This file `/dev/shm/ShM.c5fa4b64H8dd08c52` seems to be created by apache2 according to my audit log. It goes away when apache2 is stopped. It originally showed up in a rkhunter scan. I can't find any information about it online except for similar reports. Is this likely a legitimate file created by apache or possibly malware of some kind?
Thanks, Dan
