Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
/tmp/x86.elf
|
/tmp/x86.elf
|
||
|
/tmp/x86.elf
|
-
|
||
|
/tmp/x86.elf
|
-
|
||
|
/usr/lib/udisks2/udisksd
|
-
|
||
|
/usr/sbin/dumpe2fs
|
dumpe2fs -h /dev/dm-0
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
enemybotnet.com
|
93.123.39.105
|
 |
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
93.123.39.105
|
enemybotnet.com
|
Bulgaria
|
|
|
|
185.125.190.26
|
unknown
|
United Kingdom
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
8059000
|
page read and write
|
|||
|
8056000
|
page read and write
|
|||
|
8055000
|
page execute read
|
|||
|
f7f98000
|
page execute read
|
|||
|
8056000
|
page read and write
|
|||
|
8059000
|
page read and write
|
|||
|
91f2000
|
page read and write
|
|||
|
fffca000
|
page read and write
|
|||
|
f7f98000
|
page execute read
|
|||
|
91f2000
|
page read and write
|
|||
|
fffca000
|
page read and write
|
|||
|
8055000
|
page execute read
|
There are 2 hidden memdumps, click here to show them.