Processes
Path
|
Cmdline
|
Malicious
|
|
---|---|---|---|
/tmp/W46ssx5gcI.elf
|
/tmp/W46ssx5gcI.elf
|
||
/tmp/W46ssx5gcI.elf
|
-
|
||
/tmp/W46ssx5gcI.elf
|
-
|
||
/usr/libexec/gnome-session-binary
|
-
|
||
/bin/sh
|
/bin/sh -e -u -c "export GIO_LAUNCHED_DESKTOP_FILE_PID=$$; exec \"$@\"" sh /usr/libexec/gsd-rfkill
|
||
/usr/libexec/gsd-rfkill
|
/usr/libexec/gsd-rfkill
|
||
/usr/lib/systemd/systemd
|
-
|
||
/lib/systemd/systemd-hostnamed
|
/lib/systemd/systemd-hostnamed
|
Domains
Name
|
IP
|
Malicious
|
|
---|---|---|---|
cnc.voidnet.click
|
94.156.79.77
|
IPs
IP
|
Domain
|
Country
|
Malicious
|
|
---|---|---|---|---|
94.156.79.77
|
cnc.voidnet.click
|
Bulgaria
|
||
89.190.156.145
|
unknown
|
United Kingdom
|
Memdumps
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
---|---|---|---|---|
411000
|
page execute read
|
|||
fb5000
|
page read and write
|
|||
512000
|
page read and write
|
|||
7ffd10820000
|
page read and write
|
|||
514000
|
page read and write
|
|||
7ffd109e1000
|
page execute read
|