Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
/tmp/24T2gvFvpZ.elf
|
/tmp/24T2gvFvpZ.elf
|
||
|
/tmp/24T2gvFvpZ.elf
|
-
|
||
|
/tmp/24T2gvFvpZ.elf
|
-
|
||
|
/tmp/24T2gvFvpZ.elf
|
-
|
||
|
/tmp/24T2gvFvpZ.elf
|
-
|
||
|
/usr/bin/xfce4-panel
|
-
|
||
|
/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0
|
/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 /usr/lib/x86_64-linux-gnu/xfce4/panel/plugins/libsystray.so 6 12582920 systray
"Notification Area" "Area where notification icons appear"
|
||
|
/usr/bin/xfce4-panel
|
-
|
||
|
/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0
|
/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 /usr/lib/x86_64-linux-gnu/xfce4/panel/plugins/libstatusnotifier.so 7 12582921
statusnotifier "Status Notifier Plugin" "Provides a panel area for status notifier items (application indicators)"
|
||
|
/usr/bin/xfce4-panel
|
-
|
||
|
/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0
|
/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 /usr/lib/x86_64-linux-gnu/xfce4/panel/plugins/libpulseaudio-plugin.so 8
12582922 pulseaudio "PulseAudio Plugin" "Adjust the audio volume of the PulseAudio sound system"
|
||
|
/usr/bin/xfce4-panel
|
-
|
||
|
/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0
|
/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 /usr/lib/x86_64-linux-gnu/xfce4/panel/plugins/libxfce4powermanager.so 9
12582923 power-manager-plugin "Power Manager Plugin" "Display the battery levels of your devices and control the brightness
of your display"
|
||
|
/usr/bin/xfce4-panel
|
-
|
||
|
/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0
|
/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 /usr/lib/x86_64-linux-gnu/xfce4/panel/plugins/libnotification-plugin.so
10 12582924 notification-plugin "Notification Plugin" "Notification plugin for the Xfce panel"
|
||
|
/usr/bin/xfce4-panel
|
-
|
||
|
/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0
|
/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 /usr/lib/x86_64-linux-gnu/xfce4/panel/plugins/libactions.so 14 12582925
actions "Action Buttons" "Log out, lock or other system actions"
|
||
|
/usr/bin/dash
|
-
|
||
|
/usr/bin/rm
|
rm -f /tmp/tmp.gJ8QGQs8Zn /tmp/tmp.knL4BMMTrv /tmp/tmp.3auCLexcZr
|
||
|
/usr/bin/dash
|
-
|
||
|
/usr/bin/rm
|
rm -f /tmp/tmp.gJ8QGQs8Zn /tmp/tmp.knL4BMMTrv /tmp/tmp.3auCLexcZr
|
There are 11 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://79.110.62.86/srep.mips;
|
unknown
|
||
|
http://upx.sf.net
|
unknown
|
||
|
http://schemas.xmlsoap.org/soap/encoding/
|
unknown
|
||
|
http://schemas.xmlsoap.org/soap/envelope/
|
unknown
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
rebirth-network.su. f[66PV,PV!E(>25bpt7 f^OOPV!PV,
|
unknown
|
 |
|
|
rebirth-network.su. f4<<PV!PV,E(<p@>Cz_>CzP f5<<PV!.V,E(@=.~_=.~P3 f5<<PV!PV,.E(B&
|
unknown
|
|
|
|
rebirth-network.su. f66PV,PV!EH(+@q\_P\? fX<<PV!PV,
|
unknown
|
|
|
|
rebirth-network.su. f66PV,PV!E(>25[0xt7 fOOPV!PV,
|
unknown
|
|
|
|
rebirth-network.su. fXi66PV,PV!E(>w35Gt7 f"jOOPV!PV,
|
unknown
|
|
|
|
secure-cyber-security-rebirthltd.su. f66PV,PV!EH(8_9PW f066PV,PV
|
unknown
|
|
|
|
secure-core-rebirthltd.su. f66PV,PV.E(u3:85|Wv
|
unknown
|
|
|
|
secure-cyber-security-rebirthltd.su. fa<<PV!PV,E(\@2_2P!, f<<PV
|
unknown
|
|
|
|
secure-core-rebirthltd.su. fnnPV,PV.E`GQJaE
|
unknown
|
|
|
|
secure-core-rebirthltd.su. fFFPV,PV.EH8n0M&lEP
|
unknown
|
|
|
|
secure-cyber-security-rebirthltd.su. f~<<PV!PV,E(@i_iPLG f~<<PV
|
unknown
|
|
|
|
secure-cyber-security-rebirthltd.su. f66PV,PV!EH(wwqLe_LfPk f66PV,PV
|
unknown
|
|
|
|
sex.secure-cyber-security-rebirthltd.su
|
unknown
|
|
|
|
secure-core-rebirthltd.su. f]RRPV,PV.ED4W#E
|
unknown
|
|
|
|
secure-core-rebirthltd.su. f.66PV,PV.E(:5:v
|
unknown
|
|
|
|
secure-cyber-security-rebirthltd.su. fRRPV,PV!ED)J{E(3_P)
|
unknown
|
|
There are 6 hidden domains, click here to show them.
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
156.13.131.4
|
unknown
|
New Zealand
|
||
|
197.242.182.188
|
unknown
|
Central African Republic
|
||
|
197.163.51.164
|
unknown
|
Egypt
|
||
|
197.123.124.75
|
unknown
|
Egypt
|
||
|
156.139.9.233
|
unknown
|
United States
|
||
|
197.6.201.4
|
unknown
|
Tunisia
|
||
|
197.60.132.56
|
unknown
|
Egypt
|
||
|
197.43.98.167
|
unknown
|
Egypt
|
||
|
197.116.172.25
|
unknown
|
Algeria
|
||
|
156.109.179.166
|
unknown
|
United States
|
||
|
156.253.43.36
|
unknown
|
Seychelles
|
||
|
197.213.165.236
|
unknown
|
Zambia
|
||
|
197.144.80.2
|
unknown
|
Morocco
|
||
|
197.51.240.197
|
unknown
|
Egypt
|
||
|
197.234.120.151
|
unknown
|
Namibia
|
||
|
156.7.97.22
|
unknown
|
United States
|
||
|
156.161.178.192
|
unknown
|
Egypt
|
||
|
156.118.224.106
|
unknown
|
France
|
||
|
156.83.202.29
|
unknown
|
Netherlands
|
||
|
197.7.253.174
|
unknown
|
Tunisia
|
||
|
156.51.42.221
|
unknown
|
Sweden
|
||
|
156.102.25.34
|
unknown
|
United States
|
||
|
197.235.45.36
|
unknown
|
Mozambique
|
||
|
197.72.65.140
|
unknown
|
South Africa
|
||
|
197.123.125.193
|
unknown
|
Egypt
|
||
|
156.56.161.19
|
unknown
|
United States
|
||
|
197.223.37.64
|
unknown
|
Egypt
|
||
|
197.199.218.196
|
unknown
|
Egypt
|
||
|
197.208.36.232
|
unknown
|
Sudan
|
||
|
197.143.201.49
|
unknown
|
Algeria
|
||
|
197.171.128.114
|
unknown
|
South Africa
|
||
|
197.136.200.31
|
unknown
|
Kenya
|
||
|
156.107.2.200
|
unknown
|
United States
|
||
|
197.238.77.135
|
unknown
|
unknown
|
||
|
156.228.87.45
|
unknown
|
Seychelles
|
||
|
156.185.114.228
|
unknown
|
Egypt
|
||
|
156.251.3.9
|
unknown
|
Seychelles
|
||
|
156.128.181.5
|
unknown
|
United States
|
||
|
156.80.68.36
|
unknown
|
United States
|
||
|
156.158.37.84
|
unknown
|
Tanzania United Republic of
|
||
|
156.184.224.191
|
unknown
|
Egypt
|
||
|
156.100.80.121
|
unknown
|
United States
|
||
|
156.230.199.7
|
unknown
|
Seychelles
|
||
|
197.23.213.128
|
unknown
|
Tunisia
|
||
|
197.128.22.136
|
unknown
|
Morocco
|
||
|
156.104.222.60
|
unknown
|
United States
|
||
|
197.128.69.106
|
unknown
|
Morocco
|
||
|
197.67.121.146
|
unknown
|
South Africa
|
||
|
156.217.133.207
|
unknown
|
Egypt
|
||
|
156.41.209.234
|
unknown
|
United States
|
||
|
197.72.65.169
|
unknown
|
South Africa
|
||
|
197.89.159.85
|
unknown
|
South Africa
|
||
|
197.34.133.198
|
unknown
|
Egypt
|
||
|
197.247.118.49
|
unknown
|
Morocco
|
||
|
197.84.227.225
|
unknown
|
South Africa
|
||
|
197.197.91.135
|
unknown
|
Egypt
|
||
|
197.50.174.107
|
unknown
|
Egypt
|
||
|
156.213.103.20
|
unknown
|
Egypt
|
||
|
197.189.184.189
|
unknown
|
Lesotho
|
||
|
156.249.231.100
|
unknown
|
Seychelles
|
||
|
156.216.18.99
|
unknown
|
Egypt
|
||
|
156.226.9.182
|
unknown
|
Seychelles
|
||
|
197.206.199.18
|
unknown
|
Algeria
|
||
|
156.182.133.53
|
unknown
|
Egypt
|
||
|
197.33.61.218
|
unknown
|
Egypt
|
||
|
156.216.43.69
|
unknown
|
Egypt
|
||
|
197.69.172.138
|
unknown
|
South Africa
|
||
|
156.41.1.204
|
unknown
|
United States
|
||
|
156.82.124.235
|
unknown
|
United States
|
||
|
197.183.197.247
|
unknown
|
Kenya
|
||
|
197.219.61.4
|
unknown
|
Mozambique
|
||
|
197.121.15.12
|
unknown
|
Egypt
|
||
|
197.89.224.223
|
unknown
|
South Africa
|
||
|
197.45.32.17
|
unknown
|
Egypt
|
||
|
156.134.83.22
|
unknown
|
United States
|
||
|
197.2.121.100
|
unknown
|
Tunisia
|
||
|
197.49.200.231
|
unknown
|
Egypt
|
||
|
156.190.95.252
|
unknown
|
Egypt
|
||
|
156.178.7.69
|
unknown
|
Egypt
|
||
|
156.182.121.235
|
unknown
|
Egypt
|
||
|
197.87.110.32
|
unknown
|
South Africa
|
||
|
156.222.129.29
|
unknown
|
Egypt
|
||
|
197.82.224.141
|
unknown
|
South Africa
|
||
|
197.132.175.82
|
unknown
|
Egypt
|
||
|
197.180.156.73
|
unknown
|
Kenya
|
||
|
156.22.182.41
|
unknown
|
Australia
|
||
|
156.248.153.236
|
unknown
|
Seychelles
|
||
|
156.127.126.91
|
unknown
|
United States
|
||
|
156.206.5.18
|
unknown
|
Egypt
|
||
|
197.197.91.112
|
unknown
|
Egypt
|
||
|
156.39.253.252
|
unknown
|
United States
|
||
|
156.56.173.49
|
unknown
|
United States
|
||
|
197.165.32.24
|
unknown
|
Egypt
|
||
|
156.8.64.225
|
unknown
|
South Africa
|
||
|
197.46.166.40
|
unknown
|
Egypt
|
||
|
156.193.80.110
|
unknown
|
Egypt
|
||
|
197.4.236.17
|
unknown
|
Tunisia
|
||
|
156.234.199.226
|
unknown
|
Seychelles
|
||
|
156.193.80.107
|
unknown
|
Egypt
|
||
|
197.78.70.111
|
unknown
|
South Africa
|
There are 90 hidden IPs, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
420000
|
page execute read
|
|
||
|
420000
|
page execute read
|
|
||
|
7ffc0efe8000
|
page execute read
|
|||
|
7ffc0ef38000
|
page read and write
|
|||
|
539000
|
page read and write
|
|||
|
101000
|
page execute read
|
|||
|
539000
|
page read and write
|
|||
|
7ffc0efe8000
|
page execute read
|
|||
|
7f6aa71bd000
|
page read and write
|
|||
|
169f000
|
page read and write
|
|||
|
101000
|
page execute read
|
|||
|
1693000
|
page read and write
|
|||
|
300000
|
page execute and read and write
|
|||
|
1693000
|
page read and write
|
|||
|
300000
|
page execute and read and write
|
|||
|
7ffc0ef38000
|
page read and write
|
There are 6 hidden memdumps, click here to show them.