Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
/tmp/SecuriteInfo.com.Linux.Siggen.9999.6640.19420.elf
|
/tmp/SecuriteInfo.com.Linux.Siggen.9999.6640.19420.elf
|
||
|
/tmp/SecuriteInfo.com.Linux.Siggen.9999.6640.19420.elf
|
-
|
||
|
/tmp/SecuriteInfo.com.Linux.Siggen.9999.6640.19420.elf
|
-
|
||
|
/usr/libexec/gnome-session-binary
|
-
|
||
|
/bin/sh
|
/bin/sh -e -u -c "export GIO_LAUNCHED_DESKTOP_FILE_PID=$$; exec \"$@\"" sh /usr/libexec/gsd-rfkill
|
||
|
/usr/libexec/gsd-rfkill
|
/usr/libexec/gsd-rfkill
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://upx.sf.net
|
unknown
|
 |
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
93.123.85.221
|
unknown
|
Bulgaria
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
8057000
|
page execute read
|
|
||
|
805a000
|
page read and write
|
|||
|
8c25000
|
page read and write
|
|||
|
ffee5000
|
page read and write
|
|||
|
c02000
|
page execute read
|
|||
|
f7fac000
|
page execute read
|