Source: unknown | TCP traffic detected without corresponding DNS query: 91.189.91.43 |
Source: unknown | TCP traffic detected without corresponding DNS query: 109.202.202.202 |
Source: unknown | TCP traffic detected without corresponding DNS query: 247.69.125.15 |
Source: unknown | TCP traffic detected without corresponding DNS query: 89.62.97.13 |
Source: unknown | TCP traffic detected without corresponding DNS query: 201.64.150.235 |
Source: unknown | TCP traffic detected without corresponding DNS query: 99.33.248.85 |
Source: unknown | TCP traffic detected without corresponding DNS query: 201.133.179.101 |
Source: unknown | TCP traffic detected without corresponding DNS query: 123.213.193.207 |
Source: unknown | TCP traffic detected without corresponding DNS query: 1.55.165.112 |
Source: unknown | TCP traffic detected without corresponding DNS query: 24.220.186.101 |
Source: unknown | TCP traffic detected without corresponding DNS query: 171.190.215.92 |
Source: unknown | TCP traffic detected without corresponding DNS query: 74.219.179.190 |
Source: unknown | TCP traffic detected without corresponding DNS query: 68.55.130.165 |
Source: unknown | TCP traffic detected without corresponding DNS query: 185.134.162.198 |
Source: unknown | TCP traffic detected without corresponding DNS query: 186.120.206.202 |
Source: unknown | TCP traffic detected without corresponding DNS query: 77.237.72.112 |
Source: unknown | TCP traffic detected without corresponding DNS query: 174.100.78.43 |
Source: unknown | TCP traffic detected without corresponding DNS query: 223.213.17.120 |
Source: unknown | TCP traffic detected without corresponding DNS query: 115.70.188.226 |
Source: unknown | TCP traffic detected without corresponding DNS query: 246.88.72.79 |
Source: unknown | TCP traffic detected without corresponding DNS query: 74.4.255.140 |
Source: unknown | TCP traffic detected without corresponding DNS query: 102.96.34.54 |
Source: unknown | TCP traffic detected without corresponding DNS query: 32.126.77.119 |
Source: unknown | TCP traffic detected without corresponding DNS query: 112.187.57.147 |
Source: unknown | TCP traffic detected without corresponding DNS query: 203.108.232.50 |
Source: unknown | TCP traffic detected without corresponding DNS query: 193.38.42.40 |
Source: unknown | TCP traffic detected without corresponding DNS query: 247.249.136.144 |
Source: unknown | TCP traffic detected without corresponding DNS query: 92.175.108.39 |
Source: unknown | TCP traffic detected without corresponding DNS query: 217.67.41.171 |
Source: unknown | TCP traffic detected without corresponding DNS query: 14.179.207.111 |
Source: unknown | TCP traffic detected without corresponding DNS query: 40.187.84.210 |
Source: unknown | TCP traffic detected without corresponding DNS query: 16.28.78.124 |
Source: unknown | TCP traffic detected without corresponding DNS query: 176.2.125.141 |
Source: unknown | TCP traffic detected without corresponding DNS query: 46.15.198.202 |
Source: unknown | TCP traffic detected without corresponding DNS query: 190.75.209.114 |
Source: unknown | TCP traffic detected without corresponding DNS query: 117.38.60.242 |
Source: unknown | TCP traffic detected without corresponding DNS query: 167.69.41.250 |
Source: unknown | TCP traffic detected without corresponding DNS query: 161.24.53.149 |
Source: unknown | TCP traffic detected without corresponding DNS query: 83.225.24.201 |
Source: unknown | TCP traffic detected without corresponding DNS query: 176.136.18.174 |
Source: unknown | TCP traffic detected without corresponding DNS query: 95.2.3.253 |
Source: unknown | TCP traffic detected without corresponding DNS query: 197.117.13.64 |
Source: unknown | TCP traffic detected without corresponding DNS query: 117.20.163.155 |
Source: unknown | TCP traffic detected without corresponding DNS query: 242.36.164.230 |
Source: unknown | TCP traffic detected without corresponding DNS query: 186.200.170.6 |
Source: unknown | TCP traffic detected without corresponding DNS query: 94.33.47.97 |
Source: unknown | TCP traffic detected without corresponding DNS query: 19.183.144.84 |
Source: unknown | TCP traffic detected without corresponding DNS query: 142.183.217.180 |
Source: unknown | TCP traffic detected without corresponding DNS query: 65.118.148.19 |
Source: unknown | TCP traffic detected without corresponding DNS query: 173.151.241.139 |
Source: Nmg21us74I, type: SAMPLE | Matched rule: Detects Mirai Botnet Malware Author: Florian Roth |
Source: Nmg21us74I, type: SAMPLE | Matched rule: Detects ELF malware Mirai related Author: Florian Roth |
Source: 6234.1.00007f86f4017000.00007f86f4027000.r-x.sdmp, type: MEMORY | Matched rule: Detects Mirai Botnet Malware Author: Florian Roth |
Source: 6234.1.00007f86f4017000.00007f86f4027000.r-x.sdmp, type: MEMORY | Matched rule: Detects ELF malware Mirai related Author: Florian Roth |
Source: 6230.1.00007f86f4017000.00007f86f4027000.r-x.sdmp, type: MEMORY | Matched rule: Detects Mirai Botnet Malware Author: Florian Roth |
Source: 6230.1.00007f86f4017000.00007f86f4027000.r-x.sdmp, type: MEMORY | Matched rule: Detects ELF malware Mirai related Author: Florian Roth |
Source: 6252.1.00007f86f4017000.00007f86f4027000.r-x.sdmp, type: MEMORY | Matched rule: Detects Mirai Botnet Malware Author: Florian Roth |
Source: 6252.1.00007f86f4017000.00007f86f4027000.r-x.sdmp, type: MEMORY | Matched rule: Detects ELF malware Mirai related Author: Florian Roth |
Source: 6236.1.00007f86f4017000.00007f86f4027000.r-x.sdmp, type: MEMORY | Matched rule: Detects Mirai Botnet Malware Author: Florian Roth |
Source: 6236.1.00007f86f4017000.00007f86f4027000.r-x.sdmp, type: MEMORY | Matched rule: Detects ELF malware Mirai related Author: Florian Roth |
Source: Nmg21us74I, type: SAMPLE | Matched rule: Mirai_Botnet_Malware date = 2016-10-04, hash5 = 420bf9215dfb04e5008c5e522eee9946599e2b323b17f17919cd802ebb012175, hash4 = 2efa09c124f277be2199bee58f49fc0ce6c64c0bef30079dfb3d94a6de492a69, hash3 = 20683ff7a5fec1237fc09224af40be029b9548c62c693844624089af568c89d4, hash2 = 05c78c3052b390435e53a87e3d31e9fb17f7c76bb4df2814313bca24735ce81c, hash1 = 05c78c3052b390435e53a87e3d31e9fb17f7c76bb4df2814313bca24735ce81c, author = Florian Roth, description = Detects Mirai Botnet Malware, hash10 = c61bf95146c68bfbbe01d7695337ed0e93ea759f59f651799f07eecdb339f83f, hash11 = d9573c3850e2ae35f371dff977fc3e5282a5e67db8e3274fd7818e8273fd5c89, hash12 = f1100c84abff05e0501e77781160d9815628e7fd2de9e53f5454dbcac7c84ca5, hash9 = bf0471b37dba7939524a30d7d5afc8fcfb8d4a7c9954343196737e72ea4e2dc4, hash8 = 89570ae59462e6472b6769545a999bde8457e47ae0d385caaa3499ab735b8147, hash7 = 70bb0ec35dd9afcfd52ec4e1d920e7045dc51dca0573cd4c753987c9d79405c0, hash6 = 62cdc8b7fffbaf5683a466f6503c03e68a15413a90f6afd5a13ba027631460c6, reference = Internal Research, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE, hash13 = fb713ccf839362bf0fbe01aedd6796f4d74521b133011b408e42c1fd9ab8246b |
Source: Nmg21us74I, type: SAMPLE | Matched rule: MAL_ELF_LNX_Mirai_Oct10_2 date = 2018-10-27, hash1 = fa0018e75f503f9748a5de0d14d4358db234f65e28c31c8d5878cc58807081c9, author = Florian Roth, description = Detects ELF malware Mirai related, reference = Internal Research |
Source: 6234.1.00007f86f4017000.00007f86f4027000.r-x.sdmp, type: MEMORY | Matched rule: Mirai_Botnet_Malware date = 2016-10-04, hash5 = 420bf9215dfb04e5008c5e522eee9946599e2b323b17f17919cd802ebb012175, hash4 = 2efa09c124f277be2199bee58f49fc0ce6c64c0bef30079dfb3d94a6de492a69, hash3 = 20683ff7a5fec1237fc09224af40be029b9548c62c693844624089af568c89d4, hash2 = 05c78c3052b390435e53a87e3d31e9fb17f7c76bb4df2814313bca24735ce81c, hash1 = 05c78c3052b390435e53a87e3d31e9fb17f7c76bb4df2814313bca24735ce81c, author = Florian Roth, description = Detects Mirai Botnet Malware, hash10 = c61bf95146c68bfbbe01d7695337ed0e93ea759f59f651799f07eecdb339f83f, hash11 = d9573c3850e2ae35f371dff977fc3e5282a5e67db8e3274fd7818e8273fd5c89, hash12 = f1100c84abff05e0501e77781160d9815628e7fd2de9e53f5454dbcac7c84ca5, hash9 = bf0471b37dba7939524a30d7d5afc8fcfb8d4a7c9954343196737e72ea4e2dc4, hash8 = 89570ae59462e6472b6769545a999bde8457e47ae0d385caaa3499ab735b8147, hash7 = 70bb0ec35dd9afcfd52ec4e1d920e7045dc51dca0573cd4c753987c9d79405c0, hash6 = 62cdc8b7fffbaf5683a466f6503c03e68a15413a90f6afd5a13ba027631460c6, reference = Internal Research, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE, hash13 = fb713ccf839362bf0fbe01aedd6796f4d74521b133011b408e42c1fd9ab8246b |
Source: 6234.1.00007f86f4017000.00007f86f4027000.r-x.sdmp, type: MEMORY | Matched rule: MAL_ELF_LNX_Mirai_Oct10_2 date = 2018-10-27, hash1 = fa0018e75f503f9748a5de0d14d4358db234f65e28c31c8d5878cc58807081c9, author = Florian Roth, description = Detects ELF malware Mirai related, reference = Internal Research |
Source: 6230.1.00007f86f4017000.00007f86f4027000.r-x.sdmp, type: MEMORY | Matched rule: Mirai_Botnet_Malware date = 2016-10-04, hash5 = 420bf9215dfb04e5008c5e522eee9946599e2b323b17f17919cd802ebb012175, hash4 = 2efa09c124f277be2199bee58f49fc0ce6c64c0bef30079dfb3d94a6de492a69, hash3 = 20683ff7a5fec1237fc09224af40be029b9548c62c693844624089af568c89d4, hash2 = 05c78c3052b390435e53a87e3d31e9fb17f7c76bb4df2814313bca24735ce81c, hash1 = 05c78c3052b390435e53a87e3d31e9fb17f7c76bb4df2814313bca24735ce81c, author = Florian Roth, description = Detects Mirai Botnet Malware, hash10 = c61bf95146c68bfbbe01d7695337ed0e93ea759f59f651799f07eecdb339f83f, hash11 = d9573c3850e2ae35f371dff977fc3e5282a5e67db8e3274fd7818e8273fd5c89, hash12 = f1100c84abff05e0501e77781160d9815628e7fd2de9e53f5454dbcac7c84ca5, hash9 = bf0471b37dba7939524a30d7d5afc8fcfb8d4a7c9954343196737e72ea4e2dc4, hash8 = 89570ae59462e6472b6769545a999bde8457e47ae0d385caaa3499ab735b8147, hash7 = 70bb0ec35dd9afcfd52ec4e1d920e7045dc51dca0573cd4c753987c9d79405c0, hash6 = 62cdc8b7fffbaf5683a466f6503c03e68a15413a90f6afd5a13ba027631460c6, reference = Internal Research, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE, hash13 = fb713ccf839362bf0fbe01aedd6796f4d74521b133011b408e42c1fd9ab8246b |
Source: 6230.1.00007f86f4017000.00007f86f4027000.r-x.sdmp, type: MEMORY | Matched rule: MAL_ELF_LNX_Mirai_Oct10_2 date = 2018-10-27, hash1 = fa0018e75f503f9748a5de0d14d4358db234f65e28c31c8d5878cc58807081c9, author = Florian Roth, description = Detects ELF malware Mirai related, reference = Internal Research |
Source: 6252.1.00007f86f4017000.00007f86f4027000.r-x.sdmp, type: MEMORY | Matched rule: Mirai_Botnet_Malware date = 2016-10-04, hash5 = 420bf9215dfb04e5008c5e522eee9946599e2b323b17f17919cd802ebb012175, hash4 = 2efa09c124f277be2199bee58f49fc0ce6c64c0bef30079dfb3d94a6de492a69, hash3 = 20683ff7a5fec1237fc09224af40be029b9548c62c693844624089af568c89d4, hash2 = 05c78c3052b390435e53a87e3d31e9fb17f7c76bb4df2814313bca24735ce81c, hash1 = 05c78c3052b390435e53a87e3d31e9fb17f7c76bb4df2814313bca24735ce81c, author = Florian Roth, description = Detects Mirai Botnet Malware, hash10 = c61bf95146c68bfbbe01d7695337ed0e93ea759f59f651799f07eecdb339f83f, hash11 = d9573c3850e2ae35f371dff977fc3e5282a5e67db8e3274fd7818e8273fd5c89, hash12 = f1100c84abff05e0501e77781160d9815628e7fd2de9e53f5454dbcac7c84ca5, hash9 = bf0471b37dba7939524a30d7d5afc8fcfb8d4a7c9954343196737e72ea4e2dc4, hash8 = 89570ae59462e6472b6769545a999bde8457e47ae0d385caaa3499ab735b8147, hash7 = 70bb0ec35dd9afcfd52ec4e1d920e7045dc51dca0573cd4c753987c9d79405c0, hash6 = 62cdc8b7fffbaf5683a466f6503c03e68a15413a90f6afd5a13ba027631460c6, reference = Internal Research, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE, hash13 = fb713ccf839362bf0fbe01aedd6796f4d74521b133011b408e42c1fd9ab8246b |
Source: 6252.1.00007f86f4017000.00007f86f4027000.r-x.sdmp, type: MEMORY | Matched rule: MAL_ELF_LNX_Mirai_Oct10_2 date = 2018-10-27, hash1 = fa0018e75f503f9748a5de0d14d4358db234f65e28c31c8d5878cc58807081c9, author = Florian Roth, description = Detects ELF malware Mirai related, reference = Internal Research |
Source: 6236.1.00007f86f4017000.00007f86f4027000.r-x.sdmp, type: MEMORY | Matched rule: Mirai_Botnet_Malware date = 2016-10-04, hash5 = 420bf9215dfb04e5008c5e522eee9946599e2b323b17f17919cd802ebb012175, hash4 = 2efa09c124f277be2199bee58f49fc0ce6c64c0bef30079dfb3d94a6de492a69, hash3 = 20683ff7a5fec1237fc09224af40be029b9548c62c693844624089af568c89d4, hash2 = 05c78c3052b390435e53a87e3d31e9fb17f7c76bb4df2814313bca24735ce81c, hash1 = 05c78c3052b390435e53a87e3d31e9fb17f7c76bb4df2814313bca24735ce81c, author = Florian Roth, description = Detects Mirai Botnet Malware, hash10 = c61bf95146c68bfbbe01d7695337ed0e93ea759f59f651799f07eecdb339f83f, hash11 = d9573c3850e2ae35f371dff977fc3e5282a5e67db8e3274fd7818e8273fd5c89, hash12 = f1100c84abff05e0501e77781160d9815628e7fd2de9e53f5454dbcac7c84ca5, hash9 = bf0471b37dba7939524a30d7d5afc8fcfb8d4a7c9954343196737e72ea4e2dc4, hash8 = 89570ae59462e6472b6769545a999bde8457e47ae0d385caaa3499ab735b8147, hash7 = 70bb0ec35dd9afcfd52ec4e1d920e7045dc51dca0573cd4c753987c9d79405c0, hash6 = 62cdc8b7fffbaf5683a466f6503c03e68a15413a90f6afd5a13ba027631460c6, reference = Internal Research, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE, hash13 = fb713ccf839362bf0fbe01aedd6796f4d74521b133011b408e42c1fd9ab8246b |
Source: 6236.1.00007f86f4017000.00007f86f4027000.r-x.sdmp, type: MEMORY | Matched rule: MAL_ELF_LNX_Mirai_Oct10_2 date = 2018-10-27, hash1 = fa0018e75f503f9748a5de0d14d4358db234f65e28c31c8d5878cc58807081c9, author = Florian Roth, description = Detects ELF malware Mirai related, reference = Internal Research |
Source: /tmp/Nmg21us74I (PID: 6234) | File opened: /proc/491/fd |
Source: /tmp/Nmg21us74I (PID: 6234) | File opened: /proc/793/fd |
Source: /tmp/Nmg21us74I (PID: 6234) | File opened: /proc/772/fd |
Source: /tmp/Nmg21us74I (PID: 6234) | File opened: /proc/796/fd |
Source: /tmp/Nmg21us74I (PID: 6234) | File opened: /proc/774/fd |
Source: /tmp/Nmg21us74I (PID: 6234) | File opened: /proc/797/fd |
Source: /tmp/Nmg21us74I (PID: 6234) | File opened: /proc/777/fd |
Source: /tmp/Nmg21us74I (PID: 6234) | File opened: /proc/799/fd |
Source: /tmp/Nmg21us74I (PID: 6234) | File opened: /proc/658/fd |
Source: /tmp/Nmg21us74I (PID: 6234) | File opened: /proc/912/fd |
Source: /tmp/Nmg21us74I (PID: 6234) | File opened: /proc/759/fd |
Source: /tmp/Nmg21us74I (PID: 6234) | File opened: /proc/936/fd |
Source: /tmp/Nmg21us74I (PID: 6234) | File opened: /proc/918/fd |
Source: /tmp/Nmg21us74I (PID: 6234) | File opened: /proc/1/fd |
Source: /tmp/Nmg21us74I (PID: 6234) | File opened: /proc/761/fd |
Source: /tmp/Nmg21us74I (PID: 6234) | File opened: /proc/785/fd |
Source: /tmp/Nmg21us74I (PID: 6234) | File opened: /proc/884/fd |
Source: /tmp/Nmg21us74I (PID: 6234) | File opened: /proc/720/fd |
Source: /tmp/Nmg21us74I (PID: 6234) | File opened: /proc/721/fd |
Source: /tmp/Nmg21us74I (PID: 6234) | File opened: /proc/788/fd |
Source: /tmp/Nmg21us74I (PID: 6234) | File opened: /proc/789/fd |
Source: /tmp/Nmg21us74I (PID: 6234) | File opened: /proc/800/fd |
Source: /tmp/Nmg21us74I (PID: 6234) | File opened: /proc/801/fd |
Source: /tmp/Nmg21us74I (PID: 6234) | File opened: /proc/847/fd |
Source: /tmp/Nmg21us74I (PID: 6234) | File opened: /proc/904/fd |
Source: /tmp/Nmg21us74I (PID: 6250) | File opened: /proc/6234/fd |
Source: /tmp/Nmg21us74I (PID: 6250) | File opened: /proc/2033/fd |
Source: /tmp/Nmg21us74I (PID: 6250) | File opened: /proc/2033/exe |
Source: /tmp/Nmg21us74I (PID: 6250) | File opened: /proc/1582/fd |
Source: /tmp/Nmg21us74I (PID: 6250) | File opened: /proc/1582/exe |
Source: /tmp/Nmg21us74I (PID: 6250) | File opened: /proc/2275/fd |
Source: /tmp/Nmg21us74I (PID: 6250) | File opened: /proc/2275/exe |
Source: /tmp/Nmg21us74I (PID: 6250) | File opened: /proc/6191/fd |
Source: /tmp/Nmg21us74I (PID: 6250) | File opened: /proc/6191/exe |
Source: /tmp/Nmg21us74I (PID: 6250) | File opened: /proc/3088/exe |
Source: /tmp/Nmg21us74I (PID: 6250) | File opened: /proc/6190/fd |
Source: /tmp/Nmg21us74I (PID: 6250) | File opened: /proc/6190/exe |
Source: /tmp/Nmg21us74I (PID: 6250) | File opened: /proc/1612/fd |
Source: /tmp/Nmg21us74I (PID: 6250) | File opened: /proc/1612/exe |
Source: /tmp/Nmg21us74I (PID: 6250) | File opened: /proc/1579/fd |
Source: /tmp/Nmg21us74I (PID: 6250) | File opened: /proc/1579/exe |
Source: /tmp/Nmg21us74I (PID: 6250) | File opened: /proc/1699/fd |
Source: /tmp/Nmg21us74I (PID: 6250) | File opened: /proc/1699/exe |
Source: /tmp/Nmg21us74I (PID: 6250) | File opened: /proc/1335/fd |
Source: /tmp/Nmg21us74I (PID: 6250) | File opened: /proc/1335/exe |
Source: /tmp/Nmg21us74I (PID: 6250) | File opened: /proc/1698/fd |
Source: /tmp/Nmg21us74I (PID: 6250) | File opened: /proc/1698/exe |
Source: /tmp/Nmg21us74I (PID: 6250) | File opened: /proc/2028/fd |
Source: /tmp/Nmg21us74I (PID: 6250) | File opened: /proc/2028/exe |
Source: /tmp/Nmg21us74I (PID: 6250) | File opened: /proc/1334/fd |
Source: /tmp/Nmg21us74I (PID: 6250) | File opened: /proc/1334/exe |
Source: /tmp/Nmg21us74I (PID: 6250) | File opened: /proc/1576/fd |
Source: /tmp/Nmg21us74I (PID: 6250) | File opened: /proc/1576/exe |
Source: /tmp/Nmg21us74I (PID: 6250) | File opened: /proc/2302/fd |
Source: /tmp/Nmg21us74I (PID: 6250) | File opened: /proc/2302/exe |
Source: /tmp/Nmg21us74I (PID: 6250) | File opened: /proc/3236/fd |
Source: /tmp/Nmg21us74I (PID: 6250) | File opened: /proc/3236/exe |
Source: /tmp/Nmg21us74I (PID: 6250) | File opened: /proc/2025/fd |
Source: /tmp/Nmg21us74I (PID: 6250) | File opened: /proc/2025/exe |
Source: /tmp/Nmg21us74I (PID: 6250) | File opened: /proc/2146/fd |
Source: /tmp/Nmg21us74I (PID: 6250) | File opened: /proc/2146/exe |
Source: /tmp/Nmg21us74I (PID: 6250) | File opened: /proc/910/exe |
Source: /tmp/Nmg21us74I (PID: 6250) | File opened: /proc/912/fd |
Source: /tmp/Nmg21us74I (PID: 6250) | File opened: /proc/912/fd |
Source: /tmp/Nmg21us74I (PID: 6250) | File opened: /proc/912/exe |
Source: /tmp/Nmg21us74I (PID: 6250) | File opened: /proc/759/fd |
Source: /tmp/Nmg21us74I (PID: 6250) | File opened: /proc/759/fd |
Source: /tmp/Nmg21us74I (PID: 6250) | File opened: /proc/759/exe |
Source: /tmp/Nmg21us74I (PID: 6250) | File opened: /proc/517/exe |
Source: /tmp/Nmg21us74I (PID: 6250) | File opened: /proc/2307/fd |
Source: /tmp/Nmg21us74I (PID: 6250) | File opened: /proc/2307/exe |
Source: /tmp/Nmg21us74I (PID: 6250) | File opened: /proc/918/fd |
Source: /tmp/Nmg21us74I (PID: 6250) | File opened: /proc/918/fd |
Source: /tmp/Nmg21us74I (PID: 6250) | File opened: /proc/918/exe |
Source: /tmp/Nmg21us74I (PID: 6250) | File opened: /proc/6243/exe |
Source: /tmp/Nmg21us74I (PID: 6250) | File opened: /proc/6244/exe |
Source: /tmp/Nmg21us74I (PID: 6250) | File opened: /proc/1594/fd |
Source: /tmp/Nmg21us74I (PID: 6250) | File opened: /proc/1594/exe |
Source: /tmp/Nmg21us74I (PID: 6250) | File opened: /proc/2285/fd |
Source: /tmp/Nmg21us74I (PID: 6250) | File opened: /proc/2285/exe |
Source: /tmp/Nmg21us74I (PID: 6250) | File opened: /proc/2281/fd |
Source: /tmp/Nmg21us74I (PID: 6250) | File opened: /proc/2281/exe |
Source: /tmp/Nmg21us74I (PID: 6250) | File opened: /proc/1349/fd |
Source: /tmp/Nmg21us74I (PID: 6250) | File opened: /proc/1349/exe |
Source: /tmp/Nmg21us74I (PID: 6250) | File opened: /proc/1/fd |
Source: /tmp/Nmg21us74I (PID: 6250) | File opened: /proc/1/fd |
Source: /tmp/Nmg21us74I (PID: 6250) | File opened: /proc/1623/fd |
Source: /tmp/Nmg21us74I (PID: 6250) | File opened: /proc/1623/exe |
Source: /tmp/Nmg21us74I (PID: 6250) | File opened: /proc/761/fd |
Source: /tmp/Nmg21us74I (PID: 6250) | File opened: /proc/761/fd |
Source: /tmp/Nmg21us74I (PID: 6250) | File opened: /proc/761/exe |
Source: /tmp/Nmg21us74I (PID: 6250) | File opened: /proc/1622/fd |
Source: /tmp/Nmg21us74I (PID: 6250) | File opened: /proc/1622/exe |
Source: /tmp/Nmg21us74I (PID: 6250) | File opened: /proc/884/fd |
Source: /tmp/Nmg21us74I (PID: 6250) | File opened: /proc/884/fd |
Source: /tmp/Nmg21us74I (PID: 6250) | File opened: /proc/884/exe |
Source: /tmp/Nmg21us74I (PID: 6250) | File opened: /proc/1983/fd |
Source: /tmp/Nmg21us74I (PID: 6250) | File opened: /proc/1983/exe |
Source: /tmp/Nmg21us74I (PID: 6250) | File opened: /proc/2038/fd |
Source: /tmp/Nmg21us74I (PID: 6250) | File opened: /proc/2038/exe |
Source: /tmp/Nmg21us74I (PID: 6250) | File opened: /proc/1586/fd |
Source: /tmp/Nmg21us74I (PID: 6250) | File opened: /proc/1586/exe |
Source: /tmp/Nmg21us74I (PID: 6250) | File opened: /proc/1465/fd |
Source: /tmp/Nmg21us74I (PID: 6250) | File opened: /proc/1465/exe |
Source: /tmp/Nmg21us74I (PID: 6250) | File opened: /proc/1344/fd |
Source: /tmp/Nmg21us74I (PID: 6250) | File opened: /proc/1344/exe |
Source: Nmg21us74I, 6230.1.0000565170586000.00005651706b4000.rw-.sdmp, Nmg21us74I, 6234.1.0000565170586000.00005651706b4000.rw-.sdmp, Nmg21us74I, 6236.1.0000565170586000.00005651706b4000.rw-.sdmp, Nmg21us74I, 6252.1.0000565170586000.00005651706b4000.rw-.sdmp | Binary or memory string: YpQV!/etc/qemu-binfmt/arm |
Source: Nmg21us74I, 6230.1.00007ffdcab61000.00007ffdcab82000.rw-.sdmp, Nmg21us74I, 6234.1.00007ffdcab61000.00007ffdcab82000.rw-.sdmp, Nmg21us74I, 6236.1.00007ffdcab61000.00007ffdcab82000.rw-.sdmp, Nmg21us74I, 6252.1.00007ffdcab61000.00007ffdcab82000.rw-.sdmp | Binary or memory string: K x86_64/usr/bin/qemu-arm/tmp/Nmg21us74ISUDO_USER=saturninoPATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/binDISPLAY=:1.0XAUTHORITY=/run/user/1000/gdm/XauthoritySUDO_UID=1000TERM=xterm-256colorCOLORTERM=truecolorLOGNAME=rootUSER=rootLANG=en_US.UTF-8SUDO_COMMAND=/bin/bashHOME=/rootMAIL=/var/mail/rootSUDO_GID=1000SHELL=/bin/bash/tmp/Nmg21us74I |
Source: Nmg21us74I, 6230.1.0000565170586000.00005651706b4000.rw-.sdmp, Nmg21us74I, 6234.1.0000565170586000.00005651706b4000.rw-.sdmp, Nmg21us74I, 6236.1.0000565170586000.00005651706b4000.rw-.sdmp, Nmg21us74I, 6252.1.0000565170586000.00005651706b4000.rw-.sdmp | Binary or memory string: /etc/qemu-binfmt/arm |
Source: Nmg21us74I, 6230.1.00007ffdcab61000.00007ffdcab82000.rw-.sdmp, Nmg21us74I, 6234.1.00007ffdcab61000.00007ffdcab82000.rw-.sdmp, Nmg21us74I, 6236.1.00007ffdcab61000.00007ffdcab82000.rw-.sdmp, Nmg21us74I, 6252.1.00007ffdcab61000.00007ffdcab82000.rw-.sdmp | Binary or memory string: /usr/bin/qemu-arm |