Source: unknown | TCP traffic detected without corresponding DNS query: 147.78.12.176 |
Source: unknown | TCP traffic detected without corresponding DNS query: 147.78.12.176 |
Source: unknown | TCP traffic detected without corresponding DNS query: 147.78.12.176 |
Source: unknown | TCP traffic detected without corresponding DNS query: 147.78.12.176 |
Source: unknown | TCP traffic detected without corresponding DNS query: 147.78.12.176 |
Source: unknown | TCP traffic detected without corresponding DNS query: 147.78.12.176 |
Source: unknown | TCP traffic detected without corresponding DNS query: 147.78.12.176 |
Source: unknown | TCP traffic detected without corresponding DNS query: 147.78.12.176 |
Source: unknown | TCP traffic detected without corresponding DNS query: 147.78.12.176 |
Source: unknown | TCP traffic detected without corresponding DNS query: 147.78.12.176 |
Source: unknown | TCP traffic detected without corresponding DNS query: 147.78.12.176 |
Source: unknown | TCP traffic detected without corresponding DNS query: 147.78.12.176 |
Source: unknown | TCP traffic detected without corresponding DNS query: 147.78.12.176 |
Source: unknown | TCP traffic detected without corresponding DNS query: 147.78.12.176 |
Source: unknown | TCP traffic detected without corresponding DNS query: 147.78.12.176 |
Source: unknown | TCP traffic detected without corresponding DNS query: 147.78.12.176 |
Source: unknown | TCP traffic detected without corresponding DNS query: 147.78.12.176 |
Source: unknown | TCP traffic detected without corresponding DNS query: 147.78.12.176 |
Source: unknown | TCP traffic detected without corresponding DNS query: 147.78.12.176 |
Source: unknown | TCP traffic detected without corresponding DNS query: 147.78.12.176 |
Source: unknown | TCP traffic detected without corresponding DNS query: 147.78.12.176 |
Source: unknown | TCP traffic detected without corresponding DNS query: 147.78.12.176 |
Source: unknown | TCP traffic detected without corresponding DNS query: 147.78.12.176 |
Source: unknown | TCP traffic detected without corresponding DNS query: 147.78.12.176 |
Source: unknown | TCP traffic detected without corresponding DNS query: 147.78.12.176 |
Source: unknown | TCP traffic detected without corresponding DNS query: 147.78.12.176 |
Source: unknown | TCP traffic detected without corresponding DNS query: 147.78.12.176 |
Source: unknown | TCP traffic detected without corresponding DNS query: 147.78.12.176 |
Source: unknown | TCP traffic detected without corresponding DNS query: 147.78.12.176 |
Source: unknown | TCP traffic detected without corresponding DNS query: 147.78.12.176 |
Source: unknown | TCP traffic detected without corresponding DNS query: 147.78.12.176 |
Source: unknown | TCP traffic detected without corresponding DNS query: 147.78.12.176 |
Source: unknown | TCP traffic detected without corresponding DNS query: 147.78.12.176 |
Source: unknown | TCP traffic detected without corresponding DNS query: 147.78.12.176 |
Source: unknown | TCP traffic detected without corresponding DNS query: 147.78.12.176 |
Source: unknown | TCP traffic detected without corresponding DNS query: 147.78.12.176 |
Source: unknown | TCP traffic detected without corresponding DNS query: 147.78.12.176 |
Source: unknown | TCP traffic detected without corresponding DNS query: 147.78.12.176 |
Source: unknown | TCP traffic detected without corresponding DNS query: 147.78.12.176 |
Source: unknown | TCP traffic detected without corresponding DNS query: 147.78.12.176 |
Source: unknown | TCP traffic detected without corresponding DNS query: 147.78.12.176 |
Source: unknown | TCP traffic detected without corresponding DNS query: 147.78.12.176 |
Source: unknown | TCP traffic detected without corresponding DNS query: 147.78.12.176 |
Source: unknown | TCP traffic detected without corresponding DNS query: 147.78.12.176 |
Source: unknown | TCP traffic detected without corresponding DNS query: 147.78.12.176 |
Source: unknown | TCP traffic detected without corresponding DNS query: 147.78.12.176 |
Source: unknown | TCP traffic detected without corresponding DNS query: 147.78.12.176 |
Source: unknown | TCP traffic detected without corresponding DNS query: 147.78.12.176 |
Source: unknown | TCP traffic detected without corresponding DNS query: 147.78.12.176 |
Source: unknown | TCP traffic detected without corresponding DNS query: 147.78.12.176 |
Source: /usr/bin/ln (PID: 5586) | File: /etc/rcS.d/S99dnsconfig -> /etc/init.d/dnsconfig | Jump to behavior |
Source: /usr/bin/ln (PID: 5613) | File: /etc/rc.d/S99dnsconfig -> /etc/init.d/dnsconfig | Jump to behavior |
Source: /usr/bin/ln (PID: 5619) | File: /etc/rc0.d/S99dnsconfig -> /etc/init.d/dnsconfig | Jump to behavior |
Source: /usr/bin/ln (PID: 5633) | File: /etc/rc1.d/S99dnsconfig -> /etc/init.d/dnsconfig | Jump to behavior |
Source: /usr/bin/ln (PID: 5641) | File: /etc/rc2.d/S99dnsconfig -> /etc/init.d/dnsconfig | Jump to behavior |
Source: /usr/bin/ln (PID: 5645) | File: /etc/rc3.d/S99dnsconfig -> /etc/init.d/dnsconfig | Jump to behavior |
Source: /usr/bin/ln (PID: 5648) | File: /etc/rc4.d/S99dnsconfig -> /etc/init.d/dnsconfig | Jump to behavior |
Source: /usr/bin/ln (PID: 5651) | File: /etc/rc5.d/S99dnsconfig -> /etc/init.d/dnsconfig | Jump to behavior |
Source: /usr/bin/ln (PID: 5654) | File: /etc/rc6.d/S99dnsconfig -> /etc/init.d/dnsconfig | Jump to behavior |
Source: /usr/bin/ln (PID: 5659) | File: /etc/rc.d/S99dnsconfigs -> /etc/rc.d/init.d/dnsconfigs | Jump to behavior |
Source: /usr/bin/ln (PID: 5667) | File: /etc/rc0.d/S99dnsconfigs -> /etc/rc.d/init.d/dnsconfigs | Jump to behavior |
Source: /usr/bin/ln (PID: 5690) | File: /etc/rc1.d/S99dnsconfigs -> /etc/rc.d/init.d/dnsconfigs | Jump to behavior |
Source: /usr/bin/ln (PID: 5693) | File: /etc/rc2.d/S99dnsconfigs -> /etc/rc.d/init.d/dnsconfigs | Jump to behavior |
Source: /usr/bin/ln (PID: 5696) | File: /etc/rc3.d/S99dnsconfigs -> /etc/rc.d/init.d/dnsconfigs | Jump to behavior |
Source: /usr/bin/ln (PID: 5699) | File: /etc/rc4.d/S99dnsconfigs -> /etc/rc.d/init.d/dnsconfigs | Jump to behavior |
Source: /usr/bin/ln (PID: 5702) | File: /etc/rc5.d/S99dnsconfigs -> /etc/rc.d/init.d/dnsconfigs | Jump to behavior |
Source: /usr/bin/ln (PID: 5705) | File: /etc/rc6.d/S99dnsconfigs -> /etc/rc.d/init.d/dnsconfigs | Jump to behavior |
Source: /tmp/SecuriteInfo.com.Other.Malware-gen.28386.14039.elf (PID: 5531) | Shell command executed: sh -c "mount -o bind /tmp/nginx_server /proc/5527/ > /dev/null 2>&1" | Jump to behavior |
Source: /tmp/SecuriteInfo.com.Other.Malware-gen.28386.14039.elf (PID: 5563) | Shell command executed: sh -c "ln -sf /etc/init.d/dnsconfig /etc/rcS.d/S99dnsconfig > /dev/null 2>&1" | Jump to behavior |
Source: /tmp/SecuriteInfo.com.Other.Malware-gen.28386.14039.elf (PID: 5589) | Shell command executed: sh -c "ln -sf /etc/init.d/dnsconfig /etc/rc.d/S99dnsconfig > /dev/null 2>&1" | Jump to behavior |
Source: /tmp/SecuriteInfo.com.Other.Malware-gen.28386.14039.elf (PID: 5617) | Shell command executed: sh -c "ln -sf /etc/init.d/dnsconfig /etc/rc0.d/S99dnsconfig > /dev/null 2>&1" | Jump to behavior |
Source: /tmp/SecuriteInfo.com.Other.Malware-gen.28386.14039.elf (PID: 5620) | Shell command executed: sh -c "ln -sf /etc/init.d/dnsconfig /etc/rc1.d/S99dnsconfig > /dev/null 2>&1" | Jump to behavior |
Source: /tmp/SecuriteInfo.com.Other.Malware-gen.28386.14039.elf (PID: 5636) | Shell command executed: sh -c "ln -sf /etc/init.d/dnsconfig /etc/rc2.d/S99dnsconfig > /dev/null 2>&1" | Jump to behavior |
Source: /tmp/SecuriteInfo.com.Other.Malware-gen.28386.14039.elf (PID: 5642) | Shell command executed: sh -c "ln -sf /etc/init.d/dnsconfig /etc/rc3.d/S99dnsconfig > /dev/null 2>&1" | Jump to behavior |
Source: /tmp/SecuriteInfo.com.Other.Malware-gen.28386.14039.elf (PID: 5646) | Shell command executed: sh -c "ln -sf /etc/init.d/dnsconfig /etc/rc4.d/S99dnsconfig > /dev/null 2>&1" | Jump to behavior |
Source: /tmp/SecuriteInfo.com.Other.Malware-gen.28386.14039.elf (PID: 5649) | Shell command executed: sh -c "ln -sf /etc/init.d/dnsconfig /etc/rc5.d/S99dnsconfig > /dev/null 2>&1" | Jump to behavior |
Source: /tmp/SecuriteInfo.com.Other.Malware-gen.28386.14039.elf (PID: 5652) | Shell command executed: sh -c "ln -sf /etc/init.d/dnsconfig /etc/rc6.d/S99dnsconfig > /dev/null 2>&1" | Jump to behavior |
Source: /tmp/SecuriteInfo.com.Other.Malware-gen.28386.14039.elf (PID: 5655) | Shell command executed: sh -c "ln -sf /etc/rc.d/init.d/dnsconfigs /etc/rc.d/S99dnsconfigs > /dev/null 2>&1" | Jump to behavior |
Source: /tmp/SecuriteInfo.com.Other.Malware-gen.28386.14039.elf (PID: 5664) | Shell command executed: sh -c "ln -sf /etc/rc.d/init.d/dnsconfigs /etc/rc0.d/S99dnsconfigs > /dev/null 2>&1" | Jump to behavior |
Source: /tmp/SecuriteInfo.com.Other.Malware-gen.28386.14039.elf (PID: 5688) | Shell command executed: sh -c "ln -sf /etc/rc.d/init.d/dnsconfigs /etc/rc1.d/S99dnsconfigs > /dev/null 2>&1" | Jump to behavior |
Source: /tmp/SecuriteInfo.com.Other.Malware-gen.28386.14039.elf (PID: 5691) | Shell command executed: sh -c "ln -sf /etc/rc.d/init.d/dnsconfigs /etc/rc2.d/S99dnsconfigs > /dev/null 2>&1" | Jump to behavior |
Source: /tmp/SecuriteInfo.com.Other.Malware-gen.28386.14039.elf (PID: 5694) | Shell command executed: sh -c "ln -sf /etc/rc.d/init.d/dnsconfigs /etc/rc3.d/S99dnsconfigs > /dev/null 2>&1" | Jump to behavior |
Source: /tmp/SecuriteInfo.com.Other.Malware-gen.28386.14039.elf (PID: 5697) | Shell command executed: sh -c "ln -sf /etc/rc.d/init.d/dnsconfigs /etc/rc4.d/S99dnsconfigs > /dev/null 2>&1" | Jump to behavior |
Source: /tmp/SecuriteInfo.com.Other.Malware-gen.28386.14039.elf (PID: 5700) | Shell command executed: sh -c "ln -sf /etc/rc.d/init.d/dnsconfigs /etc/rc5.d/S99dnsconfigs > /dev/null 2>&1" | Jump to behavior |
Source: /tmp/SecuriteInfo.com.Other.Malware-gen.28386.14039.elf (PID: 5703) | Shell command executed: sh -c "ln -sf /etc/rc.d/init.d/dnsconfigs /etc/rc6.d/S99dnsconfigs > /dev/null 2>&1" | Jump to behavior |
Source: /tmp/SecuriteInfo.com.Other.Malware-gen.28386.14039.elf (PID: 5560) | Shell command executed: sh -c "crontab /var/tmp/.recoverys" | Jump to behavior |
Source: /tmp/SecuriteInfo.com.Other.Malware-gen.28386.14039.elf (PID: 5611) | Shell command executed: sh -c "systemctl daemon-reload > /dev/null 2>&1" | Jump to behavior |
Source: /tmp/SecuriteInfo.com.Other.Malware-gen.28386.14039.elf (PID: 5639) | Shell command executed: sh -c "systemctl enable dnsconfigs.service > /dev/null 2>&1" | Jump to behavior |
Source: /tmp/SecuriteInfo.com.Other.Malware-gen.28386.14039.elf (PID: 5661) | Shell command executed: sh -c "systemctl start dnsconfigs.service > /dev/null 2>&1" | Jump to behavior |
Source: /tmp/SecuriteInfo.com.Other.Malware-gen.28386.14039.elf (PID: 5562) | Shell command executed: sh -c "mount -o bind /tmp/nginx_server /proc/5558/ > /dev/null 2>&1" | Jump to behavior |
Source: nginx_kel.16.dr | Binary or memory string: qemu_dcache_linesize_log |
Source: nginx_kel.16.dr | Binary or memory string: qemu_opts_set_defaults |
Source: nginx_kel.16.dr | Binary or memory string: _TRACE_QEMU_MEMALIGN_DSTATE |
Source: nginx_kel.16.dr | Binary or memory string: /build/qemu-rbeYHu/qemu-4.2/include/hw/core/cpu.hError: Bad gdb register numbering for '%s', expected %d got %d%d@%zu.%06zu:gdbstub_op_exiting notifying exit with code=0x%02x |
Source: nginx_kel.16.dr | Binary or memory string: qemu_thread_naming |
Source: nginx_kel.16.dr | Binary or memory string: qemu_opt_foreach |
Source: nginx_kel.16.dr | Binary or memory string: qemu_getauxval |
Source: nginx_kel.16.dr | Binary or memory string: qemu_opt_get_size_del |
Source: nginx_kel.16.dr | Binary or memory string: qemu_free_stack |
Source: nginx_kel.16.dr | Binary or memory string: qemu_free_irqs |
Source: nginx_kel.16.dr | Binary or memory string: qemu_devices_reset |
Source: nginx_kel.16.dr | Binary or memory string: qemu_file_monitor_dispatch |
Source: nginx_kel.16.dr | Binary or memory string: qemu_sem_timedwait |
Source: nginx_kel.16.dr | Binary or memory string: qemu_set_option |
Source: nginx_kel.16.dr | Binary or memory string: qemu_trace_opts |
Source: nginx_kel.16.dr | Binary or memory string: qemu_dup |
Source: nginx_kel.16.dr | Binary or memory string: _TRACE_QEMU_FILE_MONITOR_REMOVE_WATCH_DSTATE |
Source: nginx_kel.16.dr | Binary or memory string: get_prop_pcielinkwidthset_prop_pcielinkwidthget_prop_pcielinkspeedset_prop_pcielinkspeedcreate_link_propertyget_sizeset_sizeqdev_prop_check_globalsqdev_prop_set_ptrqdev_prop_finderror_set_from_qdev_prop_errorset_prop_arraylenset_prop_arraylenget_uuidset_uuidget_pci_host_devaddrget_pci_host_devaddrset_pci_host_devaddrset_blocksizeset_pci_devfnget_enumset_enumget_macset_macget_stringset_stringrelease_stringget_int64set_int64get_uint64set_uint64get_int32set_int32get_uint32set_uint32get_uint16set_uint16get_uint8set_uint8get_boolset_boolprop_get_bit64qdev_get_prop_mask64prop_set_bit64prop_get_bitqdev_get_prop_maskprop_set_bitqdev_prop_allow_set_link_before_realizeqdev_prop_set_after_realize/build/qemu-rbeYHu/qemu-4.2/hw/core/bus.c%s.%dbus == sysbus_get_default()hotplug-handlerbus->parentbus_get_realizedbus_set_realizedqbus_initfnqbus_finalizebus_unparentbus_unparentbus_class_initqbus_createqbus_realizeqbus_realize/build/qemu-rbeYHu/qemu-4.2/hw/core/irq.cqemu_allocate_irq/build/qemu-rbeYHu/qemu-4.2/hw/core/hotplug.chotplug_handler_unplughotplug_handler_unplug_requesthotplug_handler_plughotplug_handler_pre_plug/build/qemu-rbeYHu/qemu-4.2/hw/core/cpu.cObtaining memory mappings is unsupported on this CPU.Expected key=value format, found %s.%d@%zu.%06zu:guest_cpu_reset cpu=%p |
Source: nginx_kel.16.dr | Binary or memory string: /build/qemu-rbeYHu/qemu-4.2/tcg/tcg-op-gvec.coprsz % 8 == 0 && oprsz <= (8 << SIMD_OPRSZ_BITS)maxsz % 8 == 0 && maxsz <= (8 << SIMD_MAXSZ_BITS)data == sextract32(data, 0, SIMD_DATA_BITS)vece <= (in_32 ? MO_32 : MO_64)in_32 == NULL || in_64 == NULLg->fno != NULLfn != NULLtcg_gen_gvec_cmptcg_gen_gvec_cmp |
Source: nginx_kel.16.dr | Binary or memory string: qemu_guest_getrandom |
Source: nginx_kel.16.dr | Binary or memory string: qemu_config_write |
Source: nginx_kel.16.dr | Binary or memory string: usage: qemu-mipsel [options] program [arguments...] |
Source: nginx_kel.16.dr | Binary or memory string: /usr/lib/x86_64-linux-gnu/qemu |
Source: nginx_kel.16.dr | Binary or memory string: /build/qemu-rbeYHu/qemu-4.2/util/qemu-thread-posix.c |
Source: nginx_kel.16.dr | Binary or memory string: qemu_rec_mutex_lock_func |
Source: nginx_kel.16.dr | Binary or memory string: /build/qemu-rbeYHu/qemu-4.2/target/mips/gdbstub.c |
Source: nginx_kel.16.dr | Binary or memory string: /build/qemu-rbeYHu/qemu-4.2/qobject/qjson.c |
Source: nginx_kel.16.dr | Binary or memory string: qemu_opts_free |
Source: SecuriteInfo.com.Other.Malware-gen.28386.14039.elf, 5527.1.00005572fb41f000.00005572fb4a6000.rw-.sdmp, SecuriteInfo.com.Other.Malware-gen.28386.14039.elf, 5542.1.00005572fb41f000.00005572fb4a6000.rw-.sdmp, SecuriteInfo.com.Other.Malware-gen.28386.14039.elf, 5556.1.00005572fb41f000.00005572fb4a6000.rw-.sdmp, SecuriteInfo.com.Other.Malware-gen.28386.14039.elf, 5604.1.00005572fb41f000.00005572fb4a6000.rw-.sdmp, systemd, 5755.1.0000557e04df3000.0000557e04e35000.rw-.sdmp, nginx_kel, 5755.1.0000557e04df3000.0000557e04e35000.rw-.sdmp, systemd, 5799.1.0000564a7bfd5000.0000564a7c017000.rw-.sdmp, nginx_kel, 5799.1.0000564a7bfd5000.0000564a7c017000.rw-.sdmp, nginx_kel.16.dr | Binary or memory string: /etc/qemu-binfmt/mipsel |
Source: nginx_kel.16.dr | Binary or memory string: qemu_ld_i32 |
Source: nginx_kel.16.dr | Binary or memory string: _TRACE_QEMU_CO_MUTEX_UNLOCK_RETURN_DSTATE |
Source: SecuriteInfo.com.Other.Malware-gen.28386.14039.elf, 5527.1.00007ffd1f259000.00007ffd1f27a000.rw-.sdmp, SecuriteInfo.com.Other.Malware-gen.28386.14039.elf, 5542.1.00007ffd1f259000.00007ffd1f27a000.rw-.sdmp, SecuriteInfo.com.Other.Malware-gen.28386.14039.elf, 5556.1.00007ffd1f259000.00007ffd1f27a000.rw-.sdmp, SecuriteInfo.com.Other.Malware-gen.28386.14039.elf, 5604.1.00007ffd1f259000.00007ffd1f27a000.rw-.sdmp | Binary or memory string: x86_64/usr/bin/qemu-mipsel/tmp/SecuriteInfo.com.Other.Malware-gen.28386.14039.elfSUDO_USER=saturninoPATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/binDISPLAY=:1.0XAUTHORITY=/run/user/1000/gdm/XauthoritySUDO_UID=1000TERM=xterm-256colorCOLORTERM=truecolorLOGNAME=rootUSER=rootLANG=en_US.UTF-8SUDO_COMMAND=/bin/bashHOME=/rootMAIL=/var/mail/rootSUDO_GID=1000SHELL=/bin/bash/tmp/SecuriteInfo.com.Other.Malware-gen.28386.14039.elf |
Source: nginx_kel.16.dr | Binary or memory string: qemu_glog_domains == NULL |
Source: nginx_kel.16.dr | Binary or memory string: opt->desc && opt->desc->type == QEMU_OPT_BOOL |
Source: nginx_kel.16.dr | Binary or memory string: *errp == NULL%s: %sCould not open '%s'errp && *errperror_free_or_aborterror_append_hinterror_setv%s:%d:warning: info: !loc->prevcur_loc == loc && loc->prevprintedqemu_glog_domains == NULLG_MESSAGES_DEBUG/build/qemu-rbeYHu/qemu-4.2/util/qemu-error.cfname || cur_loc->kind == LOC_FILEerror_initwarn_report_once_conderror_report_once_condloc_set_fileloc_restoreloc_poploc_push_restoreThere is no option group '%s' %s = "%s" |
Source: nginx_kel.16.dr | Binary or memory string: qemu_try_memalign |
Source: nginx_kel.16.dr | Binary or memory string: /build/qemu-rbeYHu/qemu-4.2/tcg/optimize.c |
Source: nginx_kel.16.dr | Binary or memory string: /build/qemu-rbeYHu/qemu-4.2/linux-user/signal.c%d@%zu.%06zu:user_queue_signal env=%p signal %d |
Source: nginx_kel.16.dr | Binary or memory string: complete tracesqemu_set_dfilter_rangesqemu_set_log_filenameqemu_set_lognew->n_buckets != old->n_buckets/build/qemu-rbeYHu/qemu-4.2/util/qht.cqht_do_resize_resetqht_init |
Source: nginx_kel.16.dr | Binary or memory string: _TRACE_QEMU_MUTEX_LOCK_EVENT |
Source: nginx_kel.16.dr | Binary or memory string: qemu_cond_timedwait_impl |
Source: nginx_kel.16.dr | Binary or memory string: qemu_opts_from_qdict |
Source: nginx_kel.16.dr | Binary or memory string: /build/qemu-rbeYHu/qemu-4.2/accel/tcg/cpu-exec.cTrace %d: %p [%08x/%08x/%#x] %s |
Source: nginx_kel.16.dr | Binary or memory string: qemu: %s: %s |
Source: nginx_kel.16.dr | Binary or memory string: qemu_file_monitor_enable_watch |
Source: nginx_kel.16.dr | Binary or memory string: qemu_allocate_irqs |
Source: nginx_kel.16.dr | Binary or memory string: qemu_set_tty_echo |
Source: nginx_kel.16.dr | Binary or memory string: _TRACE_QEMU_ANON_RAM_FREE_DSTATE |
Source: nginx_kel.16.dr | Binary or memory string: qemu_vfprintf |
Source: nginx_kel.16.dr | Binary or memory string: qemu_print_log_usage |
Source: nginx_kel.16.dr | Binary or memory string: qemu_pipe |
Source: nginx_kel.16.dr | Binary or memory string: /build/qemu-rbeYHu/qemu-4.2/fpu/softfloat-specialize.inc.c |
Source: nginx_kel.16.dr | Binary or memory string: qemu_str_to_log_mask |
Source: nginx_kel.16.dr | Binary or memory string: qemu_opt_get_size |
Source: nginx_kel.16.dr | Binary or memory string: _TRACE_QEMU_FILE_MONITOR_DISPATCH_DSTATE |
Source: nginx_kel.16.dr | Binary or memory string: _TRACE_QEMU_MUTEX_LOCK_DSTATE |
Source: nginx_kel.16.dr | Binary or memory string: /build/qemu-rbeYHu/qemu-4.2/util/qht.c |
Source: nginx_kel.16.dr | Binary or memory string: /build/qemu-rbeYHu/qemu-4.2/util/mmap-alloc.c |
Source: SecuriteInfo.com.Other.Malware-gen.28386.14039.elf, 5527.1.00007ffd1f259000.00007ffd1f27a000.rw-.sdmp, SecuriteInfo.com.Other.Malware-gen.28386.14039.elf, 5542.1.00007ffd1f259000.00007ffd1f27a000.rw-.sdmp, SecuriteInfo.com.Other.Malware-gen.28386.14039.elf, 5556.1.00007ffd1f259000.00007ffd1f27a000.rw-.sdmp, SecuriteInfo.com.Other.Malware-gen.28386.14039.elf, 5604.1.00007ffd1f259000.00007ffd1f27a000.rw-.sdmp | Binary or memory string: /usr/bin/qemu-mipsel |
Source: nginx_kel.16.dr | Binary or memory string: qemu_sem_destroy |
Source: nginx_kel.16.dr | Binary or memory string: qemu.sstep |
Source: nginx_kel.16.dr | Binary or memory string: _TRACE_QEMU_MUTEX_LOCKED_EVENT |
Source: nginx_kel.16.dr | Binary or memory string: _TRACE_QEMU_CO_MUTEX_UNLOCK_RETURN_EVENT |
Source: nginx_kel.16.dr | Binary or memory string: qemu_init_exec_dir |
Source: nginx_kel.16.dr | Binary or memory string: _TRACE_QEMU_VFIO_FIND_MAPPING_DSTATE |
Source: nginx_kel.16.dr | Binary or memory string: QEMU_AES_set_encrypt_key |
Source: nginx_kel.16.dr | Binary or memory string: qemu_strnlen |
Source: nginx_kel.16.dr | Binary or memory string: in_asmop_optop_indfpulog MMU-related activitiespcallunimpguest_errorspagenochainInvalid number to the left of %.*s/build/qemu-rbeYHu/qemu-4.2/util/log.cInvalid number to the right of %.*sshow generated host assembly code for each compiled TBtrace:PATTERN enable trace events |
Source: nginx_kel.16.dr | Binary or memory string: !err != !*obj!(err && *list)uint8_tuint16_tuint32_tobj && lookupInvalid parameter '%s'/build/qemu-rbeYHu/qemu-4.2/qapi/qapi-visit-core.cv->type != VISITOR_OUTPUT || v->complete%d@%zu.%06zu:visit_complete v=%p opaque=%p |
Source: nginx_kel.16.dr | Binary or memory string: qemu_config_parse_qdict |
Source: nginx_kel.16.dr | Binary or memory string: %d@%zu.%06zu:qemu_mutex_lock waiting on mutex %p (%s:%d) |
Source: nginx_kel.16.dr | Binary or memory string: Unknown QEMU_IFLA_BR type %d |
Source: nginx_kel.16.dr | Binary or memory string: qemu_opts_del |
Source: nginx_kel.16.dr | Binary or memory string: qemu_opt_get_number_helper |
Source: nginx_kel.16.dr | Binary or memory string: MbP?/build/qemu-rbeYHu/qemu-4.2/util/range.c |
Source: nginx_kel.16.dr | Binary or memory string: qemu_opt_unset |
Source: nginx_kel.16.dr | Binary or memory string: qemu_guest_random_seed_main |
Source: nginx_kel.16.dr | Binary or memory string: qemu_opts_to_qdict_filtered |
Source: nginx_kel.16.dr | Binary or memory string: cpu_common_initfncpu_common_parse_featurescpu_common_parse_featurescpu_common_resetcpu_common_get_memory_mappingcpu_common_realizefncpu_class_initcpu_class_by_namecpu_class_by_namecpu_resetcpu_dump_statisticscpu_dump_statecpu_get_crash_infocpu_write_elf64_notecpu_write_elf64_qemunotecpu_write_elf32_notecpu_write_elf32_qemunotecpu_get_memory_mappingcpu_paging_enabledcpu_by_arch_idinfo->name != NULL!enumerating_typeschild<tm_yeartm_montm_mdaytm_hourtm_mintm_sectype->parent_type != NULLtarget_type!obj || obj->base.refcnt%s::%sti->instance_size == 0ti->abstract!ti->instance_init!ti->instance_post_init!ti->instance_finalize!ti->num_interfacestype->abstract == falsesize >= type->instance_sizeinfo->parent!object_compat_props[1]!object_compat_props[0]missing object type '%s'(null)obj->ref > 0obj->ref == 0Property '.%s' not foundbooleanuintcan't apply global %s.%s=%s: container/objectschild<%s>user-creatableinvalid object type: %sobject type '%s' is abstractlink<%s>partsDevice '%s' not foundstruct tmlink%s/build/qemu-rbeYHu/qemu-4.2/qom/object.cRegistering `%s' which already exists |
Source: nginx_kel.16.dr | Binary or memory string: See <https://qemu.org/contribute/report-a-bug> for how to report bugs. |
Source: nginx_kel.16.dr | Binary or memory string: /build/qemu-rbeYHu/qemu-4.2/qom/object_interfaces.c |
Source: nginx_kel.16.dr | Binary or memory string: qemu_real_host_page_mask |
Source: nginx_kel.16.dr | Binary or memory string: qemu_fprintf |
Source: nginx_kel.16.dr | Binary or memory string: Unknown QEMU_IFLA_TUN type %d |
Source: nginx_kel.16.dr | Binary or memory string: qemu_uuid_is_null |
Source: nginx_kel.16.dr | Binary or memory string: qemu_ram_munmap |
Source: nginx_kel.16.dr | Binary or memory string: os_mem_prealloc: failed to install signal handleros_mem_prealloc: Insufficient free host memory pages available to allocate guest RAMos_mem_prealloc: failed to reinstall signal handlerfailed to allocate memory for stackfailed to set up stack guard pageCannot open pid fileCannot stat fileCannot lock pid fileFailed to truncate pid fileFailed to write pid filef != -1/var%s/%s!exec_dir[0]/proc/self/exetouch_pages/proc/%d/cmdlinecannot block signalscannot fork child processcannot unblock signalsqemu_forkos_mem_preallocqemu_init_exec_dirqemu_set_cloexecsocket_set_fast_reuseqemu_set_nonblockqemu_set_blockqemu_write_pidfileqemu: %s: %s |
Source: nginx_kel.16.dr | Binary or memory string: qemu: missing argument for option '%s' |
Source: nginx_kel.16.dr | Binary or memory string: qemu_add_opts |
Source: nginx_kel.16.dr | Binary or memory string: %d@%zu.%06zu:qemu_anon_ram_alloc size %zu ptr %p |
Source: nginx_kel.16.dr | Binary or memory string: do_raise_exception_errmips_cpu_exec_interruptmips_cpu_tlb_fill/build/qemu-rbeYHu/qemu-4.2/target/mips/cpu.c/build/qemu-rbeYHu/qemu-4.2/target/mips/internal.h%s-mips-cpumips_cpu_cpudef_class_initmips_cpu_initfnmips_cpu_realizefnmips_cpu_resetmips_vp_activemips_cpu_has_workmips_cpu_set_pcmips_cpu_synchronize_from_tbmips_cpu_disas_set_infomips_cpu_class_init/build/qemu-rbeYHu/qemu-4.2/target/mips/gdbstub.c |
Source: nginx_kel.16.dr | Binary or memory string: qemu_coroutine_yield |
Source: nginx_kel.16.dr | Binary or memory string: /build/qemu-rbeYHu/qemu-4.2/linux-user/elfload.c |
Source: nginx_kel.16.dr | Binary or memory string: _TRACE_QEMU_ANON_RAM_ALLOC_DSTATE |
Source: nginx_kel.16.dr | Binary or memory string: driveinvalid option name: %s%63[^.].%63[^.].%63[^=]%ncan't parse: "%s"there is no %s "%s" defined# qemu config file |
Source: nginx_kel.16.dr | Binary or memory string: qemu_vfio_ram_block_added |
Source: nginx_kel.16.dr | Binary or memory string: qemu_open |
Source: nginx_kel.16.dr | Binary or memory string: QEMU_DFILTER |
Source: nginx_kel.16.dr | Binary or memory string: opt->desc && opt->desc->type == QEMU_OPT_NUMBER |
Source: nginx_kel.16.dr | Binary or memory string: qemu_opt_has_help_opt |
Source: nginx_kel.16.dr | Binary or memory string: qemu_thread_joinqemu_thread_createqemu_event_waitqemu_event_resetqemu_event_setqemu_event_destroyqemu_sem_waitqemu_sem_waitqemu_sem_timedwaitqemu_sem_timedwaitqemu_sem_postqemu_sem_postqemu_sem_destroyqemu_sem_destroyqemu_sem_initqemu_cond_timedwait_implqemu_cond_timedwait_implqemu_cond_wait_implqemu_cond_wait_implqemu_cond_broadcastqemu_cond_broadcastqemu_cond_signalqemu_cond_signalqemu_cond_destroyqemu_cond_destroyqemu_cond_initqemu_rec_mutex_initqemu_mutex_unlock_implqemu_mutex_unlock_implqemu_mutex_trylock_implqemu_mutex_trylock_implqemu_mutex_lock_implqemu_mutex_lock_implqemu_mutex_destroyqemu_mutex_destroyqemu_mutex_init/build/qemu-rbeYHu/qemu-4.2/util/envlist.cenvlist != NULLenvlist_free/build/qemu-rbeYHu/qemu-4.2/util/path.cQEMU_MODULE_DIR%s/..Debian 1:4.2-3ubuntu6.17/var/run/qemu/%s.so%s/%s%sQTAILQ_EMPTY(&dso_init_list)Failed to open module: %s |
Source: nginx_kel.16.dr | Binary or memory string: [%63s "%63[^"]"][%63[^]]] %63s = "%1023[^"]" %63s = ""no group definedparse errorerror reading file%s.Unknown option '%s' for [%s]Unused option '%s' for [%s]%s.%uemulated machineaccelaccelerator listkernel_irqchipuse KVM in-kernel irqchipkvm_shadow_memKVM shadow MMU sizekernelLinux kernel image fileinitrdLinux initial ramdisk fileLinux kernel command lineLinux kernel device tree filedumpdtbphandle_startdt_compatibledump-guest-coremem-mergefirmwarefirmware imageiommusuppress-vmdescaes-key-wrapdea-key-wraploadparm/build/qemu-rbeYHu/qemu-4.2/util/qemu-config.cran out of space in drive_config_groupsran out of space in vm_config_groups[%s] section (index %u) does not consist of keys[%s] section doesn't support the option '%s'Dump current dtb to a file and quitThe first phandle ID we may generate dynamicallyOverrides the "compatible" property of the dt root nodeInclude guest memory in a core dumpenable/disable memory merge supportSet on/off to enable/disable usbSet on/off to enable/disable Intel IOMMU (VT-d)Set on to disable self-describing migrationenable/disable AES key wrapping using the CPACF wrapping keyenable/disable DEA key wrapping using the CPACF wrapping keyUp to 8 chars in set of [A-Za-z0-9. ](lower case chars converted to upper case) to pass to machine loader, boot manager, and guest kernelqobject_unref_implqobject_typeconfig_parse_qdict_sectionqmp_query_command_line_optionsqemu_find_opts_singletonfind_listValue '%s' is too large for parameter '%s'/build/qemu-rbeYHu/qemu-4.2/util/qemu-option.cValue '%s' is out of range for parameter '%s'a non-negative number below 2^64Optional suffix k, M, G, T, P or E means kilo-, mega-, giga-, tera-, peta- |
Source: nginx_kel.16.dr | Binary or memory string: qemu_cond_wait_func |
Source: nginx_kel.16.dr | Binary or memory string: qemu_opts_reset |
Source: nginx_kel.16.dr | Binary or memory string: qemu_vfree |
Source: nginx_kel.16.dr | Binary or memory string: _TRACE_QEMU_VFIO_RAM_BLOCK_ADDED_EVENT |
Source: nginx_kel.16.dr | Binary or memory string: /build/qemu-rbeYHu/qemu-4.2/qapi/string-output-visitor.c |
Source: nginx_kel.16.dr | Binary or memory string: _TRACE_QEMU_VFREE_EVENT |
Source: nginx_kel.16.dr | Binary or memory string: QEMU_RESERVED_VA |
Source: nginx_kel.16.dr | Binary or memory string: /build/qemu-rbeYHu/qemu-4.2/hw/core/cpu.c |
Source: nginx_kel.16.dr | Binary or memory string: -(addr | TARGET_PAGE_MASK) >= size/build/qemu-rbeYHu/qemu-4.2/accel/tcg/user-exec.cqemu:%s received signal outside vCPU context @ pc=0x%lx |
Source: nginx_kel.16.dr | Binary or memory string: qemu_cond_timedwait_func |
Source: nginx_kel.16.dr | Binary or memory string: qemu_mutex_lock_func |
Source: nginx_kel.16.dr | Binary or memory string: /build/qemu-rbeYHu/qemu-4.2/util/error.c |
Source: nginx_kel.16.dr | Binary or memory string: qemu_ld_i64 |
Source: nginx_kel.16.dr | Binary or memory string: handle_cpu_signalprobe_accessqemu-mipsel version 4.2.1 (Debian 1:4.2-3ubuntu6.17) |
Source: nginx_kel.16.dr | Binary or memory string: /build/qemu-rbeYHu/qemu-4.2/qobject/qbool.c |
Source: nginx_kel.16.dr | Binary or memory string: QEMU_SET_ENV=var1=val2,var2=val2 QEMU_UNSET_ENV=LD_PRELOAD,LD_DEBUG |
Source: nginx_kel.16.dr | Binary or memory string: qemu_add_drive_opts |
Source: nginx_kel.16.dr | Binary or memory string: Unknown QEMU_IFLA_BRPORT type %d |
Source: nginx_kel.16.dr | Binary or memory string: _TRACE_QEMU_VFIO_NEW_MAPPING_EVENT |
Source: nginx_kel.16.dr | Binary or memory string: qemu_%s_%s_%d.core |
Source: nginx_kel.16.dr | Binary or memory string: qemu.Supported |
Source: nginx_kel.16.dr | Binary or memory string: %d@%zu.%06zu:qemu_anon_ram_free ptr %p size %zu |
Source: nginx_kel.16.dr | Binary or memory string: cpu_write_elf32_qemunote |
Source: nginx_kel.16.dr | Binary or memory string: qemu.sstep: |
Source: nginx_kel.16.dr | Binary or memory string: %d@%zu.%06zu:qemu_mutex_locked taken mutex %p (%s:%d) |
Source: nginx_kel.16.dr | Binary or memory string: qemu_unlock_fd |
Source: nginx_kel.16.dr | Binary or memory string: qemu.sstep= |
Source: nginx_kel.16.dr | Binary or memory string: qemu_strtou64 |
Source: nginx_kel.16.dr | Binary or memory string: qemu_icache_linesize_log |
Source: nginx_kel.16.dr | Binary or memory string: _TRACE_QEMU_FILE_MONITOR_ENABLE_WATCH_EVENT |
Source: nginx_kel.16.dr | Binary or memory string: QEMU_UNSET_ENV environment variables to set and unset |
Source: nginx_kel.16.dr | Binary or memory string: qemu_opts_set |
Source: nginx_kel.16.dr | Binary or memory string: trace_event_name!((uintptr_t)addr & ~qemu_real_host_page_mask)/build/qemu-rbeYHu/qemu-4.2/util/osdep.c!(size & ~qemu_real_host_page_mask)Failed to open /dev/null for OFD lock probing: %s |
Source: nginx_kel.16.dr | Binary or memory string: qemu_get_cpu |
Source: nginx_kel.16.dr | Binary or memory string: MbP?/build/qemu-rbeYHu/qemu-4.2/util/range.c!range_is_empty(a) && !range_is_empty(b)!range_is_empty(data)new_l == listrange_comparerange_invariantrange_list_insertthread_rand == NULLInvalid seed number: %s/build/qemu-rbeYHu/qemu-4.2/util/guest-random.cqemu_guest_random_seed_mainqemu_guest_random_seed_thread_part2guest_user_syscall_retguest_user_syscallguest_mem_before_execguest_mem_before_transguest_cpu_resetguest_cpu_exitguest_cpu_enterqmp_job_dismissqmp_job_finalizeqmp_job_completeqmp_job_resumeqmp_job_pauseqmp_job_canceljob_completedjob_apply_verbjob_state_transitiongdbstub_err_checksum_invalidgdbstub_err_invalid_rlegdbstub_err_invalid_repeatgdbstub_err_overrungdbstub_err_garbagegdbstub_err_got_nackgdbstub_io_got_unexpectedgdbstub_io_got_ackgdbstub_io_commandgdbstub_io_binaryreplygdbstub_io_replygdbstub_hit_unknowngdbstub_hit_watchdoggdbstub_hit_io_errorgdbstub_hit_shutdowngdbstub_hit_pausedgdbstub_hit_breakgdbstub_hit_internal_errorgdbstub_hit_watchpointgdbstub_op_extra_infogdbstub_op_steppinggdbstub_op_continue_cpugdbstub_op_continuegdbstub_op_exitinggdbstub_op_startflatview_destroy_rcuflatview_destroyflatview_newmemory_region_ram_device_readmemory_region_subpage_writememory_region_subpage_readmemory_region_ops_writememory_region_ops_readmemory_notdirty_set_dirtymemory_notdirty_write_accessram_block_discard_rangefind_ram_offset_loopfind_ram_offsetdma_map_waitdma_blk_cbdma_completedma_aio_canceldma_blk_ioqemu_system_powerdown_requestqemu_system_shutdown_requestsystem_wakeup_requestrunstate_setload_filevm_state_notifyballoon_eventcpu_outcpu_ingdbstub_err_checksum_incorrectmemory_region_ram_device_writetranslate_blockexec_tb_exitexec_tb_nocacheexec_tbuser_s390x_restore_sigregsuser_queue_signaluser_host_signaluser_handle_signaluser_force_siguser_do_sigreturnuser_do_rt_sigreturnuser_setup_rt_frameuser_setup_framevisit_type_nullvisit_type_anyvisit_type_numbervisit_type_strvisit_type_boolvisit_type_sizevisit_type_int64visit_type_int32visit_type_int16visit_type_int8visit_type_uint64visit_type_uint32visit_type_uint16visit_type_uint8visit_type_intvisit_type_enumvisit_optionalvisit_end_alternatevisit_start_alternatevisit_end_listvisit_check_listvisit_next_listvisit_start_listvisit_end_structvisit_check_structvisit_start_structvisit_completevisit_freeobject_class_dynamic_cast_assertobject_dynamic_cast_assertqemu_vfio_dma_unmapqemu_vfio_dma_mapqemu_vfio_do_mappingqemu_vfio_new_mappingqemu_vfio_find_mappingqemu_vfio_ram_block_removedqe |