Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
/tmp/spc.elf
|
/tmp/spc.elf
|
||
|
/tmp/spc.elf
|
-
|
||
|
/bin/sh
|
sh -c "rm -rf bin/watchdog && mkdir bin; >bin/watchdog && mv /tmp/spc.elf bin/watchdog; chmod 777 bin/watchdog"
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/rm
|
rm -rf bin/watchdog
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/mkdir
|
mkdir bin
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/mv
|
mv /tmp/spc.elf bin/watchdog
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/chmod
|
chmod 777 bin/watchdog
|
||
|
/tmp/spc.elf
|
-
|
||
|
/tmp/spc.elf
|
-
|
||
|
/tmp/spc.elf
|
-
|
There are 4 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://schemas.xmlsoap.org/soap/encoding/
|
unknown
|
||
|
http://schemas.xmlsoap.org/soap/envelope/
|
unknown
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
net.tiktoka.cc
|
81.161.238.2
|
 |
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
41.140.93.133
|
unknown
|
Morocco
|
|
|
|
157.1.148.124
|
unknown
|
Japan
|
|
|
|
197.187.221.119
|
unknown
|
Tanzania United Republic of
|
|
|
|
67.194.232.175
|
unknown
|
United States
|
|
|
|
41.39.82.124
|
unknown
|
Egypt
|
||
|
191.228.115.22
|
unknown
|
Brazil
|
||
|
41.158.229.80
|
unknown
|
Gabon
|
||
|
107.121.223.26
|
unknown
|
United States
|
||
|
197.206.163.99
|
unknown
|
Algeria
|
||
|
197.253.55.172
|
unknown
|
Nigeria
|
||
|
157.162.131.54
|
unknown
|
Germany
|
||
|
197.120.219.217
|
unknown
|
Egypt
|
||
|
197.21.53.55
|
unknown
|
Tunisia
|
||
|
197.49.159.240
|
unknown
|
Egypt
|
||
|
41.250.5.187
|
unknown
|
Morocco
|
||
|
197.31.227.248
|
unknown
|
Tunisia
|
||
|
157.202.105.245
|
unknown
|
United States
|
||
|
41.215.72.17
|
unknown
|
Kenya
|
||
|
92.249.27.215
|
unknown
|
Cyprus
|
||
|
157.205.234.130
|
unknown
|
Japan
|
||
|
41.129.96.1
|
unknown
|
Egypt
|
||
|
157.78.145.18
|
unknown
|
Japan
|
||
|
152.225.25.101
|
unknown
|
United States
|
||
|
157.157.52.66
|
unknown
|
Iceland
|
||
|
157.1.101.107
|
unknown
|
Japan
|
||
|
197.73.44.188
|
unknown
|
South Africa
|
||
|
62.91.54.245
|
unknown
|
Germany
|
||
|
103.68.202.242
|
unknown
|
Singapore
|
||
|
201.81.230.204
|
unknown
|
Brazil
|
||
|
157.190.3.65
|
unknown
|
Ireland
|
||
|
41.236.237.233
|
unknown
|
Egypt
|
||
|
41.205.2.146
|
unknown
|
Cameroon
|
||
|
197.191.86.158
|
unknown
|
Ghana
|
||
|
41.136.163.197
|
unknown
|
Mauritius
|
||
|
41.39.212.138
|
unknown
|
Egypt
|
||
|
128.124.129.17
|
unknown
|
Ukraine
|
||
|
41.51.145.93
|
unknown
|
South Africa
|
||
|
197.85.75.111
|
unknown
|
South Africa
|
||
|
157.198.38.188
|
unknown
|
United States
|
||
|
41.226.219.102
|
unknown
|
Tunisia
|
||
|
157.215.227.53
|
unknown
|
United States
|
||
|
197.193.144.159
|
unknown
|
Egypt
|
||
|
85.25.82.169
|
unknown
|
Germany
|
||
|
41.244.86.124
|
unknown
|
Cameroon
|
||
|
41.155.149.202
|
unknown
|
Egypt
|
||
|
197.240.131.168
|
unknown
|
unknown
|
||
|
157.147.104.132
|
unknown
|
Japan
|
||
|
41.253.221.27
|
unknown
|
Libyan Arab Jamahiriya
|
||
|
181.99.32.252
|
unknown
|
Argentina
|
||
|
157.78.121.18
|
unknown
|
Japan
|
||
|
197.162.24.209
|
unknown
|
Egypt
|
||
|
83.66.189.151
|
unknown
|
Turkey
|
||
|
197.109.146.43
|
unknown
|
South Africa
|
||
|
157.24.191.214
|
unknown
|
Finland
|
||
|
41.136.251.190
|
unknown
|
Mauritius
|
||
|
41.39.34.244
|
unknown
|
Egypt
|
||
|
41.94.175.81
|
unknown
|
Mozambique
|
||
|
41.129.102.27
|
unknown
|
Egypt
|
||
|
157.2.17.30
|
unknown
|
Japan
|
||
|
197.49.200.218
|
unknown
|
Egypt
|
||
|
83.75.69.156
|
unknown
|
Denmark
|
||
|
157.225.16.8
|
unknown
|
United States
|
||
|
41.10.179.202
|
unknown
|
South Africa
|
||
|
197.213.188.42
|
unknown
|
Zambia
|
||
|
159.253.158.81
|
unknown
|
Netherlands
|
||
|
197.67.121.145
|
unknown
|
South Africa
|
||
|
41.85.136.22
|
unknown
|
South Africa
|
||
|
197.197.90.52
|
unknown
|
Egypt
|
||
|
157.129.143.115
|
unknown
|
Finland
|
||
|
157.247.81.166
|
unknown
|
Austria
|
||
|
41.44.193.192
|
unknown
|
Egypt
|
||
|
41.237.139.127
|
unknown
|
Egypt
|
||
|
197.65.70.83
|
unknown
|
South Africa
|
||
|
41.91.11.118
|
unknown
|
Egypt
|
||
|
198.88.251.207
|
unknown
|
United States
|
||
|
96.149.87.103
|
unknown
|
United States
|
||
|
41.163.5.246
|
unknown
|
South Africa
|
||
|
197.108.18.122
|
unknown
|
South Africa
|
||
|
157.111.123.168
|
unknown
|
Japan
|
||
|
154.170.23.246
|
unknown
|
Ghana
|
||
|
157.78.145.42
|
unknown
|
Japan
|
||
|
157.98.43.69
|
unknown
|
United States
|
||
|
41.189.53.226
|
unknown
|
Cote D'ivoire
|
||
|
41.190.52.85
|
unknown
|
Zimbabwe
|
||
|
197.128.68.26
|
unknown
|
Morocco
|
||
|
41.203.162.183
|
unknown
|
South Africa
|
||
|
213.17.139.82
|
unknown
|
Poland
|
||
|
197.18.187.126
|
unknown
|
Tunisia
|
||
|
128.17.71.199
|
unknown
|
United States
|
||
|
157.239.61.33
|
unknown
|
United States
|
||
|
197.5.202.191
|
unknown
|
Tunisia
|
||
|
155.117.235.217
|
unknown
|
United States
|
||
|
197.69.60.18
|
unknown
|
South Africa
|
||
|
157.130.193.190
|
unknown
|
United States
|
||
|
197.161.134.210
|
unknown
|
Egypt
|
||
|
185.188.72.156
|
unknown
|
Germany
|
||
|
197.188.244.89
|
unknown
|
Namibia
|
||
|
67.9.126.113
|
unknown
|
United States
|
||
|
201.126.250.101
|
unknown
|
Mexico
|
||
|
50.214.182.63
|
unknown
|
United States
|
There are 90 hidden IPs, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
7f74e8022000
|
page execute read
|
|
||
|
5630563a0000
|
page read and write
|
|||
|
7f75e8000000
|
page read and write
|
|||
|
56305839e000
|
page execute and read and write
|
|||
|
7f75edf80000
|
page read and write
|
|||
|
563059370000
|
page read and write
|
|||
|
7f75eea6a000
|
page read and write
|
|||
|
7f75eeab7000
|
page read and write
|
|||
|
7f74e8032000
|
page read and write
|
|||
|
7f75ee20f000
|
page read and write
|
|||
|
7ffc21d06000
|
page execute read
|
|||
|
7f75ed76f000
|
page read and write
|
|||
|
5630583b5000
|
page read and write
|
|||
|
563056169000
|
page execute read
|
|||
|
563056397000
|
page read and write
|
|||
|
7f75eea72000
|
page read and write
|
|||
|
7f75ee5d1000
|
page read and write
|
|||
|
7f75ee941000
|
page read and write
|
|||
|
7ffc21c49000
|
page read and write
|
|||
|
7f75e8021000
|
page read and write
|
|||
|
7f75edf72000
|
page read and write
|
|||
|
7f75ee5f6000
|
page read and write
|
|||
|
7f74e8034000
|
page read and write
|
There are 13 hidden memdumps, click here to show them.