Files
File Path
|
Type
|
Category
|
Malicious
|
|
---|---|---|---|---|
XvAqhy3FO6.elf
|
ELF 32-bit LSB executable, MIPS, MIPS-I version 1 (SYSV), statically linked, stripped
|
initial sample
|
||
/var/log/wtmp
|
data
|
dropped
|
||
/home/saturnino/.config/pulse/ee49dfd4fa47433baee88884e2d7de7c-default-sink
|
ASCII text
|
dropped
|
||
/home/saturnino/.config/pulse/ee49dfd4fa47433baee88884e2d7de7c-default-source
|
ASCII text
|
dropped
|
||
/proc/5653/oom_score_adj
|
very short file (no magic)
|
dropped
|
||
/proc/5656/oom_score_adj
|
very short file (no magic)
|
dropped
|
||
/proc/5658/oom_score_adj
|
very short file (no magic)
|
dropped
|
||
/proc/5660/oom_score_adj
|
very short file (no magic)
|
dropped
|
||
/proc/5662/oom_score_adj
|
very short file (no magic)
|
dropped
|
||
/proc/5664/oom_score_adj
|
very short file (no magic)
|
dropped
|
||
/proc/5667/oom_score_adj
|
very short file (no magic)
|
dropped
|
||
/proc/5737/oom_score_adj
|
very short file (no magic)
|
dropped
|
||
/proc/5767/oom_score_adj
|
very short file (no magic)
|
dropped
|
||
/proc/5770/oom_score_adj
|
very short file (no magic)
|
dropped
|
||
/proc/5772/oom_score_adj
|
very short file (no magic)
|
dropped
|
||
/proc/5774/oom_score_adj
|
very short file (no magic)
|
dropped
|
||
/proc/5778/oom_score_adj
|
very short file (no magic)
|
dropped
|
||
/proc/5780/oom_score_adj
|
very short file (no magic)
|
dropped
|
||
/proc/5783/oom_score_adj
|
very short file (no magic)
|
dropped
|
||
/proc/5965/oom_score_adj
|
very short file (no magic)
|
dropped
|
||
/proc/6134/oom_score_adj
|
very short file (no magic)
|
dropped
|
||
/proc/6145/oom_score_adj
|
very short file (no magic)
|
dropped
|
||
/proc/6358/oom_score_adj
|
very short file (no magic)
|
dropped
|
||
/run/avahi-daemon/pid
|
ASCII text
|
dropped
|
||
/run/gdm3.pid
|
ASCII text
|
dropped
|
||
/run/systemd/inhibit/.#1urFFSa
|
ASCII text
|
dropped
|
||
/run/systemd/inhibit/.#25H78g8
|
ASCII text
|
dropped
|
||
/run/systemd/inhibit/.#3UYGFc9
|
ASCII text
|
dropped
|
||
/run/systemd/inhibit/.#4kGmnV7
|
ASCII text
|
dropped
|
||
/run/systemd/seats/.#seat01wSp9a
|
ASCII text
|
dropped
|
||
/run/systemd/seats/.#seat06Sqlkb
|
ASCII text
|
dropped
|
||
/run/systemd/seats/.#seat0SEMGl9
|
ASCII text
|
dropped
|
||
/run/systemd/seats/.#seat0d2AJWb
|
ASCII text
|
dropped
|
||
/run/systemd/seats/.#seat0hATSTb
|
ASCII text
|
dropped
|
||
/run/systemd/seats/.#seat0hgheM7
|
ASCII text
|
dropped
|
||
/run/systemd/seats/.#seat0y1VID9
|
ASCII text
|
dropped
|
||
/run/systemd/sessions/.#c13cyeSa
|
ASCII text
|
dropped
|
||
/run/systemd/sessions/.#c19sgHJ8
|
ASCII text
|
dropped
|
||
/run/systemd/sessions/.#c1MTHNo8
|
ASCII text
|
dropped
|
||
/run/systemd/sessions/.#c1ZzCrZa
|
ASCII text
|
dropped
|
||
/run/systemd/sessions/.#c1cpGed9
|
ASCII text
|
dropped
|
||
/run/systemd/sessions/.#c1syyYka
|
ASCII text
|
dropped
|
||
/run/systemd/sessions/.#c2QwPlba
|
ASCII text
|
dropped
|
||
/run/systemd/sessions/.#c2Utojn9
|
ASCII text
|
dropped
|
||
/run/systemd/sessions/.#c2YF9z2b
|
ASCII text
|
dropped
|
||
/run/systemd/sessions/.#c2a4Aza9
|
ASCII text
|
dropped
|
||
/run/systemd/sessions/.#c2aHsKd9
|
ASCII text
|
dropped
|
||
/run/systemd/sessions/.#c2kEBlNb
|
ASCII text
|
dropped
|
||
/run/systemd/sessions/.#c2oYwop9
|
ASCII text
|
dropped
|
||
/run/systemd/sessions/.#c2syw8dc
|
ASCII text
|
dropped
|
||
/run/systemd/users/.#1276aT7R9
|
ASCII text
|
dropped
|
||
/run/systemd/users/.#1277tbt19
|
ASCII text
|
dropped
|
||
/run/systemd/users/.#127C7vCG8
|
ASCII text
|
dropped
|
||
/run/systemd/users/.#127DNXx0a
|
ASCII text
|
dropped
|
||
/run/systemd/users/.#127SN1ny9
|
ASCII text
|
dropped
|
||
/run/systemd/users/.#127VUuj68
|
ASCII text
|
dropped
|
||
/run/systemd/users/.#127Vxuvab
|
ASCII text
|
dropped
|
||
/run/systemd/users/.#127dGGOma
|
ASCII text
|
dropped
|
||
/run/systemd/users/.#127k3VwKa
|
ASCII text
|
dropped
|
||
/run/systemd/users/.#127p1vNua
|
ASCII text
|
dropped
|
||
/run/systemd/users/.#127qxKmZ8
|
ASCII text
|
dropped
|
||
/run/systemd/users/.#127ys6FY8
|
ASCII text
|
dropped
|
||
/run/user/1000/pulse/pid
|
ASCII text
|
dropped
|
||
/run/user/127/ICEauthority
|
TTComp archive data, binary, 1K dictionary
|
dropped
|
||
/run/user/127/dconf/user
|
very short file (no magic)
|
dropped
|
||
/run/user/127/gdm/Xauthority
|
X11 Xauthority data
|
dropped
|
||
/run/user/127/pulse/pid
|
ASCII text
|
dropped
|
||
/run/utmp
|
data
|
dropped
|
||
/tmp/qemu-open.PmWGSZ (deleted)
|
data
|
dropped
|
||
/tmp/qemu-open.XqbNLy (deleted)
|
data
|
dropped
|
||
/tmp/server-0.xkm
|
Compiled XKB Keymap: lsb, version 15
|
dropped
|
||
/var/lib/AccountsService/users/gdm.D1SJV2
|
ASCII text
|
dropped
|
||
/var/lib/AccountsService/users/gdm.RBEDV2
|
ASCII text
|
dropped
|
||
/var/lib/gdm3/.config/ibus/bus/ee49dfd4fa47433baee88884e2d7de7c-unix-0
|
ASCII text
|
dropped
|
||
/var/lib/gdm3/.config/pulse/ee49dfd4fa47433baee88884e2d7de7c-default-sink
|
very short file (no magic)
|
dropped
|
||
/var/lib/gdm3/.config/pulse/ee49dfd4fa47433baee88884e2d7de7c-default-source
|
very short file (no magic)
|
dropped
|
||
/var/lib/ubuntu-drivers-common/last_gfx_boot
|
ASCII text
|
dropped
|
||
/var/log/Xorg.0.log
|
JSON data
|
dropped
|
||
/var/log/auth.log
|
Unknown
|
dropped
|
||
/var/log/gpu-manager.log
|
ASCII text
|
dropped
|
||
/var/log/kern.log
|
Unknown
|
dropped
|
||
/var/log/syslog
|
Unknown
|
dropped
|
There are 72 hidden files, click here to show them.
Processes
Path
|
Cmdline
|
Malicious
|
|
---|---|---|---|
/usr/bin/dash
|
-
|
||
/usr/bin/rm
|
rm -f /tmp/tmp.ZRzIGSnEBc /tmp/tmp.Dw4qdzVmtQ /tmp/tmp.icgmyHceBB
|
||
/usr/bin/dash
|
-
|
||
/usr/bin/rm
|
rm -f /tmp/tmp.ZRzIGSnEBc /tmp/tmp.Dw4qdzVmtQ /tmp/tmp.icgmyHceBB
|
||
/tmp/XvAqhy3FO6.elf
|
/tmp/XvAqhy3FO6.elf
|
||
/tmp/XvAqhy3FO6.elf
|
-
|
||
/tmp/XvAqhy3FO6.elf
|
-
|
||
/tmp/XvAqhy3FO6.elf
|
-
|
||
/tmp/XvAqhy3FO6.elf
|
-
|
||
/tmp/XvAqhy3FO6.elf
|
-
|
||
/tmp/XvAqhy3FO6.elf
|
-
|
||
/tmp/XvAqhy3FO6.elf
|
-
|
||
/tmp/XvAqhy3FO6.elf
|
-
|
||
/usr/lib/systemd/systemd
|
-
|
||
/usr/bin/dbus-daemon
|
/usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only
|
||
/usr/lib/systemd/systemd
|
-
|
||
/usr/sbin/rsyslogd
|
/usr/sbin/rsyslogd -n -iNONE
|
||
/usr/lib/systemd/systemd
|
-
|
||
/usr/bin/pulseaudio
|
/usr/bin/pulseaudio --daemonize=no --log-target=journal
|
||
/usr/libexec/gvfsd-fuse
|
-
|
||
/bin/fusermount
|
fusermount -u -q -z -- /run/user/1000/gvfs
|
||
/usr/lib/systemd/systemd
|
-
|
||
/usr/libexec/rtkit-daemon
|
/usr/libexec/rtkit-daemon
|
||
/usr/lib/systemd/systemd
|
-
|
||
/lib/systemd/systemd-logind
|
/lib/systemd/systemd-logind
|
||
/usr/lib/systemd/systemd
|
-
|
||
/usr/lib/policykit-1/polkitd
|
/usr/lib/policykit-1/polkitd --no-debug
|
||
/usr/lib/systemd/systemd
|
-
|
||
/sbin/agetty
|
/sbin/agetty -o "-p -- \\u" --noclear tty2 linux
|
||
/usr/sbin/gdm3
|
-
|
||
/etc/gdm3/PrimeOff/Default
|
/etc/gdm3/PrimeOff/Default
|
||
/usr/sbin/gdm3
|
-
|
||
/etc/gdm3/PrimeOff/Default
|
/etc/gdm3/PrimeOff/Default
|
||
/usr/sbin/gdm3
|
-
|
||
/etc/gdm3/PrimeOff/Default
|
/etc/gdm3/PrimeOff/Default
|
||
/usr/lib/systemd/systemd
|
-
|
||
/usr/bin/gpu-manager
|
/usr/bin/gpu-manager --log /var/log/gpu-manager.log
|
||
/usr/bin/gpu-manager
|
-
|
||
/bin/sh
|
sh -c "grep -G \"^blacklist.*nvidia[[:space:]]*$\" /etc/modprobe.d/*.conf"
|
||
/bin/sh
|
-
|
||
/usr/bin/grep
|
grep -G ^blacklist.*nvidia[[:space:]]*$ /etc/modprobe.d/alsa-base.conf /etc/modprobe.d/amd64-microcode-blacklist.conf /etc/modprobe.d/blacklist-ath_pci.conf
/etc/modprobe.d/blacklist-firewire.conf /etc/modprobe.d/blacklist-framebuffer.conf /etc/modprobe.d/blacklist-modem.conf /etc/modprobe.d/blacklist-oss.conf
/etc/modprobe.d/blacklist-rare-network.conf /etc/modprobe.d/blacklist.conf /etc/modprobe.d/intel-microcode-blacklist.conf
/etc/modprobe.d/iwlwifi.conf /etc/modprobe.d/mdadm.conf
|
||
/usr/bin/gpu-manager
|
-
|
||
/bin/sh
|
sh -c "grep -G \"^blacklist.*nvidia[[:space:]]*$\" /lib/modprobe.d/*.conf"
|
||
/bin/sh
|
-
|
||
/usr/bin/grep
|
grep -G ^blacklist.*nvidia[[:space:]]*$ /lib/modprobe.d/aliases.conf /lib/modprobe.d/blacklist_linux_5.4.0-72-generic.conf
/lib/modprobe.d/blacklist_linux_5.4.0-81-generic.conf /lib/modprobe.d/fbdev-blacklist.conf /lib/modprobe.d/systemd.conf
|
||
/usr/bin/gpu-manager
|
-
|
||
/bin/sh
|
sh -c "grep -G \"^blacklist.*radeon[[:space:]]*$\" /etc/modprobe.d/*.conf"
|
||
/bin/sh
|
-
|
||
/usr/bin/grep
|
grep -G ^blacklist.*radeon[[:space:]]*$ /etc/modprobe.d/alsa-base.conf /etc/modprobe.d/amd64-microcode-blacklist.conf /etc/modprobe.d/blacklist-ath_pci.conf
/etc/modprobe.d/blacklist-firewire.conf /etc/modprobe.d/blacklist-framebuffer.conf /etc/modprobe.d/blacklist-modem.conf /etc/modprobe.d/blacklist-oss.conf
/etc/modprobe.d/blacklist-rare-network.conf /etc/modprobe.d/blacklist.conf /etc/modprobe.d/intel-microcode-blacklist.conf
/etc/modprobe.d/iwlwifi.conf /etc/modprobe.d/mdadm.conf
|
||
/usr/bin/gpu-manager
|
-
|
||
/bin/sh
|
sh -c "grep -G \"^blacklist.*radeon[[:space:]]*$\" /lib/modprobe.d/*.conf"
|
||
/bin/sh
|
-
|
||
/usr/bin/grep
|
grep -G ^blacklist.*radeon[[:space:]]*$ /lib/modprobe.d/aliases.conf /lib/modprobe.d/blacklist_linux_5.4.0-72-generic.conf
/lib/modprobe.d/blacklist_linux_5.4.0-81-generic.conf /lib/modprobe.d/fbdev-blacklist.conf /lib/modprobe.d/systemd.conf
|
||
/usr/bin/gpu-manager
|
-
|
||
/bin/sh
|
sh -c "grep -G \"^blacklist.*amdgpu[[:space:]]*$\" /etc/modprobe.d/*.conf"
|
||
/bin/sh
|
-
|
||
/usr/bin/grep
|
grep -G ^blacklist.*amdgpu[[:space:]]*$ /etc/modprobe.d/alsa-base.conf /etc/modprobe.d/amd64-microcode-blacklist.conf /etc/modprobe.d/blacklist-ath_pci.conf
/etc/modprobe.d/blacklist-firewire.conf /etc/modprobe.d/blacklist-framebuffer.conf /etc/modprobe.d/blacklist-modem.conf /etc/modprobe.d/blacklist-oss.conf
/etc/modprobe.d/blacklist-rare-network.conf /etc/modprobe.d/blacklist.conf /etc/modprobe.d/intel-microcode-blacklist.conf
/etc/modprobe.d/iwlwifi.conf /etc/modprobe.d/mdadm.conf
|
||
/usr/bin/gpu-manager
|
-
|
||
/bin/sh
|
sh -c "grep -G \"^blacklist.*amdgpu[[:space:]]*$\" /lib/modprobe.d/*.conf"
|
||
/bin/sh
|
-
|
||
/usr/bin/grep
|
grep -G ^blacklist.*amdgpu[[:space:]]*$ /lib/modprobe.d/aliases.conf /lib/modprobe.d/blacklist_linux_5.4.0-72-generic.conf
/lib/modprobe.d/blacklist_linux_5.4.0-81-generic.conf /lib/modprobe.d/fbdev-blacklist.conf /lib/modprobe.d/systemd.conf
|
||
/usr/bin/gpu-manager
|
-
|
||
/bin/sh
|
sh -c "grep -G \"^blacklist.*nouveau[[:space:]]*$\" /etc/modprobe.d/*.conf"
|
||
/bin/sh
|
-
|
||
/usr/bin/grep
|
grep -G ^blacklist.*nouveau[[:space:]]*$ /etc/modprobe.d/alsa-base.conf /etc/modprobe.d/amd64-microcode-blacklist.conf /etc/modprobe.d/blacklist-ath_pci.conf
/etc/modprobe.d/blacklist-firewire.conf /etc/modprobe.d/blacklist-framebuffer.conf /etc/modprobe.d/blacklist-modem.conf /etc/modprobe.d/blacklist-oss.conf
/etc/modprobe.d/blacklist-rare-network.conf /etc/modprobe.d/blacklist.conf /etc/modprobe.d/intel-microcode-blacklist.conf
/etc/modprobe.d/iwlwifi.conf /etc/modprobe.d/mdadm.conf
|
||
/usr/bin/gpu-manager
|
-
|
||
/bin/sh
|
sh -c "grep -G \"^blacklist.*nouveau[[:space:]]*$\" /lib/modprobe.d/*.conf"
|
||
/bin/sh
|
-
|
||
/usr/bin/grep
|
grep -G ^blacklist.*nouveau[[:space:]]*$ /lib/modprobe.d/aliases.conf /lib/modprobe.d/blacklist_linux_5.4.0-72-generic.conf
/lib/modprobe.d/blacklist_linux_5.4.0-81-generic.conf /lib/modprobe.d/fbdev-blacklist.conf /lib/modprobe.d/systemd.conf
|
||
/usr/lib/systemd/systemd
|
-
|
||
/usr/bin/dbus-daemon
|
/usr/bin/dbus-daemon --session --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only
|
||
/usr/lib/systemd/systemd
|
-
|
||
/usr/share/gdm/generate-config
|
/usr/share/gdm/generate-config
|
||
/usr/share/gdm/generate-config
|
-
|
||
/usr/bin/pkill
|
pkill --signal HUP --uid gdm dconf-service
|
||
/usr/lib/systemd/systemd
|
-
|
||
/usr/lib/gdm3/gdm-wait-for-drm
|
/usr/lib/gdm3/gdm-wait-for-drm
|
||
/usr/lib/systemd/systemd
|
-
|
||
/usr/sbin/gdm3
|
/usr/sbin/gdm3
|
||
/usr/sbin/gdm3
|
-
|
||
/usr/bin/plymouth
|
plymouth --ping
|
||
/usr/sbin/gdm3
|
-
|
||
/usr/lib/gdm3/gdm-session-worker
|
"gdm-session-worker [pam/gdm-launch-environment]"
|
||
/usr/lib/gdm3/gdm-session-worker
|
-
|
||
/usr/lib/gdm3/gdm-wayland-session
|
/usr/lib/gdm3/gdm-wayland-session "dbus-run-session -- gnome-session --autostart /usr/share/gdm/greeter/autostart"
|
||
/usr/lib/gdm3/gdm-wayland-session
|
-
|
||
/usr/bin/dbus-run-session
|
dbus-run-session -- gnome-session --autostart /usr/share/gdm/greeter/autostart
|
||
/usr/bin/dbus-run-session
|
-
|
||
/usr/bin/dbus-daemon
|
dbus-daemon --nofork --print-address 4 --session
|
||
/usr/bin/dbus-daemon
|
-
|
||
/usr/bin/dbus-daemon
|
-
|
||
/bin/false
|
/bin/false
|
||
/usr/bin/dbus-daemon
|
-
|
||
/usr/bin/dbus-daemon
|
-
|
||
/bin/false
|
/bin/false
|
||
/usr/bin/dbus-daemon
|
-
|
||
/usr/bin/dbus-daemon
|
-
|
||
/bin/false
|
/bin/false
|
||
/usr/bin/dbus-daemon
|
-
|
||
/usr/bin/dbus-daemon
|
-
|
||
/bin/false
|
/bin/false
|
||
/usr/bin/dbus-daemon
|
-
|
||
/usr/bin/dbus-daemon
|
-
|
||
/bin/false
|
/bin/false
|
||
/usr/bin/dbus-daemon
|
-
|
||
/usr/bin/dbus-daemon
|
-
|
||
/bin/false
|
/bin/false
|
||
/usr/bin/dbus-daemon
|
-
|
||
/usr/bin/dbus-daemon
|
-
|
||
/bin/false
|
/bin/false
|
||
/usr/bin/dbus-run-session
|
-
|
||
/usr/bin/gnome-session
|
gnome-session --autostart /usr/share/gdm/greeter/autostart
|
||
/usr/libexec/gnome-session-binary
|
/usr/libexec/gnome-session-binary --systemd --autostart /usr/share/gdm/greeter/autostart
|
||
/usr/libexec/gnome-session-binary
|
-
|
||
/usr/bin/session-migration
|
session-migration
|
||
/usr/libexec/gnome-session-binary
|
-
|
||
/bin/sh
|
/bin/sh -e -u -c "export GIO_LAUNCHED_DESKTOP_FILE_PID=$$; exec \"$@\"" sh /usr/bin/gnome-shell
|
||
/usr/bin/gnome-shell
|
/usr/bin/gnome-shell
|
||
/usr/sbin/gdm3
|
-
|
||
/usr/lib/gdm3/gdm-session-worker
|
"gdm-session-worker [pam/gdm-launch-environment]"
|
||
/usr/lib/gdm3/gdm-session-worker
|
-
|
||
/usr/lib/gdm3/gdm-x-session
|
/usr/lib/gdm3/gdm-x-session "dbus-run-session -- gnome-session --autostart /usr/share/gdm/greeter/autostart"
|
||
/usr/lib/gdm3/gdm-x-session
|
-
|
||
/usr/bin/Xorg
|
/usr/bin/Xorg vt1 -displayfd 3 -auth /run/user/127/gdm/Xauthority -background none -noreset -keeptty -verbose 3
|
||
/usr/lib/xorg/Xorg.wrap
|
/usr/lib/xorg/Xorg.wrap vt1 -displayfd 3 -auth /run/user/127/gdm/Xauthority -background none -noreset -keeptty -verbose 3
|
||
/usr/lib/xorg/Xorg
|
/usr/lib/xorg/Xorg vt1 -displayfd 3 -auth /run/user/127/gdm/Xauthority -background none -noreset -keeptty -verbose 3
|
||
/usr/lib/xorg/Xorg
|
-
|
||
/bin/sh
|
sh -c "\"/usr/bin/xkbcomp\" -w 1 \"-R/usr/share/X11/xkb\" -xkm \"-\" -em1 \"The XKEYBOARD keymap compiler (xkbcomp) reports:\"
-emp \"> \" -eml \"Errors from xkbcomp are not fatal to the X server\" \"/tmp/server-0.xkm\""
|
||
/bin/sh
|
-
|
||
/usr/bin/xkbcomp
|
/usr/bin/xkbcomp -w 1 -R/usr/share/X11/xkb -xkm - -em1 "The XKEYBOARD keymap compiler (xkbcomp) reports:" -emp "> " -eml "Errors
from xkbcomp are not fatal to the X server" /tmp/server-0.xkm
|
||
/usr/lib/xorg/Xorg
|
-
|
||
/bin/sh
|
sh -c "\"/usr/bin/xkbcomp\" -w 1 \"-R/usr/share/X11/xkb\" -xkm \"-\" -em1 \"The XKEYBOARD keymap compiler (xkbcomp) reports:\"
-emp \"> \" -eml \"Errors from xkbcomp are not fatal to the X server\" \"/tmp/server-0.xkm\""
|
||
/bin/sh
|
-
|
||
/usr/bin/xkbcomp
|
/usr/bin/xkbcomp -w 1 -R/usr/share/X11/xkb -xkm - -em1 "The XKEYBOARD keymap compiler (xkbcomp) reports:" -emp "> " -eml "Errors
from xkbcomp are not fatal to the X server" /tmp/server-0.xkm
|
||
/usr/lib/gdm3/gdm-x-session
|
-
|
||
/etc/gdm3/Prime/Default
|
/etc/gdm3/Prime/Default
|
||
/usr/lib/gdm3/gdm-x-session
|
-
|
||
/usr/bin/dbus-run-session
|
dbus-run-session -- gnome-session --autostart /usr/share/gdm/greeter/autostart
|
||
/usr/bin/dbus-run-session
|
-
|
||
/usr/bin/dbus-daemon
|
dbus-daemon --nofork --print-address 4 --session
|
||
/usr/bin/dbus-daemon
|
-
|
||
/usr/bin/dbus-daemon
|
-
|
||
/usr/libexec/at-spi-bus-launcher
|
/usr/libexec/at-spi-bus-launcher
|
||
/usr/libexec/at-spi-bus-launcher
|
-
|
||
/usr/bin/dbus-daemon
|
/usr/bin/dbus-daemon --config-file=/usr/share/defaults/at-spi2/accessibility.conf --nofork --print-address 3
|
||
/usr/bin/dbus-daemon
|
-
|
||
/usr/bin/dbus-daemon
|
-
|
||
/usr/libexec/at-spi2-registryd
|
/usr/libexec/at-spi2-registryd --use-gnome-session
|
||
/usr/bin/dbus-daemon
|
-
|
||
/usr/bin/dbus-daemon
|
-
|
||
/bin/false
|
/bin/false
|
||
/usr/bin/dbus-daemon
|
-
|
||
/usr/bin/dbus-daemon
|
-
|
||
/bin/false
|
/bin/false
|
||
/usr/bin/dbus-daemon
|
-
|
||
/usr/bin/dbus-daemon
|
-
|
||
/bin/false
|
/bin/false
|
||
/usr/bin/dbus-daemon
|
-
|
||
/usr/bin/dbus-daemon
|
-
|
||
/bin/false
|
/bin/false
|
||
/usr/bin/dbus-daemon
|
-
|
||
/usr/bin/dbus-daemon
|
-
|
||
/bin/false
|
/bin/false
|
||
/usr/bin/dbus-daemon
|
-
|
||
/usr/bin/dbus-daemon
|
-
|
||
/bin/false
|
/bin/false
|
||
/usr/bin/dbus-daemon
|
-
|
||
/usr/bin/dbus-daemon
|
-
|
||
/bin/false
|
/bin/false
|
||
/usr/bin/dbus-daemon
|
-
|
||
/usr/bin/dbus-daemon
|
-
|
||
/usr/libexec/ibus-portal
|
/usr/libexec/ibus-portal
|
||
/usr/bin/dbus-daemon
|
-
|
||
/usr/bin/dbus-daemon
|
-
|
||
/usr/bin/gjs
|
/usr/bin/gjs /usr/share/gnome-shell/org.gnome.Shell.Notifications
|
||
/usr/bin/dbus-daemon
|
-
|
||
/usr/bin/dbus-daemon
|
-
|
||
/bin/false
|
/bin/false
|
||
/usr/bin/dbus-run-session
|
-
|
||
/usr/bin/gnome-session
|
gnome-session --autostart /usr/share/gdm/greeter/autostart
|
||
/usr/libexec/gnome-session-binary
|
/usr/libexec/gnome-session-binary --systemd --autostart /usr/share/gdm/greeter/autostart
|
||
/usr/libexec/gnome-session-binary
|
-
|
||
/usr/libexec/gnome-session-check-accelerated
|
/usr/libexec/gnome-session-check-accelerated
|
||
/usr/libexec/gnome-session-check-accelerated
|
-
|
||
/usr/libexec/gnome-session-check-accelerated-gl-helper
|
/usr/libexec/gnome-session-check-accelerated-gl-helper --print-renderer
|
||
/usr/libexec/gnome-session-check-accelerated
|
-
|
||
/usr/libexec/gnome-session-check-accelerated-gles-helper
|
/usr/libexec/gnome-session-check-accelerated-gles-helper --print-renderer
|
||
/usr/libexec/gnome-session-binary
|
-
|
||
/usr/bin/session-migration
|
session-migration
|
||
/usr/libexec/gnome-session-binary
|
-
|
||
/bin/sh
|
/bin/sh -e -u -c "export GIO_LAUNCHED_DESKTOP_FILE_PID=$$; exec \"$@\"" sh /usr/bin/gnome-shell
|
||
/usr/bin/gnome-shell
|
/usr/bin/gnome-shell
|
||
/usr/bin/gnome-shell
|
-
|
||
/usr/bin/ibus-daemon
|
ibus-daemon --panel disable --xim
|
||
/usr/bin/ibus-daemon
|
-
|
||
/usr/libexec/ibus-memconf
|
/usr/libexec/ibus-memconf
|
||
/usr/bin/ibus-daemon
|
-
|
||
/usr/bin/ibus-daemon
|
-
|
||
/usr/libexec/ibus-x11
|
/usr/libexec/ibus-x11 --kill-daemon
|
||
/usr/bin/ibus-daemon
|
-
|
||
/usr/libexec/ibus-engine-simple
|
/usr/libexec/ibus-engine-simple
|
||
/usr/libexec/gnome-session-binary
|
-
|
||
/bin/sh
|
/bin/sh -e -u -c "export GIO_LAUNCHED_DESKTOP_FILE_PID=$$; exec \"$@\"" sh /usr/libexec/gsd-sharing
|
||
/usr/libexec/gsd-sharing
|
/usr/libexec/gsd-sharing
|
||
/usr/libexec/gnome-session-binary
|
-
|
||
/bin/sh
|
/bin/sh -e -u -c "export GIO_LAUNCHED_DESKTOP_FILE_PID=$$; exec \"$@\"" sh /usr/libexec/gsd-wacom
|
||
/usr/libexec/gsd-wacom
|
/usr/libexec/gsd-wacom
|
||
/usr/libexec/gnome-session-binary
|
-
|
||
/bin/sh
|
/bin/sh -e -u -c "export GIO_LAUNCHED_DESKTOP_FILE_PID=$$; exec \"$@\"" sh /usr/libexec/gsd-color
|
||
/usr/libexec/gsd-color
|
/usr/libexec/gsd-color
|
||
/usr/libexec/gnome-session-binary
|
-
|
||
/bin/sh
|
/bin/sh -e -u -c "export GIO_LAUNCHED_DESKTOP_FILE_PID=$$; exec \"$@\"" sh /usr/libexec/gsd-keyboard
|
||
/usr/libexec/gsd-keyboard
|
/usr/libexec/gsd-keyboard
|
||
/usr/libexec/gnome-session-binary
|
-
|
||
/bin/sh
|
/bin/sh -e -u -c "export GIO_LAUNCHED_DESKTOP_FILE_PID=$$; exec \"$@\"" sh /usr/libexec/gsd-print-notifications
|
||
/usr/libexec/gsd-print-notifications
|
/usr/libexec/gsd-print-notifications
|
||
/usr/libexec/gsd-print-notifications
|
-
|
||
/usr/libexec/gsd-print-notifications
|
-
|
||
/usr/libexec/gsd-printer
|
/usr/libexec/gsd-printer
|
||
/usr/libexec/gnome-session-binary
|
-
|
||
/bin/sh
|
/bin/sh -e -u -c "export GIO_LAUNCHED_DESKTOP_FILE_PID=$$; exec \"$@\"" sh /usr/libexec/gsd-rfkill
|
||
/usr/libexec/gsd-rfkill
|
/usr/libexec/gsd-rfkill
|
||
/usr/libexec/gnome-session-binary
|
-
|
||
/bin/sh
|
/bin/sh -e -u -c "export GIO_LAUNCHED_DESKTOP_FILE_PID=$$; exec \"$@\"" sh /usr/libexec/gsd-smartcard
|
||
/usr/libexec/gsd-smartcard
|
/usr/libexec/gsd-smartcard
|
||
/usr/libexec/gnome-session-binary
|
-
|
||
/bin/sh
|
/bin/sh -e -u -c "export GIO_LAUNCHED_DESKTOP_FILE_PID=$$; exec \"$@\"" sh /usr/libexec/gsd-datetime
|
||
/usr/libexec/gsd-datetime
|
/usr/libexec/gsd-datetime
|
||
/usr/libexec/gnome-session-binary
|
-
|
||
/bin/sh
|
/bin/sh -e -u -c "export GIO_LAUNCHED_DESKTOP_FILE_PID=$$; exec \"$@\"" sh /usr/libexec/gsd-media-keys
|
||
/usr/libexec/gsd-media-keys
|
/usr/libexec/gsd-media-keys
|
||
/usr/libexec/gnome-session-binary
|
-
|
||
/bin/sh
|
/bin/sh -e -u -c "export GIO_LAUNCHED_DESKTOP_FILE_PID=$$; exec \"$@\"" sh /usr/libexec/gsd-screensaver-proxy
|
||
/usr/libexec/gsd-screensaver-proxy
|
/usr/libexec/gsd-screensaver-proxy
|
||
/usr/libexec/gnome-session-binary
|
-
|
||
/bin/sh
|
/bin/sh -e -u -c "export GIO_LAUNCHED_DESKTOP_FILE_PID=$$; exec \"$@\"" sh /usr/libexec/gsd-sound
|
||
/usr/libexec/gsd-sound
|
/usr/libexec/gsd-sound
|
||
/usr/libexec/gnome-session-binary
|
-
|
||
/bin/sh
|
/bin/sh -e -u -c "export GIO_LAUNCHED_DESKTOP_FILE_PID=$$; exec \"$@\"" sh /usr/libexec/gsd-a11y-settings
|
||
/usr/libexec/gsd-a11y-settings
|
/usr/libexec/gsd-a11y-settings
|
||
/usr/libexec/gnome-session-binary
|
-
|
||
/bin/sh
|
/bin/sh -e -u -c "export GIO_LAUNCHED_DESKTOP_FILE_PID=$$; exec \"$@\"" sh /usr/libexec/gsd-housekeeping
|
||
/usr/libexec/gsd-housekeeping
|
/usr/libexec/gsd-housekeeping
|
||
/usr/libexec/gnome-session-binary
|
-
|
||
/bin/sh
|
/bin/sh -e -u -c "export GIO_LAUNCHED_DESKTOP_FILE_PID=$$; exec \"$@\"" sh /usr/libexec/gsd-power
|
||
/usr/libexec/gsd-power
|
/usr/libexec/gsd-power
|
||
/usr/libexec/gnome-session-binary
|
-
|
||
/bin/sh
|
/bin/sh -e -u -c "export GIO_LAUNCHED_DESKTOP_FILE_PID=$$; exec \"$@\"" sh /usr/bin/spice-vdagent
|
||
/usr/bin/spice-vdagent
|
/usr/bin/spice-vdagent
|
||
/usr/libexec/gnome-session-binary
|
-
|
||
/bin/sh
|
/bin/sh -e -u -c "export GIO_LAUNCHED_DESKTOP_FILE_PID=$$; exec \"$@\"" sh xbrlapi -q
|
||
/usr/bin/xbrlapi
|
xbrlapi -q
|
||
/usr/sbin/gdm3
|
-
|
||
/etc/gdm3/PrimeOff/Default
|
/etc/gdm3/PrimeOff/Default
|
||
/usr/sbin/gdm3
|
-
|
||
/etc/gdm3/PrimeOff/Default
|
/etc/gdm3/PrimeOff/Default
|
||
/usr/lib/systemd/systemd
|
-
|
||
/usr/lib/accountsservice/accounts-daemon
|
/usr/lib/accountsservice/accounts-daemon
|
||
/usr/lib/accountsservice/accounts-daemon
|
-
|
||
/usr/share/language-tools/language-validate
|
/usr/share/language-tools/language-validate en_US.UTF-8
|
||
/usr/share/language-tools/language-validate
|
-
|
||
/usr/share/language-tools/language-options
|
/usr/share/language-tools/language-options
|
||
/usr/share/language-tools/language-options
|
-
|
||
/bin/sh
|
sh -c "locale -a | grep -F .utf8 "
|
||
/bin/sh
|
-
|
||
/usr/bin/locale
|
locale -a
|
||
/bin/sh
|
-
|
||
/usr/bin/grep
|
grep -F .utf8
|
||
/usr/lib/systemd/systemd
|
-
|
||
/usr/bin/dbus-daemon
|
/usr/bin/dbus-daemon --session --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only
|
||
/usr/lib/systemd/systemd
|
-
|
||
/lib/systemd/systemd-localed
|
/lib/systemd/systemd-localed
|
||
/usr/lib/systemd/systemd
|
-
|
||
/usr/lib/upower/upowerd
|
/usr/lib/upower/upowerd
|
||
/usr/lib/systemd/systemd
|
-
|
||
/usr/bin/pulseaudio
|
/usr/bin/pulseaudio --daemonize=no --log-target=journal
|
||
/usr/lib/systemd/systemd
|
-
|
||
/usr/libexec/geoclue
|
/usr/libexec/geoclue
|
||
/usr/lib/systemd/systemd
|
-
|
||
/sbin/wpa_supplicant
|
/sbin/wpa_supplicant -u -s -O /run/wpa_supplicant
|
||
/usr/lib/systemd/systemd
|
-
|
||
/usr/lib/packagekit/packagekitd
|
/usr/lib/packagekit/packagekitd
|
||
/usr/lib/packagekit/packagekitd
|
-
|
||
/usr/bin/dpkg
|
/usr/bin/dpkg --print-foreign-architectures
|
||
/usr/lib/systemd/systemd
|
-
|
||
/usr/sbin/avahi-daemon
|
/usr/sbin/avahi-daemon -s
|
||
/usr/sbin/avahi-daemon
|
-
|
||
/usr/lib/systemd/systemd
|
-
|
||
/lib/systemd/systemd-hostnamed
|
/lib/systemd/systemd-hostnamed
|
||
/usr/lib/systemd/systemd
|
-
|
||
/usr/sbin/ModemManager
|
/usr/sbin/ModemManager --filter-policy=strict
|
||
/usr/lib/systemd/systemd
|
-
|
||
/usr/libexec/colord
|
/usr/libexec/colord
|
||
/usr/libexec/colord
|
-
|
||
/usr/libexec/colord-sane
|
/usr/libexec/colord-sane
|
||
/usr/lib/systemd/systemd
|
-
|
||
/lib/systemd/systemd-localed
|
/lib/systemd/systemd-localed
|
||
/usr/lib/systemd/systemd
|
-
|
||
/usr/libexec/fprintd
|
/usr/libexec/fprintd
|
There are 289 hidden processes, click here to show them.
URLs
Name
|
IP
|
Malicious
|
|
---|---|---|---|
https://www.rsyslog.com
|
unknown
|
||
http://wiki.x.org
|
unknown
|
||
http://www.ubuntu.com/support)
|
unknown
|
Domains
Name
|
IP
|
Malicious
|
|
---|---|---|---|
byte-mirai.kro.kr
|
154.216.20.119
|
IPs
IP
|
Domain
|
Country
|
Malicious
|
|
---|---|---|---|---|
138.99.129.41
|
unknown
|
Argentina
|
||
223.169.120.39
|
unknown
|
Korea Republic of
|
||
187.255.208.100
|
unknown
|
Brazil
|
||
90.69.108.139
|
unknown
|
France
|
||
178.137.157.93
|
unknown
|
Ukraine
|
||
54.87.50.185
|
unknown
|
United States
|
||
110.35.194.76
|
unknown
|
Korea Republic of
|
||
164.42.160.97
|
unknown
|
Puerto Rico
|
||
57.134.190.154
|
unknown
|
Belgium
|
||
13.7.15.180
|
unknown
|
United States
|
||
119.242.158.38
|
unknown
|
Japan
|
||
172.220.122.192
|
unknown
|
United States
|
||
140.7.152.248
|
unknown
|
United States
|
||
31.57.157.44
|
unknown
|
Iran (ISLAMIC Republic Of)
|
||
192.89.10.117
|
unknown
|
Finland
|
||
210.137.58.174
|
unknown
|
Japan
|
||
147.166.173.156
|
unknown
|
United States
|
||
196.237.197.232
|
unknown
|
Tunisia
|
||
89.248.34.135
|
unknown
|
Switzerland
|
||
192.221.197.196
|
unknown
|
United States
|
||
223.68.161.192
|
unknown
|
China
|
||
54.119.141.84
|
unknown
|
United States
|
||
54.87.50.193
|
unknown
|
United States
|
||
132.168.84.171
|
unknown
|
France
|
||
217.53.86.198
|
unknown
|
Egypt
|
||
172.96.116.38
|
unknown
|
United States
|
||
217.219.14.73
|
unknown
|
Iran (ISLAMIC Republic Of)
|
||
59.60.173.72
|
unknown
|
China
|
||
206.140.22.120
|
unknown
|
United States
|
||
206.41.176.146
|
unknown
|
United States
|
||
121.198.26.176
|
unknown
|
China
|
||
128.80.145.149
|
unknown
|
United States
|
||
97.47.196.138
|
unknown
|
United States
|
||
18.105.167.248
|
unknown
|
United States
|
||
183.168.47.167
|
unknown
|
China
|
||
51.58.121.76
|
unknown
|
United Kingdom
|
||
61.10.98.209
|
unknown
|
Hong Kong
|
||
5.113.65.140
|
unknown
|
Iran (ISLAMIC Republic Of)
|
||
52.96.194.56
|
unknown
|
United States
|
||
132.209.121.170
|
unknown
|
Canada
|
||
53.60.76.12
|
unknown
|
Germany
|
||
93.178.28.140
|
unknown
|
Saudi Arabia
|
||
51.65.109.90
|
unknown
|
United Kingdom
|
||
17.202.33.215
|
unknown
|
United States
|
||
129.14.150.39
|
unknown
|
United States
|
||
128.108.78.165
|
unknown
|
China
|
||
187.208.37.241
|
unknown
|
Mexico
|
||
126.230.58.246
|
unknown
|
Japan
|
||
157.139.31.142
|
unknown
|
United States
|
||
173.35.51.207
|
unknown
|
Canada
|
||
184.209.111.81
|
unknown
|
United States
|
||
84.112.43.114
|
unknown
|
Austria
|
||
196.51.223.10
|
unknown
|
South Africa
|
||
14.135.254.241
|
unknown
|
China
|
||
204.160.201.167
|
unknown
|
United States
|
||
192.236.176.249
|
unknown
|
United States
|
||
89.43.240.163
|
unknown
|
Romania
|
||
107.210.162.171
|
unknown
|
United States
|
||
89.103.89.58
|
unknown
|
Czech Republic
|
||
98.228.13.154
|
unknown
|
United States
|
||
205.50.28.253
|
unknown
|
United States
|
||
43.142.72.167
|
unknown
|
Japan
|
||
223.148.241.47
|
unknown
|
China
|
||
187.10.79.97
|
unknown
|
Brazil
|
||
109.67.240.112
|
unknown
|
Israel
|
||
181.26.83.251
|
unknown
|
Argentina
|
||
212.3.103.71
|
unknown
|
Ukraine
|
||
141.74.44.205
|
unknown
|
Germany
|
||
212.200.249.122
|
unknown
|
Serbia
|
||
193.92.123.52
|
unknown
|
Greece
|
||
150.136.104.146
|
unknown
|
United States
|
||
113.65.120.212
|
unknown
|
China
|
||
13.1.178.163
|
unknown
|
United States
|
||
35.115.119.202
|
unknown
|
United States
|
||
23.185.116.20
|
unknown
|
Reserved
|
||
92.104.24.31
|
unknown
|
Switzerland
|
||
205.54.183.149
|
unknown
|
United States
|
||
138.47.255.213
|
unknown
|
United States
|
||
70.162.191.140
|
unknown
|
United States
|
||
204.122.38.215
|
unknown
|
United States
|
||
152.60.114.135
|
unknown
|
United States
|
||
137.248.26.129
|
unknown
|
Germany
|
||
66.148.110.116
|
unknown
|
United States
|
||
23.164.225.15
|
unknown
|
Reserved
|
||
129.206.24.167
|
unknown
|
Germany
|
||
201.238.25.223
|
unknown
|
Venezuela
|
||
173.87.1.252
|
unknown
|
United States
|
||
162.8.123.60
|
unknown
|
United States
|
||
85.2.39.212
|
unknown
|
Switzerland
|
||
2.77.71.11
|
unknown
|
Kazakhstan
|
||
74.14.196.35
|
unknown
|
Canada
|
||
52.111.82.236
|
unknown
|
United States
|
||
192.109.0.79
|
unknown
|
Germany
|
||
143.136.135.240
|
unknown
|
Japan
|
||
150.133.42.152
|
unknown
|
United States
|
||
115.18.150.67
|
unknown
|
Korea Republic of
|
||
200.118.227.2
|
unknown
|
Colombia
|
||
202.109.242.38
|
unknown
|
China
|
||
217.237.3.247
|
unknown
|
Germany
|
||
44.139.46.193
|
unknown
|
United States
|
There are 90 hidden IPs, click here to show them.
Memdumps
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
---|---|---|---|---|
7f18f8415000
|
page execute read
|
|||
7f18f8415000
|
page execute read
|
|||
7f18f8415000
|
page execute read
|
|||
7f18f8415000
|
page execute read
|
|||
7f18f8415000
|
page execute read
|
|||
7f18f8415000
|
page execute read
|
|||
7f197e0fe000
|
page read and write
|
|||
55f2cefb0000
|
page read and write
|
|||
55f2cefb0000
|
page read and write
|
|||
7f1978021000
|
page read and write
|
|||
7f197da5f000
|
page read and write
|
|||
55f2ccf9b000
|
page read and write
|
|||
7f197e739000
|
page read and write
|
|||
55f2ccf9b000
|
page read and write
|
|||
7ffeb59d9000
|
page execute read
|
|||
7f197da6d000
|
page read and write
|
|||
7f197e786000
|
page read and write
|
|||
7f197da5f000
|
page read and write
|
|||
7f197da5f000
|
page read and write
|
|||
55f2ccd09000
|
page execute read
|
|||
7f197e0fe000
|
page read and write
|
|||
55f2cf66d000
|
page read and write
|
|||
7f1978000000
|
page read and write
|
|||
7f18f8458000
|
page read and write
|
|||
7ffeb59d9000
|
page execute read
|
|||
7f197da6d000
|
page read and write
|
|||
7f1978021000
|
page read and write
|
|||
55f2cf66d000
|
page read and write
|
|||
7f197e0fe000
|
page read and write
|
|||
7f18f8455000
|
page read and write
|
|||
7f197e0e1000
|
page read and write
|
|||
7f197e610000
|
page read and write
|
|||
7f197e0fe000
|
page read and write
|
|||
7ffeb59d9000
|
page execute read
|
|||
55f2cef99000
|
page execute and read and write
|
|||
7f197e42f000
|
page read and write
|
|||
7f197e0be000
|
page read and write
|
|||
7f1978000000
|
page read and write
|
|||
7f197dd1d000
|
page read and write
|
|||
7f197e786000
|
page read and write
|
|||
55f2cefb0000
|
page read and write
|
|||
7f197e0be000
|
page read and write
|
|||
7f1978000000
|
page read and write
|
|||
7f18f8458000
|
page read and write
|
|||
55f2ccf91000
|
page read and write
|
|||
7f197e610000
|
page read and write
|
|||
7f197d257000
|
page read and write
|
|||
7f197e42f000
|
page read and write
|
|||
7f18f8455000
|
page read and write
|
|||
7f1978000000
|
page read and write
|
|||
7f1978021000
|
page read and write
|
|||
7f197e741000
|
page read and write
|
|||
55f2ccf9b000
|
page read and write
|
|||
7f18f8458000
|
page read and write
|
|||
7f197e610000
|
page read and write
|
|||
7f197e0be000
|
page read and write
|
|||
7f197da5f000
|
page read and write
|
|||
55f2cefb0000
|
page read and write
|
|||
7f197dd1d000
|
page read and write
|
|||
7f197d257000
|
page read and write
|
|||
7f197e610000
|
page read and write
|
|||
7ffeb59d9000
|
page execute read
|
|||
55f2cf64d000
|
page read and write
|
|||
7f197e786000
|
page read and write
|
|||
55f2cf64d000
|
page read and write
|
|||
7f1978021000
|
page read and write
|
|||
7f197d257000
|
page read and write
|
|||
7f18f8455000
|
page read and write
|
|||
7f197e0e1000
|
page read and write
|
|||
7f1978000000
|
page read and write
|
|||
7f197e741000
|
page read and write
|
|||
7f197e0e1000
|
page read and write
|
|||
55f2ccd09000
|
page execute read
|
|||
7f197e741000
|
page read and write
|
|||
7f1978021000
|
page read and write
|
|||
55f2ccf91000
|
page read and write
|
|||
55f2ccf91000
|
page read and write
|
|||
55f2cef99000
|
page execute and read and write
|
|||
55f2cef99000
|
page execute and read and write
|
|||
55f2cf64d000
|
page read and write
|
|||
55f2ccf9b000
|
page read and write
|
|||
7f197d257000
|
page read and write
|
|||
7f197e741000
|
page read and write
|
|||
7f197da6d000
|
page read and write
|
|||
7f197e610000
|
page read and write
|
|||
7f197e739000
|
page read and write
|
|||
7f197e739000
|
page read and write
|
|||
7f18f8455000
|
page read and write
|
|||
7f197e0be000
|
page read and write
|
|||
7f18f8455000
|
page read and write
|
|||
7f18f8458000
|
page read and write
|
|||
7f197e786000
|
page read and write
|
|||
7f197e610000
|
page read and write
|
|||
7f197da5f000
|
page read and write
|
|||
55f2cefb0000
|
page read and write
|
|||
7f1978021000
|
page read and write
|
|||
7ffeb59ac000
|
page read and write
|
|||
7f197e0e1000
|
page read and write
|
|||
7f197e42f000
|
page read and write
|
|||
7ffeb59ac000
|
page read and write
|
|||
7f197e786000
|
page read and write
|
|||
7ffeb59ac000
|
page read and write
|
|||
55f2ccd09000
|
page execute read
|
|||
7f197e739000
|
page read and write
|
|||
55f2ccf91000
|
page read and write
|
|||
7f197dd1d000
|
page read and write
|
|||
7f1978000000
|
page read and write
|
|||
55f2ccd09000
|
page execute read
|
|||
55f2ccf91000
|
page read and write
|
|||
55f2ccf91000
|
page read and write
|
|||
7f197e786000
|
page read and write
|
|||
7ffeb59d9000
|
page execute read
|
|||
7f197e741000
|
page read and write
|
|||
55f2cef99000
|
page execute and read and write
|
|||
55f2cefb0000
|
page read and write
|
|||
7f18f8458000
|
page read and write
|
|||
7f197e739000
|
page read and write
|
|||
7f197e42f000
|
page read and write
|
|||
7f197d257000
|
page read and write
|
|||
7ffeb59ac000
|
page read and write
|
|||
7f18f8455000
|
page read and write
|
|||
7f197e0be000
|
page read and write
|
|||
7f197da6d000
|
page read and write
|
|||
7f197da6d000
|
page read and write
|
|||
7f197dd1d000
|
page read and write
|
|||
7f18f8458000
|
page read and write
|
|||
7f197e0e1000
|
page read and write
|
|||
7f197da5f000
|
page read and write
|
|||
55f2cf64d000
|
page read and write
|
|||
7f197e42f000
|
page read and write
|
|||
7f197dd1d000
|
page read and write
|
|||
7f197da6d000
|
page read and write
|
|||
7ffeb59ac000
|
page read and write
|
|||
7f197dd1d000
|
page read and write
|
|||
7ffeb59ac000
|
page read and write
|
|||
7f197e0e1000
|
page read and write
|
|||
7f197e741000
|
page read and write
|
|||
55f2ccd09000
|
page execute read
|
|||
7f18f845a000
|
page read and write
|
|||
7f197e0fe000
|
page read and write
|
|||
55f2ccf9b000
|
page read and write
|
|||
7ffeb59d9000
|
page execute read
|
|||
7f197e0fe000
|
page read and write
|
|||
55f2cf64d000
|
page read and write
|
|||
7f197d257000
|
page read and write
|
|||
55f2ccd09000
|
page execute read
|
|||
55f2ccf9b000
|
page read and write
|
|||
7f197e739000
|
page read and write
|
|||
7f197e0be000
|
page read and write
|
|||
55f2cef99000
|
page execute and read and write
|
|||
7f18f845a000
|
page read and write
|
|||
55f2cf64d000
|
page read and write
|
|||
55f2cef99000
|
page execute and read and write
|
|||
7f197e42f000
|
page read and write
|
There are 144 hidden memdumps, click here to show them.