Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
/tmp/GFzGVKywzJ.elf
|
/tmp/GFzGVKywzJ.elf
|
||
|
/tmp/GFzGVKywzJ.elf
|
-
|
||
|
/tmp/GFzGVKywzJ.elf
|
-
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
yellowchink.pirate
|
204.76.203.63
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
86.104.194.171
|
unknown
|
Romania
|
 |
|
|
109.202.202.202
|
unknown
|
Switzerland
|
||
|
91.189.91.43
|
unknown
|
United Kingdom
|
||
|
91.189.91.42
|
unknown
|
United Kingdom
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
7fbe0402e000
|
page read and write
|
|||
|
7ffe99387000
|
page read and write
|
|||
|
557ef2175000
|
page read and write
|
|||
|
7fbf099f3000
|
page read and write
|
|||
|
7fbf04021000
|
page read and write
|
|||
|
7fbf093a2000
|
page read and write
|
|||
|
557eef137000
|
page execute read
|
|||
|
7fbf08b91000
|
page read and write
|
|||
|
7fbf09a18000
|
page read and write
|
|||
|
7ffe993a3000
|
page execute read
|
|||
|
7fbe0401e000
|
page execute read
|
|||
|
7fbf04000000
|
page read and write
|
|||
|
7fbf09631000
|
page read and write
|
|||
|
7fbf09ed9000
|
page read and write
|
|||
|
557ef1383000
|
page read and write
|
|||
|
557ef136c000
|
page execute and read and write
|
|||
|
557eef365000
|
page read and write
|
|||
|
7fbf09d63000
|
page read and write
|
|||
|
7fbf09e94000
|
page read and write
|
|||
|
557eef36e000
|
page read and write
|
|||
|
7fbe0402f000
|
page read and write
|
|||
|
7fbf09e8c000
|
page read and write
|
|||
|
7fbf09394000
|
page read and write
|
There are 13 hidden memdumps, click here to show them.