Files
File Path
|
Type
|
Category
|
Malicious
|
|
---|---|---|---|---|
na.elf
|
ELF 32-bit LSB executable, ARM, version 1 (ARM), statically linked, stripped
|
initial sample
|
||
/var/log/wtmp
|
data
|
dropped
|
||
/home/saturnino/.config/pulse/ee49dfd4fa47433baee88884e2d7de7c-default-sink
|
ASCII text
|
dropped
|
||
/home/saturnino/.config/pulse/ee49dfd4fa47433baee88884e2d7de7c-default-source
|
ASCII text
|
dropped
|
||
/proc/5746/oom_score_adj
|
very short file (no magic)
|
dropped
|
||
/proc/5749/oom_score_adj
|
very short file (no magic)
|
dropped
|
||
/proc/5751/oom_score_adj
|
very short file (no magic)
|
dropped
|
||
/proc/5753/oom_score_adj
|
very short file (no magic)
|
dropped
|
||
/proc/5755/oom_score_adj
|
very short file (no magic)
|
dropped
|
||
/proc/5757/oom_score_adj
|
very short file (no magic)
|
dropped
|
||
/proc/5760/oom_score_adj
|
very short file (no magic)
|
dropped
|
||
/proc/5836/oom_score_adj
|
very short file (no magic)
|
dropped
|
||
/proc/5864/oom_score_adj
|
very short file (no magic)
|
dropped
|
||
/proc/5869/oom_score_adj
|
very short file (no magic)
|
dropped
|
||
/proc/5871/oom_score_adj
|
very short file (no magic)
|
dropped
|
||
/proc/5873/oom_score_adj
|
very short file (no magic)
|
dropped
|
||
/proc/5875/oom_score_adj
|
very short file (no magic)
|
dropped
|
||
/proc/5877/oom_score_adj
|
very short file (no magic)
|
dropped
|
||
/proc/5880/oom_score_adj
|
very short file (no magic)
|
dropped
|
||
/proc/6059/oom_score_adj
|
very short file (no magic)
|
dropped
|
||
/proc/6216/oom_score_adj
|
very short file (no magic)
|
dropped
|
||
/proc/6233/oom_score_adj
|
very short file (no magic)
|
dropped
|
||
/proc/6452/oom_score_adj
|
very short file (no magic)
|
dropped
|
||
/run/avahi-daemon/pid
|
ASCII text
|
dropped
|
||
/run/gdm3.pid
|
ASCII text
|
dropped
|
||
/run/systemd/inhibit/.#1WTTKwh
|
ASCII text
|
dropped
|
||
/run/systemd/inhibit/.#2ZhUHMe
|
ASCII text
|
dropped
|
||
/run/systemd/inhibit/.#3obreTd
|
ASCII text
|
dropped
|
||
/run/systemd/inhibit/.#4FlvpTf
|
ASCII text
|
dropped
|
||
/run/systemd/seats/.#seat03JEbje
|
ASCII text
|
dropped
|
||
/run/systemd/seats/.#seat0KSB5wf
|
ASCII text
|
dropped
|
||
/run/systemd/seats/.#seat0PhkICh
|
ASCII text
|
dropped
|
||
/run/systemd/seats/.#seat0cqh8Ve
|
ASCII text
|
dropped
|
||
/run/systemd/seats/.#seat0dHDHef
|
ASCII text
|
dropped
|
||
/run/systemd/seats/.#seat0lYi1if
|
ASCII text
|
dropped
|
||
/run/systemd/seats/.#seat0uX885f
|
ASCII text
|
dropped
|
||
/run/systemd/sessions/.#c16G4UWe
|
ASCII text
|
dropped
|
||
/run/systemd/sessions/.#c17OMG8g
|
ASCII text
|
dropped
|
||
/run/systemd/sessions/.#c1F1CVsh
|
ASCII text
|
dropped
|
||
/run/systemd/sessions/.#c1Ze4Y4g
|
ASCII text
|
dropped
|
||
/run/systemd/sessions/.#c1mUgEOd
|
ASCII text
|
dropped
|
||
/run/systemd/sessions/.#c1nf6zDe
|
ASCII text
|
dropped
|
||
/run/systemd/sessions/.#c2Pr9MZf
|
ASCII text
|
dropped
|
||
/run/systemd/sessions/.#c2VoFVCf
|
ASCII text
|
dropped
|
||
/run/systemd/sessions/.#c2gorHUf
|
ASCII text
|
dropped
|
||
/run/systemd/sessions/.#c2hTmXwf
|
ASCII text
|
dropped
|
||
/run/systemd/sessions/.#c2mCwXjg
|
ASCII text
|
dropped
|
||
/run/systemd/sessions/.#c2mxWqQg
|
ASCII text
|
dropped
|
||
/run/systemd/sessions/.#c2phYAzh
|
ASCII text
|
dropped
|
||
/run/systemd/sessions/.#c2w4jJwf
|
ASCII text
|
dropped
|
||
/run/systemd/users/.#1272MKyRh
|
ASCII text
|
dropped
|
||
/run/systemd/users/.#12752X3Kd
|
ASCII text
|
dropped
|
||
/run/systemd/users/.#1276vThSf
|
ASCII text
|
dropped
|
||
/run/systemd/users/.#1279Lil8g
|
ASCII text
|
dropped
|
||
/run/systemd/users/.#127F4V1Fg
|
ASCII text
|
dropped
|
||
/run/systemd/users/.#127IFZJBd
|
ASCII text
|
dropped
|
||
/run/systemd/users/.#127Sixrrg
|
ASCII text
|
dropped
|
||
/run/systemd/users/.#127VV4kNe
|
ASCII text
|
dropped
|
||
/run/systemd/users/.#127iDUVyf
|
ASCII text
|
dropped
|
||
/run/systemd/users/.#127seMrxd
|
ASCII text
|
dropped
|
||
/run/systemd/users/.#127yCK72g
|
ASCII text
|
dropped
|
||
/run/systemd/users/.#127yIwwQg
|
ASCII text
|
dropped
|
||
/run/user/1000/pulse/pid
|
ASCII text
|
dropped
|
||
/run/user/127/ICEauthority
|
TTComp archive data, binary, 1K dictionary
|
dropped
|
||
/run/user/127/dconf/user
|
very short file (no magic)
|
dropped
|
||
/run/user/127/gdm/Xauthority
|
X11 Xauthority data
|
dropped
|
||
/run/user/127/pulse/pid
|
ASCII text
|
dropped
|
||
/run/utmp
|
data
|
dropped
|
||
/tmp/qemu-open.PZDETe (deleted)
|
data
|
dropped
|
||
/tmp/qemu-open.lf8ajM (deleted)
|
data
|
dropped
|
||
/tmp/server-0.xkm
|
Compiled XKB Keymap: lsb, version 15
|
dropped
|
||
/var/lib/AccountsService/users/gdm.0B08U2
|
ASCII text
|
dropped
|
||
/var/lib/AccountsService/users/gdm.YJLCV2
|
ASCII text
|
dropped
|
||
/var/lib/gdm3/.config/ibus/bus/ee49dfd4fa47433baee88884e2d7de7c-unix-0
|
ASCII text
|
dropped
|
||
/var/lib/gdm3/.config/pulse/ee49dfd4fa47433baee88884e2d7de7c-default-sink
|
very short file (no magic)
|
dropped
|
||
/var/lib/gdm3/.config/pulse/ee49dfd4fa47433baee88884e2d7de7c-default-source
|
very short file (no magic)
|
dropped
|
||
/var/lib/ubuntu-drivers-common/last_gfx_boot
|
ASCII text
|
dropped
|
||
/var/log/Xorg.0.log
|
JSON data
|
dropped
|
||
/var/log/auth.log
|
ASCII text
|
dropped
|
||
/var/log/gpu-manager.log
|
ASCII text
|
dropped
|
||
/var/log/kern.log
|
ASCII text
|
dropped
|
||
/var/log/syslog
|
ASCII text, with very long lines (317)
|
dropped
|
There are 72 hidden files, click here to show them.
Processes
Path
|
Cmdline
|
Malicious
|
|
---|---|---|---|
/tmp/na.elf
|
/tmp/na.elf
|
||
/tmp/na.elf
|
-
|
||
/tmp/na.elf
|
-
|
||
/tmp/na.elf
|
-
|
||
/tmp/na.elf
|
-
|
||
/tmp/na.elf
|
-
|
||
/tmp/na.elf
|
-
|
||
/tmp/na.elf
|
-
|
||
/tmp/na.elf
|
-
|
||
/usr/lib/systemd/systemd
|
-
|
||
/usr/bin/dbus-daemon
|
/usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only
|
||
/usr/lib/systemd/systemd
|
-
|
||
/usr/bin/pulseaudio
|
/usr/bin/pulseaudio --daemonize=no --log-target=journal
|
||
/usr/lib/systemd/systemd
|
-
|
||
/usr/sbin/rsyslogd
|
/usr/sbin/rsyslogd -n -iNONE
|
||
/usr/libexec/gvfsd-fuse
|
-
|
||
/bin/fusermount
|
fusermount -u -q -z -- /run/user/1000/gvfs
|
||
/usr/lib/systemd/systemd
|
-
|
||
/lib/systemd/systemd-logind
|
/lib/systemd/systemd-logind
|
||
/usr/lib/systemd/systemd
|
-
|
||
/usr/libexec/rtkit-daemon
|
/usr/libexec/rtkit-daemon
|
||
/usr/lib/systemd/systemd
|
-
|
||
/usr/lib/policykit-1/polkitd
|
/usr/lib/policykit-1/polkitd --no-debug
|
||
/usr/lib/systemd/systemd
|
-
|
||
/sbin/agetty
|
/sbin/agetty -o "-p -- \\u" --noclear tty2 linux
|
||
/usr/sbin/gdm3
|
-
|
||
/etc/gdm3/PrimeOff/Default
|
/etc/gdm3/PrimeOff/Default
|
||
/usr/sbin/gdm3
|
-
|
||
/etc/gdm3/PrimeOff/Default
|
/etc/gdm3/PrimeOff/Default
|
||
/usr/sbin/gdm3
|
-
|
||
/etc/gdm3/PrimeOff/Default
|
/etc/gdm3/PrimeOff/Default
|
||
/usr/lib/systemd/systemd
|
-
|
||
/usr/bin/gpu-manager
|
/usr/bin/gpu-manager --log /var/log/gpu-manager.log
|
||
/usr/bin/gpu-manager
|
-
|
||
/bin/sh
|
sh -c "grep -G \"^blacklist.*nvidia[[:space:]]*$\" /etc/modprobe.d/*.conf"
|
||
/bin/sh
|
-
|
||
/usr/bin/grep
|
grep -G ^blacklist.*nvidia[[:space:]]*$ /etc/modprobe.d/alsa-base.conf /etc/modprobe.d/amd64-microcode-blacklist.conf /etc/modprobe.d/blacklist-ath_pci.conf
/etc/modprobe.d/blacklist-firewire.conf /etc/modprobe.d/blacklist-framebuffer.conf /etc/modprobe.d/blacklist-modem.conf /etc/modprobe.d/blacklist-oss.conf
/etc/modprobe.d/blacklist-rare-network.conf /etc/modprobe.d/blacklist.conf /etc/modprobe.d/intel-microcode-blacklist.conf
/etc/modprobe.d/iwlwifi.conf /etc/modprobe.d/mdadm.conf
|
||
/usr/bin/gpu-manager
|
-
|
||
/bin/sh
|
sh -c "grep -G \"^blacklist.*nvidia[[:space:]]*$\" /lib/modprobe.d/*.conf"
|
||
/bin/sh
|
-
|
||
/usr/bin/grep
|
grep -G ^blacklist.*nvidia[[:space:]]*$ /lib/modprobe.d/aliases.conf /lib/modprobe.d/blacklist_linux_5.4.0-72-generic.conf
/lib/modprobe.d/blacklist_linux_5.4.0-81-generic.conf /lib/modprobe.d/fbdev-blacklist.conf /lib/modprobe.d/systemd.conf
|
||
/usr/bin/gpu-manager
|
-
|
||
/bin/sh
|
sh -c "grep -G \"^blacklist.*radeon[[:space:]]*$\" /etc/modprobe.d/*.conf"
|
||
/bin/sh
|
-
|
||
/usr/bin/grep
|
grep -G ^blacklist.*radeon[[:space:]]*$ /etc/modprobe.d/alsa-base.conf /etc/modprobe.d/amd64-microcode-blacklist.conf /etc/modprobe.d/blacklist-ath_pci.conf
/etc/modprobe.d/blacklist-firewire.conf /etc/modprobe.d/blacklist-framebuffer.conf /etc/modprobe.d/blacklist-modem.conf /etc/modprobe.d/blacklist-oss.conf
/etc/modprobe.d/blacklist-rare-network.conf /etc/modprobe.d/blacklist.conf /etc/modprobe.d/intel-microcode-blacklist.conf
/etc/modprobe.d/iwlwifi.conf /etc/modprobe.d/mdadm.conf
|
||
/usr/bin/gpu-manager
|
-
|
||
/bin/sh
|
sh -c "grep -G \"^blacklist.*radeon[[:space:]]*$\" /lib/modprobe.d/*.conf"
|
||
/bin/sh
|
-
|
||
/usr/bin/grep
|
grep -G ^blacklist.*radeon[[:space:]]*$ /lib/modprobe.d/aliases.conf /lib/modprobe.d/blacklist_linux_5.4.0-72-generic.conf
/lib/modprobe.d/blacklist_linux_5.4.0-81-generic.conf /lib/modprobe.d/fbdev-blacklist.conf /lib/modprobe.d/systemd.conf
|
||
/usr/bin/gpu-manager
|
-
|
||
/bin/sh
|
sh -c "grep -G \"^blacklist.*amdgpu[[:space:]]*$\" /etc/modprobe.d/*.conf"
|
||
/bin/sh
|
-
|
||
/usr/bin/grep
|
grep -G ^blacklist.*amdgpu[[:space:]]*$ /etc/modprobe.d/alsa-base.conf /etc/modprobe.d/amd64-microcode-blacklist.conf /etc/modprobe.d/blacklist-ath_pci.conf
/etc/modprobe.d/blacklist-firewire.conf /etc/modprobe.d/blacklist-framebuffer.conf /etc/modprobe.d/blacklist-modem.conf /etc/modprobe.d/blacklist-oss.conf
/etc/modprobe.d/blacklist-rare-network.conf /etc/modprobe.d/blacklist.conf /etc/modprobe.d/intel-microcode-blacklist.conf
/etc/modprobe.d/iwlwifi.conf /etc/modprobe.d/mdadm.conf
|
||
/usr/bin/gpu-manager
|
-
|
||
/bin/sh
|
sh -c "grep -G \"^blacklist.*amdgpu[[:space:]]*$\" /lib/modprobe.d/*.conf"
|
||
/bin/sh
|
-
|
||
/usr/bin/grep
|
grep -G ^blacklist.*amdgpu[[:space:]]*$ /lib/modprobe.d/aliases.conf /lib/modprobe.d/blacklist_linux_5.4.0-72-generic.conf
/lib/modprobe.d/blacklist_linux_5.4.0-81-generic.conf /lib/modprobe.d/fbdev-blacklist.conf /lib/modprobe.d/systemd.conf
|
||
/usr/bin/gpu-manager
|
-
|
||
/bin/sh
|
sh -c "grep -G \"^blacklist.*nouveau[[:space:]]*$\" /etc/modprobe.d/*.conf"
|
||
/bin/sh
|
-
|
||
/usr/bin/grep
|
grep -G ^blacklist.*nouveau[[:space:]]*$ /etc/modprobe.d/alsa-base.conf /etc/modprobe.d/amd64-microcode-blacklist.conf /etc/modprobe.d/blacklist-ath_pci.conf
/etc/modprobe.d/blacklist-firewire.conf /etc/modprobe.d/blacklist-framebuffer.conf /etc/modprobe.d/blacklist-modem.conf /etc/modprobe.d/blacklist-oss.conf
/etc/modprobe.d/blacklist-rare-network.conf /etc/modprobe.d/blacklist.conf /etc/modprobe.d/intel-microcode-blacklist.conf
/etc/modprobe.d/iwlwifi.conf /etc/modprobe.d/mdadm.conf
|
||
/usr/bin/gpu-manager
|
-
|
||
/bin/sh
|
sh -c "grep -G \"^blacklist.*nouveau[[:space:]]*$\" /lib/modprobe.d/*.conf"
|
||
/bin/sh
|
-
|
||
/usr/bin/grep
|
grep -G ^blacklist.*nouveau[[:space:]]*$ /lib/modprobe.d/aliases.conf /lib/modprobe.d/blacklist_linux_5.4.0-72-generic.conf
/lib/modprobe.d/blacklist_linux_5.4.0-81-generic.conf /lib/modprobe.d/fbdev-blacklist.conf /lib/modprobe.d/systemd.conf
|
||
/usr/lib/systemd/systemd
|
-
|
||
/usr/bin/dbus-daemon
|
/usr/bin/dbus-daemon --session --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only
|
||
/usr/lib/systemd/systemd
|
-
|
||
/usr/share/gdm/generate-config
|
/usr/share/gdm/generate-config
|
||
/usr/share/gdm/generate-config
|
-
|
||
/usr/bin/pkill
|
pkill --signal HUP --uid gdm dconf-service
|
||
/usr/lib/systemd/systemd
|
-
|
||
/usr/lib/gdm3/gdm-wait-for-drm
|
/usr/lib/gdm3/gdm-wait-for-drm
|
||
/usr/lib/systemd/systemd
|
-
|
||
/usr/sbin/gdm3
|
/usr/sbin/gdm3
|
||
/usr/sbin/gdm3
|
-
|
||
/usr/bin/plymouth
|
plymouth --ping
|
||
/usr/sbin/gdm3
|
-
|
||
/usr/lib/gdm3/gdm-session-worker
|
"gdm-session-worker [pam/gdm-launch-environment]"
|
||
/usr/lib/gdm3/gdm-session-worker
|
-
|
||
/usr/lib/gdm3/gdm-wayland-session
|
/usr/lib/gdm3/gdm-wayland-session "dbus-run-session -- gnome-session --autostart /usr/share/gdm/greeter/autostart"
|
||
/usr/lib/gdm3/gdm-wayland-session
|
-
|
||
/usr/bin/dbus-run-session
|
dbus-run-session -- gnome-session --autostart /usr/share/gdm/greeter/autostart
|
||
/usr/bin/dbus-run-session
|
-
|
||
/usr/bin/dbus-daemon
|
dbus-daemon --nofork --print-address 4 --session
|
||
/usr/bin/dbus-daemon
|
-
|
||
/usr/bin/dbus-daemon
|
-
|
||
/bin/false
|
/bin/false
|
||
/usr/bin/dbus-daemon
|
-
|
||
/usr/bin/dbus-daemon
|
-
|
||
/bin/false
|
/bin/false
|
||
/usr/bin/dbus-daemon
|
-
|
||
/usr/bin/dbus-daemon
|
-
|
||
/bin/false
|
/bin/false
|
||
/usr/bin/dbus-daemon
|
-
|
||
/usr/bin/dbus-daemon
|
-
|
||
/bin/false
|
/bin/false
|
||
/usr/bin/dbus-daemon
|
-
|
||
/usr/bin/dbus-daemon
|
-
|
||
/bin/false
|
/bin/false
|
||
/usr/bin/dbus-daemon
|
-
|
||
/usr/bin/dbus-daemon
|
-
|
||
/bin/false
|
/bin/false
|
||
/usr/bin/dbus-daemon
|
-
|
||
/usr/bin/dbus-daemon
|
-
|
||
/bin/false
|
/bin/false
|
||
/usr/bin/dbus-run-session
|
-
|
||
/usr/bin/gnome-session
|
gnome-session --autostart /usr/share/gdm/greeter/autostart
|
||
/usr/libexec/gnome-session-binary
|
/usr/libexec/gnome-session-binary --systemd --autostart /usr/share/gdm/greeter/autostart
|
||
/usr/libexec/gnome-session-binary
|
-
|
||
/usr/bin/session-migration
|
session-migration
|
||
/usr/libexec/gnome-session-binary
|
-
|
||
/bin/sh
|
/bin/sh -e -u -c "export GIO_LAUNCHED_DESKTOP_FILE_PID=$$; exec \"$@\"" sh /usr/bin/gnome-shell
|
||
/usr/bin/gnome-shell
|
/usr/bin/gnome-shell
|
||
/usr/sbin/gdm3
|
-
|
||
/usr/lib/gdm3/gdm-session-worker
|
"gdm-session-worker [pam/gdm-launch-environment]"
|
||
/usr/lib/gdm3/gdm-session-worker
|
-
|
||
/usr/lib/gdm3/gdm-x-session
|
/usr/lib/gdm3/gdm-x-session "dbus-run-session -- gnome-session --autostart /usr/share/gdm/greeter/autostart"
|
||
/usr/lib/gdm3/gdm-x-session
|
-
|
||
/usr/bin/Xorg
|
/usr/bin/Xorg vt1 -displayfd 3 -auth /run/user/127/gdm/Xauthority -background none -noreset -keeptty -verbose 3
|
||
/usr/lib/xorg/Xorg.wrap
|
/usr/lib/xorg/Xorg.wrap vt1 -displayfd 3 -auth /run/user/127/gdm/Xauthority -background none -noreset -keeptty -verbose 3
|
||
/usr/lib/xorg/Xorg
|
/usr/lib/xorg/Xorg vt1 -displayfd 3 -auth /run/user/127/gdm/Xauthority -background none -noreset -keeptty -verbose 3
|
||
/usr/lib/xorg/Xorg
|
-
|
||
/bin/sh
|
sh -c "\"/usr/bin/xkbcomp\" -w 1 \"-R/usr/share/X11/xkb\" -xkm \"-\" -em1 \"The XKEYBOARD keymap compiler (xkbcomp) reports:\"
-emp \"> \" -eml \"Errors from xkbcomp are not fatal to the X server\" \"/tmp/server-0.xkm\""
|
||
/bin/sh
|
-
|
||
/usr/bin/xkbcomp
|
/usr/bin/xkbcomp -w 1 -R/usr/share/X11/xkb -xkm - -em1 "The XKEYBOARD keymap compiler (xkbcomp) reports:" -emp "> " -eml "Errors
from xkbcomp are not fatal to the X server" /tmp/server-0.xkm
|
||
/usr/lib/xorg/Xorg
|
-
|
||
/bin/sh
|
sh -c "\"/usr/bin/xkbcomp\" -w 1 \"-R/usr/share/X11/xkb\" -xkm \"-\" -em1 \"The XKEYBOARD keymap compiler (xkbcomp) reports:\"
-emp \"> \" -eml \"Errors from xkbcomp are not fatal to the X server\" \"/tmp/server-0.xkm\""
|
||
/bin/sh
|
-
|
||
/usr/bin/xkbcomp
|
/usr/bin/xkbcomp -w 1 -R/usr/share/X11/xkb -xkm - -em1 "The XKEYBOARD keymap compiler (xkbcomp) reports:" -emp "> " -eml "Errors
from xkbcomp are not fatal to the X server" /tmp/server-0.xkm
|
||
/usr/lib/gdm3/gdm-x-session
|
-
|
||
/etc/gdm3/Prime/Default
|
/etc/gdm3/Prime/Default
|
||
/usr/lib/gdm3/gdm-x-session
|
-
|
||
/usr/bin/dbus-run-session
|
dbus-run-session -- gnome-session --autostart /usr/share/gdm/greeter/autostart
|
||
/usr/bin/dbus-run-session
|
-
|
||
/usr/bin/dbus-daemon
|
dbus-daemon --nofork --print-address 4 --session
|
||
/usr/bin/dbus-daemon
|
-
|
||
/usr/bin/dbus-daemon
|
-
|
||
/usr/libexec/at-spi-bus-launcher
|
/usr/libexec/at-spi-bus-launcher
|
||
/usr/libexec/at-spi-bus-launcher
|
-
|
||
/usr/bin/dbus-daemon
|
/usr/bin/dbus-daemon --config-file=/usr/share/defaults/at-spi2/accessibility.conf --nofork --print-address 3
|
||
/usr/bin/dbus-daemon
|
-
|
||
/usr/bin/dbus-daemon
|
-
|
||
/usr/libexec/at-spi2-registryd
|
/usr/libexec/at-spi2-registryd --use-gnome-session
|
||
/usr/bin/dbus-daemon
|
-
|
||
/usr/bin/dbus-daemon
|
-
|
||
/bin/false
|
/bin/false
|
||
/usr/bin/dbus-daemon
|
-
|
||
/usr/bin/dbus-daemon
|
-
|
||
/bin/false
|
/bin/false
|
||
/usr/bin/dbus-daemon
|
-
|
||
/usr/bin/dbus-daemon
|
-
|
||
/bin/false
|
/bin/false
|
||
/usr/bin/dbus-daemon
|
-
|
||
/usr/bin/dbus-daemon
|
-
|
||
/bin/false
|
/bin/false
|
||
/usr/bin/dbus-daemon
|
-
|
||
/usr/bin/dbus-daemon
|
-
|
||
/bin/false
|
/bin/false
|
||
/usr/bin/dbus-daemon
|
-
|
||
/usr/bin/dbus-daemon
|
-
|
||
/bin/false
|
/bin/false
|
||
/usr/bin/dbus-daemon
|
-
|
||
/usr/bin/dbus-daemon
|
-
|
||
/bin/false
|
/bin/false
|
||
/usr/bin/dbus-daemon
|
-
|
||
/usr/bin/dbus-daemon
|
-
|
||
/usr/libexec/ibus-portal
|
/usr/libexec/ibus-portal
|
||
/usr/bin/dbus-daemon
|
-
|
||
/usr/bin/dbus-daemon
|
-
|
||
/usr/bin/gjs
|
/usr/bin/gjs /usr/share/gnome-shell/org.gnome.Shell.Notifications
|
||
/usr/bin/dbus-daemon
|
-
|
||
/usr/bin/dbus-daemon
|
-
|
||
/bin/false
|
/bin/false
|
||
/usr/bin/dbus-run-session
|
-
|
||
/usr/bin/gnome-session
|
gnome-session --autostart /usr/share/gdm/greeter/autostart
|
||
/usr/libexec/gnome-session-binary
|
/usr/libexec/gnome-session-binary --systemd --autostart /usr/share/gdm/greeter/autostart
|
||
/usr/libexec/gnome-session-binary
|
-
|
||
/usr/libexec/gnome-session-check-accelerated
|
/usr/libexec/gnome-session-check-accelerated
|
||
/usr/libexec/gnome-session-check-accelerated
|
-
|
||
/usr/libexec/gnome-session-check-accelerated-gl-helper
|
/usr/libexec/gnome-session-check-accelerated-gl-helper --print-renderer
|
||
/usr/libexec/gnome-session-check-accelerated
|
-
|
||
/usr/libexec/gnome-session-check-accelerated-gles-helper
|
/usr/libexec/gnome-session-check-accelerated-gles-helper --print-renderer
|
||
/usr/libexec/gnome-session-binary
|
-
|
||
/usr/bin/session-migration
|
session-migration
|
||
/usr/libexec/gnome-session-binary
|
-
|
||
/bin/sh
|
/bin/sh -e -u -c "export GIO_LAUNCHED_DESKTOP_FILE_PID=$$; exec \"$@\"" sh /usr/bin/gnome-shell
|
||
/usr/bin/gnome-shell
|
/usr/bin/gnome-shell
|
||
/usr/bin/gnome-shell
|
-
|
||
/usr/bin/ibus-daemon
|
ibus-daemon --panel disable --xim
|
||
/usr/bin/ibus-daemon
|
-
|
||
/usr/libexec/ibus-memconf
|
/usr/libexec/ibus-memconf
|
||
/usr/bin/ibus-daemon
|
-
|
||
/usr/bin/ibus-daemon
|
-
|
||
/usr/libexec/ibus-x11
|
/usr/libexec/ibus-x11 --kill-daemon
|
||
/usr/bin/ibus-daemon
|
-
|
||
/usr/libexec/ibus-engine-simple
|
/usr/libexec/ibus-engine-simple
|
||
/usr/libexec/gnome-session-binary
|
-
|
||
/bin/sh
|
/bin/sh -e -u -c "export GIO_LAUNCHED_DESKTOP_FILE_PID=$$; exec \"$@\"" sh /usr/libexec/gsd-sharing
|
||
/usr/libexec/gsd-sharing
|
/usr/libexec/gsd-sharing
|
||
/usr/libexec/gnome-session-binary
|
-
|
||
/bin/sh
|
/bin/sh -e -u -c "export GIO_LAUNCHED_DESKTOP_FILE_PID=$$; exec \"$@\"" sh /usr/libexec/gsd-wacom
|
||
/usr/libexec/gsd-wacom
|
/usr/libexec/gsd-wacom
|
||
/usr/libexec/gnome-session-binary
|
-
|
||
/bin/sh
|
/bin/sh -e -u -c "export GIO_LAUNCHED_DESKTOP_FILE_PID=$$; exec \"$@\"" sh /usr/libexec/gsd-color
|
||
/usr/libexec/gsd-color
|
/usr/libexec/gsd-color
|
||
/usr/libexec/gnome-session-binary
|
-
|
||
/bin/sh
|
/bin/sh -e -u -c "export GIO_LAUNCHED_DESKTOP_FILE_PID=$$; exec \"$@\"" sh /usr/libexec/gsd-keyboard
|
||
/usr/libexec/gsd-keyboard
|
/usr/libexec/gsd-keyboard
|
||
/usr/libexec/gnome-session-binary
|
-
|
||
/bin/sh
|
/bin/sh -e -u -c "export GIO_LAUNCHED_DESKTOP_FILE_PID=$$; exec \"$@\"" sh /usr/libexec/gsd-print-notifications
|
||
/usr/libexec/gsd-print-notifications
|
/usr/libexec/gsd-print-notifications
|
||
/usr/libexec/gsd-print-notifications
|
-
|
||
/usr/libexec/gsd-print-notifications
|
-
|
||
/usr/libexec/gsd-printer
|
/usr/libexec/gsd-printer
|
||
/usr/libexec/gnome-session-binary
|
-
|
||
/bin/sh
|
/bin/sh -e -u -c "export GIO_LAUNCHED_DESKTOP_FILE_PID=$$; exec \"$@\"" sh /usr/libexec/gsd-rfkill
|
||
/usr/libexec/gsd-rfkill
|
/usr/libexec/gsd-rfkill
|
||
/usr/libexec/gnome-session-binary
|
-
|
||
/bin/sh
|
/bin/sh -e -u -c "export GIO_LAUNCHED_DESKTOP_FILE_PID=$$; exec \"$@\"" sh /usr/libexec/gsd-smartcard
|
||
/usr/libexec/gsd-smartcard
|
/usr/libexec/gsd-smartcard
|
||
/usr/libexec/gnome-session-binary
|
-
|
||
/bin/sh
|
/bin/sh -e -u -c "export GIO_LAUNCHED_DESKTOP_FILE_PID=$$; exec \"$@\"" sh /usr/libexec/gsd-datetime
|
||
/usr/libexec/gsd-datetime
|
/usr/libexec/gsd-datetime
|
||
/usr/libexec/gnome-session-binary
|
-
|
||
/bin/sh
|
/bin/sh -e -u -c "export GIO_LAUNCHED_DESKTOP_FILE_PID=$$; exec \"$@\"" sh /usr/libexec/gsd-media-keys
|
||
/usr/libexec/gsd-media-keys
|
/usr/libexec/gsd-media-keys
|
||
/usr/libexec/gnome-session-binary
|
-
|
||
/bin/sh
|
/bin/sh -e -u -c "export GIO_LAUNCHED_DESKTOP_FILE_PID=$$; exec \"$@\"" sh /usr/libexec/gsd-screensaver-proxy
|
||
/usr/libexec/gsd-screensaver-proxy
|
/usr/libexec/gsd-screensaver-proxy
|
||
/usr/libexec/gnome-session-binary
|
-
|
||
/bin/sh
|
/bin/sh -e -u -c "export GIO_LAUNCHED_DESKTOP_FILE_PID=$$; exec \"$@\"" sh /usr/libexec/gsd-sound
|
||
/usr/libexec/gsd-sound
|
/usr/libexec/gsd-sound
|
||
/usr/libexec/gnome-session-binary
|
-
|
||
/bin/sh
|
/bin/sh -e -u -c "export GIO_LAUNCHED_DESKTOP_FILE_PID=$$; exec \"$@\"" sh /usr/libexec/gsd-a11y-settings
|
||
/usr/libexec/gsd-a11y-settings
|
/usr/libexec/gsd-a11y-settings
|
||
/usr/libexec/gnome-session-binary
|
-
|
||
/bin/sh
|
/bin/sh -e -u -c "export GIO_LAUNCHED_DESKTOP_FILE_PID=$$; exec \"$@\"" sh /usr/libexec/gsd-housekeeping
|
||
/usr/libexec/gsd-housekeeping
|
/usr/libexec/gsd-housekeeping
|
||
/usr/libexec/gnome-session-binary
|
-
|
||
/bin/sh
|
/bin/sh -e -u -c "export GIO_LAUNCHED_DESKTOP_FILE_PID=$$; exec \"$@\"" sh /usr/libexec/gsd-power
|
||
/usr/libexec/gsd-power
|
/usr/libexec/gsd-power
|
||
/usr/libexec/gnome-session-binary
|
-
|
||
/bin/sh
|
/bin/sh -e -u -c "export GIO_LAUNCHED_DESKTOP_FILE_PID=$$; exec \"$@\"" sh /usr/bin/spice-vdagent
|
||
/usr/bin/spice-vdagent
|
/usr/bin/spice-vdagent
|
||
/usr/sbin/gdm3
|
-
|
||
/etc/gdm3/PrimeOff/Default
|
/etc/gdm3/PrimeOff/Default
|
||
/usr/sbin/gdm3
|
-
|
||
/etc/gdm3/PrimeOff/Default
|
/etc/gdm3/PrimeOff/Default
|
||
/usr/lib/systemd/systemd
|
-
|
||
/usr/lib/accountsservice/accounts-daemon
|
/usr/lib/accountsservice/accounts-daemon
|
||
/usr/lib/accountsservice/accounts-daemon
|
-
|
||
/usr/share/language-tools/language-validate
|
/usr/share/language-tools/language-validate en_US.UTF-8
|
||
/usr/share/language-tools/language-validate
|
-
|
||
/usr/share/language-tools/language-options
|
/usr/share/language-tools/language-options
|
||
/usr/share/language-tools/language-options
|
-
|
||
/bin/sh
|
sh -c "locale -a | grep -F .utf8 "
|
||
/bin/sh
|
-
|
||
/usr/bin/locale
|
locale -a
|
||
/bin/sh
|
-
|
||
/usr/bin/grep
|
grep -F .utf8
|
||
/usr/lib/systemd/systemd
|
-
|
||
/usr/bin/dbus-daemon
|
/usr/bin/dbus-daemon --session --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only
|
||
/usr/lib/systemd/systemd
|
-
|
||
/lib/systemd/systemd-localed
|
/lib/systemd/systemd-localed
|
||
/usr/lib/systemd/systemd
|
-
|
||
/usr/lib/upower/upowerd
|
/usr/lib/upower/upowerd
|
||
/usr/lib/systemd/systemd
|
-
|
||
/usr/bin/pulseaudio
|
/usr/bin/pulseaudio --daemonize=no --log-target=journal
|
||
/usr/lib/systemd/systemd
|
-
|
||
/usr/libexec/geoclue
|
/usr/libexec/geoclue
|
||
/usr/lib/systemd/systemd
|
-
|
||
/sbin/wpa_supplicant
|
/sbin/wpa_supplicant -u -s -O /run/wpa_supplicant
|
||
/usr/lib/systemd/systemd
|
-
|
||
/usr/sbin/avahi-daemon
|
/usr/sbin/avahi-daemon -s
|
||
/usr/sbin/avahi-daemon
|
-
|
||
/usr/lib/systemd/systemd
|
-
|
||
/usr/lib/packagekit/packagekitd
|
/usr/lib/packagekit/packagekitd
|
||
/usr/lib/packagekit/packagekitd
|
-
|
||
/usr/bin/dpkg
|
/usr/bin/dpkg --print-foreign-architectures
|
||
/usr/lib/systemd/systemd
|
-
|
||
/lib/systemd/systemd-hostnamed
|
/lib/systemd/systemd-hostnamed
|
||
/usr/lib/systemd/systemd
|
-
|
||
/usr/sbin/ModemManager
|
/usr/sbin/ModemManager --filter-policy=strict
|
||
/usr/lib/systemd/systemd
|
-
|
||
/usr/libexec/colord
|
/usr/libexec/colord
|
||
/usr/libexec/colord
|
-
|
||
/usr/libexec/colord-sane
|
/usr/libexec/colord-sane
|
||
/usr/lib/systemd/systemd
|
-
|
||
/lib/systemd/systemd-localed
|
/lib/systemd/systemd-localed
|
There are 280 hidden processes, click here to show them.
URLs
Name
|
IP
|
Malicious
|
|
---|---|---|---|
https://www.rsyslog.com
|
unknown
|
||
http://wiki.x.org
|
unknown
|
||
http://www.ubuntu.com/support)
|
unknown
|
Domains
Name
|
IP
|
Malicious
|
|
---|---|---|---|
byte-mirai.kro.kr
|
154.216.20.119
|
IPs
IP
|
Domain
|
Country
|
Malicious
|
|
---|---|---|---|---|
41.148.196.219
|
unknown
|
South Africa
|
||
17.57.22.235
|
unknown
|
United States
|
||
178.60.249.95
|
unknown
|
Spain
|
||
77.109.157.82
|
unknown
|
Switzerland
|
||
212.20.44.120
|
unknown
|
Russian Federation
|
||
94.85.243.59
|
unknown
|
Italy
|
||
90.247.48.210
|
unknown
|
United Kingdom
|
||
171.95.134.236
|
unknown
|
China
|
||
95.215.48.36
|
unknown
|
Ukraine
|
||
194.144.71.98
|
unknown
|
Iceland
|
||
81.6.26.135
|
unknown
|
Switzerland
|
||
142.92.161.138
|
unknown
|
Canada
|
||
49.10.66.205
|
unknown
|
Korea Republic of
|
||
116.133.62.126
|
unknown
|
China
|
||
37.35.209.238
|
unknown
|
Spain
|
||
148.56.211.24
|
unknown
|
Spain
|
||
75.79.174.91
|
unknown
|
United States
|
||
38.96.119.2
|
unknown
|
United States
|
||
189.181.178.45
|
unknown
|
Mexico
|
||
54.26.137.102
|
unknown
|
United States
|
||
141.1.252.120
|
unknown
|
Germany
|
||
75.177.252.217
|
unknown
|
United States
|
||
106.114.111.80
|
unknown
|
China
|
||
48.220.92.172
|
unknown
|
United States
|
||
97.99.35.251
|
unknown
|
United States
|
||
188.144.124.72
|
unknown
|
Germany
|
||
41.108.48.173
|
unknown
|
Algeria
|
||
4.207.166.220
|
unknown
|
United States
|
||
132.147.54.114
|
unknown
|
United States
|
||
46.111.236.27
|
unknown
|
Russian Federation
|
||
48.49.26.125
|
unknown
|
United States
|
||
109.219.227.122
|
unknown
|
France
|
||
39.157.9.123
|
unknown
|
China
|
||
110.152.176.180
|
unknown
|
China
|
||
221.120.41.222
|
unknown
|
Taiwan; Republic of China (ROC)
|
||
90.74.177.140
|
unknown
|
France
|
||
145.225.99.177
|
unknown
|
Germany
|
||
170.234.84.201
|
unknown
|
United States
|
||
77.198.164.103
|
unknown
|
France
|
||
154.55.185.244
|
unknown
|
United States
|
||
70.66.252.68
|
unknown
|
Canada
|
||
199.119.115.238
|
unknown
|
United States
|
||
122.208.229.28
|
unknown
|
Japan
|
||
146.181.14.108
|
unknown
|
United States
|
||
81.113.214.164
|
unknown
|
Italy
|
||
139.64.243.11
|
unknown
|
Reserved
|
||
92.154.45.111
|
unknown
|
France
|
||
20.67.73.45
|
unknown
|
United States
|
||
67.241.131.123
|
unknown
|
United States
|
||
87.248.145.178
|
unknown
|
Iran (ISLAMIC Republic Of)
|
||
49.105.53.152
|
unknown
|
Japan
|
||
175.146.218.189
|
unknown
|
China
|
||
206.163.104.103
|
unknown
|
United States
|
||
52.22.221.201
|
unknown
|
United States
|
||
160.76.36.209
|
unknown
|
United States
|
||
81.48.2.215
|
unknown
|
France
|
||
32.201.63.95
|
unknown
|
United States
|
||
140.146.53.131
|
unknown
|
United States
|
||
140.135.223.90
|
unknown
|
Taiwan; Republic of China (ROC)
|
||
80.196.122.122
|
unknown
|
Denmark
|
||
71.22.162.223
|
unknown
|
United States
|
||
49.200.247.241
|
unknown
|
India
|
||
174.5.6.59
|
unknown
|
Canada
|
||
221.163.247.124
|
unknown
|
Korea Republic of
|
||
84.82.104.191
|
unknown
|
Netherlands
|
||
180.68.127.138
|
unknown
|
Korea Republic of
|
||
173.139.22.69
|
unknown
|
United States
|
||
223.66.110.150
|
unknown
|
China
|
||
81.59.219.35
|
unknown
|
Belgium
|
||
166.75.222.194
|
unknown
|
Chile
|
||
212.201.98.74
|
unknown
|
Germany
|
||
176.136.223.224
|
unknown
|
France
|
||
36.114.86.25
|
unknown
|
China
|
||
202.114.81.199
|
unknown
|
China
|
||
159.7.232.162
|
unknown
|
Sweden
|
||
59.108.216.166
|
unknown
|
China
|
||
101.63.232.190
|
unknown
|
Italy
|
||
211.141.188.88
|
unknown
|
China
|
||
37.149.75.37
|
unknown
|
Cyprus
|
||
89.206.103.220
|
unknown
|
Switzerland
|
||
142.220.72.254
|
unknown
|
Canada
|
||
196.233.130.48
|
unknown
|
Tunisia
|
||
165.204.55.254
|
unknown
|
United States
|
||
155.154.166.83
|
unknown
|
United States
|
||
4.131.82.80
|
unknown
|
United States
|
||
61.235.149.98
|
unknown
|
China
|
||
83.118.208.212
|
unknown
|
France
|
||
126.139.28.45
|
unknown
|
Japan
|
||
69.233.21.178
|
unknown
|
United States
|
||
113.236.166.136
|
unknown
|
China
|
||
172.147.112.158
|
unknown
|
United States
|
||
137.61.4.24
|
unknown
|
Sweden
|
||
128.153.194.132
|
unknown
|
United States
|
||
85.43.219.86
|
unknown
|
Italy
|
||
184.226.66.6
|
unknown
|
United States
|
||
153.196.225.114
|
unknown
|
Japan
|
||
69.222.230.189
|
unknown
|
United States
|
||
161.153.47.58
|
unknown
|
United States
|
||
46.204.222.204
|
unknown
|
Poland
|
||
190.20.195.197
|
unknown
|
Chile
|
There are 90 hidden IPs, click here to show them.
Memdumps
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
---|---|---|---|---|
7fb3dc027000
|
page execute read
|
|||
7fb3dc027000
|
page execute read
|
|||
7fb3dc027000
|
page execute read
|
|||
7fb3dc027000
|
page execute read
|
|||
7fb3dc027000
|
page execute read
|
|||
7fb3dc027000
|
page execute read
|
|||
7fb4e3c52000
|
page read and write
|
|||
7fb3dc02b000
|
page read and write
|
|||
56524151d000
|
page read and write
|
|||
56524492b000
|
page read and write
|
|||
7fb4e3948000
|
page read and write
|
|||
7fb4e35fa000
|
page read and write
|
|||
7fb4e3c76000
|
page read and write
|
|||
7fb4e3948000
|
page read and write
|
|||
56524494c000
|
page read and write
|
|||
7fb4e35fa000
|
page read and write
|
|||
7fb3dc028000
|
page read and write
|
|||
7fb4dc021000
|
page read and write
|
|||
56524351b000
|
page execute and read and write
|
|||
565241514000
|
page read and write
|
|||
7fb4dbfff000
|
page read and write
|
|||
7ffdca135000
|
page read and write
|
|||
56524492b000
|
page read and write
|
|||
5652412c3000
|
page execute read
|
|||
7fb4e3cbb000
|
page read and write
|
|||
7fb4e3766000
|
page read and write
|
|||
7ffdca19b000
|
page execute read
|
|||
7fb3dc028000
|
page read and write
|
|||
7fb4e3c52000
|
page read and write
|
|||
7fb4e35d7000
|
page read and write
|
|||
7fb3dc028000
|
page read and write
|
|||
56524151d000
|
page read and write
|
|||
565241514000
|
page read and write
|
|||
7fb4e3c76000
|
page read and write
|
|||
7fb3dc02b000
|
page read and write
|
|||
7fb4e3766000
|
page read and write
|
|||
7fb4e35fa000
|
page read and write
|
|||
7fb4e300a000
|
page read and write
|
|||
7fb3dc02b000
|
page read and write
|
|||
7fb4dbfff000
|
page read and write
|
|||
7fb3dc02b000
|
page read and write
|
|||
7ffdca19b000
|
page execute read
|
|||
7fb4e3c52000
|
page read and write
|
|||
7fb4e300a000
|
page read and write
|
|||
7ffdca19b000
|
page execute read
|
|||
7fb4e336c000
|
page read and write
|
|||
56524151d000
|
page read and write
|
|||
7fb4e336c000
|
page read and write
|
|||
7fb4e3c52000
|
page read and write
|
|||
7fb4e336c000
|
page read and write
|
|||
7fb4e2f78000
|
page read and write
|
|||
7fb4e3b29000
|
page read and write
|
|||
5652412c3000
|
page execute read
|
|||
7fb4e3948000
|
page read and write
|
|||
7fb4dc021000
|
page read and write
|
|||
5652412c3000
|
page execute read
|
|||
7fb4e2f78000
|
page read and write
|
|||
56524351b000
|
page execute and read and write
|
|||
56524351b000
|
page execute and read and write
|
|||
7ffdca135000
|
page read and write
|
|||
7fb4e35fa000
|
page read and write
|
|||
7fb4e2f78000
|
page read and write
|
|||
7fb4e3cbb000
|
page read and write
|
|||
56524351b000
|
page execute and read and write
|
|||
7fb4dc021000
|
page read and write
|
|||
7fb4e3b29000
|
page read and write
|
|||
7fb4e336c000
|
page read and write
|
|||
565243532000
|
page read and write
|
|||
7fb4e3c52000
|
page read and write
|
|||
7fb4e35fa000
|
page read and write
|
|||
7fb4e2770000
|
page read and write
|
|||
7fb4e3c76000
|
page read and write
|
|||
7ffdca19b000
|
page execute read
|
|||
7fb4e3c52000
|
page read and write
|
|||
7fb4e3766000
|
page read and write
|
|||
7fb4e3b29000
|
page read and write
|
|||
7ffdca135000
|
page read and write
|
|||
5652412c3000
|
page execute read
|
|||
7fb4e2f78000
|
page read and write
|
|||
7fb4dbfff000
|
page read and write
|
|||
7fb4e3766000
|
page read and write
|
|||
56524494c000
|
page read and write
|
|||
7fb4e3948000
|
page read and write
|
|||
7fb4e300a000
|
page read and write
|
|||
7ffdca135000
|
page read and write
|
|||
7ffdca19b000
|
page execute read
|
|||
7fb4e2770000
|
page read and write
|
|||
56524151d000
|
page read and write
|
|||
7fb3dc028000
|
page read and write
|
|||
7fb4dbfff000
|
page read and write
|
|||
7fb3dc02d000
|
page read and write
|
|||
7fb4dbfff000
|
page read and write
|
|||
7fb4e3cbb000
|
page read and write
|
|||
7fb4e2770000
|
page read and write
|
|||
7fb4e3766000
|
page read and write
|
|||
7fb4e2770000
|
page read and write
|
|||
7fb3dc028000
|
page read and write
|
|||
7fb4e2770000
|
page read and write
|
|||
7fb4e35d7000
|
page read and write
|
|||
7fb3dc02b000
|
page read and write
|
|||
7fb4e3948000
|
page read and write
|
|||
7fb3dc02b000
|
page read and write
|
|||
7fb4e300a000
|
page read and write
|
|||
56524492b000
|
page read and write
|
|||
7ffdca135000
|
page read and write
|
|||
7fb4e3948000
|
page read and write
|
|||
565241514000
|
page read and write
|
|||
7fb4e3b29000
|
page read and write
|
|||
565241514000
|
page read and write
|
|||
7fb4e2f78000
|
page read and write
|
|||
7ffdca19b000
|
page execute read
|
|||
7fb4e35d7000
|
page read and write
|
|||
7fb4dc021000
|
page read and write
|
|||
565241514000
|
page read and write
|
|||
7fb4e3cbb000
|
page read and write
|
|||
7fb4e35fa000
|
page read and write
|
|||
7fb4e3b29000
|
page read and write
|
|||
7fb4e3cbb000
|
page read and write
|
|||
7fb3dc028000
|
page read and write
|
|||
565241514000
|
page read and write
|
|||
5652412c3000
|
page execute read
|
|||
7fb4e2770000
|
page read and write
|
|||
56524492b000
|
page read and write
|
|||
7fb4dbfff000
|
page read and write
|
|||
7fb4e2f78000
|
page read and write
|
|||
7fb4e3cbb000
|
page read and write
|
|||
7fb3dc02d000
|
page read and write
|
|||
7fb4e336c000
|
page read and write
|
|||
7fb4dc021000
|
page read and write
|
|||
7fb4e3b29000
|
page read and write
|
|||
565243532000
|
page read and write
|
|||
7fb4e3c76000
|
page read and write
|
|||
7fb4e300a000
|
page read and write
|
|||
7fb4e35d7000
|
page read and write
|
|||
56524351b000
|
page execute and read and write
|
|||
7fb4e3c76000
|
page read and write
|
|||
56524492b000
|
page read and write
|
|||
7fb4dc021000
|
page read and write
|
|||
7fb4e336c000
|
page read and write
|
|||
565243532000
|
page read and write
|
|||
7fb4e35d7000
|
page read and write
|
|||
565243532000
|
page read and write
|
|||
56524351b000
|
page execute and read and write
|
|||
565243532000
|
page read and write
|
|||
56524151d000
|
page read and write
|
|||
56524151d000
|
page read and write
|
|||
7fb4e35d7000
|
page read and write
|
|||
7fb4e3c76000
|
page read and write
|
|||
7ffdca135000
|
page read and write
|
|||
56524492b000
|
page read and write
|
|||
7fb4e300a000
|
page read and write
|
|||
7fb4e3766000
|
page read and write
|
|||
5652412c3000
|
page execute read
|
|||
565243532000
|
page read and write
|
There are 144 hidden memdumps, click here to show them.