Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
/tmp/zone.mips.elf
|
/tmp/zone.mips.elf
|
||
|
/usr/bin/dash
|
-
|
||
|
/usr/bin/rm
|
rm -f /tmp/tmp.LHb7HZLpmh /tmp/tmp.4jVz2QAFoJ /tmp/tmp.sAy7vZw2mu
|
||
|
/usr/bin/dash
|
-
|
||
|
/usr/bin/rm
|
rm -f /tmp/tmp.LHb7HZLpmh /tmp/tmp.4jVz2QAFoJ /tmp/tmp.sAy7vZw2mu
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://upx.sf.net
|
unknown
|
 |
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
185.125.190.26
|
unknown
|
United Kingdom
|
||
|
34.254.182.186
|
unknown
|
United States
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
7ffd485e9000
|
page read and write
|
|||
|
7fb1987dc000
|
page read and write
|
|||
|
5557359b3000
|
page read and write
|
|||
|
7fb111400000
|
page read and write
|
|||
|
7fb190021000
|
page read and write
|
|||
|
7fb1990cf000
|
page read and write
|
|||
|
7fb19851e000
|
page read and write
|
|||
|
555735721000
|
page execute read
|
|||
|
5557379c8000
|
page read and write
|
|||
|
7fb110570000
|
page read and write
|
|||
|
7fb190000000
|
page read and write
|
|||
|
555738693000
|
page read and write
|
|||
|
5557379b1000
|
page execute and read and write
|
|||
|
7fb198b7d000
|
page read and write
|
|||
|
7fb198eee000
|
page read and write
|
|||
|
7fb199245000
|
page read and write
|
|||
|
7fb198ba0000
|
page read and write
|
|||
|
7ffd485ef000
|
page execute read
|
|||
|
7fb11056e000
|
page execute read
|
|||
|
7fb110fa0000
|
page read and write
|
|||
|
7fb197d16000
|
page read and write
|
|||
|
7fb198bbd000
|
page read and write
|
|||
|
7fb19852c000
|
page read and write
|
|||
|
7fb199200000
|
page read and write
|
|||
|
7fb1991f8000
|
page read and write
|
|||
|
7fb18f7ff000
|
page read and write
|
|||
|
7fb18b4c6000
|
page read and write
|
|||
|
5557359a9000
|
page read and write
|
There are 18 hidden memdumps, click here to show them.