Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
/tmp/s390x.elf
|
/tmp/s390x.elf
|
||
|
/tmp/s390x.elf
|
-
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://root_senpai.selly.store/
|
unknown
|
||
|
https://bugs.launchpad.net/ubuntu/
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
209.200.246.150
|
unknown
|
United States
|
 |
|
|
109.202.202.202
|
unknown
|
Switzerland
|
||
|
91.189.91.43
|
unknown
|
United Kingdom
|
||
|
91.189.91.42
|
unknown
|
United Kingdom
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
10a9000
|
page execute read
|
|
||
|
7fa891dfc000
|
page read and write
|
|||
|
7fa8912b7000
|
page read and write
|
|||
|
559978912000
|
page read and write
|
|||
|
10b8000
|
page execute read
|
|||
|
7ffcc8563000
|
page read and write
|
|||
|
7ffcc8581000
|
page execute read
|
|||
|
7fa88c021000
|
page read and write
|
|||
|
7fa89193b000
|
page read and write
|
|||
|
559978d04000
|
page read and write
|
|||
|
7fa891daf000
|
page read and write
|
|||
|
7fa891554000
|
page read and write
|
|||
|
4000801000
|
page read and write
|
|||
|
7fa891916000
|
page read and write
|
|||
|
7fa890ab4000
|
page read and write
|
|||
|
5599768f1000
|
page read and write
|
|||
|
10bf000
|
page read and write
|
|||
|
5599788fa000
|
page execute and read and write
|
|||
|
7fa8912c5000
|
page read and write
|
|||
|
7fa891c86000
|
page read and write
|
|||
|
7fa891db7000
|
page read and write
|
|||
|
5599766aa000
|
page execute read
|
|||
|
5599768fc000
|
page read and write
|
|||
|
10fc000
|
page read and write
|
There are 14 hidden memdumps, click here to show them.