Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
/tmp/z3u7dnBStL.elf
|
/tmp/z3u7dnBStL.elf
|
||
|
/usr/bin/dash
|
-
|
||
|
/usr/bin/rm
|
rm -f /tmp/tmp.quJnwvWnw9 /tmp/tmp.0asyiAsN19 /tmp/tmp.sNxz6L6XVy
|
||
|
/usr/bin/dash
|
-
|
||
|
/usr/bin/rm
|
rm -f /tmp/tmp.quJnwvWnw9 /tmp/tmp.0asyiAsN19 /tmp/tmp.sNxz6L6XVy
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
daisy.ubuntu.com
|
162.213.35.25
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
34.254.182.186
|
unknown
|
United States
|
||
|
54.247.62.1
|
unknown
|
United States
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
7f07f402f000
|
page execute read
|
 |
||
|
55d7d5432000
|
page read and write
|
|||
|
7f08f9ade000
|
page read and write
|
|||
|
7f08f8c54000
|
page read and write
|
|||
|
7f08f3fff000
|
page read and write
|
|||
|
7f08f9850000
|
page read and write
|
|||
|
7f08f4021000
|
page read and write
|
|||
|
55d7d51e1000
|
page execute read
|
|||
|
7ffca98ca000
|
page read and write
|
|||
|
7f08fa00d000
|
page read and write
|
|||
|
7f08fa15a000
|
page read and write
|
|||
|
7f08fa136000
|
page read and write
|
|||
|
55d7d543b000
|
page read and write
|
|||
|
7f08f9e2c000
|
page read and write
|
|||
|
55d7d7439000
|
page execute and read and write
|
|||
|
7f08f94ee000
|
page read and write
|
|||
|
7f07f4030000
|
page read and write
|
|||
|
55d7d7450000
|
page read and write
|
|||
|
7f08fa19f000
|
page read and write
|
|||
|
55d7d86f5000
|
page read and write
|
|||
|
7f07f403a000
|
page read and write
|
|||
|
7f08f9c4a000
|
page read and write
|
|||
|
7ffca98dc000
|
page execute read
|
|||
|
7f08f9abb000
|
page read and write
|
|||
|
7f08f945c000
|
page read and write
|
There are 15 hidden memdumps, click here to show them.