Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
/usr/bin/dash
|
-
|
||
|
/usr/bin/rm
|
rm -f /tmp/tmp.rlYId8UC2x /tmp/tmp.XqtQuVcWXO /tmp/tmp.GrWrIcHTIA
|
||
|
/usr/bin/dash
|
-
|
||
|
/usr/bin/cat
|
cat /tmp/tmp.rlYId8UC2x
|
||
|
/usr/bin/dash
|
-
|
||
|
/usr/bin/head
|
head -n 10
|
||
|
/usr/bin/dash
|
-
|
||
|
/usr/bin/tr
|
tr -d \\000-\\011\\013\\014\\016-\\037
|
||
|
/usr/bin/dash
|
-
|
||
|
/usr/bin/cut
|
cut -c -80
|
||
|
/usr/bin/dash
|
-
|
||
|
/usr/bin/cat
|
cat /tmp/tmp.rlYId8UC2x
|
||
|
/usr/bin/dash
|
-
|
||
|
/usr/bin/head
|
head -n 10
|
||
|
/usr/bin/dash
|
-
|
||
|
/usr/bin/tr
|
tr -d \\000-\\011\\013\\014\\016-\\037
|
||
|
/usr/bin/dash
|
-
|
||
|
/usr/bin/cut
|
cut -c -80
|
||
|
/usr/bin/dash
|
-
|
||
|
/usr/bin/rm
|
rm -f /tmp/tmp.rlYId8UC2x /tmp/tmp.XqtQuVcWXO /tmp/tmp.GrWrIcHTIA
|
||
|
/tmp/2LgQzImW3E.elf
|
/tmp/2LgQzImW3E.elf
|
||
|
/tmp/2LgQzImW3E.elf
|
-
|
||
|
/tmp/2LgQzImW3E.elf
|
-
|
||
|
/tmp/2LgQzImW3E.elf
|
-
|
||
|
/tmp/2LgQzImW3E.elf
|
-
|
||
|
/tmp/2LgQzImW3E.elf
|
-
|
||
|
/tmp/2LgQzImW3E.elf
|
-
|
There are 17 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://schemas.xmlsoap.org/soap/encoding/
|
unknown
|
||
|
http://schemas.xmlsoap.org/soap/envelope/
|
unknown
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
counterstrike2-cheats.com
|
45.137.198.211
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
197.128.69.120
|
unknown
|
Morocco
|
 |
|
|
41.184.166.126
|
unknown
|
Nigeria
|
||
|
156.197.159.156
|
unknown
|
Egypt
|
||
|
156.33.44.135
|
unknown
|
United States
|
||
|
41.68.176.217
|
unknown
|
Egypt
|
||
|
173.203.149.152
|
unknown
|
United States
|
||
|
107.176.71.195
|
unknown
|
United States
|
||
|
151.41.83.160
|
unknown
|
Italy
|
||
|
9.112.171.65
|
unknown
|
United States
|
||
|
156.92.39.39
|
unknown
|
United States
|
||
|
96.195.150.58
|
unknown
|
United States
|
||
|
197.44.30.163
|
unknown
|
Egypt
|
||
|
189.174.189.33
|
unknown
|
Mexico
|
||
|
156.41.209.226
|
unknown
|
United States
|
||
|
189.28.232.178
|
unknown
|
Brazil
|
||
|
197.59.205.58
|
unknown
|
Egypt
|
||
|
197.254.119.43
|
unknown
|
Kenya
|
||
|
156.49.200.191
|
unknown
|
Sweden
|
||
|
41.183.48.216
|
unknown
|
South Africa
|
||
|
197.72.17.235
|
unknown
|
South Africa
|
||
|
197.211.42.50
|
unknown
|
Nigeria
|
||
|
102.125.212.122
|
unknown
|
Sudan
|
||
|
41.97.193.148
|
unknown
|
Algeria
|
||
|
41.69.27.235
|
unknown
|
Egypt
|
||
|
41.105.231.102
|
unknown
|
Algeria
|
||
|
156.238.135.164
|
unknown
|
Seychelles
|
||
|
41.3.198.137
|
unknown
|
South Africa
|
||
|
41.37.208.130
|
unknown
|
Egypt
|
||
|
87.166.40.73
|
unknown
|
Germany
|
||
|
156.219.41.124
|
unknown
|
Egypt
|
||
|
156.42.234.95
|
unknown
|
United States
|
||
|
41.216.98.151
|
unknown
|
Mauritius
|
||
|
156.216.67.68
|
unknown
|
Egypt
|
||
|
197.117.249.177
|
unknown
|
Algeria
|
||
|
23.204.209.0
|
unknown
|
United States
|
||
|
148.64.185.212
|
unknown
|
United States
|
||
|
103.183.119.56
|
unknown
|
unknown
|
||
|
156.92.253.87
|
unknown
|
United States
|
||
|
156.20.119.57
|
unknown
|
United States
|
||
|
139.150.205.137
|
unknown
|
Korea Republic of
|
||
|
24.123.90.234
|
unknown
|
United States
|
||
|
205.168.237.175
|
unknown
|
United States
|
||
|
41.240.169.19
|
unknown
|
Sudan
|
||
|
109.76.156.167
|
unknown
|
Ireland
|
||
|
41.9.137.163
|
unknown
|
South Africa
|
||
|
197.3.15.246
|
unknown
|
Tunisia
|
||
|
197.223.37.70
|
unknown
|
Egypt
|
||
|
63.91.142.106
|
unknown
|
United States
|
||
|
41.189.87.90
|
unknown
|
South Africa
|
||
|
197.129.195.147
|
unknown
|
Morocco
|
||
|
218.31.8.219
|
unknown
|
China
|
||
|
156.99.154.40
|
unknown
|
United States
|
||
|
197.114.121.164
|
unknown
|
Algeria
|
||
|
41.37.208.155
|
unknown
|
Egypt
|
||
|
116.126.1.23
|
unknown
|
Korea Republic of
|
||
|
156.226.9.196
|
unknown
|
Seychelles
|
||
|
41.59.73.29
|
unknown
|
Tanzania United Republic of
|
||
|
161.2.38.90
|
unknown
|
United Kingdom
|
||
|
79.241.130.123
|
unknown
|
Germany
|
||
|
213.168.3.155
|
unknown
|
Estonia
|
||
|
156.122.63.91
|
unknown
|
United States
|
||
|
130.22.51.31
|
unknown
|
United States
|
||
|
41.9.179.5
|
unknown
|
South Africa
|
||
|
197.167.97.215
|
unknown
|
Egypt
|
||
|
156.154.241.19
|
unknown
|
United States
|
||
|
180.183.208.245
|
unknown
|
Thailand
|
||
|
156.254.164.233
|
unknown
|
Seychelles
|
||
|
156.175.119.82
|
unknown
|
Egypt
|
||
|
156.158.49.44
|
unknown
|
Tanzania United Republic of
|
||
|
197.123.112.53
|
unknown
|
Egypt
|
||
|
47.72.239.211
|
unknown
|
United States
|
||
|
41.35.117.42
|
unknown
|
Egypt
|
||
|
217.213.46.212
|
unknown
|
Sweden
|
||
|
5.163.201.175
|
unknown
|
Saudi Arabia
|
||
|
41.108.224.161
|
unknown
|
Algeria
|
||
|
156.168.106.25
|
unknown
|
Egypt
|
||
|
156.234.1.246
|
unknown
|
Seychelles
|
||
|
156.139.174.103
|
unknown
|
United States
|
||
|
152.19.211.144
|
unknown
|
United States
|
||
|
74.29.164.179
|
unknown
|
United States
|
||
|
41.112.10.229
|
unknown
|
South Africa
|
||
|
35.144.136.147
|
unknown
|
United States
|
||
|
41.108.247.12
|
unknown
|
Algeria
|
||
|
156.219.116.2
|
unknown
|
Egypt
|
||
|
164.162.50.62
|
unknown
|
Japan
|
||
|
156.241.11.62
|
unknown
|
Seychelles
|
||
|
180.25.107.92
|
unknown
|
Japan
|
||
|
197.154.40.245
|
unknown
|
Ethiopia
|
||
|
41.91.58.137
|
unknown
|
Egypt
|
||
|
156.190.100.180
|
unknown
|
Egypt
|
||
|
41.210.240.19
|
unknown
|
Angola
|
||
|
156.214.140.239
|
unknown
|
Egypt
|
||
|
41.1.200.49
|
unknown
|
South Africa
|
||
|
69.62.42.200
|
unknown
|
United States
|
||
|
219.54.86.108
|
unknown
|
Japan
|
||
|
156.17.39.227
|
unknown
|
Poland
|
||
|
14.94.96.209
|
unknown
|
Korea Republic of
|
||
|
147.125.209.26
|
unknown
|
Austria
|
||
|
197.246.117.186
|
unknown
|
Egypt
|
||
|
179.49.135.207
|
unknown
|
unknown
|
There are 90 hidden IPs, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
7f0710014000
|
page execute read
|
|
||
|
7f0710014000
|
page execute read
|
|
||
|
7f0710014000
|
page execute read
|
|
||
|
7f0710016000
|
page read and write
|
|||
|
7f0710018000
|
page read and write
|
|||
|
7f0798419000
|
page read and write
|
|||
|
7f0790000000
|
page read and write
|
|||
|
7f0798789000
|
page read and write
|
|||
|
5620e3701000
|
page read and write
|
|||
|
7f0790021000
|
page read and write
|
|||
|
7f0798789000
|
page read and write
|
|||
|
5620e166c000
|
page read and write
|
|||
|
7f07975b7000
|
page read and write
|
|||
|
5620e366a000
|
page execute and read and write
|
|||
|
7f0790000000
|
page read and write
|
|||
|
7ffe9a1f0000
|
page read and write
|
|||
|
7ffe9a1f8000
|
page execute read
|
|||
|
7f07988b2000
|
page read and write
|
|||
|
5620e166c000
|
page read and write
|
|||
|
7ffe9a1f0000
|
page read and write
|
|||
|
7f079843e000
|
page read and write
|
|||
|
7f0710018000
|
page read and write
|
|||
|
5620e366a000
|
page execute and read and write
|
|||
|
5620e3f90000
|
page read and write
|
|||
|
7f0797dc8000
|
page read and write
|
|||
|
7f0790021000
|
page read and write
|
|||
|
5620e1664000
|
page read and write
|
|||
|
7ffe9a1f8000
|
page execute read
|
|||
|
7f07988ff000
|
page read and write
|
|||
|
7f0797dba000
|
page read and write
|
|||
|
7f0798419000
|
page read and write
|
|||
|
7f079843e000
|
page read and write
|
|||
|
5620e1432000
|
page execute read
|
|||
|
5620e1432000
|
page execute read
|
|||
|
7f0798057000
|
page read and write
|
|||
|
5620e3f90000
|
page read and write
|
|||
|
5620e1432000
|
page execute read
|
|||
|
7f0790000000
|
page read and write
|
|||
|
5620e3701000
|
page read and write
|
|||
|
7f0797dba000
|
page read and write
|
|||
|
5620e3f90000
|
page read and write
|
|||
|
5620e3701000
|
page read and write
|
|||
|
7f07988ba000
|
page read and write
|
|||
|
7f0797dc8000
|
page read and write
|
|||
|
5620e366a000
|
page execute and read and write
|
|||
|
7f0798057000
|
page read and write
|
|||
|
7f079843e000
|
page read and write
|
|||
|
7f07975b7000
|
page read and write
|
|||
|
5620e1664000
|
page read and write
|
|||
|
7f0797dba000
|
page read and write
|
|||
|
7f07988b2000
|
page read and write
|
|||
|
7f0798419000
|
page read and write
|
|||
|
7ffe9a1f8000
|
page execute read
|
|||
|
7f0710016000
|
page read and write
|
|||
|
7f07988ff000
|
page read and write
|
|||
|
7f0710018000
|
page read and write
|
|||
|
7f07975b7000
|
page read and write
|
|||
|
7f07988b2000
|
page read and write
|
|||
|
7ffe9a1f0000
|
page read and write
|
|||
|
7f0790021000
|
page read and write
|
|||
|
5620e1664000
|
page read and write
|
|||
|
7f0710016000
|
page read and write
|
|||
|
7f07988ba000
|
page read and write
|
|||
|
7f07988ff000
|
page read and write
|
|||
|
7f0798789000
|
page read and write
|
|||
|
7f0797dc8000
|
page read and write
|
|||
|
7f07988ba000
|
page read and write
|
|||
|
7f0798057000
|
page read and write
|
|||
|
5620e166c000
|
page read and write
|
There are 59 hidden memdumps, click here to show them.