Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
MPnFvIsvJp
|
ELF 32-bit MSB executable, PowerPC or cisco 4500, version 1 (SYSV), statically linked, stripped
|
initial sample
|
 |
|
|
/proc/5308/oom_score_adj
|
ASCII text
|
dropped
|
 |
|
|
/run/sshd.pid
|
ASCII text
|
dropped
|
|
|
|
/var/cache/motd-news
|
ASCII text
|
dropped
|
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
/usr/bin/dash
|
n/a
|
|
|
|
/usr/bin/cat
|
cat /tmp/tmp.nd5wZIclrj
|
|
|
|
/usr/bin/dash
|
n/a
|
|
|
|
/usr/bin/head
|
head -n 10
|
|
|
|
/usr/bin/dash
|
n/a
|
|
|
|
/usr/bin/tr
|
tr -d \\000-\\011\\013\\014\\016-\\037
|
|
|
|
/usr/bin/dash
|
n/a
|
|
|
|
/usr/bin/cut
|
cut -c -80
|
|
|
|
/usr/bin/dash
|
n/a
|
|
|
|
/usr/bin/cat
|
cat /tmp/tmp.nd5wZIclrj
|
|
|
|
/usr/bin/dash
|
n/a
|
|
|
|
/usr/bin/head
|
head -n 10
|
|
|
|
/usr/bin/dash
|
n/a
|
|
|
|
/usr/bin/tr
|
tr -d \\000-\\011\\013\\014\\016-\\037
|
|
|
|
/usr/bin/dash
|
n/a
|
|
|
|
/usr/bin/cut
|
cut -c -80
|
|
|
|
/usr/bin/dash
|
n/a
|
|
|
|
/usr/bin/rm
|
rm -f /tmp/tmp.nd5wZIclrj /tmp/tmp.zShyQQ7qTu /tmp/tmp.3SdD1ZBLJc
|
|
|
|
/tmp/MPnFvIsvJp
|
/tmp/MPnFvIsvJp
|
|
|
|
/tmp/MPnFvIsvJp
|
n/a
|
|
|
|
/tmp/MPnFvIsvJp
|
n/a
|
|
|
|
/tmp/MPnFvIsvJp
|
n/a
|
|
|
|
/tmp/MPnFvIsvJp
|
n/a
|
|
|
|
/tmp/MPnFvIsvJp
|
n/a
|
|
|
|
/tmp/MPnFvIsvJp
|
n/a
|
|
|
|
/usr/lib/systemd/systemd
|
n/a
|
|
|
|
/usr/sbin/sshd
|
/usr/sbin/sshd -t
|
|
|
|
/usr/lib/systemd/systemd
|
n/a
|
|
|
|
/usr/sbin/sshd
|
/usr/sbin/sshd -D
|
|
There are 19 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://ubuntu.com/blog/microk8s-memory-optimisation
|
unknown
|
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
53.112.165.99
|
unknown
|
Germany
|
|
|
|
162.249.159.72
|
unknown
|
United States
|
|
|
|
38.189.106.217
|
unknown
|
United States
|
|
|
|
146.117.193.114
|
unknown
|
unknown
|
|
|
|
197.45.56.18
|
unknown
|
Egypt
|
|
|
|
79.112.91.127
|
unknown
|
Romania
|
|
|
|
159.230.61.6
|
unknown
|
United States
|
|
|
|
104.119.90.60
|
unknown
|
United States
|
|
|
|
73.210.5.139
|
unknown
|
United States
|
|
|
|
185.13.32.132
|
unknown
|
Russian Federation
|
|
|
|
95.195.139.140
|
unknown
|
Sweden
|
|
|
|
109.142.99.132
|
unknown
|
Belgium
|
|
|
|
84.141.10.139
|
unknown
|
Germany
|
|
|
|
2.144.217.201
|
unknown
|
Iran (ISLAMIC Republic Of)
|
|
|
|
254.124.160.89
|
unknown
|
Reserved
|
|
|
|
157.72.111.104
|
unknown
|
Japan
|
|
|
|
166.2.57.61
|
unknown
|
United States
|
|
|
|
196.98.136.157
|
unknown
|
Kenya
|
|
|
|
105.214.52.124
|
unknown
|
South Africa
|
|
|
|
76.177.163.230
|
unknown
|
United States
|
|
|
|
18.69.142.225
|
unknown
|
United States
|
|
|
|
47.253.16.98
|
unknown
|
United States
|
|
|
|
222.209.131.174
|
unknown
|
China
|
|
|
|
118.144.105.142
|
unknown
|
China
|
|
|
|
73.26.71.206
|
unknown
|
United States
|
|
|
|
216.44.168.130
|
unknown
|
United States
|
|
|
|
207.34.254.92
|
unknown
|
Canada
|
|
|
|
109.236.158.185
|
unknown
|
Germany
|
|
|
|
4.26.92.139
|
unknown
|
United States
|
|
|
|
78.143.58.117
|
unknown
|
Germany
|
|
|
|
158.255.70.161
|
unknown
|
France
|
|
|
|
249.229.94.227
|
unknown
|
Reserved
|
|
|
|
118.28.147.193
|
unknown
|
China
|
|
|
|
121.127.142.57
|
unknown
|
Korea Republic of
|
|
|
|
82.231.167.86
|
unknown
|
France
|
|
|
|
90.252.197.202
|
unknown
|
United Kingdom
|
|
|
|
207.176.202.218
|
unknown
|
United States
|
|
|
|
18.30.10.250
|
unknown
|
United States
|
|
|
|
223.8.151.73
|
unknown
|
China
|
|
|
|
192.20.120.58
|
unknown
|
United States
|
|
|
|
200.167.253.216
|
unknown
|
Brazil
|
|
|
|
86.68.72.129
|
unknown
|
France
|
|
|
|
213.146.201.32
|
unknown
|
Portugal
|
|
|
|
83.45.140.221
|
unknown
|
Spain
|
|
|
|
152.26.195.240
|
unknown
|
United States
|
|
|
|
221.0.56.164
|
unknown
|
China
|
|
|
|
133.55.183.163
|
unknown
|
Japan
|
|
|
|
2.17.213.1
|
unknown
|
European Union
|
|
|
|
248.29.159.14
|
unknown
|
Reserved
|
|
|
|
41.152.76.213
|
unknown
|
Egypt
|
|
|
|
201.19.52.194
|
unknown
|
Brazil
|
|
|
|
240.42.170.232
|
unknown
|
Reserved
|
|
|
|
139.156.150.80
|
unknown
|
Netherlands
|
|
|
|
118.64.199.38
|
unknown
|
China
|
|
|
|
121.145.80.39
|
unknown
|
Korea Republic of
|
|
|
|
98.59.61.81
|
unknown
|
United States
|
|
|
|
196.61.253.222
|
unknown
|
South Africa
|
|
|
|
205.153.15.252
|
unknown
|
United States
|
|
|
|
223.10.93.212
|
unknown
|
China
|
|
|
|
223.93.79.103
|
unknown
|
China
|
|
|
|
175.12.84.190
|
unknown
|
China
|
|
|
|
183.25.200.23
|
unknown
|
China
|
|
|
|
93.137.66.222
|
unknown
|
Croatia (LOCAL Name: Hrvatska)
|
|
|
|
189.40.178.46
|
unknown
|
Brazil
|
|
|
|
180.140.66.56
|
unknown
|
China
|
|
|
|
203.176.141.81
|
unknown
|
Cambodia
|
|
|
|
45.146.92.203
|
unknown
|
Germany
|
|
|
|
19.197.93.3
|
unknown
|
United States
|
|
|
|
212.191.184.166
|
unknown
|
Poland
|
|
|
|
60.23.101.154
|
unknown
|
China
|
|
|
|
73.49.124.155
|
unknown
|
United States
|
|
|
|
142.212.99.59
|
unknown
|
Canada
|
|
|
|
79.106.115.210
|
unknown
|
Albania
|
|
|
|
32.251.50.182
|
unknown
|
United States
|
|
|
|
253.83.161.80
|
unknown
|
Reserved
|
|
|
|
17.208.85.231
|
unknown
|
United States
|
|
|
|
174.105.227.80
|
unknown
|
United States
|
|
|
|
250.12.81.189
|
unknown
|
Reserved
|
|
|
|
247.235.238.231
|
unknown
|
Reserved
|
|
|
|
78.254.217.14
|
unknown
|
France
|
|
|
|
216.239.120.101
|
unknown
|
United States
|
|
|
|
243.115.4.52
|
unknown
|
Reserved
|
|
|
|
89.146.240.88
|
unknown
|
Germany
|
|
|
|
221.170.37.56
|
unknown
|
Japan
|
|
|
|
73.191.86.218
|
unknown
|
United States
|
|
|
|
94.11.229.252
|
unknown
|
United Kingdom
|
|
|
|
1.201.22.138
|
unknown
|
Korea Republic of
|
|
|
|
31.156.41.151
|
unknown
|
Italy
|
|
|
|
211.43.179.175
|
unknown
|
Korea Republic of
|
|
|
|
120.202.209.113
|
unknown
|
China
|
|
|
|
186.106.106.120
|
unknown
|
Chile
|
|
|
|
161.116.72.74
|
unknown
|
Spain
|
|
|
|
195.225.21.96
|
unknown
|
Norway
|
|
|
|
84.85.119.56
|
unknown
|
Netherlands
|
|
|
|
184.169.138.101
|
unknown
|
United States
|
|
|
|
81.235.47.61
|
unknown
|
Sweden
|
|
|
|
59.247.33.40
|
unknown
|
China
|
|
|
|
62.76.192.45
|
unknown
|
Russian Federation
|
|
|
|
178.179.16.172
|
unknown
|
Russian Federation
|
|
|
|
23.26.94.58
|
unknown
|
United States
|
|
There are 90 hidden IPs, click here to show them.