Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
/tmp/JlsamXyn4T.elf
|
/tmp/JlsamXyn4T.elf
|
||
|
/tmp/JlsamXyn4T.elf
|
-
|
||
|
/tmp/JlsamXyn4T.elf
|
-
|
||
|
/tmp/JlsamXyn4T.elf
|
-
|
||
|
/tmp/JlsamXyn4T.elf
|
-
|
||
|
/usr/bin/xfce4-panel
|
-
|
||
|
/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0
|
/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 /usr/lib/x86_64-linux-gnu/xfce4/panel/plugins/libsystray.so 6 12582920 systray
"Notification Area" "Area where notification icons appear"
|
||
|
/usr/bin/xfce4-panel
|
-
|
||
|
/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0
|
/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 /usr/lib/x86_64-linux-gnu/xfce4/panel/plugins/libstatusnotifier.so 7 12582921
statusnotifier "Status Notifier Plugin" "Provides a panel area for status notifier items (application indicators)"
|
||
|
/usr/bin/xfce4-panel
|
-
|
||
|
/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0
|
/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 /usr/lib/x86_64-linux-gnu/xfce4/panel/plugins/libpulseaudio-plugin.so 8
12582922 pulseaudio "PulseAudio Plugin" "Adjust the audio volume of the PulseAudio sound system"
|
||
|
/usr/bin/xfce4-panel
|
-
|
||
|
/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0
|
/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 /usr/lib/x86_64-linux-gnu/xfce4/panel/plugins/libxfce4powermanager.so 9
12582923 power-manager-plugin "Power Manager Plugin" "Display the battery levels of your devices and control the brightness
of your display"
|
||
|
/usr/bin/xfce4-panel
|
-
|
||
|
/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0
|
/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 /usr/lib/x86_64-linux-gnu/xfce4/panel/plugins/libnotification-plugin.so
10 12582924 notification-plugin "Notification Plugin" "Notification plugin for the Xfce panel"
|
||
|
/usr/bin/xfce4-panel
|
-
|
||
|
/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0
|
/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 /usr/lib/x86_64-linux-gnu/xfce4/panel/plugins/libactions.so 14 12582925
actions "Action Buttons" "Log out, lock or other system actions"
|
There are 7 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://scan.chromies.cf/9x83HE5AFD/arm7.jade
|
unknown
|
||
|
http://schemas.xmlsoap.org/soap/encoding/
|
unknown
|
||
|
http://schemas.xmlsoap.org/soap/envelope/
|
unknown
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
cnc.chromies.cf
|
5.181.156.131
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
85.134.173.179
|
unknown
|
Ireland
|
||
|
85.37.142.185
|
unknown
|
Italy
|
||
|
61.92.195.33
|
unknown
|
Hong Kong
|
||
|
61.163.237.46
|
unknown
|
China
|
||
|
2.181.199.153
|
unknown
|
Iran (ISLAMIC Republic Of)
|
||
|
213.166.137.4
|
unknown
|
Saudi Arabia
|
||
|
85.208.184.123
|
unknown
|
Netherlands
|
||
|
88.201.155.155
|
unknown
|
Russian Federation
|
||
|
213.198.104.250
|
unknown
|
Germany
|
||
|
117.216.119.0
|
unknown
|
India
|
||
|
24.44.185.106
|
unknown
|
United States
|
||
|
88.205.209.246
|
unknown
|
Russian Federation
|
||
|
61.37.136.29
|
unknown
|
Korea Republic of
|
||
|
2.102.198.217
|
unknown
|
United Kingdom
|
||
|
94.230.160.94
|
unknown
|
Russian Federation
|
||
|
2.57.8.232
|
unknown
|
Poland
|
||
|
85.9.71.143
|
unknown
|
Iran (ISLAMIC Republic Of)
|
||
|
2.44.51.235
|
unknown
|
Italy
|
||
|
213.214.31.193
|
unknown
|
Germany
|
||
|
190.213.173.254
|
unknown
|
Trinidad and Tobago
|
||
|
88.116.10.156
|
unknown
|
Austria
|
||
|
190.161.151.217
|
unknown
|
Chile
|
||
|
85.250.231.84
|
unknown
|
Israel
|
||
|
213.120.41.131
|
unknown
|
United Kingdom
|
||
|
117.0.17.46
|
unknown
|
Viet Nam
|
||
|
24.58.121.32
|
unknown
|
United States
|
||
|
117.26.61.71
|
unknown
|
China
|
||
|
94.72.167.49
|
unknown
|
Bulgaria
|
||
|
188.240.194.121
|
unknown
|
Spain
|
||
|
88.41.215.219
|
unknown
|
Italy
|
||
|
190.42.29.100
|
unknown
|
Peru
|
||
|
2.209.235.83
|
unknown
|
Germany
|
||
|
85.151.74.176
|
unknown
|
Germany
|
||
|
188.138.87.197
|
unknown
|
Germany
|
||
|
2.51.43.159
|
unknown
|
United Arab Emirates
|
||
|
2.224.96.152
|
unknown
|
Italy
|
||
|
188.212.127.63
|
unknown
|
Romania
|
||
|
85.131.182.9
|
unknown
|
Germany
|
||
|
61.74.93.237
|
unknown
|
Korea Republic of
|
||
|
188.210.191.62
|
unknown
|
Iran (ISLAMIC Republic Of)
|
||
|
61.139.79.101
|
unknown
|
China
|
||
|
85.54.143.103
|
unknown
|
Spain
|
||
|
94.17.62.93
|
unknown
|
Malta
|
||
|
190.18.142.143
|
unknown
|
Argentina
|
||
|
61.202.252.31
|
unknown
|
Japan
|
||
|
94.128.90.221
|
unknown
|
Kuwait
|
||
|
213.6.68.160
|
unknown
|
Palestinian Territory Occupied
|
||
|
190.77.171.122
|
unknown
|
Venezuela
|
||
|
213.55.32.59
|
unknown
|
France
|
||
|
94.80.65.145
|
unknown
|
Italy
|
||
|
117.181.253.80
|
unknown
|
China
|
||
|
188.1.226.102
|
unknown
|
Germany
|
||
|
188.169.140.209
|
unknown
|
Georgia
|
||
|
94.132.185.132
|
unknown
|
Portugal
|
||
|
88.142.45.78
|
unknown
|
France
|
||
|
190.88.16.30
|
unknown
|
Curacao
|
||
|
88.222.32.104
|
unknown
|
Lithuania
|
||
|
88.24.20.223
|
unknown
|
Spain
|
||
|
213.20.62.220
|
unknown
|
Germany
|
||
|
88.203.16.144
|
unknown
|
Malta
|
||
|
213.2.117.20
|
unknown
|
United Kingdom
|
||
|
2.106.217.175
|
unknown
|
Denmark
|
||
|
2.56.113.89
|
unknown
|
Russian Federation
|
||
|
85.235.111.109
|
unknown
|
United Kingdom
|
||
|
94.225.140.190
|
unknown
|
Belgium
|
||
|
213.42.237.226
|
unknown
|
United Arab Emirates
|
||
|
61.24.205.244
|
unknown
|
Japan
|
||
|
94.125.123.56
|
unknown
|
Ukraine
|
||
|
88.161.249.213
|
unknown
|
France
|
||
|
61.141.247.217
|
unknown
|
China
|
||
|
117.40.144.164
|
unknown
|
China
|
||
|
117.98.132.144
|
unknown
|
India
|
||
|
88.66.6.104
|
unknown
|
Germany
|
||
|
61.208.168.139
|
unknown
|
Japan
|
||
|
88.151.206.61
|
unknown
|
Russian Federation
|
||
|
85.82.97.200
|
unknown
|
Denmark
|
||
|
190.158.48.245
|
unknown
|
Colombia
|
||
|
188.180.197.251
|
unknown
|
Denmark
|
||
|
213.218.28.132
|
unknown
|
Germany
|
||
|
61.34.32.31
|
unknown
|
Korea Republic of
|
||
|
2.67.239.78
|
unknown
|
Sweden
|
||
|
190.225.163.62
|
unknown
|
Argentina
|
||
|
2.155.190.109
|
unknown
|
Spain
|
||
|
88.222.32.127
|
unknown
|
Lithuania
|
||
|
190.152.149.198
|
unknown
|
Ecuador
|
||
|
61.122.151.122
|
unknown
|
Japan
|
||
|
190.106.136.236
|
unknown
|
Argentina
|
||
|
190.90.144.164
|
unknown
|
Colombia
|
||
|
24.1.217.104
|
unknown
|
United States
|
||
|
24.46.40.77
|
unknown
|
United States
|
||
|
190.1.185.245
|
unknown
|
Colombia
|
||
|
61.87.201.229
|
unknown
|
China
|
||
|
94.154.23.148
|
unknown
|
Poland
|
||
|
188.153.69.245
|
unknown
|
Italy
|
||
|
117.204.116.144
|
unknown
|
India
|
||
|
213.249.72.226
|
unknown
|
Netherlands
|
||
|
2.209.141.160
|
unknown
|
Germany
|
||
|
85.151.204.81
|
unknown
|
Germany
|
||
|
117.90.74.222
|
unknown
|
China
|
||
|
190.188.73.243
|
unknown
|
Argentina
|
There are 90 hidden IPs, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
7fcfe8038000
|
page execute read
|
 |
||
|
7fcfe8038000
|
page execute read
|
|
||
|
7fcfe8038000
|
page execute read
|
|
||
|
56322bc4d000
|
page execute and read and write
|
|||
|
56322c600000
|
page read and write
|
|||
|
7fd0e8021000
|
page read and write
|
|||
|
563229c46000
|
page read and write
|
|||
|
56322c620000
|
page read and write
|
|||
|
7ffe51ce0000
|
page read and write
|
|||
|
7fd0f0e59000
|
page read and write
|
|||
|
563229c4f000
|
page read and write
|
|||
|
563229c4f000
|
page read and write
|
|||
|
56322c600000
|
page read and write
|
|||
|
7fd0e7fff000
|
page read and write
|
|||
|
7fd0f066b000
|
page read and write
|
|||
|
7fd0f103b000
|
page read and write
|
|||
|
7fd0f06fd000
|
page read and write
|
|||
|
7fcfe8041000
|
page read and write
|
|||
|
7ffe51d85000
|
page execute read
|
|||
|
7fd0e7fff000
|
page read and write
|
|||
|
7fcfe806e000
|
page read and write
|
|||
|
7fcfe8046000
|
page read and write
|
|||
|
56322c623000
|
page read and write
|
|||
|
7fd0f13ae000
|
page read and write
|
|||
|
5632299f5000
|
page execute read
|
|||
|
7fd0f0cca000
|
page read and write
|
|||
|
7fd0f13ae000
|
page read and write
|
|||
|
7fd0efe63000
|
page read and write
|
|||
|
7fd0f0ced000
|
page read and write
|
|||
|
56322c626000
|
page read and write
|
|||
|
56322bc4d000
|
page execute and read and write
|
|||
|
7fd0efe63000
|
page read and write
|
|||
|
7fd0f066b000
|
page read and write
|
|||
|
7fd0f0ced000
|
page read and write
|
|||
|
7fcfe8041000
|
page read and write
|
|||
|
7fd0f121c000
|
page read and write
|
|||
|
7fcfe8046000
|
page read and write
|
|||
|
7fcfe8041000
|
page read and write
|
|||
|
7fcfe8046000
|
page read and write
|
|||
|
7fd0e7fff000
|
page read and write
|
|||
|
7fd0efe63000
|
page read and write
|
|||
|
7fd0f06fd000
|
page read and write
|
|||
|
56322bc4d000
|
page execute and read and write
|
|||
|
56322bc64000
|
page read and write
|
|||
|
7fd0f06fd000
|
page read and write
|
|||
|
563229c46000
|
page read and write
|
|||
|
7fd0f121c000
|
page read and write
|
|||
|
7fd0f103b000
|
page read and write
|
|||
|
7fd0f121c000
|
page read and write
|
|||
|
7fd0f066b000
|
page read and write
|
|||
|
7fd0f0a5f000
|
page read and write
|
|||
|
7fd0f1345000
|
page read and write
|
|||
|
7ffe51d85000
|
page execute read
|
|||
|
7fd0f0a5f000
|
page read and write
|
|||
|
7fd0e8021000
|
page read and write
|
|||
|
563229c4f000
|
page read and write
|
|||
|
7fd0f1345000
|
page read and write
|
|||
|
56322bc64000
|
page read and write
|
|||
|
7fd0f0cca000
|
page read and write
|
|||
|
7fd0f0e59000
|
page read and write
|
|||
|
5632299f5000
|
page execute read
|
|||
|
7ffe51d85000
|
page execute read
|
|||
|
56322bc64000
|
page read and write
|
|||
|
7fd0f0ced000
|
page read and write
|
|||
|
7fd0f1369000
|
page read and write
|
|||
|
7fd0e8021000
|
page read and write
|
|||
|
563229c46000
|
page read and write
|
|||
|
7fd0f13ae000
|
page read and write
|
|||
|
7fd0f103b000
|
page read and write
|
|||
|
7ffe51ce0000
|
page read and write
|
|||
|
7ffe51ce0000
|
page read and write
|
|||
|
7fd0f0a5f000
|
page read and write
|
|||
|
5632299f5000
|
page execute read
|
|||
|
7fd0f0e59000
|
page read and write
|
|||
|
7fd0f1369000
|
page read and write
|
|||
|
7fd0f1369000
|
page read and write
|
|||
|
7fd0f0cca000
|
page read and write
|
|||
|
7fd0f1345000
|
page read and write
|
There are 68 hidden memdumps, click here to show them.