Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
/usr/bin/dash
|
-
|
||
|
/usr/bin/rm
|
rm -f /tmp/tmp.KxtweXCMWg /tmp/tmp.d9QQVA41GB /tmp/tmp.VqbIKFB5K7
|
||
|
/usr/bin/dash
|
-
|
||
|
/usr/bin/rm
|
rm -f /tmp/tmp.KxtweXCMWg /tmp/tmp.d9QQVA41GB /tmp/tmp.VqbIKFB5K7
|
||
|
/tmp/yakov.arm6.elf
|
/tmp/yakov.arm6.elf
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://upx.sf.net
|
unknown
|
 |
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
109.202.202.202
|
unknown
|
Switzerland
|
||
|
91.189.91.43
|
unknown
|
United Kingdom
|
||
|
91.189.91.42
|
unknown
|
United Kingdom
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
7fe5c4028000
|
page execute read
|
|
||
|
7fe6c9927000
|
page read and write
|
|||
|
55b4f8e44000
|
page read and write
|
|||
|
7fe6ca2f7000
|
page read and write
|
|||
|
55b4fb2f8000
|
page read and write
|
|||
|
7fe6ca115000
|
page read and write
|
|||
|
7fe6ca625000
|
page read and write
|
|||
|
7ffd17dd5000
|
page execute read
|
|||
|
55b4fae42000
|
page execute and read and write
|
|||
|
55b4fae59000
|
page read and write
|
|||
|
7fe5c403a000
|
page read and write
|
|||
|
7fe6c9f86000
|
page read and write
|
|||
|
7fe6ca66a000
|
page read and write
|
|||
|
7fe6c9d1b000
|
page read and write
|
|||
|
7ffd17c8d000
|
page read and write
|
|||
|
7fe6c3fff000
|
page read and write
|
|||
|
7fe6ca4d8000
|
page read and write
|
|||
|
7fe6c911f000
|
page read and write
|
|||
|
55b4f8bea000
|
page execute read
|
|||
|
7fe6c9fa9000
|
page read and write
|
|||
|
7fe6c4021000
|
page read and write
|
|||
|
55b4f8e3b000
|
page read and write
|
|||
|
7fe6c99b9000
|
page read and write
|
|||
|
7fe6ca601000
|
page read and write
|
There are 14 hidden memdumps, click here to show them.