Processes
Path
|
Cmdline
|
Malicious
|
|
---|---|---|---|
/tmp/GFzGVKywzJ.elf
|
/tmp/GFzGVKywzJ.elf
|
||
/tmp/GFzGVKywzJ.elf
|
-
|
||
/tmp/GFzGVKywzJ.elf
|
-
|
Domains
Name
|
IP
|
Malicious
|
|
---|---|---|---|
yellowchink.pirate
|
204.76.203.63
|
IPs
IP
|
Domain
|
Country
|
Malicious
|
|
---|---|---|---|---|
86.104.194.171
|
unknown
|
Romania
|
||
109.202.202.202
|
unknown
|
Switzerland
|
||
91.189.91.43
|
unknown
|
United Kingdom
|
||
91.189.91.42
|
unknown
|
United Kingdom
|
Memdumps
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
---|---|---|---|---|
7fbe0402e000
|
page read and write
|
|||
7ffe99387000
|
page read and write
|
|||
557ef2175000
|
page read and write
|
|||
7fbf099f3000
|
page read and write
|
|||
7fbf04021000
|
page read and write
|
|||
7fbf093a2000
|
page read and write
|
|||
557eef137000
|
page execute read
|
|||
7fbf08b91000
|
page read and write
|
|||
7fbf09a18000
|
page read and write
|
|||
7ffe993a3000
|
page execute read
|
|||
7fbe0401e000
|
page execute read
|
|||
7fbf04000000
|
page read and write
|
|||
7fbf09631000
|
page read and write
|
|||
7fbf09ed9000
|
page read and write
|
|||
557ef1383000
|
page read and write
|
|||
557ef136c000
|
page execute and read and write
|
|||
557eef365000
|
page read and write
|
|||
7fbf09d63000
|
page read and write
|
|||
7fbf09e94000
|
page read and write
|
|||
557eef36e000
|
page read and write
|
|||
7fbe0402f000
|
page read and write
|
|||
7fbf09e8c000
|
page read and write
|
|||
7fbf09394000
|
page read and write
|
There are 13 hidden memdumps, click here to show them.