View processes:

ps -aux

List of load modules:

lsmod

List of open files:

lsof

List of open files, using the network:

lsof -nPi | cut -f 1 -d " "| uniq | tail -n +2

List of open files on specific process:

lsof -c <SERVICE NAME>

Get all open files of a specific process ID:

lsof -p <PID>

List of unlinked processes running:

lsof +Ll

Get path of suspicious process PID:

ls -al /proc/<PID>/exe

Save file for further malware binary analysis:

cp /proc/<PID>/exe >/<SUSPICIOUS FILE NAME TO SAVE>,elf

Monitor logs in real-time:

less +F /var/log/messages