Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
/tmp/eGjHpgUwlt.elf
|
/tmp/eGjHpgUwlt.elf
|
||
|
/usr/bin/dash
|
-
|
||
|
/usr/bin/rm
|
rm -f /tmp/tmp.P5kaU2NLuV /tmp/tmp.9vsx89EluS /tmp/tmp.7kQWejhKmo
|
||
|
/usr/bin/dash
|
-
|
||
|
/usr/bin/rm
|
rm -f /tmp/tmp.P5kaU2NLuV /tmp/tmp.9vsx89EluS /tmp/tmp.7kQWejhKmo
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
daisy.ubuntu.com
|
162.213.35.25
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
185.125.190.26
|
unknown
|
United Kingdom
|
||
|
34.254.182.186
|
unknown
|
United States
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
7fde78031000
|
page execute read
|
 |
||
|
5610cd332000
|
page execute read
|
|||
|
7ffe5e39d000
|
page execute read
|
|||
|
5610cd569000
|
page read and write
|
|||
|
5610cf567000
|
page execute and read and write
|
|||
|
7fdf8097c000
|
page read and write
|
|||
|
7fdf805ba000
|
page read and write
|
|||
|
7fdf80e15000
|
page read and write
|
|||
|
7fdf8032b000
|
page read and write
|
|||
|
7fdf80cec000
|
page read and write
|
|||
|
7fdf8031d000
|
page read and write
|
|||
|
7fde78036000
|
page read and write
|
|||
|
7fdf809a1000
|
page read and write
|
|||
|
7ffe5e361000
|
page read and write
|
|||
|
5610cfc92000
|
page read and write
|
|||
|
7fdf78000000
|
page read and write
|
|||
|
7fdf78021000
|
page read and write
|
|||
|
5610cd560000
|
page read and write
|
|||
|
7fdf80e62000
|
page read and write
|
|||
|
5610cf57e000
|
page read and write
|
|||
|
7fdf80e1d000
|
page read and write
|
|||
|
7fde7803b000
|
page read and write
|
|||
|
7fdf7fb1a000
|
page read and write
|
There are 13 hidden memdumps, click here to show them.