Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
/tmp/vlxx.arm6.elf
|
/tmp/vlxx.arm6.elf
|
||
|
/usr/bin/dash
|
-
|
||
|
/usr/bin/rm
|
rm -f /tmp/tmp.he9dYrTv0W /tmp/tmp.nWfwm1DF2Q /tmp/tmp.aTCW6La9l0
|
||
|
/usr/bin/dash
|
-
|
||
|
/usr/bin/rm
|
rm -f /tmp/tmp.he9dYrTv0W /tmp/tmp.nWfwm1DF2Q /tmp/tmp.aTCW6La9l0
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
daisy.ubuntu.com
|
162.213.35.25
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
54.171.230.55
|
unknown
|
United States
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
7f783c036000
|
page execute read
|
 |
||
|
7f7943417000
|
page read and write
|
|||
|
7f7942b31000
|
page read and write
|
|||
|
7f79432ee000
|
page read and write
|
|||
|
7f7942f2b000
|
page read and write
|
|||
|
55f2b750f000
|
page read and write
|
|||
|
55f2b4e3d000
|
page read and write
|
|||
|
55f2b6e5b000
|
page read and write
|
|||
|
7ffc34000000
|
page execute read
|
|||
|
7f783c047000
|
page read and write
|
|||
|
7f7941f35000
|
page read and write
|
|||
|
7f793bfff000
|
page read and write
|
|||
|
7f7942d9c000
|
page read and write
|
|||
|
7f794343b000
|
page read and write
|
|||
|
7f794310d000
|
page read and write
|
|||
|
7f7942dbf000
|
page read and write
|
|||
|
55f2b4bec000
|
page execute read
|
|||
|
7f783c042000
|
page read and write
|
|||
|
7f79427cf000
|
page read and write
|
|||
|
55f2b4e46000
|
page read and write
|
|||
|
7f7943480000
|
page read and write
|
|||
|
7ffc33ffc000
|
page read and write
|
|||
|
7f794273d000
|
page read and write
|
|||
|
55f2b6e44000
|
page execute and read and write
|
|||
|
7f793c021000
|
page read and write
|
There are 15 hidden memdumps, click here to show them.