69 6f 6e 5b 31 35 35 31 5d 3a 20 28 2a 2a 29 20 4f 70 74 69 6f 6e 20 22 5f 73 6f 75 72 63 65 22 20 22 73 65 72 76 65 72 2f 75 64 65 76 22 0a 41 75 67 20 31 37 20 32 30 3a 32 35
                                                                              Data Ascii: ed Set 2 keyboard: always reports core eventsAug 17 20:25:05 galassia /usr/lib/gdm3/gdm-x-session[1551]: (**) Option "Device" "/dev/input/event1"Aug 17 20:25:05 galassia /usr/lib/gdm3/gdm-x-session[1551]: (**) Option "_source" "server/udev"Aug 17 20:25
                                                                              2025-03-23 13:03:08 UTC279INHTTP/1.1 400 Bad Request
                                                                              Date: Sun, 23 Mar 2025 13:03:08 GMT
                                                                              Server: gunicorn/19.7.1
                                                                              X-Daisy-Revision-Number: 979
                                                                              X-Oops-Repository-Version: 0.0.0
                                                                              Strict-Transport-Security: max-age=2592000
                                                                              Connection: close
                                                                              Transfer-Encoding: chunked
                                                                              17
                                                                              Crash already reported.
                                                                              0


                                                                              System Behavior

                                                                              General

                                                                              Start time (UTC):13:02:52
                                                                              Start date (UTC):23/03/2025
                                                                              Path:/tmp/morte.arm.elf
                                                                              Arguments:/tmp/morte.arm.elf
                                                                              File size:4956856 bytes
                                                                              MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                                                                              File Activities

                                                                              Process Activities

                                                                              System Activities

                                                                              Network Activities


                                                                              General

                                                                              Start time (UTC):13:02:52
                                                                              Start date (UTC):23/03/2025
                                                                              Path:/tmp/morte.arm.elf
                                                                              Arguments:-
                                                                              File size:4956856 bytes
                                                                              MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                                                                              Process Activities

                                                                              Network Activities


                                                                              General

                                                                              Start time (UTC):13:02:52
                                                                              Start date (UTC):23/03/2025
                                                                              Path:/tmp/morte.arm.elf
                                                                              Arguments:-
                                                                              File size:4956856 bytes
                                                                              MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                                                                              File Activities

                                                                              Process Activities


                                                                              General

                                                                              Start time (UTC):13:02:52
                                                                              Start date (UTC):23/03/2025
                                                                              Path:/tmp/morte.arm.elf
                                                                              Arguments:-
                                                                              File size:4956856 bytes
                                                                              MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                                                                              File Activities

                                                                              Process Activities


                                                                              General

                                                                              Start time (UTC):13:02:52
                                                                              Start date (UTC):23/03/2025
                                                                              Path:/usr/lib/systemd/systemd
                                                                              Arguments:-
                                                                              File size:1620224 bytes
                                                                              MD5 hash:9b2bec7092a40488108543f9334aab75

                                                                              Process Activities


                                                                              General

                                                                              Start time (UTC):13:02:52
                                                                              Start date (UTC):23/03/2025
                                                                              Path:/usr/bin/journalctl
                                                                              Arguments:/usr/bin/journalctl --smart-relinquish-var
                                                                              File size:80120 bytes
                                                                              MD5 hash:bf3a987344f3bacafc44efd882abda8b

                                                                              File Activities


                                                                              General

                                                                              Start time (UTC):13:02:53
                                                                              Start date (UTC):23/03/2025
                                                                              Path:/usr/lib/systemd/systemd
                                                                              Arguments:-
                                                                              File size:1620224 bytes
                                                                              MD5 hash:9b2bec7092a40488108543f9334aab75

                                                                              Process Activities


                                                                              General

                                                                              Start time (UTC):13:02:53
                                                                              Start date (UTC):23/03/2025
                                                                              Path:/usr/bin/dbus-daemon
                                                                              Arguments:/usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only
                                                                              File size:249032 bytes
                                                                              MD5 hash:3089d47e3f3ab84cd81c48fd406d7a8c

                                                                              File Activities

                                                                              Network Activities


                                                                              General

                                                                              Start time (UTC):13:02:53
                                                                              Start date (UTC):23/03/2025
                                                                              Path:/usr/sbin/gdm3
                                                                              Arguments:-
                                                                              File size:453296 bytes
                                                                              MD5 hash:2492e2d8d34f9377e3e530a61a15674f

                                                                              Process Activities


                                                                              General

                                                                              Start time (UTC):13:02:53
                                                                              Start date (UTC):23/03/2025
                                                                              Path:/etc/gdm3/PrimeOff/Default
                                                                              Arguments:/etc/gdm3/PrimeOff/Default
                                                                              File size:129816 bytes
                                                                              MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                              File Activities


                                                                              General

                                                                              Start time (UTC):13:02:53
                                                                              Start date (UTC):23/03/2025
                                                                              Path:/usr/lib/systemd/systemd
                                                                              Arguments:-
                                                                              File size:1620224 bytes
                                                                              MD5 hash:9b2bec7092a40488108543f9334aab75

                                                                              Process Activities


                                                                              General

                                                                              Start time (UTC):13:02:53
                                                                              Start date (UTC):23/03/2025
                                                                              Path:/usr/sbin/rsyslogd
                                                                              Arguments:/usr/sbin/rsyslogd -n -iNONE
                                                                              File size:727248 bytes
                                                                              MD5 hash:0b8087fc907c42eb3c81a691db258e33

                                                                              File Activities

                                                                              System Activities

                                                                              Network Activities


                                                                              General

                                                                              Start time (UTC):13:02:53
                                                                              Start date (UTC):23/03/2025
                                                                              Path:/usr/lib/systemd/systemd
                                                                              Arguments:-
                                                                              File size:1620224 bytes
                                                                              MD5 hash:9b2bec7092a40488108543f9334aab75

                                                                              Process Activities


                                                                              General

                                                                              Start time (UTC):13:02:53
                                                                              Start date (UTC):23/03/2025
                                                                              Path:/usr/bin/pulseaudio
                                                                              Arguments:/usr/bin/pulseaudio --daemonize=no --log-target=journal
                                                                              File size:100832 bytes
                                                                              MD5 hash:0c3b4c789d8ffb12b25507f27e14c186

                                                                              File Activities


                                                                              General

                                                                              Start time (UTC):13:02:53
                                                                              Start date (UTC):23/03/2025
                                                                              Path:/usr/sbin/gdm3
                                                                              Arguments:-
                                                                              File size:453296 bytes
                                                                              MD5 hash:2492e2d8d34f9377e3e530a61a15674f

                                                                              Process Activities


                                                                              General

                                                                              Start time (UTC):13:02:53
                                                                              Start date (UTC):23/03/2025
                                                                              Path:/etc/gdm3/PrimeOff/Default
                                                                              Arguments:/etc/gdm3/PrimeOff/Default
                                                                              File size:129816 bytes
                                                                              MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                              File Activities


                                                                              General

                                                                              Start time (UTC):13:02:53
                                                                              Start date (UTC):23/03/2025
                                                                              Path:/usr/libexec/gvfsd-fuse
                                                                              Arguments:-
                                                                              File size:47632 bytes
                                                                              MD5 hash:d18fbf1cbf8eb57b17fac48b7b4be933

                                                                              Process Activities


                                                                              General

                                                                              Start time (UTC):13:02:53
                                                                              Start date (UTC):23/03/2025
                                                                              Path:/bin/fusermount
                                                                              Arguments:fusermount -u -q -z -- /run/user/1000/gvfs
                                                                              File size:39144 bytes
                                                                              MD5 hash:576a1b135c82bdcbc97a91acea900566

                                                                              File Activities

                                                                              Network Activities


                                                                              General

                                                                              Start time (UTC):13:02:53
                                                                              Start date (UTC):23/03/2025
                                                                              Path:/usr/sbin/gdm3
                                                                              Arguments:-
                                                                              File size:453296 bytes
                                                                              MD5 hash:2492e2d8d34f9377e3e530a61a15674f

                                                                              Process Activities


                                                                              General

                                                                              Start time (UTC):13:02:53
                                                                              Start date (UTC):23/03/2025
                                                                              Path:/etc/gdm3/PrimeOff/Default
                                                                              Arguments:/etc/gdm3/PrimeOff/Default
                                                                              File size:129816 bytes
                                                                              MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                              File Activities


                                                                              General

                                                                              Start time (UTC):13:02:54
                                                                              Start date (UTC):23/03/2025
                                                                              Path:/usr/lib/systemd/systemd
                                                                              Arguments:-
                                                                              File size:1620224 bytes
                                                                              MD5 hash:9b2bec7092a40488108543f9334aab75

                                                                              Process Activities


                                                                              General

                                                                              Start time (UTC):13:02:54
                                                                              Start date (UTC):23/03/2025
                                                                              Path:/lib/systemd/systemd-journald
                                                                              Arguments:/lib/systemd/systemd-journald
                                                                              File size:162032 bytes
                                                                              MD5 hash:474667ece6cecb5e04c6eb897a1d0d9e

                                                                              File Activities

                                                                              Process Activities

                                                                              System Activities

                                                                              Network Activities


                                                                              General

                                                                              Start time (UTC):13:02:54
                                                                              Start date (UTC):23/03/2025
                                                                              Path:/usr/lib/systemd/systemd
                                                                              Arguments:-
                                                                              File size:1620224 bytes
                                                                              MD5 hash:9b2bec7092a40488108543f9334aab75

                                                                              Process Activities


                                                                              General

                                                                              Start time (UTC):13:02:54
                                                                              Start date (UTC):23/03/2025
                                                                              Path:/usr/bin/dbus-daemon
                                                                              Arguments:/usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only
                                                                              File size:249032 bytes
                                                                              MD5 hash:3089d47e3f3ab84cd81c48fd406d7a8c

                                                                              File Activities

                                                                              Process Activities

                                                                              Network Activities


                                                                              General

                                                                              Start time (UTC):13:02:54
                                                                              Start date (UTC):23/03/2025
                                                                              Path:/usr/lib/systemd/systemd
                                                                              Arguments:-
                                                                              File size:1620224 bytes
                                                                              MD5 hash:9b2bec7092a40488108543f9334aab75

                                                                              Process Activities


                                                                              General

                                                                              Start time (UTC):13:02:54
                                                                              Start date (UTC):23/03/2025
                                                                              Path:/usr/sbin/rsyslogd
                                                                              Arguments:/usr/sbin/rsyslogd -n -iNONE
                                                                              File size:727248 bytes
                                                                              MD5 hash:0b8087fc907c42eb3c81a691db258e33

                                                                              File Activities

                                                                              Process Activities

                                                                              System Activities

                                                                              Network Activities


                                                                              General

                                                                              Start time (UTC):13:02:56
                                                                              Start date (UTC):23/03/2025
                                                                              Path:/usr/lib/systemd/systemd
                                                                              Arguments:-
                                                                              File size:1620224 bytes
                                                                              MD5 hash:9b2bec7092a40488108543f9334aab75

                                                                              Process Activities


                                                                              General

                                                                              Start time (UTC):13:02:56
                                                                              Start date (UTC):23/03/2025
                                                                              Path:/lib/systemd/systemd-logind
                                                                              Arguments:/lib/systemd/systemd-logind
                                                                              File size:268576 bytes
                                                                              MD5 hash:8dd58a1b4c12f7a1d5fe3ce18b2aaeef

                                                                              File Activities

                                                                              Process Activities

                                                                              Network Activities


                                                                              General

                                                                              Start time (UTC):13:02:57
                                                                              Start date (UTC):23/03/2025
                                                                              Path:/usr/lib/systemd/systemd
                                                                              Arguments:-
                                                                              File size:1620224 bytes
                                                                              MD5 hash:9b2bec7092a40488108543f9334aab75

                                                                              Process Activities


                                                                              General

                                                                              Start time (UTC):13:02:57
                                                                              Start date (UTC):23/03/2025
                                                                              Path:/usr/bin/gpu-manager
                                                                              Arguments:/usr/bin/gpu-manager --log /var/log/gpu-manager.log
                                                                              File size:76616 bytes
                                                                              MD5 hash:8fae9dd5dd67e1f33d873089c2fd8761

                                                                              File Activities

                                                                              Process Activities

                                                                              System Activities


                                                                              General

                                                                              Start time (UTC):13:02:58
                                                                              Start date (UTC):23/03/2025
                                                                              Path:/usr/bin/gpu-manager
                                                                              Arguments:-
                                                                              File size:76616 bytes
                                                                              MD5 hash:8fae9dd5dd67e1f33d873089c2fd8761

                                                                              Process Activities


                                                                              General

                                                                              Start time (UTC):13:02:58
                                                                              Start date (UTC):23/03/2025
                                                                              Path:/bin/sh
                                                                              Arguments:sh -c "grep -G \"^blacklist.*nvidia[[:space:]]*$\" /etc/modprobe.d/*.conf"
                                                                              File size:129816 bytes
                                                                              MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                              File Activities

                                                                              Process Activities


                                                                              General

                                                                              Start time (UTC):13:02:58
                                                                              Start date (UTC):23/03/2025
                                                                              Path:/bin/sh
                                                                              Arguments:-
                                                                              File size:129816 bytes
                                                                              MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                              Process Activities


                                                                              General

                                                                              Start time (UTC):13:02:58
                                                                              Start date (UTC):23/03/2025
                                                                              Path:/usr/bin/grep
                                                                              Arguments:grep -G ^blacklist.*nvidia[[:space:]]*$ /etc/modprobe.d/alsa-base.conf /etc/modprobe.d/amd64-microcode-blacklist.conf /etc/modprobe.d/blacklist-ath_pci.conf /etc/modprobe.d/blacklist-firewire.conf /etc/modprobe.d/blacklist-framebuffer.conf /etc/modprobe.d/blacklist-modem.conf /etc/modprobe.d/blacklist-oss.conf /etc/modprobe.d/blacklist-rare-network.conf /etc/modprobe.d/blacklist.conf /etc/modprobe.d/intel-microcode-blacklist.conf /etc/modprobe.d/iwlwifi.conf /etc/modprobe.d/mdadm.conf
                                                                              File size:199136 bytes
                                                                              MD5 hash:1e6ebb9dd094f774478f72727bdba0f5

                                                                              File Activities


                                                                              General

                                                                              Start time (UTC):13:02:58
                                                                              Start date (UTC):23/03/2025
                                                                              Path:/usr/bin/gpu-manager
                                                                              Arguments:-
                                                                              File size:76616 bytes
                                                                              MD5 hash:8fae9dd5dd67e1f33d873089c2fd8761

                                                                              Process Activities


                                                                              General

                                                                              Start time (UTC):13:02:58
                                                                              Start date (UTC):23/03/2025
                                                                              Path:/bin/sh
                                                                              Arguments:sh -c "grep -G \"^blacklist.*nvidia[[:space:]]*$\" /lib/modprobe.d/*.conf"
                                                                              File size:129816 bytes
                                                                              MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                              File Activities

                                                                              Process Activities


                                                                              General

                                                                              Start time (UTC):13:02:58
                                                                              Start date (UTC):23/03/2025
                                                                              Path:/bin/sh
                                                                              Arguments:-
                                                                              File size:129816 bytes
                                                                              MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                              Process Activities


                                                                              General

                                                                              Start time (UTC):13:02:58
                                                                              Start date (UTC):23/03/2025
                                                                              Path:/usr/bin/grep
                                                                              Arguments:grep -G ^blacklist.*nvidia[[:space:]]*$ /lib/modprobe.d/aliases.conf /lib/modprobe.d/blacklist_linux_5.4.0-72-generic.conf /lib/modprobe.d/blacklist_linux_5.4.0-81-generic.conf /lib/modprobe.d/fbdev-blacklist.conf /lib/modprobe.d/systemd.conf
                                                                              File size:199136 bytes
                                                                              MD5 hash:1e6ebb9dd094f774478f72727bdba0f5

                                                                              File Activities


                                                                              General

                                                                              Start time (UTC):13:02:58
                                                                              Start date (UTC):23/03/2025
                                                                              Path:/usr/bin/gpu-manager
                                                                              Arguments:-
                                                                              File size:76616 bytes
                                                                              MD5 hash:8fae9dd5dd67e1f33d873089c2fd8761

                                                                              Process Activities


                                                                              General

                                                                              Start time (UTC):13:02:58
                                                                              Start date (UTC):23/03/2025
                                                                              Path:/bin/sh
                                                                              Arguments:sh -c "grep -G \"^blacklist.*radeon[[:space:]]*$\" /etc/modprobe.d/*.conf"
                                                                              File size:129816 bytes
                                                                              MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                              File Activities

                                                                              Process Activities


                                                                              General

                                                                              Start time (UTC):13:02:58
                                                                              Start date (UTC):23/03/2025
                                                                              Path:/bin/sh
                                                                              Arguments:-
                                                                              File size:129816 bytes
                                                                              MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                              Process Activities


                                                                              General

                                                                              Start time (UTC):13:02:58
                                                                              Start date (UTC):23/03/2025
                                                                              Path:/usr/bin/grep
                                                                              Arguments:grep -G ^blacklist.*radeon[[:space:]]*$ /etc/modprobe.d/alsa-base.conf /etc/modprobe.d/amd64-microcode-blacklist.conf /etc/modprobe.d/blacklist-ath_pci.conf /etc/modprobe.d/blacklist-firewire.conf /etc/modprobe.d/blacklist-framebuffer.conf /etc/modprobe.d/blacklist-modem.conf /etc/modprobe.d/blacklist-oss.conf /etc/modprobe.d/blacklist-rare-network.conf /etc/modprobe.d/blacklist.conf /etc/modprobe.d/intel-microcode-blacklist.conf /etc/modprobe.d/iwlwifi.conf /etc/modprobe.d/mdadm.conf
                                                                              File size:199136 bytes
                                                                              MD5 hash:1e6ebb9dd094f774478f72727bdba0f5

                                                                              File Activities


                                                                              General

                                                                              Start time (UTC):13:02:59
                                                                              Start date (UTC):23/03/2025
                                                                              Path:/usr/bin/gpu-manager
                                                                              Arguments:-
                                                                              File size:76616 bytes
                                                                              MD5 hash:8fae9dd5dd67e1f33d873089c2fd8761

                                                                              Process Activities


                                                                              General

                                                                              Start time (UTC):13:02:59
                                                                              Start date (UTC):23/03/2025
                                                                              Path:/bin/sh
                                                                              Arguments:sh -c "grep -G \"^blacklist.*radeon[[:space:]]*$\" /lib/modprobe.d/*.conf"
                                                                              File size:129816 bytes
                                                                              MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                              File Activities

                                                                              Process Activities


                                                                              General

                                                                              Start time (UTC):13:02:59
                                                                              Start date (UTC):23/03/2025
                                                                              Path:/bin/sh
                                                                              Arguments:-
                                                                              File size:129816 bytes
                                                                              MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                              Process Activities


                                                                              General

                                                                              Start time (UTC):13:02:59
                                                                              Start date (UTC):23/03/2025
                                                                              Path:/usr/bin/grep
                                                                              Arguments:grep -G ^blacklist.*radeon[[:space:]]*$ /lib/modprobe.d/aliases.conf /lib/modprobe.d/blacklist_linux_5.4.0-72-generic.conf /lib/modprobe.d/blacklist_linux_5.4.0-81-generic.conf /lib/modprobe.d/fbdev-blacklist.conf /lib/modprobe.d/systemd.conf
                                                                              File size:199136 bytes
                                                                              MD5 hash:1e6ebb9dd094f774478f72727bdba0f5

                                                                              File Activities


                                                                              General

                                                                              Start time (UTC):13:02:59
                                                                              Start date (UTC):23/03/2025
                                                                              Path:/usr/bin/gpu-manager
                                                                              Arguments:-
                                                                              File size:76616 bytes
                                                                              MD5 hash:8fae9dd5dd67e1f33d873089c2fd8761

                                                                              Process Activities


                                                                              General

                                                                              Start time (UTC):13:02:59
                                                                              Start date (UTC):23/03/2025
                                                                              Path:/bin/sh
                                                                              Arguments:sh -c "grep -G \"^blacklist.*amdgpu[[:space:]]*$\" /etc/modprobe.d/*.conf"
                                                                              File size:129816 bytes
                                                                              MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                              File Activities

                                                                              Process Activities


                                                                              General

                                                                              Start time (UTC):13:02:59
                                                                              Start date (UTC):23/03/2025
                                                                              Path:/bin/sh
                                                                              Arguments:-
                                                                              File size:129816 bytes
                                                                              MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                              Process Activities


                                                                              General

                                                                              Start time (UTC):13:02:59
                                                                              Start date (UTC):23/03/2025
                                                                              Path:/usr/bin/grep
                                                                              Arguments:grep -G ^blacklist.*amdgpu[[:space:]]*$ /etc/modprobe.d/alsa-base.conf /etc/modprobe.d/amd64-microcode-blacklist.conf /etc/modprobe.d/blacklist-ath_pci.conf /etc/modprobe.d/blacklist-firewire.conf /etc/modprobe.d/blacklist-framebuffer.conf /etc/modprobe.d/blacklist-modem.conf /etc/modprobe.d/blacklist-oss.conf /etc/modprobe.d/blacklist-rare-network.conf /etc/modprobe.d/blacklist.conf /etc/modprobe.d/intel-microcode-blacklist.conf /etc/modprobe.d/iwlwifi.conf /etc/modprobe.d/mdadm.conf
                                                                              File size:199136 bytes
                                                                              MD5 hash:1e6ebb9dd094f774478f72727bdba0f5

                                                                              File Activities


                                                                              General

                                                                              Start time (UTC):13:02:59
                                                                              Start date (UTC):23/03/2025
                                                                              Path:/usr/bin/gpu-manager
                                                                              Arguments:-
                                                                              File size:76616 bytes
                                                                              MD5 hash:8fae9dd5dd67e1f33d873089c2fd8761

                                                                              Process Activities


                                                                              General

                                                                              Start time (UTC):13:02:59
                                                                              Start date (UTC):23/03/2025
                                                                              Path:/bin/sh
                                                                              Arguments:sh -c "grep -G \"^blacklist.*amdgpu[[:space:]]*$\" /lib/modprobe.d/*.conf"
                                                                              File size:129816 bytes
                                                                              MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                              File Activities

                                                                              Process Activities


                                                                              General

                                                                              Start time (UTC):13:02:59
                                                                              Start date (UTC):23/03/2025
                                                                              Path:/bin/sh
                                                                              Arguments:-
                                                                              File size:129816 bytes
                                                                              MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                              Process Activities


                                                                              General

                                                                              Start time (UTC):13:02:59
                                                                              Start date (UTC):23/03/2025
                                                                              Path:/usr/bin/grep
                                                                              Arguments:grep -G ^blacklist.*amdgpu[[:space:]]*$ /lib/modprobe.d/aliases.conf /lib/modprobe.d/blacklist_linux_5.4.0-72-generic.conf /lib/modprobe.d/blacklist_linux_5.4.0-81-generic.conf /lib/modprobe.d/fbdev-blacklist.conf /lib/modprobe.d/systemd.conf
                                                                              File size:199136 bytes
                                                                              MD5 hash:1e6ebb9dd094f774478f72727bdba0f5

                                                                              File Activities


                                                                              General

                                                                              Start time (UTC):13:02:59
                                                                              Start date (UTC):23/03/2025
                                                                              Path:/usr/bin/gpu-manager
                                                                              Arguments:-
                                                                              File size:76616 bytes
                                                                              MD5 hash:8fae9dd5dd67e1f33d873089c2fd8761

                                                                              Process Activities


                                                                              General

                                                                              Start time (UTC):13:02:59
                                                                              Start date (UTC):23/03/2025
                                                                              Path:/bin/sh
                                                                              Arguments:sh -c "grep -G \"^blacklist.*nouveau[[:space:]]*$\" /etc/modprobe.d/*.conf"
                                                                              File size:129816 bytes
                                                                              MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                              File Activities

                                                                              Process Activities


                                                                              General

                                                                              Start time (UTC):13:03:00
                                                                              Start date (UTC):23/03/2025
                                                                              Path:/bin/sh
                                                                              Arguments:-
                                                                              File size:129816 bytes
                                                                              MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                              Process Activities


                                                                              General

                                                                              Start time (UTC):13:03:00
                                                                              Start date (UTC):23/03/2025
                                                                              Path:/usr/bin/grep
                                                                              Arguments:grep -G ^blacklist.*nouveau[[:space:]]*$ /etc/modprobe.d/alsa-base.conf /etc/modprobe.d/amd64-microcode-blacklist.conf /etc/modprobe.d/blacklist-ath_pci.conf /etc/modprobe.d/blacklist-firewire.conf /etc/modprobe.d/blacklist-framebuffer.conf /etc/modprobe.d/blacklist-modem.conf /etc/modprobe.d/blacklist-oss.conf /etc/modprobe.d/blacklist-rare-network.conf /etc/modprobe.d/blacklist.conf /etc/modprobe.d/intel-microcode-blacklist.conf /etc/modprobe.d/iwlwifi.conf /etc/modprobe.d/mdadm.conf
                                                                              File size:199136 bytes
                                                                              MD5 hash:1e6ebb9dd094f774478f72727bdba0f5

                                                                              File Activities


                                                                              General

                                                                              Start time (UTC):13:03:00
                                                                              Start date (UTC):23/03/2025
                                                                              Path:/usr/bin/gpu-manager
                                                                              Arguments:-
                                                                              File size:76616 bytes
                                                                              MD5 hash:8fae9dd5dd67e1f33d873089c2fd8761

                                                                              Process Activities


                                                                              General

                                                                              Start time (UTC):13:03:00
                                                                              Start date (UTC):23/03/2025
                                                                              Path:/bin/sh
                                                                              Arguments:sh -c "grep -G \"^blacklist.*nouveau[[:space:]]*$\" /lib/modprobe.d/*.conf"
                                                                              File size:129816 bytes
                                                                              MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                              File Activities

                                                                              Process Activities


                                                                              General

                                                                              Start time (UTC):13:03:00
                                                                              Start date (UTC):23/03/2025
                                                                              Path:/bin/sh
                                                                              Arguments:-
                                                                              File size:129816 bytes
                                                                              MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                              Process Activities


                                                                              General

                                                                              Start time (UTC):13:03:00
                                                                              Start date (UTC):23/03/2025
                                                                              Path:/usr/bin/grep
                                                                              Arguments:grep -G ^blacklist.*nouveau[[:space:]]*$ /lib/modprobe.d/aliases.conf /lib/modprobe.d/blacklist_linux_5.4.0-72-generic.conf /lib/modprobe.d/blacklist_linux_5.4.0-81-generic.conf /lib/modprobe.d/fbdev-blacklist.conf /lib/modprobe.d/systemd.conf
                                                                              File size:199136 bytes
                                                                              MD5 hash:1e6ebb9dd094f774478f72727bdba0f5

                                                                              File Activities


                                                                              General

                                                                              Start time (UTC):13:03:03
                                                                              Start date (UTC):23/03/2025
                                                                              Path:/usr/lib/systemd/systemd
                                                                              Arguments:-
                                                                              File size:1620224 bytes
                                                                              MD5 hash:9b2bec7092a40488108543f9334aab75

                                                                              Process Activities


                                                                              General

                                                                              Start time (UTC):13:03:03
                                                                              Start date (UTC):23/03/2025
                                                                              Path:/sbin/agetty
                                                                              Arguments:/sbin/agetty -o "-p -- \\u" --noclear tty2 linux
                                                                              File size:69000 bytes
                                                                              MD5 hash:3a374724ba7e863768139bdd60ca36f7

                                                                              File Activities

                                                                              System Activities

                                                                              Network Activities


                                                                              General

                                                                              Start time (UTC):13:03:01
                                                                              Start date (UTC):23/03/2025
                                                                              Path:/usr/lib/systemd/systemd
                                                                              Arguments:-
                                                                              File size:1620224 bytes
                                                                              MD5 hash:9b2bec7092a40488108543f9334aab75

                                                                              Process Activities


                                                                              General

                                                                              Start time (UTC):13:03:01
                                                                              Start date (UTC):23/03/2025
                                                                              Path:/usr/share/gdm/generate-config
                                                                              Arguments:/usr/share/gdm/generate-config
                                                                              File size:129816 bytes
                                                                              MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                              File Activities

                                                                              Process Activities


                                                                              General

                                                                              Start time (UTC):13:03:01
                                                                              Start date (UTC):23/03/2025
                                                                              Path:/usr/share/gdm/generate-config
                                                                              Arguments:-
                                                                              File size:129816 bytes
                                                                              MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                              Process Activities


                                                                              General

                                                                              Start time (UTC):13:03:01
                                                                              Start date (UTC):23/03/2025
                                                                              Path:/usr/bin/pkill
                                                                              Arguments:pkill --signal HUP --uid gdm dconf-service
                                                                              File size:30968 bytes
                                                                              MD5 hash:fa96a75a08109d8842e4865b2907d51f

                                                                              File Activities

                                                                              Network Activities


                                                                              General

                                                                              Start time (UTC):13:03:02
                                                                              Start date (UTC):23/03/2025
                                                                              Path:/usr/lib/systemd/systemd
                                                                              Arguments:-
                                                                              File size:1620224 bytes
                                                                              MD5 hash:9b2bec7092a40488108543f9334aab75

                                                                              Process Activities


                                                                              General

                                                                              Start time (UTC):13:03:02
                                                                              Start date (UTC):23/03/2025
                                                                              Path:/usr/bin/journalctl
                                                                              Arguments:/usr/bin/journalctl --flush
                                                                              File size:80120 bytes
                                                                              MD5 hash:bf3a987344f3bacafc44efd882abda8b

                                                                              File Activities

                                                                              Process Activities

                                                                              Network Activities


                                                                              General

                                                                              Start time (UTC):13:03:06
                                                                              Start date (UTC):23/03/2025
                                                                              Path:/usr/lib/systemd/systemd
                                                                              Arguments:-
                                                                              File size:1620224 bytes
                                                                              MD5 hash:9b2bec7092a40488108543f9334aab75

                                                                              Process Activities


                                                                              General

                                                                              Start time (UTC):13:03:06
                                                                              Start date (UTC):23/03/2025
                                                                              Path:/usr/lib/gdm3/gdm-wait-for-drm
                                                                              Arguments:/usr/lib/gdm3/gdm-wait-for-drm
                                                                              File size:14640 bytes
                                                                              MD5 hash:82043ba752c6930b4e6aaea2f7747545

                                                                              File Activities


                                                                              General

                                                                              Start time (UTC):13:03:16
                                                                              Start date (UTC):23/03/2025
                                                                              Path:/usr/lib/systemd/systemd
                                                                              Arguments:-
                                                                              File size:1620224 bytes
                                                                              MD5 hash:9b2bec7092a40488108543f9334aab75

                                                                              Process Activities


                                                                              General

                                                                              Start time (UTC):13:03:16
                                                                              Start date (UTC):23/03/2025
                                                                              Path:/usr/sbin/gdm3
                                                                              Arguments:/usr/sbin/gdm3
                                                                              File size:453296 bytes
                                                                              MD5 hash:2492e2d8d34f9377e3e530a61a15674f

                                                                              File Activities

                                                                              Process Activities

                                                                              Network Activities


                                                                              General

                                                                              Start time (UTC):13:03:16
                                                                              Start date (UTC):23/03/2025
                                                                              Path:/usr/sbin/gdm3
                                                                              Arguments:-
                                                                              File size:453296 bytes
                                                                              MD5 hash:2492e2d8d34f9377e3e530a61a15674f

                                                                              File Activities

                                                                              Process Activities


                                                                              General

                                                                              Start time (UTC):13:03:16
                                                                              Start date (UTC):23/03/2025
                                                                              Path:/usr/bin/plymouth
                                                                              Arguments:plymouth --ping
                                                                              File size:51352 bytes
                                                                              MD5 hash:87003efd8dad470042f5e75360a8f49f

                                                                              File Activities

                                                                              Network Activities


                                                                              General

                                                                              Start time (UTC):13:03:19
                                                                              Start date (UTC):23/03/2025
                                                                              Path:/usr/sbin/gdm3
                                                                              Arguments:-
                                                                              File size:453296 bytes
                                                                              MD5 hash:2492e2d8d34f9377e3e530a61a15674f

                                                                              File Activities

                                                                              Process Activities

                                                                              Network Activities


                                                                              General

                                                                              Start time (UTC):13:03:19
                                                                              Start date (UTC):23/03/2025
                                                                              Path:/usr/lib/gdm3/gdm-session-worker
                                                                              Arguments:"gdm-session-worker [pam/gdm-launch-environment]"
                                                                              File size:293360 bytes
                                                                              MD5 hash:692243754bd9f38fe9bd7e230b5c060a

                                                                              File Activities

                                                                              Process Activities

                                                                              System Activities

                                                                              Network Activities


                                                                              General

                                                                              Start time (UTC):13:03:21
                                                                              Start date (UTC):23/03/2025
                                                                              Path:/usr/lib/gdm3/gdm-session-worker
                                                                              Arguments:-
                                                                              File size:293360 bytes
                                                                              MD5 hash:692243754bd9f38fe9bd7e230b5c060a

                                                                              Process Activities

                                                                              Network Activities


                                                                              General

                                                                              Start time (UTC):13:03:21
                                                                              Start date (UTC):23/03/2025
                                                                              Path:/usr/lib/gdm3/gdm-wayland-session
                                                                              Arguments:/usr/lib/gdm3/gdm-wayland-session "dbus-run-session -- gnome-session --autostart /usr/share/gdm/greeter/autostart"
                                                                              File size:76368 bytes
                                                                              MD5 hash:d3def63cf1e83f7fb8a0f13b1744ff7c

                                                                              File Activities

                                                                              Process Activities

                                                                              Network Activities


                                                                              General

                                                                              Start time (UTC):13:03:22
                                                                              Start date (UTC):23/03/2025
                                                                              Path:/usr/lib/gdm3/gdm-wayland-session
                                                                              Arguments:-
                                                                              File size:76368 bytes
                                                                              MD5 hash:d3def63cf1e83f7fb8a0f13b1744ff7c

                                                                              File Activities

                                                                              Process Activities


                                                                              General

                                                                              Start time (UTC):13:03:22
                                                                              Start date (UTC):23/03/2025
                                                                              Path:/usr/bin/dbus-daemon
                                                                              Arguments:dbus-daemon --print-address 3 --session
                                                                              File size:249032 bytes
                                                                              MD5 hash:3089d47e3f3ab84cd81c48fd406d7a8c

                                                                              File Activities

                                                                              Process Activities

                                                                              Network Activities


                                                                              General

                                                                              Start time (UTC):13:03:22
                                                                              Start date (UTC):23/03/2025
                                                                              Path:/usr/bin/dbus-daemon
                                                                              Arguments:-
                                                                              File size:249032 bytes
                                                                              MD5 hash:3089d47e3f3ab84cd81c48fd406d7a8c

                                                                              Process Activities


                                                                              General

                                                                              Start time (UTC):13:03:22
                                                                              Start date (UTC):23/03/2025
                                                                              Path:/usr/bin/dbus-daemon
                                                                              Arguments:-
                                                                              File size:249032 bytes
                                                                              MD5 hash:3089d47e3f3ab84cd81c48fd406d7a8c

                                                                              File Activities

                                                                              Process Activities


                                                                              General

                                                                              Start time (UTC):13:03:22
                                                                              Start date (UTC):23/03/2025
                                                                              Path:/bin/false
                                                                              Arguments:/bin/false
                                                                              File size:39256 bytes
                                                                              MD5 hash:3177546c74e4f0062909eae43d948bfc

                                                                              File Activities


                                                                              General

                                                                              Start time (UTC):13:03:22
                                                                              Start date (UTC):23/03/2025
                                                                              Path:/usr/lib/gdm3/gdm-wayland-session
                                                                              Arguments:-
                                                                              File size:76368 bytes
                                                                              MD5 hash:d3def63cf1e83f7fb8a0f13b1744ff7c

                                                                              File Activities

                                                                              Process Activities


                                                                              General

                                                                              Start time (UTC):13:03:22
                                                                              Start date (UTC):23/03/2025
                                                                              Path:/usr/bin/dbus-run-session
                                                                              Arguments:dbus-run-session -- gnome-session --autostart /usr/share/gdm/greeter/autostart
                                                                              File size:14480 bytes
                                                                              MD5 hash:245f3ef6a268850b33b0225a8753b7f4

                                                                              File Activities

                                                                              Process Activities


                                                                              General

                                                                              Start time (UTC):13:03:23
                                                                              Start date (UTC):23/03/2025
                                                                              Path:/usr/bin/dbus-run-session
                                                                              Arguments:-
                                                                              File size:14480 bytes
                                                                              MD5 hash:245f3ef6a268850b33b0225a8753b7f4

                                                                              Process Activities


                                                                              General

                                                                              Start time (UTC):13:03:23
                                                                              Start date (UTC):23/03/2025
                                                                              Path:/usr/bin/dbus-daemon
                                                                              Arguments:dbus-daemon --nofork --print-address 4 --session
                                                                              File size:249032 bytes
                                                                              MD5 hash:3089d47e3f3ab84cd81c48fd406d7a8c

                                                                              File Activities


                                                                              General

                                                                              Start time (UTC):13:03:23
                                                                              Start date (UTC):23/03/2025
                                                                              Path:/usr/sbin/gdm3
                                                                              Arguments:-
                                                                              File size:453296 bytes
                                                                              MD5 hash:2492e2d8d34f9377e3e530a61a15674f

                                                                              File Activities

                                                                              Process Activities


                                                                              General

                                                                              Start time (UTC):13:03:23
                                                                              Start date (UTC):23/03/2025
                                                                              Path:/etc/gdm3/PrimeOff/Default
                                                                              Arguments:/etc/gdm3/PrimeOff/Default
                                                                              File size:129816 bytes
                                                                              MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                              File Activities


                                                                              General

                                                                              Start time (UTC):13:03:23
                                                                              Start date (UTC):23/03/2025
                                                                              Path:/usr/sbin/gdm3
                                                                              Arguments:-
                                                                              File size:453296 bytes
                                                                              MD5 hash:2492e2d8d34f9377e3e530a61a15674f

                                                                              File Activities

                                                                              Process Activities


                                                                              General

                                                                              Start time (UTC):13:03:23
                                                                              Start date (UTC):23/03/2025
                                                                              Path:/etc/gdm3/PrimeOff/Default
                                                                              Arguments:/etc/gdm3/PrimeOff/Default
                                                                              File size:129816 bytes
                                                                              MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                              File Activities


                                                                              General

                                                                              Start time (UTC):13:03:16
                                                                              Start date (UTC):23/03/2025
                                                                              Path:/usr/lib/systemd/systemd
                                                                              Arguments:-
                                                                              File size:1620224 bytes
                                                                              MD5 hash:9b2bec7092a40488108543f9334aab75

                                                                              Process Activities


                                                                              General

                                                                              Start time (UTC):13:03:16
                                                                              Start date (UTC):23/03/2025
                                                                              Path:/usr/lib/accountsservice/accounts-daemon
                                                                              Arguments:/usr/lib/accountsservice/accounts-daemon
                                                                              File size:203192 bytes
                                                                              MD5 hash:01a899e3fb5e7e434bea1290255a1f30

                                                                              File Activities

                                                                              Process Activities

                                                                              Network Activities


                                                                              General

                                                                              Start time (UTC):13:03:17
                                                                              Start date (UTC):23/03/2025
                                                                              Path:/usr/lib/accountsservice/accounts-daemon
                                                                              Arguments:-
                                                                              File size:203192 bytes
                                                                              MD5 hash:01a899e3fb5e7e434bea1290255a1f30

                                                                              File Activities

                                                                              Process Activities


                                                                              General

                                                                              Start time (UTC):13:03:17
                                                                              Start date (UTC):23/03/2025
                                                                              Path:/usr/share/language-tools/language-validate
                                                                              Arguments:/usr/share/language-tools/language-validate en_US.UTF-8
                                                                              File size:129816 bytes
                                                                              MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                              File Activities

                                                                              Process Activities


                                                                              General

                                                                              Start time (UTC):13:03:17
                                                                              Start date (UTC):23/03/2025
                                                                              Path:/usr/share/language-tools/language-validate
                                                                              Arguments:-
                                                                              File size:129816 bytes
                                                                              MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                              Process Activities


                                                                              General

                                                                              Start time (UTC):13:03:17
                                                                              Start date (UTC):23/03/2025
                                                                              Path:/usr/share/language-tools/language-options
                                                                              Arguments:/usr/share/language-tools/language-options
                                                                              File size:3478464 bytes
                                                                              MD5 hash:16a21f464119ea7fad1d3660de963637

                                                                              File Activities

                                                                              Process Activities


                                                                              General

                                                                              Start time (UTC):13:03:17
                                                                              Start date (UTC):23/03/2025
                                                                              Path:/usr/share/language-tools/language-options
                                                                              Arguments:-
                                                                              File size:3478464 bytes
                                                                              MD5 hash:16a21f464119ea7fad1d3660de963637

                                                                              Process Activities


                                                                              General

                                                                              Start time (UTC):13:03:17
                                                                              Start date (UTC):23/03/2025
                                                                              Path:/bin/sh
                                                                              Arguments:sh -c "locale -a | grep -F .utf8 "
                                                                              File size:129816 bytes
                                                                              MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                              File Activities

                                                                              Process Activities


                                                                              General

                                                                              Start time (UTC):13:03:17
                                                                              Start date (UTC):23/03/2025
                                                                              Path:/bin/sh
                                                                              Arguments:-
                                                                              File size:129816 bytes
                                                                              MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                              Process Activities


                                                                              General

                                                                              Start time (UTC):13:03:17
                                                                              Start date (UTC):23/03/2025
                                                                              Path:/usr/bin/locale
                                                                              Arguments:locale -a
                                                                              File size:58944 bytes
                                                                              MD5 hash:c72a78792469db86d91369c9057f20d2

                                                                              File Activities


                                                                              General

                                                                              Start time (UTC):13:03:17
                                                                              Start date (UTC):23/03/2025
                                                                              Path:/bin/sh
                                                                              Arguments:-
                                                                              File size:129816 bytes
                                                                              MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                              Process Activities


                                                                              General

                                                                              Start time (UTC):13:03:17
                                                                              Start date (UTC):23/03/2025
                                                                              Path:/usr/bin/grep
                                                                              Arguments:grep -F .utf8
                                                                              File size:199136 bytes
                                                                              MD5 hash:1e6ebb9dd094f774478f72727bdba0f5

                                                                              File Activities


                                                                              General

                                                                              Start time (UTC):13:03:18
                                                                              Start date (UTC):23/03/2025
                                                                              Path:/usr/lib/systemd/systemd
                                                                              Arguments:-
                                                                              File size:1620224 bytes
                                                                              MD5 hash:9b2bec7092a40488108543f9334aab75

                                                                              Process Activities


                                                                              General

                                                                              Start time (UTC):13:03:18
                                                                              Start date (UTC):23/03/2025
                                                                              Path:/usr/lib/policykit-1/polkitd
                                                                              Arguments:/usr/lib/policykit-1/polkitd --no-debug
                                                                              File size:121504 bytes
                                                                              MD5 hash:8efc9b4b5b524210ad2ea1954a9d0e69

                                                                              File Activities

                                                                              Process Activities

                                                                              Network Activities


                                                                              General

                                                                              Start time (UTC):13:04:23
                                                                              Start date (UTC):23/03/2025
                                                                              Path:/usr/lib/systemd/systemd
                                                                              Arguments:-
                                                                              File size:1620224 bytes
                                                                              MD5 hash:9b2bec7092a40488108543f9334aab75

                                                                              Process Activities


                                                                              General

                                                                              Start time (UTC):13:04:23
                                                                              Start date (UTC):23/03/2025
                                                                              Path:/usr/bin/dbus-daemon
                                                                              Arguments:/usr/bin/dbus-daemon --session --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only
                                                                              File size:249032 bytes
                                                                              MD5 hash:3089d47e3f3ab84cd81c48fd406d7a8c

                                                                              File Activities

                                                                              Network Activities


                                                                              General

                                                                              Start time (UTC):13:04:24
                                                                              Start date (UTC):23/03/2025
                                                                              Path:/usr/lib/systemd/systemd
                                                                              Arguments:-
                                                                              File size:1620224 bytes
                                                                              MD5 hash:9b2bec7092a40488108543f9334aab75

                                                                              Process Activities


                                                                              General

                                                                              Start time (UTC):13:04:24
                                                                              Start date (UTC):23/03/2025
                                                                              Path:/usr/bin/pulseaudio
                                                                              Arguments:/usr/bin/pulseaudio --daemonize=no --log-target=journal
                                                                              File size:100832 bytes
                                                                              MD5 hash:0c3b4c789d8ffb12b25507f27e14c186

                                                                              File Activities

                                                                              Process Activities

                                                                              System Activities

                                                                              Network Activities


                                                                              General

                                                                              Start time (UTC):13:04:24
                                                                              Start date (UTC):23/03/2025
                                                                              Path:/usr/lib/systemd/systemd
                                                                              Arguments:-
                                                                              File size:1620224 bytes
                                                                              MD5 hash:9b2bec7092a40488108543f9334aab75

                                                                              Process Activities


                                                                              General

                                                                              Start time (UTC):13:04:24
                                                                              Start date (UTC):23/03/2025
                                                                              Path:/usr/libexec/rtkit-daemon
                                                                              Arguments:/usr/libexec/rtkit-daemon
                                                                              File size:68096 bytes
                                                                              MD5 hash:df0cacf1db4ec95ac70f5b6e06b8ffd7

                                                                              File Activities

                                                                              Process Activities

                                                                              Network Activities