Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
/usr/bin/dash
|
-
|
||
|
/usr/bin/rm
|
rm -f /tmp/tmp.dOldhQuHgN /tmp/tmp.zyp883466Y /tmp/tmp.dO3arOJraK
|
||
|
/usr/bin/dash
|
-
|
||
|
/usr/bin/rm
|
rm -f /tmp/tmp.dOldhQuHgN /tmp/tmp.zyp883466Y /tmp/tmp.dO3arOJraK
|
||
|
/tmp/vqsjh4.elf
|
/tmp/vqsjh4.elf
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
109.202.202.202
|
unknown
|
Switzerland
|
||
|
91.189.91.43
|
unknown
|
United Kingdom
|
||
|
91.189.91.42
|
unknown
|
United Kingdom
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
7ffc048a6000
|
page read and write
|
|||
|
7f68bc41f000
|
page execute read
|
|||
|
7f6943382000
|
page read and write
|
|||
|
7f6942d23000
|
page read and write
|
|||
|
7f694381b000
|
page read and write
|
|||
|
7f69433a7000
|
page read and write
|
|||
|
7f6943868000
|
page read and write
|
|||
|
7f68bc438000
|
page read and write
|
|||
|
7ffc049fa000
|
page execute read
|
|||
|
7f68bc434000
|
page read and write
|
|||
|
7f6942520000
|
page read and write
|
|||
|
5559ac531000
|
page read and write
|
|||
|
7f6942d31000
|
page read and write
|
|||
|
5559a8fae000
|
page execute read
|
|||
|
7f69436f2000
|
page read and write
|
|||
|
5559ab1e1000
|
page read and write
|
|||
|
5559a91cc000
|
page read and write
|
|||
|
7f6943823000
|
page read and write
|
|||
|
7f693c021000
|
page read and write
|
|||
|
7f6942fc0000
|
page read and write
|
|||
|
5559ab1cb000
|
page execute and read and write
|
|||
|
5559a91c4000
|
page read and write
|
There are 12 hidden memdumps, click here to show them.