Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
/tmp/0JeZFMxByg.elf
|
/tmp/0JeZFMxByg.elf
|
||
|
/usr/bin/dash
|
-
|
||
|
/usr/bin/rm
|
rm -f /tmp/tmp.BhYXMCWPxr /tmp/tmp.70uZKZDKPd /tmp/tmp.QMYX4jQ34P
|
||
|
/usr/bin/dash
|
-
|
||
|
/usr/bin/rm
|
rm -f /tmp/tmp.BhYXMCWPxr /tmp/tmp.70uZKZDKPd /tmp/tmp.QMYX4jQ34P
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://upx.sf.net
|
unknown
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
daisy.ubuntu.com
|
162.213.35.25
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
54.217.10.153
|
unknown
|
United States
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
7f7928028000
|
page execute read
|
 |
||
|
564d22e1f000
|
page execute and read and write
|
|||
|
7f7a27fff000
|
page read and write
|
|||
|
7f7a2ff6b000
|
page read and write
|
|||
|
7ffd99bd7000
|
page execute read
|
|||
|
7f7a2ef75000
|
page read and write
|
|||
|
7f7a2f80f000
|
page read and write
|
|||
|
7f7a2fdff000
|
page read and write
|
|||
|
564d245c5000
|
page read and write
|
|||
|
7f7a28021000
|
page read and write
|
|||
|
7f7a2fddc000
|
page read and write
|
|||
|
7f7a2f77d000
|
page read and write
|
|||
|
7f7a3014d000
|
page read and write
|
|||
|
564d20e21000
|
page read and write
|
|||
|
7ffd99b66000
|
page read and write
|
|||
|
7f7a3032e000
|
page read and write
|
|||
|
7f7a304c0000
|
page read and write
|
|||
|
7f7a2fb71000
|
page read and write
|
|||
|
7f7a3047b000
|
page read and write
|
|||
|
7f792803a000
|
page read and write
|
|||
|
564d22e36000
|
page read and write
|
|||
|
7f7a30457000
|
page read and write
|
|||
|
564d20e18000
|
page read and write
|
|||
|
564d20bc7000
|
page execute read
|
There are 14 hidden memdumps, click here to show them.