Files
File Path
|
Type
|
Category
|
Malicious
|
|
---|---|---|---|---|
e9e6i5D2gK
|
ELF 32-bit MSB executable, MIPS, MIPS-I version 1 (SYSV), statically linked, stripped
|
initial sample
|
||
/run/user/127/dconf/user
|
very short file (no magic)
|
dropped
|
||
/run/user/127/pulse/pid
|
ASCII text
|
dropped
|
||
/tmp/server-0.xkm
|
Compiled XKB Keymap: lsb, version 15
|
dropped
|
||
/var/lib/gdm3/.config/ibus/bus/ee49dfd4fa47433baee88884e2d7de7c-unix-0
|
ASCII text
|
dropped
|
||
/var/lib/gdm3/.config/pulse/ee49dfd4fa47433baee88884e2d7de7c-default-sink
|
very short file (no magic)
|
dropped
|
||
/var/lib/gdm3/.config/pulse/ee49dfd4fa47433baee88884e2d7de7c-default-source
|
very short file (no magic)
|
dropped
|
Processes
Path
|
Cmdline
|
Malicious
|
|
---|---|---|---|
/tmp/e9e6i5D2gK
|
/tmp/e9e6i5D2gK
|
||
/tmp/e9e6i5D2gK
|
n/a
|
||
/tmp/e9e6i5D2gK
|
n/a
|
||
/tmp/e9e6i5D2gK
|
n/a
|
||
/tmp/e9e6i5D2gK
|
n/a
|
||
/tmp/e9e6i5D2gK
|
n/a
|
||
/tmp/e9e6i5D2gK
|
n/a
|
||
/tmp/e9e6i5D2gK
|
n/a
|
||
/tmp/e9e6i5D2gK
|
n/a
|
||
/usr/libexec/gnome-session-binary
|
n/a
|
||
/bin/sh
|
/bin/sh -e -u -c "export GIO_LAUNCHED_DESKTOP_FILE_PID=$$; exec \"$@\"" sh /usr/bin/gnome-shell
|
||
/usr/bin/gnome-shell
|
/usr/bin/gnome-shell
|
||
/usr/bin/gnome-shell
|
n/a
|
||
/usr/bin/ibus-daemon
|
ibus-daemon --panel disable --xim
|
||
/usr/bin/ibus-daemon
|
n/a
|
||
/usr/libexec/ibus-memconf
|
/usr/libexec/ibus-memconf
|
||
/usr/bin/ibus-daemon
|
n/a
|
||
/usr/bin/ibus-daemon
|
n/a
|
||
/usr/libexec/ibus-x11
|
/usr/libexec/ibus-x11 --kill-daemon
|
||
/usr/bin/ibus-daemon
|
n/a
|
||
/usr/libexec/ibus-engine-simple
|
/usr/libexec/ibus-engine-simple
|
||
/usr/lib/systemd/systemd
|
n/a
|
||
/lib/systemd/systemd-localed
|
/lib/systemd/systemd-localed
|
||
/usr/bin/dbus-daemon
|
n/a
|
||
/usr/libexec/ibus-portal
|
/usr/libexec/ibus-portal
|
||
/usr/lib/systemd/systemd
|
n/a
|
||
/usr/lib/upower/upowerd
|
/usr/lib/upower/upowerd
|
||
/usr/lib/xorg/Xorg
|
n/a
|
||
/bin/sh
|
sh -c "\"/usr/bin/xkbcomp\" -w 1 \"-R/usr/share/X11/xkb\" -xkm \"-\" -em1 \"The XKEYBOARD keymap compiler (xkbcomp) reports:\"
-emp \"> \" -eml \"Errors from xkbcomp are not fatal to the X server\" \"/tmp/server-0.xkm\""
|
||
/bin/sh
|
n/a
|
||
/usr/bin/xkbcomp
|
/usr/bin/xkbcomp -w 1 -R/usr/share/X11/xkb -xkm - -em1 "The XKEYBOARD keymap compiler (xkbcomp) reports:" -emp "> " -eml "Errors
from xkbcomp are not fatal to the X server" /tmp/server-0.xkm
|
||
/usr/lib/systemd/systemd
|
n/a
|
||
/usr/lib/accountsservice/accounts-daemon
|
/usr/lib/accountsservice/accounts-daemon
|
||
/usr/lib/accountsservice/accounts-daemon
|
n/a
|
||
/usr/share/language-tools/language-validate
|
/usr/share/language-tools/language-validate en_US.UTF-8
|
||
/usr/share/language-tools/language-validate
|
n/a
|
||
/usr/share/language-tools/language-options
|
/usr/share/language-tools/language-options
|
||
/usr/share/language-tools/language-options
|
n/a
|
||
/bin/sh
|
sh -c "locale -a | grep -F .utf8 "
|
||
/bin/sh
|
n/a
|
||
/usr/bin/locale
|
locale -a
|
||
/bin/sh
|
n/a
|
||
/usr/bin/grep
|
grep -F .utf8
|
||
/usr/lib/systemd/systemd
|
n/a
|
||
/usr/libexec/geoclue
|
/usr/libexec/geoclue
|
||
/usr/bin/dbus-daemon
|
n/a
|
||
/usr/bin/gjs
|
/usr/bin/gjs /usr/share/gnome-shell/org.gnome.Shell.Notifications
|
||
/usr/lib/systemd/systemd
|
n/a
|
||
/usr/bin/pulseaudio
|
/usr/bin/pulseaudio --daemonize=no --log-target=journal
|
||
/usr/lib/systemd/systemd
|
n/a
|
||
/usr/libexec/fprintd
|
/usr/libexec/fprintd
|
There are 41 hidden processes, click here to show them.
IPs
IP
|
Domain
|
Country
|
Malicious
|
|
---|---|---|---|---|
69.230.36.246
|
unknown
|
United States
|
||
202.72.153.83
|
unknown
|
Australia
|
||
108.168.171.183
|
unknown
|
United States
|
||
100.210.122.247
|
unknown
|
United States
|
||
145.44.93.199
|
unknown
|
Netherlands
|
||
88.136.200.219
|
unknown
|
France
|
||
221.48.215.251
|
unknown
|
Japan
|
||
177.44.253.129
|
unknown
|
Brazil
|
||
42.152.254.64
|
unknown
|
Malaysia
|
||
75.131.165.180
|
unknown
|
United States
|
||
217.19.115.49
|
unknown
|
Russian Federation
|
||
80.196.122.146
|
unknown
|
Denmark
|
||
175.170.162.53
|
unknown
|
China
|
||
61.227.159.116
|
unknown
|
Taiwan; Republic of China (ROC)
|
||
220.6.116.125
|
unknown
|
Japan
|
||
32.143.225.55
|
unknown
|
United States
|
||
57.86.163.59
|
unknown
|
Belgium
|
||
121.177.185.12
|
unknown
|
Korea Republic of
|
||
81.197.146.17
|
unknown
|
Finland
|
||
211.101.65.176
|
unknown
|
China
|
||
84.148.41.187
|
unknown
|
Germany
|
||
66.170.22.8
|
unknown
|
United States
|
||
123.59.155.208
|
unknown
|
China
|
||
111.43.58.28
|
unknown
|
China
|
||
95.123.15.182
|
unknown
|
Spain
|
||
1.34.21.199
|
unknown
|
Taiwan; Republic of China (ROC)
|
||
187.55.212.231
|
unknown
|
Brazil
|
||
136.225.69.124
|
unknown
|
Sweden
|
||
172.125.131.66
|
unknown
|
United States
|
||
66.158.42.213
|
unknown
|
United States
|
||
78.99.177.209
|
unknown
|
Slovakia (SLOVAK Republic)
|
||
42.158.0.116
|
unknown
|
China
|
||
47.99.216.219
|
unknown
|
China
|
||
97.255.238.3
|
unknown
|
United States
|
||
59.135.45.170
|
unknown
|
Japan
|
||
151.113.209.16
|
unknown
|
United States
|
||
160.14.239.102
|
unknown
|
Japan
|
||
108.107.156.189
|
unknown
|
United States
|
||
102.41.18.1
|
unknown
|
Egypt
|
||
202.60.208.210
|
unknown
|
India
|
||
81.141.43.67
|
unknown
|
United Kingdom
|
||
122.80.176.49
|
unknown
|
China
|
||
106.142.62.27
|
unknown
|
Japan
|
||
65.99.176.84
|
unknown
|
Sweden
|
||
69.246.125.219
|
unknown
|
United States
|
||
189.108.118.15
|
unknown
|
Brazil
|
||
208.141.122.100
|
unknown
|
United States
|
||
43.57.106.104
|
unknown
|
Japan
|
||
140.216.248.67
|
unknown
|
United States
|
||
77.19.124.125
|
unknown
|
Norway
|
||
165.135.45.215
|
unknown
|
United States
|
||
208.172.77.62
|
unknown
|
United States
|
||
24.163.25.235
|
unknown
|
United States
|
||
209.171.79.45
|
unknown
|
Canada
|
||
164.148.222.130
|
unknown
|
South Africa
|
||
42.54.33.64
|
unknown
|
China
|
||
62.145.208.64
|
unknown
|
Netherlands
|
||
86.78.14.120
|
unknown
|
France
|
||
154.5.79.172
|
unknown
|
Canada
|
||
124.178.212.173
|
unknown
|
Australia
|
||
189.200.238.163
|
unknown
|
Mexico
|
||
59.97.9.183
|
unknown
|
India
|
||
140.216.248.79
|
unknown
|
United States
|
||
47.114.175.33
|
unknown
|
China
|
||
78.167.178.250
|
unknown
|
Turkey
|
||
92.191.124.48
|
unknown
|
France
|
||
110.7.174.174
|
unknown
|
China
|
||
97.222.195.129
|
unknown
|
United States
|
||
14.151.85.3
|
unknown
|
China
|
||
188.171.41.176
|
unknown
|
Spain
|
||
178.84.162.7
|
unknown
|
Netherlands
|
||
190.74.137.138
|
unknown
|
Venezuela
|
||
65.126.38.78
|
unknown
|
United States
|
||
195.58.81.253
|
unknown
|
United Kingdom
|
||
60.195.61.224
|
unknown
|
China
|
||
181.221.212.94
|
unknown
|
Brazil
|
||
177.240.1.145
|
unknown
|
Mexico
|
||
196.145.176.55
|
unknown
|
Egypt
|
||
201.20.214.34
|
unknown
|
Brazil
|
||
62.7.14.167
|
unknown
|
United Kingdom
|
||
37.212.134.4
|
unknown
|
Belarus
|
||
5.134.95.156
|
unknown
|
Ireland
|
||
146.156.108.122
|
unknown
|
United States
|
||
201.166.102.57
|
unknown
|
Mexico
|
||
209.172.239.10
|
unknown
|
United States
|
||
115.217.129.91
|
unknown
|
China
|
||
221.83.91.98
|
unknown
|
Japan
|
||
125.155.165.128
|
unknown
|
Korea Republic of
|
||
72.6.32.97
|
unknown
|
United States
|
||
65.237.2.35
|
unknown
|
United States
|
||
126.89.139.234
|
unknown
|
Japan
|
||
54.57.245.158
|
unknown
|
United States
|
||
138.7.41.166
|
unknown
|
Australia
|
||
174.5.6.12
|
unknown
|
Canada
|
||
37.212.246.177
|
unknown
|
Belarus
|
||
193.205.119.146
|
unknown
|
Italy
|
||
108.54.61.41
|
unknown
|
United States
|
||
89.200.164.210
|
unknown
|
Poland
|
||
91.220.198.150
|
unknown
|
Ukraine
|
||
216.254.75.229
|
unknown
|
United States
|
There are 90 hidden IPs, click here to show them.