Linux Analysis Report IOg8XL9P8B
Overview
General Information
Sample Name: | IOg8XL9P8B |
Analysis ID: | 528746 |
MD5: | 2eb2602703ec59e9118097fea2b3dafa |
SHA1: | 36224cc924b7a60f94e61ffbeea304d747137e0d |
SHA256: | b0e28475774e7e58d75c1fe6a0fef19adcf84ef2a8ff3538a1859100da4f482f |
Tags: | 32elfmipsMirai |
Infos: |
Detection
Score: | 72 |
Range: | 0 - 100 |
Whitelisted: | false |
Signatures
Classification
Analysis Advice |
---|
Static ELF header machine description suggests that the sample might only run correctly on MIPS or ARM architectures |
Static ELF header machine description suggests that the sample might not execute correctly on this machine |
General Information |
---|
Joe Sandbox Version: | 34.0.0 Boulder Opal |
Analysis ID: | 528746 |
Start date: | 25.11.2021 |
Start time: | 18:23:21 |
Joe Sandbox Product: | CloudBasic |
Overall analysis duration: | 0h 9m 51s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Sample file name: | IOg8XL9P8B |
Cookbook file name: | defaultlinuxfilecookbook.jbs |
Analysis system description: | Ubuntu Linux 20.04 x64 (Kernel 5.4.0-72, Firefox 91.0, Evince Document Viewer 3.36.10, LibreOffice 6.4.7.2, OpenJDK 11.0.11) |
Analysis Mode: | default |
Detection: | MAL |
Classification: | mal72.spre.troj.evad.lin@0/9@0/0 |
Warnings: | Show All
|
Process Tree |
---|
|
Yara Overview |
---|
Initial Sample |
---|
Source | Rule | Description | Author | Strings |
---|---|---|---|---|
SUSP_ELF_LNX_UPX_Compressed_File | Detects a suspicious ELF binary with UPX compression | Florian Roth |
|
Jbx Signature Overview |
---|
Click to jump to signature section
AV Detection: |
---|
Multi AV Scanner detection for submitted file | Show sources |
Source: | Virustotal: | Perma Link |
Source: | Reads CPU info from /sys: | Jump to behavior | ||
Source: | Reads CPU info from /sys: | Jump to behavior | ||
Source: | Reads CPU info from /sys: | Jump to behavior | ||
Source: | Reads CPU info from /sys: | Jump to behavior | ||
Source: | Reads CPU info from /sys: | Jump to behavior | ||
Source: | Reads CPU info from /sys: | Jump to behavior |
Networking: |
---|
Deletes all firewall rules | Show sources |
Source: | Args: | Jump to behavior |
Source: | Socket: | Jump to behavior | ||
Source: | Socket: | Jump to behavior | ||
Source: | Socket: | Jump to behavior |
Source: | Iptables executable: | Jump to behavior | ||
Source: | Iptables executable: | Jump to behavior |
Source: | String found in binary or memory: |
System Summary: |
---|
Sample tries to kill many processes (SIGKILL) | Show sources |
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior |
Source: | Program segment: |
Source: | Matched rule: |
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior |
Source: | Classification label: |
Data Obfuscation: |
---|
Sample is packed with UPX | Show sources |
Source: | String containing UPX found: | ||
Source: | String containing UPX found: | ||
Source: | String containing UPX found: |
Persistence and Installation Behavior: |
---|
Deletes all firewall rules | Show sources |
Source: | Args: | Jump to behavior |
Sample reads /proc/mounts (often used for finding a writable filesystem) | Show sources |
Source: | File: | Jump to behavior |
Source: | Pkill executable: | Jump to behavior | ||
Source: | Pkill executable: | Jump to behavior | ||
Source: | Pkill executable: | Jump to behavior | ||
Source: | Pkill executable: | Jump to behavior | ||
Source: | Pkill executable: | Jump to behavior |
Source: | Grep executable: | Jump to behavior | ||
Source: | Grep executable: | Jump to behavior | ||
Source: | Grep executable: | Jump to behavior | ||
Source: | Grep executable: | Jump to behavior | ||
Source: | Grep executable: | Jump to behavior | ||
Source: | Grep executable: | Jump to behavior | ||
Source: | Grep executable: | Jump to behavior | ||
Source: | Grep executable: | Jump to behavior | ||
Source: | Grep executable: | Jump to behavior | ||
Source: | Grep executable: | Jump to behavior | ||
Source: | Grep executable: | Jump to behavior | ||
Source: | Grep executable: | Jump to behavior | ||
Source: | Grep executable: | Jump to behavior | ||
Source: | Grep executable: | Jump to behavior | ||
Source: | Grep executable: | Jump to behavior | ||
Source: | Grep executable: | Jump to behavior |
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior |
Source: | Directory: | Jump to behavior |
Source: | Iptables executable: | Jump to behavior | ||
Source: | Iptables executable: | Jump to behavior |
Source: | File: | Jump to behavior | ||
Source: | File: | Jump to behavior | ||
Source: | File: | Jump to behavior | ||
Source: | File: | Jump to behavior | ||
Source: | File: | Jump to behavior |
Source: | Shell command executed: | Jump to behavior | ||
Source: | Shell command executed: | Jump to behavior | ||
Source: | Shell command executed: | Jump to behavior | ||
Source: | Shell command executed: | Jump to behavior | ||
Source: | Shell command executed: | Jump to behavior | ||
Source: | Shell command executed: | Jump to behavior | ||
Source: | Shell command executed: | Jump to behavior | ||
Source: | Shell command executed: | Jump to behavior | ||
Source: | Shell command executed: | Jump to behavior | ||
Source: | Shell command executed: | Jump to behavior | ||
Source: | Shell command executed: | Jump to behavior | ||
Source: | Shell command executed: | Jump to behavior | ||
Source: | Shell command executed: | Jump to behavior | ||
Source: | Shell command executed: | Jump to behavior | ||
Source: | Shell command executed: | Jump to behavior | ||
Source: | Shell command executed: | Jump to behavior | ||
Source: | Shell command executed: | Jump to behavior | ||
Source: | Shell command executed: | Jump to behavior | ||
Source: | Shell command executed: | Jump to behavior | ||
Source: | Shell command executed: | Jump to behavior | ||
Source: | Shell command executed: | Jump to behavior | ||
Source: | Shell command executed: | Jump to behavior | ||
Source: | Shell command executed: | Jump to behavior | ||
Source: | Shell command executed: | Jump to behavior | ||
Source: | Shell command executed: | Jump to behavior | ||
Source: | Shell command executed: | Jump to behavior | ||
Source: | Shell command executed: | Jump to behavior | ||
Source: | Shell command executed: | Jump to behavior | ||
Source: | Shell command executed: | Jump to behavior |
Source: | Rm executable: | Jump to behavior | ||
Source: | Rm executable: | Jump to behavior | ||
Source: | Rm executable: | Jump to behavior | ||
Source: | Rm executable: | Jump to behavior | ||
Source: | Rm executable: | Jump to behavior |
Source: | Log file created: | Jump to dropped file |
Source: | Sed executable: | Jump to behavior | ||
Source: | Sed executable: | Jump to behavior |
Hooking and other Techniques for Hiding and Protection: |
---|
Sample deletes itself | Show sources |
Source: | File: | Jump to behavior |
Malware Analysis System Evasion: |
---|
Deletes security-related log files | Show sources |
Source: | Truncated file: | Jump to behavior |
Source: | Reads CPU info from /sys: | Jump to behavior | ||
Source: | Reads CPU info from /sys: | Jump to behavior | ||
Source: | Reads CPU info from /sys: | Jump to behavior | ||
Source: | Reads CPU info from /sys: | Jump to behavior | ||
Source: | Reads CPU info from /sys: | Jump to behavior | ||
Source: | Reads CPU info from /sys: | Jump to behavior |
Source: | Queries kernel information via 'uname': | Jump to behavior | ||
Source: | Queries kernel information via 'uname': | Jump to behavior | ||
Source: | Queries kernel information via 'uname': | Jump to behavior | ||
Source: | Queries kernel information via 'uname': | Jump to behavior | ||
Source: | Queries kernel information via 'uname': | Jump to behavior |
Source: | Truncated file: | Jump to behavior | ||
Source: | Truncated file: | Jump to behavior | ||
Source: | Truncated file: | Jump to behavior |
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: |
Mitre Att&ck Matrix |
---|
Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Exfiltration | Command and Control | Network Effects | Remote Service Effects | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Valid Accounts | Command and Scripting Interpreter1 | Path Interception | Path Interception | File and Directory Permissions Modification1 | OS Credential Dumping1 | Security Software Discovery11 | Remote Services | Data from Local System | Exfiltration Over Other Network Medium | Data Obfuscation | Eavesdrop on Insecure Network Communication | Remotely Track Device Without Authorization | Modify System Partition |
Default Accounts | Scripting1 | Boot or Logon Initialization Scripts | Boot or Logon Initialization Scripts | Disable or Modify Tools1 | LSASS Memory | System Network Configuration Discovery1 | Remote Desktop Protocol | Data from Removable Media | Exfiltration Over Bluetooth | Junk Data | Exploit SS7 to Redirect Phone Calls/SMS | Remotely Wipe Data Without Authorization | Device Lockout |
Domain Accounts | At (Linux) | Logon Script (Windows) | Logon Script (Windows) | Scripting1 | Security Account Manager | File and Directory Discovery1 | SMB/Windows Admin Shares | Data from Network Shared Drive | Automated Exfiltration | Steganography | Exploit SS7 to Track Device Location | Obtain Device Cloud Backups | Delete Device Data |
Local Accounts | At (Windows) | Logon Script (Mac) | Logon Script (Mac) | Hidden Files and Directories1 | NTDS | System Information Discovery1 | Distributed Component Object Model | Input Capture | Scheduled Transfer | Protocol Impersonation | SIM Card Swap | Carrier Billing Fraud | |
Cloud Accounts | Cron | Network Logon Script | Network Logon Script | Obfuscated Files or Information1 | LSA Secrets | Remote System Discovery | SSH | Keylogging | Data Transfer Size Limits | Fallback Channels | Manipulate Device Communication | Manipulate App Store Rankings or Ratings | |
Replication Through Removable Media | Launchd | Rc.common | Rc.common | Disable or Modify System Firewall1 | Cached Domain Credentials | System Owner/User Discovery | VNC | GUI Input Capture | Exfiltration Over C2 Channel | Multiband Communication | Jamming or Denial of Service | Abuse Accessibility Features | |
External Remote Services | Scheduled Task | Startup Items | Startup Items | Indicator Removal on Host11 | DCSync | Network Sniffing | Windows Remote Management | Web Portal Capture | Exfiltration Over Alternative Protocol | Commonly Used Port | Rogue Wi-Fi Access Points | Data Encrypted for Impact | |
Drive-by Compromise | Command and Scripting Interpreter | Scheduled Task/Job | Scheduled Task/Job | File Deletion11 | Proc Filesystem | Network Service Scanning | Shared Webroot | Credential API Hooking | Exfiltration Over Symmetric Encrypted Non-C2 Protocol | Application Layer Protocol | Downgrade to Insecure Protocols | Generate Fraudulent Advertising Revenue |
Malware Configuration |
---|
No configs have been found |
---|
Behavior Graph |
---|
Antivirus, Machine Learning and Genetic Malware Detection |
---|
Initial Sample |
---|
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
25% | Virustotal | Browse |
Dropped Files |
---|
No Antivirus matches |
---|
Domains |
---|
No Antivirus matches |
---|
URLs |
---|
No Antivirus matches |
---|
Domains and IPs |
---|
Contacted Domains |
---|
No contacted domains info |
---|
URLs from Memory and Binaries |
---|
Name | Source | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|
false | high |
Contacted IPs |
---|
No contacted IP infos |
---|
Joe Sandbox View / Context |
---|
Created / dropped Files |
---|
Process: | /usr/bin/pulseaudio |
File Type: | |
Category: | dropped |
Size (bytes): | 10 |
Entropy (8bit): | 2.9219280948873623 |
Encrypted: | false |
SSDEEP: | 3:5bkPn:pkP |
MD5: | FF001A15CE15CF062A3704CEA2991B5F |
SHA1: | B06F6855F376C3245B82212AC73ADED55DFE5DEF |
SHA-256: | C54830B41ECFA1B6FBDC30397188DDA86B7B200E62AEAC21AE694A6192DCC38A |
SHA-512: | 65EBF7C31F6F65713CE01B38A112E97D0AE64A6BD1DA40CE4C1B998F10CD3912EE1A48BB2B279B24493062118AAB3B8753742E2AF28E56A31A7AAB27DE80E7BF |
Malicious: | false |
Reputation: | moderate, very likely benign file |
Preview: |
|
Process: | /usr/bin/pulseaudio |
File Type: | |
Category: | dropped |
Size (bytes): | 18 |
Entropy (8bit): | 3.4613201402110088 |
Encrypted: | false |
SSDEEP: | 3:5bkrIZsXvn:pkckv |
MD5: | 28FE6435F34B3367707BB1C5D5F6B430 |
SHA1: | EB8FE2D16BD6BBCCE106C94E4D284543B2573CF6 |
SHA-256: | 721A37C69E555799B41D308849E8F8125441883AB021B723FED90A9B744F36C0 |
SHA-512: | 6B6AB7C0979629D0FEF6BE47C5C6BCC367EDD0AAE3FC973F4DE2FD5F0A819C89E7656DB65D453B1B5398E54012B27EDFE02894AD87A7E0AF3A9C5F2EB24A9919 |
Malicious: | false |
Reputation: | moderate, very likely benign file |
Preview: |
|
Process: | /usr/sbin/sshd |
File Type: | |
Category: | dropped |
Size (bytes): | 6 |
Entropy (8bit): | 1.7924812503605778 |
Encrypted: | false |
SSDEEP: | 3:ptn:Dn |
MD5: | CBF282CC55ED0792C33D10003D1F760A |
SHA1: | 007DD8BD75468E6B7ABA4285E9B267202C7EAEED |
SHA-256: | FCDBAB99FCC0F4409E5F9D7D6FC497780288B4C441698126BB62832412774D22 |
SHA-512: | 4643A8675D213C7DA35CC0C2BFB3B6F20324F9C48AEA7BA79F470615698C9A0CEFDA45CAA1957FC29110EE746BC8458AB8AB1E43EB513912A5E1E8858812CC00 |
Malicious: | false |
Reputation: | high, very likely benign file |
Preview: |
|
Process: | /usr/sbin/sshd |
File Type: | |
Category: | dropped |
Size (bytes): | 5 |
Entropy (8bit): | 2.321928094887362 |
Encrypted: | false |
SSDEEP: | 3:DSF:E |
MD5: | 57D80149E6D48D3BB2E5DD63EEBAB2CF |
SHA1: | DE6E42464BF89B2A930F505FAE88471846B28713 |
SHA-256: | 084420C48881C33BF4FCCC50A5FCA40128EBA306B5B19EF7148426AD2D3F3048 |
SHA-512: | E0510DCA67D4E216F62E0E018437C4FAD1AF014E81938E89D1558098FDF1C18F0FDE9843869FEDB3CE25F3A9C3C8AA3F838A432185B02C25A69AB290663ED92E |
Malicious: | false |
Reputation: | low |
Preview: |
|
Process: | /tmp/IOg8XL9P8B |
File Type: | |
Category: | dropped |
Size (bytes): | 38 |
Entropy (8bit): | 3.3918926446809334 |
Encrypted: | false |
SSDEEP: | 3:KkZRAkd:KaAu |
MD5: | C7EA09D26E26605227076E0514A33038 |
SHA1: | C3F9736E9AF7BD0885578859A50B205C8FA5FC8E |
SHA-256: | 7E8AD76E0D200E93918CA2E93C99FF8ECD02071953BF1479819DB3AC0DBB6D07 |
SHA-512: | 17D0088725EB9991E9EB82E8A3DE0878E45E6F394BBC2AD260AA59C786FF0AD565E145E21256425D1C0ABE15F3ECB402EBB0A6A5E1C2D5BA7A4D95EC93A2861F |
Malicious: | false |
Reputation: | moderate, very likely benign file |
Preview: |
|
Process: | /usr/bin/pulseaudio |
File Type: | |
Category: | dropped |
Size (bytes): | 5 |
Entropy (8bit): | 1.9219280948873623 |
Encrypted: | false |
SSDEEP: | 3:E9n:E9n |
MD5: | CE8DB100041CB6952214A2697201F14E |
SHA1: | F7B9CB9840DF387BE33E9737FC9DCECE73585A7A |
SHA-256: | 198FF7F9D813A6E62397E39E29639DB3499A268947571D5D239D7CBD32E35B2A |
SHA-512: | 023256E9DD73DF8216F1AB6AEA38AF9CC99822EE2D2BF0037DFBC133EC5BEAA116D4D93C845485D3F6AED6E3F95C22B4698E2BAA5543C270DDE413E2757D4C0B |
Malicious: | false |
Reputation: | low |
Preview: |
|
Process: | /usr/bin/gpu-manager |
File Type: | |
Category: | dropped |
Size (bytes): | 1515 |
Entropy (8bit): | 4.825813629825568 |
Encrypted: | false |
SSDEEP: | 24:wPXXX9uV6BNu3WDF3GF3XFFxFFed2uk2HUvJlfWkpPpx7uvvAdow9555Ro7uRkoT:wPXXXe6vejpeC2HUR5WkpPpcvAdow959 |
MD5: | 7B48386106F00126E44F428D0193E1ED |
SHA1: | 75F652293B2DE03A845A73B678A5CB7E9701A9F4 |
SHA-256: | 9F60B5D0D5C6F6CB3892E1687D16333F36E3BD450713B00FDF0B2BB90EC7312C |
SHA-512: | 57D0856EC65558B4A843A4696B644AC3E80B3EA0E6EC1C2FAC7A00015B96EBB2CC30967EB8DEFC3E648E59AC6882F6A4F69468D4B6CD0FD60F9F343C206DBFBC |
Malicious: | false |
Preview: |
|
Process: | /usr/sbin/gdm3 |
File Type: | |
Category: | dropped |
Size (bytes): | 5 |
Entropy (8bit): | 1.9219280948873623 |
Encrypted: | false |
SSDEEP: | 3:FTF:pF |
MD5: | AD7FA9E01F9BA9552A2B50ADBDCEEA87 |
SHA1: | 65D4B862F58D4DE40DD11553B2BB27EE5E010C6F |
SHA-256: | CC11195A89ED44684FF71726BF80D4C1C1F93785FD709D94F7E586641971E782 |
SHA-512: | BAEF301CAB7BF17FC76CD190046264E88BF3C667779BBD4603BF1F186370D4D1FA719AB5C76F12765082750296E4F799BCC4B2600AEA7CD636E92B54B312C9FB |
Malicious: | false |
Preview: |
|
Static File Info |
---|
General | |
---|---|
File type: | |
Entropy (8bit): | 7.957051234330903 |
TrID: |
|
File name: | IOg8XL9P8B |
File size: | 52492 |
MD5: | 2eb2602703ec59e9118097fea2b3dafa |
SHA1: | 36224cc924b7a60f94e61ffbeea304d747137e0d |
SHA256: | b0e28475774e7e58d75c1fe6a0fef19adcf84ef2a8ff3538a1859100da4f482f |
SHA512: | 316467e1ee812308e374200bf4a09096bd853adc61ea93b00166b49d6a037ca73a27d1c2a6be9d0fa75e52e9686763b1e1b3bbd740271a676cd6896d952470f0 |
SSDEEP: | 1536:fpNnywIp5HUFW2U0jMUroVfZbvoREVJuX:JwSF9U0jMUroVfVoREVQX |
File Content Preview: | .ELF...........................4.........4. ...(.............................................F...F......................UPX!.d.........(...(.......U.......?.E.h4...@b..) ..]....E..K...j.I.......2l.....u.....l..L..Y =.Mg.."/d\.Z.!'.....2`..o,...F.......... |
Static ELF Info |
---|
ELF header | |
---|---|
Class: | |
Data: | |
Version: | |
Machine: | |
Version Number: | |
Type: | |
OS/ABI: | |
ABI Version: | |
Entry Point Address: | |
Flags: | |
ELF Header Size: | |
Program Header Offset: | |
Program Header Size: | |
Number of Program Headers: | |
Section Header Offset: | |
Section Header Size: | |
Number of Section Headers: | |
Header String Table Index: |
Program Segments |
---|
Type | Offset | Virtual Address | Physical Address | File Size | Memory Size | Entropy | Flags | Flags Description | Align | Prog Interpreter | Section Mappings |
---|---|---|---|---|---|---|---|---|---|---|---|
LOAD | 0x0 | 0x100000 | 0x100000 | 0xcbd4 | 0xcbd4 | 4.0751 | 0x5 | R E | 0x10000 | ||
LOAD | 0xe4ec | 0x46e4ec | 0x46e4ec | 0x0 | 0x0 | 0.0000 | 0x6 | RW | 0x10000 |
Network Behavior |
---|
No network behavior found |
---|
System Behavior |
---|
General |
---|
Start time: | 18:24:08 |
Start date: | 25/11/2021 |
Path: | /tmp/IOg8XL9P8B |
Arguments: | /tmp/IOg8XL9P8B |
File size: | 5777432 bytes |
MD5 hash: | 0083f1f0e77be34ad27f849842bbb00c |
General |
---|
Start time: | 18:24:08 |
Start date: | 25/11/2021 |
Path: | /tmp/IOg8XL9P8B |
Arguments: | n/a |
File size: | 5777432 bytes |
MD5 hash: | 0083f1f0e77be34ad27f849842bbb00c |
General |
---|
Start time: | 18:24:08 |
Start date: | 25/11/2021 |
Path: | /tmp/IOg8XL9P8B |
Arguments: | n/a |
File size: | 5777432 bytes |
MD5 hash: | 0083f1f0e77be34ad27f849842bbb00c |
General |
---|
Start time: | 18:24:08 |
Start date: | 25/11/2021 |
Path: | /tmp/IOg8XL9P8B |
Arguments: | n/a |
File size: | 5777432 bytes |
MD5 hash: | 0083f1f0e77be34ad27f849842bbb00c |
General |
---|
Start time: | 18:24:08 |
Start date: | 25/11/2021 |
Path: | /tmp/IOg8XL9P8B |
Arguments: | n/a |
File size: | 5777432 bytes |
MD5 hash: | 0083f1f0e77be34ad27f849842bbb00c |
General |
---|
Start time: | 18:24:08 |
Start date: | 25/11/2021 |
Path: | /tmp/IOg8XL9P8B |
Arguments: | n/a |
File size: | 5777432 bytes |
MD5 hash: | 0083f1f0e77be34ad27f849842bbb00c |
General |
---|
Start time: | 18:24:08 |
Start date: | 25/11/2021 |
Path: | /tmp/IOg8XL9P8B |
Arguments: | n/a |
File size: | 5777432 bytes |
MD5 hash: | 0083f1f0e77be34ad27f849842bbb00c |
General |
---|
Start time: | 18:24:08 |
Start date: | 25/11/2021 |
Path: | /bin/sh |
Arguments: | sh -c "rm -rf /tmp/* /var/* /var/run/* /var/tmp/*" |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 18:24:09 |
Start date: | 25/11/2021 |
Path: | /bin/sh |
Arguments: | n/a |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 18:24:09 |
Start date: | 25/11/2021 |
Path: | /usr/bin/rm |
Arguments: | rm -rf /tmp/IOg8XL9P8B /tmp/config-err-dHT8bZ /tmp/dmesgtail.log /tmp/snap.lxd /tmp/ssh-hOQ5FjG2iVgO /tmp/systemd-private-ec795e01d534441298b2bf519e4c51fc-ModemManager.service-c4RYFi /tmp/systemd-private-ec795e01d534441298b2bf519e4c51fc-colord.service-gKIF8e /tmp/systemd-private-ec795e01d534441298b2bf519e4c51fc-fwupd.service-gB0a9f /tmp/systemd-private-ec795e01d534441298b2bf519e4c51fc-switcheroo-control.service-APWnLg /tmp/systemd-private-ec795e01d534441298b2bf519e4c51fc-systemd-logind.service-IofUpj /tmp/systemd-private-ec795e01d534441298b2bf519e4c51fc-systemd-resolved.service-AfPZzg /tmp/systemd-private-ec795e01d534441298b2bf519e4c51fc-upower.service-x0xO0i /tmp/vmware-root_721-4290559889 /var/backups /var/cache /var/crash /var/lib /var/local /var/lock /var/log /var/mail /var/metrics /var/opt /var/run /var/snap /var/spool /var/tmp /var/run/NetworkManager /var/run/acpid.pid /var/run/acpid.socket /var/run/apport.lock /var/run/avahi-daemon /var/run/blkid /var/run/cloud-init /var/run/console-setup /var/run/crond.pid /var/run/crond.reboot /var/run/cryptsetup /var/run/cups /var/run/dbus /var/run/dmeventd-client /var/run/dmeventd-server /var/run/gdm3 /var/run/gdm3.pid /var/run/initctl /var/run/initramfs /var/run/irqbalance /var/run/lock /var/run/log /var/run/lvm /var/run/mlocate.daily.lock /var/run/mono-xsp4 /var/run/mono-xsp4.pid /var/run/motd.d /var/run/mount /var/run/multipathd.pid /var/run/netns /var/run/network /var/run/screen /var/run/sendsigs.omit.d /var/run/shm /var/run/snapd /var/run/snapd-snap.socket /var/run/snapd.socket /var/run/speech-dispatcher /var/run/spice-vdagentd /var/run/sshd /var/run/sshd.pid /var/run/sudo /var/run/systemd /var/run/tmpfiles.d /var/run/udev /var/run/udisks2 /var/run/unattended-upgrades.lock /var/run/user /var/run/utmp /var/run/uuidd /var/run/vmware /var/tmp/systemd-private-ec795e01d534441298b2bf519e4c51fc-ModemManager.service-J6Q1Te /var/tmp/systemd-private-ec795e01d534441298b2bf519e4c51fc-colord.service-srP90f /var/tmp/systemd-private-ec795e01d534441298b2bf519e4c51fc-fwupd.service-biJ0Gi /var/tmp/systemd-private-ec795e01d534441298b2bf519e4c51fc-switcheroo-control.service-1jIxdj /var/tmp/systemd-private-ec795e01d534441298b2bf519e4c51fc-systemd-logind.service-llmWag /var/tmp/systemd-private-ec795e01d534441298b2bf519e4c51fc-systemd-resolved.service-X16eHh /var/tmp/systemd-private-ec795e01d534441298b2bf519e4c51fc-upower.service-GpSnaf |
File size: | 72056 bytes |
MD5 hash: | aa2b5496fdbfd88e38791ab81f90b95b |
General |
---|
Start time: | 18:24:28 |
Start date: | 25/11/2021 |
Path: | /tmp/IOg8XL9P8B |
Arguments: | n/a |
File size: | 5777432 bytes |
MD5 hash: | 0083f1f0e77be34ad27f849842bbb00c |
General |
---|
Start time: | 18:24:28 |
Start date: | 25/11/2021 |
Path: | /bin/sh |
Arguments: | sh -c "rm -rf /var/log/wtmp" |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 18:24:28 |
Start date: | 25/11/2021 |
Path: | /bin/sh |
Arguments: | n/a |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 18:24:28 |
Start date: | 25/11/2021 |
Path: | /usr/bin/rm |
Arguments: | rm -rf /var/log/wtmp |
File size: | 72056 bytes |
MD5 hash: | aa2b5496fdbfd88e38791ab81f90b95b |
General |
---|
Start time: | 18:24:28 |
Start date: | 25/11/2021 |
Path: | /tmp/IOg8XL9P8B |
Arguments: | n/a |
File size: | 5777432 bytes |
MD5 hash: | 0083f1f0e77be34ad27f849842bbb00c |
General |
---|
Start time: | 18:24:28 |
Start date: | 25/11/2021 |
Path: | /bin/sh |
Arguments: | sh -c "rm -rf /tmp/*" |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 18:24:28 |
Start date: | 25/11/2021 |
Path: | /bin/sh |
Arguments: | n/a |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 18:24:28 |
Start date: | 25/11/2021 |
Path: | /usr/bin/rm |
Arguments: | rm -rf /tmp/* |
File size: | 72056 bytes |
MD5 hash: | aa2b5496fdbfd88e38791ab81f90b95b |
General |
---|
Start time: | 18:24:28 |
Start date: | 25/11/2021 |
Path: | /tmp/IOg8XL9P8B |
Arguments: | n/a |
File size: | 5777432 bytes |
MD5 hash: | 0083f1f0e77be34ad27f849842bbb00c |
General |
---|
Start time: | 18:24:28 |
Start date: | 25/11/2021 |
Path: | /bin/sh |
Arguments: | sh -c "rm -rf /bin/netstat" |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 18:24:28 |
Start date: | 25/11/2021 |
Path: | /bin/sh |
Arguments: | n/a |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 18:24:28 |
Start date: | 25/11/2021 |
Path: | /usr/bin/rm |
Arguments: | rm -rf /bin/netstat |
File size: | 72056 bytes |
MD5 hash: | aa2b5496fdbfd88e38791ab81f90b95b |
General |
---|
Start time: | 18:24:28 |
Start date: | 25/11/2021 |
Path: | /tmp/IOg8XL9P8B |
Arguments: | n/a |
File size: | 5777432 bytes |
MD5 hash: | 0083f1f0e77be34ad27f849842bbb00c |
General |
---|
Start time: | 18:24:28 |
Start date: | 25/11/2021 |
Path: | /bin/sh |
Arguments: | sh -c "iptables -F" |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 18:24:28 |
Start date: | 25/11/2021 |
Path: | /bin/sh |
Arguments: | n/a |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 18:24:28 |
Start date: | 25/11/2021 |
Path: | /usr/sbin/iptables |
Arguments: | iptables -F |
File size: | 99296 bytes |
MD5 hash: | 1ab05fef765b6342cdfadaa5275b33af |
General |
---|
Start time: | 18:24:28 |
Start date: | 25/11/2021 |
Path: | /tmp/IOg8XL9P8B |
Arguments: | n/a |
File size: | 5777432 bytes |
MD5 hash: | 0083f1f0e77be34ad27f849842bbb00c |
General |
---|
Start time: | 18:24:28 |
Start date: | 25/11/2021 |
Path: | /bin/sh |
Arguments: | sh -c "pkill -9 busybox" |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 18:24:28 |
Start date: | 25/11/2021 |
Path: | /bin/sh |
Arguments: | n/a |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 18:24:28 |
Start date: | 25/11/2021 |
Path: | /usr/bin/pkill |
Arguments: | pkill -9 busybox |
File size: | 30968 bytes |
MD5 hash: | fa96a75a08109d8842e4865b2907d51f |
General |
---|
Start time: | 18:24:32 |
Start date: | 25/11/2021 |
Path: | /tmp/IOg8XL9P8B |
Arguments: | n/a |
File size: | 5777432 bytes |
MD5 hash: | 0083f1f0e77be34ad27f849842bbb00c |
General |
---|
Start time: | 18:24:32 |
Start date: | 25/11/2021 |
Path: | /bin/sh |
Arguments: | sh -c "pkill -9 perl" |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 18:24:32 |
Start date: | 25/11/2021 |
Path: | /bin/sh |
Arguments: | n/a |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 18:24:32 |
Start date: | 25/11/2021 |
Path: | /usr/bin/pkill |
Arguments: | pkill -9 perl |
File size: | 30968 bytes |
MD5 hash: | fa96a75a08109d8842e4865b2907d51f |
General |
---|
Start time: | 18:24:35 |
Start date: | 25/11/2021 |
Path: | /tmp/IOg8XL9P8B |
Arguments: | n/a |
File size: | 5777432 bytes |
MD5 hash: | 0083f1f0e77be34ad27f849842bbb00c |
General |
---|
Start time: | 18:24:35 |
Start date: | 25/11/2021 |
Path: | /bin/sh |
Arguments: | sh -c "pkill -9 python" |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 18:24:35 |
Start date: | 25/11/2021 |
Path: | /bin/sh |
Arguments: | n/a |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 18:24:35 |
Start date: | 25/11/2021 |
Path: | /usr/bin/pkill |
Arguments: | pkill -9 python |
File size: | 30968 bytes |
MD5 hash: | fa96a75a08109d8842e4865b2907d51f |
General |
---|
Start time: | 18:24:39 |
Start date: | 25/11/2021 |
Path: | /tmp/IOg8XL9P8B |
Arguments: | n/a |
File size: | 5777432 bytes |
MD5 hash: | 0083f1f0e77be34ad27f849842bbb00c |
General |
---|
Start time: | 18:24:39 |
Start date: | 25/11/2021 |
Path: | /bin/sh |
Arguments: | sh -c "service iptables stop" |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 18:24:39 |
Start date: | 25/11/2021 |
Path: | /bin/sh |
Arguments: | n/a |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 18:24:39 |
Start date: | 25/11/2021 |
Path: | /usr/sbin/service |
Arguments: | service iptables stop |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 18:24:39 |
Start date: | 25/11/2021 |
Path: | /usr/sbin/service |
Arguments: | n/a |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 18:24:39 |
Start date: | 25/11/2021 |
Path: | /usr/bin/basename |
Arguments: | basename /usr/sbin/service |
File size: | 39256 bytes |
MD5 hash: | 3283660e59f128df18bec9b96fbd4d41 |
General |
---|
Start time: | 18:24:39 |
Start date: | 25/11/2021 |
Path: | /usr/sbin/service |
Arguments: | n/a |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 18:24:39 |
Start date: | 25/11/2021 |
Path: | /usr/bin/basename |
Arguments: | basename /usr/sbin/service |
File size: | 39256 bytes |
MD5 hash: | 3283660e59f128df18bec9b96fbd4d41 |
General |
---|
Start time: | 18:24:39 |
Start date: | 25/11/2021 |
Path: | /usr/sbin/service |
Arguments: | n/a |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 18:24:39 |
Start date: | 25/11/2021 |
Path: | /usr/bin/systemctl |
Arguments: | systemctl --quiet is-active multi-user.target |
File size: | 996584 bytes |
MD5 hash: | 4deddfb6741481f68aeac522cc26ff4b |
General |
---|
Start time: | 18:24:39 |
Start date: | 25/11/2021 |
Path: | /usr/sbin/service |
Arguments: | n/a |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 18:24:39 |
Start date: | 25/11/2021 |
Path: | /usr/sbin/service |
Arguments: | n/a |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 18:24:39 |
Start date: | 25/11/2021 |
Path: | /usr/bin/systemctl |
Arguments: | systemctl list-unit-files --full --type=socket |
File size: | 996584 bytes |
MD5 hash: | 4deddfb6741481f68aeac522cc26ff4b |
General |
---|
Start time: | 18:24:39 |
Start date: | 25/11/2021 |
Path: | /usr/sbin/service |
Arguments: | n/a |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 18:24:39 |
Start date: | 25/11/2021 |
Path: | /usr/bin/sed |
Arguments: | sed -ne s/\\.socket\\s*[a-z]*\\s*$/.socket/p |
File size: | 121288 bytes |
MD5 hash: | 885062561f66aa1d4af4c54b9e7cc81a |
General |
---|
Start time: | 18:24:43 |
Start date: | 25/11/2021 |
Path: | /usr/bin/systemctl |
Arguments: | systemctl stop iptables.service |
File size: | 996584 bytes |
MD5 hash: | 4deddfb6741481f68aeac522cc26ff4b |
General |
---|
Start time: | 18:24:43 |
Start date: | 25/11/2021 |
Path: | /tmp/IOg8XL9P8B |
Arguments: | n/a |
File size: | 5777432 bytes |
MD5 hash: | 0083f1f0e77be34ad27f849842bbb00c |
General |
---|
Start time: | 18:24:43 |
Start date: | 25/11/2021 |
Path: | /bin/sh |
Arguments: | sh -c "/sbin/iptables -F; /sbin/iptables -X" |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 18:24:43 |
Start date: | 25/11/2021 |
Path: | /bin/sh |
Arguments: | n/a |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 18:24:43 |
Start date: | 25/11/2021 |
Path: | /sbin/iptables |
Arguments: | /sbin/iptables -F |
File size: | 99296 bytes |
MD5 hash: | 1ab05fef765b6342cdfadaa5275b33af |
General |
---|
Start time: | 18:24:43 |
Start date: | 25/11/2021 |
Path: | /bin/sh |
Arguments: | n/a |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 18:24:43 |
Start date: | 25/11/2021 |
Path: | /sbin/iptables |
Arguments: | /sbin/iptables -X |
File size: | 99296 bytes |
MD5 hash: | 1ab05fef765b6342cdfadaa5275b33af |
General |
---|
Start time: | 18:24:43 |
Start date: | 25/11/2021 |
Path: | /tmp/IOg8XL9P8B |
Arguments: | n/a |
File size: | 5777432 bytes |
MD5 hash: | 0083f1f0e77be34ad27f849842bbb00c |
General |
---|
Start time: | 18:24:43 |
Start date: | 25/11/2021 |
Path: | /bin/sh |
Arguments: | sh -c "service firewalld stop" |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 18:24:43 |
Start date: | 25/11/2021 |
Path: | /bin/sh |
Arguments: | n/a |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 18:24:43 |
Start date: | 25/11/2021 |
Path: | /usr/sbin/service |
Arguments: | service firewalld stop |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 18:24:43 |
Start date: | 25/11/2021 |
Path: | /usr/sbin/service |
Arguments: | n/a |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 18:24:43 |
Start date: | 25/11/2021 |
Path: | /usr/bin/basename |
Arguments: | basename /usr/sbin/service |
File size: | 39256 bytes |
MD5 hash: | 3283660e59f128df18bec9b96fbd4d41 |
General |
---|
Start time: | 18:24:43 |
Start date: | 25/11/2021 |
Path: | /usr/sbin/service |
Arguments: | n/a |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 18:24:43 |
Start date: | 25/11/2021 |
Path: | /usr/bin/basename |
Arguments: | basename /usr/sbin/service |
File size: | 39256 bytes |
MD5 hash: | 3283660e59f128df18bec9b96fbd4d41 |
General |
---|
Start time: | 18:24:43 |
Start date: | 25/11/2021 |
Path: | /usr/sbin/service |
Arguments: | n/a |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 18:24:43 |
Start date: | 25/11/2021 |
Path: | /usr/bin/systemctl |
Arguments: | systemctl --quiet is-active multi-user.target |
File size: | 996584 bytes |
MD5 hash: | 4deddfb6741481f68aeac522cc26ff4b |
General |
---|
Start time: | 18:24:43 |
Start date: | 25/11/2021 |
Path: | /usr/sbin/service |
Arguments: | n/a |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 18:24:43 |
Start date: | 25/11/2021 |
Path: | /usr/sbin/service |
Arguments: | n/a |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 18:24:43 |
Start date: | 25/11/2021 |
Path: | /usr/bin/systemctl |
Arguments: | systemctl list-unit-files --full --type=socket |
File size: | 996584 bytes |
MD5 hash: | 4deddfb6741481f68aeac522cc26ff4b |
General |
---|
Start time: | 18:24:43 |
Start date: | 25/11/2021 |
Path: | /usr/sbin/service |
Arguments: | n/a |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 18:24:43 |
Start date: | 25/11/2021 |
Path: | /usr/bin/sed |
Arguments: | sed -ne s/\\.socket\\s*[a-z]*\\s*$/.socket/p |
File size: | 121288 bytes |
MD5 hash: | 885062561f66aa1d4af4c54b9e7cc81a |
General |
---|
Start time: | 18:24:48 |
Start date: | 25/11/2021 |
Path: | /usr/bin/systemctl |
Arguments: | systemctl stop firewalld.service |
File size: | 996584 bytes |
MD5 hash: | 4deddfb6741481f68aeac522cc26ff4b |
General |
---|
Start time: | 18:24:48 |
Start date: | 25/11/2021 |
Path: | /tmp/IOg8XL9P8B |
Arguments: | n/a |
File size: | 5777432 bytes |
MD5 hash: | 0083f1f0e77be34ad27f849842bbb00c |
General |
---|
Start time: | 18:24:48 |
Start date: | 25/11/2021 |
Path: | /bin/sh |
Arguments: | sh -c "rm -rf ~/.bash_history" |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 18:24:48 |
Start date: | 25/11/2021 |
Path: | /bin/sh |
Arguments: | n/a |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 18:24:48 |
Start date: | 25/11/2021 |
Path: | /usr/bin/rm |
Arguments: | rm -rf /root/.bash_history |
File size: | 72056 bytes |
MD5 hash: | aa2b5496fdbfd88e38791ab81f90b95b |
General |
---|
Start time: | 18:24:48 |
Start date: | 25/11/2021 |
Path: | /tmp/IOg8XL9P8B |
Arguments: | n/a |
File size: | 5777432 bytes |
MD5 hash: | 0083f1f0e77be34ad27f849842bbb00c |
General |
---|
Start time: | 18:24:48 |
Start date: | 25/11/2021 |
Path: | /bin/sh |
Arguments: | sh -c "history -c" |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 18:24:55 |
Start date: | 25/11/2021 |
Path: | /tmp/IOg8XL9P8B |
Arguments: | n/a |
File size: | 5777432 bytes |
MD5 hash: | 0083f1f0e77be34ad27f849842bbb00c |
General |
---|
Start time: | 18:24:55 |
Start date: | 25/11/2021 |
Path: | /tmp/IOg8XL9P8B |
Arguments: | n/a |
File size: | 5777432 bytes |
MD5 hash: | 0083f1f0e77be34ad27f849842bbb00c |
General |
---|
Start time: | 18:24:55 |
Start date: | 25/11/2021 |
Path: | /tmp/IOg8XL9P8B |
Arguments: | n/a |
File size: | 5777432 bytes |
MD5 hash: | 0083f1f0e77be34ad27f849842bbb00c |
General |
---|
Start time: | 18:24:55 |
Start date: | 25/11/2021 |
Path: | /tmp/IOg8XL9P8B |
Arguments: | n/a |
File size: | 5777432 bytes |
MD5 hash: | 0083f1f0e77be34ad27f849842bbb00c |
General |
---|
Start time: | 18:25:00 |
Start date: | 25/11/2021 |
Path: | /usr/lib/systemd/systemd |
Arguments: | n/a |
File size: | 1620224 bytes |
MD5 hash: | 9b2bec7092a40488108543f9334aab75 |
General |
---|
Start time: | 18:25:00 |
Start date: | 25/11/2021 |
Path: | /usr/bin/whoopsie |
Arguments: | /usr/bin/whoopsie -f |
File size: | 68592 bytes |
MD5 hash: | d3a6915d0e7398fb4c89a037c13959c8 |
General |
---|
Start time: | 18:25:04 |
Start date: | 25/11/2021 |
Path: | /usr/lib/systemd/systemd |
Arguments: | n/a |
File size: | 1620224 bytes |
MD5 hash: | 9b2bec7092a40488108543f9334aab75 |
General |
---|
Start time: | 18:25:04 |
Start date: | 25/11/2021 |
Path: | /usr/sbin/sshd |
Arguments: | /usr/sbin/sshd -t |
File size: | 876328 bytes |
MD5 hash: | dbca7a6bbf7bf57fedac243d4b2cb340 |
General |
---|
Start time: | 18:25:04 |
Start date: | 25/11/2021 |
Path: | /usr/lib/systemd/systemd |
Arguments: | n/a |
File size: | 1620224 bytes |
MD5 hash: | 9b2bec7092a40488108543f9334aab75 |
General |
---|
Start time: | 18:25:04 |
Start date: | 25/11/2021 |
Path: | /usr/sbin/sshd |
Arguments: | /usr/sbin/sshd -D |
File size: | 876328 bytes |
MD5 hash: | dbca7a6bbf7bf57fedac243d4b2cb340 |
General |
---|
Start time: | 18:25:11 |
Start date: | 25/11/2021 |
Path: | /usr/sbin/gdm3 |
Arguments: | n/a |
File size: | 453296 bytes |
MD5 hash: | 2492e2d8d34f9377e3e530a61a15674f |
General |
---|
Start time: | 18:25:11 |
Start date: | 25/11/2021 |
Path: | /etc/gdm3/PrimeOff/Default |
Arguments: | /etc/gdm3/PrimeOff/Default |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 18:25:11 |
Start date: | 25/11/2021 |
Path: | /usr/sbin/gdm3 |
Arguments: | n/a |
File size: | 453296 bytes |
MD5 hash: | 2492e2d8d34f9377e3e530a61a15674f |
General |
---|
Start time: | 18:25:11 |
Start date: | 25/11/2021 |
Path: | /etc/gdm3/PrimeOff/Default |
Arguments: | /etc/gdm3/PrimeOff/Default |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 18:25:13 |
Start date: | 25/11/2021 |
Path: | /usr/lib/systemd/systemd |
Arguments: | n/a |
File size: | 1620224 bytes |
MD5 hash: | 9b2bec7092a40488108543f9334aab75 |
General |
---|
Start time: | 18:25:13 |
Start date: | 25/11/2021 |
Path: | /usr/lib/accountsservice/accounts-daemon |
Arguments: | /usr/lib/accountsservice/accounts-daemon |
File size: | 203192 bytes |
MD5 hash: | 01a899e3fb5e7e434bea1290255a1f30 |
General |
---|
Start time: | 18:25:34 |
Start date: | 25/11/2021 |
Path: | /usr/lib/systemd/systemd |
Arguments: | n/a |
File size: | 1620224 bytes |
MD5 hash: | 9b2bec7092a40488108543f9334aab75 |
General |
---|
Start time: | 18:25:34 |
Start date: | 25/11/2021 |
Path: | /usr/bin/pulseaudio |
Arguments: | /usr/bin/pulseaudio --daemonize=no --log-target=journal |
File size: | 100832 bytes |
MD5 hash: | 0c3b4c789d8ffb12b25507f27e14c186 |
General |
---|
Start time: | 18:25:39 |
Start date: | 25/11/2021 |
Path: | /usr/lib/systemd/systemd |
Arguments: | n/a |
File size: | 1620224 bytes |
MD5 hash: | 9b2bec7092a40488108543f9334aab75 |
General |
---|
Start time: | 18:25:39 |
Start date: | 25/11/2021 |
Path: | /usr/bin/gpu-manager |
Arguments: | /usr/bin/gpu-manager --log /var/log/gpu-manager.log |
File size: | 76616 bytes |
MD5 hash: | 8fae9dd5dd67e1f33d873089c2fd8761 |
General |
---|
Start time: | 18:25:39 |
Start date: | 25/11/2021 |
Path: | /usr/bin/gpu-manager |
Arguments: | n/a |
File size: | 76616 bytes |
MD5 hash: | 8fae9dd5dd67e1f33d873089c2fd8761 |
General |
---|
Start time: | 18:25:39 |
Start date: | 25/11/2021 |
Path: | /bin/sh |
Arguments: | sh -c "grep -G \"^blacklist.*nvidia[[:space:]]*$\" /etc/modprobe.d/*.conf" |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 18:25:39 |
Start date: | 25/11/2021 |
Path: | /bin/sh |
Arguments: | n/a |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 18:25:39 |
Start date: | 25/11/2021 |
Path: | /usr/bin/grep |
Arguments: | grep -G ^blacklist.*nvidia[[:space:]]*$ /etc/modprobe.d/alsa-base.conf /etc/modprobe.d/amd64-microcode-blacklist.conf /etc/modprobe.d/blacklist-ath_pci.conf /etc/modprobe.d/blacklist-firewire.conf /etc/modprobe.d/blacklist-framebuffer.conf /etc/modprobe.d/blacklist-modem.conf /etc/modprobe.d/blacklist-oss.conf /etc/modprobe.d/blacklist-rare-network.conf /etc/modprobe.d/blacklist.conf /etc/modprobe.d/intel-microcode-blacklist.conf /etc/modprobe.d/iwlwifi.conf /etc/modprobe.d/mdadm.conf |
File size: | 199136 bytes |
MD5 hash: | 1e6ebb9dd094f774478f72727bdba0f5 |
General |
---|
Start time: | 18:25:39 |
Start date: | 25/11/2021 |
Path: | /usr/bin/gpu-manager |
Arguments: | n/a |
File size: | 76616 bytes |
MD5 hash: | 8fae9dd5dd67e1f33d873089c2fd8761 |
General |
---|
Start time: | 18:25:39 |
Start date: | 25/11/2021 |
Path: | /bin/sh |
Arguments: | sh -c "grep -G \"^blacklist.*nvidia[[:space:]]*$\" /lib/modprobe.d/*.conf" |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 18:25:39 |
Start date: | 25/11/2021 |
Path: | /bin/sh |
Arguments: | n/a |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 18:25:39 |
Start date: | 25/11/2021 |
Path: | /usr/bin/grep |
Arguments: | grep -G ^blacklist.*nvidia[[:space:]]*$ /lib/modprobe.d/aliases.conf /lib/modprobe.d/blacklist_linux_5.4.0-72-generic.conf /lib/modprobe.d/blacklist_linux_5.4.0-81-generic.conf /lib/modprobe.d/fbdev-blacklist.conf /lib/modprobe.d/systemd.conf |
File size: | 199136 bytes |
MD5 hash: | 1e6ebb9dd094f774478f72727bdba0f5 |
General |
---|
Start time: | 18:25:39 |
Start date: | 25/11/2021 |
Path: | /usr/bin/gpu-manager |
Arguments: | n/a |
File size: | 76616 bytes |
MD5 hash: | 8fae9dd5dd67e1f33d873089c2fd8761 |
General |
---|
Start time: | 18:25:39 |
Start date: | 25/11/2021 |
Path: | /bin/sh |
Arguments: | sh -c "grep -G \"^blacklist.*radeon[[:space:]]*$\" /etc/modprobe.d/*.conf" |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 18:25:39 |
Start date: | 25/11/2021 |
Path: | /bin/sh |
Arguments: | n/a |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 18:25:39 |
Start date: | 25/11/2021 |
Path: | /usr/bin/grep |
Arguments: | grep -G ^blacklist.*radeon[[:space:]]*$ /etc/modprobe.d/alsa-base.conf /etc/modprobe.d/amd64-microcode-blacklist.conf /etc/modprobe.d/blacklist-ath_pci.conf /etc/modprobe.d/blacklist-firewire.conf /etc/modprobe.d/blacklist-framebuffer.conf /etc/modprobe.d/blacklist-modem.conf /etc/modprobe.d/blacklist-oss.conf /etc/modprobe.d/blacklist-rare-network.conf /etc/modprobe.d/blacklist.conf /etc/modprobe.d/intel-microcode-blacklist.conf /etc/modprobe.d/iwlwifi.conf /etc/modprobe.d/mdadm.conf |
File size: | 199136 bytes |
MD5 hash: | 1e6ebb9dd094f774478f72727bdba0f5 |
General |
---|
Start time: | 18:25:39 |
Start date: | 25/11/2021 |
Path: | /usr/bin/gpu-manager |
Arguments: | n/a |
File size: | 76616 bytes |
MD5 hash: | 8fae9dd5dd67e1f33d873089c2fd8761 |
General |
---|
Start time: | 18:25:39 |
Start date: | 25/11/2021 |
Path: | /bin/sh |
Arguments: | sh -c "grep -G \"^blacklist.*radeon[[:space:]]*$\" /lib/modprobe.d/*.conf" |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 18:25:39 |
Start date: | 25/11/2021 |
Path: | /bin/sh |
Arguments: | n/a |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 18:25:39 |
Start date: | 25/11/2021 |
Path: | /usr/bin/grep |
Arguments: | grep -G ^blacklist.*radeon[[:space:]]*$ /lib/modprobe.d/aliases.conf /lib/modprobe.d/blacklist_linux_5.4.0-72-generic.conf /lib/modprobe.d/blacklist_linux_5.4.0-81-generic.conf /lib/modprobe.d/fbdev-blacklist.conf /lib/modprobe.d/systemd.conf |
File size: | 199136 bytes |
MD5 hash: | 1e6ebb9dd094f774478f72727bdba0f5 |
General |
---|
Start time: | 18:25:40 |
Start date: | 25/11/2021 |
Path: | /usr/bin/gpu-manager |
Arguments: | n/a |
File size: | 76616 bytes |
MD5 hash: | 8fae9dd5dd67e1f33d873089c2fd8761 |
General |
---|
Start time: | 18:25:40 |
Start date: | 25/11/2021 |
Path: | /bin/sh |
Arguments: | sh -c "grep -G \"^blacklist.*amdgpu[[:space:]]*$\" /etc/modprobe.d/*.conf" |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 18:25:40 |
Start date: | 25/11/2021 |
Path: | /bin/sh |
Arguments: | n/a |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 18:25:40 |
Start date: | 25/11/2021 |
Path: | /usr/bin/grep |
Arguments: | grep -G ^blacklist.*amdgpu[[:space:]]*$ /etc/modprobe.d/alsa-base.conf /etc/modprobe.d/amd64-microcode-blacklist.conf /etc/modprobe.d/blacklist-ath_pci.conf /etc/modprobe.d/blacklist-firewire.conf /etc/modprobe.d/blacklist-framebuffer.conf /etc/modprobe.d/blacklist-modem.conf /etc/modprobe.d/blacklist-oss.conf /etc/modprobe.d/blacklist-rare-network.conf /etc/modprobe.d/blacklist.conf /etc/modprobe.d/intel-microcode-blacklist.conf /etc/modprobe.d/iwlwifi.conf /etc/modprobe.d/mdadm.conf |
File size: | 199136 bytes |
MD5 hash: | 1e6ebb9dd094f774478f72727bdba0f5 |
General |
---|
Start time: | 18:25:40 |
Start date: | 25/11/2021 |
Path: | /usr/bin/gpu-manager |
Arguments: | n/a |
File size: | 76616 bytes |
MD5 hash: | 8fae9dd5dd67e1f33d873089c2fd8761 |
General |
---|
Start time: | 18:25:40 |
Start date: | 25/11/2021 |
Path: | /bin/sh |
Arguments: | sh -c "grep -G \"^blacklist.*amdgpu[[:space:]]*$\" /lib/modprobe.d/*.conf" |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 18:25:40 |
Start date: | 25/11/2021 |
Path: | /bin/sh |
Arguments: | n/a |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 18:25:40 |
Start date: | 25/11/2021 |
Path: | /usr/bin/grep |
Arguments: | grep -G ^blacklist.*amdgpu[[:space:]]*$ /lib/modprobe.d/aliases.conf /lib/modprobe.d/blacklist_linux_5.4.0-72-generic.conf /lib/modprobe.d/blacklist_linux_5.4.0-81-generic.conf /lib/modprobe.d/fbdev-blacklist.conf /lib/modprobe.d/systemd.conf |
File size: | 199136 bytes |
MD5 hash: | 1e6ebb9dd094f774478f72727bdba0f5 |
General |
---|
Start time: | 18:25:41 |
Start date: | 25/11/2021 |
Path: | /usr/bin/gpu-manager |
Arguments: | n/a |
File size: | 76616 bytes |
MD5 hash: | 8fae9dd5dd67e1f33d873089c2fd8761 |
General |
---|
Start time: | 18:25:41 |
Start date: | 25/11/2021 |
Path: | /bin/sh |
Arguments: | sh -c "grep -G \"^blacklist.*nouveau[[:space:]]*$\" /etc/modprobe.d/*.conf" |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 18:25:41 |
Start date: | 25/11/2021 |
Path: | /bin/sh |
Arguments: | n/a |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 18:25:41 |
Start date: | 25/11/2021 |
Path: | /usr/bin/grep |
Arguments: | grep -G ^blacklist.*nouveau[[:space:]]*$ /etc/modprobe.d/alsa-base.conf /etc/modprobe.d/amd64-microcode-blacklist.conf /etc/modprobe.d/blacklist-ath_pci.conf /etc/modprobe.d/blacklist-firewire.conf /etc/modprobe.d/blacklist-framebuffer.conf /etc/modprobe.d/blacklist-modem.conf /etc/modprobe.d/blacklist-oss.conf /etc/modprobe.d/blacklist-rare-network.conf /etc/modprobe.d/blacklist.conf /etc/modprobe.d/intel-microcode-blacklist.conf /etc/modprobe.d/iwlwifi.conf /etc/modprobe.d/mdadm.conf |
File size: | 199136 bytes |
MD5 hash: | 1e6ebb9dd094f774478f72727bdba0f5 |
General |
---|
Start time: | 18:25:41 |
Start date: | 25/11/2021 |
Path: | /usr/bin/gpu-manager |
Arguments: | n/a |
File size: | 76616 bytes |
MD5 hash: | 8fae9dd5dd67e1f33d873089c2fd8761 |
General |
---|
Start time: | 18:25:41 |
Start date: | 25/11/2021 |
Path: | /bin/sh |
Arguments: | sh -c "grep -G \"^blacklist.*nouveau[[:space:]]*$\" /lib/modprobe.d/*.conf" |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 18:25:41 |
Start date: | 25/11/2021 |
Path: | /bin/sh |
Arguments: | n/a |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 18:25:41 |
Start date: | 25/11/2021 |
Path: | /usr/bin/grep |
Arguments: | grep -G ^blacklist.*nouveau[[:space:]]*$ /lib/modprobe.d/aliases.conf /lib/modprobe.d/blacklist_linux_5.4.0-72-generic.conf /lib/modprobe.d/blacklist_linux_5.4.0-81-generic.conf /lib/modprobe.d/fbdev-blacklist.conf /lib/modprobe.d/systemd.conf |
File size: | 199136 bytes |
MD5 hash: | 1e6ebb9dd094f774478f72727bdba0f5 |
General |
---|
Start time: | 18:25:41 |
Start date: | 25/11/2021 |
Path: | /usr/lib/systemd/systemd |
Arguments: | n/a |
File size: | 1620224 bytes |
MD5 hash: | 9b2bec7092a40488108543f9334aab75 |
General |
---|
Start time: | 18:25:41 |
Start date: | 25/11/2021 |
Path: | /usr/share/gdm/generate-config |
Arguments: | /usr/share/gdm/generate-config |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 18:25:41 |
Start date: | 25/11/2021 |
Path: | /usr/share/gdm/generate-config |
Arguments: | n/a |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 18:25:41 |
Start date: | 25/11/2021 |
Path: | /usr/bin/pkill |
Arguments: | pkill --signal HUP --uid gdm dconf-service |
File size: | 30968 bytes |
MD5 hash: | fa96a75a08109d8842e4865b2907d51f |
General |
---|
Start time: | 18:25:43 |
Start date: | 25/11/2021 |
Path: | /usr/lib/systemd/systemd |
Arguments: | n/a |
File size: | 1620224 bytes |
MD5 hash: | 9b2bec7092a40488108543f9334aab75 |
General |
---|
Start time: | 18:25:43 |
Start date: | 25/11/2021 |
Path: | /usr/lib/gdm3/gdm-wait-for-drm |
Arguments: | /usr/lib/gdm3/gdm-wait-for-drm |
File size: | 14640 bytes |
MD5 hash: | 82043ba752c6930b4e6aaea2f7747545 |
General |
---|
Start time: | 18:25:46 |
Start date: | 25/11/2021 |
Path: | /usr/libexec/gvfsd-fuse |
Arguments: | n/a |
File size: | 47632 bytes |
MD5 hash: | d18fbf1cbf8eb57b17fac48b7b4be933 |
General |
---|
Start time: | 18:25:46 |
Start date: | 25/11/2021 |
Path: | /bin/fusermount |
Arguments: | fusermount -u -q -z -- /run/user/1000/gvfs |
File size: | 39144 bytes |
MD5 hash: | 576a1b135c82bdcbc97a91acea900566 |
General |
---|
Start time: | 18:25:47 |
Start date: | 25/11/2021 |
Path: | /usr/lib/systemd/systemd |
Arguments: | n/a |
File size: | 1620224 bytes |
MD5 hash: | 9b2bec7092a40488108543f9334aab75 |
General |
---|
Start time: | 18:25:47 |
Start date: | 25/11/2021 |
Path: | /lib/systemd/systemd-user-runtime-dir |
Arguments: | /lib/systemd/systemd-user-runtime-dir stop 1000 |
File size: | 22672 bytes |
MD5 hash: | d55f4b0847f88131dbcfb07435178e54 |
General |
---|
Start time: | 18:25:54 |
Start date: | 25/11/2021 |
Path: | /usr/lib/systemd/systemd |
Arguments: | n/a |
File size: | 1620224 bytes |
MD5 hash: | 9b2bec7092a40488108543f9334aab75 |
General |
---|
Start time: | 18:25:54 |
Start date: | 25/11/2021 |
Path: | /usr/sbin/gdm3 |
Arguments: | /usr/sbin/gdm3 |
File size: | 453296 bytes |
MD5 hash: | 2492e2d8d34f9377e3e530a61a15674f |
General |
---|
Start time: | 18:27:25 |
Start date: | 25/11/2021 |
Path: | /usr/lib/systemd/systemd |
Arguments: | n/a |
File size: | 1620224 bytes |
MD5 hash: | 9b2bec7092a40488108543f9334aab75 |
General |
---|
Start time: | 18:27:25 |
Start date: | 25/11/2021 |
Path: | /usr/bin/gpu-manager |
Arguments: | /usr/bin/gpu-manager --log /var/log/gpu-manager.log |
File size: | 76616 bytes |
MD5 hash: | 8fae9dd5dd67e1f33d873089c2fd8761 |
General |
---|
Start time: | 18:27:25 |
Start date: | 25/11/2021 |
Path: | /usr/bin/gpu-manager |
Arguments: | n/a |
File size: | 76616 bytes |
MD5 hash: | 8fae9dd5dd67e1f33d873089c2fd8761 |
General |
---|
Start time: | 18:27:25 |
Start date: | 25/11/2021 |
Path: | /bin/sh |
Arguments: | sh -c "grep -G \"^blacklist.*nvidia[[:space:]]*$\" /etc/modprobe.d/*.conf" |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 18:27:25 |
Start date: | 25/11/2021 |
Path: | /bin/sh |
Arguments: | n/a |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 18:27:25 |
Start date: | 25/11/2021 |
Path: | /usr/bin/grep |
Arguments: | grep -G ^blacklist.*nvidia[[:space:]]*$ /etc/modprobe.d/alsa-base.conf /etc/modprobe.d/amd64-microcode-blacklist.conf /etc/modprobe.d/blacklist-ath_pci.conf /etc/modprobe.d/blacklist-firewire.conf /etc/modprobe.d/blacklist-framebuffer.conf /etc/modprobe.d/blacklist-modem.conf /etc/modprobe.d/blacklist-oss.conf /etc/modprobe.d/blacklist-rare-network.conf /etc/modprobe.d/blacklist.conf /etc/modprobe.d/intel-microcode-blacklist.conf /etc/modprobe.d/iwlwifi.conf /etc/modprobe.d/mdadm.conf |
File size: | 199136 bytes |
MD5 hash: | 1e6ebb9dd094f774478f72727bdba0f5 |
General |
---|
Start time: | 18:27:25 |
Start date: | 25/11/2021 |
Path: | /usr/bin/gpu-manager |
Arguments: | n/a |
File size: | 76616 bytes |
MD5 hash: | 8fae9dd5dd67e1f33d873089c2fd8761 |
General |
---|
Start time: | 18:27:25 |
Start date: | 25/11/2021 |
Path: | /bin/sh |
Arguments: | sh -c "grep -G \"^blacklist.*nvidia[[:space:]]*$\" /lib/modprobe.d/*.conf" |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 18:27:25 |
Start date: | 25/11/2021 |
Path: | /bin/sh |
Arguments: | n/a |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 18:27:25 |
Start date: | 25/11/2021 |
Path: | /usr/bin/grep |
Arguments: | grep -G ^blacklist.*nvidia[[:space:]]*$ /lib/modprobe.d/aliases.conf /lib/modprobe.d/blacklist_linux_5.4.0-72-generic.conf /lib/modprobe.d/blacklist_linux_5.4.0-81-generic.conf /lib/modprobe.d/fbdev-blacklist.conf /lib/modprobe.d/systemd.conf |
File size: | 199136 bytes |
MD5 hash: | 1e6ebb9dd094f774478f72727bdba0f5 |
General |
---|
Start time: | 18:27:25 |
Start date: | 25/11/2021 |
Path: | /usr/bin/gpu-manager |
Arguments: | n/a |
File size: | 76616 bytes |
MD5 hash: | 8fae9dd5dd67e1f33d873089c2fd8761 |
General |
---|
Start time: | 18:27:25 |
Start date: | 25/11/2021 |
Path: | /bin/sh |
Arguments: | sh -c "grep -G \"^blacklist.*radeon[[:space:]]*$\" /etc/modprobe.d/*.conf" |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 18:27:25 |
Start date: | 25/11/2021 |
Path: | /bin/sh |
Arguments: | n/a |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 18:27:25 |
Start date: | 25/11/2021 |
Path: | /usr/bin/grep |
Arguments: | grep -G ^blacklist.*radeon[[:space:]]*$ /etc/modprobe.d/alsa-base.conf /etc/modprobe.d/amd64-microcode-blacklist.conf /etc/modprobe.d/blacklist-ath_pci.conf /etc/modprobe.d/blacklist-firewire.conf /etc/modprobe.d/blacklist-framebuffer.conf /etc/modprobe.d/blacklist-modem.conf /etc/modprobe.d/blacklist-oss.conf /etc/modprobe.d/blacklist-rare-network.conf /etc/modprobe.d/blacklist.conf /etc/modprobe.d/intel-microcode-blacklist.conf /etc/modprobe.d/iwlwifi.conf /etc/modprobe.d/mdadm.conf |
File size: | 199136 bytes |
MD5 hash: | 1e6ebb9dd094f774478f72727bdba0f5 |
General |
---|
Start time: | 18:27:25 |
Start date: | 25/11/2021 |
Path: | /usr/bin/gpu-manager |
Arguments: | n/a |
File size: | 76616 bytes |
MD5 hash: | 8fae9dd5dd67e1f33d873089c2fd8761 |
General |
---|
Start time: | 18:27:25 |
Start date: | 25/11/2021 |
Path: | /bin/sh |
Arguments: | sh -c "grep -G \"^blacklist.*radeon[[:space:]]*$\" /lib/modprobe.d/*.conf" |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 18:27:25 |
Start date: | 25/11/2021 |
Path: | /bin/sh |
Arguments: | n/a |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 18:27:25 |
Start date: | 25/11/2021 |
Path: | /usr/bin/grep |
Arguments: | grep -G ^blacklist.*radeon[[:space:]]*$ /lib/modprobe.d/aliases.conf /lib/modprobe.d/blacklist_linux_5.4.0-72-generic.conf /lib/modprobe.d/blacklist_linux_5.4.0-81-generic.conf /lib/modprobe.d/fbdev-blacklist.conf /lib/modprobe.d/systemd.conf |
File size: | 199136 bytes |
MD5 hash: | 1e6ebb9dd094f774478f72727bdba0f5 |
General |
---|
Start time: | 18:27:26 |
Start date: | 25/11/2021 |
Path: | /usr/bin/gpu-manager |
Arguments: | n/a |
File size: | 76616 bytes |
MD5 hash: | 8fae9dd5dd67e1f33d873089c2fd8761 |
General |
---|
Start time: | 18:27:26 |
Start date: | 25/11/2021 |
Path: | /bin/sh |
Arguments: | sh -c "grep -G \"^blacklist.*amdgpu[[:space:]]*$\" /etc/modprobe.d/*.conf" |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 18:27:26 |
Start date: | 25/11/2021 |
Path: | /bin/sh |
Arguments: | n/a |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 18:27:26 |
Start date: | 25/11/2021 |
Path: | /usr/bin/grep |
Arguments: | grep -G ^blacklist.*amdgpu[[:space:]]*$ /etc/modprobe.d/alsa-base.conf /etc/modprobe.d/amd64-microcode-blacklist.conf /etc/modprobe.d/blacklist-ath_pci.conf /etc/modprobe.d/blacklist-firewire.conf /etc/modprobe.d/blacklist-framebuffer.conf /etc/modprobe.d/blacklist-modem.conf /etc/modprobe.d/blacklist-oss.conf /etc/modprobe.d/blacklist-rare-network.conf /etc/modprobe.d/blacklist.conf /etc/modprobe.d/intel-microcode-blacklist.conf /etc/modprobe.d/iwlwifi.conf /etc/modprobe.d/mdadm.conf |
File size: | 199136 bytes |
MD5 hash: | 1e6ebb9dd094f774478f72727bdba0f5 |
General |
---|
Start time: | 18:27:26 |
Start date: | 25/11/2021 |
Path: | /usr/bin/gpu-manager |
Arguments: | n/a |
File size: | 76616 bytes |
MD5 hash: | 8fae9dd5dd67e1f33d873089c2fd8761 |
General |
---|
Start time: | 18:27:26 |
Start date: | 25/11/2021 |
Path: | /bin/sh |
Arguments: | sh -c "grep -G \"^blacklist.*amdgpu[[:space:]]*$\" /lib/modprobe.d/*.conf" |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 18:27:26 |
Start date: | 25/11/2021 |
Path: | /bin/sh |
Arguments: | n/a |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 18:27:26 |
Start date: | 25/11/2021 |
Path: | /usr/bin/grep |
Arguments: | grep -G ^blacklist.*amdgpu[[:space:]]*$ /lib/modprobe.d/aliases.conf /lib/modprobe.d/blacklist_linux_5.4.0-72-generic.conf /lib/modprobe.d/blacklist_linux_5.4.0-81-generic.conf /lib/modprobe.d/fbdev-blacklist.conf /lib/modprobe.d/systemd.conf |
File size: | 199136 bytes |
MD5 hash: | 1e6ebb9dd094f774478f72727bdba0f5 |
General |
---|
Start time: | 18:27:26 |
Start date: | 25/11/2021 |
Path: | /usr/bin/gpu-manager |
Arguments: | n/a |
File size: | 76616 bytes |
MD5 hash: | 8fae9dd5dd67e1f33d873089c2fd8761 |
General |
---|
Start time: | 18:27:26 |
Start date: | 25/11/2021 |
Path: | /bin/sh |
Arguments: | sh -c "grep -G \"^blacklist.*nouveau[[:space:]]*$\" /etc/modprobe.d/*.conf" |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 18:27:26 |
Start date: | 25/11/2021 |
Path: | /bin/sh |
Arguments: | n/a |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 18:27:26 |
Start date: | 25/11/2021 |
Path: | /usr/bin/grep |
Arguments: | grep -G ^blacklist.*nouveau[[:space:]]*$ /etc/modprobe.d/alsa-base.conf /etc/modprobe.d/amd64-microcode-blacklist.conf /etc/modprobe.d/blacklist-ath_pci.conf /etc/modprobe.d/blacklist-firewire.conf /etc/modprobe.d/blacklist-framebuffer.conf /etc/modprobe.d/blacklist-modem.conf /etc/modprobe.d/blacklist-oss.conf /etc/modprobe.d/blacklist-rare-network.conf /etc/modprobe.d/blacklist.conf /etc/modprobe.d/intel-microcode-blacklist.conf /etc/modprobe.d/iwlwifi.conf /etc/modprobe.d/mdadm.conf |
File size: | 199136 bytes |
MD5 hash: | 1e6ebb9dd094f774478f72727bdba0f5 |
General |
---|
Start time: | 18:27:27 |
Start date: | 25/11/2021 |
Path: | /usr/bin/gpu-manager |
Arguments: | n/a |
File size: | 76616 bytes |
MD5 hash: | 8fae9dd5dd67e1f33d873089c2fd8761 |
General |
---|
Start time: | 18:27:27 |
Start date: | 25/11/2021 |
Path: | /bin/sh |
Arguments: | sh -c "grep -G \"^blacklist.*nouveau[[:space:]]*$\" /lib/modprobe.d/*.conf" |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 18:27:27 |
Start date: | 25/11/2021 |
Path: | /bin/sh |
Arguments: | n/a |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 18:27:27 |
Start date: | 25/11/2021 |
Path: | /usr/bin/grep |
Arguments: | grep -G ^blacklist.*nouveau[[:space:]]*$ /lib/modprobe.d/aliases.conf /lib/modprobe.d/blacklist_linux_5.4.0-72-generic.conf /lib/modprobe.d/blacklist_linux_5.4.0-81-generic.conf /lib/modprobe.d/fbdev-blacklist.conf /lib/modprobe.d/systemd.conf |
File size: | 199136 bytes |
MD5 hash: | 1e6ebb9dd094f774478f72727bdba0f5 |
General |
---|
Start time: | 18:27:27 |
Start date: | 25/11/2021 |
Path: | /usr/lib/systemd/systemd |
Arguments: | n/a |
File size: | 1620224 bytes |
MD5 hash: | 9b2bec7092a40488108543f9334aab75 |
General |
---|
Start time: | 18:27:27 |
Start date: | 25/11/2021 |
Path: | /usr/share/gdm/generate-config |
Arguments: | /usr/share/gdm/generate-config |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 18:27:27 |
Start date: | 25/11/2021 |
Path: | /usr/share/gdm/generate-config |
Arguments: | n/a |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 18:27:27 |
Start date: | 25/11/2021 |
Path: | /usr/bin/pkill |
Arguments: | pkill --signal HUP --uid gdm dconf-service |
File size: | 30968 bytes |
MD5 hash: | fa96a75a08109d8842e4865b2907d51f |
General |
---|
Start time: | 18:27:29 |
Start date: | 25/11/2021 |
Path: | /usr/lib/systemd/systemd |
Arguments: | n/a |
File size: | 1620224 bytes |
MD5 hash: | 9b2bec7092a40488108543f9334aab75 |
General |
---|
Start time: | 18:27:29 |
Start date: | 25/11/2021 |
Path: | /usr/lib/gdm3/gdm-wait-for-drm |
Arguments: | /usr/lib/gdm3/gdm-wait-for-drm |
File size: | 14640 bytes |
MD5 hash: | 82043ba752c6930b4e6aaea2f7747545 |
General |
---|
Start time: | 18:27:39 |
Start date: | 25/11/2021 |
Path: | /usr/lib/systemd/systemd |
Arguments: | n/a |
File size: | 1620224 bytes |
MD5 hash: | 9b2bec7092a40488108543f9334aab75 |
General |
---|
Start time: | 18:27:39 |
Start date: | 25/11/2021 |
Path: | /usr/sbin/gdm3 |
Arguments: | /usr/sbin/gdm3 |
File size: | 453296 bytes |
MD5 hash: | 2492e2d8d34f9377e3e530a61a15674f |