Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
/tmp/boatnet.arm7.elf
|
/tmp/boatnet.arm7.elf
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://5.181.159.16/wget.sh;
|
unknown
|
||
|
http://upx.sf.net
|
unknown
|
||
|
http://5.181.159.16/idk/home.arm7;chmod
|
unknown
|
||
|
http://5.181.159.16/w.sh;
|
unknown
|
||
|
http://5.181.159.16/c.sh;
|
unknown
|
||
|
http://schemas.xmlsoap.org/soap/encoding/
|
unknown
|
||
|
http://5.181.159.16/idk/home.mips
|
unknown
|
||
|
http://5.181.159.16/idk/home.mips;
|
unknown
|
||
|
http://5.181.159.16/idk/home.x86
|
unknown
|
||
|
http://schemas.xmlsoap.org/soap/envelope/
|
unknown
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
daisy.ubuntu.com
|
162.213.35.24
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
7f14f0036000
|
page execute read
|
 |
||
|
558ffaa5b000
|
page execute and read and write
|
|||
|
7f15f45e6000
|
page read and write
|
|||
|
7f15effff000
|
page read and write
|
|||
|
558ffaa72000
|
page read and write
|
|||
|
7f14f0043000
|
page read and write
|
|||
|
7fff7413b000
|
page execute read
|
|||
|
558ff8803000
|
page execute read
|
|||
|
7f15f5ac8000
|
page read and write
|
|||
|
7f15f5aec000
|
page read and write
|
|||
|
7f15f599f000
|
page read and write
|
|||
|
7fff74116000
|
page read and write
|
|||
|
7f15f4dee000
|
page read and write
|
|||
|
558ff8a54000
|
page read and write
|
|||
|
7f15f51e2000
|
page read and write
|
|||
|
7f15f544d000
|
page read and write
|
|||
|
7f15f0021000
|
page read and write
|
|||
|
7f15f55dc000
|
page read and write
|
|||
|
558ffb800000
|
page read and write
|
|||
|
558ff8a5d000
|
page read and write
|
|||
|
7f15f4e80000
|
page read and write
|
|||
|
7f15f5b31000
|
page read and write
|
|||
|
7f15f57be000
|
page read and write
|
|||
|
7f15f5470000
|
page read and write
|
There are 14 hidden memdumps, click here to show them.