Day 18

Eradication A Gift That Keeps on Giving

Learning Objectives

Identify the CPU and memory usage of processes in Linux.
Kill unwanted processes in Linux.
Find ways a process can persist beyond termination.
Remove persistent processes permanently.

This room is again a very straightforward one with all commands and instructions already given. We just need to follow along and run them.

What is the name of the service that respawns the process after killing it?
[REDACTED]

systemctl list-unit-files | grep enabled

This can be found when we check for list of running services

What is the path from where the process and service were running?
[REDACTED]

systemctl status [redacted] 

This can be found when we look into details of the [REDACTED] service.

The malware prints a taunting message. When is the message shown? Choose from the options below.
1. Randomly
2. After a set interval
3. On process termination
4. None of the above

[REDACTED]

PreviousDay 17 NextDay 19

Last updated 2 years ago