Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
/usr/bin/dash
|
-
|
||
|
/usr/bin/rm
|
rm -f /tmp/tmp.Xf6qBMjlG5 /tmp/tmp.SM9eUgAVZB /tmp/tmp.pywyYoyVlE
|
||
|
/usr/bin/dash
|
-
|
||
|
/usr/bin/rm
|
rm -f /tmp/tmp.Xf6qBMjlG5 /tmp/tmp.SM9eUgAVZB /tmp/tmp.pywyYoyVlE
|
||
|
/tmp/na.elf
|
/tmp/na.elf
|
||
|
/tmp/na.elf
|
-
|
||
|
/tmp/na.elf
|
-
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
75cents.libre
|
156.244.16.207
|
 |
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
156.244.16.207
|
75cents.libre
|
Seychelles
|
|
|
|
109.202.202.202
|
unknown
|
Switzerland
|
||
|
91.189.91.43
|
unknown
|
United Kingdom
|
||
|
91.189.91.42
|
unknown
|
United Kingdom
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
7f7de4b56000
|
page read and write
|
|||
|
7f7de4ea4000
|
page read and write
|
|||
|
7fff47fde000
|
page execute read
|
|||
|
5582c36c0000
|
page read and write
|
|||
|
7f7de51d2000
|
page read and write
|
|||
|
5582c0755000
|
page execute read
|
|||
|
7f7de48c8000
|
page read and write
|
|||
|
5582c29c4000
|
page read and write
|
|||
|
7fff47fac000
|
page read and write
|
|||
|
7f7cdc032000
|
page read and write
|
|||
|
7f7cdc02a000
|
page execute read
|
|||
|
7f7de4b33000
|
page read and write
|
|||
|
7f7de4cc2000
|
page read and write
|
|||
|
7f7de3ccc000
|
page read and write
|
|||
|
7f7ddc021000
|
page read and write
|
|||
|
5582c29ad000
|
page execute and read and write
|
|||
|
7f7de44d4000
|
page read and write
|
|||
|
7f7cdc03b000
|
page read and write
|
|||
|
5582c09a6000
|
page read and write
|
|||
|
7f7de5085000
|
page read and write
|
|||
|
7f7de4566000
|
page read and write
|
|||
|
7f7ddbfff000
|
page read and write
|
|||
|
5582c09af000
|
page read and write
|
|||
|
7f7de51ae000
|
page read and write
|
|||
|
7f7de5217000
|
page read and write
|
There are 15 hidden memdumps, click here to show them.