Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
/tmp/boatnet.mpsl.elf
|
/tmp/boatnet.mpsl.elf
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://5.181.159.16/wget.sh;
|
unknown
|
||
|
http://upx.sf.net
|
unknown
|
||
|
http://5.181.159.16/idk/home.arm7;chmod
|
unknown
|
||
|
http://5.181.159.16/w.sh;
|
unknown
|
||
|
http://5.181.159.16/c.sh;
|
unknown
|
||
|
http://schemas.xmlsoap.org/soap/encoding/
|
unknown
|
||
|
http://5.181.159.16/idk/home.mips
|
unknown
|
||
|
http://5.181.159.16/idk/home.mips;
|
unknown
|
||
|
http://5.181.159.16/idk/home.x86
|
unknown
|
||
|
http://schemas.xmlsoap.org/soap/envelope/
|
unknown
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
daisy.ubuntu.com
|
162.213.35.25
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
7fd93441e000
|
page execute read
|
 |
||
|
7fd9ba5be000
|
page read and write
|
|||
|
7fd9bac32000
|
page read and write
|
|||
|
7fd9bb161000
|
page read and write
|
|||
|
7ffd52362000
|
page read and write
|
|||
|
55f08afdd000
|
page execute read
|
|||
|
7fd9b4021000
|
page read and write
|
|||
|
7fd9ba5b0000
|
page read and write
|
|||
|
7fd9bb2d7000
|
page read and write
|
|||
|
7fd9b4000000
|
page read and write
|
|||
|
55f08d284000
|
page read and write
|
|||
|
7fd9ba86e000
|
page read and write
|
|||
|
7fd9baf80000
|
page read and write
|
|||
|
55f08d4f5000
|
page read and write
|
|||
|
7fd9b9da8000
|
page read and write
|
|||
|
7fd934460000
|
page read and write
|
|||
|
7ffd52385000
|
page execute read
|
|||
|
7fd934140000
|
page execute and read and write
|
|||
|
55f08d26d000
|
page execute and read and write
|
|||
|
7fd9bac0f000
|
page read and write
|
|||
|
55f08b26f000
|
page read and write
|
|||
|
55f08b265000
|
page read and write
|
|||
|
7fd9bac4f000
|
page read and write
|
|||
|
7fd9bb292000
|
page read and write
|
|||
|
7fd9bb28a000
|
page read and write
|
There are 15 hidden memdumps, click here to show them.