Processes
Path
|
Cmdline
|
Malicious
|
|
---|---|---|---|
/tmp/eGjHpgUwlt.elf
|
/tmp/eGjHpgUwlt.elf
|
||
/usr/bin/dash
|
-
|
||
/usr/bin/rm
|
rm -f /tmp/tmp.P5kaU2NLuV /tmp/tmp.9vsx89EluS /tmp/tmp.7kQWejhKmo
|
||
/usr/bin/dash
|
-
|
||
/usr/bin/rm
|
rm -f /tmp/tmp.P5kaU2NLuV /tmp/tmp.9vsx89EluS /tmp/tmp.7kQWejhKmo
|
Domains
Name
|
IP
|
Malicious
|
|
---|---|---|---|
daisy.ubuntu.com
|
162.213.35.25
|
IPs
IP
|
Domain
|
Country
|
Malicious
|
|
---|---|---|---|---|
185.125.190.26
|
unknown
|
United Kingdom
|
||
34.254.182.186
|
unknown
|
United States
|
Memdumps
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
---|---|---|---|---|
7fde78031000
|
page execute read
|
|||
5610cd332000
|
page execute read
|
|||
7ffe5e39d000
|
page execute read
|
|||
5610cd569000
|
page read and write
|
|||
5610cf567000
|
page execute and read and write
|
|||
7fdf8097c000
|
page read and write
|
|||
7fdf805ba000
|
page read and write
|
|||
7fdf80e15000
|
page read and write
|
|||
7fdf8032b000
|
page read and write
|
|||
7fdf80cec000
|
page read and write
|
|||
7fdf8031d000
|
page read and write
|
|||
7fde78036000
|
page read and write
|
|||
7fdf809a1000
|
page read and write
|
|||
7ffe5e361000
|
page read and write
|
|||
5610cfc92000
|
page read and write
|
|||
7fdf78000000
|
page read and write
|
|||
7fdf78021000
|
page read and write
|
|||
5610cd560000
|
page read and write
|
|||
7fdf80e62000
|
page read and write
|
|||
5610cf57e000
|
page read and write
|
|||
7fdf80e1d000
|
page read and write
|
|||
7fde7803b000
|
page read and write
|
|||
7fdf7fb1a000
|
page read and write
|
There are 13 hidden memdumps, click here to show them.