Files
File Path
|
Type
|
Category
|
Malicious
|
|
---|---|---|---|---|
na.elf
|
ELF 32-bit LSB executable, MIPS, MIPS-I version 1 (SYSV), statically linked, stripped
|
initial sample
|
||
/var/log/wtmp
|
data
|
dropped
|
||
/home/saturnino/.config/pulse/ee49dfd4fa47433baee88884e2d7de7c-default-sink
|
ASCII text
|
dropped
|
||
/home/saturnino/.config/pulse/ee49dfd4fa47433baee88884e2d7de7c-default-source
|
ASCII text
|
dropped
|
||
/proc/5633/oom_score_adj
|
very short file (no magic)
|
dropped
|
||
/proc/5636/oom_score_adj
|
very short file (no magic)
|
dropped
|
||
/proc/5638/oom_score_adj
|
very short file (no magic)
|
dropped
|
||
/proc/5640/oom_score_adj
|
very short file (no magic)
|
dropped
|
||
/proc/5642/oom_score_adj
|
very short file (no magic)
|
dropped
|
||
/proc/5644/oom_score_adj
|
very short file (no magic)
|
dropped
|
||
/proc/5647/oom_score_adj
|
very short file (no magic)
|
dropped
|
||
/proc/5721/oom_score_adj
|
very short file (no magic)
|
dropped
|
||
/proc/5751/oom_score_adj
|
very short file (no magic)
|
dropped
|
||
/proc/5754/oom_score_adj
|
very short file (no magic)
|
dropped
|
||
/proc/5756/oom_score_adj
|
very short file (no magic)
|
dropped
|
||
/proc/5758/oom_score_adj
|
very short file (no magic)
|
dropped
|
||
/proc/5760/oom_score_adj
|
very short file (no magic)
|
dropped
|
||
/proc/5762/oom_score_adj
|
very short file (no magic)
|
dropped
|
||
/proc/5765/oom_score_adj
|
very short file (no magic)
|
dropped
|
||
/proc/5947/oom_score_adj
|
very short file (no magic)
|
dropped
|
||
/proc/6000/oom_score_adj
|
very short file (no magic)
|
dropped
|
||
/proc/6121/oom_score_adj
|
very short file (no magic)
|
dropped
|
||
/proc/6335/oom_score_adj
|
very short file (no magic)
|
dropped
|
||
/run/avahi-daemon/pid
|
ASCII text
|
dropped
|
||
/run/gdm3.pid
|
ASCII text
|
dropped
|
||
/run/systemd/inhibit/.#1ITVSTV
|
ASCII text
|
dropped
|
||
/run/systemd/inhibit/.#29ScS2W
|
ASCII text
|
dropped
|
||
/run/systemd/inhibit/.#37BJ6IX
|
ASCII text
|
dropped
|
||
/run/systemd/inhibit/.#4gOVR4U
|
ASCII text
|
dropped
|
||
/run/systemd/seats/.#seat003yFDV
|
ASCII text
|
dropped
|
||
/run/systemd/seats/.#seat06IdSjW
|
ASCII text
|
dropped
|
||
/run/systemd/seats/.#seat07IjKMX
|
ASCII text
|
dropped
|
||
/run/systemd/seats/.#seat0KpuuUX
|
ASCII text
|
dropped
|
||
/run/systemd/seats/.#seat0Xo91UT
|
ASCII text
|
dropped
|
||
/run/systemd/seats/.#seat0rBsjPV
|
ASCII text
|
dropped
|
||
/run/systemd/seats/.#seat0tHuFqV
|
ASCII text
|
dropped
|
||
/run/systemd/sessions/.#c14WEsfY
|
ASCII text
|
dropped
|
||
/run/systemd/sessions/.#c1AddulX
|
ASCII text
|
dropped
|
||
/run/systemd/sessions/.#c1V8SHPW
|
ASCII text
|
dropped
|
||
/run/systemd/sessions/.#c1cmFh2X
|
ASCII text
|
dropped
|
||
/run/systemd/sessions/.#c1tpi29X
|
ASCII text
|
dropped
|
||
/run/systemd/sessions/.#c1u9I7AW
|
ASCII text
|
dropped
|
||
/run/systemd/sessions/.#c28Qt0bY
|
ASCII text
|
dropped
|
||
/run/systemd/sessions/.#c2CsredW
|
ASCII text
|
dropped
|
||
/run/systemd/sessions/.#c2SbGjbW
|
ASCII text
|
dropped
|
||
/run/systemd/sessions/.#c2SdHqTX
|
ASCII text
|
dropped
|
||
/run/systemd/sessions/.#c2UwvxsU
|
ASCII text
|
dropped
|
||
/run/systemd/sessions/.#c2a2eg7V
|
ASCII text
|
dropped
|
||
/run/systemd/sessions/.#c2fNLWXU
|
ASCII text
|
dropped
|
||
/run/systemd/sessions/.#c2hrKB2X
|
ASCII text
|
dropped
|
||
/run/systemd/users/.#127FDHVFT
|
ASCII text
|
dropped
|
||
/run/systemd/users/.#127GP93pW
|
ASCII text
|
dropped
|
||
/run/systemd/users/.#127HLuJQT
|
ASCII text
|
dropped
|
||
/run/systemd/users/.#127cK93OX
|
ASCII text
|
dropped
|
||
/run/systemd/users/.#127cRkriX
|
ASCII text
|
dropped
|
||
/run/systemd/users/.#127cnsaAU
|
ASCII text
|
dropped
|
||
/run/systemd/users/.#127dav0WV
|
ASCII text
|
dropped
|
||
/run/systemd/users/.#127jZyuhW
|
ASCII text
|
dropped
|
||
/run/systemd/users/.#127mKzAwW
|
ASCII text
|
dropped
|
||
/run/systemd/users/.#127sFv3dY
|
ASCII text
|
dropped
|
||
/run/systemd/users/.#127srH9JX
|
ASCII text
|
dropped
|
||
/run/systemd/users/.#127vQROgW
|
ASCII text
|
dropped
|
||
/run/user/1000/pulse/pid
|
ASCII text
|
dropped
|
||
/run/user/127/ICEauthority
|
TTComp archive data, binary, 1K dictionary
|
dropped
|
||
/run/user/127/dconf/user
|
very short file (no magic)
|
dropped
|
||
/run/user/127/gdm/Xauthority
|
X11 Xauthority data
|
dropped
|
||
/run/user/127/pulse/pid
|
ASCII text
|
dropped
|
||
/run/utmp
|
data
|
dropped
|
||
/tmp/qemu-open.ZpUvOR (deleted)
|
data
|
dropped
|
||
/tmp/qemu-open.szYMRj (deleted)
|
data
|
dropped
|
||
/tmp/server-0.xkm
|
Compiled XKB Keymap: lsb, version 15
|
dropped
|
||
/var/lib/AccountsService/users/gdm.1GEBV2
|
ASCII text
|
dropped
|
||
/var/lib/AccountsService/users/gdm.KNTCV2
|
ASCII text
|
dropped
|
||
/var/lib/gdm3/.config/ibus/bus/ee49dfd4fa47433baee88884e2d7de7c-unix-0
|
ASCII text
|
dropped
|
||
/var/lib/gdm3/.config/pulse/ee49dfd4fa47433baee88884e2d7de7c-default-sink
|
very short file (no magic)
|
dropped
|
||
/var/lib/gdm3/.config/pulse/ee49dfd4fa47433baee88884e2d7de7c-default-source
|
very short file (no magic)
|
dropped
|
||
/var/lib/ubuntu-drivers-common/last_gfx_boot
|
ASCII text
|
dropped
|
||
/var/log/Xorg.0.log
|
JSON data
|
dropped
|
||
/var/log/auth.log
|
ASCII text
|
dropped
|
||
/var/log/gpu-manager.log
|
ASCII text
|
dropped
|
||
/var/log/kern.log
|
ASCII text
|
dropped
|
||
/var/log/syslog
|
ASCII text, with very long lines (317)
|
dropped
|
There are 72 hidden files, click here to show them.
Processes
Path
|
Cmdline
|
Malicious
|
|
---|---|---|---|
/tmp/na.elf
|
/tmp/na.elf
|
||
/tmp/na.elf
|
-
|
||
/tmp/na.elf
|
-
|
||
/tmp/na.elf
|
-
|
||
/tmp/na.elf
|
-
|
||
/tmp/na.elf
|
-
|
||
/tmp/na.elf
|
-
|
||
/tmp/na.elf
|
-
|
||
/tmp/na.elf
|
-
|
||
/usr/lib/systemd/systemd
|
-
|
||
/usr/bin/dbus-daemon
|
/usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only
|
||
/usr/lib/systemd/systemd
|
-
|
||
/usr/bin/pulseaudio
|
/usr/bin/pulseaudio --daemonize=no --log-target=journal
|
||
/usr/lib/systemd/systemd
|
-
|
||
/usr/sbin/rsyslogd
|
/usr/sbin/rsyslogd -n -iNONE
|
||
/usr/libexec/gvfsd-fuse
|
-
|
||
/bin/fusermount
|
fusermount -u -q -z -- /run/user/1000/gvfs
|
||
/usr/lib/systemd/systemd
|
-
|
||
/lib/systemd/systemd-logind
|
/lib/systemd/systemd-logind
|
||
/usr/lib/systemd/systemd
|
-
|
||
/usr/libexec/rtkit-daemon
|
/usr/libexec/rtkit-daemon
|
||
/usr/lib/systemd/systemd
|
-
|
||
/usr/lib/policykit-1/polkitd
|
/usr/lib/policykit-1/polkitd --no-debug
|
||
/usr/lib/systemd/systemd
|
-
|
||
/sbin/agetty
|
/sbin/agetty -o "-p -- \\u" --noclear tty2 linux
|
||
/usr/sbin/gdm3
|
-
|
||
/etc/gdm3/PrimeOff/Default
|
/etc/gdm3/PrimeOff/Default
|
||
/usr/sbin/gdm3
|
-
|
||
/etc/gdm3/PrimeOff/Default
|
/etc/gdm3/PrimeOff/Default
|
||
/usr/sbin/gdm3
|
-
|
||
/etc/gdm3/PrimeOff/Default
|
/etc/gdm3/PrimeOff/Default
|
||
/usr/lib/systemd/systemd
|
-
|
||
/usr/bin/gpu-manager
|
/usr/bin/gpu-manager --log /var/log/gpu-manager.log
|
||
/usr/bin/gpu-manager
|
-
|
||
/bin/sh
|
sh -c "grep -G \"^blacklist.*nvidia[[:space:]]*$\" /etc/modprobe.d/*.conf"
|
||
/bin/sh
|
-
|
||
/usr/bin/grep
|
grep -G ^blacklist.*nvidia[[:space:]]*$ /etc/modprobe.d/alsa-base.conf /etc/modprobe.d/amd64-microcode-blacklist.conf /etc/modprobe.d/blacklist-ath_pci.conf
/etc/modprobe.d/blacklist-firewire.conf /etc/modprobe.d/blacklist-framebuffer.conf /etc/modprobe.d/blacklist-modem.conf /etc/modprobe.d/blacklist-oss.conf
/etc/modprobe.d/blacklist-rare-network.conf /etc/modprobe.d/blacklist.conf /etc/modprobe.d/intel-microcode-blacklist.conf
/etc/modprobe.d/iwlwifi.conf /etc/modprobe.d/mdadm.conf
|
||
/usr/bin/gpu-manager
|
-
|
||
/bin/sh
|
sh -c "grep -G \"^blacklist.*nvidia[[:space:]]*$\" /lib/modprobe.d/*.conf"
|
||
/bin/sh
|
-
|
||
/usr/bin/grep
|
grep -G ^blacklist.*nvidia[[:space:]]*$ /lib/modprobe.d/aliases.conf /lib/modprobe.d/blacklist_linux_5.4.0-72-generic.conf
/lib/modprobe.d/blacklist_linux_5.4.0-81-generic.conf /lib/modprobe.d/fbdev-blacklist.conf /lib/modprobe.d/systemd.conf
|
||
/usr/bin/gpu-manager
|
-
|
||
/bin/sh
|
sh -c "grep -G \"^blacklist.*radeon[[:space:]]*$\" /etc/modprobe.d/*.conf"
|
||
/bin/sh
|
-
|
||
/usr/bin/grep
|
grep -G ^blacklist.*radeon[[:space:]]*$ /etc/modprobe.d/alsa-base.conf /etc/modprobe.d/amd64-microcode-blacklist.conf /etc/modprobe.d/blacklist-ath_pci.conf
/etc/modprobe.d/blacklist-firewire.conf /etc/modprobe.d/blacklist-framebuffer.conf /etc/modprobe.d/blacklist-modem.conf /etc/modprobe.d/blacklist-oss.conf
/etc/modprobe.d/blacklist-rare-network.conf /etc/modprobe.d/blacklist.conf /etc/modprobe.d/intel-microcode-blacklist.conf
/etc/modprobe.d/iwlwifi.conf /etc/modprobe.d/mdadm.conf
|
||
/usr/bin/gpu-manager
|
-
|
||
/bin/sh
|
sh -c "grep -G \"^blacklist.*radeon[[:space:]]*$\" /lib/modprobe.d/*.conf"
|
||
/bin/sh
|
-
|
||
/usr/bin/grep
|
grep -G ^blacklist.*radeon[[:space:]]*$ /lib/modprobe.d/aliases.conf /lib/modprobe.d/blacklist_linux_5.4.0-72-generic.conf
/lib/modprobe.d/blacklist_linux_5.4.0-81-generic.conf /lib/modprobe.d/fbdev-blacklist.conf /lib/modprobe.d/systemd.conf
|
||
/usr/bin/gpu-manager
|
-
|
||
/bin/sh
|
sh -c "grep -G \"^blacklist.*amdgpu[[:space:]]*$\" /etc/modprobe.d/*.conf"
|
||
/bin/sh
|
-
|
||
/usr/bin/grep
|
grep -G ^blacklist.*amdgpu[[:space:]]*$ /etc/modprobe.d/alsa-base.conf /etc/modprobe.d/amd64-microcode-blacklist.conf /etc/modprobe.d/blacklist-ath_pci.conf
/etc/modprobe.d/blacklist-firewire.conf /etc/modprobe.d/blacklist-framebuffer.conf /etc/modprobe.d/blacklist-modem.conf /etc/modprobe.d/blacklist-oss.conf
/etc/modprobe.d/blacklist-rare-network.conf /etc/modprobe.d/blacklist.conf /etc/modprobe.d/intel-microcode-blacklist.conf
/etc/modprobe.d/iwlwifi.conf /etc/modprobe.d/mdadm.conf
|
||
/usr/bin/gpu-manager
|
-
|
||
/bin/sh
|
sh -c "grep -G \"^blacklist.*amdgpu[[:space:]]*$\" /lib/modprobe.d/*.conf"
|
||
/bin/sh
|
-
|
||
/usr/bin/grep
|
grep -G ^blacklist.*amdgpu[[:space:]]*$ /lib/modprobe.d/aliases.conf /lib/modprobe.d/blacklist_linux_5.4.0-72-generic.conf
/lib/modprobe.d/blacklist_linux_5.4.0-81-generic.conf /lib/modprobe.d/fbdev-blacklist.conf /lib/modprobe.d/systemd.conf
|
||
/usr/bin/gpu-manager
|
-
|
||
/bin/sh
|
sh -c "grep -G \"^blacklist.*nouveau[[:space:]]*$\" /etc/modprobe.d/*.conf"
|
||
/bin/sh
|
-
|
||
/usr/bin/grep
|
grep -G ^blacklist.*nouveau[[:space:]]*$ /etc/modprobe.d/alsa-base.conf /etc/modprobe.d/amd64-microcode-blacklist.conf /etc/modprobe.d/blacklist-ath_pci.conf
/etc/modprobe.d/blacklist-firewire.conf /etc/modprobe.d/blacklist-framebuffer.conf /etc/modprobe.d/blacklist-modem.conf /etc/modprobe.d/blacklist-oss.conf
/etc/modprobe.d/blacklist-rare-network.conf /etc/modprobe.d/blacklist.conf /etc/modprobe.d/intel-microcode-blacklist.conf
/etc/modprobe.d/iwlwifi.conf /etc/modprobe.d/mdadm.conf
|
||
/usr/bin/gpu-manager
|
-
|
||
/bin/sh
|
sh -c "grep -G \"^blacklist.*nouveau[[:space:]]*$\" /lib/modprobe.d/*.conf"
|
||
/bin/sh
|
-
|
||
/usr/bin/grep
|
grep -G ^blacklist.*nouveau[[:space:]]*$ /lib/modprobe.d/aliases.conf /lib/modprobe.d/blacklist_linux_5.4.0-72-generic.conf
/lib/modprobe.d/blacklist_linux_5.4.0-81-generic.conf /lib/modprobe.d/fbdev-blacklist.conf /lib/modprobe.d/systemd.conf
|
||
/usr/lib/systemd/systemd
|
-
|
||
/usr/bin/dbus-daemon
|
/usr/bin/dbus-daemon --session --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only
|
||
/usr/lib/systemd/systemd
|
-
|
||
/usr/share/gdm/generate-config
|
/usr/share/gdm/generate-config
|
||
/usr/share/gdm/generate-config
|
-
|
||
/usr/bin/pkill
|
pkill --signal HUP --uid gdm dconf-service
|
||
/usr/lib/systemd/systemd
|
-
|
||
/usr/lib/gdm3/gdm-wait-for-drm
|
/usr/lib/gdm3/gdm-wait-for-drm
|
||
/usr/lib/systemd/systemd
|
-
|
||
/usr/sbin/gdm3
|
/usr/sbin/gdm3
|
||
/usr/sbin/gdm3
|
-
|
||
/usr/bin/plymouth
|
plymouth --ping
|
||
/usr/sbin/gdm3
|
-
|
||
/usr/lib/gdm3/gdm-session-worker
|
"gdm-session-worker [pam/gdm-launch-environment]"
|
||
/usr/lib/gdm3/gdm-session-worker
|
-
|
||
/usr/lib/gdm3/gdm-wayland-session
|
/usr/lib/gdm3/gdm-wayland-session "dbus-run-session -- gnome-session --autostart /usr/share/gdm/greeter/autostart"
|
||
/usr/lib/gdm3/gdm-wayland-session
|
-
|
||
/usr/bin/dbus-run-session
|
dbus-run-session -- gnome-session --autostart /usr/share/gdm/greeter/autostart
|
||
/usr/bin/dbus-run-session
|
-
|
||
/usr/bin/dbus-daemon
|
dbus-daemon --nofork --print-address 4 --session
|
||
/usr/bin/dbus-daemon
|
-
|
||
/usr/bin/dbus-daemon
|
-
|
||
/bin/false
|
/bin/false
|
||
/usr/bin/dbus-daemon
|
-
|
||
/usr/bin/dbus-daemon
|
-
|
||
/bin/false
|
/bin/false
|
||
/usr/bin/dbus-daemon
|
-
|
||
/usr/bin/dbus-daemon
|
-
|
||
/bin/false
|
/bin/false
|
||
/usr/bin/dbus-daemon
|
-
|
||
/usr/bin/dbus-daemon
|
-
|
||
/bin/false
|
/bin/false
|
||
/usr/bin/dbus-daemon
|
-
|
||
/usr/bin/dbus-daemon
|
-
|
||
/bin/false
|
/bin/false
|
||
/usr/bin/dbus-daemon
|
-
|
||
/usr/bin/dbus-daemon
|
-
|
||
/bin/false
|
/bin/false
|
||
/usr/bin/dbus-daemon
|
-
|
||
/usr/bin/dbus-daemon
|
-
|
||
/bin/false
|
/bin/false
|
||
/usr/bin/dbus-run-session
|
-
|
||
/usr/bin/gnome-session
|
gnome-session --autostart /usr/share/gdm/greeter/autostart
|
||
/usr/libexec/gnome-session-binary
|
/usr/libexec/gnome-session-binary --systemd --autostart /usr/share/gdm/greeter/autostart
|
||
/usr/libexec/gnome-session-binary
|
-
|
||
/usr/bin/session-migration
|
session-migration
|
||
/usr/libexec/gnome-session-binary
|
-
|
||
/bin/sh
|
/bin/sh -e -u -c "export GIO_LAUNCHED_DESKTOP_FILE_PID=$$; exec \"$@\"" sh /usr/bin/gnome-shell
|
||
/usr/bin/gnome-shell
|
/usr/bin/gnome-shell
|
||
/usr/sbin/gdm3
|
-
|
||
/usr/lib/gdm3/gdm-session-worker
|
"gdm-session-worker [pam/gdm-launch-environment]"
|
||
/usr/lib/gdm3/gdm-session-worker
|
-
|
||
/usr/lib/gdm3/gdm-x-session
|
/usr/lib/gdm3/gdm-x-session "dbus-run-session -- gnome-session --autostart /usr/share/gdm/greeter/autostart"
|
||
/usr/lib/gdm3/gdm-x-session
|
-
|
||
/usr/bin/Xorg
|
/usr/bin/Xorg vt1 -displayfd 3 -auth /run/user/127/gdm/Xauthority -background none -noreset -keeptty -verbose 3
|
||
/usr/lib/xorg/Xorg.wrap
|
/usr/lib/xorg/Xorg.wrap vt1 -displayfd 3 -auth /run/user/127/gdm/Xauthority -background none -noreset -keeptty -verbose 3
|
||
/usr/lib/xorg/Xorg
|
/usr/lib/xorg/Xorg vt1 -displayfd 3 -auth /run/user/127/gdm/Xauthority -background none -noreset -keeptty -verbose 3
|
||
/usr/lib/xorg/Xorg
|
-
|
||
/bin/sh
|
sh -c "\"/usr/bin/xkbcomp\" -w 1 \"-R/usr/share/X11/xkb\" -xkm \"-\" -em1 \"The XKEYBOARD keymap compiler (xkbcomp) reports:\"
-emp \"> \" -eml \"Errors from xkbcomp are not fatal to the X server\" \"/tmp/server-0.xkm\""
|
||
/bin/sh
|
-
|
||
/usr/bin/xkbcomp
|
/usr/bin/xkbcomp -w 1 -R/usr/share/X11/xkb -xkm - -em1 "The XKEYBOARD keymap compiler (xkbcomp) reports:" -emp "> " -eml "Errors
from xkbcomp are not fatal to the X server" /tmp/server-0.xkm
|
||
/usr/lib/xorg/Xorg
|
-
|
||
/bin/sh
|
sh -c "\"/usr/bin/xkbcomp\" -w 1 \"-R/usr/share/X11/xkb\" -xkm \"-\" -em1 \"The XKEYBOARD keymap compiler (xkbcomp) reports:\"
-emp \"> \" -eml \"Errors from xkbcomp are not fatal to the X server\" \"/tmp/server-0.xkm\""
|
||
/bin/sh
|
-
|
||
/usr/bin/xkbcomp
|
/usr/bin/xkbcomp -w 1 -R/usr/share/X11/xkb -xkm - -em1 "The XKEYBOARD keymap compiler (xkbcomp) reports:" -emp "> " -eml "Errors
from xkbcomp are not fatal to the X server" /tmp/server-0.xkm
|
||
/usr/lib/gdm3/gdm-x-session
|
-
|
||
/etc/gdm3/Prime/Default
|
/etc/gdm3/Prime/Default
|
||
/usr/lib/gdm3/gdm-x-session
|
-
|
||
/usr/bin/dbus-run-session
|
dbus-run-session -- gnome-session --autostart /usr/share/gdm/greeter/autostart
|
||
/usr/bin/dbus-run-session
|
-
|
||
/usr/bin/dbus-daemon
|
dbus-daemon --nofork --print-address 4 --session
|
||
/usr/bin/dbus-daemon
|
-
|
||
/usr/bin/dbus-daemon
|
-
|
||
/usr/libexec/at-spi-bus-launcher
|
/usr/libexec/at-spi-bus-launcher
|
||
/usr/libexec/at-spi-bus-launcher
|
-
|
||
/usr/bin/dbus-daemon
|
/usr/bin/dbus-daemon --config-file=/usr/share/defaults/at-spi2/accessibility.conf --nofork --print-address 3
|
||
/usr/bin/dbus-daemon
|
-
|
||
/usr/bin/dbus-daemon
|
-
|
||
/usr/libexec/at-spi2-registryd
|
/usr/libexec/at-spi2-registryd --use-gnome-session
|
||
/usr/bin/dbus-daemon
|
-
|
||
/usr/bin/dbus-daemon
|
-
|
||
/bin/false
|
/bin/false
|
||
/usr/bin/dbus-daemon
|
-
|
||
/usr/bin/dbus-daemon
|
-
|
||
/bin/false
|
/bin/false
|
||
/usr/bin/dbus-daemon
|
-
|
||
/usr/bin/dbus-daemon
|
-
|
||
/bin/false
|
/bin/false
|
||
/usr/bin/dbus-daemon
|
-
|
||
/usr/bin/dbus-daemon
|
-
|
||
/bin/false
|
/bin/false
|
||
/usr/bin/dbus-daemon
|
-
|
||
/usr/bin/dbus-daemon
|
-
|
||
/bin/false
|
/bin/false
|
||
/usr/bin/dbus-daemon
|
-
|
||
/usr/bin/dbus-daemon
|
-
|
||
/bin/false
|
/bin/false
|
||
/usr/bin/dbus-daemon
|
-
|
||
/usr/bin/dbus-daemon
|
-
|
||
/bin/false
|
/bin/false
|
||
/usr/bin/dbus-daemon
|
-
|
||
/usr/bin/dbus-daemon
|
-
|
||
/usr/libexec/ibus-portal
|
/usr/libexec/ibus-portal
|
||
/usr/bin/dbus-daemon
|
-
|
||
/usr/bin/dbus-daemon
|
-
|
||
/usr/bin/gjs
|
/usr/bin/gjs /usr/share/gnome-shell/org.gnome.Shell.Notifications
|
||
/usr/bin/dbus-daemon
|
-
|
||
/usr/bin/dbus-daemon
|
-
|
||
/bin/false
|
/bin/false
|
||
/usr/bin/dbus-run-session
|
-
|
||
/usr/bin/gnome-session
|
gnome-session --autostart /usr/share/gdm/greeter/autostart
|
||
/usr/libexec/gnome-session-binary
|
/usr/libexec/gnome-session-binary --systemd --autostart /usr/share/gdm/greeter/autostart
|
||
/usr/libexec/gnome-session-binary
|
-
|
||
/usr/libexec/gnome-session-check-accelerated
|
/usr/libexec/gnome-session-check-accelerated
|
||
/usr/libexec/gnome-session-check-accelerated
|
-
|
||
/usr/libexec/gnome-session-check-accelerated-gl-helper
|
/usr/libexec/gnome-session-check-accelerated-gl-helper --print-renderer
|
||
/usr/libexec/gnome-session-check-accelerated
|
-
|
||
/usr/libexec/gnome-session-check-accelerated-gles-helper
|
/usr/libexec/gnome-session-check-accelerated-gles-helper --print-renderer
|
||
/usr/libexec/gnome-session-binary
|
-
|
||
/usr/bin/session-migration
|
session-migration
|
||
/usr/libexec/gnome-session-binary
|
-
|
||
/bin/sh
|
/bin/sh -e -u -c "export GIO_LAUNCHED_DESKTOP_FILE_PID=$$; exec \"$@\"" sh /usr/bin/gnome-shell
|
||
/usr/bin/gnome-shell
|
/usr/bin/gnome-shell
|
||
/usr/bin/gnome-shell
|
-
|
||
/usr/bin/ibus-daemon
|
ibus-daemon --panel disable --xim
|
||
/usr/bin/ibus-daemon
|
-
|
||
/usr/libexec/ibus-memconf
|
/usr/libexec/ibus-memconf
|
||
/usr/bin/ibus-daemon
|
-
|
||
/usr/bin/ibus-daemon
|
-
|
||
/usr/libexec/ibus-x11
|
/usr/libexec/ibus-x11 --kill-daemon
|
||
/usr/bin/ibus-daemon
|
-
|
||
/usr/libexec/ibus-engine-simple
|
/usr/libexec/ibus-engine-simple
|
||
/usr/libexec/gnome-session-binary
|
-
|
||
/bin/sh
|
/bin/sh -e -u -c "export GIO_LAUNCHED_DESKTOP_FILE_PID=$$; exec \"$@\"" sh /usr/libexec/gsd-sharing
|
||
/usr/libexec/gsd-sharing
|
/usr/libexec/gsd-sharing
|
||
/usr/libexec/gnome-session-binary
|
-
|
||
/bin/sh
|
/bin/sh -e -u -c "export GIO_LAUNCHED_DESKTOP_FILE_PID=$$; exec \"$@\"" sh /usr/libexec/gsd-wacom
|
||
/usr/libexec/gsd-wacom
|
/usr/libexec/gsd-wacom
|
||
/usr/libexec/gnome-session-binary
|
-
|
||
/bin/sh
|
/bin/sh -e -u -c "export GIO_LAUNCHED_DESKTOP_FILE_PID=$$; exec \"$@\"" sh /usr/libexec/gsd-color
|
||
/usr/libexec/gsd-color
|
/usr/libexec/gsd-color
|
||
/usr/libexec/gnome-session-binary
|
-
|
||
/bin/sh
|
/bin/sh -e -u -c "export GIO_LAUNCHED_DESKTOP_FILE_PID=$$; exec \"$@\"" sh /usr/libexec/gsd-keyboard
|
||
/usr/libexec/gsd-keyboard
|
/usr/libexec/gsd-keyboard
|
||
/usr/libexec/gnome-session-binary
|
-
|
||
/bin/sh
|
/bin/sh -e -u -c "export GIO_LAUNCHED_DESKTOP_FILE_PID=$$; exec \"$@\"" sh /usr/libexec/gsd-print-notifications
|
||
/usr/libexec/gsd-print-notifications
|
/usr/libexec/gsd-print-notifications
|
||
/usr/libexec/gsd-print-notifications
|
-
|
||
/usr/libexec/gsd-print-notifications
|
-
|
||
/usr/libexec/gsd-printer
|
/usr/libexec/gsd-printer
|
||
/usr/libexec/gnome-session-binary
|
-
|
||
/bin/sh
|
/bin/sh -e -u -c "export GIO_LAUNCHED_DESKTOP_FILE_PID=$$; exec \"$@\"" sh /usr/libexec/gsd-rfkill
|
||
/usr/libexec/gsd-rfkill
|
/usr/libexec/gsd-rfkill
|
||
/usr/libexec/gnome-session-binary
|
-
|
||
/bin/sh
|
/bin/sh -e -u -c "export GIO_LAUNCHED_DESKTOP_FILE_PID=$$; exec \"$@\"" sh /usr/libexec/gsd-smartcard
|
||
/usr/libexec/gsd-smartcard
|
/usr/libexec/gsd-smartcard
|
||
/usr/libexec/gnome-session-binary
|
-
|
||
/bin/sh
|
/bin/sh -e -u -c "export GIO_LAUNCHED_DESKTOP_FILE_PID=$$; exec \"$@\"" sh /usr/libexec/gsd-datetime
|
||
/usr/libexec/gsd-datetime
|
/usr/libexec/gsd-datetime
|
||
/usr/libexec/gnome-session-binary
|
-
|
||
/bin/sh
|
/bin/sh -e -u -c "export GIO_LAUNCHED_DESKTOP_FILE_PID=$$; exec \"$@\"" sh /usr/libexec/gsd-media-keys
|
||
/usr/libexec/gsd-media-keys
|
/usr/libexec/gsd-media-keys
|
||
/usr/libexec/gnome-session-binary
|
-
|
||
/bin/sh
|
/bin/sh -e -u -c "export GIO_LAUNCHED_DESKTOP_FILE_PID=$$; exec \"$@\"" sh /usr/libexec/gsd-screensaver-proxy
|
||
/usr/libexec/gsd-screensaver-proxy
|
/usr/libexec/gsd-screensaver-proxy
|
||
/usr/libexec/gnome-session-binary
|
-
|
||
/bin/sh
|
/bin/sh -e -u -c "export GIO_LAUNCHED_DESKTOP_FILE_PID=$$; exec \"$@\"" sh /usr/libexec/gsd-sound
|
||
/usr/libexec/gsd-sound
|
/usr/libexec/gsd-sound
|
||
/usr/libexec/gnome-session-binary
|
-
|
||
/bin/sh
|
/bin/sh -e -u -c "export GIO_LAUNCHED_DESKTOP_FILE_PID=$$; exec \"$@\"" sh /usr/libexec/gsd-a11y-settings
|
||
/usr/libexec/gsd-a11y-settings
|
/usr/libexec/gsd-a11y-settings
|
||
/usr/libexec/gnome-session-binary
|
-
|
||
/bin/sh
|
/bin/sh -e -u -c "export GIO_LAUNCHED_DESKTOP_FILE_PID=$$; exec \"$@\"" sh /usr/libexec/gsd-housekeeping
|
||
/usr/libexec/gsd-housekeeping
|
/usr/libexec/gsd-housekeeping
|
||
/usr/libexec/gnome-session-binary
|
-
|
||
/bin/sh
|
/bin/sh -e -u -c "export GIO_LAUNCHED_DESKTOP_FILE_PID=$$; exec \"$@\"" sh /usr/libexec/gsd-power
|
||
/usr/libexec/gsd-power
|
/usr/libexec/gsd-power
|
||
/usr/libexec/gnome-session-binary
|
-
|
||
/bin/sh
|
/bin/sh -e -u -c "export GIO_LAUNCHED_DESKTOP_FILE_PID=$$; exec \"$@\"" sh /usr/bin/spice-vdagent
|
||
/usr/bin/spice-vdagent
|
/usr/bin/spice-vdagent
|
||
/usr/libexec/gnome-session-binary
|
-
|
||
/bin/sh
|
/bin/sh -e -u -c "export GIO_LAUNCHED_DESKTOP_FILE_PID=$$; exec \"$@\"" sh xbrlapi -q
|
||
/usr/bin/xbrlapi
|
xbrlapi -q
|
||
/usr/sbin/gdm3
|
-
|
||
/etc/gdm3/PrimeOff/Default
|
/etc/gdm3/PrimeOff/Default
|
||
/usr/sbin/gdm3
|
-
|
||
/etc/gdm3/PrimeOff/Default
|
/etc/gdm3/PrimeOff/Default
|
||
/usr/lib/systemd/systemd
|
-
|
||
/usr/lib/accountsservice/accounts-daemon
|
/usr/lib/accountsservice/accounts-daemon
|
||
/usr/lib/accountsservice/accounts-daemon
|
-
|
||
/usr/share/language-tools/language-validate
|
/usr/share/language-tools/language-validate en_US.UTF-8
|
||
/usr/share/language-tools/language-validate
|
-
|
||
/usr/share/language-tools/language-options
|
/usr/share/language-tools/language-options
|
||
/usr/share/language-tools/language-options
|
-
|
||
/bin/sh
|
sh -c "locale -a | grep -F .utf8 "
|
||
/bin/sh
|
-
|
||
/usr/bin/locale
|
locale -a
|
||
/bin/sh
|
-
|
||
/usr/bin/grep
|
grep -F .utf8
|
||
/usr/lib/systemd/systemd
|
-
|
||
/usr/bin/dbus-daemon
|
/usr/bin/dbus-daemon --session --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only
|
||
/usr/lib/systemd/systemd
|
-
|
||
/lib/systemd/systemd-localed
|
/lib/systemd/systemd-localed
|
||
/usr/lib/systemd/systemd
|
-
|
||
/usr/lib/upower/upowerd
|
/usr/lib/upower/upowerd
|
||
/usr/lib/systemd/systemd
|
-
|
||
/usr/bin/pulseaudio
|
/usr/bin/pulseaudio --daemonize=no --log-target=journal
|
||
/usr/lib/systemd/systemd
|
-
|
||
/usr/libexec/geoclue
|
/usr/libexec/geoclue
|
||
/usr/lib/systemd/systemd
|
-
|
||
/sbin/wpa_supplicant
|
/sbin/wpa_supplicant -u -s -O /run/wpa_supplicant
|
||
/usr/lib/systemd/systemd
|
-
|
||
/usr/sbin/avahi-daemon
|
/usr/sbin/avahi-daemon -s
|
||
/usr/sbin/avahi-daemon
|
-
|
||
/usr/lib/systemd/systemd
|
-
|
||
/usr/lib/packagekit/packagekitd
|
/usr/lib/packagekit/packagekitd
|
||
/usr/lib/packagekit/packagekitd
|
-
|
||
/usr/bin/dpkg
|
/usr/bin/dpkg --print-foreign-architectures
|
||
/usr/lib/systemd/systemd
|
-
|
||
/lib/systemd/systemd-hostnamed
|
/lib/systemd/systemd-hostnamed
|
||
/usr/lib/systemd/systemd
|
-
|
||
/usr/libexec/colord
|
/usr/libexec/colord
|
||
/usr/libexec/colord
|
-
|
||
/usr/libexec/colord-sane
|
/usr/libexec/colord-sane
|
||
/usr/lib/systemd/systemd
|
-
|
||
/usr/sbin/ModemManager
|
/usr/sbin/ModemManager --filter-policy=strict
|
||
/usr/lib/systemd/systemd
|
-
|
||
/lib/systemd/systemd-localed
|
/lib/systemd/systemd-localed
|
||
/usr/lib/systemd/systemd
|
-
|
||
/usr/libexec/fprintd
|
/usr/libexec/fprintd
|
There are 285 hidden processes, click here to show them.
URLs
Name
|
IP
|
Malicious
|
|
---|---|---|---|
https://www.rsyslog.com
|
unknown
|
||
http://wiki.x.org
|
unknown
|
||
http://www.ubuntu.com/support)
|
unknown
|
Domains
Name
|
IP
|
Malicious
|
|
---|---|---|---|
byte-mirai.kro.kr
|
154.216.20.119
|
IPs
IP
|
Domain
|
Country
|
Malicious
|
|
---|---|---|---|---|
209.144.94.224
|
unknown
|
United States
|
||
87.184.38.219
|
unknown
|
Germany
|
||
65.176.213.40
|
unknown
|
United States
|
||
138.189.215.87
|
unknown
|
Switzerland
|
||
82.70.92.76
|
unknown
|
United Kingdom
|
||
59.239.123.33
|
unknown
|
China
|
||
171.132.210.234
|
unknown
|
United States
|
||
165.197.197.232
|
unknown
|
United States
|
||
173.213.44.170
|
unknown
|
United States
|
||
186.131.227.230
|
unknown
|
Argentina
|
||
157.161.177.150
|
unknown
|
Switzerland
|
||
213.1.47.99
|
unknown
|
United Kingdom
|
||
96.29.211.36
|
unknown
|
United States
|
||
57.63.222.41
|
unknown
|
Belgium
|
||
125.253.224.215
|
unknown
|
Hong Kong
|
||
92.224.168.13
|
unknown
|
Germany
|
||
195.232.253.78
|
unknown
|
Germany
|
||
101.160.47.3
|
unknown
|
Australia
|
||
164.84.153.244
|
unknown
|
United States
|
||
209.135.157.133
|
unknown
|
United States
|
||
51.142.97.176
|
unknown
|
United Kingdom
|
||
79.17.204.96
|
unknown
|
Italy
|
||
178.7.142.78
|
unknown
|
Germany
|
||
107.65.66.112
|
unknown
|
United States
|
||
200.227.227.132
|
unknown
|
Brazil
|
||
186.192.242.217
|
unknown
|
Brazil
|
||
222.156.110.236
|
unknown
|
Taiwan; Republic of China (ROC)
|
||
182.249.115.27
|
unknown
|
Japan
|
||
163.76.244.91
|
unknown
|
France
|
||
201.58.44.201
|
unknown
|
Brazil
|
||
213.42.251.202
|
unknown
|
United Arab Emirates
|
||
94.27.69.158
|
unknown
|
Ukraine
|
||
201.14.164.199
|
unknown
|
Brazil
|
||
155.19.196.171
|
unknown
|
United States
|
||
190.156.168.117
|
unknown
|
Colombia
|
||
138.133.158.61
|
unknown
|
United States
|
||
38.79.86.229
|
unknown
|
United States
|
||
43.106.75.61
|
unknown
|
Japan
|
||
202.212.22.138
|
unknown
|
Japan
|
||
136.159.124.44
|
unknown
|
Canada
|
||
97.205.56.195
|
unknown
|
United States
|
||
108.53.69.124
|
unknown
|
United States
|
||
133.218.135.80
|
unknown
|
Japan
|
||
39.72.248.82
|
unknown
|
China
|
||
86.175.23.201
|
unknown
|
United Kingdom
|
||
32.179.230.42
|
unknown
|
United States
|
||
60.156.44.35
|
unknown
|
Japan
|
||
136.175.129.241
|
unknown
|
Reserved
|
||
174.183.54.72
|
unknown
|
United States
|
||
217.101.79.67
|
unknown
|
Netherlands
|
||
172.250.116.226
|
unknown
|
United States
|
||
17.232.208.214
|
unknown
|
United States
|
||
90.79.30.143
|
unknown
|
France
|
||
135.76.111.176
|
unknown
|
United States
|
||
155.51.135.230
|
unknown
|
United States
|
||
65.163.214.143
|
unknown
|
United States
|
||
17.110.130.68
|
unknown
|
United States
|
||
124.83.132.226
|
unknown
|
Japan
|
||
116.109.198.10
|
unknown
|
Viet Nam
|
||
209.5.184.7
|
unknown
|
Canada
|
||
75.122.160.50
|
unknown
|
United States
|
||
84.61.19.207
|
unknown
|
Germany
|
||
86.209.52.168
|
unknown
|
France
|
||
137.252.83.122
|
unknown
|
United States
|
||
208.144.203.107
|
unknown
|
United States
|
||
75.74.178.246
|
unknown
|
United States
|
||
25.61.6.21
|
unknown
|
United Kingdom
|
||
37.94.133.140
|
unknown
|
Germany
|
||
100.131.224.68
|
unknown
|
United States
|
||
168.235.88.18
|
unknown
|
United States
|
||
79.167.165.54
|
unknown
|
Greece
|
||
187.164.89.41
|
unknown
|
Mexico
|
||
111.132.36.131
|
unknown
|
China
|
||
41.210.115.191
|
unknown
|
unknown
|
||
182.174.45.60
|
unknown
|
China
|
||
38.151.122.157
|
unknown
|
United States
|
||
17.59.155.191
|
unknown
|
United States
|
||
144.9.162.163
|
unknown
|
United States
|
||
95.126.182.158
|
unknown
|
Spain
|
||
36.37.168.155
|
unknown
|
Cambodia
|
||
107.169.197.220
|
unknown
|
Reserved
|
||
187.210.223.133
|
unknown
|
Mexico
|
||
17.70.140.215
|
unknown
|
United States
|
||
47.255.177.103
|
unknown
|
Canada
|
||
4.191.205.37
|
unknown
|
United States
|
||
108.176.28.17
|
unknown
|
United States
|
||
97.38.132.51
|
unknown
|
United States
|
||
205.53.193.253
|
unknown
|
United States
|
||
109.36.132.112
|
unknown
|
Netherlands
|
||
87.203.99.179
|
unknown
|
Greece
|
||
57.74.23.11
|
unknown
|
Belgium
|
||
68.45.1.190
|
unknown
|
United States
|
||
185.33.22.61
|
unknown
|
Switzerland
|
||
169.13.99.33
|
unknown
|
United States
|
||
80.128.29.8
|
unknown
|
Germany
|
||
174.200.107.217
|
unknown
|
United States
|
||
70.214.137.45
|
unknown
|
United States
|
||
113.58.178.63
|
unknown
|
China
|
||
139.90.44.15
|
unknown
|
Belgium
|
||
134.143.28.122
|
unknown
|
Netherlands
|
There are 90 hidden IPs, click here to show them.
Memdumps
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
---|---|---|---|---|
7ff654415000
|
page execute read
|
|||
7ff654415000
|
page execute read
|
|||
7ff654415000
|
page execute read
|
|||
7ff654415000
|
page execute read
|
|||
7ff654415000
|
page execute read
|
|||
7ff654415000
|
page execute read
|
|||
7ff654455000
|
page read and write
|
|||
7ff6da05b000
|
page read and write
|
|||
7ff6daf02000
|
page read and write
|
|||
5574f0c0d000
|
page execute and read and write
|
|||
5574eec0f000
|
page read and write
|
|||
7ff6daf02000
|
page read and write
|
|||
7ff6d4021000
|
page read and write
|
|||
7ff654455000
|
page read and write
|
|||
5574f0c0d000
|
page execute and read and write
|
|||
5574f0c24000
|
page read and write
|
|||
7ff6dab21000
|
page read and write
|
|||
7ff6d4021000
|
page read and write
|
|||
7ff65445a000
|
page read and write
|
|||
7ff6da871000
|
page read and write
|
|||
7ff654458000
|
page read and write
|
|||
5574f0c0d000
|
page execute and read and write
|
|||
5574eec0f000
|
page read and write
|
|||
5574eec05000
|
page read and write
|
|||
7ff6da863000
|
page read and write
|
|||
7ff654455000
|
page read and write
|
|||
7ff6daee5000
|
page read and write
|
|||
7ff6d4000000
|
page read and write
|
|||
5574f0c24000
|
page read and write
|
|||
7ff6db545000
|
page read and write
|
|||
7ff6da871000
|
page read and write
|
|||
5574f0eea000
|
page read and write
|
|||
7ffd58810000
|
page read and write
|
|||
7ff6db53d000
|
page read and write
|
|||
7ff6d4021000
|
page read and write
|
|||
7ff6db53d000
|
page read and write
|
|||
7ff6db58a000
|
page read and write
|
|||
7ff65445a000
|
page read and write
|
|||
7ff6da863000
|
page read and write
|
|||
7ff6daec2000
|
page read and write
|
|||
7ff6daec2000
|
page read and write
|
|||
5574f0c0d000
|
page execute and read and write
|
|||
5574f0eea000
|
page read and write
|
|||
7ff6db58a000
|
page read and write
|
|||
7ff6daf02000
|
page read and write
|
|||
5574f0c24000
|
page read and write
|
|||
7ff6db53d000
|
page read and write
|
|||
7ff6d4000000
|
page read and write
|
|||
5574ee97d000
|
page execute read
|
|||
7ff654458000
|
page read and write
|
|||
5574f0c24000
|
page read and write
|
|||
7ff6db545000
|
page read and write
|
|||
7ff654455000
|
page read and write
|
|||
7ffd58986000
|
page execute read
|
|||
7ff6da05b000
|
page read and write
|
|||
7ff6db545000
|
page read and write
|
|||
7ff6da871000
|
page read and write
|
|||
5574ee97d000
|
page execute read
|
|||
7ff6dab21000
|
page read and write
|
|||
7ff6db233000
|
page read and write
|
|||
7ff6dab21000
|
page read and write
|
|||
5574eec05000
|
page read and write
|
|||
5574f0f0a000
|
page read and write
|
|||
5574f0eea000
|
page read and write
|
|||
5574ee97d000
|
page execute read
|
|||
7ff6db233000
|
page read and write
|
|||
5574eec0f000
|
page read and write
|
|||
7ff6db233000
|
page read and write
|
|||
5574f0c0d000
|
page execute and read and write
|
|||
7ffd58810000
|
page read and write
|
|||
5574ee97d000
|
page execute read
|
|||
7ff6da871000
|
page read and write
|
|||
7ff6db233000
|
page read and write
|
|||
7ff6db545000
|
page read and write
|
|||
7ff654458000
|
page read and write
|
|||
7ff6d4000000
|
page read and write
|
|||
7ff6daee5000
|
page read and write
|
|||
7ff6db53d000
|
page read and write
|
|||
7ff6daee5000
|
page read and write
|
|||
7ff6db53d000
|
page read and write
|
|||
7ff6db414000
|
page read and write
|
|||
7ffd58810000
|
page read and write
|
|||
5574eec05000
|
page read and write
|
|||
7ff6da871000
|
page read and write
|
|||
7ff6da863000
|
page read and write
|
|||
7ffd58986000
|
page execute read
|
|||
7ff6db58a000
|
page read and write
|
|||
7ffd58986000
|
page execute read
|
|||
7ff6dab21000
|
page read and write
|
|||
5574eec0f000
|
page read and write
|
|||
7ff6daec2000
|
page read and write
|
|||
5574f0f0a000
|
page read and write
|
|||
7ff6db545000
|
page read and write
|
|||
7ff6da05b000
|
page read and write
|
|||
7ff654455000
|
page read and write
|
|||
5574eec0f000
|
page read and write
|
|||
7ff6db53d000
|
page read and write
|
|||
7ff6d4000000
|
page read and write
|
|||
5574f0c24000
|
page read and write
|
|||
7ff6daf02000
|
page read and write
|
|||
7ff6db58a000
|
page read and write
|
|||
5574f0c0d000
|
page execute and read and write
|
|||
7ff6da863000
|
page read and write
|
|||
7ff6db414000
|
page read and write
|
|||
7ff6db414000
|
page read and write
|
|||
7ff6daec2000
|
page read and write
|
|||
7ff6da05b000
|
page read and write
|
|||
5574eec0f000
|
page read and write
|
|||
7ff6d4021000
|
page read and write
|
|||
5574ee97d000
|
page execute read
|
|||
7ff6da05b000
|
page read and write
|
|||
7ff6db414000
|
page read and write
|
|||
7ff6daee5000
|
page read and write
|
|||
7ff6da871000
|
page read and write
|
|||
7ff6daee5000
|
page read and write
|
|||
7ff6db414000
|
page read and write
|
|||
7ff6d4021000
|
page read and write
|
|||
5574f0eea000
|
page read and write
|
|||
7ff654458000
|
page read and write
|
|||
5574eec05000
|
page read and write
|
|||
5574eec05000
|
page read and write
|
|||
7ff6dab21000
|
page read and write
|
|||
7ffd58810000
|
page read and write
|
|||
7ff6db414000
|
page read and write
|
|||
7ff654455000
|
page read and write
|
|||
7ff654458000
|
page read and write
|
|||
7ff6d4021000
|
page read and write
|
|||
5574f0c24000
|
page read and write
|
|||
7ffd58810000
|
page read and write
|
|||
7ffd58986000
|
page execute read
|
|||
7ff6daf02000
|
page read and write
|
|||
7ffd58986000
|
page execute read
|
|||
7ff6d4000000
|
page read and write
|
|||
7ff6da863000
|
page read and write
|
|||
7ff6daec2000
|
page read and write
|
|||
7ff6db58a000
|
page read and write
|
|||
7ffd58810000
|
page read and write
|
|||
7ff6da05b000
|
page read and write
|
|||
7ff6db233000
|
page read and write
|
|||
7ff6daec2000
|
page read and write
|
|||
7ff654458000
|
page read and write
|
|||
7ff6daee5000
|
page read and write
|
|||
5574eec05000
|
page read and write
|
|||
5574f0eea000
|
page read and write
|
|||
7ff6db233000
|
page read and write
|
|||
7ffd58986000
|
page execute read
|
|||
7ff6dab21000
|
page read and write
|
|||
7ff6da863000
|
page read and write
|
|||
7ff6db58a000
|
page read and write
|
|||
7ff6db545000
|
page read and write
|
|||
5574ee97d000
|
page execute read
|
|||
5574f0eea000
|
page read and write
|
|||
7ff6d4000000
|
page read and write
|
|||
7ff6daf02000
|
page read and write
|
There are 144 hidden memdumps, click here to show them.