Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
/tmp/v6KtBJBvIM.elf
|
/tmp/v6KtBJBvIM.elf
|
||
|
/tmp/v6KtBJBvIM.elf
|
-
|
||
|
/tmp/v6KtBJBvIM.elf
|
-
|
||
|
/tmp/v6KtBJBvIM.elf
|
-
|
||
|
/tmp/v6KtBJBvIM.elf
|
-
|
||
|
/tmp/v6KtBJBvIM.elf
|
-
|
||
|
/usr/bin/xfce4-panel
|
-
|
||
|
/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0
|
/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 /usr/lib/x86_64-linux-gnu/xfce4/panel/plugins/libsystray.so 6 12582920 systray
"Notification Area" "Area where notification icons appear"
|
||
|
/usr/bin/xfce4-panel
|
-
|
||
|
/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0
|
/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 /usr/lib/x86_64-linux-gnu/xfce4/panel/plugins/libstatusnotifier.so 7 12582921
statusnotifier "Status Notifier Plugin" "Provides a panel area for status notifier items (application indicators)"
|
||
|
/usr/bin/dash
|
-
|
||
|
/usr/bin/rm
|
rm -f /tmp/tmp.SVWCfG14cK /tmp/tmp.iYdPWxf1Gq /tmp/tmp.rWcfx4T8Aj
|
||
|
/usr/bin/xfce4-panel
|
-
|
||
|
/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0
|
/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 /usr/lib/x86_64-linux-gnu/xfce4/panel/plugins/libpulseaudio-plugin.so 8
12582922 pulseaudio "PulseAudio Plugin" "Adjust the audio volume of the PulseAudio sound system"
|
||
|
/usr/bin/dash
|
-
|
||
|
/usr/bin/rm
|
rm -f /tmp/tmp.SVWCfG14cK /tmp/tmp.iYdPWxf1Gq /tmp/tmp.rWcfx4T8Aj
|
||
|
/usr/bin/xfce4-panel
|
-
|
||
|
/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0
|
/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 /usr/lib/x86_64-linux-gnu/xfce4/panel/plugins/libxfce4powermanager.so 9
12582923 power-manager-plugin "Power Manager Plugin" "Display the battery levels of your devices and control the brightness
of your display"
|
||
|
/usr/bin/xfce4-panel
|
-
|
||
|
/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0
|
/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 /usr/lib/x86_64-linux-gnu/xfce4/panel/plugins/libnotification-plugin.so
10 12582924 notification-plugin "Notification Plugin" "Notification plugin for the Xfce panel"
|
||
|
/usr/bin/xfce4-panel
|
-
|
||
|
/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0
|
/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 /usr/lib/x86_64-linux-gnu/xfce4/panel/plugins/libactions.so 14 12582925
actions "Action Buttons" "Log out, lock or other system actions"
|
There are 12 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://schemas.xmlsoap.org/soap/encoding/
|
unknown
|
||
|
http://schemas.xmlsoap.org/soap/envelope/
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
175.119.228.58
|
unknown
|
Korea Republic of
|
||
|
197.110.161.116
|
unknown
|
South Africa
|
||
|
40.184.63.239
|
unknown
|
United States
|
||
|
197.33.61.251
|
unknown
|
Egypt
|
||
|
156.52.2.149
|
unknown
|
Norway
|
||
|
143.241.78.104
|
unknown
|
United States
|
||
|
83.31.178.46
|
unknown
|
Poland
|
||
|
46.134.142.230
|
unknown
|
Poland
|
||
|
157.163.220.40
|
unknown
|
Germany
|
||
|
183.58.166.52
|
unknown
|
China
|
||
|
77.240.13.196
|
unknown
|
United Kingdom
|
||
|
57.88.30.113
|
unknown
|
Belgium
|
||
|
177.126.141.119
|
unknown
|
Brazil
|
||
|
70.10.102.55
|
unknown
|
United States
|
||
|
136.123.68.57
|
unknown
|
United States
|
||
|
195.110.235.167
|
unknown
|
France
|
||
|
89.119.50.6
|
unknown
|
Italy
|
||
|
38.27.200.185
|
unknown
|
United States
|
||
|
39.118.23.203
|
unknown
|
Korea Republic of
|
||
|
131.56.218.21
|
unknown
|
United States
|
||
|
196.209.126.45
|
unknown
|
South Africa
|
||
|
142.168.19.238
|
unknown
|
Canada
|
||
|
135.210.55.32
|
unknown
|
United States
|
||
|
177.40.238.29
|
unknown
|
Brazil
|
||
|
12.62.229.250
|
unknown
|
United States
|
||
|
50.107.209.10
|
unknown
|
United States
|
||
|
146.84.239.212
|
unknown
|
United States
|
||
|
50.231.114.253
|
unknown
|
United States
|
||
|
65.238.135.241
|
unknown
|
United States
|
||
|
64.63.17.254
|
unknown
|
United States
|
||
|
92.218.42.149
|
unknown
|
Germany
|
||
|
121.2.176.92
|
unknown
|
Japan
|
||
|
63.243.19.217
|
unknown
|
United States
|
||
|
185.192.209.17
|
unknown
|
Spain
|
||
|
188.3.32.23
|
unknown
|
Turkey
|
||
|
135.157.226.104
|
unknown
|
United States
|
||
|
5.162.250.119
|
unknown
|
Oman
|
||
|
75.46.242.145
|
unknown
|
United States
|
||
|
99.70.195.186
|
unknown
|
United States
|
||
|
8.205.212.202
|
unknown
|
United States
|
||
|
77.33.31.52
|
unknown
|
Denmark
|
||
|
162.182.7.116
|
unknown
|
United States
|
||
|
40.96.122.156
|
unknown
|
United States
|
||
|
190.172.231.247
|
unknown
|
Argentina
|
||
|
74.101.137.92
|
unknown
|
United States
|
||
|
24.207.166.159
|
unknown
|
United States
|
||
|
195.237.75.108
|
unknown
|
Finland
|
||
|
157.0.65.61
|
unknown
|
China
|
||
|
35.138.68.255
|
unknown
|
United States
|
||
|
145.225.90.246
|
unknown
|
Germany
|
||
|
155.93.121.139
|
unknown
|
Nigeria
|
||
|
27.18.203.46
|
unknown
|
China
|
||
|
65.178.218.86
|
unknown
|
United States
|
||
|
157.113.115.211
|
unknown
|
Japan
|
||
|
41.203.198.133
|
unknown
|
Mali
|
||
|
180.7.45.207
|
unknown
|
Japan
|
||
|
142.92.222.39
|
unknown
|
Canada
|
||
|
157.90.51.153
|
unknown
|
United States
|
||
|
78.121.40.2
|
unknown
|
France
|
||
|
38.75.13.44
|
unknown
|
United States
|
||
|
92.147.134.42
|
unknown
|
France
|
||
|
165.168.127.155
|
unknown
|
United States
|
||
|
157.243.223.177
|
unknown
|
France
|
||
|
118.66.251.31
|
unknown
|
China
|
||
|
35.78.175.113
|
unknown
|
United States
|
||
|
112.242.37.237
|
unknown
|
China
|
||
|
89.8.150.11
|
unknown
|
Norway
|
||
|
205.68.254.115
|
unknown
|
United States
|
||
|
63.90.0.29
|
unknown
|
United States
|
||
|
2.158.144.212
|
unknown
|
Italy
|
||
|
197.113.219.157
|
unknown
|
Algeria
|
||
|
20.147.113.214
|
unknown
|
United States
|
||
|
141.56.125.255
|
unknown
|
Germany
|
||
|
197.193.225.135
|
unknown
|
Egypt
|
||
|
41.106.140.30
|
unknown
|
Algeria
|
||
|
41.253.221.39
|
unknown
|
Libyan Arab Jamahiriya
|
||
|
98.184.180.170
|
unknown
|
United States
|
||
|
67.243.41.218
|
unknown
|
United States
|
||
|
46.16.71.44
|
unknown
|
Russian Federation
|
||
|
85.238.79.190
|
unknown
|
Hungary
|
||
|
13.224.91.140
|
unknown
|
United States
|
||
|
218.195.186.49
|
unknown
|
China
|
||
|
51.208.81.95
|
unknown
|
United States
|
||
|
197.39.231.97
|
unknown
|
Egypt
|
||
|
159.214.88.169
|
unknown
|
United States
|
||
|
122.243.189.118
|
unknown
|
China
|
||
|
134.110.235.82
|
unknown
|
Germany
|
||
|
71.118.100.75
|
unknown
|
United States
|
||
|
85.90.214.39
|
unknown
|
Ukraine
|
||
|
210.96.208.123
|
unknown
|
Korea Republic of
|
||
|
124.32.8.171
|
unknown
|
Japan
|
||
|
46.41.3.186
|
unknown
|
Germany
|
||
|
108.204.168.0
|
unknown
|
United States
|
||
|
182.226.186.196
|
unknown
|
Korea Republic of
|
||
|
157.22.82.22
|
unknown
|
United States
|
||
|
136.13.75.75
|
unknown
|
United States
|
||
|
199.33.214.126
|
unknown
|
United States
|
||
|
121.108.190.143
|
unknown
|
Japan
|
||
|
107.163.184.68
|
unknown
|
United States
|
||
|
91.152.190.54
|
unknown
|
Finland
|
There are 90 hidden IPs, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
7f4200416000
|
page execute read
|
 |
||
|
7f4200416000
|
page execute read
|
|
||
|
7f4200416000
|
page execute read
|
|
||
|
7f4200416000
|
page execute read
|
|
||
|
7f42860b7000
|
page read and write
|
|||
|
7f4280021000
|
page read and write
|
|||
|
7f420045a000
|
page read and write
|
|||
|
7f4286c68000
|
page read and write
|
|||
|
7f4286d99000
|
page read and write
|
|||
|
5567fb139000
|
page execute read
|
|||
|
7f4200483000
|
page read and write
|
|||
|
7f4286d99000
|
page read and write
|
|||
|
5567fd3e0000
|
page read and write
|
|||
|
5567fb3c1000
|
page read and write
|
|||
|
7f42860c5000
|
page read and write
|
|||
|
7ffc85f6b000
|
page read and write
|
|||
|
5567fb3c1000
|
page read and write
|
|||
|
7f4286d91000
|
page read and write
|
|||
|
7f4286d91000
|
page read and write
|
|||
|
7f42860c5000
|
page read and write
|
|||
|
7f4286d99000
|
page read and write
|
|||
|
5567fd3c9000
|
page execute and read and write
|
|||
|
5567fe6c7000
|
page read and write
|
|||
|
7ffc85f71000
|
page execute read
|
|||
|
7f4286c68000
|
page read and write
|
|||
|
7f4286a87000
|
page read and write
|
|||
|
7ffc85f71000
|
page execute read
|
|||
|
5567fe6a5000
|
page read and write
|
|||
|
5567fe6a5000
|
page read and write
|
|||
|
7f4286dde000
|
page read and write
|
|||
|
7f4286c68000
|
page read and write
|
|||
|
7f4200457000
|
page read and write
|
|||
|
7ffc85f6b000
|
page read and write
|
|||
|
5567fb3cb000
|
page read and write
|
|||
|
7f4286716000
|
page read and write
|
|||
|
7f42858af000
|
page read and write
|
|||
|
7f4286756000
|
page read and write
|
|||
|
7f4286375000
|
page read and write
|
|||
|
7f42858af000
|
page read and write
|
|||
|
7f4280000000
|
page read and write
|
|||
|
7f4286716000
|
page read and write
|
|||
|
7f4286739000
|
page read and write
|
|||
|
7f4286375000
|
page read and write
|
|||
|
7f4286a87000
|
page read and write
|
|||
|
7f420045a000
|
page read and write
|
|||
|
7f4286d99000
|
page read and write
|
|||
|
7f4286716000
|
page read and write
|
|||
|
7f4280021000
|
page read and write
|
|||
|
7f4286375000
|
page read and write
|
|||
|
7f4286716000
|
page read and write
|
|||
|
5567fd3e0000
|
page read and write
|
|||
|
7f42860b7000
|
page read and write
|
|||
|
5567fd3e0000
|
page read and write
|
|||
|
7f4286c68000
|
page read and write
|
|||
|
7f4200457000
|
page read and write
|
|||
|
5567fb3c1000
|
page read and write
|
|||
|
7f4286dde000
|
page read and write
|
|||
|
7f4280021000
|
page read and write
|
|||
|
7f4286756000
|
page read and write
|
|||
|
7ffc85f71000
|
page execute read
|
|||
|
7f4280000000
|
page read and write
|
|||
|
5567fb139000
|
page execute read
|
|||
|
5567fb139000
|
page execute read
|
|||
|
5567fb3cb000
|
page read and write
|
|||
|
7ffc85f6b000
|
page read and write
|
|||
|
5567fe6c6000
|
page read and write
|
|||
|
7f4286756000
|
page read and write
|
|||
|
7f4280021000
|
page read and write
|
|||
|
7f4286739000
|
page read and write
|
|||
|
5567fd3c9000
|
page execute and read and write
|
|||
|
7f42860b7000
|
page read and write
|
|||
|
7f4286dde000
|
page read and write
|
|||
|
7f4200463000
|
page read and write
|
|||
|
5567fd3c9000
|
page execute and read and write
|
|||
|
5567fd3c9000
|
page execute and read and write
|
|||
|
7f4200457000
|
page read and write
|
|||
|
7f4286756000
|
page read and write
|
|||
|
7f42858af000
|
page read and write
|
|||
|
7f4286d91000
|
page read and write
|
|||
|
5567fe6a5000
|
page read and write
|
|||
|
7ffc85f71000
|
page execute read
|
|||
|
7ffc85f6b000
|
page read and write
|
|||
|
7f42858af000
|
page read and write
|
|||
|
5567fd3e0000
|
page read and write
|
|||
|
7f4286739000
|
page read and write
|
|||
|
5567fb139000
|
page execute read
|
|||
|
7f420045a000
|
page read and write
|
|||
|
7f42860c5000
|
page read and write
|
|||
|
7f427f7ff000
|
page read and write
|
|||
|
7f4286739000
|
page read and write
|
|||
|
5567fb3c1000
|
page read and write
|
|||
|
7f420045a000
|
page read and write
|
|||
|
7f42860b7000
|
page read and write
|
|||
|
7f4280000000
|
page read and write
|
|||
|
5567fe6a5000
|
page read and write
|
|||
|
7f4286375000
|
page read and write
|
|||
|
5567fb3cb000
|
page read and write
|
|||
|
5567fb3cb000
|
page read and write
|
|||
|
7f4286d91000
|
page read and write
|
|||
|
7f4280000000
|
page read and write
|
|||
|
7f42860c5000
|
page read and write
|
|||
|
7f4286dde000
|
page read and write
|
|||
|
7f4286a87000
|
page read and write
|
|||
|
7f4200457000
|
page read and write
|
|||
|
7f4286a87000
|
page read and write
|
|||
|
5567fe6c6000
|
page read and write
|
There are 96 hidden memdumps, click here to show them.