Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
sample-link.pdf
|
PDF document, version 1.4, 2 pages
|
initial sample
|
||
|
/home/james/.cache/dconf/user
|
very short file (no magic)
|
dropped
|
||
|
/home/james/.local/share/recently-used.xbel.IDNSU2
|
XML 1.0 document, ASCII text
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
/usr/bin/exo-open
|
exo-open /tmp/sample-link.pdf
|
||
|
/usr/bin/exo-open
|
-
|
||
|
/usr/bin/dbus-launch
|
dbus-launch --autolaunch=11ced2f07072c6ae389b731c5cc84014 --binary-syntax --close-stderr
|
||
|
/usr/bin/exo-open
|
-
|
||
|
/usr/bin/exo-open
|
-
|
||
|
/usr/bin/evince
|
evince /tmp/sample-link.pdf
|
||
|
/usr/bin/evince
|
-
|
||
|
/usr/bin/dbus-launch
|
dbus-launch --autolaunch=11ced2f07072c6ae389b731c5cc84014 --binary-syntax --close-stderr
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://www.freedesktop.org/standards/desktop-bookmarks
|
unknown
|
||
|
http://www.freedesktop.org/standards/shared-mime-info
|
unknown
|
||
|
http://freedesktop.org
|
unknown
|
||
|
http://www.antennahouse.com/purchase.htm)
|
unknown
|