http://31.214.243.29/Demon.mips
| Engine | Download Report | Detection | Info |
|---|---|---|---|
|
malicious
Score: 72
|
System: Ubuntu Linux 20.04 x64 (Kernel 5.4.0-72, Firefox 91.0, Evince Document Viewer 3.36.10, LibreOffice 6.4.7.2, OpenJDK 11.0.11)
|
| IP | Country | Detection |
|---|---|---|
| 35.244.181.201 | United States |  |
| 44.231.103.117 | United States | |
| 52.25.208.227 | United States | |
| Click to see the 8 hidden entries | ||
| 31.214.243.29 | Germany | |
| 34.160.144.191 | United States | |
| 109.202.202.202 | Switzerland | |
| 91.189.91.43 | United Kingdom | |
| 34.120.208.123 | United States | |
| 34.111.73.144 | United States | |
| 91.189.91.42 | United Kingdom | |
| 35.241.9.150 | United States | |
| Name | IP | Detection |
|---|---|---|
| dyna.wikimedia.org | 91.198.174.192 | |
| firefox-settings-attachments.cdn.mozilla.net | 0.0.0.0 | |
| www.wikipedia.org | 0.0.0.0 | |
| Click to see the 16 hidden entries | ||
| www.youtube.com | 0.0.0.0 | |
| push.services.mozilla.com | 0.0.0.0 | |
| content-signature-2.cdn.mozilla.net | 0.0.0.0 | |
| www.reddit.com | 0.0.0.0 | |
| www.facebook.com | 0.0.0.0 | |
| prod.content-signature-chains.prod.webservices.mozgcp.net | 34.160.144.191 | |
| www.example.com | 93.184.216.34 | |
| star-mini.c10r.facebook.com | 157.240.20.35 | |
| prod.ingestion-edge.prod.dataops.mozgcp.net | 34.120.208.123 | |
| firefox.settings.services.mozilla.com | 35.241.9.150 | |
| reddit.map.fastly.net | 151.101.65.140 | |
| autopush.prod.mozaws.net | 52.10.254.200 | |
| youtube-ui.l.google.com | 142.250.185.142 | |
| twitter.com | 104.244.42.129 | |
| prod.balrog.prod.cloudops.mozgcp.net | 35.244.181.201 | |
| fennec-catalog-cdn.prod.mozaws.net | 34.111.73.144 | |
| Name | Detection |
|---|---|
| http://31.214.243.29/Demon.mipsstrongly-framed1request-methodGETresponse-headHTTP/1.1 |  |
| http://31.214.243.29/Demon.mips | |
| https://firefox.settings.services.mozilla.com/v1/buckets/main/collections/search-config/records | |
| Click to see the 61 hidden entries | |
| https://firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | |
| https://duckduckgo.com | |
| https://firefox.settings.services.mozilla.com/v1 | |
| https://push.services.mozilla.com/ | |
| https://firefox-settings-attachments.cdn.mozilla.net/main-workspace/ms-language-packs/4f1bcaa0-ddf9- | |
| https://pki.goog/repository/0 | |
| https://support.mozilla.org/kb/warning-unresponsive-script#w_other-causes | |
| http://ocsp.rootca1.amazontrust.com0: | |
| https://developer.mozilla.org/en-US/Add-ons/WebExtensions/manifest.json/commands#Key_combinations | |
| http://crl.pki.goog/gtsr1/gtsr1.crl0W | |
| https://settings.stage.mozaws.net/v1/buckets/main/collections/search-config/records | |
| http://crl.rootca1.amazontrust.com/rootca1.crl0 | |
| https://www.widevine.com/ | |
| https://firefox-settings-attachments.cdn.mozilla.net/main-workspace/ms-language-packs/4f1bcaa0-ddf9-43ef-aca3-8378c4d05582.ftl | |
| https://github.com/Kinto/kinto-attachment/ | |
| http://kinto.readthedocs.io/en/latest/tutorials/synchronisation.html#polling-for-remote-changes | |
| https://amazon.com | |
| http://crt.rootca1.amazontrust.com/rootca1.cer0? | |
| https://support.mozilla.org/kb/firefox-crashes-troubleshoot-prevent-and-get-help | |
| https://firefox-settings-attachments.cdn.mozilla.net/ | |
| https://support.mozilla.org/kb/flash-protected-mode-autodisabled | |
| https://content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2021-09-19-15-17-11.chain | |
| http://crl.pki.goog/gsr2/gsr2.crl0? | |
| https://google.com | |
| http://feedback.redkolibri.com/ | |
| http://www.baidu.com/search/spider.htm) | |
| https://hg.mozilla.org/releases/mozilla-release/rev/7dafd5f51c0afd1ae627bb4762ac0c140a6cd5f5 | |
| https://firefox.settings.services.mozilla.com/v1/buckets/main-preview/collections/search-config/reco | |
| https://content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-202 | |
| https://baidu.com | |
| https://firefox.dns.next | |
| http://www.billybobbot.com/crawler/) | |
| https://settings.stage.mozaws.net/v1/buckets/main-preview/collections/search-config/records | |
| https://support.mozilla.org/kb/ | |
| https://firefox.settings.services.mozilla.com/v1/ | |
| https://yandex.com | |
| https://trr.dns.nextdns.io/ | |
| https://bugzilla.mozilla.org/show_bug.cgi?id=921157 | |
| https://developer.mozilla.org/en-US/docs/JavaScript_OS.File/OS.File.Info#Cross-platform_Attributes | |
| https://private.canadianshield.cira.ca/dns-query | |
| http://31.214.243.29/ | |
| http://mozilla.org/MPL/2.0/. | |
| https://bugzilla.mozilla.org/show_bug.cgi?id=1238180 | |
| https://ebay.com | |
| https://www.openh264.org/ | |
| http://pki.goog/repo/certs/gtsr1.der04 | |
| https://www.google.com/policies/privacy/ | |
| https://support.mozilla.org/kb/refresh-firefox-reset-add-ons-and-settings | |
| http://31.214.243.29/predictor::seen1 | |
| https://twitter.com | |
| http://x1.c.lencr.org/0 | |
| http://x1.i.lencr.org/0 | |
| https://firefox.dns.nextdns.io/ | |
| https://remote-settings.readthedocs.io | |
| https://profiler.firefox.com | |
| http://json-schema.org/draft-04/schema# | |
| http://www.baidu.com/search/spider.html) | |
| https://mozilla.cloudflare-dns.com/dns-query | |
| http://fast.no/support/crawler.asp) | |
| https://doh.xfinity.com/dns-query | |
| https://firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/ | |
| Name | File Type | Hashes | Detection |
|---|---|---|---|
/tmp/khk19L2S.mips.part |
ELF 32-bit MSB executable, MIPS, MIPS-I version 1 (SYSV), statically linked, not stripped | # | |
/home/saturnino/.cache/mozilla/firefox/a3xevaya.default-release/cache2/entries/730FA68718E69A9EC1DE4154BF49B2A37241C7B1 |
ELF 32-bit MSB executable, MIPS, MIPS-I version 1 (SYSV), statically linked, not stripped | # | |
/home/saturnino/.mozilla/firefox/a3xevaya.default-release/key4.db-journal |
data | # | |
| Click to see the 42 hidden entries | |||
/home/saturnino/.mozilla/firefox/a3xevaya.default-release/extensions.json.tmp |
JSON data | # | |
/home/saturnino/.mozilla/firefox/a3xevaya.default-release/prefs-1.js |
ASCII text, with very long lines (1127) | # | |
/home/saturnino/.mozilla/firefox/a3xevaya.default-release/search.json.mozlz4 |
Mozilla lz4 compressed data, originally 467 bytes | # | |
/home/saturnino/.mozilla/firefox/a3xevaya.default-release/sessionCheckpoints.json.tmp |
JSON data | # | |
/home/saturnino/.mozilla/firefox/a3xevaya.default-release/sessionstore-backups/recovery.jsonlz4.tmp |
Mozilla lz4 compressed data, originally 3230 bytes | # | |
/home/saturnino/.mozilla/firefox/a3xevaya.default-release/storage/permanent/chrome/idb/3870112724rsegmnoittet-es.sqlite |
data | # | |
/home/saturnino/.mozilla/firefox/a3xevaya.default-release/storage/permanent/chrome/idb/3870112724rsegmnoittet-es.sqlite-wal |
SQLite Write-Ahead Log, version 3007000 | # | |
/home/saturnino/.mozilla/firefox/a3xevaya.default-release/xulstore.json.tmp |
JSON data | # | |
/proc/6304/gid_map |
ASCII text, with no line terminators | # | |
/proc/6304/setgroups |
ASCII text, with no line terminators | # | |
/proc/6304/uid_map |
ASCII text, with no line terminators | # | |
/proc/6340/gid_map |
ASCII text, with no line terminators | # | |
/proc/6340/setgroups |
ASCII text, with no line terminators | # | |
/proc/6340/uid_map |
ASCII text, with no line terminators | # | |
/proc/6383/gid_map |
ASCII text, with no line terminators | # | |
/proc/6383/setgroups |
ASCII text, with no line terminators | # | |
/proc/6383/uid_map |
ASCII text, with no line terminators | # | |
/proc/6434/gid_map |
ASCII text, with no line terminators | # | |
/proc/6434/setgroups |
ASCII text, with no line terminators | # | |
/proc/6434/uid_map |
ASCII text, with no line terminators | # | |
/home/saturnino/.mozilla/firefox/a3xevaya.default-release/addonStartup.json.lz4.tmp |
Mozilla lz4 compressed data, originally 17200 bytes | # | |
/home/saturnino/.cache/mozilla/firefox/a3xevaya.default-release/cache2/entries/134714F2DF01B21FA934AB16898B0583114E19B0 |
data | # | |
/home/saturnino/.cache/mozilla/firefox/a3xevaya.default-release/cache2/entries/254256B27E0C48CF9B80B695F0B3B8CA84610495 |
JSON data | # | |
/home/saturnino/.cache/mozilla/firefox/a3xevaya.default-release/cache2/entries/5FFD69415953BE9CE9C07B2E9C26DA959ADEA6CB |
data | # | |
/home/saturnino/.cache/mozilla/firefox/a3xevaya.default-release/cache2/entries/68B780A709FB903C666EF08F51EF5985A89FE446 |
data | # | |
/home/saturnino/.cache/mozilla/firefox/a3xevaya.default-release/cache2/entries/DED23BB33EA3C88FAD1C0A1CD53916E0D8C424D3 |
data | # | |
/home/saturnino/.cache/mozilla/firefox/a3xevaya.default-release/cache2/entries/F8CBD54DDA10F4286A41EC6A537240712D6C2308 |
JSON data | # | |
/home/saturnino/.cache/mozilla/firefox/a3xevaya.default-release/settings/main/ms-language-packs/asrouter.ftl.tmp |
Unicode text, UTF-8 text | # | |
/home/saturnino/.cache/mozilla/firefox/a3xevaya.default-release/startupCache/scriptCache-child-new.bin |
data | # | |
/home/saturnino/.cache/mozilla/firefox/a3xevaya.default-release/startupCache/scriptCache-new.bin |
data | # | |
/home/saturnino/.cache/mozilla/firefox/a3xevaya.default-release/startupCache/urlCache-new.bin |
data | # | |
/home/saturnino/.mozilla/firefox/a3xevaya.default-release/key4.db |
SQLite 3.x database, last written using SQLite version 3036000, page size 32768, file counter 3, database pages 9, cookie 0x6, schema 4, UTF-8, version-valid-for 3 | # | |
/home/saturnino/.mozilla/firefox/a3xevaya.default-release/broadcast-listeners.json.tmp |
JSON data | # | |
/home/saturnino/.mozilla/firefox/a3xevaya.default-release/cert9.db |
SQLite 3.x database, last written using SQLite version 3036000, page size 32768, file counter 9, database pages 7, cookie 0x5, schema 4, UTF-8, version-valid-for 9 | # | |
/home/saturnino/.mozilla/firefox/a3xevaya.default-release/cert9.db-journal |
data | # | |
/home/saturnino/.mozilla/firefox/a3xevaya.default-release/crashes/store.json.mozlz4.tmp |
Mozilla lz4 compressed data, originally 56 bytes | # | |
/home/saturnino/.mozilla/firefox/a3xevaya.default-release/datareporting/aborted-session-ping.tmp |
JSON data | # | |
/home/saturnino/.mozilla/firefox/a3xevaya.default-release/datareporting/glean/db/data.safe.bin |
data | # | |
/home/saturnino/.mozilla/firefox/a3xevaya.default-release/datareporting/glean/tmp/7c4c3d68-b8c8-44e6-a714-345a0583faf2 |
ASCII text, with very long lines (447) | # | |
/home/saturnino/.mozilla/firefox/a3xevaya.default-release/datareporting/session-state.json.tmp |
JSON data | # | |
/home/saturnino/.mozilla/firefox/a3xevaya.default-release/datareporting/state.json.tmp |
JSON data | # | |
/home/saturnino/.cache/dconf/user |
very short file (no magic) | # | |
