Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
/tmp/na.elf
|
/tmp/na.elf
|
||
|
/usr/bin/dash
|
-
|
||
|
/usr/bin/rm
|
rm -f /tmp/tmp.ZYkFGfEtGN /tmp/tmp.TmNwbDZI1S /tmp/tmp.zrymtHrCE8
|
||
|
/usr/bin/dash
|
-
|
||
|
/usr/bin/rm
|
rm -f /tmp/tmp.ZYkFGfEtGN /tmp/tmp.TmNwbDZI1S /tmp/tmp.zrymtHrCE8
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
34.249.145.219
|
unknown
|
United States
|
||
|
109.202.202.202
|
unknown
|
Switzerland
|
||
|
91.189.91.42
|
unknown
|
United Kingdom
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
7f5f4c01f000
|
page execute read
|
 |
||
|
7ffdf8ffc000
|
page execute read
|
|||
|
7f60425c1000
|
page read and write
|
|||
|
7ffdf8fe8000
|
page read and write
|
|||
|
7f6042a35000
|
page read and write
|
|||
|
5613d5499000
|
page read and write
|
|||
|
7f604259c000
|
page read and write
|
|||
|
7f5f4c048000
|
page read and write
|
|||
|
5613d7497000
|
page execute and read and write
|
|||
|
7f603c021000
|
page read and write
|
|||
|
5613d82d8000
|
page read and write
|
|||
|
7f6041f4b000
|
page read and write
|
|||
|
7f5f4c034000
|
page read and write
|
|||
|
7f6041f3d000
|
page read and write
|
|||
|
5613d520e000
|
page execute read
|
|||
|
7f60421da000
|
page read and write
|
|||
|
7f6042a3d000
|
page read and write
|
|||
|
5613d5491000
|
page read and write
|
|||
|
7f6042a82000
|
page read and write
|
|||
|
7f604290c000
|
page read and write
|
|||
|
7f604173a000
|
page read and write
|
|||
|
7f603c000000
|
page read and write
|
|||
|
5613d74ad000
|
page read and write
|
There are 13 hidden memdumps, click here to show them.