Analysis
-
max time kernel
1798s -
max time network
1678s -
platform
ubuntu-20.04_amd64 -
resource
ubuntu2004-amd64-20240508-en -
resource tags
-
submitted
30-06-2024 17:45
General
-
Target
https://mega.nz/file/NJBhAS6b#dc1prx0zaW2vTVmwKIYof4l2wllOtMfBG5WYlHvWna0
Score
4/10
Malware Config
Signatures
-
Changes its process name 64 IoCs
-
Checks CPU configuration 1 TTPs 1 IoCs
Checks CPU information which indicate if the system is a virtual machine.
-
Reads CPU attributes 1 TTPs 42 IoCs
-
Enumerates kernel/hardware configuration 1 TTPs 64 IoCs
Reads contents of /sys virtual filesystem to enumerate system information.
-
Reads runtime system information 64 IoCs
Reads data from /proc virtual filesystem.
-
Writes file to tmp directory 3 IoCs
Malware often drops required files in the /tmp directory.
Processes
-
/usr/bin/firefoxfirefox -new-tab "https://mega.nz/file/NJBhAS6b#dc1prx0zaW2vTVmwKIYof4l2wllOtMfBG5WYlHvWna0"1⤵
-
/usr/bin/whichwhich /usr/bin/firefox2⤵
-
/usr/lib/firefox/firefox/usr/lib/firefox/firefox -new-tab "https://mega.nz/file/NJBhAS6b#dc1prx0zaW2vTVmwKIYof4l2wllOtMfBG5WYlHvWna0"1⤵
- Checks CPU configuration
- Reads CPU attributes
- Enumerates kernel/hardware configuration
- Reads runtime system information
- Writes file to tmp directory
-
/usr/local/sbin/dbus-launchdbus-launch "--autolaunch=4816dd152e8c48ff97e9117d197c13d8" --binary-syntax --close-stderr2⤵
-
/usr/local/bin/dbus-launchdbus-launch "--autolaunch=4816dd152e8c48ff97e9117d197c13d8" --binary-syntax --close-stderr2⤵
-
/usr/sbin/dbus-launchdbus-launch "--autolaunch=4816dd152e8c48ff97e9117d197c13d8" --binary-syntax --close-stderr2⤵
-
/usr/bin/dbus-launchdbus-launch "--autolaunch=4816dd152e8c48ff97e9117d197c13d8" --binary-syntax --close-stderr2⤵
-
/usr/bin/dbus-daemon/usr/bin/dbus-daemon --syslog-only --fork --print-pid 5 --print-address 7 --session3⤵
- Enumerates kernel/hardware configuration
- Reads runtime system information
-
/usr/libexec/xdg-desktop-portal/usr/libexec/xdg-desktop-portal4⤵
-
/usr/libexec/xdg-document-portal/usr/libexec/xdg-document-portal4⤵
-
/usr/libexec/xdg-permission-store/usr/libexec/xdg-permission-store4⤵
-
/usr/libexec/xdg-desktop-portal-gtk/usr/libexec/xdg-desktop-portal-gtk4⤵
-
/usr/libexec/gvfsd/usr/libexec/gvfsd4⤵
-
/usr/libexec/gvfsd-trash/usr/libexec/gvfsd-trash --spawner :1.6 /org/gtk/gvfs/exec_spaw/05⤵
- Reads runtime system information
-
/usr/libexec/dconf-service/usr/libexec/dconf-service4⤵
- Reads runtime system information
-
/usr/bin/nautilus/usr/bin/nautilus --gapplication-service4⤵
- Reads CPU attributes
- Reads runtime system information
-
/usr/bin/gnome-keyring-daemon/usr/bin/gnome-keyring-daemon --start --foreground "--components=secrets"4⤵
-
/usr/libexec/gvfs-udisks2-volume-monitor/usr/libexec/gvfs-udisks2-volume-monitor4⤵
-
/usr/libexec/gvfs-afc-volume-monitor/usr/libexec/gvfs-afc-volume-monitor4⤵
-
/usr/libexec/gvfs-mtp-volume-monitor/usr/libexec/gvfs-mtp-volume-monitor4⤵
- Enumerates kernel/hardware configuration
-
/usr/libexec/gvfs-gphoto2-volume-monitor/usr/libexec/gvfs-gphoto2-volume-monitor4⤵
- Enumerates kernel/hardware configuration
- Reads runtime system information
-
/usr/libexec/gvfs-goa-volume-monitor/usr/libexec/gvfs-goa-volume-monitor4⤵
-
/usr/libexec/goa-daemon/usr/libexec/goa-daemon4⤵
-
/usr/libexec/goa-identity-service/usr/libexec/goa-identity-service4⤵
-
/usr/lib/firefox/glxtest/usr/lib/firefox/glxtest -f 132⤵
- Enumerates kernel/hardware configuration
-
/usr/bin/lsb_release/usr/bin/lsb_release -idrc2⤵
-
/usr/local/sbin/dbus-launchdbus-launch "--autolaunch=4816dd152e8c48ff97e9117d197c13d8" --binary-syntax --close-stderr2⤵
-
/usr/local/bin/dbus-launchdbus-launch "--autolaunch=4816dd152e8c48ff97e9117d197c13d8" --binary-syntax --close-stderr2⤵
-
/usr/sbin/dbus-launchdbus-launch "--autolaunch=4816dd152e8c48ff97e9117d197c13d8" --binary-syntax --close-stderr2⤵
-
/usr/bin/dbus-launchdbus-launch "--autolaunch=4816dd152e8c48ff97e9117d197c13d8" --binary-syntax --close-stderr2⤵
-
/usr/lib/firefox/firefox/usr/lib/firefox/firefox -contentproc -parentBuildID 20240108143603 -prefsLen 20982 -prefMapSize 234904 -appDir /usr/lib/firefox/browser "{334df9dc-5121-4fa1-b3b3-52a98c5f249f}" 1400 true socket2⤵
- Reads CPU attributes
-
/usr/lib/firefox/firefox/usr/lib/firefox/firefox -contentproc -childID 1 -isForBrowser -prefsLen 20185 -prefMapSize 234904 -jsInitLen 229864 -parentBuildID 20240108143603 -greomni /usr/lib/firefox/omni.ja -appomni /usr/lib/firefox/browser/omni.ja -appDir /usr/lib/firefox/browser "{184341a0-668d-4d4c-b428-7f9d78f142a9}" 1400 true tab2⤵
- Reads CPU attributes
- Enumerates kernel/hardware configuration
- Reads runtime system information
-
/usr/lib/firefox/firefox/usr/lib/firefox/firefox -contentproc -childID 2 -isForBrowser -prefsLen 28924 -prefMapSize 234904 -jsInitLen 229864 -parentBuildID 20240108143603 -greomni /usr/lib/firefox/omni.ja -appomni /usr/lib/firefox/browser/omni.ja -appDir /usr/lib/firefox/browser "{67f1c8c6-2f59-4d94-bba7-fcc2b83cdbfd}" 1400 true tab2⤵
- Reads CPU attributes
- Reads runtime system information
-
/usr/lib/firefox/firefox/usr/lib/firefox/firefox -contentproc -parentBuildID 20240108143603 -sandboxingKind 0 -prefsLen 29535 -prefMapSize 234904 -appDir /usr/lib/firefox/browser "{e82768c1-4005-4cd3-98ff-41816878f153}" 1400 true utility2⤵
- Reads CPU attributes
- Enumerates kernel/hardware configuration
- Reads runtime system information
-
/usr/lib/firefox/firefox/usr/lib/firefox/firefox -contentproc -childID 3 -isForBrowser -prefsLen 25649 -prefMapSize 234904 -jsInitLen 229864 -parentBuildID 20240108143603 -greomni /usr/lib/firefox/omni.ja -appomni /usr/lib/firefox/browser/omni.ja -appDir /usr/lib/firefox/browser "{30818997-d5bd-4218-9aae-6acad1c2854f}" 1400 true tab2⤵
- Reads CPU attributes
- Enumerates kernel/hardware configuration
- Reads runtime system information
-
/usr/lib/firefox/firefox/usr/lib/firefox/firefox -contentproc -childID 4 -isForBrowser -prefsLen 25649 -prefMapSize 234904 -jsInitLen 229864 -parentBuildID 20240108143603 -greomni /usr/lib/firefox/omni.ja -appomni /usr/lib/firefox/browser/omni.ja -appDir /usr/lib/firefox/browser "{aa591ed1-1b2c-4673-8b11-d8f40ed8c8cf}" 1400 true tab2⤵
- Reads CPU attributes
- Enumerates kernel/hardware configuration
- Reads runtime system information
-
/usr/lib/firefox/firefox/usr/lib/firefox/firefox -contentproc -childID 5 -isForBrowser -prefsLen 25649 -prefMapSize 234904 -jsInitLen 229864 -parentBuildID 20240108143603 -greomni /usr/lib/firefox/omni.ja -appomni /usr/lib/firefox/browser/omni.ja -appDir /usr/lib/firefox/browser "{c5e6d04d-ea27-4de1-850f-ee22fde1ecaa}" 1400 true tab2⤵
- Reads CPU attributes
- Reads runtime system information
-
/usr/lib/firefox/firefox/usr/lib/firefox/firefox -contentproc -childID 6 -isForBrowser -prefsLen 25792 -prefMapSize 234904 -jsInitLen 229864 -parentBuildID 20240108143603 -greomni /usr/lib/firefox/omni.ja -appomni /usr/lib/firefox/browser/omni.ja -appDir /usr/lib/firefox/browser "{19036c19-b16b-4bb2-a558-fb39dda33dbc}" 1400 true tab2⤵
- Reads CPU attributes
- Enumerates kernel/hardware configuration
-
/usr/lib/firefox/firefox/usr/lib/firefox/firefox -contentproc -childID 7 -isForBrowser -prefsLen 33096 -prefMapSize 234904 -jsInitLen 229864 -parentBuildID 20240108143603 -greomni /usr/lib/firefox/omni.ja -appomni /usr/lib/firefox/browser/omni.ja -appDir /usr/lib/firefox/browser "{dcc18f38-1166-49d2-b0dc-b3b875f08fe1}" 1400 true tab2⤵
- Reads CPU attributes
- Enumerates kernel/hardware configuration
-
/usr/lib/firefox/firefox/usr/lib/firefox/firefox -contentproc -childID 8 -isForBrowser -prefsLen 28726 -prefMapSize 234904 -jsInitLen 229864 -parentBuildID 20240108143603 -greomni /usr/lib/firefox/omni.ja -appomni /usr/lib/firefox/browser/omni.ja -appDir /usr/lib/firefox/browser "{ca848b17-a03b-485c-ae0a-a1f5da9310f5}" 1400 true tab2⤵
- Reads CPU attributes
- Enumerates kernel/hardware configuration
-
/usr/lib/firefox/firefox/usr/lib/firefox/firefox -contentproc -childID 9 -isForBrowser -prefsLen 28726 -prefMapSize 234904 -jsInitLen 229864 -parentBuildID 20240108143603 -greomni /usr/lib/firefox/omni.ja -appomni /usr/lib/firefox/browser/omni.ja -appDir /usr/lib/firefox/browser "{f69715ff-baf6-4a11-a32f-4846c6214690}" 1400 true tab2⤵
- Reads CPU attributes
- Enumerates kernel/hardware configuration
-
/usr/lib/firefox/firefox/usr/lib/firefox/firefox -contentproc -childID 10 -isForBrowser -prefsLen 28726 -prefMapSize 234904 -jsInitLen 229864 -parentBuildID 20240108143603 -greomni /usr/lib/firefox/omni.ja -appomni /usr/lib/firefox/browser/omni.ja -appDir /usr/lib/firefox/browser "{dc9344aa-bd1a-443d-8eae-f9d63fd68165}" 1400 true tab2⤵
- Reads CPU attributes
- Enumerates kernel/hardware configuration
- Reads runtime system information
-
/usr/lib/firefox/firefox/usr/lib/firefox/firefox -contentproc -childID 11 -isForBrowser -prefsLen 28726 -prefMapSize 234904 -jsInitLen 229864 -parentBuildID 20240108143603 -greomni /usr/lib/firefox/omni.ja -appomni /usr/lib/firefox/browser/omni.ja -appDir /usr/lib/firefox/browser "{42c2d3df-b8f2-40ad-a710-c68c5a6d8620}" 1400 true tab2⤵
- Reads CPU attributes
- Enumerates kernel/hardware configuration
-
/usr/lib/firefox/firefox/usr/lib/firefox/firefox -contentproc -childID 12 -isForBrowser -prefsLen 28726 -prefMapSize 234904 -jsInitLen 229864 -parentBuildID 20240108143603 -greomni /usr/lib/firefox/omni.ja -appomni /usr/lib/firefox/browser/omni.ja -appDir /usr/lib/firefox/browser "{0627a56a-33de-4c21-9386-6650b7462e01}" 1400 true tab2⤵
- Reads CPU attributes
- Enumerates kernel/hardware configuration
-
/usr/lib/firefox/firefox/usr/lib/firefox/firefox -contentproc -childID 13 -isForBrowser -prefsLen 28726 -prefMapSize 234904 -jsInitLen 229864 -parentBuildID 20240108143603 -greomni /usr/lib/firefox/omni.ja -appomni /usr/lib/firefox/browser/omni.ja -appDir /usr/lib/firefox/browser "{1eeb16e9-4997-4150-81a5-d8539ac0431b}" 1400 true tab2⤵
- Reads CPU attributes
- Enumerates kernel/hardware configuration
- Reads runtime system information
-
/usr/lib/firefox/firefox/usr/lib/firefox/firefox -contentproc -childID 14 -isForBrowser -prefsLen 28726 -prefMapSize 234904 -jsInitLen 229864 -parentBuildID 20240108143603 -greomni /usr/lib/firefox/omni.ja -appomni /usr/lib/firefox/browser/omni.ja -appDir /usr/lib/firefox/browser "{a933b5c8-ffd5-45d2-9f7a-4902fa442878}" 1400 true tab2⤵
- Reads CPU attributes
-
/usr/lib/firefox/firefox/usr/lib/firefox/firefox -contentproc -childID 15 -isForBrowser -prefsLen 28726 -prefMapSize 234904 -jsInitLen 229864 -parentBuildID 20240108143603 -greomni /usr/lib/firefox/omni.ja -appomni /usr/lib/firefox/browser/omni.ja -appDir /usr/lib/firefox/browser "{9ed3c5b2-4829-4eba-9549-40d20384b2d8}" 1400 true tab2⤵
- Reads CPU attributes
- Enumerates kernel/hardware configuration
- Reads runtime system information
-
/usr/lib/firefox/firefox/usr/lib/firefox/firefox -contentproc -childID 16 -isForBrowser -prefsLen 28726 -prefMapSize 234904 -jsInitLen 229864 -parentBuildID 20240108143603 -greomni /usr/lib/firefox/omni.ja -appomni /usr/lib/firefox/browser/omni.ja -appDir /usr/lib/firefox/browser "{d8d2a656-dab2-43ea-a1d1-490f8bdc24d5}" 1400 true tab2⤵
- Reads CPU attributes
- Enumerates kernel/hardware configuration
-
/usr/lib/firefox/firefox/usr/lib/firefox/firefox -contentproc -childID 17 -isForBrowser -prefsLen 28726 -prefMapSize 234904 -jsInitLen 229864 -parentBuildID 20240108143603 -greomni /usr/lib/firefox/omni.ja -appomni /usr/lib/firefox/browser/omni.ja -appDir /usr/lib/firefox/browser "{bd48204a-18b7-4032-aca2-cdb81c4d6795}" 1400 true tab2⤵
- Reads CPU attributes
- Enumerates kernel/hardware configuration
- Reads runtime system information
-
/usr/lib/firefox/firefox/usr/lib/firefox/firefox -contentproc -childID 18 -isForBrowser -prefsLen 28726 -prefMapSize 234904 -jsInitLen 229864 -parentBuildID 20240108143603 -greomni /usr/lib/firefox/omni.ja -appomni /usr/lib/firefox/browser/omni.ja -appDir /usr/lib/firefox/browser "{804882ff-03cb-492a-85ac-eb9c171e5854}" 1400 true tab2⤵
- Reads CPU attributes
-
/usr/lib/firefox/firefox/usr/lib/firefox/firefox -contentproc -childID 19 -isForBrowser -prefsLen 28726 -prefMapSize 234904 -jsInitLen 229864 -parentBuildID 20240108143603 -greomni /usr/lib/firefox/omni.ja -appomni /usr/lib/firefox/browser/omni.ja -appDir /usr/lib/firefox/browser "{8e88457f-b703-45f3-8b46-ab8a119e5f6d}" 1400 true tab2⤵
- Reads CPU attributes
-
/usr/lib/firefox/firefox/usr/lib/firefox/firefox -contentproc -childID 20 -isForBrowser -prefsLen 28726 -prefMapSize 234904 -jsInitLen 229864 -parentBuildID 20240108143603 -greomni /usr/lib/firefox/omni.ja -appomni /usr/lib/firefox/browser/omni.ja -appDir /usr/lib/firefox/browser "{a4e4b219-2ee2-4492-a881-6f4552dad78f}" 1400 true tab2⤵
- Reads CPU attributes
- Enumerates kernel/hardware configuration
- Reads runtime system information
-
/usr/lib/firefox/firefox/usr/lib/firefox/firefox -contentproc -childID 21 -isForBrowser -prefsLen 28726 -prefMapSize 234904 -jsInitLen 229864 -parentBuildID 20240108143603 -greomni /usr/lib/firefox/omni.ja -appomni /usr/lib/firefox/browser/omni.ja -appDir /usr/lib/firefox/browser "{372acd76-77f0-4b76-bd64-69087e775840}" 1400 true tab2⤵
- Reads CPU attributes
-
/usr/lib/firefox/firefox/usr/lib/firefox/firefox -contentproc -childID 22 -isForBrowser -prefsLen 28726 -prefMapSize 234904 -jsInitLen 229864 -parentBuildID 20240108143603 -greomni /usr/lib/firefox/omni.ja -appomni /usr/lib/firefox/browser/omni.ja -appDir /usr/lib/firefox/browser "{d6aa49f7-ecab-4be9-a512-aefae3bb0bb3}" 1400 true tab2⤵
- Reads CPU attributes
- Enumerates kernel/hardware configuration
- Reads runtime system information
-
/usr/lib/firefox/firefox/usr/lib/firefox/firefox -contentproc -childID 23 -isForBrowser -prefsLen 28726 -prefMapSize 234904 -jsInitLen 229864 -parentBuildID 20240108143603 -greomni /usr/lib/firefox/omni.ja -appomni /usr/lib/firefox/browser/omni.ja -appDir /usr/lib/firefox/browser "{320a0d51-978b-48d0-b74a-89671e1f0985}" 1400 true tab2⤵
- Reads CPU attributes
- Enumerates kernel/hardware configuration
- Reads runtime system information
-
/usr/bin/speech-dispatcher/usr/bin/speech-dispatcher --spawn --communication-method unix_socket --socket-path /root/.cache/speech-dispatcher/speechd.sock2⤵
-
/bin/shsh -c "type espeak > /dev/null 2>&1"3⤵
-
/bin/shsh -c "type mbrola > /dev/null 2>&1"3⤵
-
/bin/shsh -c "type espeak > /dev/null 2>&1"3⤵
-
/bin/shsh -c "type espeak-ng > /dev/null 2>&1"3⤵
-
/bin/shsh -c "type mbrola > /dev/null 2>&1"3⤵
-
/bin/shsh -c "type curl > /dev/null 2>&1"3⤵
-
/bin/shsh -c "type epos-say > /dev/null 2>&1"3⤵
-
/bin/shsh -c "type say > /dev/null 2>&1"3⤵
-
/bin/shsh -c "type pico2wave > /dev/null 2>&1"3⤵
-
/bin/shsh -c "type llia_phon > /dev/null 2>&1"3⤵
-
/bin/shsh -c "type mbrola > /dev/null 2>&1"3⤵
-
/bin/shsh -c "type /opt/swift/bin/swift > /dev/null 2>&1"3⤵
-
/usr/lib/speech-dispatcher-modules/sd_espeak-ng/usr/lib/speech-dispatcher-modules/sd_espeak-ng /etc/speech-dispatcher/modules/espeak-ng.conf3⤵
-
/usr/lib/speech-dispatcher-modules/sd_generic/usr/lib/speech-dispatcher-modules/sd_generic /etc/speech-dispatcher/modules/mary-generic.conf3⤵
-
/usr/lib/speech-dispatcher-modules/sd_dummy/usr/lib/speech-dispatcher-modules/sd_dummy /etc/speech-dispatcher/modules/dummy.conf3⤵
-
/usr/lib/firefox/firefox/usr/lib/firefox/firefox -contentproc -childID 24 -isForBrowser -prefsLen 28726 -prefMapSize 234904 -jsInitLen 229864 -parentBuildID 20240108143603 -greomni /usr/lib/firefox/omni.ja -appomni /usr/lib/firefox/browser/omni.ja -appDir /usr/lib/firefox/browser "{6c51925f-0fec-4c76-9b53-3392a0f19c45}" 1400 true tab2⤵
- Reads CPU attributes
- Enumerates kernel/hardware configuration
- Reads runtime system information
-
/usr/lib/firefox/firefox/usr/lib/firefox/firefox -contentproc -childID 25 -isForBrowser -prefsLen 28726 -prefMapSize 234904 -jsInitLen 229864 -parentBuildID 20240108143603 -greomni /usr/lib/firefox/omni.ja -appomni /usr/lib/firefox/browser/omni.ja -appDir /usr/lib/firefox/browser "{0a24e77c-d900-4a4d-bdd7-feba5b0a3c8d}" 1400 true tab2⤵
- Reads CPU attributes
-
/usr/lib/firefox/firefox/usr/lib/firefox/firefox -contentproc -childID 26 -isForBrowser -prefsLen 28726 -prefMapSize 234904 -jsInitLen 229864 -parentBuildID 20240108143603 -greomni /usr/lib/firefox/omni.ja -appomni /usr/lib/firefox/browser/omni.ja -appDir /usr/lib/firefox/browser "{13823edb-c280-4057-aacd-3112cd1003c2}" 1400 true tab2⤵
- Reads CPU attributes
- Enumerates kernel/hardware configuration
- Reads runtime system information
-
/usr/lib/firefox/firefox/usr/lib/firefox/firefox -contentproc -childID 27 -isForBrowser -prefsLen 28726 -prefMapSize 234904 -jsInitLen 229864 -parentBuildID 20240108143603 -greomni /usr/lib/firefox/omni.ja -appomni /usr/lib/firefox/browser/omni.ja -appDir /usr/lib/firefox/browser "{ac6faf18-2cb9-40d7-8661-6a501c734060}" 1400 true tab2⤵
- Reads CPU attributes
- Reads runtime system information
-
/usr/lib/firefox/firefox/usr/lib/firefox/firefox -contentproc -childID 28 -isForBrowser -prefsLen 28726 -prefMapSize 234904 -jsInitLen 229864 -parentBuildID 20240108143603 -greomni /usr/lib/firefox/omni.ja -appomni /usr/lib/firefox/browser/omni.ja -appDir /usr/lib/firefox/browser "{eab37590-a881-4366-8110-d331dff7054d}" 1400 true tab2⤵
- Reads CPU attributes
- Enumerates kernel/hardware configuration
-
/usr/lib/firefox/firefox/usr/lib/firefox/firefox -contentproc -childID 29 -isForBrowser -prefsLen 28726 -prefMapSize 234904 -jsInitLen 229864 -parentBuildID 20240108143603 -greomni /usr/lib/firefox/omni.ja -appomni /usr/lib/firefox/browser/omni.ja -appDir /usr/lib/firefox/browser "{bb9d07e3-0370-4a33-95e0-4c616438b5fa}" 1400 true tab2⤵
- Reads CPU attributes
- Reads runtime system information
-
/usr/lib/firefox/firefox/usr/lib/firefox/firefox -contentproc -childID 30 -isForBrowser -prefsLen 28726 -prefMapSize 234904 -jsInitLen 229864 -parentBuildID 20240108143603 -greomni /usr/lib/firefox/omni.ja -appomni /usr/lib/firefox/browser/omni.ja -appDir /usr/lib/firefox/browser "{e9ebd517-09dc-4e03-b7dc-419f83efc52e}" 1400 true tab2⤵
- Reads CPU attributes
- Reads runtime system information
-
/usr/lib/firefox/firefox/usr/lib/firefox/firefox -contentproc -childID 31 -isForBrowser -prefsLen 28726 -prefMapSize 234904 -jsInitLen 229864 -parentBuildID 20240108143603 -greomni /usr/lib/firefox/omni.ja -appomni /usr/lib/firefox/browser/omni.ja -appDir /usr/lib/firefox/browser "{76f203d6-09ab-43c7-816a-7b975de65ea1}" 1400 true tab2⤵
- Reads CPU attributes
- Reads runtime system information
-
/usr/lib/firefox/firefox/usr/lib/firefox/firefox -contentproc -childID 32 -isForBrowser -prefsLen 28726 -prefMapSize 234904 -jsInitLen 229864 -parentBuildID 20240108143603 -greomni /usr/lib/firefox/omni.ja -appomni /usr/lib/firefox/browser/omni.ja -appDir /usr/lib/firefox/browser "{13c0cec5-a764-4562-96ab-063446132d12}" 1400 true tab2⤵
- Reads CPU attributes
- Enumerates kernel/hardware configuration
- Reads runtime system information
-
/usr/lib/firefox/firefox/usr/lib/firefox/firefox -contentproc -childID 33 -isForBrowser -prefsLen 28726 -prefMapSize 234904 -jsInitLen 229864 -parentBuildID 20240108143603 -greomni /usr/lib/firefox/omni.ja -appomni /usr/lib/firefox/browser/omni.ja -appDir /usr/lib/firefox/browser "{50d9adbb-9e7e-4139-bc7e-73ed4c8db0fe}" 1400 true tab2⤵
- Reads CPU attributes
- Enumerates kernel/hardware configuration
- Reads runtime system information
-
/usr/lib/firefox/firefox/usr/lib/firefox/firefox -contentproc -childID 34 -isForBrowser -prefsLen 28726 -prefMapSize 234904 -jsInitLen 229864 -parentBuildID 20240108143603 -greomni /usr/lib/firefox/omni.ja -appomni /usr/lib/firefox/browser/omni.ja -appDir /usr/lib/firefox/browser "{0206b6e9-95d0-4825-9c2e-067d473be0b3}" 1400 true tab2⤵
- Reads CPU attributes
- Enumerates kernel/hardware configuration
- Reads runtime system information
-
/usr/lib/firefox/firefox/usr/lib/firefox/firefox -contentproc -childID 35 -isForBrowser -prefsLen 28726 -prefMapSize 234904 -jsInitLen 229864 -parentBuildID 20240108143603 -greomni /usr/lib/firefox/omni.ja -appomni /usr/lib/firefox/browser/omni.ja -appDir /usr/lib/firefox/browser "{6ccfe873-22f3-49bb-80b9-10f6c749d7af}" 1400 true tab2⤵
- Reads CPU attributes
-
/usr/libexec/gvfsd-fuse/usr/libexec/gvfsd-fuse /root/.cache/gvfs -f -o big_writes1⤵
-
/usr/lib/firefox/crashreporter/usr/lib/firefox/crashreporter /root/.mozilla/firefox/thpqfd2q.default-release/minidumps/027fd262-4bf4-9d17-d220-ba37bfccf10d.dmp1⤵
-
/usr/lib/firefox/minidump-analyzer/usr/lib/firefox/minidump-analyzer --full /root/.mozilla/firefox/thpqfd2q.default-release/minidumps/027fd262-4bf4-9d17-d220-ba37bfccf10d.dmp2⤵
Network
MITRE ATT&CK Matrix ATT&CK v13
Replay Monitor
Loading Replay Monitor...
Downloads
-
/root/.cache/speech-dispatcher/log/dummy.logFilesize
129B
MD5b2b3a649e7e18f578a7d885627764958
SHA19581944e1dd494b74896964a2b2db251428849be
SHA2564d0663e7c2b22f2942d0e8eb992e7cce6350a01bde90d941a4fb1fab1e65065a
SHA512db150cd21eeea03ae2a4e0a1325f3f5d60343d08de349cb27e1da0a51402301b6271ede58f69377dc0d337e9db1071d5921a4d26f81427b74d361959d2c823e7
-
/root/.cache/speech-dispatcher/log/espeak-ng.logFilesize
52B
MD5ef84f4e65f11da983c74a7bb8edb00e4
SHA16a6b59b99ceba44216cfa42e5be6a1d641615ded
SHA256f56bc2309418b8e3f485b18fa4cc2a641912f03a08e3555387faa6fb925ca547
SHA51285019f18beeea67e60030755b3181fc3305eaade197200bd37a956dab9c4aea9ca0006f350c9def753c2036ddf851822733e9a050829b563624e9fec52fe784d
-
/root/.cache/speech-dispatcher/log/mary-generic.logFilesize
151B
MD57b92a4d1d104620c17b8b007b82f4ea6
SHA1fd86d4191806d10aa33baa3f47d2251dbacf461e
SHA2567a0cea6035a30a623000fec0b0b03f597049663dcf103bb47af898a2e5db4966
SHA51264620869fc6c85c667f7543c5fecc6771756bf2d429295a2c6f3397deab885e373ed2542625de8e67ce696bc506c300c43a14ccb482f628b17e869cb07f0e2d2
-
/root/.cache/speech-dispatcher/log/speech-dispatcher.logFilesize
3KB
MD52e1e79fe2f78863b40a227e7372b82c7
SHA142daf2e6d4a2058b97a26270492187105a026c87
SHA256662aec9a80f2a5916aaa16145ae468fbcd443166162644e66d3a1675d7782944
SHA512ba01d70498b075482d46f3b8f6da3d16e37e6f4216f132e3c2e1e00f4f3efe3d879df5a3860f0793a7d6ef94d49d5fa01da575bd8870dda1cb97aae4fd290f51
-
/root/.cache/speech-dispatcher/pid/speech-dispatcher.pidFilesize
5B
MD5d4b9334c67be433284f431657270ccf4
SHA16ed9fb1c259ba16181c274be4d5a74f635fdf5e5
SHA256ea6469a2d4ffc2fd955d0efe1da013713a2f224f2b33a625fce1253d456974ed
SHA5126178b67150407a363287aea6529eb9e475b20f15df9b20226533a173c458121f572946e1d57a07d5e071f5f8456a8c228e49e8bca0e42ea97766a6b655fb4782
-
/root/Downloads/Release.uBEeSriq.zip.partFilesize
25.7MB
MD52c1779aaedc5729b7d17e788efbc00b2
SHA12d84465b34c93c3d78356d60b547350ec75df774
SHA2565601472e60814064032814f71b82fc8b58eaf4c53dc164728601d514684e3fca
SHA5126fb2b4e7cba988949c96655277226e4a8700bd976e20b4efd9e90ed767142aff105ad092fa966fda62440488a9b2f4a0e11a63553a165c581782d01fc06e67db
-
/root/Downloads/qKDlK-WA.zip.partFilesize
2.3MB
MD5ae0dcc5ef53a6ece24549c2a39c8d4a2
SHA173421b1fba5c65cd45b0861610e62931356172ea
SHA25681f79671964195b135264092859accf19c659ac347282a91dbbb18222eab0979
SHA51218d41f85468d540d31c26cab5efa14d68edad9d0cfe10459f935ae6abdd6c52204753c2d8e21834e0c5729e9780309fe7bce450ed5baba19bbb28c713849a7b1
-
/tmp/tmpaddonFilesize
569KB
MD530082ae40dc48af6343db2fd22cfc645
SHA13eb577555ee638e8beb01173e8f29e172747a728
SHA25685d4b95f9b2075daee9b0e64bce8d9d7343d0dda10e6072d7f9485a68472ee76
SHA51253a58bfb4c8124ad4f7655b99bfdea290033a085e0796b19245b33b91c0948fdac9f0c3e817130b352493a65d9a7a0fc8a7c1eedc618cdaa2b4580734a11cd9c