Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
/usr/bin/dash
|
-
|
||
|
/usr/bin/rm
|
rm -f /tmp/tmp.ersC5aHsqi /tmp/tmp.hxinM5ILw1 /tmp/tmp.EuAVhYDTix
|
||
|
/usr/bin/dash
|
-
|
||
|
/usr/bin/rm
|
rm -f /tmp/tmp.ersC5aHsqi /tmp/tmp.hxinM5ILw1 /tmp/tmp.EuAVhYDTix
|
||
|
/tmp/novo.arm6.elf
|
/tmp/novo.arm6.elf
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
daisy.ubuntu.com
|
162.213.35.25
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
7f309c02b000
|
page execute read
|
 |
||
|
5622f99d9000
|
page read and write
|
|||
|
7f319c021000
|
page read and write
|
|||
|
7ffd287b8000
|
page execute read
|
|||
|
5622f99c2000
|
page execute and read and write
|
|||
|
5622f776a000
|
page execute read
|
|||
|
7ffd287b1000
|
page read and write
|
|||
|
7f31a1796000
|
page read and write
|
|||
|
7f31a1649000
|
page read and write
|
|||
|
7f31a1468000
|
page read and write
|
|||
|
5622f79bb000
|
page read and write
|
|||
|
7f31a0e8c000
|
page read and write
|
|||
|
7f31a0b2a000
|
page read and write
|
|||
|
7f31a10f7000
|
page read and write
|
|||
|
7f31a0a98000
|
page read and write
|
|||
|
7f31a1772000
|
page read and write
|
|||
|
7f31a17db000
|
page read and write
|
|||
|
7f309c03d000
|
page read and write
|
|||
|
7f309c033000
|
page read and write
|
|||
|
5622fb440000
|
page read and write
|
|||
|
7f319bfff000
|
page read and write
|
|||
|
7f31a111a000
|
page read and write
|
|||
|
5622f79c4000
|
page read and write
|
|||
|
7f31a0290000
|
page read and write
|
|||
|
7f31a1286000
|
page read and write
|
There are 15 hidden memdumps, click here to show them.