DOCSLIB.ORG

Automated Malware Analysis Report for Msdtc

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Automated Malware Analysis Report for Msdtc ID: 341136 Sample Name: msdtc Cookbook: defaultlinuxfilecookbook.jbs Time: 20:11:06 Date: 18/01/2021 Version: 31.0.0 Red Diamond Table of Contents Table of Contents 2 Analysis Report msdtc 4 Overview 4 General Information 4 Detection 4 Signatures 4 Classification 4 Startup 4 Yara Overview 4 Signature Overview 4 AV Detection: 5 Mitre Att&ck Matrix 5 Behavior Graph 5 Antivirus, Machine Learning and Genetic Malware Detection 6 Initial Sample 6 Dropped Files 6 Domains 6 URLs 6 Domains and IPs 6 Contacted Domains 6 Contacted IPs 6 General Information 7 Runtime Messages 7 Joe Sandbox View / Context 7 IPs 7 Domains 7 ASN 7 JA3 Fingerprints 7 Dropped Files 7 Created / dropped Files 8 Static File Info 8 General 8 Static ELF Info 8 ELF header 8 Sections 8 Program Segments 9 Dynamic Tags 9 Symbols 10 Network Behavior 11 System Behavior 11 Analysis Process: msdtc PID: 4567 Parent PID: 4498 11 General 11 File Activities 11 File Read 11 Analysis Process: msdtc PID: 4570 Parent PID: 4567 11 General 11 Analysis Process: sh PID: 4570 Parent PID: 4567 11 General 11 File Activities 11 File Read 11 Analysis Process: sh PID: 4572 Parent PID: 4570 11 General 11 Analysis Process: pgrep PID: 4572 Parent PID: 4570 12 General 12 File Activities 12 File Read 12 Directory Enumerated 12 Analysis Process: msdtc PID: 4598 Parent PID: 4567 12 General 12 Copyright null 2021 Page 2 of 13 Analysis Process: sh PID: 4598 Parent PID: 4567 12 General 12 File Activities 12 File Read 12 Analysis Process: sh PID: 4599 Parent PID: 4598 12 General 12 Analysis Process: pidof PID: 4599 Parent PID: 4598 13 General 13 File Activities 13 File Read 13 Directory Enumerated 13 Analysis Process: msdtc PID: 4616 Parent PID: 4567 13 General 13 Analysis Process: msdtc PID: 4617 Parent PID: 4616 13 General 13 Copyright null 2021 Page 3 of 13 Analysis Report msdtc Overview General Information Detection Signatures Classification Sample msdtc Name: Maacchhiiinnee LLeeaarrrnniiinngg ddeettteecctttiiioonn fffoorrr ssaampp… Analysis ID: 341136 EMEnnauucmhienerreraa ttLteeessa prpnrrroionccgee sdssseeetess c wwtiioiittthnhi iinfno ttrthh seea ""m"pp…p MD5: 9062cd88a24bee… EExnxeuecmcuuettteerass t cecosom pmroacanendsdsse uusss wiiinnigtgh aian s sthheell llll" cpc… Ransomware SHA1: b0d1e426d34fd8b… Miner Spreading EExxeeccuuttteess ttcthhoeem """mppggarrrneedpps""" cucosomingm aa nnsddh essleel aca… SHA256: f037eedb0922609… mmaallliiiccciiioouusss RERexeeaacddusst eCCsPP tUUh e iiin n"fffpoogrrrmreaapttt"iiio ocnno mfffrrroomma n///ssdyy ss e iiinan… malicious Evader Phishing sssuusssppiiiccciiioouusss suspicious SRSaeamadppsllle eC hhPaaUss sisntttrfrrioiipprpmpeeaddt i sosynym frbbooomlll t tta/asbbylllsee in SSaamppllee hhaass ssttrriippppeedd ssyymbbooll ttaabbllee cccllleeaann clean USUsasemessp ttlthehe eh "a""uusnn saatmripeep""" e ssdyy sstttyeemmb cocaal lltlllla tttbool eqquu… Exploiter Banker Uses the "uname" system call to qu Spyware Trojan / Bot Adware Score: 23 Range: 0 - 100 Whitelisted: false Startup system is lnxubuntu1 msdtc (PID: 4567, Parent: 4498, MD5: 9062cd88a24beea34501bb5006a1383d) Arguments: /tmp/msdtc msdtc New Fork (PID: 4570, Parent: 4567) sh (PID: 4570, Parent: 4567, MD5: e02ea3c3450d44126c46d658fa9e654c) Arguments: sh -c "pgrep smcard" sh New Fork (PID: 4572, Parent: 4570) pgrep (PID: 4572, Parent: 4570, MD5: f3b843351a404d4e8d4ce0ed0775fa9c) Arguments: pgrep smcard msdtc New Fork (PID: 4598, Parent: 4567) sh (PID: 4598, Parent: 4567, MD5: e02ea3c3450d44126c46d658fa9e654c) Arguments: sh -c "pidof smcard" sh New Fork (PID: 4599, Parent: 4598) pidof (PID: 4599, Parent: 4598, MD5: 1927a3fb9f656f7b53b72c92cbbecfe9) Arguments: pidof smcard msdtc New Fork (PID: 4616, Parent: 4567) msdtc New Fork (PID: 4617, Parent: 4616) cleanup Yara Overview No yara matches Signature Overview • AV Detection • Bitcoin Miner • System Summary • Persistence and Installation Behavior • Malware Analysis System Evasion Copyright null 2021 Page 4 of 13 Click to jump to signature section AV Detection: Machine Learning detection for sample Mitre Att&ck Matrix Command Remote Initial Privilege Defense Credential Lateral and Network Service Access Execution Persistence Escalation Evasion Access Discovery Movement Collection Exfiltration Control Effects Effects Impact Valid Scripting 1 Path Path Scripting 1 OS Security Remote Data from Exfiltration Data Eavesdrop on Remotely Modify Accounts Interception Interception Credential Software Services Local Over Other Obfuscation Insecure Track Device System Dumping 1 Discovery 1 System Network Network Without Partition Medium Communication Authorization Default Scheduled Boot or Boot or Rootkit LSASS System Remote Data from Exfiltration Junk Data Exploit SS7 to Remotely Device Accounts Task/Job Logon Logon Memory Information Desktop Removable Over Redirect Phone Wipe Data Lockout Initialization Initialization Discovery 1 Protocol Media Bluetooth Calls/SMS Without Scripts Scripts Authorization Behavior Graph Copyright null 2021 Page 5 of 13 Hide Legend Behavior Graph Legend: ID: 341136 Process Sample: msdtc Signature Startdate: 18/01/2021 Created File Architecture: LINUX DNS/IP Info Score: 23 Is Dropped Number of created Files Is malicious Machine Learning detection started for sample Internet msdtc started started started msdtc msdtc msdtc sh sh started started started sh sh msdtc pgrep pidof Antivirus, Machine Learning and Genetic Malware Detection Initial Sample Source Detection Scanner Label Link msdtc 4% ReversingLabs msdtc 100% Joe Sandbox ML Dropped Files No Antivirus matches Domains No Antivirus matches URLs No Antivirus matches Domains and IPs Contacted Domains No contacted domains info Contacted IPs Copyright null 2021 Page 6 of 13 No contacted IP infos General Information Joe Sandbox Version: 31.0.0 Red Diamond Analysis ID: 341136 Start date: 18.01.2021 Start time: 20:11:06 Joe Sandbox Product: CloudBasic Overall analysis duration: 0h 4m 21s Hypervisor based Inspection enabled: false Report type: light Sample file name: msdtc Cookbook file name: defaultlinuxfilecookbook.jbs Analysis system description: Ubuntu Linux 16.04 x64 (Kernel 4.4.0-116, Firefox 59.0, Document Viewer 3.18.2, LibreOffice 5.1.6.2, OpenJDK 1.8.0_171) Detection: SUS Classification: sus23.lin@0/0@0/0 Warnings: Show All Runtime Messages Command: /tmp/msdtc Exit Code: 0 Exit Code Info: Killed: False Standard Output: Standard Error: Joe Sandbox View / Context IPs No context Domains No context ASN No context JA3 Fingerprints No context Dropped Files No context Copyright null 2021 Page 7 of 13 Created / dropped Files No created / dropped files found Static File Info General File type: ELF 64-bit LSB executable, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so .2, for GNU/Linux 2.6.8, stripped Entropy (8bit): 5.3015544951122004 TrID: ELF Executable and Linkable format (Linux) (4029/14) 49.77% ELF Executable and Linkable format (generic) (4004/1) 49.46% Lumena CEL bitmap (63/63) 0.78% File name: msdtc File size: 23816 MD5: 9062cd88a24beea34501bb5006a1383d SHA1: b0d1e426d34fd8bcf3e2d3b3a031dde5690a3f12 SHA256: f037eedb09226097e7a95e9cbdcf75196efce754316f9bc babbff7a7d402fa30 SHA512: 3318705134a508037feb7c92fde6c12d020a0eec83fc6fe 9ec909acf224ddb305fd662b4fbe19f620c48952973345c a43b49626f73b9dc0faa345da83dc850ff SSDEEP: 384:Sw4pfLn37mDdtMhHESI1hUg1b1syS67Rrtv+zKoj m:SfpfLn37MIkSI1hLbTS67Rrp+zKo File Content Preview: .ELF..............>.......@[email protected][email protected]...@............ .@.......@.@.....@.@...............................................@..... ..@...............................................@[email protected].... .... ..............P.......P`.... Static ELF Info ELF header Class: ELF64 Data: 2's complement, little endian Version: 1 (current) Machine: Advanced Micro Devices X86-64 Version Number: 0x1 Type: EXEC (Executable file) OS/ABI: UNIX - System V ABI Version: 0 Entry Point Address: 0x4014c0 Flags: 0x0 ELF Header Size: 64 Program Header Offset: 64 Program Header Size: 56 Number of Program Headers: 8 Section Header Offset: 22024 Section Header Size: 64 Number of Section Headers: 28 Header String Table Index: 27 Sections Flags Name Type Address Offset Size EntSize Flags Description Link Info Align NULL 0x0 0x0 0x0 0x0 0x0 0 0 0 .interp PROGBITS 0x400200 0x200 0x1c 0x0 0x2 A 0 0 1 .note.ABI-tag NOTE 0x40021c 0x21c 0x20 0x0 0x2 A 0 0 4 .hash HASH 0x400240 0x240 0x184 0x4 0x2 A 5 0 8 .gnu.hash GNU_HASH 0x4003c8 0x3c8 0x24 0x0 0x2 A 5 0 8 .dynsym DYNSYM 0x4003f0 0x3f0 0x570 0x18 0x2 A 6 1 8 .dynstr STRTAB 0x400960 0x960 0x1c6 0x0 0x2 A 0 0 1 .gnu.version VERSYM 0x400b26 0xb26 0x74 0x2 0x2 A 5 0 2 Copyright null 2021 Page 8 of 13 Flags Name Type Address Offset Size EntSize Flags Description Link Info Align .gnu.version_r VERNEED 0x400ba0 0xba0 0x50 0x0 0x2 A 6 2 8 .rela.dyn RELA 0x400bf0 0xbf0 0x30 0x18 0x2 A 5 0 8 .rela.plt RELA 0x400c20 0xc20 0x510 0x18 0x2 A 5 12 8 .init PROGBITS 0x401130 0x1130 0x18 0x0 0x6 AX 0 0 4 .plt PROGBITS 0x401148 0x1148 0x370 0x10 0x6 AX 0 0 4 .text PROGBITS 0x4014c0 0x14c0 0x3118 0x0 0x6 AX 0 0 16 .fini PROGBITS 0x4045d8 0x45d8 0xe 0x0 0x6 AX 0 0 4 .rodata PROGBITS 0x4045e8 0x45e8 0x429 0x0 0x2 A 0 0 8 .eh_frame_hdr PROGBITS 0x404a14 0x4a14 0xf4 0x0 0x2 A 0 0 4 .eh_frame PROGBITS 0x404b08 0x4b08 0x3d4 0x0 0x2 A 0 0 8 .ctors PROGBITS 0x605000 0x5000 0x10 0x0 0x3 WA 0 0 8 .dtors PROGBITS 0x605010 0x5010 0x10 0x0 0x3 WA 0 0 8 .jcr PROGBITS 0x605020 0x5020 0x8 0x0 0x3 WA 0 0 8 .dynamic DYNAMIC 0x605028 0x5028 0x1b0 0x10 0x3 WA 6 0 8 .got PROGBITS 0x6051d8 0x51d8 0x8 0x8 0x3 WA 0 0 8 .got.plt
Load more

Recommended publications
  • Linux Hardening Techniques Vasudev Baldwa Ubnetdef, Spring 2021 Agenda
    Linux Hardening Techniques Vasudev Baldwa UBNetDef, Spring 2021 Agenda 1. What is Systems Hardening? 2. Basic Principles 3. Updates & Encryption 4. Monitoring 5. Services 6. Firewalls 7. Logging What is System Hardening? ⬡ A collection of tools, techniques, and best practices to reduce vulnerability in technology applications, systems, infrastructure, firmware, and other areas ⬡ 3 major areas: OS vs Software vs Network ⬠ When have we done hardening in this class before? ⬠ This lecture is focusing mostly on OS and software level Why Harden? ⬡ Firewalls can only get us so far, what happens when at attack is inside the network? ⬠ If you have nothing protecting your systems you are in trouble ⬡ We want some kind of secondary protection A Few Cybersecurity Principles ⬡ Zero Trust Security ⬠ Instead of assuming everything behind the firewall is safe, Zero Trust verifies each request as though it originates from an unsecure network ⬡ Principle of Least Privilege ⬠ Only privileges needed to complete a task should be allowed ⬠ Users should not have domain administrator/root privileges ⬡ Principle of Least Common Mechanism ⬠ Mechanisms used to access resources should not be shared in order to avoid the transmission of data. ⬠ Shared resources should not be used to access resources The Threat Model ⬡ A process by which potential threats can be identified and prioritized. ⬠ If you have a web server that feeds input to a mysql database, then protecting against mysql injections would be prioritized in your model. 2 considerations ⬡ *nix like is a very
    [Show full text]
  • HP-UX Fundamentals
    Contact Us: (616) 875-4060 HP-UX Essentials Course Summary Length: 3 Days Prerequisite: Basic computer skills Recommendation Statement: Student should be able to use a computer monitor, keyboard, mouse. Student needs to be able to input commands and control characters from a keyboard. Course Description: For those new to HP-UX, this is the first course you will take. The course starts at the beginner level and works into intermediate and advanced HP-UX commands and utilities. The student is introduced to the HP-UX Korn shell, the command line and command syntax. Although you will be exposed to the various windowing platforms available in HP-UX, this course teaches UNIX at “the command line level” to develop a thorough understanding of the HP-UX operating environment. The student learns how to navigate the HP-UX file systems and how to work with files, directories and permissions. The student will learn how to use the HP-UX editors “ex” and “vi. “ Once the student is comfortable with basic HP-UX commands, they’ll move onto advanced power tools as well as how to customize the POSIX Korn shell. The classroom labs are run in a real-world UNIX environment, are structured to allow you to learn by doing, and are developed to simulate “real world” situations. The hands-on labs progressively build your HP-UX knowledge and command skills in a clear and concise manner. Working in a controlled UNIX classroom environment with an expert instructor, you will learn HP-UX concepts and commands. You will receive professional tips and techniques that will help you build your HP-UX confidence and skills.
    [Show full text]
  • Full Workload
    Command Line: Process Control C@ELOLJ<I GifZ\jjXe[afYZfekifc =LCCNFIBCF8; !Qn\`Ycld#g_fkfZXj\%Zfd What is happening on your Linux machine? Various shell commands All of these parameters can be com- bined – for example, pstree -apu. give you details about system processes and help you control them. C`jk`e^GifZ\jj\jn`k_gj BY HEIKE JURZIK The ps command gives you a list of the processes currently running on your sys- henever you or an application ing. All other processes share this com- tem. If you do not specify any command- launch a program, the operat- mon “ancestor” – init starts the operat- line parameters, the tool will restrict the Ning system starts one or multi- ing system’s basic programs. pstree list to the current shell. If you are inter- ple processes. These processes can enter shows the relationship between “parent” ested in all of your processes, call ps various states: They can be processed, and “child” processes. This tree struc- with the x option (Listing 1). stopped, restarted, and – under normal ture shows you at a glance who is de- The tabular output in the shell tells circumstances – stopped again. Linux scended from whom (Figure 1). you the following characteristics: has something similar to access controls ฀ PID: The process identifier, a unique for processes: Only the user that started 8[[`k`feXcFlkglk number that you can use to reference a process can stop, restart, or terminate The tool gives you more detailed output a process individually. the process. if you set the -a flag. This tells pstree to ฀ TTY: The terminal or console on The only exception to this rule is the show you, in addition, the parameters which the process was started.
    [Show full text]
  • LFS-BOOK.Pdf
    Linux From Scratch Версия 7.3 Автор Gerard Beekmans Редакторы Matthew Burgess и Bruce Dubbs Перевод Иван Лабутин Linux From Scratch: Версия 7.3 by Автор Gerard Beekmans, Редакторы Matthew Burgess и Bruce Dubbs, Перевод Иван Лабутин Copyright © 1999-2013 Gerard Beekmans Copyright © 1999-2013, Gerard Beekmans Все права защищены. Эта книга выпущена под лицензией Creative Commons License. Команды для компьютера могут быть извлечены из книги под лицензией MIT License. Linux® зарегистрированная торговая марка Linus Torvalds. Linux From Scratch - Версия 7.3 Содержание Пролог ......................................................................................................................... viii i. Предисловие ........................................................................................................ viii ii. Кому адресована эта книга? ............................................................................... ix iii. Целевые архитектуры LFS .................................................................................. x iv. LFS и стандарты .................................................................................................. x v. Пояснения к выбранным пакетам ..................................................................... xii vi. Необходимые знания ....................................................................................... xvii vii. Требования к хост-системе ........................................................................... xviii viii. Соглашения, используемые в книге .............................................................
    [Show full text]
  • Linux Shell Scripting Cookbook Second Edition
    Linux Shell Scripting Cookbook Second Edition Over 110 practical recipes to solve real-world shell problems, guaranteed to make you wonder how you ever lived without them Shantanu Tushar Sarath Lakshman BIRMINGHAM - MUMBAI Linux Shell Scripting Cookbook Second Edition Copyright © 2013 Packt Publishing All rights reserved. No part of this book may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written permission of the publisher, except in the case of brief quotations embedded in critical articles or reviews. Every effort has been made in the preparation of this book to ensure the accuracy of the information presented. However, the information contained in this book is sold without warranty, either express or implied. Neither the authors, nor Packt Publishing, and its dealers and distributors will be held liable for any damages caused or alleged to be caused directly or indirectly by this book. Packt Publishing has endeavored to provide trademark information about all of the companies and products mentioned in this book by the appropriate use of capitals. However, Packt Publishing cannot guarantee the accuracy of this information. First published: January 2011 Second edition: May 2013 Production Reference: 1140513 Published by Packt Publishing Ltd. Livery Place 35 Livery Street Birmingham B3 2PB, UK. ISBN 978-1-78216-274-2 www.packtpub.com Cover Image by Parag Kadam ([email protected]) Credits Authors Project Coordinator Shantanu Tushar Shiksha Chaturvedi Sarath Lakshman Proofreader Reviewers Linda Morris Rajeshwari K. John C. Kennedy Indexer Hemangini Bari Anil Kumar Sudhendu Kumar Production Coordinator Aravind SV Shantanu Zagade Acquisition Editor Cover Work Kartikey Pandey Shantanu Zagade Lead Technical Editor Ankita Shashi Technical Editors Jalasha D'costa Amit Ramadas Lubna Shaikh About the Authors Shantanu Tushar is an advanced GNU/Linux user since his college days.
    [Show full text]
  • Bash Guide for Beginners
    Bash Guide for Beginners Machtelt Garrels Xalasys.com <tille wants no spam _at_ xalasys dot com> Version 1.8 Last updated 20060315 Edition Bash Guide for Beginners Table of Contents Introduction.........................................................................................................................................................1 1. Why this guide?...................................................................................................................................1 2. Who should read this book?.................................................................................................................1 3. New versions, translations and availability.........................................................................................2 4. Revision History..................................................................................................................................2 5. Contributions.......................................................................................................................................3 6. Feedback..............................................................................................................................................3 7. Copyright information.........................................................................................................................3 8. What do you need?...............................................................................................................................4 9. Conventions used in this
    [Show full text]
  • 50 Most Frequently Used UNIX / Linux Commands (With Examples)
    17/10/13 50 Most Frequently Used UNIX / Linux Commands (With Examples) Home Free eBook Start Here Archives Contact About 50 Most Frequently Used UNIX / Linux Commands (With Examples) by Ramesh Natarajan on November 8, 2010 290 Curtir 375 Tw eet 325 This article provides practical examples for 50 most frequently used commands in Linux / UNIX. This is not a comprehensive list by any means, but this should give you a jumpstart on some of the common Linux commands. Bookmark this article for your future reference. Did I miss any frequently used Linux commands? Leave a comment and let me know. 1. tar command examples Create a new tar archive. $ tar cvf archive_name.tar dirname/ Extract from an existing tar archive. $ tar xvf archive_name.tar View an existing tar archive. www.thegeekstuff.com/2010/11/50-linux-commands/ 1/32 17/10/13 50 Most Frequently Used UNIX / Linux Commands (With Examples) $ tar tvf archive_name.tar More tar examples: The Ultimate Tar Command Tutorial with 10 Practical Examples 2. grep command examples Search for a given string in a file (case in-sensitive search). $ grep -i "the" demo_file Print the matched line, along with the 3 lines after it. $ grep -A 3 -i "example" demo_text Search for a given string in all files recursively $ grep -r "ramesh" * More grep examples: Get a Grip on the Grep! – 15 Practical Grep Command Examples 3. find command examples Find files using file-name ( case in-sensitve find) # find -iname "MyCProgram.c" Execute commands on files found by the find command $ find -iname "MyCProgram.c" -exec md5sum {} \; Find all empty files in home directory # find ~ -empty More find examples: Mommy, I found it! — 15 Practical Linux Find Command Examples 4.
    [Show full text]
  • Linux Shell Scripting Tutorial V2.0
    Linux Shell Scripting Tutorial v2.0 Written by Vivek Gite <[email protected]> and Edited By Various Contributors PDF generated using the open source mwlib toolkit. See http://code.pediapress.com/ for more information. PDF generated at: Mon, 31 May 2010 07:27:26 CET Contents Articles Linux Shell Scripting Tutorial - A Beginner's handbook:About 1 Chapter 1: Quick Introduction to Linux 4 What Is Linux 4 Who created Linux 5 Where can I download Linux 6 How do I Install Linux 6 Linux usage in everyday life 7 What is Linux Kernel 7 What is Linux Shell 8 Unix philosophy 11 But how do you use the shell 12 What is a Shell Script or shell scripting 13 Why shell scripting 14 Chapter 1 Challenges 16 Chapter 2: Getting Started With Shell Programming 17 The bash shell 17 Shell commands 19 The role of shells in the Linux environment 21 Other standard shells 23 Hello, World! Tutorial 25 Shebang 27 Shell Comments 29 Setting up permissions on a script 30 Execute a script 31 Debug a script 32 Chapter 2 Challenges 33 Chapter 3:The Shell Variables and Environment 34 Variables in shell 34 Assign values to shell variables 38 Default shell variables value 40 Rules for Naming variable name 41 Display the value of shell variables 42 Quoting 46 The export statement 49 Unset shell and environment variables 50 Getting User Input Via Keyboard 50 Perform arithmetic operations 54 Create an integer variable 56 Create the constants variable 57 Bash variable existence check 58 Customize the bash shell environments 59 Recalling command history 63 Path name expansion 65 Create and use aliases 67 The tilde expansion 69 Startup scripts 70 Using aliases 72 Changing bash prompt 73 Setting shell options 77 Setting system wide shell options 82 Chapter 3 Challenges 83 Chapter 4: Conditionals Execution (Decision Making) 84 Bash structured language constructs 84 Test command 86 If structures to execute code based on a condition 87 If.
    [Show full text]
  • Killing Processes This Tip Shows You Some Interesting Ways to Kill Stubborn Processes
    http://www.linuxhowtos.org/Tips and Tricks/kill_processes.pdf Killing Processes This tip shows you some interesting ways to kill stubborn processes. Never let it be said that you can't kill a process again! The first way is the old boring way that most people probably use. Use the command ps aux, look through the process list until you find the PID you want and issue the kill command. How tedious! Alternatively, try using the killall command which will automatically kill a program based on its name. Code Listing 1 # killall mozilla-bin But what if you only know part of the name? Well, you could combine ps with grep, kill and awk to produce something like this. Code Listing 2 # ps aux | grep mozilla | awk '{print $2}' | xargs kill But, there's a far simpler way. Enter pkill and the closely related pgrep. These commands are part of the sys-apps/procps package and are designed to search for (or kill) running processes. So the previous command could be replaced with the following: Code Listing 3 # pkill mozilla Note: To list the PIDs instead of killing them, use pgrep. Finally, what if you have a runaway process hogging /dev/dsp, or some other file/socket? You can use fuser, which displays the PIDs of process using a specified file or filesystem. Or give it the -k option, like this, and you can easily kill those processes: Code Listing 4 # fuser -k /dev/dsp From http://www.gentoo.org/news/en/gwn/20030707-newsletter.xml image:rdf newsfeed / //static.linuxhowtos.org/data/rdf.png (null) | image:rss newsfeed / //static.linuxhowtos.org/data/rss.png
    [Show full text]
  • Wildcards and Regular Expressions.Shw
    Wildcards and Regular Expressions Hour 9 PObjectives <Regular expressions <File name wild cards and hiding wild cards from the shell <Searching for strings and patterns: grep, fgrep, and egrep Copyright © 1998-2002 Delroy A. Brinkerhoff. All Rights Reserved. Hour 9 Unix Slide 1 of 12 Regular Expressions A formal language PFormal (computer) languages are categorized by their strength (i.e., by the complexity of the grammar they accept) PRegular expressions are the simplest of these languages PRegular expressions are formed with metacharacters <Some characters just represent themselves <Metacharacters have an extended, regular expression meaning <The set of metacharacters and the associated meaning vary between regular expression languages (i.e., the regular expression language accepted by Unix commands is not always the same) Hour 9 Unix Slide 2 of 12 Wildcards File name shortcuts PWildcard characters <Simplified (subset of) regular expression <Shortcut method of specifying –a single file name – multiple file names with one expression < Implemented or expanded by the shell (Bourne, Korn, C, & others) – Wildcards work with any command (including user-written programs) that accepts multiple file names on the command line PIf these characters are interpreted by a command, they can be hidden from the shell with quotation marks < " (double quote marks) inhibit wildcard expansion < ' (single quote marks) inhibit wildcard expansion, variable substitution ($varname), and command substitution (introduced later) Hour 9 Unix Slide 3 of 12 Wildcard
    [Show full text]
  • Intermediate Linux
    Intermediate Linux th st !!***May subroutine 30 mpi_utils_step_parallel_edge– 31 , 2016 implicit none integer ele, ierr do ele = 1, nfaces Lecturerscall mpi_isend(commvec(ele)%field1(commvec(ele)%out_i1, (in alphabetical order): & & commvec(ele)%out_j1, & Jaakko& Leinonen commvec(ele)%out_k1), & Tomasz& 1, commvec(ele)%mpi_type_out1,Malkiewicz & & commvec(ele)%to_id, commvec(ele)%to_id, & Thomas& MPI_COMM_WORLD, Zwinger send_reqs(ele), ierr) if(ierr /= MPI_SUCCESS) then call pio_abort(ierr) end if call mpi_isend(commvec(ele)%field2(commvec(ele)%out_i2, & & commvec(ele)%out_j2, & & commvec(ele)%out_k2), & & 1, commvec(ele)%mpi_type_out2, & & commvec(ele)%to_id, commvec(ele)%to_id+tag_offset, & & MPI_COMM_WORLD, send_reqs(nfaces+ele), ierr) if(ierr /= MPI_SUCCESS) then call pio_abort(ierr) end if end do #ifdef NONBLOCK do ele = 1, nfaces All material (C) 2016 by the authors. call mpi_irecv(commvec(ele)%field1(commvec(ele)%in_i1, & This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 3.0 Unported & commvec(ele)%in_j1, & 1 License, http://creativecommons.org/licenses/by-nc-sa/3.0/ 2 & commvec(ele)%in_k1), & & 1, commvec(ele)%mpi_type_in1, & Program, May 30th 09:30 – 10:00 Morning coffee & registration 10:00 – 10:15 Introduction to the course (whereabouts, etc.) 10:15 – 10:45 Recapping Introduction to Linux (to refresh memory) 10:45 – 11:30 Basic concepts of shells 11:30 – 12:30 Lunch 12:30 – 14:30 Working with the Bash shell 14:30 – 15:00 Coffee 15:00 – 15:45 Bash job management and signals About This Course 15:45 – 16:30 Hands-on exercises & Troubleshooter: Interactive session to deal with open questions and specific problems 3 4 Program, May 31st How We Teach 09:00 – 10:00 Pipes, named pipes and redirecting All topics are presented with interactive demonstrations.
    [Show full text]
  • Introduction to Linux
    Introduction to Linux A Hands on Guide Machtelt Garrels CoreSequence.com <[email protected]> Version 1.8 Last updated 20030916 Edition Introduction to Linux Table of Contents Introduction.........................................................................................................................................................1 1. Why this guide?...................................................................................................................................1 2. Who should read this book?.................................................................................................................1 3. New versions of this guide...................................................................................................................1 4. Revision History..................................................................................................................................1 5. Contributions.......................................................................................................................................2 6. Feedback..............................................................................................................................................2 7. Copyright information.........................................................................................................................3 8. What do you need?...............................................................................................................................3 9. Conventions used
    [Show full text]