Files
File Path
|
Type
|
Category
|
Malicious
|
|
---|---|---|---|---|
eicarINFECTED.pdf
|
PDF document, version 1.1, 0 pages
|
initial sample
|
||
/home/james/.cache/dconf/user
|
very short file (no magic)
|
dropped
|
||
/home/james/.local/share/recently-used.xbel.UCIJU2
|
XML 1.0 document, ASCII text
|
dropped
|
Processes
Path
|
Cmdline
|
Malicious
|
|
---|---|---|---|
/usr/bin/exo-open
|
exo-open /tmp/eicarINFECTED.pdf
|
||
/usr/bin/exo-open
|
-
|
||
/usr/bin/dbus-launch
|
dbus-launch --autolaunch=11ced2f07072c6ae389b731c5cc84014 --binary-syntax --close-stderr
|
||
/usr/bin/exo-open
|
-
|
||
/usr/bin/exo-open
|
-
|
||
/usr/bin/evince
|
evince /tmp/eicarINFECTED.pdf
|
||
/usr/bin/evince
|
-
|
||
/usr/bin/dbus-launch
|
dbus-launch --autolaunch=11ced2f07072c6ae389b731c5cc84014 --binary-syntax --close-stderr
|
URLs
Name
|
IP
|
Malicious
|
|
---|---|---|---|
http://www.freedesktop.org/standards/desktop-bookmarks
|
unknown
|
||
http://www.freedesktop.org/standards/shared-mime-info
|
unknown
|
||
http://freedesktop.org
|
unknown
|