Processes
Path
|
Cmdline
|
Malicious
|
|
---|---|---|---|
/tmp/SecuriteInfo.com.Linux.Siggen.7251.3492.11320.elf
|
/tmp/SecuriteInfo.com.Linux.Siggen.7251.3492.11320.elf
|
||
/tmp/SecuriteInfo.com.Linux.Siggen.7251.3492.11320.elf
|
-
|
||
/tmp/SecuriteInfo.com.Linux.Siggen.7251.3492.11320.elf
|
-
|
||
/tmp/SecuriteInfo.com.Linux.Siggen.7251.3492.11320.elf
|
-
|
||
/tmp/SecuriteInfo.com.Linux.Siggen.7251.3492.11320.elf
|
-
|
||
/tmp/SecuriteInfo.com.Linux.Siggen.7251.3492.11320.elf
|
-
|
||
/usr/lib/systemd/systemd
|
-
|
||
/usr/bin/journalctl
|
/usr/bin/journalctl --smart-relinquish-var
|
||
/usr/lib/systemd/systemd
|
-
|
||
/usr/bin/dbus-daemon
|
/usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only
|
||
/usr/lib/systemd/systemd
|
-
|
||
/usr/sbin/rsyslogd
|
/usr/sbin/rsyslogd -n -iNONE
|
||
/usr/lib/systemd/systemd
|
-
|
||
/usr/bin/pulseaudio
|
/usr/bin/pulseaudio --daemonize=no --log-target=journal
|
||
/usr/libexec/gvfsd-fuse
|
-
|
||
/bin/fusermount
|
fusermount -u -q -z -- /run/user/1000/gvfs
|
||
/usr/lib/systemd/systemd
|
-
|
||
/lib/systemd/systemd-journald
|
/lib/systemd/systemd-journald
|
||
/usr/lib/systemd/systemd
|
-
|
||
/usr/bin/dbus-daemon
|
/usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only
|
||
/usr/lib/systemd/systemd
|
-
|
||
/lib/systemd/systemd-journald
|
/lib/systemd/systemd-journald
|
||
/usr/lib/systemd/systemd
|
-
|
||
/usr/sbin/rsyslogd
|
/usr/sbin/rsyslogd -n -iNONE
|
||
/usr/lib/systemd/systemd
|
-
|
||
/usr/bin/dbus-daemon
|
/usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only
|
||
/usr/lib/systemd/systemd
|
-
|
||
/lib/systemd/systemd-journald
|
/lib/systemd/systemd-journald
|
||
/usr/lib/systemd/systemd
|
-
|
||
/usr/bin/dbus-daemon
|
/usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only
|
||
/usr/lib/systemd/systemd
|
-
|
||
/lib/systemd/systemd-journald
|
/lib/systemd/systemd-journald
|
||
/usr/lib/systemd/systemd
|
-
|
||
/usr/sbin/rsyslogd
|
/usr/sbin/rsyslogd -n -iNONE
|
||
/usr/lib/systemd/systemd
|
-
|
||
/usr/bin/dbus-daemon
|
/usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only
|
||
/usr/lib/systemd/systemd
|
-
|
||
/lib/systemd/systemd-journald
|
/lib/systemd/systemd-journald
|
||
/usr/sbin/gdm3
|
-
|
||
/etc/gdm3/PrimeOff/Default
|
/etc/gdm3/PrimeOff/Default
|
||
/usr/sbin/gdm3
|
-
|
||
/etc/gdm3/PrimeOff/Default
|
/etc/gdm3/PrimeOff/Default
|
||
/usr/sbin/gdm3
|
-
|
||
/etc/gdm3/PrimeOff/Default
|
/etc/gdm3/PrimeOff/Default
|
||
/usr/lib/systemd/systemd
|
-
|
||
/usr/sbin/rsyslogd
|
/usr/sbin/rsyslogd -n -iNONE
|
||
/usr/lib/systemd/systemd
|
-
|
||
/usr/sbin/rsyslogd
|
/usr/sbin/rsyslogd -n -iNONE
|
||
/usr/lib/systemd/systemd
|
-
|
||
/usr/bin/gpu-manager
|
/usr/bin/gpu-manager --log /var/log/gpu-manager.log
|
||
/usr/lib/systemd/systemd
|
-
|
||
/usr/share/gdm/generate-config
|
/usr/share/gdm/generate-config
|
||
/usr/share/gdm/generate-config
|
-
|
||
/usr/bin/pkill
|
pkill --signal HUP --uid gdm dconf-service
|
||
/usr/lib/systemd/systemd
|
-
|
||
/usr/bin/gpu-manager
|
/usr/bin/gpu-manager --log /var/log/gpu-manager.log
|
||
/usr/bin/gpu-manager
|
-
|
||
/bin/sh
|
sh -c "grep -G \"^blacklist.*nvidia[[:space:]]*$\" /etc/modprobe.d/*.conf"
|
||
/bin/sh
|
-
|
||
/usr/lib/systemd/systemd
|
-
|
||
/usr/share/gdm/generate-config
|
/usr/share/gdm/generate-config
|
||
/usr/share/gdm/generate-config
|
-
|
||
/usr/bin/pkill
|
pkill --signal HUP --uid gdm dconf-service
|
||
/usr/lib/systemd/systemd
|
-
|
||
/usr/bin/gpu-manager
|
/usr/bin/gpu-manager --log /var/log/gpu-manager.log
|
||
/usr/bin/gpu-manager
|
-
|
||
/bin/sh
|
sh -c "grep -G \"^blacklist.*nvidia[[:space:]]*$\" /etc/modprobe.d/*.conf"
|
||
/bin/sh
|
-
|
||
/usr/bin/grep
|
grep -G ^blacklist.*nvidia[[:space:]]*$ /etc/modprobe.d/alsa-base.conf /etc/modprobe.d/amd64-microcode-blacklist.conf /etc/modprobe.d/blacklist-ath_pci.conf
/etc/modprobe.d/blacklist-firewire.conf /etc/modprobe.d/blacklist-framebuffer.conf /etc/modprobe.d/blacklist-modem.conf /etc/modprobe.d/blacklist-oss.conf
/etc/modprobe.d/blacklist-rare-network.conf /etc/modprobe.d/blacklist.conf /etc/modprobe.d/intel-microcode-blacklist.conf
/etc/modprobe.d/iwlwifi.conf /etc/modprobe.d/mdadm.conf
|
||
/usr/lib/systemd/systemd
|
-
|
||
/usr/share/gdm/generate-config
|
/usr/share/gdm/generate-config
|
||
/usr/share/gdm/generate-config
|
-
|
||
/usr/bin/pkill
|
pkill --signal HUP --uid gdm dconf-service
|
||
/usr/lib/systemd/systemd
|
-
|
||
/usr/bin/gpu-manager
|
/usr/bin/gpu-manager --log /var/log/gpu-manager.log
|
||
/usr/lib/systemd/systemd
|
-
|
||
/usr/share/gdm/generate-config
|
/usr/share/gdm/generate-config
|
||
/usr/share/gdm/generate-config
|
-
|
||
/usr/bin/pkill
|
pkill --signal HUP --uid gdm dconf-service
|
||
/usr/lib/systemd/systemd
|
-
|
||
/usr/bin/gpu-manager
|
/usr/bin/gpu-manager --log /var/log/gpu-manager.log
|
||
/usr/lib/systemd/systemd
|
-
|
||
/usr/share/gdm/generate-config
|
/usr/share/gdm/generate-config
|
||
/usr/share/gdm/generate-config
|
-
|
||
/usr/bin/pkill
|
pkill --signal HUP --uid gdm dconf-service
|
||
/usr/lib/systemd/systemd
|
-
|
||
/bin/plymouth
|
/bin/plymouth quit
|
||
/usr/lib/systemd/systemd
|
-
|
||
/usr/bin/dbus-daemon
|
/usr/bin/dbus-daemon --session --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only
|
There are 79 hidden processes, click here to show them.
Domains
Name
|
IP
|
Malicious
|
|
---|---|---|---|
kz.adolfhitler.su.V'fW66PV,PV!EH(652)V'f3NNPV!PV,E@@@
|
unknown
|
||
sex.secure-cyber-security.!V'fVVPV,PV!EHH3$W54]sexsecure-cyber-securitys!V'f.JPV!PV,E<@@wFqg#
|
unknown
|
||
sex.secure-cyber-security.V'f66PV,PV!E((4G/3M5Ng/yV'fDVVPV!PV,EHp@@.=3M54ysexsecure-cyber-securitys.'f6)66PV,PV!E((4o/3M5eyV'f*VVP.!PV,EHp@@>,3M54xysexsecure-cyber-securitysV'.66PV,PV!E((4/p3M5eyV'fVVPV!PV,EHq.@>3M54xysexsecure-cyber-securitys..'f&66PV,PV!E((4/g3M5
iyV'fA'VVP.!PV,EHq@@=3M54ysexsecure-cyber-securitysV'.66PV,PV!E((4/`3M5gyV'fJJJPV!PV,E<.@YF]#V'f6
|
unknown
|
||
kz.adolfhitler.su.V'f_66PV,PV!EH(~4{!5HV'fNNPV!PV,E@.@@@5,#kzadolfhitlersunV'f<V66PV,PV!EH(4{
|
unknown
|
||
kz.adolfhitler.su.V'f<V66PV,PV!EH(4{5@V'fWNNPV!PV,E@.@@=5,kzadolfhitlersunV'f66PV,PV!EH(3|5
|
unknown
|
||
kz.adolfhitler.su.V'fjI66PV,PV!EH(~3|E5@V'fTJNNPV!PV,E@.@@H5,}kzadolfhitlersunV'f_66PV,
|
unknown
|
||
kz.adolfhitler.su.V'fe66PV,PV!EH(6f5Oz)V'f/gNNPV!PV,E@C@@
|
unknown
|
||
sex.secure-cyber-security.V'f&66PV,PV!E((4/g3M5 iyV'fA'VVPV!PV,EHq@@.3M54ysexsecure-cyber-securitys.V'f66PV,PV.E((4/`3M5gy
|
unknown
|
||
kz.adolfhitler.su.V'f66PV,PV!EH(6?5y>)V'fPNNPV!PV,E@i@@
|
unknown
|
||
kz.adolfhitler.su.V'f0h66PV,PV!EH(65;I)V'fhJJPV!PV,E<t@@
|
unknown
|
||
kz.adolfhitler.su.xV'f;JJPV!PV,E<7@@XpFaQD.#+xV'f466
|
unknown
|
||
sex.secure-cyber-security.V'fVVPV,PV!EHH3d$W54+dsexsecure-cyber-securitysV'f.JPV!PV,E<@@#F6#H
|
unknown
|
||
kz.adolfhitler.su.V'f66PV,PV!EH(3|5=V'fkJJPV!PV,E<.@@OjF4#jV'f
|
unknown
|
||
security.rebirth-network.su
|
unknown
|
||
sex.secure-cyber-security.V'f66PV,PV!E((4/p3M5eyV'fVVPV!PV,EHq@@.3M54xysexsecure-cyber-securitys.'f&66PV,PV!E((4/g3M5 iyV'fA'VVP.!PV,EHq@@=3M54ysexsecure-cyber-securitysV'.66PV,PV!E((4/`3M5gyV'fJJJPV!PV,E<.@YF]#V'f6
|
unknown
|
||
kz.adolfhitler.su.V'f66PV,PV!EH(~4{n5PV'fNNPV!PV,E@.@@5,Nkzadolf.itlersunV'fjI66PV,PV!EH(~3|E5@V'fTJNNPV.PV,E@P@@H5
|
unknown
|
||
kz.adolfhitler.su.sV'f)NNPV!PV,E@S@@SF^r5,PkzadolfhitlersunxV'f;J
|
unknown
|
||
kz.adolfhitler.su.OV'fNNPV,PV!EH@3$W5,SkzadolfhitlersunOV'fcJ
|
unknown
|
||
kz.adolfhitler.su.dV'fNNPV!PV,E@O@@WD^r5,PkzadolfhitlersuniV'f%N
|
unknown
|
||
sex.secure-cyber-security.V'f66PV,PV!E((4/`3M5gyV'fJJJPV!PV,E<@@.F]#V'f66PV,PV!E((@0.F]P..'fN9BBPV!PV,E4a@@_T[[+T>V48_iV'fY.W.PV!PV,EI@@3;55{securityrebirth-networksu...'fzeWWPV,PV!E(I2T3;55securityrebirth-.etworksuV'ffWWPV!PV,EI@@3;Y55\securityrebirth-network.uV'fWWPV,PV!E(I2T3;5Y5securityrebirth-networksuV'fY.WW.V!PV,EI@@3;)55~securityrebirth-networksu
|
unknown
|
||
kz.adolfhitler.su.iV'f%NNPV!PV,E@P]@@V^r5,sPkzadolfhitlersunmV'fJ
|
unknown
|
||
kz.adolfhitler.su.#V'fNNPV,PV!E(@3L3l5Y,p\kzadolfhitlersus#V'fJJJ
|
unknown
|
||
sex.secure-cyber-security.V'f6)66PV,PV!E((4o/3M5eyV'f*VVPV!PV,EHp@@.,3M54xysexsecure-cyber-securitys.'f66PV,PV!E((4/p3M5eyV'fVVP.!PV,EHq@@>3M54xysexsecure-cyber-securitysV'.&66PV,PV!E((4/g3M5
iyV'fA'VVPV!PV,EHq.@=3M54ysexsecure-cyber-securitys..'f66PV,PV!E((4/`3M5gyV'fJJJP.!PV,E<@@YF]#V'f66
|
unknown
|
||
kz.adolfhitler.su.mV'fJJPV!PV,E<R]@;E '@@<JUPINGnV'f`$NN
|
unknown
|
||
kz.adolfhitler.su.V'fV66PV,PV!EH(65G)V'fNNPV!PV,E@u@@
|
unknown
|
There are 15 hidden domains, click here to show them.
IPs
IP
|
Domain
|
Country
|
Malicious
|
|
---|---|---|---|---|
212.70.149.14
|
unknown
|
Bulgaria
|
||
0.4.0.4
|
unknown
|
unknown
|
||
109.202.202.202
|
unknown
|
Switzerland
|
||
91.189.91.43
|
unknown
|
United Kingdom
|
||
91.189.91.42
|
unknown
|
United Kingdom
|
Memdumps
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
---|---|---|---|---|
f12000
|
page read and write
|
|||
7fff4bfd2000
|
page read and write
|
|||
f14000
|
page read and write
|
|||
7fff4bfd2000
|
page read and write
|
|||
7fff4bffb000
|
page execute read
|
|||
7fff4bfd2000
|
page read and write
|
|||
7fff4bffb000
|
page execute read
|
|||
f15000
|
page read and write
|
|||
416000
|
page execute read
|
|||
416000
|
page execute read
|
|||
621000
|
page read and write
|
|||
416000
|
page execute read
|
|||
7fff4bffb000
|
page execute read
|
|||
621000
|
page read and write
|
|||
f12000
|
page read and write
|
|||
7fff4bffb000
|
page execute read
|
|||
f12000
|
page read and write
|
|||
f12000
|
page read and write
|
|||
621000
|
page read and write
|
|||
f13000
|
page read and write
|
|||
621000
|
page read and write
|
|||
7fff4bfd2000
|
page read and write
|
|||
416000
|
page execute read
|
There are 13 hidden memdumps, click here to show them.