Linux Analysis Report
BEddZjSb7A.elf

Overview

General Information

Sample name:	BEddZjSb7A.elf renamed because original name is a hash value
Original sample name:	6561091eb21655b658bb87755a6b6ba3.elf
Analysis ID:	1447637
MD5:	6561091eb21655b658bb87755a6b6ba3
SHA1:	dba2db8310688d26e61dccceda3d66a62477c91d
SHA256:	7cc952caed80ee8b829eab1262be959ca587ea8f5051dfda7e5582b90b2accd8
Tags:	32armelfmirai
Infos:

Detection

Score:	60
Range:	0 - 100
Whitelisted:	false

Signatures

Antivirus / Scanner detection for submitted sample

Multi AV Scanner detection for submitted file

Sends malformed DNS queries

Detected TCP or UDP traffic on non-standard ports

Executes the "rm" command used to delete files or directories

Sample contains strings indicative of BusyBox which embeds multiple Unix commands in a single executable

Sample has stripped symbol table

Sample listens on a socket

Uses the "uname" system call to query kernel version information (possible evasion)

Classification

Signatures

AV Detection

Antivirus / Scanner detection for submitted sample

Source: BEddZjSb7A.elf

Avira: detected

Multi AV Scanner detection for submitted file

Source: BEddZjSb7A.elf	Virustotal: Detection: 29%			Perma Link
Source: BEddZjSb7A.elf	ReversingLabs: Detection: 28%

Networking

Sends malformed DNS queries

Source: global traffic	DNS traffic detected: malformed DNS query: openniggers.gopher. [malformed]
Source: global traffic	DNS traffic detected: malformed DNS query: elohel.pirate. [malformed]
Source: global traffic	DNS traffic detected: malformed DNS query: lickmyballz.indy. [malformed]
Source: global traffic	DNS traffic detected: malformed DNS query: y4sbesitztdiewelt.oss. [malformed]
Source: global traffic	DNS traffic detected: malformed DNS query: miakhalifa.libre. [malformed]
Source: global traffic	DNS traffic detected: malformed DNS query: pikeylikes.indy. [malformed]

Detected TCP or UDP traffic on non-standard ports

Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 93.207.150.241:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 67.65.59.219:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 89.45.188.78:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 40.16.84.175:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 116.145.1.94:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 64.54.7.17:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 64.14.31.100:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 24.86.26.84:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 37.69.81.186:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 57.205.103.223:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 210.126.41.208:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 142.3.118.90:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 126.205.158.32:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 167.91.81.200:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 128.37.219.245:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 145.124.56.53:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 54.202.183.224:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 191.178.237.242:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 184.189.209.45:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 185.124.209.96:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 47.233.16.34:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 184.8.183.134:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 166.55.238.41:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 120.106.2.243:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 2.152.78.43:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 179.210.119.168:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 40.52.226.56:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 128.180.254.66:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 196.106.153.30:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 69.14.106.249:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 74.209.103.159:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 8.230.32.35:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 136.144.4.221:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 107.101.102.211:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 102.148.30.74:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 27.149.241.14:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 122.45.86.189:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 211.82.227.151:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 104.108.226.179:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 80.39.69.126:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 70.141.131.239:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 156.91.32.212:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 171.242.227.132:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 84.112.63.8:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 74.72.22.91:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 65.185.54.19:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 201.15.227.59:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 169.135.243.253:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 170.187.142.86:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 82.180.0.197:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 24.14.167.77:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 88.10.133.93:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 189.195.177.20:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 52.214.95.171:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 221.177.108.109:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 160.92.227.8:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 176.246.124.219:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 189.122.89.0:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 63.22.107.33:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 103.19.99.235:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 145.142.18.78:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 193.154.212.37:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 196.147.136.47:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 66.206.137.176:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 152.223.88.48:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 185.242.162.202:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 137.141.113.54:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 106.101.60.4:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 210.197.175.53:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 135.35.191.148:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 88.206.249.205:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 209.9.137.250:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 182.56.180.40:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 17.112.246.153:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 196.101.27.36:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 191.52.231.46:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 53.16.79.246:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 43.108.214.85:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 34.118.208.32:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 183.172.85.173:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 150.239.205.12:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 125.8.161.57:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 79.17.106.146:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 195.44.34.233:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 129.27.15.217:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 154.31.248.208:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 200.170.225.32:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 217.31.39.81:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 187.231.7.88:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 34.55.51.77:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 13.242.118.162:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 99.255.165.252:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 186.21.220.170:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 99.210.131.1:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 181.128.86.66:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 19.27.19.241:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 117.223.112.237:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 108.57.91.54:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 49.131.86.129:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 78.240.212.17:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 25.142.77.113:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 84.213.230.215:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 76.13.197.152:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 89.137.0.77:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 34.224.66.246:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 106.212.240.66:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 25.60.201.238:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 160.87.202.190:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 123.131.95.224:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 209.234.135.158:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 57.116.183.164:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 216.190.228.176:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 44.106.183.104:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 98.96.192.237:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 207.149.17.10:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 165.88.97.201:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 31.17.136.75:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 129.0.18.107:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 164.22.209.215:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 220.173.38.3:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 107.120.103.206:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 90.44.153.142:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 118.230.206.238:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 187.50.219.29:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 178.205.182.250:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 98.30.70.191:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 184.136.85.82:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 31.20.155.1:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 147.245.57.92:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 120.93.57.241:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 198.234.80.211:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 176.217.135.56:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 186.217.135.170:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 118.18.109.16:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 158.207.191.233:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 54.50.52.75:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 186.238.27.47:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 1.63.197.7:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 67.240.244.47:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 47.168.160.157:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 39.51.198.17:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 220.20.54.235:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 111.14.55.101:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 77.29.173.35:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 58.62.238.48:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 165.243.243.5:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 175.250.214.53:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 61.145.239.158:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 109.99.252.140:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 126.57.146.67:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 25.255.44.181:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 190.205.76.76:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 216.193.223.26:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 71.5.75.25:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 41.124.241.96:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 173.128.153.77:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 209.11.20.133:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 18.46.33.230:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 53.203.38.12:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 66.179.163.195:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 193.107.153.7:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 123.188.0.76:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 54.12.208.242:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 198.194.171.102:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 104.158.34.133:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 102.223.102.137:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 58.90.152.35:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 116.3.118.88:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 141.75.139.161:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 59.153.117.202:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 222.172.197.103:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 189.178.15.195:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 183.244.4.136:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 36.113.143.88:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 14.14.22.13:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 196.74.190.76:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 82.173.228.34:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 8.75.62.162:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 182.151.178.112:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 78.239.80.229:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 112.148.192.30:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 186.82.149.143:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 157.128.25.70:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 51.86.36.24:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 59.68.84.119:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 23.223.9.241:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 106.127.120.97:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 118.201.115.212:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 43.44.119.213:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 98.240.81.46:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 77.205.19.0:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 170.92.140.154:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 148.103.183.90:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 137.93.213.8:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 13.131.91.128:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 2.60.88.91:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 171.196.43.229:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 174.243.223.11:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 220.24.81.184:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 78.39.246.156:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 131.221.16.67:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 161.239.162.65:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 196.194.201.220:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 175.142.109.154:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 165.116.158.53:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 170.147.201.189:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 163.1.9.64:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 38.178.184.106:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 166.237.220.181:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 116.149.215.187:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 73.139.247.242:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 27.24.222.8:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 210.67.78.3:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 222.137.63.138:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 89.181.242.133:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 144.87.196.53:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 53.146.37.202:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 156.75.70.213:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 114.121.9.110:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 142.125.68.109:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 142.34.60.127:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 212.3.243.100:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 46.41.204.178:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 91.129.38.137:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 134.127.110.79:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 95.55.157.65:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 168.244.96.200:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 218.249.2.232:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 97.50.13.65:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 150.87.113.96:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 47.224.8.43:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 86.242.140.87:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 71.219.182.53:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 23.148.94.145:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 202.125.37.42:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 144.110.100.252:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 43.125.176.27:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 181.157.82.74:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 123.142.118.114:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 167.235.156.249:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 153.5.249.110:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 88.150.157.128:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 54.58.115.187:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 74.244.82.119:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 41.206.88.182:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 17.163.89.65:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 151.110.110.175:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 12.170.112.161:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 25.193.11.249:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 198.202.4.168:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 97.205.138.18:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 31.198.178.56:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 156.115.148.21:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 161.173.108.104:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 93.100.185.63:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 156.189.33.2:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 85.202.127.158:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 23.255.11.178:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 166.9.236.223:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 141.95.140.217:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 108.124.97.5:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 86.219.63.239:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 176.199.71.232:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 67.81.160.221:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 223.202.225.41:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 4.4.55.98:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 49.113.230.59:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 155.179.246.57:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 90.59.253.234:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 191.134.68.187:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 144.155.238.235:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 75.89.207.246:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 165.137.32.149:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 216.186.18.111:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 221.176.181.87:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 213.19.253.173:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 185.229.19.248:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 193.70.142.158:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 128.180.87.1:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 12.247.92.113:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 148.10.161.116:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 111.65.27.59:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 166.148.216.81:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 170.233.208.30:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 203.126.237.57:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 173.90.91.197:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 198.22.144.65:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 50.230.200.174:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 180.145.58.117:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 68.74.217.211:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 212.37.167.5:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 194.133.166.115:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 34.187.69.91:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 35.7.64.23:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 2.12.20.179:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 92.102.55.234:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 24.172.63.132:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 143.143.18.34:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 65.179.39.176:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 112.205.245.212:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 119.164.63.76:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 177.2.98.109:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 155.174.86.224:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 20.83.88.141:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 17.246.33.120:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 44.100.199.132:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 83.207.175.170:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 100.9.57.83:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 128.88.33.115:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 176.165.15.176:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 4.62.80.100:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 83.237.14.111:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 77.143.186.237:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 17.64.93.177:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 57.104.109.249:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 74.236.40.22:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 181.229.28.201:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 187.11.35.3:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 161.241.165.183:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 109.123.93.54:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 61.47.99.209:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 86.166.190.1:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 154.128.171.17:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 146.129.10.121:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 12.90.136.169:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 88.149.225.201:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 50.221.98.105:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 146.139.27.139:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 104.184.141.135:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 221.247.40.152:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 156.35.38.71:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 170.87.63.11:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 123.65.249.28:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 115.1.145.226:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 194.78.220.195:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 152.126.201.119:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 83.115.185.243:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 82.176.121.151:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 145.181.253.251:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 191.233.22.221:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 109.217.157.145:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 68.73.194.154:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 199.116.13.214:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 53.231.209.22:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 157.178.147.40:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 129.254.90.241:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 205.189.12.50:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 83.49.198.41:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 35.156.18.51:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 54.34.228.119:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 159.112.206.58:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 74.214.132.83:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 197.139.182.78:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 91.204.24.186:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 129.18.159.198:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 79.46.172.126:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 1.34.89.192:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 207.33.165.2:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 101.86.75.146:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 124.192.154.3:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 166.160.59.33:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 47.32.61.225:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 170.119.92.13:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 35.2.102.225:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 149.253.169.130:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 20.101.217.226:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 197.119.190.219:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 162.43.213.102:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 169.225.98.117:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 208.234.27.75:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 31.236.104.219:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 183.241.75.67:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 155.183.142.44:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 212.139.211.89:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 168.22.8.112:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 148.248.112.113:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 97.23.130.189:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 222.159.209.254:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 179.68.23.154:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 90.93.254.44:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 93.207.178.5:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 159.57.72.32:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 60.210.105.162:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 160.181.3.16:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 100.48.150.197:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 46.14.156.223:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 155.218.229.24:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 42.94.199.11:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 17.20.135.218:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 180.44.24.174:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 211.174.240.153:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 194.237.112.223:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 219.27.183.56:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 144.50.220.160:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 204.177.93.8:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 175.145.252.104:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 107.112.196.203:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 185.5.153.40:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 174.197.101.32:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 220.62.62.33:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 45.65.194.144:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 61.16.204.88:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 62.141.217.171:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 175.169.98.7:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 219.57.242.143:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 48.145.139.189:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 123.48.112.42:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 106.8.177.96:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 139.116.206.128:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 165.176.92.53:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 110.255.177.36:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 63.2.206.185:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 210.86.225.11:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 86.72.109.84:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 120.222.190.83:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 159.25.38.43:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 135.71.247.43:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 46.110.185.11:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 110.125.65.174:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 54.158.63.78:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 82.212.84.237:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 206.157.253.180:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 186.236.238.173:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 152.212.153.16:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 77.130.68.243:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 84.231.65.152:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 104.12.79.109:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 151.147.93.51:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 109.32.135.0:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 81.113.157.102:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 87.87.221.238:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 35.227.244.45:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 42.243.177.126:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 50.170.200.136:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 49.111.9.212:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 219.172.179.238:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 140.177.221.91:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 124.124.114.121:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 151.146.236.207:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 195.149.126.12:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 81.103.19.183:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 74.65.152.64:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 185.62.22.120:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 89.49.45.94:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 64.73.130.193:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 198.40.219.97:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 195.130.208.141:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 126.226.176.182:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 151.152.148.219:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 14.36.0.36:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 108.122.216.184:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 71.216.177.113:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 106.64.146.13:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 161.233.250.84:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 136.173.232.158:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 167.152.25.4:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 121.188.160.184:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 209.87.148.118:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 123.49.202.2:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 9.85.22.215:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 184.100.98.3:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 95.55.29.57:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 156.218.196.172:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 190.98.232.27:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 13.2.33.55:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 136.98.152.96:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 184.225.109.246:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 86.219.40.129:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 189.255.69.49:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 66.165.27.121:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 197.207.208.75:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 190.93.108.108:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 91.180.61.138:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 31.47.60.104:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 94.235.73.62:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 124.207.253.63:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 150.126.255.102:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 73.174.128.92:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 213.58.87.72:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 61.220.33.185:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 60.11.205.176:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 168.89.196.157:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 19.181.204.111:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 116.148.150.120:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 174.8.14.96:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 190.42.26.125:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 119.214.140.188:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 150.230.210.114:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 134.127.53.230:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 131.41.31.244:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 76.235.15.48:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 50.177.70.64:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 171.4.56.244:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 44.20.136.185:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 89.47.192.147:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 75.124.34.126:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 12.200.210.169:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 90.51.186.120:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 100.45.53.153:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 158.202.159.87:2323

Sample listens on a socket

Source: /tmp/BEddZjSb7A.elf (PID: 5516)

Socket: 127.0.0.1::1234

Jump to behavior

Source: unknown	TCP traffic detected without corresponding DNS query: 93.207.150.241
Source: unknown	TCP traffic detected without corresponding DNS query: 121.88.102.240
Source: unknown	TCP traffic detected without corresponding DNS query: 213.30.111.2
Source: unknown	TCP traffic detected without corresponding DNS query: 85.199.33.146
Source: unknown	TCP traffic detected without corresponding DNS query: 91.65.169.150
Source: unknown	TCP traffic detected without corresponding DNS query: 162.53.252.172
Source: unknown	TCP traffic detected without corresponding DNS query: 80.1.219.51
Source: unknown	TCP traffic detected without corresponding DNS query: 79.114.201.32
Source: unknown	TCP traffic detected without corresponding DNS query: 122.39.166.99
Source: unknown	TCP traffic detected without corresponding DNS query: 111.121.227.157
Source: unknown	TCP traffic detected without corresponding DNS query: 122.254.92.80
Source: unknown	TCP traffic detected without corresponding DNS query: 67.65.59.219
Source: unknown	TCP traffic detected without corresponding DNS query: 72.46.191.101
Source: unknown	TCP traffic detected without corresponding DNS query: 170.157.94.36
Source: unknown	TCP traffic detected without corresponding DNS query: 197.182.200.166
Source: unknown	TCP traffic detected without corresponding DNS query: 125.212.196.39
Source: unknown	TCP traffic detected without corresponding DNS query: 144.162.7.15
Source: unknown	TCP traffic detected without corresponding DNS query: 140.218.157.231
Source: unknown	TCP traffic detected without corresponding DNS query: 147.167.69.65
Source: unknown	TCP traffic detected without corresponding DNS query: 59.61.29.212
Source: unknown	TCP traffic detected without corresponding DNS query: 89.45.188.78
Source: unknown	TCP traffic detected without corresponding DNS query: 116.250.35.64
Source: unknown	TCP traffic detected without corresponding DNS query: 88.136.41.60
Source: unknown	TCP traffic detected without corresponding DNS query: 167.249.7.172
Source: unknown	TCP traffic detected without corresponding DNS query: 223.241.233.6
Source: unknown	TCP traffic detected without corresponding DNS query: 203.254.153.176
Source: unknown	TCP traffic detected without corresponding DNS query: 212.99.192.110
Source: unknown	TCP traffic detected without corresponding DNS query: 106.101.199.138
Source: unknown	TCP traffic detected without corresponding DNS query: 9.247.151.9
Source: unknown	TCP traffic detected without corresponding DNS query: 40.16.84.175
Source: unknown	TCP traffic detected without corresponding DNS query: 173.220.36.240
Source: unknown	TCP traffic detected without corresponding DNS query: 207.244.103.90
Source: unknown	TCP traffic detected without corresponding DNS query: 32.163.67.150
Source: unknown	TCP traffic detected without corresponding DNS query: 75.250.70.77
Source: unknown	TCP traffic detected without corresponding DNS query: 102.242.226.209
Source: unknown	TCP traffic detected without corresponding DNS query: 31.20.24.32
Source: unknown	TCP traffic detected without corresponding DNS query: 163.180.73.243
Source: unknown	TCP traffic detected without corresponding DNS query: 65.56.209.252
Source: unknown	TCP traffic detected without corresponding DNS query: 144.43.228.222
Source: unknown	TCP traffic detected without corresponding DNS query: 135.133.77.211
Source: unknown	TCP traffic detected without corresponding DNS query: 116.145.1.94
Source: unknown	TCP traffic detected without corresponding DNS query: 49.63.84.212
Source: unknown	TCP traffic detected without corresponding DNS query: 122.234.31.207
Source: unknown	TCP traffic detected without corresponding DNS query: 180.9.231.238
Source: unknown	TCP traffic detected without corresponding DNS query: 96.46.32.13
Source: unknown	TCP traffic detected without corresponding DNS query: 34.1.119.184
Source: unknown	TCP traffic detected without corresponding DNS query: 196.124.69.194
Source: unknown	TCP traffic detected without corresponding DNS query: 32.69.141.53
Source: unknown	TCP traffic detected without corresponding DNS query: 130.14.243.239
Source: unknown	TCP traffic detected without corresponding DNS query: 64.54.7.17

Source: global traffic	DNS traffic detected: DNS query: miakhalifa.libre
Source: global traffic	DNS traffic detected: DNS query: parasjhaarrested.geek
Source: global traffic	DNS traffic detected: DNS query: openniggers.gopher. [malformed]
Source: global traffic	DNS traffic detected: DNS query: elohel.pirate. [malformed]
Source: global traffic	DNS traffic detected: DNS query: lickmyballz.indy. [malformed]
Source: global traffic	DNS traffic detected: DNS query: y4sbesitztdiewelt.oss. [malformed]
Source: global traffic	DNS traffic detected: DNS query: miakhalifa.libre. [malformed]
Source: global traffic	DNS traffic detected: DNS query: pikeylikes.indy. [malformed]

Sample contains strings indicative of BusyBox which embeds multiple Unix commands in a single executable

Source: Initial sample	String containing 'busybox' found: /bin/busybox FICORA
Source: Initial sample	String containing 'busybox' found: /bin/busybox FICORAncorrect: applet not found

Sample has stripped symbol table

Source: ELF static info symbol of initial sample

.symtab present: no

Source: classification engine

Classification label: mal60.troj.linELF@0/0@20/0

Executes the "rm" command used to delete files or directories

Source: /usr/bin/dash (PID: 5487)	Rm executable: /usr/bin/rm -> rm -f /tmp/tmp.jbxUczfTmH /tmp/tmp.FIqUPirLRn /tmp/tmp.E6oaQB7oaC			Jump to behavior
Source: /usr/bin/dash (PID: 5496)	Rm executable: /usr/bin/rm -> rm -f /tmp/tmp.jbxUczfTmH /tmp/tmp.FIqUPirLRn /tmp/tmp.E6oaQB7oaC			Jump to behavior

Uses the "uname" system call to query kernel version information (possible evasion)

Source: /tmp/BEddZjSb7A.elf (PID: 5516)

Queries kernel information via 'uname':

Jump to behavior

Source: BEddZjSb7A.elf, 5516.1.00007ffe4e4b6000.00007ffe4e4d7000.rw-.sdmp, BEddZjSb7A.elf, 5518.1.00007ffe4e4b6000.00007ffe4e4d7000.rw-.sdmp	Binary or memory string: [iox86_64/usr/bin/qemu-arm/tmp/BEddZjSb7A.elfSUDO_USER=saturninoPATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/binDISPLAY=:1.0XAUTHORITY=/run/user/1000/gdm/XauthoritySUDO_UID=1000TERM=xterm-256colorCOLORTERM=truecolorLOGNAME=rootUSER=rootLANG=en_US.UTF-8SUDO_COMMAND=/bin/bashHOME=/rootMAIL=/var/mail/rootSUDO_GID=1000SHELL=/bin/bash/tmp/BEddZjSb7A.elf
Source: BEddZjSb7A.elf, 5516.1.0000564e454c1000.0000564e45610000.rw-.sdmp, BEddZjSb7A.elf, 5518.1.0000564e454c1000.0000564e45610000.rw-.sdmp	Binary or memory string: /etc/qemu-binfmt/arm
Source: BEddZjSb7A.elf, 5516.1.00007ffe4e4b6000.00007ffe4e4d7000.rw-.sdmp, BEddZjSb7A.elf, 5518.1.00007ffe4e4b6000.00007ffe4e4d7000.rw-.sdmp	Binary or memory string: /usr/bin/qemu-arm
Source: BEddZjSb7A.elf, 5516.1.0000564e454c1000.0000564e45610000.rw-.sdmp, BEddZjSb7A.elf, 5518.1.0000564e454c1000.0000564e45610000.rw-.sdmp	Binary or memory string: MENV!/etc/qemu-binfmt/arm

Screenshots

Network Map

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Contacted Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
178.162.43.105	unknown	Russian Federation	20807	CREDOLINK-ASNSt-PetersburgRU	false
179.18.83.204	unknown	Colombia	22698	AVANTELSASCO	false
109.245.203.115	unknown	Serbia	15958	TELENOR_DOO_ASTelenordoo-NETRS	false
166.145.40.125	unknown	United States	22394	CELLCOUS	false
53.79.168.184	unknown	Germany	31399	DAIMLER-ASITIGNGlobalNetworkDE	false
74.112.91.63	unknown	Canada	63350	FONCLOUDCA	false
191.7.150.178	unknown	Brazil	263320	SansaraTelecomBR	false
146.10.39.242	unknown	United States	197938	TRAVIANGAMESDE	false
83.165.134.208	unknown	Spain	12334	Galicia-SpainES	false
112.113.215.241	unknown	China	4134	CHINANET-BACKBONENo31Jin-rongStreetCN	false
200.55.150.39	unknown	Cuba	27725	EmpresadeTelecomunicacionesdeCubaSACU	false
53.11.82.254	unknown	Germany	31399	DAIMLER-ASITIGNGlobalNetworkDE	false
1.168.57.162	unknown	Taiwan; Republic of China (ROC)	3462	HINETDataCommunicationBusinessGroupTW	false
207.13.154.167	unknown	United States	7029	WINDSTREAMUS	false
83.237.14.111	unknown	Russian Federation	8359	MTSRU	false
206.26.172.70	unknown	United States	3561	CENTURYLINK-LEGACY-SAVVISUS	false
173.48.229.221	unknown	United States	701	UUNETUS	false
201.54.45.108	unknown	Brazil	28613	HUGHESTELECOMUNICACOESDOBRASILLTDABR	false
89.101.167.178	unknown	Ireland	6830	LIBERTYGLOBALLibertyGlobalformerlyUPCBroadbandHolding	false
70.181.142.10	unknown	United States	22773	ASN-CXA-ALL-CCI-22773-RDCUS	false
81.55.195.99	unknown	France	3215	FranceTelecom-OrangeFR	false
82.46.21.182	unknown	United Kingdom	5089	NTLGB	false
87.152.228.96	unknown	Germany	3320	DTAGInternetserviceprovideroperationsDE	false
12.197.57.108	unknown	United States	7018	ATT-INTERNET4US	false
90.163.94.56	unknown	Spain	12479	UNI2-ASES	false
149.169.215.72	unknown	United States	2900	WN-AZ-ASUS	false
118.173.29.79	unknown	Thailand	23969	TOT-NETTOTPublicCompanyLimitedTH	false
17.213.221.72	unknown	United States	714	APPLE-ENGINEERINGUS	false
178.196.170.187	unknown	Switzerland	3303	SWISSCOMSwisscomSwitzerlandLtdCH	false
101.45.183.194	unknown	China	131536	SHGWBNNETShanghaiGreatWallBroadbandNetworkServiceCo	false
182.243.100.3	unknown	China	4134	CHINANET-BACKBONENo31Jin-rongStreetCN	false
145.155.255.159	unknown	Netherlands	1103	SURFNET-NLSURFnetTheNetherlandsNL	false
17.115.115.155	unknown	United States	714	APPLE-ENGINEERINGUS	false
220.180.220.152	unknown	China	4134	CHINANET-BACKBONENo31Jin-rongStreetCN	false
218.149.78.148	unknown	Korea Republic of	4766	KIXS-AS-KRKoreaTelecomKR	false
84.78.179.51	unknown	Spain	12479	UNI2-ASES	false
65.40.218.169	unknown	United States	209	CENTURYLINK-US-LEGACY-QWESTUS	false
141.186.167.72	unknown	United States	197921	HBTFJO	false
96.40.179.186	unknown	United States	20115	CHARTER-20115US	false
193.139.182.122	unknown	France	34885	EDSBG-ASAT	false
46.228.229.29	unknown	Poland	44514	INOTEL-ASPL	false
44.25.101.253	unknown	United States	63479	HAMWANUS	false
105.11.198.70	unknown	South Africa	37168	CELL-CZA	false
1.79.211.223	unknown	Japan	9605	DOCOMONTTDOCOMOINCJP	false
213.28.99.39	unknown	Finland	1759	TSF-IP-CORETeliaFinlandOyjEU	false
217.194.171.51	unknown	Czech Republic	5610	O2-CZECH-REPUBLICCZ	false
90.92.97.128	unknown	France	3215	FranceTelecom-OrangeFR	false
223.24.253.149	unknown	Thailand	7470	TRUEINTERNET-AS-APTRUEINTERNETCoLtdTH	false
94.25.2.57	unknown	Russian Federation	12389	ROSTELECOM-ASRU	false
116.87.10.136	unknown	Singapore	55430	STARHUB-NGNBNStarhubLtdSG	false
122.166.80.131	unknown	India	24560	AIRTELBROADBAND-AS-APBhartiAirtelLtdTelemediaServices	false
139.229.125.178	unknown	United States	19226	AURA-SOUTHUS	false
75.4.11.197	unknown	United States	7018	ATT-INTERNET4US	false
43.201.20.53	unknown	Japan	4249	LILLY-ASUS	false
47.108.217.163	unknown	China	37963	CNNIC-ALIBABA-CN-NET-APHangzhouAlibabaAdvertisingCoLtd	false
2.252.14.178	unknown	Sweden	3301	TELIANET-SWEDENTeliaCompanySE	false
94.29.114.250	unknown	Russian Federation	25513	ASN-MGTS-USPDRU	false
34.107.106.141	unknown	United States	15169	GOOGLEUS	false
96.248.222.55	unknown	United States	701	UUNETUS	false
40.186.171.157	unknown	United States	4249	LILLY-ASUS	false
47.178.236.195	unknown	United States	5650	FRONTIER-FRTRUS	false
111.24.10.239	unknown	China	24444	CMNET-V4SHANDONG-AS-APShandongMobileCommunicationCompany	false
114.46.149.214	unknown	Taiwan; Republic of China (ROC)	3462	HINETDataCommunicationBusinessGroupTW	false
159.149.128.98	unknown	Italy	137	ASGARRConsortiumGARREU	false
46.226.39.246	unknown	Spain	39155	JETNETES	false
110.186.39.41	unknown	China	4134	CHINANET-BACKBONENo31Jin-rongStreetCN	false
167.252.161.128	unknown	Argentina	3549	LVLT-3549US	false
32.247.143.74	unknown	United States	2686	ATGS-MMD-ASUS	false
210.34.123.158	unknown	China	4538	ERX-CERNET-BKBChinaEducationandResearchNetworkCenter	false
27.112.75.239	unknown	Australia	55564	JETNET-AUMalcolmWeatherleyAU	false
135.145.184.54	unknown	United States	14962	NCR-252US	false
191.214.114.231	unknown	Brazil	7738	TelemarNorteLesteSABR	false
174.139.231.30	unknown	United States	35908	VPLSNETUS	false
185.15.149.86	unknown	Spain	199930	WIFIBALEARES-ASCSabaters13ES	false
73.70.103.101	unknown	United States	7922	COMCAST-7922US	false
170.158.122.75	unknown	United States	55002	DEFENSE-NETUS	false
74.78.181.206	unknown	United States	11351	TWC-11351-NORTHEASTUS	false
185.8.42.232	unknown	Ukraine	3326	DATAGROUPDatagroupPJSCUA	false
130.10.55.60	unknown	United States	6908	DATAHOPDatahop-SixDegreesGB	false
63.147.95.221	unknown	United States	13994	OMU-1US	false
156.110.22.184	unknown	United States	5078	ONENET-AS-1US	false
49.27.39.235	unknown	Korea Republic of	4766	KIXS-AS-KRKoreaTelecomKR	false
35.84.199.66	unknown	United States	237	MERIT-AS-14US	false
163.68.119.119	unknown	France	17816	CHINA169-GZChinaUnicomIPnetworkChina169Guangdongprovi	false
116.247.146.32	unknown	China	4812	CHINANET-SH-APChinaTelecomGroupCN	false
92.180.240.175	unknown	France	3215	FranceTelecom-OrangeFR	false
64.26.172.164	unknown	Canada	812	ROGERS-COMMUNICATIONSCA	false
46.65.93.197	unknown	United Kingdom	5607	BSKYB-BROADBAND-ASGB	false
2.255.82.111	unknown	Sweden	3301	TELIANET-SWEDENTeliaCompanySE	false
68.3.126.237	unknown	United States	22773	ASN-CXA-ALL-CCI-22773-RDCUS	false
153.129.34.65	unknown	Japan	4713	OCNNTTCommunicationsCorporationJP	false
86.102.184.59	unknown	Russian Federation	12332	PRIMORYE-ASRU	false
171.233.111.20	unknown	Viet Nam	7552	VIETEL-AS-APViettelGroupVN	false
142.34.60.127	unknown	Canada	27272	Q9-AS-CAL3CA	false
43.33.111.208	unknown	Japan	4249	LILLY-ASUS	false
43.146.35.198	unknown	Japan	4249	LILLY-ASUS	false
128.85.165.39	unknown	United States	26	CORNELLUS	false
140.57.200.235	unknown	United States	668	DNIC-AS-00668US	false
150.232.254.52	unknown	United States	122	UPMC-AS122US	false
1.183.178.21	unknown	China	4134	CHINANET-BACKBONENo31Jin-rongStreetCN	false

Contacted Domains

Name	IP	Active
parasjhaarrested.geek	167.99.34.191	true
lickmyballz.indy. [malformed]	unknown	unknown
openniggers.gopher. [malformed]	unknown	unknown
miakhalifa.libre. [malformed]	unknown	unknown
elohel.pirate. [malformed]	unknown	unknown
y4sbesitztdiewelt.oss. [malformed]	unknown	unknown
pikeylikes.indy. [malformed]	unknown	unknown
miakhalifa.libre	unknown	unknown

AV Detection

Antivirus / Scanner detection for submitted sample

Source: BEddZjSb7A.elf

Avira: detected

Multi AV Scanner detection for submitted file

Source: BEddZjSb7A.elf	Virustotal: Detection: 29%			Perma Link
Source: BEddZjSb7A.elf	ReversingLabs: Detection: 28%

Networking

Sends malformed DNS queries

Source: global traffic	DNS traffic detected: malformed DNS query: openniggers.gopher. [malformed]
Source: global traffic	DNS traffic detected: malformed DNS query: elohel.pirate. [malformed]
Source: global traffic	DNS traffic detected: malformed DNS query: lickmyballz.indy. [malformed]
Source: global traffic	DNS traffic detected: malformed DNS query: y4sbesitztdiewelt.oss. [malformed]
Source: global traffic	DNS traffic detected: malformed DNS query: miakhalifa.libre. [malformed]
Source: global traffic	DNS traffic detected: malformed DNS query: pikeylikes.indy. [malformed]

Detected TCP or UDP traffic on non-standard ports

Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 93.207.150.241:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 67.65.59.219:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 89.45.188.78:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 40.16.84.175:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 116.145.1.94:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 64.54.7.17:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 64.14.31.100:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 24.86.26.84:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 37.69.81.186:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 57.205.103.223:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 210.126.41.208:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 142.3.118.90:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 126.205.158.32:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 167.91.81.200:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 128.37.219.245:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 145.124.56.53:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 54.202.183.224:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 191.178.237.242:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 184.189.209.45:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 185.124.209.96:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 47.233.16.34:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 184.8.183.134:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 166.55.238.41:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 120.106.2.243:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 2.152.78.43:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 179.210.119.168:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 40.52.226.56:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 128.180.254.66:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 196.106.153.30:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 69.14.106.249:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 74.209.103.159:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 8.230.32.35:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 136.144.4.221:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 107.101.102.211:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 102.148.30.74:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 27.149.241.14:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 122.45.86.189:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 211.82.227.151:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 104.108.226.179:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 80.39.69.126:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 70.141.131.239:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 156.91.32.212:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 171.242.227.132:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 84.112.63.8:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 74.72.22.91:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 65.185.54.19:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 201.15.227.59:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 169.135.243.253:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 170.187.142.86:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 82.180.0.197:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 24.14.167.77:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 88.10.133.93:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 189.195.177.20:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 52.214.95.171:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 221.177.108.109:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 160.92.227.8:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 176.246.124.219:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 189.122.89.0:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 63.22.107.33:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 103.19.99.235:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 145.142.18.78:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 193.154.212.37:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 196.147.136.47:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 66.206.137.176:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 152.223.88.48:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 185.242.162.202:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 137.141.113.54:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 106.101.60.4:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 210.197.175.53:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 135.35.191.148:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 88.206.249.205:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 209.9.137.250:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 182.56.180.40:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 17.112.246.153:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 196.101.27.36:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 191.52.231.46:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 53.16.79.246:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 43.108.214.85:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 34.118.208.32:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 183.172.85.173:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 150.239.205.12:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 125.8.161.57:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 79.17.106.146:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 195.44.34.233:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 129.27.15.217:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 154.31.248.208:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 200.170.225.32:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 217.31.39.81:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 187.231.7.88:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 34.55.51.77:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 13.242.118.162:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 99.255.165.252:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 186.21.220.170:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 99.210.131.1:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 181.128.86.66:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 19.27.19.241:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 117.223.112.237:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 108.57.91.54:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 49.131.86.129:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 78.240.212.17:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 25.142.77.113:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 84.213.230.215:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 76.13.197.152:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 89.137.0.77:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 34.224.66.246:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 106.212.240.66:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 25.60.201.238:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 160.87.202.190:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 123.131.95.224:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 209.234.135.158:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 57.116.183.164:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 216.190.228.176:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 44.106.183.104:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 98.96.192.237:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 207.149.17.10:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 165.88.97.201:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 31.17.136.75:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 129.0.18.107:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 164.22.209.215:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 220.173.38.3:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 107.120.103.206:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 90.44.153.142:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 118.230.206.238:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 187.50.219.29:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 178.205.182.250:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 98.30.70.191:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 184.136.85.82:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 31.20.155.1:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 147.245.57.92:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 120.93.57.241:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 198.234.80.211:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 176.217.135.56:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 186.217.135.170:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 118.18.109.16:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 158.207.191.233:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 54.50.52.75:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 186.238.27.47:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 1.63.197.7:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 67.240.244.47:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 47.168.160.157:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 39.51.198.17:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 220.20.54.235:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 111.14.55.101:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 77.29.173.35:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 58.62.238.48:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 165.243.243.5:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 175.250.214.53:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 61.145.239.158:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 109.99.252.140:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 126.57.146.67:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 25.255.44.181:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 190.205.76.76:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 216.193.223.26:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 71.5.75.25:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 41.124.241.96:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 173.128.153.77:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 209.11.20.133:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 18.46.33.230:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 53.203.38.12:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 66.179.163.195:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 193.107.153.7:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 123.188.0.76:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 54.12.208.242:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 198.194.171.102:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 104.158.34.133:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 102.223.102.137:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 58.90.152.35:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 116.3.118.88:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 141.75.139.161:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 59.153.117.202:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 222.172.197.103:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 189.178.15.195:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 183.244.4.136:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 36.113.143.88:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 14.14.22.13:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 196.74.190.76:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 82.173.228.34:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 8.75.62.162:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 182.151.178.112:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 78.239.80.229:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 112.148.192.30:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 186.82.149.143:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 157.128.25.70:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 51.86.36.24:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 59.68.84.119:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 23.223.9.241:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 106.127.120.97:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 118.201.115.212:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 43.44.119.213:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 98.240.81.46:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 77.205.19.0:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 170.92.140.154:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 148.103.183.90:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 137.93.213.8:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 13.131.91.128:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 2.60.88.91:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 171.196.43.229:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 174.243.223.11:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 220.24.81.184:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 78.39.246.156:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 131.221.16.67:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 161.239.162.65:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 196.194.201.220:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 175.142.109.154:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 165.116.158.53:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 170.147.201.189:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 163.1.9.64:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 38.178.184.106:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 166.237.220.181:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 116.149.215.187:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 73.139.247.242:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 27.24.222.8:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 210.67.78.3:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 222.137.63.138:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 89.181.242.133:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 144.87.196.53:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 53.146.37.202:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 156.75.70.213:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 114.121.9.110:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 142.125.68.109:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 142.34.60.127:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 212.3.243.100:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 46.41.204.178:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 91.129.38.137:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 134.127.110.79:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 95.55.157.65:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 168.244.96.200:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 218.249.2.232:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 97.50.13.65:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 150.87.113.96:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 47.224.8.43:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 86.242.140.87:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 71.219.182.53:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 23.148.94.145:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 202.125.37.42:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 144.110.100.252:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 43.125.176.27:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 181.157.82.74:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 123.142.118.114:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 167.235.156.249:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 153.5.249.110:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 88.150.157.128:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 54.58.115.187:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 74.244.82.119:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 41.206.88.182:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 17.163.89.65:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 151.110.110.175:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 12.170.112.161:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 25.193.11.249:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 198.202.4.168:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 97.205.138.18:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 31.198.178.56:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 156.115.148.21:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 161.173.108.104:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 93.100.185.63:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 156.189.33.2:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 85.202.127.158:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 23.255.11.178:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 166.9.236.223:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 141.95.140.217:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 108.124.97.5:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 86.219.63.239:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 176.199.71.232:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 67.81.160.221:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 223.202.225.41:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 4.4.55.98:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 49.113.230.59:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 155.179.246.57:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 90.59.253.234:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 191.134.68.187:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 144.155.238.235:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 75.89.207.246:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 165.137.32.149:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 216.186.18.111:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 221.176.181.87:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 213.19.253.173:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 185.229.19.248:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 193.70.142.158:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 128.180.87.1:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 12.247.92.113:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 148.10.161.116:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 111.65.27.59:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 166.148.216.81:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 170.233.208.30:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 203.126.237.57:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 173.90.91.197:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 198.22.144.65:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 50.230.200.174:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 180.145.58.117:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 68.74.217.211:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 212.37.167.5:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 194.133.166.115:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 34.187.69.91:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 35.7.64.23:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 2.12.20.179:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 92.102.55.234:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 24.172.63.132:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 143.143.18.34:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 65.179.39.176:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 112.205.245.212:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 119.164.63.76:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 177.2.98.109:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 155.174.86.224:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 20.83.88.141:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 17.246.33.120:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 44.100.199.132:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 83.207.175.170:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 100.9.57.83:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 128.88.33.115:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 176.165.15.176:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 4.62.80.100:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 83.237.14.111:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 77.143.186.237:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 17.64.93.177:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 57.104.109.249:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 74.236.40.22:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 181.229.28.201:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 187.11.35.3:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 161.241.165.183:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 109.123.93.54:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 61.47.99.209:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 86.166.190.1:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 154.128.171.17:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 146.129.10.121:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 12.90.136.169:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 88.149.225.201:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 50.221.98.105:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 146.139.27.139:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 104.184.141.135:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 221.247.40.152:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 156.35.38.71:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 170.87.63.11:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 123.65.249.28:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 115.1.145.226:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 194.78.220.195:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 152.126.201.119:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 83.115.185.243:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 82.176.121.151:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 145.181.253.251:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 191.233.22.221:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 109.217.157.145:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 68.73.194.154:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 199.116.13.214:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 53.231.209.22:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 157.178.147.40:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 129.254.90.241:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 205.189.12.50:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 83.49.198.41:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 35.156.18.51:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 54.34.228.119:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 159.112.206.58:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 74.214.132.83:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 197.139.182.78:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 91.204.24.186:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 129.18.159.198:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 79.46.172.126:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 1.34.89.192:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 207.33.165.2:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 101.86.75.146:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 124.192.154.3:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 166.160.59.33:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 47.32.61.225:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 170.119.92.13:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 35.2.102.225:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 149.253.169.130:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 20.101.217.226:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 197.119.190.219:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 162.43.213.102:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 169.225.98.117:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 208.234.27.75:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 31.236.104.219:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 183.241.75.67:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 155.183.142.44:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 212.139.211.89:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 168.22.8.112:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 148.248.112.113:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 97.23.130.189:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 222.159.209.254:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 179.68.23.154:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 90.93.254.44:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 93.207.178.5:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 159.57.72.32:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 60.210.105.162:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 160.181.3.16:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 100.48.150.197:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 46.14.156.223:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 155.218.229.24:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 42.94.199.11:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 17.20.135.218:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 180.44.24.174:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 211.174.240.153:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 194.237.112.223:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 219.27.183.56:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 144.50.220.160:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 204.177.93.8:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 175.145.252.104:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 107.112.196.203:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 185.5.153.40:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 174.197.101.32:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 220.62.62.33:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 45.65.194.144:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 61.16.204.88:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 62.141.217.171:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 175.169.98.7:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 219.57.242.143:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 48.145.139.189:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 123.48.112.42:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 106.8.177.96:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 139.116.206.128:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 165.176.92.53:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 110.255.177.36:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 63.2.206.185:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 210.86.225.11:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 86.72.109.84:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 120.222.190.83:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 159.25.38.43:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 135.71.247.43:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 46.110.185.11:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 110.125.65.174:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 54.158.63.78:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 82.212.84.237:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 206.157.253.180:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 186.236.238.173:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 152.212.153.16:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 77.130.68.243:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 84.231.65.152:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 104.12.79.109:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 151.147.93.51:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 109.32.135.0:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 81.113.157.102:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 87.87.221.238:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 35.227.244.45:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 42.243.177.126:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 50.170.200.136:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 49.111.9.212:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 219.172.179.238:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 140.177.221.91:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 124.124.114.121:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 151.146.236.207:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 195.149.126.12:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 81.103.19.183:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 74.65.152.64:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 185.62.22.120:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 89.49.45.94:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 64.73.130.193:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 198.40.219.97:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 195.130.208.141:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 126.226.176.182:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 151.152.148.219:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 14.36.0.36:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 108.122.216.184:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 71.216.177.113:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 106.64.146.13:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 161.233.250.84:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 136.173.232.158:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 167.152.25.4:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 121.188.160.184:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 209.87.148.118:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 123.49.202.2:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 9.85.22.215:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 184.100.98.3:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 95.55.29.57:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 156.218.196.172:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 190.98.232.27:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 13.2.33.55:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 136.98.152.96:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 184.225.109.246:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 86.219.40.129:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 189.255.69.49:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 66.165.27.121:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 197.207.208.75:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 190.93.108.108:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 91.180.61.138:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 31.47.60.104:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 94.235.73.62:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 124.207.253.63:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 150.126.255.102:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 73.174.128.92:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 213.58.87.72:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 61.220.33.185:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 60.11.205.176:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 168.89.196.157:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 19.181.204.111:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 116.148.150.120:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 174.8.14.96:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 190.42.26.125:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 119.214.140.188:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 150.230.210.114:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 134.127.53.230:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 131.41.31.244:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 76.235.15.48:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 50.177.70.64:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 171.4.56.244:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 44.20.136.185:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 89.47.192.147:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 75.124.34.126:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 12.200.210.169:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 90.51.186.120:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 100.45.53.153:2323
Source: global traffic	TCP traffic: 192.168.2.15:21830 -> 158.202.159.87:2323

Sample listens on a socket

Source: /tmp/BEddZjSb7A.elf (PID: 5516)

Socket: 127.0.0.1::1234

Jump to behavior

Source: unknown	TCP traffic detected without corresponding DNS query: 93.207.150.241
Source: unknown	TCP traffic detected without corresponding DNS query: 121.88.102.240
Source: unknown	TCP traffic detected without corresponding DNS query: 213.30.111.2
Source: unknown	TCP traffic detected without corresponding DNS query: 85.199.33.146
Source: unknown	TCP traffic detected without corresponding DNS query: 91.65.169.150
Source: unknown	TCP traffic detected without corresponding DNS query: 162.53.252.172
Source: unknown	TCP traffic detected without corresponding DNS query: 80.1.219.51
Source: unknown	TCP traffic detected without corresponding DNS query: 79.114.201.32
Source: unknown	TCP traffic detected without corresponding DNS query: 122.39.166.99
Source: unknown	TCP traffic detected without corresponding DNS query: 111.121.227.157
Source: unknown	TCP traffic detected without corresponding DNS query: 122.254.92.80
Source: unknown	TCP traffic detected without corresponding DNS query: 67.65.59.219
Source: unknown	TCP traffic detected without corresponding DNS query: 72.46.191.101
Source: unknown	TCP traffic detected without corresponding DNS query: 170.157.94.36
Source: unknown	TCP traffic detected without corresponding DNS query: 197.182.200.166
Source: unknown	TCP traffic detected without corresponding DNS query: 125.212.196.39
Source: unknown	TCP traffic detected without corresponding DNS query: 144.162.7.15
Source: unknown	TCP traffic detected without corresponding DNS query: 140.218.157.231
Source: unknown	TCP traffic detected without corresponding DNS query: 147.167.69.65
Source: unknown	TCP traffic detected without corresponding DNS query: 59.61.29.212
Source: unknown	TCP traffic detected without corresponding DNS query: 89.45.188.78
Source: unknown	TCP traffic detected without corresponding DNS query: 116.250.35.64
Source: unknown	TCP traffic detected without corresponding DNS query: 88.136.41.60
Source: unknown	TCP traffic detected without corresponding DNS query: 167.249.7.172
Source: unknown	TCP traffic detected without corresponding DNS query: 223.241.233.6
Source: unknown	TCP traffic detected without corresponding DNS query: 203.254.153.176
Source: unknown	TCP traffic detected without corresponding DNS query: 212.99.192.110
Source: unknown	TCP traffic detected without corresponding DNS query: 106.101.199.138
Source: unknown	TCP traffic detected without corresponding DNS query: 9.247.151.9
Source: unknown	TCP traffic detected without corresponding DNS query: 40.16.84.175
Source: unknown	TCP traffic detected without corresponding DNS query: 173.220.36.240
Source: unknown	TCP traffic detected without corresponding DNS query: 207.244.103.90
Source: unknown	TCP traffic detected without corresponding DNS query: 32.163.67.150
Source: unknown	TCP traffic detected without corresponding DNS query: 75.250.70.77
Source: unknown	TCP traffic detected without corresponding DNS query: 102.242.226.209
Source: unknown	TCP traffic detected without corresponding DNS query: 31.20.24.32
Source: unknown	TCP traffic detected without corresponding DNS query: 163.180.73.243
Source: unknown	TCP traffic detected without corresponding DNS query: 65.56.209.252
Source: unknown	TCP traffic detected without corresponding DNS query: 144.43.228.222
Source: unknown	TCP traffic detected without corresponding DNS query: 135.133.77.211
Source: unknown	TCP traffic detected without corresponding DNS query: 116.145.1.94
Source: unknown	TCP traffic detected without corresponding DNS query: 49.63.84.212
Source: unknown	TCP traffic detected without corresponding DNS query: 122.234.31.207
Source: unknown	TCP traffic detected without corresponding DNS query: 180.9.231.238
Source: unknown	TCP traffic detected without corresponding DNS query: 96.46.32.13
Source: unknown	TCP traffic detected without corresponding DNS query: 34.1.119.184
Source: unknown	TCP traffic detected without corresponding DNS query: 196.124.69.194
Source: unknown	TCP traffic detected without corresponding DNS query: 32.69.141.53
Source: unknown	TCP traffic detected without corresponding DNS query: 130.14.243.239
Source: unknown	TCP traffic detected without corresponding DNS query: 64.54.7.17

Source: global traffic	DNS traffic detected: DNS query: miakhalifa.libre
Source: global traffic	DNS traffic detected: DNS query: parasjhaarrested.geek
Source: global traffic	DNS traffic detected: DNS query: openniggers.gopher. [malformed]
Source: global traffic	DNS traffic detected: DNS query: elohel.pirate. [malformed]
Source: global traffic	DNS traffic detected: DNS query: lickmyballz.indy. [malformed]
Source: global traffic	DNS traffic detected: DNS query: y4sbesitztdiewelt.oss. [malformed]
Source: global traffic	DNS traffic detected: DNS query: miakhalifa.libre. [malformed]
Source: global traffic	DNS traffic detected: DNS query: pikeylikes.indy. [malformed]

Sample contains strings indicative of BusyBox which embeds multiple Unix commands in a single executable

Source: Initial sample	String containing 'busybox' found: /bin/busybox FICORA
Source: Initial sample	String containing 'busybox' found: /bin/busybox FICORAncorrect: applet not found

Sample has stripped symbol table

Source: ELF static info symbol of initial sample

.symtab present: no

Source: classification engine

Classification label: mal60.troj.linELF@0/0@20/0

Executes the "rm" command used to delete files or directories

Source: /usr/bin/dash (PID: 5487)	Rm executable: /usr/bin/rm -> rm -f /tmp/tmp.jbxUczfTmH /tmp/tmp.FIqUPirLRn /tmp/tmp.E6oaQB7oaC			Jump to behavior
Source: /usr/bin/dash (PID: 5496)	Rm executable: /usr/bin/rm -> rm -f /tmp/tmp.jbxUczfTmH /tmp/tmp.FIqUPirLRn /tmp/tmp.E6oaQB7oaC			Jump to behavior

Uses the "uname" system call to query kernel version information (possible evasion)

Source: /tmp/BEddZjSb7A.elf (PID: 5516)

Queries kernel information via 'uname':

Jump to behavior

Source: BEddZjSb7A.elf, 5516.1.00007ffe4e4b6000.00007ffe4e4d7000.rw-.sdmp, BEddZjSb7A.elf, 5518.1.00007ffe4e4b6000.00007ffe4e4d7000.rw-.sdmp	Binary or memory string: [iox86_64/usr/bin/qemu-arm/tmp/BEddZjSb7A.elfSUDO_USER=saturninoPATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/binDISPLAY=:1.0XAUTHORITY=/run/user/1000/gdm/XauthoritySUDO_UID=1000TERM=xterm-256colorCOLORTERM=truecolorLOGNAME=rootUSER=rootLANG=en_US.UTF-8SUDO_COMMAND=/bin/bashHOME=/rootMAIL=/var/mail/rootSUDO_GID=1000SHELL=/bin/bash/tmp/BEddZjSb7A.elf
Source: BEddZjSb7A.elf, 5516.1.0000564e454c1000.0000564e45610000.rw-.sdmp, BEddZjSb7A.elf, 5518.1.0000564e454c1000.0000564e45610000.rw-.sdmp	Binary or memory string: /etc/qemu-binfmt/arm
Source: BEddZjSb7A.elf, 5516.1.00007ffe4e4b6000.00007ffe4e4d7000.rw-.sdmp, BEddZjSb7A.elf, 5518.1.00007ffe4e4b6000.00007ffe4e4d7000.rw-.sdmp	Binary or memory string: /usr/bin/qemu-arm
Source: BEddZjSb7A.elf, 5516.1.0000564e454c1000.0000564e45610000.rw-.sdmp, BEddZjSb7A.elf, 5518.1.0000564e454c1000.0000564e45610000.rw-.sdmp	Binary or memory string: MENV!/etc/qemu-binfmt/arm

ID:	1447637
Product:	CloudBasic
Start time:	08:36:07
Start date:	26.05.2024
Sample:	BEddZjSb7A.elf
Cookbook:	defaultlinuxfilecookbook.jbs
System description:	Ubuntu Linux 20.04 x64 (Kernel 5.4.0-72, Firefox 91.0, Evince Document Viewer 3.36.10, LibreOffice 6.4.7.2, OpenJDK 11.0.11)
Architecture:	LINUX
MD5:	6561091eb21655b658bb87755a6b6ba3
SHA1:	dba2db8310688d26e61dccceda3d66a62477c91d
SHA256:	7cc952caed80ee8b829eab1262be959ca587ea8f5051dfda7e5582b90b2accd8
Filetype:	ELF Executable and Linkable format (generic) (4004/1) 100.00%

Linux Analysis Report
BEddZjSb7A.elf

Overview

General Information

Detection

Signatures

Classification

Signatures

AV Detection

Networking

System Summary

Persistence and Installation Behavior

Malware Analysis System Evasion

Screenshots

Network Map

Contacted Public IPs

Contacted Domains

Linux Analysis Report BEddZjSb7A.elf

Overview

General Information

Detection

Signatures

Classification

Signatures

AV Detection

Networking

System Summary

Persistence and Installation Behavior

Malware Analysis System Evasion

Screenshots

Network Map

Contacted Public IPs

Contacted Domains

Linux Analysis Report
BEddZjSb7A.elf