Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
/usr/bin/dash
|
-
|
||
|
/usr/bin/rm
|
rm -f /tmp/tmp.4Xgs4z57Yt /tmp/tmp.nOe17kuunU /tmp/tmp.HsCFf4ukdW
|
||
|
/usr/bin/dash
|
-
|
||
|
/usr/bin/rm
|
rm -f /tmp/tmp.4Xgs4z57Yt /tmp/tmp.nOe17kuunU /tmp/tmp.HsCFf4ukdW
|
||
|
/tmp/SecuriteInfo.com.Trojan.Linux.GenericKD.28461.1073.707.elf
|
/tmp/SecuriteInfo.com.Trojan.Linux.GenericKD.28461.1073.707.elf
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
daisy.ubuntu.com
|
162.213.35.24
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
7fa1bd4bf000
|
page read and write
|
|||
|
7fa1bdb10000
|
page read and write
|
|||
|
7fa1bd4b1000
|
page read and write
|
|||
|
7fa1bdfa9000
|
page read and write
|
|||
|
55b90ff87000
|
page read and write
|
|||
|
7fa1bccae000
|
page read and write
|
|||
|
7fa1bdb35000
|
page read and write
|
|||
|
536000
|
page read and write
|
|||
|
7fa1bd74e000
|
page read and write
|
|||
|
7ffcf6bea000
|
page read and write
|
|||
|
55b90dce1000
|
page execute read
|
|||
|
55b90df6a000
|
page read and write
|
|||
|
55b90ff72000
|
page execute and read and write
|
|||
|
7fa1b8021000
|
page read and write
|
|||
|
55b911549000
|
page read and write
|
|||
|
7ffcf6bf3000
|
page execute read
|
|||
|
55b90df73000
|
page read and write
|
|||
|
26f000
|
page execute read
|
|||
|
4ee000
|
page read and write
|
|||
|
7fa1bdff6000
|
page read and write
|
|||
|
7fa1bde80000
|
page read and write
|
|||
|
7fa1bdfb1000
|
page read and write
|
There are 12 hidden memdumps, click here to show them.