IOC Report
talkspirit-latest-linux-x86_64.AppImage

loading gif

Processes

Path
Cmdline
Malicious
/usr/bin/dash
-
/usr/bin/rm
rm -f /tmp/tmp.HGPF9mFmbj /tmp/tmp.fIaRJARqy2 /tmp/tmp.InqUFpWLDG
/usr/bin/dash
-
/usr/bin/rm
rm -f /tmp/tmp.HGPF9mFmbj /tmp/tmp.fIaRJARqy2 /tmp/tmp.InqUFpWLDG
/tmp/talkspirit-latest-linux-x86_64.AppImage
/tmp/talkspirit-latest-linux-x86_64.AppImage
/tmp/talkspirit-latest-linux-x86_64.AppImage
-
/tmp/talkspirit-latest-linux-x86_64.AppImage
-
/tmp/.mount_talkspz1hseq/AppRun
/tmp/talkspirit-latest-linux-x86_64.AppImage
/tmp/.mount_talkspz1hseq/talkspirit-desktop
/tmp/.mount_talkspz1hseq/talkspirit-desktop

URLs

Name
IP
Malicious
https://nodejs.org/download/release/v18.14.0/node-v18.14.0-headers.tar.gz
unknown
https://crbug.com/638180.
unknown
https://nodejs.org/download/release/v18.14.0/node-v18.14.0.tar.gz
unknown
http://appimage.org/
unknown
http://appimage.org/.shstrtab.interp.note.ABI-tag.hash.dynsym.dynstr.gnu.version.gnu.version_r.rela.
unknown
https://github.com/AppImage/AppImageKit/wiki/FUSE
unknown
https://nodejs.org/download/release/v18.14.0/node-v18.14.0.tar.gzhttps://nodejs.org/download/release
unknown

IPs

IP
Domain
Country
Malicious
109.202.202.202
unknown
Switzerland
91.189.91.43
unknown
United Kingdom
91.189.91.42
unknown
United Kingdom

Memdumps

Base Address
Regiontype
Protect
Malicious
7f3461799000
page read and write
7f346427f000
page read and write
2c4800202000
page read and write
7f3461f21000
page read and write
7f3461d6b000
page read and write
7f346282c000
page read and write
7f3463112000
page read and write
62b000
page read and write
7f3463b9b000
page read and write
7f34646b6000
page read and write
7f30fe4f5000
page read and write
7f3464524000
page execute read
7f34640d3000
page read and write
62b000
page read and write
7f30fe542000
page read and write
7ffd4dbf0000
page execute read
7f3463ef0000
page read and write
7f34646e6000
page read and write
7f346339b000
page read and write
7f30fe283000
page read and write
7f3461753000
page read and write
7f34621a8000
page read and write
7f3463cd4000
page read and write
7ffd4dbb2000
page read and write
42b000
page execute read
7ffde11aa000
page execute read
7ffde115b000
page read and write
7f30fe542000
page read and write
7f30fe2c4000
page read and write
7f3463d3e000
page read and write
7ffd4dbb2000
page read and write
55da6ce7b000
page execute read
7f30fe2c4000
page read and write
138c000
page read and write
7f30fe4f5000
page read and write
7f3462a02000
page read and write
7f30fe4fd000
page read and write
7f3461778000
page read and write
7f3462a77000
page read and write
7f346261e000
page read and write
7f34641fc000
page read and write
55da6d45f000
page read and write
2c4800296000
page read and write
7f30fe4fd000
page read and write
7f34617ae000
page read and write
7f3461db2000
page read and write
7f3461a09000
page read and write
42b000
page execute read
7f3462f5d000
page read and write
138c000
page read and write
7f3462b49000
page read and write
55da6d585000
page read and write
7f30fe4b6000
page read and write
7f34622a8000
page read and write
7f3464549000
page read and write
7f30fe4b6000
page read and write
7ffd4dbf0000
page execute read
7f3462a9a000
page read and write
7f346180b000
page read and write
7f3462dba000
page read and write
13d7000
page read and write
2c480021e000
page read and write
7f3462ac5000
page read and write
There are 53 hidden memdumps, click here to show them.