Source: 5058.1.0000000000400000.0000000000488000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Gafgyt_9e9530a7 Author: unknown |
Source: 5058.1.0000000000400000.0000000000488000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Gafgyt_d4227dbf Author: unknown |
Source: 5058.1.0000000000400000.0000000000488000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Gafgyt_d996d335 Author: unknown |
Source: 5058.1.0000000000400000.0000000000488000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Gafgyt_620087b9 Author: unknown |
Source: 5058.1.0000000000400000.0000000000488000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Gafgyt_33b4111a Author: unknown |
Source: 5058.1.0000000000400000.0000000000488000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Mirai_564b8eda Author: unknown |
Source: 4811.1.0000000000400000.0000000000488000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Gafgyt_9e9530a7 Author: unknown |
Source: 4811.1.0000000000400000.0000000000488000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Gafgyt_d4227dbf Author: unknown |
Source: 4811.1.0000000000400000.0000000000488000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Gafgyt_d996d335 Author: unknown |
Source: 4811.1.0000000000400000.0000000000488000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Gafgyt_620087b9 Author: unknown |
Source: 4811.1.0000000000400000.0000000000488000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Gafgyt_33b4111a Author: unknown |
Source: 4811.1.0000000000400000.0000000000488000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Mirai_564b8eda Author: unknown |
Source: 5104.1.0000000000400000.0000000000488000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Gafgyt_9e9530a7 Author: unknown |
Source: 5104.1.0000000000400000.0000000000488000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Gafgyt_d4227dbf Author: unknown |
Source: 5104.1.0000000000400000.0000000000488000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Gafgyt_d996d335 Author: unknown |
Source: 5104.1.0000000000400000.0000000000488000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Gafgyt_620087b9 Author: unknown |
Source: 5104.1.0000000000400000.0000000000488000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Gafgyt_33b4111a Author: unknown |
Source: 5104.1.0000000000400000.0000000000488000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Mirai_564b8eda Author: unknown |
Source: 4734.1.0000000000400000.0000000000488000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Gafgyt_9e9530a7 Author: unknown |
Source: 4734.1.0000000000400000.0000000000488000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Gafgyt_d4227dbf Author: unknown |
Source: 4734.1.0000000000400000.0000000000488000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Gafgyt_d996d335 Author: unknown |
Source: 4734.1.0000000000400000.0000000000488000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Gafgyt_620087b9 Author: unknown |
Source: 4734.1.0000000000400000.0000000000488000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Gafgyt_33b4111a Author: unknown |
Source: 4734.1.0000000000400000.0000000000488000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Mirai_564b8eda Author: unknown |
Source: 4700.1.0000000000400000.0000000000488000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Gafgyt_9e9530a7 Author: unknown |
Source: 4700.1.0000000000400000.0000000000488000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Gafgyt_d4227dbf Author: unknown |
Source: 4700.1.0000000000400000.0000000000488000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Gafgyt_d996d335 Author: unknown |
Source: 4700.1.0000000000400000.0000000000488000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Gafgyt_620087b9 Author: unknown |
Source: 4700.1.0000000000400000.0000000000488000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Gafgyt_33b4111a Author: unknown |
Source: 4700.1.0000000000400000.0000000000488000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Mirai_564b8eda Author: unknown |
Source: 5060.1.0000000000400000.0000000000488000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Gafgyt_9e9530a7 Author: unknown |
Source: 5060.1.0000000000400000.0000000000488000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Gafgyt_d4227dbf Author: unknown |
Source: 5060.1.0000000000400000.0000000000488000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Gafgyt_d996d335 Author: unknown |
Source: 5060.1.0000000000400000.0000000000488000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Gafgyt_620087b9 Author: unknown |
Source: 5060.1.0000000000400000.0000000000488000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Gafgyt_33b4111a Author: unknown |
Source: 5060.1.0000000000400000.0000000000488000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Mirai_564b8eda Author: unknown |
Source: 4737.1.0000000000400000.0000000000488000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Gafgyt_9e9530a7 Author: unknown |
Source: 4737.1.0000000000400000.0000000000488000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Gafgyt_d4227dbf Author: unknown |
Source: 4737.1.0000000000400000.0000000000488000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Gafgyt_d996d335 Author: unknown |
Source: 4737.1.0000000000400000.0000000000488000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Gafgyt_620087b9 Author: unknown |
Source: 4737.1.0000000000400000.0000000000488000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Gafgyt_33b4111a Author: unknown |
Source: 4737.1.0000000000400000.0000000000488000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Mirai_564b8eda Author: unknown |
Source: 4733.1.0000000000400000.0000000000488000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Gafgyt_9e9530a7 Author: unknown |
Source: 4733.1.0000000000400000.0000000000488000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Gafgyt_d4227dbf Author: unknown |
Source: 4733.1.0000000000400000.0000000000488000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Gafgyt_d996d335 Author: unknown |
Source: 4733.1.0000000000400000.0000000000488000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Gafgyt_620087b9 Author: unknown |
Source: 4733.1.0000000000400000.0000000000488000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Gafgyt_33b4111a Author: unknown |
Source: 4733.1.0000000000400000.0000000000488000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Mirai_564b8eda Author: unknown |
Source: 5058.1.0000000000400000.0000000000488000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Gafgyt_9e9530a7 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = d6ad6512051e87c8c35dc168d82edd071b122d026dce21d39b9782b3d6a01e50, id = 9e9530a7-ad4d-4a44-b764-437b7621052f, last_modified = 2021-09-16 |
Source: 5058.1.0000000000400000.0000000000488000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Gafgyt_d4227dbf reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 58c4b1d4d167876b64cfa10f609911a80284180e4db093917fea16fae8ccd4e3, id = d4227dbf-6ab4-4637-a6ba-0e604acaafb4, last_modified = 2021-09-16 |
Source: 5058.1.0000000000400000.0000000000488000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Gafgyt_d996d335 reference_sample = b511eacd4b44744c8cf82d1b4a9bc6f1022fe6be7c5d17356b171f727ddc6eda, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = e9ccb8412f32187c309b0e9afcc3a6da21ad2f1ffa251c27f9f720ccb284e3ac, id = d996d335-e049-4052-bf36-6cd07c911a8b, last_modified = 2021-09-16 |
Source: 5058.1.0000000000400000.0000000000488000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Gafgyt_620087b9 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 06cd7e6eb62352ec2ccb9ed48e58c0583c02fefd137cd048d053ab30b5330307, id = 620087b9-c87d-4752-89e8-ca1c16486b28, last_modified = 2021-09-16 |
Source: 5058.1.0000000000400000.0000000000488000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Gafgyt_33b4111a reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 9c3b63b9a0f54006bae12abcefdb518904a85f78be573f0780f0a265b12d2d6e, id = 33b4111a-e59e-48db-9d74-34ca44fcd9f5, last_modified = 2021-09-16 |
Source: 5058.1.0000000000400000.0000000000488000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Mirai_564b8eda reference_sample = ff04921d7bf9ca01ae33a9fc0743dce9ca250e42a33547c5665b1c9a0b5260ee, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 63a9e43902e7db0b7a20498b5a860e36201bacc407e9e336faca0b7cfbc37819, id = 564b8eda-6f0e-45b8-bef6-d61b0f090a36, last_modified = 2021-09-16 |
Source: 4811.1.0000000000400000.0000000000488000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Gafgyt_9e9530a7 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = d6ad6512051e87c8c35dc168d82edd071b122d026dce21d39b9782b3d6a01e50, id = 9e9530a7-ad4d-4a44-b764-437b7621052f, last_modified = 2021-09-16 |
Source: 4811.1.0000000000400000.0000000000488000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Gafgyt_d4227dbf reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 58c4b1d4d167876b64cfa10f609911a80284180e4db093917fea16fae8ccd4e3, id = d4227dbf-6ab4-4637-a6ba-0e604acaafb4, last_modified = 2021-09-16 |
Source: 4811.1.0000000000400000.0000000000488000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Gafgyt_d996d335 reference_sample = b511eacd4b44744c8cf82d1b4a9bc6f1022fe6be7c5d17356b171f727ddc6eda, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = e9ccb8412f32187c309b0e9afcc3a6da21ad2f1ffa251c27f9f720ccb284e3ac, id = d996d335-e049-4052-bf36-6cd07c911a8b, last_modified = 2021-09-16 |
Source: 4811.1.0000000000400000.0000000000488000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Gafgyt_620087b9 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 06cd7e6eb62352ec2ccb9ed48e58c0583c02fefd137cd048d053ab30b5330307, id = 620087b9-c87d-4752-89e8-ca1c16486b28, last_modified = 2021-09-16 |
Source: 4811.1.0000000000400000.0000000000488000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Gafgyt_33b4111a reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 9c3b63b9a0f54006bae12abcefdb518904a85f78be573f0780f0a265b12d2d6e, id = 33b4111a-e59e-48db-9d74-34ca44fcd9f5, last_modified = 2021-09-16 |
Source: 4811.1.0000000000400000.0000000000488000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Mirai_564b8eda reference_sample = ff04921d7bf9ca01ae33a9fc0743dce9ca250e42a33547c5665b1c9a0b5260ee, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 63a9e43902e7db0b7a20498b5a860e36201bacc407e9e336faca0b7cfbc37819, id = 564b8eda-6f0e-45b8-bef6-d61b0f090a36, last_modified = 2021-09-16 |
Source: 5104.1.0000000000400000.0000000000488000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Gafgyt_9e9530a7 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = d6ad6512051e87c8c35dc168d82edd071b122d026dce21d39b9782b3d6a01e50, id = 9e9530a7-ad4d-4a44-b764-437b7621052f, last_modified = 2021-09-16 |
Source: 5104.1.0000000000400000.0000000000488000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Gafgyt_d4227dbf reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 58c4b1d4d167876b64cfa10f609911a80284180e4db093917fea16fae8ccd4e3, id = d4227dbf-6ab4-4637-a6ba-0e604acaafb4, last_modified = 2021-09-16 |
Source: 5104.1.0000000000400000.0000000000488000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Gafgyt_d996d335 reference_sample = b511eacd4b44744c8cf82d1b4a9bc6f1022fe6be7c5d17356b171f727ddc6eda, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = e9ccb8412f32187c309b0e9afcc3a6da21ad2f1ffa251c27f9f720ccb284e3ac, id = d996d335-e049-4052-bf36-6cd07c911a8b, last_modified = 2021-09-16 |
Source: 5104.1.0000000000400000.0000000000488000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Gafgyt_620087b9 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 06cd7e6eb62352ec2ccb9ed48e58c0583c02fefd137cd048d053ab30b5330307, id = 620087b9-c87d-4752-89e8-ca1c16486b28, last_modified = 2021-09-16 |
Source: 5104.1.0000000000400000.0000000000488000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Gafgyt_33b4111a reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 9c3b63b9a0f54006bae12abcefdb518904a85f78be573f0780f0a265b12d2d6e, id = 33b4111a-e59e-48db-9d74-34ca44fcd9f5, last_modified = 2021-09-16 |
Source: 5104.1.0000000000400000.0000000000488000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Mirai_564b8eda reference_sample = ff04921d7bf9ca01ae33a9fc0743dce9ca250e42a33547c5665b1c9a0b5260ee, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 63a9e43902e7db0b7a20498b5a860e36201bacc407e9e336faca0b7cfbc37819, id = 564b8eda-6f0e-45b8-bef6-d61b0f090a36, last_modified = 2021-09-16 |
Source: 4734.1.0000000000400000.0000000000488000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Gafgyt_9e9530a7 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = d6ad6512051e87c8c35dc168d82edd071b122d026dce21d39b9782b3d6a01e50, id = 9e9530a7-ad4d-4a44-b764-437b7621052f, last_modified = 2021-09-16 |
Source: 4734.1.0000000000400000.0000000000488000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Gafgyt_d4227dbf reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 58c4b1d4d167876b64cfa10f609911a80284180e4db093917fea16fae8ccd4e3, id = d4227dbf-6ab4-4637-a6ba-0e604acaafb4, last_modified = 2021-09-16 |
Source: 4734.1.0000000000400000.0000000000488000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Gafgyt_d996d335 reference_sample = b511eacd4b44744c8cf82d1b4a9bc6f1022fe6be7c5d17356b171f727ddc6eda, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = e9ccb8412f32187c309b0e9afcc3a6da21ad2f1ffa251c27f9f720ccb284e3ac, id = d996d335-e049-4052-bf36-6cd07c911a8b, last_modified = 2021-09-16 |
Source: 4734.1.0000000000400000.0000000000488000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Gafgyt_620087b9 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 06cd7e6eb62352ec2ccb9ed48e58c0583c02fefd137cd048d053ab30b5330307, id = 620087b9-c87d-4752-89e8-ca1c16486b28, last_modified = 2021-09-16 |
Source: 4734.1.0000000000400000.0000000000488000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Gafgyt_33b4111a reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 9c3b63b9a0f54006bae12abcefdb518904a85f78be573f0780f0a265b12d2d6e, id = 33b4111a-e59e-48db-9d74-34ca44fcd9f5, last_modified = 2021-09-16 |
Source: 4734.1.0000000000400000.0000000000488000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Mirai_564b8eda reference_sample = ff04921d7bf9ca01ae33a9fc0743dce9ca250e42a33547c5665b1c9a0b5260ee, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 63a9e43902e7db0b7a20498b5a860e36201bacc407e9e336faca0b7cfbc37819, id = 564b8eda-6f0e-45b8-bef6-d61b0f090a36, last_modified = 2021-09-16 |
Source: 4700.1.0000000000400000.0000000000488000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Gafgyt_9e9530a7 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = d6ad6512051e87c8c35dc168d82edd071b122d026dce21d39b9782b3d6a01e50, id = 9e9530a7-ad4d-4a44-b764-437b7621052f, last_modified = 2021-09-16 |
Source: 4700.1.0000000000400000.0000000000488000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Gafgyt_d4227dbf reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 58c4b1d4d167876b64cfa10f609911a80284180e4db093917fea16fae8ccd4e3, id = d4227dbf-6ab4-4637-a6ba-0e604acaafb4, last_modified = 2021-09-16 |
Source: 4700.1.0000000000400000.0000000000488000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Gafgyt_d996d335 reference_sample = b511eacd4b44744c8cf82d1b4a9bc6f1022fe6be7c5d17356b171f727ddc6eda, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = e9ccb8412f32187c309b0e9afcc3a6da21ad2f1ffa251c27f9f720ccb284e3ac, id = d996d335-e049-4052-bf36-6cd07c911a8b, last_modified = 2021-09-16 |
Source: 4700.1.0000000000400000.0000000000488000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Gafgyt_620087b9 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 06cd7e6eb62352ec2ccb9ed48e58c0583c02fefd137cd048d053ab30b5330307, id = 620087b9-c87d-4752-89e8-ca1c16486b28, last_modified = 2021-09-16 |
Source: 4700.1.0000000000400000.0000000000488000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Gafgyt_33b4111a reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 9c3b63b9a0f54006bae12abcefdb518904a85f78be573f0780f0a265b12d2d6e, id = 33b4111a-e59e-48db-9d74-34ca44fcd9f5, last_modified = 2021-09-16 |
Source: 4700.1.0000000000400000.0000000000488000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Mirai_564b8eda reference_sample = ff04921d7bf9ca01ae33a9fc0743dce9ca250e42a33547c5665b1c9a0b5260ee, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 63a9e43902e7db0b7a20498b5a860e36201bacc407e9e336faca0b7cfbc37819, id = 564b8eda-6f0e-45b8-bef6-d61b0f090a36, last_modified = 2021-09-16 |
Source: 5060.1.0000000000400000.0000000000488000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Gafgyt_9e9530a7 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = d6ad6512051e87c8c35dc168d82edd071b122d026dce21d39b9782b3d6a01e50, id = 9e9530a7-ad4d-4a44-b764-437b7621052f, last_modified = 2021-09-16 |
Source: 5060.1.0000000000400000.0000000000488000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Gafgyt_d4227dbf reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 58c4b1d4d167876b64cfa10f609911a80284180e4db093917fea16fae8ccd4e3, id = d4227dbf-6ab4-4637-a6ba-0e604acaafb4, last_modified = 2021-09-16 |
Source: 5060.1.0000000000400000.0000000000488000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Gafgyt_d996d335 reference_sample = b511eacd4b44744c8cf82d1b4a9bc6f1022fe6be7c5d17356b171f727ddc6eda, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = e9ccb8412f32187c309b0e9afcc3a6da21ad2f1ffa251c27f9f720ccb284e3ac, id = d996d335-e049-4052-bf36-6cd07c911a8b, last_modified = 2021-09-16 |
Source: 5060.1.0000000000400000.0000000000488000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Gafgyt_620087b9 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 06cd7e6eb62352ec2ccb9ed48e58c0583c02fefd137cd048d053ab30b5330307, id = 620087b9-c87d-4752-89e8-ca1c16486b28, last_modified = 2021-09-16 |
Source: 5060.1.0000000000400000.0000000000488000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Gafgyt_33b4111a reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 9c3b63b9a0f54006bae12abcefdb518904a85f78be573f0780f0a265b12d2d6e, id = 33b4111a-e59e-48db-9d74-34ca44fcd9f5, last_modified = 2021-09-16 |
Source: 5060.1.0000000000400000.0000000000488000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Mirai_564b8eda reference_sample = ff04921d7bf9ca01ae33a9fc0743dce9ca250e42a33547c5665b1c9a0b5260ee, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 63a9e43902e7db0b7a20498b5a860e36201bacc407e9e336faca0b7cfbc37819, id = 564b8eda-6f0e-45b8-bef6-d61b0f090a36, last_modified = 2021-09-16 |
Source: 4737.1.0000000000400000.0000000000488000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Gafgyt_9e9530a7 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = d6ad6512051e87c8c35dc168d82edd071b122d026dce21d39b9782b3d6a01e50, id = 9e9530a7-ad4d-4a44-b764-437b7621052f, last_modified = 2021-09-16 |
Source: 4737.1.0000000000400000.0000000000488000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Gafgyt_d4227dbf reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 58c4b1d4d167876b64cfa10f609911a80284180e4db093917fea16fae8ccd4e3, id = d4227dbf-6ab4-4637-a6ba-0e604acaafb4, last_modified = 2021-09-16 |
Source: 4737.1.0000000000400000.0000000000488000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Gafgyt_d996d335 reference_sample = b511eacd4b44744c8cf82d1b4a9bc6f1022fe6be7c5d17356b171f727ddc6eda, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = e9ccb8412f32187c309b0e9afcc3a6da21ad2f1ffa251c27f9f720ccb284e3ac, id = d996d335-e049-4052-bf36-6cd07c911a8b, last_modified = 2021-09-16 |
Source: 4737.1.0000000000400000.0000000000488000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Gafgyt_620087b9 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 06cd7e6eb62352ec2ccb9ed48e58c0583c02fefd137cd048d053ab30b5330307, id = 620087b9-c87d-4752-89e8-ca1c16486b28, last_modified = 2021-09-16 |
Source: 4737.1.0000000000400000.0000000000488000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Gafgyt_33b4111a reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 9c3b63b9a0f54006bae12abcefdb518904a85f78be573f0780f0a265b12d2d6e, id = 33b4111a-e59e-48db-9d74-34ca44fcd9f5, last_modified = 2021-09-16 |
Source: 4737.1.0000000000400000.0000000000488000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Mirai_564b8eda reference_sample = ff04921d7bf9ca01ae33a9fc0743dce9ca250e42a33547c5665b1c9a0b5260ee, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 63a9e43902e7db0b7a20498b5a860e36201bacc407e9e336faca0b7cfbc37819, id = 564b8eda-6f0e-45b8-bef6-d61b0f090a36, last_modified = 2021-09-16 |
Source: 4733.1.0000000000400000.0000000000488000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Gafgyt_9e9530a7 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = d6ad6512051e87c8c35dc168d82edd071b122d026dce21d39b9782b3d6a01e50, id = 9e9530a7-ad4d-4a44-b764-437b7621052f, last_modified = 2021-09-16 |
Source: 4733.1.0000000000400000.0000000000488000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Gafgyt_d4227dbf reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 58c4b1d4d167876b64cfa10f609911a80284180e4db093917fea16fae8ccd4e3, id = d4227dbf-6ab4-4637-a6ba-0e604acaafb4, last_modified = 2021-09-16 |
Source: 4733.1.0000000000400000.0000000000488000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Gafgyt_d996d335 reference_sample = b511eacd4b44744c8cf82d1b4a9bc6f1022fe6be7c5d17356b171f727ddc6eda, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = e9ccb8412f32187c309b0e9afcc3a6da21ad2f1ffa251c27f9f720ccb284e3ac, id = d996d335-e049-4052-bf36-6cd07c911a8b, last_modified = 2021-09-16 |
Source: 4733.1.0000000000400000.0000000000488000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Gafgyt_620087b9 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 06cd7e6eb62352ec2ccb9ed48e58c0583c02fefd137cd048d053ab30b5330307, id = 620087b9-c87d-4752-89e8-ca1c16486b28, last_modified = 2021-09-16 |
Source: 4733.1.0000000000400000.0000000000488000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Gafgyt_33b4111a reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 9c3b63b9a0f54006bae12abcefdb518904a85f78be573f0780f0a265b12d2d6e, id = 33b4111a-e59e-48db-9d74-34ca44fcd9f5, last_modified = 2021-09-16 |
Source: 4733.1.0000000000400000.0000000000488000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Mirai_564b8eda reference_sample = ff04921d7bf9ca01ae33a9fc0743dce9ca250e42a33547c5665b1c9a0b5260ee, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 63a9e43902e7db0b7a20498b5a860e36201bacc407e9e336faca0b7cfbc37819, id = 564b8eda-6f0e-45b8-bef6-d61b0f090a36, last_modified = 2021-09-16 |
Source: /bin/ln (PID: 4754) | File: /etc/rcS.d/S99dnsconfig -> /etc/init.d/dnsconfig | Jump to behavior |
Source: /bin/ln (PID: 4782) | File: /etc/rc.d/S99dnsconfig -> /etc/init.d/dnsconfig | Jump to behavior |
Source: /bin/ln (PID: 4820) | File: /etc/rc0.d/S99dnsconfig -> /etc/init.d/dnsconfig | Jump to behavior |
Source: /bin/ln (PID: 4835) | File: /etc/rc1.d/S99dnsconfig -> /etc/init.d/dnsconfig | Jump to behavior |
Source: /bin/ln (PID: 4853) | File: /etc/rc2.d/S99dnsconfig -> /etc/init.d/dnsconfig | Jump to behavior |
Source: /bin/ln (PID: 4861) | File: /etc/rc3.d/S99dnsconfig -> /etc/init.d/dnsconfig | Jump to behavior |
Source: /bin/ln (PID: 4883) | File: /etc/rc4.d/S99dnsconfig -> /etc/init.d/dnsconfig | Jump to behavior |
Source: /bin/ln (PID: 4897) | File: /etc/rc5.d/S99dnsconfig -> /etc/init.d/dnsconfig | Jump to behavior |
Source: /bin/ln (PID: 4918) | File: /etc/rc6.d/S99dnsconfig -> /etc/init.d/dnsconfig | Jump to behavior |
Source: /bin/ln (PID: 4935) | File: /etc/rc.d/S99dnsconfigs -> /etc/rc.d/init.d/dnsconfigs | Jump to behavior |
Source: /bin/ln (PID: 4950) | File: /etc/rc0.d/S99dnsconfigs -> /etc/rc.d/init.d/dnsconfigs | Jump to behavior |
Source: /bin/ln (PID: 4965) | File: /etc/rc1.d/S99dnsconfigs -> /etc/rc.d/init.d/dnsconfigs | Jump to behavior |
Source: /bin/ln (PID: 4978) | File: /etc/rc2.d/S99dnsconfigs -> /etc/rc.d/init.d/dnsconfigs | Jump to behavior |
Source: /bin/ln (PID: 5000) | File: /etc/rc3.d/S99dnsconfigs -> /etc/rc.d/init.d/dnsconfigs | Jump to behavior |
Source: /bin/ln (PID: 5017) | File: /etc/rc4.d/S99dnsconfigs -> /etc/rc.d/init.d/dnsconfigs | Jump to behavior |
Source: /bin/ln (PID: 5084) | File: /etc/rc5.d/S99dnsconfigs -> /etc/rc.d/init.d/dnsconfigs | Jump to behavior |
Source: /bin/ln (PID: 5165) | File: /etc/rc6.d/S99dnsconfigs -> /etc/rc.d/init.d/dnsconfigs | Jump to behavior |
Source: /bin/ln (PID: 5065) | File: /etc/rcS.d/S99dnsconfig -> /etc/init.d/dnsconfig | Jump to behavior |
Source: /bin/ln (PID: 5065) | File: /etc/rcS.d/S99dnsconfig -> /etc/init.d/dnsconfig | Jump to behavior |
Source: /bin/ln (PID: 5103) | File: /etc/rc.d/S99dnsconfig -> /etc/init.d/dnsconfig | Jump to behavior |
Source: /bin/ln (PID: 5125) | File: /etc/rc0.d/S99dnsconfig -> /etc/init.d/dnsconfig | Jump to behavior |
Source: /bin/ln (PID: 5125) | File: /etc/rc0.d/S99dnsconfig -> /etc/init.d/dnsconfig | Jump to behavior |
Source: /bin/ln (PID: 5131) | File: /etc/rc1.d/S99dnsconfig -> /etc/init.d/dnsconfig | Jump to behavior |
Source: /bin/ln (PID: 5131) | File: /etc/rc1.d/S99dnsconfig -> /etc/init.d/dnsconfig | Jump to behavior |
Source: /bin/ln (PID: 5168) | File: /etc/rc2.d/S99dnsconfig -> /etc/init.d/dnsconfig | Jump to behavior |
Source: /bin/ln (PID: 5168) | File: /etc/rc2.d/S99dnsconfig -> /etc/init.d/dnsconfig | Jump to behavior |
Source: /bin/ln (PID: 5170) | File: /etc/rc3.d/S99dnsconfig -> /etc/init.d/dnsconfig | Jump to behavior |
Source: /bin/ln (PID: 5170) | File: /etc/rc3.d/S99dnsconfig -> /etc/init.d/dnsconfig | Jump to behavior |
Source: /bin/ln (PID: 5209) | File: /etc/rc4.d/S99dnsconfig -> /etc/init.d/dnsconfig | Jump to behavior |
Source: /bin/ln (PID: 5209) | File: /etc/rc4.d/S99dnsconfig -> /etc/init.d/dnsconfig | Jump to behavior |
Source: /bin/ln (PID: 5230) | File: /etc/rc5.d/S99dnsconfig -> /etc/init.d/dnsconfig | Jump to behavior |
Source: /bin/ln (PID: 5230) | File: /etc/rc5.d/S99dnsconfig -> /etc/init.d/dnsconfig | Jump to behavior |
Source: /bin/ln (PID: 5232) | File: /etc/rc6.d/S99dnsconfig -> /etc/init.d/dnsconfig | Jump to behavior |
Source: /bin/ln (PID: 5232) | File: /etc/rc6.d/S99dnsconfig -> /etc/init.d/dnsconfig | Jump to behavior |
Source: /bin/ln (PID: 5234) | File: /etc/rc.d/S99dnsconfigs -> /etc/rc.d/init.d/dnsconfigs | Jump to behavior |
Source: /bin/ln (PID: 5248) | File: /etc/rc0.d/S99dnsconfigs -> /etc/rc.d/init.d/dnsconfigs | Jump to behavior |
Source: /bin/ln (PID: 5248) | File: /etc/rc0.d/S99dnsconfigs -> /etc/rc.d/init.d/dnsconfigs | Jump to behavior |
Source: /bin/ln (PID: 5250) | File: /etc/rc1.d/S99dnsconfigs -> /etc/rc.d/init.d/dnsconfigs | Jump to behavior |
Source: /bin/ln (PID: 5250) | File: /etc/rc1.d/S99dnsconfigs -> /etc/rc.d/init.d/dnsconfigs | Jump to behavior |
Source: /bin/ln (PID: 5252) | File: /etc/rc2.d/S99dnsconfigs -> /etc/rc.d/init.d/dnsconfigs | Jump to behavior |
Source: /bin/ln (PID: 5252) | File: /etc/rc2.d/S99dnsconfigs -> /etc/rc.d/init.d/dnsconfigs | Jump to behavior |
Source: /bin/ln (PID: 5259) | File: /etc/rc3.d/S99dnsconfigs -> /etc/rc.d/init.d/dnsconfigs | Jump to behavior |
Source: /bin/ln (PID: 5259) | File: /etc/rc3.d/S99dnsconfigs -> /etc/rc.d/init.d/dnsconfigs | Jump to behavior |
Source: /bin/ln (PID: 5267) | File: /etc/rc4.d/S99dnsconfigs -> /etc/rc.d/init.d/dnsconfigs | Jump to behavior |
Source: /bin/ln (PID: 5267) | File: /etc/rc4.d/S99dnsconfigs -> /etc/rc.d/init.d/dnsconfigs | Jump to behavior |
Source: /bin/ln (PID: 5269) | File: /etc/rc5.d/S99dnsconfigs -> /etc/rc.d/init.d/dnsconfigs | Jump to behavior |
Source: /bin/ln (PID: 5269) | File: /etc/rc5.d/S99dnsconfigs -> /etc/rc.d/init.d/dnsconfigs | Jump to behavior |
Source: /bin/ln (PID: 5296) | File: /etc/rc6.d/S99dnsconfigs -> /etc/rc.d/init.d/dnsconfigs | Jump to behavior |
Source: /bin/ln (PID: 5296) | File: /etc/rc6.d/S99dnsconfigs -> /etc/rc.d/init.d/dnsconfigs | Jump to behavior |
Source: /tmp/mirai_nomi (PID: 4708) | Shell command executed: sh -c "mount -o bind /tmp/nginx_server /proc/4700/ > /dev/null 2>&1" | Jump to behavior |
Source: /tmp/mirai_nomi (PID: 4739) | Shell command executed: sh -c "ln -sf /etc/init.d/dnsconfig /etc/rcS.d/S99dnsconfig > /dev/null 2>&1" | Jump to behavior |
Source: /tmp/mirai_nomi (PID: 4768) | Shell command executed: sh -c "ln -sf /etc/init.d/dnsconfig /etc/rc.d/S99dnsconfig > /dev/null 2>&1" | Jump to behavior |
Source: /tmp/mirai_nomi (PID: 4812) | Shell command executed: sh -c "ln -sf /etc/init.d/dnsconfig /etc/rc0.d/S99dnsconfig > /dev/null 2>&1" | Jump to behavior |
Source: /tmp/mirai_nomi (PID: 4832) | Shell command executed: sh -c "ln -sf /etc/init.d/dnsconfig /etc/rc1.d/S99dnsconfig > /dev/null 2>&1" | Jump to behavior |
Source: /tmp/mirai_nomi (PID: 4844) | Shell command executed: sh -c "ln -sf /etc/init.d/dnsconfig /etc/rc2.d/S99dnsconfig > /dev/null 2>&1" | Jump to behavior |
Source: /tmp/mirai_nomi (PID: 4858) | Shell command executed: sh -c "ln -sf /etc/init.d/dnsconfig /etc/rc3.d/S99dnsconfig > /dev/null 2>&1" | Jump to behavior |
Source: /tmp/mirai_nomi (PID: 4876) | Shell command executed: sh -c "ln -sf /etc/init.d/dnsconfig /etc/rc4.d/S99dnsconfig > /dev/null 2>&1" | Jump to behavior |
Source: /tmp/mirai_nomi (PID: 4891) | Shell command executed: sh -c "ln -sf /etc/init.d/dnsconfig /etc/rc5.d/S99dnsconfig > /dev/null 2>&1" | Jump to behavior |
Source: /tmp/mirai_nomi (PID: 4914) | Shell command executed: sh -c "ln -sf /etc/init.d/dnsconfig /etc/rc6.d/S99dnsconfig > /dev/null 2>&1" | Jump to behavior |
Source: /tmp/mirai_nomi (PID: 4930) | Shell command executed: sh -c "ln -sf /etc/rc.d/init.d/dnsconfigs /etc/rc.d/S99dnsconfigs > /dev/null 2>&1" | Jump to behavior |
Source: /tmp/mirai_nomi (PID: 4948) | Shell command executed: sh -c "ln -sf /etc/rc.d/init.d/dnsconfigs /etc/rc0.d/S99dnsconfigs > /dev/null 2>&1" | Jump to behavior |
Source: /tmp/mirai_nomi (PID: 4960) | Shell command executed: sh -c "ln -sf /etc/rc.d/init.d/dnsconfigs /etc/rc1.d/S99dnsconfigs > /dev/null 2>&1" | Jump to behavior |
Source: /tmp/mirai_nomi (PID: 4972) | Shell command executed: sh -c "ln -sf /etc/rc.d/init.d/dnsconfigs /etc/rc2.d/S99dnsconfigs > /dev/null 2>&1" | Jump to behavior |
Source: /tmp/mirai_nomi (PID: 4996) | Shell command executed: sh -c "ln -sf /etc/rc.d/init.d/dnsconfigs /etc/rc3.d/S99dnsconfigs > /dev/null 2>&1" | Jump to behavior |
Source: /tmp/mirai_nomi (PID: 5012) | Shell command executed: sh -c "ln -sf /etc/rc.d/init.d/dnsconfigs /etc/rc4.d/S99dnsconfigs > /dev/null 2>&1" | Jump to behavior |
Source: /tmp/mirai_nomi (PID: 5056) | Shell command executed: sh -c "ln -sf /etc/rc.d/init.d/dnsconfigs /etc/rc5.d/S99dnsconfigs > /dev/null 2>&1" | Jump to behavior |
Source: /tmp/mirai_nomi (PID: 5159) | Shell command executed: sh -c "ln -sf /etc/rc.d/init.d/dnsconfigs /etc/rc6.d/S99dnsconfigs > /dev/null 2>&1" | Jump to behavior |
Source: /tmp/mirai_nomi (PID: 4738) | Shell command executed: sh -c "crontab /var/tmp/.recoverys" | Jump to behavior |
Source: /tmp/mirai_nomi (PID: 4805) | Shell command executed: sh -c "systemctl daemon-reload > /dev/null 2>&1" | Jump to behavior |
Source: /tmp/mirai_nomi (PID: 4890) | Shell command executed: sh -c "systemctl enable dnsconfigs.service > /dev/null 2>&1" | Jump to behavior |
Source: /tmp/mirai_nomi (PID: 4981) | Shell command executed: sh -c "systemctl start dnsconfigs.service > /dev/null 2>&1" | Jump to behavior |
Source: /tmp/mirai_nomi (PID: 4735) | Shell command executed: sh -c "mount -o bind /tmp/nginx_server /proc/4734/ > /dev/null 2>&1" | Jump to behavior |
Source: /var/tmp/nginx_kel (PID: 5032) | Shell command executed: sh -c "mount -o bind /tmp/nginx_server /proc/5020/ > /dev/null 2>&1" | Jump to behavior |
Source: /var/tmp/nginx_kel (PID: 5063) | Shell command executed: sh -c "ln -sf /etc/init.d/dnsconfig /etc/rcS.d/S99dnsconfig > /dev/null 2>&1" | Jump to behavior |
Source: /var/tmp/nginx_kel (PID: 5102) | Shell command executed: sh -c "ln -sf /etc/init.d/dnsconfig /etc/rc.d/S99dnsconfig > /dev/null 2>&1" | Jump to behavior |
Source: /var/tmp/nginx_kel (PID: 5124) | Shell command executed: sh -c "ln -sf /etc/init.d/dnsconfig /etc/rc0.d/S99dnsconfig > /dev/null 2>&1" | Jump to behavior |
Source: /var/tmp/nginx_kel (PID: 5130) | Shell command executed: sh -c "ln -sf /etc/init.d/dnsconfig /etc/rc1.d/S99dnsconfig > /dev/null 2>&1" | Jump to behavior |
Source: /var/tmp/nginx_kel (PID: 5167) | Shell command executed: sh -c "ln -sf /etc/init.d/dnsconfig /etc/rc2.d/S99dnsconfig > /dev/null 2>&1" | Jump to behavior |
Source: /var/tmp/nginx_kel (PID: 5169) | Shell command executed: sh -c "ln -sf /etc/init.d/dnsconfig /etc/rc3.d/S99dnsconfig > /dev/null 2>&1" | Jump to behavior |
Source: /var/tmp/nginx_kel (PID: 5208) | Shell command executed: sh -c "ln -sf /etc/init.d/dnsconfig /etc/rc4.d/S99dnsconfig > /dev/null 2>&1" | Jump to behavior |
Source: /var/tmp/nginx_kel (PID: 5229) | Shell command executed: sh -c "ln -sf /etc/init.d/dnsconfig /etc/rc5.d/S99dnsconfig > /dev/null 2>&1" | Jump to behavior |
Source: /var/tmp/nginx_kel (PID: 5231) | Shell command executed: sh -c "ln -sf /etc/init.d/dnsconfig /etc/rc6.d/S99dnsconfig > /dev/null 2>&1" | Jump to behavior |
Source: /var/tmp/nginx_kel (PID: 5233) | Shell command executed: sh -c "ln -sf /etc/rc.d/init.d/dnsconfigs /etc/rc.d/S99dnsconfigs > /dev/null 2>&1" | Jump to behavior |
Source: /var/tmp/nginx_kel (PID: 5247) | Shell command executed: sh -c "ln -sf /etc/rc.d/init.d/dnsconfigs /etc/rc0.d/S99dnsconfigs > /dev/null 2>&1" | Jump to behavior |
Source: /var/tmp/nginx_kel (PID: 5249) | Shell command executed: sh -c "ln -sf /etc/rc.d/init.d/dnsconfigs /etc/rc1.d/S99dnsconfigs > /dev/null 2>&1" | Jump to behavior |
Source: /var/tmp/nginx_kel (PID: 5251) | Shell command executed: sh -c "ln -sf /etc/rc.d/init.d/dnsconfigs /etc/rc2.d/S99dnsconfigs > /dev/null 2>&1" | Jump to behavior |
Source: /var/tmp/nginx_kel (PID: 5258) | Shell command executed: sh -c "ln -sf /etc/rc.d/init.d/dnsconfigs /etc/rc3.d/S99dnsconfigs > /dev/null 2>&1" | Jump to behavior |
Source: /var/tmp/nginx_kel (PID: 5266) | Shell command executed: sh -c "ln -sf /etc/rc.d/init.d/dnsconfigs /etc/rc4.d/S99dnsconfigs > /dev/null 2>&1" | Jump to behavior |
Source: /var/tmp/nginx_kel (PID: 5268) | Shell command executed: sh -c "ln -sf /etc/rc.d/init.d/dnsconfigs /etc/rc5.d/S99dnsconfigs > /dev/null 2>&1" | Jump to behavior |
Source: /var/tmp/nginx_kel (PID: 5295) | Shell command executed: sh -c "ln -sf /etc/rc.d/init.d/dnsconfigs /etc/rc6.d/S99dnsconfigs > /dev/null 2>&1" | Jump to behavior |
Source: /var/tmp/nginx_kel (PID: 5061) | Shell command executed: sh -c "crontab /var/tmp/.recoverys" | Jump to behavior |
Source: /var/tmp/nginx_kel (PID: 5154) | Shell command executed: sh -c "systemctl daemon-reload > /dev/null 2>&1" | Jump to behavior |
Source: /var/tmp/nginx_kel (PID: 5368) | Shell command executed: sh -c "systemctl enable dnsconfigs.service > /dev/null 2>&1" | Jump to behavior |
Source: /var/tmp/nginx_kel (PID: 5410) | Shell command executed: sh -c "systemctl start dnsconfigs.service > /dev/null 2>&1" | Jump to behavior |
Source: /var/tmp/nginx_kel (PID: 5059) | Shell command executed: sh -c "mount -o bind /tmp/nginx_server /proc/5020/ > /dev/null 2>&1" | Jump to behavior |