Processes
Path
|
Cmdline
|
Malicious
|
|
---|---|---|---|
/tmp/n7Nzys6TF5.elf
|
/tmp/n7Nzys6TF5.elf
|
||
/usr/bin/dash
|
-
|
||
/usr/bin/rm
|
rm -f /tmp/tmp.wzb3ueiOr7 /tmp/tmp.uaEUOMbJbC /tmp/tmp.T3QHwrztAq
|
||
/usr/bin/dash
|
-
|
||
/usr/bin/cat
|
cat /tmp/tmp.wzb3ueiOr7
|
||
/usr/bin/dash
|
-
|
||
/usr/bin/head
|
head -n 10
|
||
/usr/bin/dash
|
-
|
||
/usr/bin/tr
|
tr -d \\000-\\011\\013\\014\\016-\\037
|
||
/usr/bin/dash
|
-
|
||
/usr/bin/cut
|
cut -c -80
|
||
/usr/bin/dash
|
-
|
||
/usr/bin/cat
|
cat /tmp/tmp.wzb3ueiOr7
|
||
/usr/bin/dash
|
-
|
||
/usr/bin/head
|
head -n 10
|
||
/usr/bin/dash
|
-
|
||
/usr/bin/tr
|
tr -d \\000-\\011\\013\\014\\016-\\037
|
||
/usr/bin/dash
|
-
|
||
/usr/bin/cut
|
cut -c -80
|
||
/usr/bin/dash
|
-
|
||
/usr/bin/rm
|
rm -f /tmp/tmp.wzb3ueiOr7 /tmp/tmp.uaEUOMbJbC /tmp/tmp.T3QHwrztAq
|
There are 11 hidden processes, click here to show them.
IPs
IP
|
Domain
|
Country
|
Malicious
|
|
---|---|---|---|---|
54.171.230.55
|
unknown
|
United States
|
Memdumps
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
---|---|---|---|---|
7fb4c0418000
|
page execute read
|
|||
7fb547ad2000
|
page read and write
|
|||
56089544a000
|
page execute read
|
|||
560897666000
|
page execute and read and write
|
|||
7fb4c0433000
|
page read and write
|
|||
7fff4b5a4000
|
page execute read
|
|||
7fb548ca4000
|
page read and write
|
|||
560895660000
|
page read and write
|
|||
7fb5482d5000
|
page read and write
|
|||
7fb540000000
|
page read and write
|
|||
7fb548dd5000
|
page read and write
|
|||
7fff4b59a000
|
page read and write
|
|||
56089767d000
|
page read and write
|
|||
7fb540021000
|
page read and write
|
|||
7fb4c042d000
|
page read and write
|
|||
7fb5482e3000
|
page read and write
|
|||
560897bf0000
|
page read and write
|
|||
7fb548959000
|
page read and write
|
|||
7fb548572000
|
page read and write
|
|||
7fb548934000
|
page read and write
|
|||
560895668000
|
page read and write
|
|||
7fb548e1a000
|
page read and write
|
|||
7fb548dcd000
|
page read and write
|
There are 13 hidden memdumps, click here to show them.