Processes
Path
|
Cmdline
|
Malicious
|
|
---|---|---|---|
/tmp/k49syyxi7V.elf
|
/tmp/k49syyxi7V.elf
|
||
/tmp/k49syyxi7V.elf
|
-
|
||
/tmp/k49syyxi7V.elf
|
-
|
||
/usr/libexec/gnome-session-binary
|
-
|
||
/bin/sh
|
/bin/sh -e -u -c "export GIO_LAUNCHED_DESKTOP_FILE_PID=$$; exec \"$@\"" sh /usr/bin/gnome-shell
|
||
/usr/bin/gnome-shell
|
/usr/bin/gnome-shell
|
||
/usr/libexec/gnome-session-binary
|
-
|
||
/bin/sh
|
/bin/sh -e -u -c "export GIO_LAUNCHED_DESKTOP_FILE_PID=$$; exec \"$@\"" sh /usr/libexec/gsd-sharing
|
||
/usr/libexec/gsd-sharing
|
/usr/libexec/gsd-sharing
|
||
/usr/sbin/gdm3
|
-
|
||
/etc/gdm3/PrimeOff/Default
|
/etc/gdm3/PrimeOff/Default
|
||
/usr/sbin/gdm3
|
-
|
||
/etc/gdm3/PrimeOff/Default
|
/etc/gdm3/PrimeOff/Default
|
||
/usr/lib/systemd/systemd
|
-
|
||
/lib/systemd/systemd-user-runtime-dir
|
/lib/systemd/systemd-user-runtime-dir stop 127
|
There are 5 hidden processes, click here to show them.
Domains
Name
|
IP
|
Malicious
|
|
---|---|---|---|
daisy.ubuntu.com
|
162.213.35.24
|
IPs
IP
|
Domain
|
Country
|
Malicious
|
|
---|---|---|---|---|
199.59.243.227
|
unknown
|
United States
|
Memdumps
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
---|---|---|---|---|
7f8e1c021000
|
page read and write
|
|||
565031fef000
|
page execute and read and write
|
|||
7ffe1a3b7000
|
page read and write
|
|||
7f8d9c40f000
|
page execute read
|
|||
7f8e2445c000
|
page read and write
|
|||
7f8e23de1000
|
page read and write
|
|||
7f8e23790000
|
page read and write
|
|||
56502fff1000
|
page read and write
|
|||
7f8e24464000
|
page read and write
|
|||
7f8e22f7a000
|
page read and write
|
|||
7f8e23782000
|
page read and write
|
|||
565032006000
|
page read and write
|
|||
7ffe1a3e5000
|
page execute read
|
|||
7f8e23e04000
|
page read and write
|
|||
7f8e1c000000
|
page read and write
|
|||
7f8e244a9000
|
page read and write
|
|||
7f8e24152000
|
page read and write
|
|||
7f8e23e21000
|
page read and write
|
|||
7f8e24333000
|
page read and write
|
|||
7f8e23a40000
|
page read and write
|
|||
56502ffe7000
|
page read and write
|
|||
56502fd5f000
|
page execute read
|
|||
5650328d6000
|
page read and write
|
|||
7f8d9c450000
|
page read and write
|
|||
7f8d9c457000
|
page read and write
|
There are 15 hidden memdumps, click here to show them.