Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
/tmp/na.elf
|
/tmp/na.elf
|
||
|
/tmp/na.elf
|
-
|
||
|
/tmp/na.elf
|
-
|
||
|
/usr/lib/systemd/systemd
|
-
|
||
|
/usr/lib/snapd/snap-failure
|
/usr/lib/snapd/snap-failure snapd
|
||
|
/usr/lib/snapd/snap-failure
|
-
|
||
|
/usr/bin/systemctl
|
systemctl stop snapd.socket
|
||
|
/usr/lib/snapd/snap-failure
|
-
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
iranistrash.libre
|
unknown
|
 |
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
5.230.122.82
|
unknown
|
Germany
|
||
|
172.217.192.127
|
unknown
|
United States
|
||
|
5.230.228.46
|
unknown
|
Germany
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
7ff15517f000
|
page read and write
|
|||
|
5592df470000
|
page execute read
|
|||
|
7ff14c021000
|
page read and write
|
|||
|
5592df6a7000
|
page read and write
|
|||
|
7ff154d0b000
|
page read and write
|
|||
|
7ff154ce6000
|
page read and write
|
|||
|
7ff154695000
|
page read and write
|
|||
|
5592df69e000
|
page read and write
|
|||
|
7ff04c039000
|
page read and write
|
|||
|
5592e16bc000
|
page read and write
|
|||
|
7ffc62af5000
|
page read and write
|
|||
|
7ff1551cc000
|
page read and write
|
|||
|
5592e263a000
|
page read and write
|
|||
|
7ff155056000
|
page read and write
|
|||
|
7ffc62b44000
|
page execute read
|
|||
|
7ff155187000
|
page read and write
|
|||
|
5592e16a5000
|
page execute and read and write
|
|||
|
7ff154687000
|
page read and write
|
|||
|
7ff14c000000
|
page read and write
|
|||
|
7ff04c036000
|
page read and write
|
|||
|
7ff154924000
|
page read and write
|
|||
|
7ff153e84000
|
page read and write
|
|||
|
7ff04c025000
|
page execute read
|
There are 13 hidden memdumps, click here to show them.