Files
File Path
|
Type
|
Category
|
Malicious
|
|
---|---|---|---|---|
/home/james/.cache/dconf/user
|
very short file (no magic)
|
dropped
|
||
/home/james/.cache/mozilla/firefox/5zxot757.default/cache2/entries/1DBCF2C5F4A9AAB308F13D41AB219EA85A810612
|
PNG image data, 1500 x 600, 8-bit colormap, non-interlaced
|
dropped
|
||
/home/james/.cache/mozilla/firefox/5zxot757.default/cache2/entries/27384B62E4E2FBED7D3E85C6EAB6BF998474793D
|
gzip compressed data, max speed, from Unix, original size modulo 2^32 1075314688
|
dropped
|
||
/home/james/.cache/mozilla/firefox/5zxot757.default/cache2/entries/2F4087E4267A59C0FFA634FA9D0E00268729B4DC
|
JSON data
|
dropped
|
||
/home/james/.cache/mozilla/firefox/5zxot757.default/cache2/entries/37D23FAB5FB546A476E38CD3870F42D926504EC7
|
gzip compressed data, max speed, from Unix, original size modulo 2^32 335544320
|
dropped
|
||
/home/james/.cache/mozilla/firefox/5zxot757.default/cache2/entries/4098689E1EA45FF0094F1C8088E49251FFFF7585
|
data
|
dropped
|
||
/home/james/.cache/mozilla/firefox/5zxot757.default/cache2/entries/8C0900F504EEA56B743B4031F3F815083E14491B
|
data
|
dropped
|
||
/home/james/.cache/mozilla/firefox/5zxot757.default/cache2/entries/8E6243BCB240F8914D10249076C524BAE347081E
|
data
|
dropped
|
||
/home/james/.cache/mozilla/firefox/5zxot757.default/cache2/entries/A63C11DE5F2C5CEF985CF75DF4EFB9ECC9BF06B8
|
data
|
dropped
|
||
/home/james/.cache/mozilla/firefox/5zxot757.default/cache2/entries/B13A714441C11853FE6BA40EFF6C7097378009F7
|
data
|
dropped
|
||
/home/james/.cache/mozilla/firefox/5zxot757.default/cache2/entries/C296EE2E7F76140275BFE32DF9712B635E6BB55B
|
data
|
dropped
|
||
/home/james/.cache/mozilla/firefox/5zxot757.default/cache2/entries/C389DE279BF5275924497D5B33D1F1900116E591
|
JSON data
|
dropped
|
||
/home/james/.cache/mozilla/firefox/5zxot757.default/cache2/entries/D2A64B5E2F392B99B4EBC1553A17EA010F0E8891
|
gzip compressed data, max compression, original size modulo 2^32 3508601088
|
dropped
|
||
/home/james/.cache/mozilla/firefox/5zxot757.default/cache2/entries/E6D3854E385D14EBC6F74CDE30437FFAD732EA8E
|
data
|
dropped
|
||
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/allow-flashallow-digest256.pset
|
data
|
dropped
|
||
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/allow-flashallow-digest256.sbstore
|
data
|
dropped
|
||
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/base-track-digest256.pset
|
data
|
dropped
|
||
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/base-track-digest256.sbstore
|
data
|
dropped
|
||
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/block-flash-digest256.pset
|
data
|
dropped
|
||
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/block-flash-digest256.sbstore
|
data
|
dropped
|
||
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/block-flashsubdoc-digest256.pset
|
data
|
dropped
|
||
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/block-flashsubdoc-digest256.sbstore
|
data
|
dropped
|
||
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/except-flash-digest256.pset
|
data
|
dropped
|
||
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/except-flash-digest256.sbstore
|
data
|
dropped
|
||
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/except-flashallow-digest256.pset
|
data
|
dropped
|
||
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/except-flashallow-digest256.sbstore
|
data
|
dropped
|
||
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/except-flashsubdoc-digest256.pset
|
data
|
dropped
|
||
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/except-flashsubdoc-digest256.sbstore
|
data
|
dropped
|
||
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/mozplugin-block-digest256.pset
|
data
|
dropped
|
||
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/mozplugin-block-digest256.sbstore
|
data
|
dropped
|
||
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/mozstd-trackwhite-digest256.pset
|
data
|
dropped
|
||
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/mozstd-trackwhite-digest256.sbstore
|
data
|
dropped
|
||
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/test-block-simple-1.sbstore
|
data
|
dropped
|
||
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/test-block-simple.pset
|
data
|
dropped
|
||
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/test-block-simple.sbstore
|
data
|
dropped
|
||
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/test-harmful-simple-1.sbstore
|
data
|
dropped
|
||
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/test-harmful-simple.pset
|
data
|
dropped
|
||
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/test-harmful-simple.sbstore
|
data
|
dropped
|
||
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/test-malware-simple-1.sbstore
|
data
|
dropped
|
||
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/test-malware-simple.pset
|
data
|
dropped
|
||
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/test-malware-simple.sbstore
|
data
|
dropped
|
||
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/test-phish-simple-1.sbstore
|
data
|
dropped
|
||
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/test-phish-simple.pset
|
data
|
dropped
|
||
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/test-phish-simple.sbstore
|
data
|
dropped
|
||
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/test-track-simple-1.sbstore
|
data
|
dropped
|
||
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/test-track-simple.pset
|
data
|
dropped
|
||
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/test-track-simple.sbstore
|
data
|
dropped
|
||
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/test-trackwhite-simple-1.sbstore
|
data
|
dropped
|
||
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/test-trackwhite-simple.pset
|
data
|
dropped
|
||
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/test-trackwhite-simple.sbstore
|
data
|
dropped
|
||
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/test-unwanted-simple-1.sbstore
|
data
|
dropped
|
||
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/test-unwanted-simple.pset
|
data
|
dropped
|
||
/home/james/.cache/mozilla/firefox/5zxot757.default/safebrowsing-updating/test-unwanted-simple.sbstore
|
data
|
dropped
|
||
/home/james/.cache/mozilla/firefox/5zxot757.default/startupCache/webext.sc.lz4.tmp
|
data
|
dropped
|
||
/home/james/.mozilla/firefox/5zxot757.default/addonStartup.json.lz4.tmp
|
Mozilla lz4 compressed data, originally 1426 bytes
|
dropped
|
||
/home/james/.mozilla/firefox/5zxot757.default/cert9.db
|
SQLite 3.x database, last written using SQLite version 3026000, page size 32768, file counter 4, database pages 7, cookie
0x5, schema 4, UTF-8, version-valid-for 4
|
dropped
|
||
/home/james/.mozilla/firefox/5zxot757.default/cert9.db-journal
|
data
|
dropped
|
||
/home/james/.mozilla/firefox/5zxot757.default/cookies.sqlite-wal
|
SQLite Write-Ahead Log, version 3007000
|
dropped
|
||
/home/james/.mozilla/firefox/5zxot757.default/key4.db
|
SQLite 3.x database, last written using SQLite version 3026000, page size 32768, file counter 3, database pages 9, cookie
0x6, schema 4, UTF-8, version-valid-for 3
|
dropped
|
||
/home/james/.mozilla/firefox/5zxot757.default/key4.db-journal
|
data
|
dropped
|
||
/home/james/.mozilla/firefox/5zxot757.default/permissions.sqlite
|
SQLite 3.x database, user version 9, last written using SQLite version 3026000, page size 32768, file counter 5, database
pages 3, cookie 0x2, schema 4, UTF-8, version-valid-for 5
|
dropped
|
||
/home/james/.mozilla/firefox/5zxot757.default/permissions.sqlite-journal
|
data
|
dropped
|
||
/home/james/.mozilla/firefox/5zxot757.default/places.sqlite-wal
|
SQLite Write-Ahead Log, version 3007000
|
dropped
|
||
/home/james/.mozilla/firefox/5zxot757.default/prefs-1.js
|
ASCII text, with very long lines (663)
|
dropped
|
||
/home/james/.mozilla/firefox/5zxot757.default/sessionCheckpoints.json.tmp
|
JSON data
|
dropped
|
||
/home/james/.mozilla/firefox/5zxot757.default/sessionstore-backups/recovery.jsonlz4.tmp
|
Mozilla lz4 compressed data, originally 26969 bytes
|
dropped
|
||
/proc/4929/gid_map
|
ASCII text, with no line terminators
|
dropped
|
||
/proc/4929/setgroups
|
ASCII text, with no line terminators
|
dropped
|
||
/proc/4929/uid_map
|
ASCII text, with no line terminators
|
dropped
|
||
/proc/4977/gid_map
|
ASCII text, with no line terminators
|
dropped
|
||
/proc/4977/setgroups
|
ASCII text, with no line terminators
|
dropped
|
||
/proc/4977/uid_map
|
ASCII text, with no line terminators
|
dropped
|
||
/proc/5019/gid_map
|
ASCII text, with no line terminators
|
dropped
|
||
/proc/5019/setgroups
|
ASCII text, with no line terminators
|
dropped
|
||
/proc/5019/uid_map
|
ASCII text, with no line terminators
|
dropped
|
There are 66 hidden files, click here to show them.
Processes
Path
|
Cmdline
|
Malicious
|
|
---|---|---|---|
/usr/bin/exo-open
|
exo-open http://selfservicegeneraligroup.com
|
||
/usr/bin/exo-open
|
-
|
||
/usr/bin/exo-open
|
-
|
||
/usr/lib/x86_64-linux-gnu/xfce4/exo-1/exo-helper-1
|
/usr/lib/x86_64-linux-gnu/xfce4/exo-1/exo-helper-1 --launch WebBrowser http://selfservicegeneraligroup.com
|
||
/usr/lib/x86_64-linux-gnu/xfce4/exo-1/exo-helper-1
|
-
|
||
/usr/bin/sensible-browser
|
/bin/sh /usr/bin/sensible-browser http://selfservicegeneraligroup.com
|
||
/usr/bin/x-www-browser
|
/bin/sh /usr/bin/x-www-browser http://selfservicegeneraligroup.com
|
||
/usr/bin/x-www-browser
|
-
|
||
/usr/bin/which
|
/bin/sh /usr/bin/which /usr/bin/x-www-browser
|
||
/usr/lib/firefox/firefox
|
/usr/lib/firefox/firefox http://selfservicegeneraligroup.com
|
||
/usr/lib/firefox/firefox
|
-
|
||
/usr/lib/firefox/firefox
|
-
|
||
/usr/lib/firefox/firefox
|
-
|
||
/usr/bin/lsb_release
|
/usr/bin/python3 -Es /usr/bin/lsb_release -idrc
|
||
/usr/lib/firefox/firefox
|
-
|
||
/usr/bin/dbus-launch
|
dbus-launch --autolaunch=11ced2f07072c6ae389b731c5cc84014 --binary-syntax --close-stderr
|
||
/usr/lib/firefox/firefox
|
-
|
||
/usr/lib/firefox/firefox
|
-
|
||
/usr/lib/firefox/firefox
|
/usr/lib/firefox/firefox -contentproc -childID 1 -isForBrowser -prefsLen 1 -prefMapSize 172334 -parentBuildID 20190410113011
-greomni /usr/lib/firefox/omni.ja -appomni /usr/lib/firefox/browser/omni.ja -appdir /usr/lib/firefox/browser 4800 true tab
|
||
/usr/lib/firefox/firefox
|
-
|
||
/usr/lib/firefox/firefox
|
-
|
||
/usr/lib/firefox/firefox
|
/usr/lib/firefox/firefox -contentproc -childID 2 -isForBrowser -prefsLen 6115 -prefMapSize 172334 -parentBuildID 20190410113011
-greomni /usr/lib/firefox/omni.ja -appomni /usr/lib/firefox/browser/omni.ja -appdir /usr/lib/firefox/browser 4800 true tab
|
||
/usr/lib/firefox/firefox
|
-
|
||
/usr/lib/firefox/firefox
|
-
|
||
/usr/lib/firefox/firefox
|
/usr/lib/firefox/firefox -contentproc -childID 3 -isForBrowser -prefsLen 6934 -prefMapSize 172334 -parentBuildID 20190410113011
-greomni /usr/lib/firefox/omni.ja -appomni /usr/lib/firefox/browser/omni.ja -appdir /usr/lib/firefox/browser 4800 true tab
|
There are 15 hidden processes, click here to show them.
URLs
Name
|
IP
|
Malicious
|
|
---|---|---|---|
http://selfservicegeneraligroup.com
|
|||
http://www.google.com/adsense/domains/caf.js?abp=1
|
142.250.217.164
|
||
http://www.debian.org/gro.naibed.www.
|
unknown
|
||
http://www.ubuntu.com
|
unknown
|
||
https://csp.withgoogle.com/csp/report-to/gws/other
|
unknown
|
||
https://www.google.com/sorry/index?continue=https://www.adsensecustomsearchads.com/afs/ads%3Fadtest%
|
unknown
|
||
https://csp.withgoogle.com/csp/ads-afs-ui
|
unknown
|
||
http://d38psrni17bvxu.cloudfront.net/themes/cleanPeppermintBlack_657d9013/img/arrows.png
|
18.160.64.187
|
||
http://www.ubuntu.com/moc.utnubu.www.
|
unknown
|
||
http://selfservicegeneraligroup.com
|
unknown
|
||
https://support.mozilla.org/en-US/kb/customize-firefox-controls-buttons-and-toolbars?utm_source=fire
|
unknown
|
||
https://csp.withgoogle.com/csp/report-to/ads-afs-ui
|
unknown
|
||
https://github.com/
|
unknown
|
||
https://www.google.com/recaptcha/api.js
|
142.250.217.164
|
||
http://selfservicegeneraligroup.com/track.php?domain=selfservicegeneraligroup.com&toggle=browserjs&u
|
unknown
|
||
http://selfservicegeneraligroup.comd
|
unknown
|
||
https://www.google.com/recaptcha/api2/
|
unknown
|
||
http://d38psrni17bvxu.cloudfront.net/themes/cleanPeppermintBlack_657d9013/img/arrows.png1
|
unknown
|
||
http://www.google.com/adsense/domains/caf.js?abp=1necko:classified1strongly-framed1request-methodGET
|
unknown
|
||
https://www.google.com/recaptcha/api2/bframe?hl=en&v=rz4DvU-cY2JYCwHSTck0_qm-&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b
|
142.250.217.164
|
||
http://selfservicegeneraligroup.com/selfservicegeneraligroup.commoc.puorgilarenegecivresfles.d
|
unknown
|
||
http://www.debian.org
|
unknown
|
||
http://selfservicegeneraligroup.com/favicon.icostrongly-framed1request-methodGETresponse-headHTTP/1.
|
unknown
|
||
http://selfservicegeneraligroup.com/ls.php?t=661f6d84&token=10021f01e7cae7e812aa3877ca8fac12fac0f1d8
|
104.247.82.170
|
||
https://support.mozilla.org/en-US/products/firefoxgro.allizom.troppus.
|
unknown
|
||
https://www.adsensecustomsearchads.com/predictor::seen1
|
unknown
|
||
http://d38psrni17bvxu.cloudfront.net/
|
unknown
|
||
https://www.adsensecustomsearchads.com
|
unknown
|
||
http://wiki.ubuntu.com/moc.utnubu.ikiw.
|
unknown
|
||
https://pki.goog/repository/0
|
unknown
|
||
https://answers.launchpad.net/ubuntu/
|
unknown
|
||
http://selfservicegeneraligroup.com/favicon.ico
|
104.247.82.170
|
||
http://selfservicegeneraligroup.com/necko:classified1strongly-framed1request-methodGETrequest-Accept
|
unknown
|
||
https://csp.withgoogle.com/csp/gws/other
|
unknown
|
||
https://www.adsensecustomsearchads.com/afs/ads?adtest=off&psid=1167268112&pcsa=false&channel=000002%
|
unknown
|
||
http://www.google.com/adsense/domains/caf.js?abp=11
|
unknown
|
||
https://www.google.com/js/bg/KTA1qoE7ZDz05UuzGBms7CVmuC34sZ4nnXwNjg065Po.js
|
142.250.217.164
|
||
https://answers.launchpad.net
|
unknown
|
||
http://selfservicegeneraligroup.com/track.php?domain=selfservicegeneraligroup.com&toggle=browserjs&uid=MTcxMzMzNTY4NC42Mzg2OjVmMjExNDhkOTQ3ODAyM2UyODBlYzE0YWFmNmIyNDhlOTQ5YWEzMTNiYmM4MzYzM2IxMjg1OThkYzlmNTBmOTg6NjYxZjZkODQ5YmU5Yg%3D%3D
|
104.247.82.170
|
||
http://d38psrni17bvxu.cloudfront.net/themes/cleanPeppermintBlack_657d9013/img/arrows.pngnecko:classi
|
unknown
|
||
http://www.google.com/1
|
unknown
|
||
https://www.adsensecustomsearchads.com/
|
unknown
|
||
http://selfservicegeneraligroup.com/
|
104.247.82.170
|
||
http://wiki.ubuntu.com
|
unknown
|
||
http://selfservicegeneraligroup.com/moc.puorgilarenegecivresfles.d
|
unknown
|
||
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b&co=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbTo0NDM.&hl=en&v=rz4DvU-cY2JYCwHSTck0_qm-&size=normal&s=jkYMcceTXa5O0Ql5TftRgDmCgYkPz5gGnrn2IIvbdOT5roe8FKflJH_PAW-QVZa5Jwb9eM13c_0L5Xi4NoFS5624IVNSJIkoPhiOXF6CApz132Cvk-SDE7By3vUrqTv1kZs2ozuzya1IxyTNJn5SQzaL5kDm2Pev9GvHZppY7Sm0XFSYrqIwuN1tSab_ilre7pcGth-Hes5VC3LxDbe7XIbvTKm1-36FKWTciH9JkpVGWXvckVfM5KxkkqBi4PrNUa4aVXYgvR7o70yzur7iGGautLlBMog&cb=yc2zn4iualcv
|
142.250.217.164
|
||
http://selfservicegeneraligroup.com/predictor::seen1predictor::resource-count3predictor::http://d38p
|
unknown
|
||
https://support.mozilla.org
|
unknown
|
||
http://crl.pki.goog/gsr2/gsr2.crl0?
|
unknown
|
||
https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=rz4DvU-cY2JYCwHSTck0_qm-
|
142.250.217.164
|
||
http://www.google.com/
|
unknown
|
There are 40 hidden URLs, click here to show them.
Domains
Name
|
IP
|
Malicious
|
|
---|---|---|---|
prod.balrog.prod.cloudops.mozgcp.net
|
35.244.181.201
|
||
www3.l.google.com
|
142.250.217.174
|
||
selfservicegeneraligroup.com
|
104.247.82.170
|
||
www.google.com
|
142.250.217.164
|
||
d228z91au11ukj.cloudfront.net
|
3.163.115.26
|
||
d38psrni17bvxu.cloudfront.net
|
18.160.64.187
|
||
push.services.mozilla.com
|
unknown
|
||
www.adsensecustomsearchads.com
|
unknown
|
IPs
IP
|
Domain
|
Country
|
Malicious
|
|
---|---|---|---|---|
35.244.181.201
|
prod.balrog.prod.cloudops.mozgcp.net
|
United States
|
||
142.250.217.164
|
www.google.com
|
United States
|
||
142.250.217.174
|
www3.l.google.com
|
United States
|
||
3.163.115.26
|
d228z91au11ukj.cloudfront.net
|
United States
|
||
104.247.82.170
|
selfservicegeneraligroup.com
|
Canada
|
||
18.160.64.187
|
d38psrni17bvxu.cloudfront.net
|
United States
|