Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
/tmp/mpsl.elf
|
/tmp/mpsl.elf
|
||
|
/tmp/mpsl.elf
|
-
|
||
|
/bin/sh
|
sh -c "rm -rf bin/systemd && mkdir bin; >bin/systemd && mv /tmp/mpsl.elf bin/systemd; chmod 777 bin/systemd"
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/rm
|
rm -rf bin/systemd
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/mkdir
|
mkdir bin
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/mv
|
mv /tmp/mpsl.elf bin/systemd
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/chmod
|
chmod 777 bin/systemd
|
||
|
/tmp/mpsl.elf
|
-
|
||
|
/tmp/mpsl.elf
|
-
|
||
|
/tmp/mpsl.elf
|
-
|
There are 4 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://schemas.xmlsoap.org/soap/encoding/
|
unknown
|
||
|
http://schemas.xmlsoap.org/soap/envelope/
|
unknown
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
net.tiktoka.cc
|
81.161.238.2
|
 |
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
31.165.178.184
|
unknown
|
Switzerland
|
|
|
|
157.94.173.97
|
unknown
|
Finland
|
|
|
|
197.77.91.130
|
unknown
|
South Africa
|
|
|
|
76.206.68.219
|
unknown
|
United States
|
||
|
119.85.159.140
|
unknown
|
China
|
||
|
41.99.68.185
|
unknown
|
Algeria
|
||
|
41.251.253.100
|
unknown
|
Morocco
|
||
|
197.114.33.133
|
unknown
|
Algeria
|
||
|
157.62.44.78
|
unknown
|
United States
|
||
|
122.106.139.211
|
unknown
|
Australia
|
||
|
157.171.75.253
|
unknown
|
Sweden
|
||
|
197.75.183.159
|
unknown
|
South Africa
|
||
|
157.248.0.92
|
unknown
|
United States
|
||
|
197.25.214.2
|
unknown
|
Tunisia
|
||
|
41.117.2.38
|
unknown
|
South Africa
|
||
|
157.99.69.193
|
unknown
|
France
|
||
|
41.203.40.79
|
unknown
|
South Africa
|
||
|
197.6.250.94
|
unknown
|
Tunisia
|
||
|
197.60.120.54
|
unknown
|
Egypt
|
||
|
41.123.104.120
|
unknown
|
South Africa
|
||
|
202.110.144.12
|
unknown
|
China
|
||
|
41.115.212.71
|
unknown
|
South Africa
|
||
|
197.146.6.214
|
unknown
|
Morocco
|
||
|
41.136.36.158
|
unknown
|
Mauritius
|
||
|
197.120.95.197
|
unknown
|
Egypt
|
||
|
144.146.252.186
|
unknown
|
United States
|
||
|
197.189.23.17
|
unknown
|
Congo The Democratic Republic of The
|
||
|
41.163.5.219
|
unknown
|
South Africa
|
||
|
157.13.100.156
|
unknown
|
Japan
|
||
|
39.37.194.170
|
unknown
|
Pakistan
|
||
|
197.223.159.164
|
unknown
|
Egypt
|
||
|
157.9.174.13
|
unknown
|
Japan
|
||
|
41.248.235.162
|
unknown
|
Morocco
|
||
|
19.207.207.70
|
unknown
|
United States
|
||
|
197.60.144.51
|
unknown
|
Egypt
|
||
|
149.237.128.25
|
unknown
|
Germany
|
||
|
197.18.249.93
|
unknown
|
Tunisia
|
||
|
181.124.219.39
|
unknown
|
Paraguay
|
||
|
157.133.97.58
|
unknown
|
United States
|
||
|
122.56.12.132
|
unknown
|
New Zealand
|
||
|
103.211.46.229
|
unknown
|
China
|
||
|
157.23.88.232
|
unknown
|
France
|
||
|
157.103.29.6
|
unknown
|
Japan
|
||
|
157.135.154.107
|
unknown
|
United States
|
||
|
41.5.41.214
|
unknown
|
South Africa
|
||
|
41.148.196.239
|
unknown
|
South Africa
|
||
|
190.128.37.203
|
unknown
|
Colombia
|
||
|
197.193.207.24
|
unknown
|
Egypt
|
||
|
40.41.50.88
|
unknown
|
United States
|
||
|
41.82.95.136
|
unknown
|
Senegal
|
||
|
88.251.114.201
|
unknown
|
Turkey
|
||
|
197.220.190.67
|
unknown
|
Ghana
|
||
|
197.184.140.163
|
unknown
|
South Africa
|
||
|
75.203.173.16
|
unknown
|
United States
|
||
|
197.116.97.28
|
unknown
|
Algeria
|
||
|
197.96.161.44
|
unknown
|
South Africa
|
||
|
41.183.9.50
|
unknown
|
South Africa
|
||
|
208.90.131.146
|
unknown
|
United States
|
||
|
134.245.52.181
|
unknown
|
Germany
|
||
|
208.108.168.90
|
unknown
|
United States
|
||
|
157.139.187.6
|
unknown
|
United States
|
||
|
52.111.79.2
|
unknown
|
United States
|
||
|
197.43.225.183
|
unknown
|
Egypt
|
||
|
157.240.97.130
|
unknown
|
United States
|
||
|
157.51.143.75
|
unknown
|
India
|
||
|
41.192.181.107
|
unknown
|
South Africa
|
||
|
197.49.159.252
|
unknown
|
Egypt
|
||
|
197.220.118.238
|
unknown
|
Kenya
|
||
|
41.244.86.147
|
unknown
|
Cameroon
|
||
|
41.214.93.147
|
unknown
|
Senegal
|
||
|
41.92.196.142
|
unknown
|
Cameroon
|
||
|
157.187.252.204
|
unknown
|
United States
|
||
|
41.65.147.176
|
unknown
|
Egypt
|
||
|
157.21.249.210
|
unknown
|
United States
|
||
|
197.63.237.176
|
unknown
|
Egypt
|
||
|
19.122.149.199
|
unknown
|
United States
|
||
|
197.5.202.185
|
unknown
|
Tunisia
|
||
|
197.118.9.139
|
unknown
|
Algeria
|
||
|
41.35.141.239
|
unknown
|
Egypt
|
||
|
41.171.231.139
|
unknown
|
South Africa
|
||
|
157.245.169.49
|
unknown
|
United States
|
||
|
157.179.50.109
|
unknown
|
Thailand
|
||
|
157.50.48.59
|
unknown
|
India
|
||
|
157.9.226.180
|
unknown
|
Japan
|
||
|
164.123.213.120
|
unknown
|
United States
|
||
|
197.130.125.34
|
unknown
|
Morocco
|
||
|
41.51.182.51
|
unknown
|
South Africa
|
||
|
197.166.130.55
|
unknown
|
Egypt
|
||
|
157.77.13.133
|
unknown
|
Japan
|
||
|
41.212.216.88
|
unknown
|
Mauritius
|
||
|
157.71.220.37
|
unknown
|
Japan
|
||
|
197.255.110.214
|
unknown
|
Ghana
|
||
|
197.12.94.6
|
unknown
|
Tunisia
|
||
|
197.10.185.230
|
unknown
|
Tunisia
|
||
|
157.109.131.162
|
unknown
|
Japan
|
||
|
106.227.209.101
|
unknown
|
China
|
||
|
157.203.13.91
|
unknown
|
United Kingdom
|
||
|
197.87.134.18
|
unknown
|
South Africa
|
||
|
197.157.103.66
|
unknown
|
Seychelles
|
||
|
41.119.232.174
|
unknown
|
South Africa
|
There are 90 hidden IPs, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
7fd068414000
|
page execute read
|
|
||
|
560f9e566000
|
page execute read
|
|||
|
560fa07f6000
|
page execute and read and write
|
|||
|
7fd0ee09f000
|
page read and write
|
|||
|
7fd0ee8a7000
|
page read and write
|
|||
|
7fd0eeb65000
|
page read and write
|
|||
|
7fd068457000
|
page read and write
|
|||
|
7fd0e8021000
|
page read and write
|
|||
|
7fd0ef589000
|
page read and write
|
|||
|
560f9e7ee000
|
page read and write
|
|||
|
560fa1078000
|
page read and write
|
|||
|
560f9e7f8000
|
page read and write
|
|||
|
7fd0ee8b5000
|
page read and write
|
|||
|
7fd0eef46000
|
page read and write
|
|||
|
7fd0ef581000
|
page read and write
|
|||
|
560fa080d000
|
page read and write
|
|||
|
7fd068455000
|
page read and write
|
|||
|
7fff81f81000
|
page execute read
|
|||
|
7fd0eef06000
|
page read and write
|
|||
|
7fd0eef29000
|
page read and write
|
|||
|
7fff81e78000
|
page read and write
|
|||
|
7fd0ef277000
|
page read and write
|
|||
|
7fd0ef5ce000
|
page read and write
|
|||
|
7fd0ef458000
|
page read and write
|
|||
|
7fd0e8000000
|
page read and write
|
There are 15 hidden memdumps, click here to show them.