Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
/tmp/FgVMRcCJXn.elf
|
/tmp/FgVMRcCJXn.elf
|
||
|
/tmp/FgVMRcCJXn.elf
|
-
|
||
|
/tmp/FgVMRcCJXn.elf
|
-
|
||
|
/tmp/FgVMRcCJXn.elf
|
-
|
||
|
/tmp/FgVMRcCJXn.elf
|
-
|
||
|
/usr/bin/xfce4-panel
|
-
|
||
|
/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0
|
/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 /usr/lib/x86_64-linux-gnu/xfce4/panel/plugins/libsystray.so 6 12582920 systray
"Notification Area" "Area where notification icons appear"
|
||
|
/usr/bin/xfce4-panel
|
-
|
||
|
/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0
|
/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 /usr/lib/x86_64-linux-gnu/xfce4/panel/plugins/libstatusnotifier.so 7 12582921
statusnotifier "Status Notifier Plugin" "Provides a panel area for status notifier items (application indicators)"
|
||
|
/usr/bin/xfce4-panel
|
-
|
||
|
/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0
|
/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 /usr/lib/x86_64-linux-gnu/xfce4/panel/plugins/libpulseaudio-plugin.so 8
12582922 pulseaudio "PulseAudio Plugin" "Adjust the audio volume of the PulseAudio sound system"
|
||
|
/usr/bin/xfce4-panel
|
-
|
||
|
/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0
|
/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 /usr/lib/x86_64-linux-gnu/xfce4/panel/plugins/libxfce4powermanager.so 9
12582923 power-manager-plugin "Power Manager Plugin" "Display the battery levels of your devices and control the brightness
of your display"
|
||
|
/usr/bin/xfce4-panel
|
-
|
||
|
/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0
|
/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 /usr/lib/x86_64-linux-gnu/xfce4/panel/plugins/libnotification-plugin.so
10 12582924 notification-plugin "Notification Plugin" "Notification plugin for the Xfce panel"
|
||
|
/usr/bin/xfce4-panel
|
-
|
||
|
/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0
|
/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 /usr/lib/x86_64-linux-gnu/xfce4/panel/plugins/libactions.so 14 12582925
actions "Action Buttons" "Log out, lock or other system actions"
|
||
|
/usr/bin/dash
|
-
|
||
|
/usr/bin/rm
|
rm -f /tmp/tmp.AgkoQdQsxY /tmp/tmp.9O3Asy799c /tmp/tmp.kLgPHeHjJV
|
||
|
/usr/bin/dash
|
-
|
||
|
/usr/bin/rm
|
rm -f /tmp/tmp.AgkoQdQsxY /tmp/tmp.9O3Asy799c /tmp/tmp.kLgPHeHjJV
|
There are 11 hidden processes, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
monkeyfuck.gopher
|
152.42.220.29
|
 |
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
152.42.220.29
|
monkeyfuck.gopher
|
United States
|
|
|
|
170.247.21.162
|
unknown
|
Brazil
|
||
|
34.249.145.219
|
unknown
|
United States
|
||
|
45.239.240.127
|
unknown
|
Brazil
|
||
|
138.99.32.91
|
unknown
|
Brazil
|
||
|
143.137.12.231
|
unknown
|
Brazil
|
||
|
109.202.202.202
|
unknown
|
Switzerland
|
||
|
91.189.91.43
|
unknown
|
United Kingdom
|
||
|
91.189.91.42
|
unknown
|
United Kingdom
|
||
|
45.224.4.83
|
unknown
|
Brazil
|
||
|
177.221.123.223
|
unknown
|
Brazil
|
There are 1 hidden IPs, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
7f9f68a11000
|
page read and write
|
|||
|
7f9f67baa000
|
page read and write
|
|||
|
7f9f68a11000
|
page read and write
|
|||
|
55fa33f07000
|
page read and write
|
|||
|
7f9f6908c000
|
page read and write
|
|||
|
7f9f690f5000
|
page read and write
|
|||
|
55fa31c98000
|
page execute read
|
|||
|
55fa33f07000
|
page read and write
|
|||
|
7f9e6002a000
|
page execute read
|
|||
|
7f9f68ba0000
|
page read and write
|
|||
|
7f9f5ffff000
|
page read and write
|
|||
|
55fa31ee9000
|
page read and write
|
|||
|
7f9f687a6000
|
page read and write
|
|||
|
7f9f690b0000
|
page read and write
|
|||
|
7f9f68444000
|
page read and write
|
|||
|
7f9f6908c000
|
page read and write
|
|||
|
55fa35a4f000
|
page read and write
|
|||
|
7ffef08ac000
|
page read and write
|
|||
|
7f9e60032000
|
page read and write
|
|||
|
7f9e6002a000
|
page execute read
|
|||
|
7f9f690f5000
|
page read and write
|
|||
|
7f9e6009b000
|
page read and write
|
|||
|
7f9f683b2000
|
page read and write
|
|||
|
7f9f60021000
|
page read and write
|
|||
|
7f9f5ffff000
|
page read and write
|
|||
|
7f9f690b0000
|
page read and write
|
|||
|
7f9f68f63000
|
page read and write
|
|||
|
7ffef090b000
|
page execute read
|
|||
|
7f9f68444000
|
page read and write
|
|||
|
7f9f60021000
|
page read and write
|
|||
|
7ffef090b000
|
page execute read
|
|||
|
55fa35a4f000
|
page read and write
|
|||
|
7f9f687a6000
|
page read and write
|
|||
|
55fa33ef0000
|
page execute and read and write
|
|||
|
7f9e60032000
|
page read and write
|
|||
|
7f9f68ba0000
|
page read and write
|
|||
|
7f9f68a34000
|
page read and write
|
|||
|
7ffef08ac000
|
page read and write
|
|||
|
55fa33ef0000
|
page execute and read and write
|
|||
|
7f9f68ba0000
|
page read and write
|
|||
|
7f9f68444000
|
page read and write
|
|||
|
7f9f68a11000
|
page read and write
|
|||
|
55fa33f07000
|
page read and write
|
|||
|
7f9f683b2000
|
page read and write
|
|||
|
7f9e6003c000
|
page read and write
|
|||
|
55fa33ef0000
|
page execute and read and write
|
|||
|
7f9f6908c000
|
page read and write
|
|||
|
55fa31ef2000
|
page read and write
|
|||
|
7f9f690f5000
|
page read and write
|
|||
|
7f9f68f63000
|
page read and write
|
|||
|
55fa31ee9000
|
page read and write
|
|||
|
7f9f67baa000
|
page read and write
|
|||
|
55fa31ef2000
|
page read and write
|
|||
|
7f9f5ffff000
|
page read and write
|
|||
|
7f9f67baa000
|
page read and write
|
|||
|
7f9f68d82000
|
page read and write
|
|||
|
55fa31ef2000
|
page read and write
|
|||
|
55fa31ee9000
|
page read and write
|
|||
|
7f9e6002a000
|
page execute read
|
|||
|
7f9e6003c000
|
page read and write
|
|||
|
55fa35a70000
|
page read and write
|
|||
|
7ffef090b000
|
page execute read
|
|||
|
7f9f68a34000
|
page read and write
|
|||
|
7f9f68d82000
|
page read and write
|
|||
|
7f9e60032000
|
page read and write
|
|||
|
55fa31c98000
|
page execute read
|
|||
|
7f9e6003c000
|
page read and write
|
|||
|
7f9f68a34000
|
page read and write
|
|||
|
55fa31c98000
|
page execute read
|
|||
|
7f9f687a6000
|
page read and write
|
|||
|
7f9f68f63000
|
page read and write
|
|||
|
7f9f68d82000
|
page read and write
|
|||
|
7f9f683b2000
|
page read and write
|
|||
|
7f9f690b0000
|
page read and write
|
|||
|
7ffef08ac000
|
page read and write
|
|||
|
7f9f60021000
|
page read and write
|
There are 66 hidden memdumps, click here to show them.