Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
/tmp/botnet.x86.elf
|
/tmp/botnet.x86.elf
|
||
|
/tmp/botnet.x86.elf
|
-
|
||
|
/bin/sh
|
sh -c "rm -rf bin/watchdog && mkdir bin; >bin/watchdog && mv /tmp/botnet.x86.elf bin/watchdog; chmod 777 bin/watchdog"
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/rm
|
rm -rf bin/watchdog
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/mkdir
|
mkdir bin
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/mv
|
mv /tmp/botnet.x86.elf bin/watchdog
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/chmod
|
chmod 777 bin/watchdog
|
||
|
/tmp/botnet.x86.elf
|
-
|
||
|
/tmp/botnet.x86.elf
|
-
|
There are 3 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://upx.sf.net
|
unknown
|
 |
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
86.134.73.171
|
unknown
|
United Kingdom
|
||
|
190.78.232.214
|
unknown
|
Venezuela
|
||
|
17.149.83.149
|
unknown
|
United States
|
||
|
59.2.135.96
|
unknown
|
Korea Republic of
|
||
|
138.53.95.149
|
unknown
|
United States
|
||
|
142.202.19.72
|
unknown
|
Reserved
|
||
|
14.99.21.127
|
unknown
|
India
|
||
|
77.183.61.127
|
unknown
|
Germany
|
||
|
116.247.15.177
|
unknown
|
China
|
||
|
209.158.5.196
|
unknown
|
United States
|
||
|
131.182.31.103
|
unknown
|
United States
|
||
|
176.202.250.41
|
unknown
|
Qatar
|
||
|
205.140.253.161
|
unknown
|
United States
|
||
|
114.114.181.10
|
unknown
|
China
|
||
|
208.62.104.107
|
unknown
|
United States
|
||
|
41.143.59.158
|
unknown
|
Morocco
|
||
|
81.40.169.234
|
unknown
|
Spain
|
||
|
24.97.155.254
|
unknown
|
United States
|
||
|
156.1.114.135
|
unknown
|
United States
|
||
|
95.216.40.126
|
unknown
|
Germany
|
||
|
158.212.204.141
|
unknown
|
Japan
|
||
|
205.55.89.43
|
unknown
|
United States
|
||
|
124.141.42.140
|
unknown
|
Japan
|
||
|
75.48.155.227
|
unknown
|
United States
|
||
|
108.227.137.123
|
unknown
|
United States
|
||
|
188.233.227.155
|
unknown
|
Russian Federation
|
||
|
109.195.68.28
|
unknown
|
Russian Federation
|
||
|
5.4.205.218
|
unknown
|
Germany
|
||
|
164.208.97.216
|
unknown
|
United States
|
||
|
18.191.196.88
|
unknown
|
United States
|
||
|
97.194.165.223
|
unknown
|
United States
|
||
|
14.94.114.89
|
unknown
|
Korea Republic of
|
||
|
220.68.86.180
|
unknown
|
Korea Republic of
|
||
|
189.110.252.175
|
unknown
|
Brazil
|
||
|
112.238.105.243
|
unknown
|
China
|
||
|
78.110.15.25
|
unknown
|
Saudi Arabia
|
||
|
210.188.144.65
|
unknown
|
Japan
|
||
|
208.61.105.0
|
unknown
|
United States
|
||
|
206.39.242.201
|
unknown
|
United States
|
||
|
170.63.219.106
|
unknown
|
United States
|
||
|
153.79.128.166
|
unknown
|
United States
|
||
|
156.64.215.197
|
unknown
|
United States
|
||
|
38.38.237.129
|
unknown
|
United States
|
||
|
149.80.128.98
|
unknown
|
United States
|
||
|
102.197.25.2
|
unknown
|
unknown
|
||
|
5.17.148.30
|
unknown
|
Russian Federation
|
||
|
107.206.41.240
|
unknown
|
United States
|
||
|
136.90.234.30
|
unknown
|
United States
|
||
|
43.14.154.113
|
unknown
|
Japan
|
||
|
64.128.147.181
|
unknown
|
United States
|
||
|
158.52.60.217
|
unknown
|
United States
|
||
|
52.176.76.226
|
unknown
|
United States
|
||
|
66.106.147.154
|
unknown
|
United States
|
||
|
42.62.141.131
|
unknown
|
China
|
||
|
158.209.182.140
|
unknown
|
Japan
|
||
|
13.192.103.78
|
unknown
|
United States
|
||
|
98.218.71.173
|
unknown
|
United States
|
||
|
142.171.104.21
|
unknown
|
Canada
|
||
|
42.116.102.235
|
unknown
|
Viet Nam
|
||
|
31.246.217.71
|
unknown
|
Germany
|
||
|
126.0.70.33
|
unknown
|
Japan
|
||
|
135.115.50.83
|
unknown
|
United States
|
||
|
178.152.70.76
|
unknown
|
Qatar
|
||
|
89.57.6.170
|
unknown
|
Germany
|
||
|
205.104.130.208
|
unknown
|
United States
|
||
|
162.121.130.203
|
unknown
|
United States
|
||
|
89.18.142.24
|
unknown
|
Russian Federation
|
||
|
73.24.133.161
|
unknown
|
United States
|
||
|
201.89.64.120
|
unknown
|
Brazil
|
||
|
152.203.166.164
|
unknown
|
Colombia
|
||
|
161.111.113.136
|
unknown
|
Spain
|
||
|
196.19.248.137
|
unknown
|
Seychelles
|
||
|
69.52.228.181
|
unknown
|
United States
|
||
|
136.184.130.4
|
unknown
|
United States
|
||
|
41.172.161.8
|
unknown
|
South Africa
|
||
|
196.179.94.207
|
unknown
|
Tunisia
|
||
|
49.40.34.87
|
unknown
|
India
|
||
|
39.237.142.19
|
unknown
|
Indonesia
|
||
|
40.217.25.151
|
unknown
|
United States
|
||
|
220.9.15.238
|
unknown
|
Japan
|
||
|
155.242.16.113
|
unknown
|
United States
|
||
|
32.128.22.155
|
unknown
|
United States
|
||
|
53.30.216.122
|
unknown
|
Germany
|
||
|
158.230.131.218
|
unknown
|
United Kingdom
|
||
|
177.1.139.202
|
unknown
|
Brazil
|
||
|
91.221.158.190
|
unknown
|
Poland
|
||
|
151.128.106.44
|
unknown
|
United States
|
||
|
20.146.77.127
|
unknown
|
United States
|
||
|
9.189.118.84
|
unknown
|
United States
|
||
|
72.165.134.213
|
unknown
|
United States
|
||
|
104.222.175.9
|
unknown
|
United States
|
||
|
17.127.196.112
|
unknown
|
United States
|
||
|
179.62.253.121
|
unknown
|
Argentina
|
||
|
165.243.141.193
|
unknown
|
Korea Republic of
|
||
|
108.232.216.70
|
unknown
|
United States
|
||
|
147.189.131.57
|
unknown
|
United Kingdom
|
||
|
184.169.72.99
|
unknown
|
United States
|
||
|
148.135.170.155
|
unknown
|
Sweden
|
||
|
152.66.81.209
|
unknown
|
Hungary
|
||
|
135.183.145.238
|
unknown
|
United States
|
There are 90 hidden IPs, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
413000
|
page execute read
|
|
||
|
1054000
|
page read and write
|
|||
|
516000
|
page read and write
|
|||
|
7ffc22081000
|
page read and write
|
|||
|
7ffc2219c000
|
page execute read
|