Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
/tmp/main_ppc.elf
|
/tmp/main_ppc.elf
|
||
|
/usr/bin/dash
|
-
|
||
|
/usr/bin/rm
|
rm -f /tmp/tmp.HYv3bUaZUl /tmp/tmp.B7kc6g72hs /tmp/tmp.jlQ0k08sw1
|
||
|
/usr/bin/dash
|
-
|
||
|
/usr/bin/rm
|
rm -f /tmp/tmp.HYv3bUaZUl /tmp/tmp.B7kc6g72hs /tmp/tmp.jlQ0k08sw1
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
34.249.145.219
|
unknown
|
United States
|
||
|
109.202.202.202
|
unknown
|
Switzerland
|
||
|
91.189.91.43
|
unknown
|
United Kingdom
|
||
|
91.189.91.42
|
unknown
|
United Kingdom
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
7f59c001d000
|
page execute read
|
 |
||
|
5575936a1000
|
page read and write
|
|||
|
557596f9c000
|
page read and write
|
|||
|
7f5ab69aa000
|
page read and write
|
|||
|
55759569f000
|
page execute and read and write
|
|||
|
7f5ab7252000
|
page read and write
|
|||
|
557593699000
|
page read and write
|
|||
|
7f59c0032000
|
page read and write
|
|||
|
7f59c0038000
|
page read and write
|
|||
|
7f5ab671b000
|
page read and write
|
|||
|
7f5ab0000000
|
page read and write
|
|||
|
7f5ab5f0a000
|
page read and write
|
|||
|
7f5ab70dc000
|
page read and write
|
|||
|
5575956b5000
|
page read and write
|
|||
|
7f5ab670d000
|
page read and write
|
|||
|
7fff461eb000
|
page execute read
|
|||
|
557593416000
|
page execute read
|
|||
|
7f5ab6d6c000
|
page read and write
|
|||
|
7f5ab0021000
|
page read and write
|
|||
|
7f5ab720d000
|
page read and write
|
|||
|
7f5ab7205000
|
page read and write
|
|||
|
7fff461c9000
|
page read and write
|
|||
|
7f5ab6d91000
|
page read and write
|
There are 13 hidden memdumps, click here to show them.