Files
File Path
|
Type
|
Category
|
Malicious
|
|
---|---|---|---|---|
fuckjewishpeople.mpsl
|
ELF 32-bit LSB executable, MIPS, MIPS-I version 1 (SYSV), statically linked, not stripped
|
initial sample
|
||
/var/cache/motd-news
|
ASCII text
|
dropped
|
Processes
Path
|
Cmdline
|
Malicious
|
|
---|---|---|---|
/tmp/fuckjewishpeople.mpsl
|
/tmp/fuckjewishpeople.mpsl
|
||
/tmp/fuckjewishpeople.mpsl
|
n/a
|
||
/tmp/fuckjewishpeople.mpsl
|
n/a
|
||
/usr/bin/dash
|
n/a
|
||
/usr/bin/cat
|
cat /tmp/tmp.40ubCHwJAq
|
||
/usr/bin/dash
|
n/a
|
||
/usr/bin/head
|
head -n 10
|
||
/usr/bin/dash
|
n/a
|
||
/usr/bin/tr
|
tr -d \\000-\\011\\013\\014\\016-\\037
|
||
/usr/bin/dash
|
n/a
|
||
/usr/bin/cut
|
cut -c -80
|
||
/usr/bin/dash
|
n/a
|
||
/usr/bin/cat
|
cat /tmp/tmp.40ubCHwJAq
|
||
/usr/bin/dash
|
n/a
|
||
/usr/bin/head
|
head -n 10
|
||
/usr/bin/dash
|
n/a
|
||
/usr/bin/tr
|
tr -d \\000-\\011\\013\\014\\016-\\037
|
||
/usr/bin/dash
|
n/a
|
||
/usr/bin/cut
|
cut -c -80
|
||
/usr/bin/dash
|
n/a
|
||
/usr/bin/rm
|
rm -f /tmp/tmp.40ubCHwJAq /tmp/tmp.bCRgpfFGIz /tmp/tmp.Q77njIbz4T
|
There are 11 hidden processes, click here to show them.
URLs
Name
|
IP
|
Malicious
|
|
---|---|---|---|
http://www.baidu.com/search/spider.html)
|
unknown
|
||
http://www.billybobbot.com/crawler/)
|
unknown
|
||
http://fast.no/support/crawler.asp)
|
unknown
|
||
http://feedback.redkolibri.com/
|
unknown
|
||
http://www.baidu.com/search/spider.htm)
|
unknown
|
||
https://ubuntu.com/blog/microk8s-memory-optimisation
|
unknown
|
IPs
IP
|
Domain
|
Country
|
Malicious
|
|
---|---|---|---|---|
54.171.230.55
|
unknown
|
United States
|
||
78.47.230.250
|
unknown
|
Germany
|
||
109.202.202.202
|
unknown
|
Switzerland
|
||
91.189.91.43
|
unknown
|
United Kingdom
|
||
91.189.91.42
|
unknown
|
United Kingdom
|