Play interactive tourEdit tour
Linux Analysis Report z0FwvGSnDF
Overview
General Information
Sample Name: | z0FwvGSnDF |
Analysis ID: | 452439 |
MD5: | dafbf75b66b11d7d3b2dcd284c8ac302 |
SHA1: | d1736cc4d7efab8522907550ae0ad5c2e52b296e |
SHA256: | a524c003fb6dda1f77eda693accef4fff0a0d9fbe7bb0dcfeaa319e526367258 |
Tags: | 32elfmiraimotorola |
Infos: |
Detection
Score: | 48 |
Range: | 0 - 100 |
Whitelisted: | false |
Signatures
Multi AV Scanner detection for submitted file
Sample has stripped symbol table
Uses the "uname" system call to query kernel version information (possible evasion)
Classification
Analysis Advice |
---|
Exit code information suggests that the sample terminated abnormally, try to lookup the sample's target architecture |
Non-zero exit code suggests an error during the execution. Lookup the error code for hints. |
Static ELF header machine description suggests that the sample might not execute correctly on this machine |
General Information |
---|
Joe Sandbox Version: | 33.0.0 White Diamond |
Analysis ID: | 452439 |
Start date: | 22.07.2021 |
Start time: | 11:03:45 |
Joe Sandbox Product: | CloudBasic |
Overall analysis duration: | 0h 6m 8s |
Hypervisor based Inspection enabled: | false |
Report type: | light |
Sample file name: | z0FwvGSnDF |
Cookbook file name: | defaultlinuxfilecookbook.jbs |
Analysis system description: | Ubuntu Linux 16.04 x64 (Kernel 4.4.0-116, Firefox 59.0, Document Viewer 3.18.2, LibreOffice 5.1.6.2, OpenJDK 1.8.0_171) |
Analysis Mode: | default |
Detection: | MAL |
Classification: | mal48.lin@0/2@0/0 |
Process Tree |
---|
|
Yara Overview |
---|
No yara matches |
---|
Jbx Signature Overview |
---|
Click to jump to signature section
Show All Signature Results
AV Detection: |
---|
Multi AV Scanner detection for submitted file | Show sources |
Source: | Virustotal: | Perma Link | ||
Source: | ReversingLabs: |
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: |
Source: | .symtab present: |
Source: | Classification label: |
Source: | Queries kernel information via 'uname': | ||
Source: | Queries kernel information via 'uname': | ||
Source: | Queries kernel information via 'uname': |
Mitre Att&ck Matrix |
---|
Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Exfiltration | Command and Control | Network Effects | Remote Service Effects | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Valid Accounts | Windows Management Instrumentation | Path Interception | Path Interception | Direct Volume Access | OS Credential Dumping | Security Software Discovery1 | Remote Services | Data from Local System | Exfiltration Over Other Network Medium | Data Obfuscation | Eavesdrop on Insecure Network Communication | Remotely Track Device Without Authorization | Modify System Partition |
Malware Configuration |
---|
No configs have been found |
---|
Behavior Graph |
---|
Antivirus, Machine Learning and Genetic Malware Detection |
---|
Initial Sample |
---|
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
52% | Virustotal | Browse | ||
54% | ReversingLabs | Linux.Trojan.Mirai |
Dropped Files |
---|
No Antivirus matches |
---|
Domains |
---|
No Antivirus matches |
---|
URLs |
---|
No Antivirus matches |
---|
Domains and IPs |
---|
Contacted Domains |
---|
No contacted domains info |
---|
Contacted IPs |
---|
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
Public |
---|
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
27.207.129.233 | unknown | China | 4837 | CHINA169-BACKBONECHINAUNICOMChina169BackboneCN | false | |
112.95.114.170 | unknown | China | 17623 | CNCGROUP-SZChinaUnicomShenzennetworkCN | false | |
121.134.140.247 | unknown | Korea Republic of | 4766 | KIXS-AS-KRKoreaTelecomKR | false | |
62.101.96.107 | unknown | Italy | 12874 | FASTWEBIT | false | |
89.108.182.73 | unknown | Lebanon | 31126 | SODETEL-ASLB | false | |
212.64.174.180 | unknown | Spain | 12540 | IDECNET-ASES | false | |
218.3.209.122 | unknown | China | 4134 | CHINANET-BACKBONENo31Jin-rongStreetCN | false | |
193.204.194.25 | unknown | Italy | 137 | ASGARRConsortiumGARREU | false | |
116.234.228.208 | unknown | China | 4812 | CHINANET-SH-APChinaTelecomGroupCN | false | |
69.162.158.5 | unknown | United States | 32748 | STEADFASTUS | false |
Runtime Messages |
---|
Command: | /tmp/z0FwvGSnDF |
Exit Code: | 132 |
Exit Code Info: | SIGILL (4) Illegal Instruction |
Killed: | False |
Standard Output: | |
Standard Error: | qemu: uncaught target signal 4 (Illegal instruction) - core dumped |
Joe Sandbox View / Context |
---|
IPs |
---|
No context |
---|
Domains |
---|
No context |
---|
ASN |
---|
Match | Associated Sample Name / URL | SHA 256 | Detection | Link | Context |
---|---|---|---|---|---|
CHINA169-BACKBONECHINAUNICOMChina169BackboneCN | Get hash | malicious | Browse |
| |
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
KIXS-AS-KRKoreaTelecomKR | Get hash | malicious | Browse |
| |
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
CNCGROUP-SZChinaUnicomShenzennetworkCN | Get hash | malicious | Browse |
| |
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
|
JA3 Fingerprints |
---|
No context |
---|
Dropped Files |
---|
No context |
---|
Created / dropped Files |
---|
Process: | /usr/share/apport/apport-checkreports |
File Type: | |
Category: | dropped |
Size (bytes): | 14916 |
Entropy (8bit): | 4.684276917760678 |
Encrypted: | false |
SSDEEP: | 192:FbsJrszJG+PFNL0aM3AhWAFRAWHzEimaKPIihbM:A6FNLBzEie2 |
MD5: | C822B83B52268F71E07FEBF2368BA15A |
SHA1: | A845FE0FC7EC37F3662169C187E224D5F38D34A6 |
SHA-256: | 8541268C17C8D1B3DDABA809D1973D305AD7C9112FB35C81964116C974514C39 |
SHA-512: | CE35DB6B750C0FA8BEA8215803AEB39E077973912C21DD9AFA9BE1260783407048417FF1DEE9F4DADD2A207927B7C968EFA0B83BFA7A8ABBBCA132E4D26C0D5F |
Malicious: | false |
Reputation: | low |
Preview: |
|
Process: | /usr/share/apport/apport-gtk |
File Type: | |
Category: | dropped |
Size (bytes): | 47094 |
Entropy (8bit): | 4.499763637776248 |
Encrypted: | false |
SSDEEP: | 768:Jj/w9/Z///f/QNgrZaqGqdL/k7NA3GcA3l:JjC/Z///f/3aqGqdL/k7NA3GcA3l |
MD5: | DB4D1B1AEF13086C174248ACC2C16F6F |
SHA1: | F0F004B5AAC395755FF748005007C3B7F8091A67 |
SHA-256: | 3C4F544F4DF6EC6356934C0B8FBE69922068624C67839A5393D656350D809F1C |
SHA-512: | ACD9926D82775610EF381219F3933830F169E9DD8BE60F738A9A77FEEB8668A1957A24AC1715B01CC0A7B775EC591A426CF3369F826E7F89A267430EB3F0D39D |
Malicious: | false |
Reputation: | low |
Preview: |
|
Static File Info |
---|
General | |
---|---|
File type: | |
Entropy (8bit): | 6.212564047873712 |
TrID: |
|
File name: | z0FwvGSnDF |
File size: | 53056 |
MD5: | dafbf75b66b11d7d3b2dcd284c8ac302 |
SHA1: | d1736cc4d7efab8522907550ae0ad5c2e52b296e |
SHA256: | a524c003fb6dda1f77eda693accef4fff0a0d9fbe7bb0dcfeaa319e526367258 |
SHA512: | 808496017ae6c062911902ca70339272371723cdb979f7039cf13e46869557b33e3a9017f9738f7aaa6b35147eb09622195c564d599816be4e34848c7daf4022 |
SSDEEP: | 768:mLGOe2kf9e9X9nbermI7vc59QPQs5gFHviPuzWeHXpi2UJTpDnH638gZ:mL/4f8F1ef0YgFvimzpZi2UJJnHY8w |
File Content Preview: | .ELF.......................D...4.........4. ...(.................................. ....................p.......... .dt.Q............................NV..a....da.....N^NuNV..J9...pf>"y.... QJ.g.X.#.....N."y.... QJ.f.A.....J.g.Hy....N.X........pN^NuNV..N^NuN |
Static ELF Info |
---|
ELF header | |
---|---|
Class: | |
Data: | |
Version: | |
Machine: | |
Version Number: | |
Type: | |
OS/ABI: | |
ABI Version: | |
Entry Point Address: | |
Flags: | |
ELF Header Size: | |
Program Header Offset: | |
Program Header Size: | |
Number of Program Headers: | |
Section Header Offset: | |
Section Header Size: | |
Number of Section Headers: | |
Header String Table Index: |
Sections |
---|
Name | Type | Address | Offset | Size | EntSize | Flags | Flags Description | Link | Info | Align |
---|---|---|---|---|---|---|---|---|---|---|
NULL | 0x0 | 0x0 | 0x0 | 0x0 | 0x0 | 0 | 0 | 0 | ||
.init | PROGBITS | 0x80000094 | 0x94 | 0x14 | 0x0 | 0x6 | AX | 0 | 0 | 2 |
.text | PROGBITS | 0x800000a8 | 0xa8 | 0xc5d6 | 0x0 | 0x6 | AX | 0 | 0 | 4 |
.fini | PROGBITS | 0x8000c67e | 0xc67e | 0xe | 0x0 | 0x6 | AX | 0 | 0 | 2 |
.rodata | PROGBITS | 0x8000c68c | 0xc68c | 0x56e | 0x0 | 0x2 | A | 0 | 0 | 2 |
.ctors | PROGBITS | 0x8000ec00 | 0xcc00 | 0x8 | 0x0 | 0x3 | WA | 0 | 0 | 4 |
.dtors | PROGBITS | 0x8000ec08 | 0xcc08 | 0x8 | 0x0 | 0x3 | WA | 0 | 0 | 4 |
.data | PROGBITS | 0x8000ec14 | 0xcc14 | 0x15c | 0x0 | 0x3 | WA | 0 | 0 | 4 |
.bss | NOBITS | 0x8000ed70 | 0xcd70 | 0x23c | 0x0 | 0x3 | WA | 0 | 0 | 4 |
.shstrtab | STRTAB | 0x0 | 0xcd70 | 0x3e | 0x0 | 0x0 | 0 | 0 | 1 |
Program Segments |
---|
Type | Offset | Virtual Address | Physical Address | File Size | Memory Size | Entropy | Flags | Flags Description | Align | Prog Interpreter | Section Mappings |
---|---|---|---|---|---|---|---|---|---|---|---|
LOAD | 0x0 | 0x80000000 | 0x80000000 | 0xcbfa | 0xcbfa | 4.2323 | 0x5 | R E | 0x2000 | .init .text .fini .rodata | |
LOAD | 0xcc00 | 0x8000ec00 | 0x8000ec00 | 0x170 | 0x3ac | 0.2775 | 0x6 | RW | 0x2000 | .ctors .dtors .data .bss | |
GNU_STACK | 0x0 | 0x0 | 0x0 | 0x0 | 0x0 | 0.0000 | 0x6 | RW | 0x4 |
Network Behavior |
---|
Snort IDS Alerts |
---|
Timestamp | Protocol | SID | Message | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|---|---|---|
07/22/21-11:04:21.807137 | ICMP | 399 | ICMP Destination Unreachable Host Unreachable | 192.12.76.3 | 192.168.2.20 |
Network Port Distribution |
---|
TCP Packets |
---|
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Jul 22, 2021 11:04:21.918428898 CEST | 23 | 53934 | 62.101.96.107 | 192.168.2.20 |
Jul 22, 2021 11:04:21.918591022 CEST | 53934 | 23 | 192.168.2.20 | 62.101.96.107 |
Jul 22, 2021 11:04:23.844746113 CEST | 23 | 59070 | 89.108.182.73 | 192.168.2.20 |
Jul 22, 2021 11:04:23.844914913 CEST | 59070 | 23 | 192.168.2.20 | 89.108.182.73 |
Jul 22, 2021 11:04:27.151252985 CEST | 23 | 45626 | 27.207.129.233 | 192.168.2.20 |
Jul 22, 2021 11:04:27.151485920 CEST | 45626 | 23 | 192.168.2.20 | 27.207.129.233 |
Jul 22, 2021 11:04:27.955425024 CEST | 23 | 35218 | 198.190.101.173 | 192.168.2.20 |
Jul 22, 2021 11:04:28.814352989 CEST | 23 | 53506 | 212.64.174.180 | 192.168.2.20 |
Jul 22, 2021 11:04:28.814585924 CEST | 53506 | 23 | 192.168.2.20 | 212.64.174.180 |
Jul 22, 2021 11:04:32.992007017 CEST | 23 | 48178 | 193.204.194.25 | 192.168.2.20 |
Jul 22, 2021 11:04:32.992197037 CEST | 48178 | 23 | 192.168.2.20 | 193.204.194.25 |
Jul 22, 2021 11:04:36.741559029 CEST | 23 | 42870 | 218.3.209.122 | 192.168.2.20 |
Jul 22, 2021 11:04:36.741900921 CEST | 42870 | 23 | 192.168.2.20 | 218.3.209.122 |
Jul 22, 2021 11:04:40.168905020 CEST | 23 | 48698 | 116.234.228.208 | 192.168.2.20 |
Jul 22, 2021 11:04:40.169090986 CEST | 48698 | 23 | 192.168.2.20 | 116.234.228.208 |
Jul 22, 2021 11:04:42.846307993 CEST | 23 | 48694 | 121.134.140.247 | 192.168.2.20 |
Jul 22, 2021 11:04:42.846462011 CEST | 48694 | 23 | 192.168.2.20 | 121.134.140.247 |
Jul 22, 2021 11:04:42.846641064 CEST | 23 | 48694 | 121.134.140.247 | 192.168.2.20 |
Jul 22, 2021 11:04:42.846719027 CEST | 48694 | 23 | 192.168.2.20 | 121.134.140.247 |
Jul 22, 2021 11:04:57.154316902 CEST | 23 | 45626 | 27.207.129.233 | 192.168.2.20 |
Jul 22, 2021 11:04:57.154469013 CEST | 45626 | 23 | 192.168.2.20 | 27.207.129.233 |
Jul 22, 2021 11:05:15.710688114 CEST | 23 | 37848 | 112.95.114.170 | 192.168.2.20 |
Jul 22, 2021 11:05:15.711007118 CEST | 37848 | 23 | 192.168.2.20 | 112.95.114.170 |
Jul 22, 2021 11:05:27.145962000 CEST | 23 | 45626 | 27.207.129.233 | 192.168.2.20 |
Jul 22, 2021 11:05:27.146151066 CEST | 45626 | 23 | 192.168.2.20 | 27.207.129.233 |
Jul 22, 2021 11:05:34.696278095 CEST | 23 | 36608 | 69.162.158.5 | 192.168.2.20 |
Jul 22, 2021 11:05:34.696587086 CEST | 36608 | 23 | 192.168.2.20 | 69.162.158.5 |
Jul 22, 2021 11:05:34.697474003 CEST | 23 | 36608 | 69.162.158.5 | 192.168.2.20 |
Jul 22, 2021 11:05:34.697561979 CEST | 36608 | 23 | 192.168.2.20 | 69.162.158.5 |
Jul 22, 2021 11:05:34.698805094 CEST | 23 | 36608 | 69.162.158.5 | 192.168.2.20 |
Jul 22, 2021 11:05:34.698834896 CEST | 23 | 36608 | 69.162.158.5 | 192.168.2.20 |
Jul 22, 2021 11:05:34.699078083 CEST | 36608 | 23 | 192.168.2.20 | 69.162.158.5 |
Jul 22, 2021 11:05:34.699122906 CEST | 36608 | 23 | 192.168.2.20 | 69.162.158.5 |
Jul 22, 2021 11:05:34.701443911 CEST | 23 | 36608 | 69.162.158.5 | 192.168.2.20 |
Jul 22, 2021 11:05:34.701536894 CEST | 36608 | 23 | 192.168.2.20 | 69.162.158.5 |
Jul 22, 2021 11:05:34.702779055 CEST | 23 | 36608 | 69.162.158.5 | 192.168.2.20 |
Jul 22, 2021 11:05:34.702989101 CEST | 36608 | 23 | 192.168.2.20 | 69.162.158.5 |
ICMP Packets |
---|
Timestamp | Source IP | Dest IP | Checksum | Code | Type |
---|---|---|---|---|---|
Jul 22, 2021 11:04:21.807137012 CEST | 192.12.76.3 | 192.168.2.20 | 6c6a | (Host unreachable) | Destination Unreachable |
System Behavior |
---|
General |
---|
Start time: | 11:04:19 |
Start date: | 22/07/2021 |
Path: | /tmp/z0FwvGSnDF |
Arguments: | /usr/bin/qemu-m68k /tmp/z0FwvGSnDF |
File size: | 53056 bytes |
MD5 hash: | dafbf75b66b11d7d3b2dcd284c8ac302 |
General |
---|
Start time: | 11:04:20 |
Start date: | 22/07/2021 |
Path: | /sbin/upstart |
Arguments: | n/a |
File size: | 0 bytes |
MD5 hash: | 00000000000000000000000000000000 |
General |
---|
Start time: | 11:04:20 |
Start date: | 22/07/2021 |
Path: | /bin/sh |
Arguments: | /bin/sh -e /proc/self/fd/9 |
File size: | 4 bytes |
MD5 hash: | e02ea3c3450d44126c46d658fa9e654c |
General |
---|
Start time: | 11:04:20 |
Start date: | 22/07/2021 |
Path: | /bin/sh |
Arguments: | n/a |
File size: | 4 bytes |
MD5 hash: | e02ea3c3450d44126c46d658fa9e654c |
General |
---|
Start time: | 11:04:20 |
Start date: | 22/07/2021 |
Path: | /bin/date |
Arguments: | date |
File size: | 68464 bytes |
MD5 hash: | 54903b613f9019bfca9f5d28a4fff34e |
General |
---|
Start time: | 11:04:20 |
Start date: | 22/07/2021 |
Path: | /bin/sh |
Arguments: | n/a |
File size: | 4 bytes |
MD5 hash: | e02ea3c3450d44126c46d658fa9e654c |
General |
---|
Start time: | 11:04:20 |
Start date: | 22/07/2021 |
Path: | /usr/share/apport/apport-checkreports |
Arguments: | /usr/bin/python3 /usr/share/apport/apport-checkreports --system |
File size: | 1269 bytes |
MD5 hash: | 1a7d84ebc34df04e55ca3723541f48c9 |
General |
---|
Start time: | 11:04:20 |
Start date: | 22/07/2021 |
Path: | /sbin/upstart |
Arguments: | n/a |
File size: | 0 bytes |
MD5 hash: | 00000000000000000000000000000000 |
General |
---|
Start time: | 11:04:20 |
Start date: | 22/07/2021 |
Path: | /bin/sh |
Arguments: | /bin/sh -e /proc/self/fd/9 |
File size: | 4 bytes |
MD5 hash: | e02ea3c3450d44126c46d658fa9e654c |
General |
---|
Start time: | 11:04:20 |
Start date: | 22/07/2021 |
Path: | /bin/sh |
Arguments: | n/a |
File size: | 4 bytes |
MD5 hash: | e02ea3c3450d44126c46d658fa9e654c |
General |
---|
Start time: | 11:04:20 |
Start date: | 22/07/2021 |
Path: | /bin/date |
Arguments: | date |
File size: | 68464 bytes |
MD5 hash: | 54903b613f9019bfca9f5d28a4fff34e |
General |
---|
Start time: | 11:04:20 |
Start date: | 22/07/2021 |
Path: | /bin/sh |
Arguments: | n/a |
File size: | 4 bytes |
MD5 hash: | e02ea3c3450d44126c46d658fa9e654c |
General |
---|
Start time: | 11:04:20 |
Start date: | 22/07/2021 |
Path: | /usr/share/apport/apport-gtk |
Arguments: | /usr/bin/python3 /usr/share/apport/apport-gtk |
File size: | 23806 bytes |
MD5 hash: | ec58a49a30ef6a29406a204f28cc7d87 |
General |
---|
Start time: | 11:04:20 |
Start date: | 22/07/2021 |
Path: | /sbin/upstart |
Arguments: | n/a |
File size: | 0 bytes |
MD5 hash: | 00000000000000000000000000000000 |
General |
---|
Start time: | 11:04:20 |
Start date: | 22/07/2021 |
Path: | /bin/sh |
Arguments: | /bin/sh -e /proc/self/fd/9 |
File size: | 4 bytes |
MD5 hash: | e02ea3c3450d44126c46d658fa9e654c |
General |
---|
Start time: | 11:04:20 |
Start date: | 22/07/2021 |
Path: | /bin/sh |
Arguments: | n/a |
File size: | 4 bytes |
MD5 hash: | e02ea3c3450d44126c46d658fa9e654c |
General |
---|
Start time: | 11:04:20 |
Start date: | 22/07/2021 |
Path: | /bin/date |
Arguments: | date |
File size: | 68464 bytes |
MD5 hash: | 54903b613f9019bfca9f5d28a4fff34e |
General |
---|
Start time: | 11:04:20 |
Start date: | 22/07/2021 |
Path: | /bin/sh |
Arguments: | n/a |
File size: | 4 bytes |
MD5 hash: | e02ea3c3450d44126c46d658fa9e654c |
General |
---|
Start time: | 11:04:20 |
Start date: | 22/07/2021 |
Path: | /usr/share/apport/apport-gtk |
Arguments: | /usr/bin/python3 /usr/share/apport/apport-gtk |
File size: | 23806 bytes |
MD5 hash: | ec58a49a30ef6a29406a204f28cc7d87 |