Linux Analysis Report
HTUyCRuDev.elf

Overview

General Information

Sample name:	HTUyCRuDev.elf renamed because original name is a hash value
Original sample name:	cdfd23d13080c787cf5784248d62133f.elf
Analysis ID:	1456793
MD5:	cdfd23d13080c787cf5784248d62133f
SHA1:	92244f7c8392ac821276be00de438806e9eba4c7
SHA256:	4dc3b6dc4cfda3cd8762083e96f394bae961573ffa269f961737a4ce6705c79f
Tags:	32elfmiraimotorola
Infos:

Detection

Score:	56
Range:	0 - 100
Whitelisted:	false

Signatures

Antivirus / Scanner detection for submitted sample

Multi AV Scanner detection for submitted file

Detected TCP or UDP traffic on non-standard ports

Sample has stripped symbol table

Sample listens on a socket

Tries to connect to HTTP servers, but all servers are down (expired dropper behavior)

Uses the "uname" system call to query kernel version information (possible evasion)

Classification

Signatures

AV Detection

Antivirus / Scanner detection for submitted sample

Source: HTUyCRuDev.elf

Avira: detected

Multi AV Scanner detection for submitted file

Source: HTUyCRuDev.elf

ReversingLabs: Detection: 55%

Detected TCP or UDP traffic on non-standard ports

Source: global traffic	TCP traffic: 192.168.2.23:36546 -> 147.78.103.47:9931
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 101.246.247.34:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 106.95.241.245:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 168.252.50.172:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 63.209.76.37:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 50.180.220.42:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 211.10.230.95:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 64.206.147.37:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 2.151.210.196:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 98.30.232.32:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 177.85.62.157:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 145.239.176.87:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 135.63.94.177:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 185.54.101.77:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 166.49.73.178:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 211.225.173.223:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 201.242.145.215:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 154.108.149.50:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 117.117.250.191:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 223.97.98.186:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 8.11.152.88:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 193.65.89.238:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 52.134.231.63:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 207.236.9.248:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 159.224.147.123:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 158.168.176.181:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 128.38.100.88:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 84.159.182.185:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 25.112.138.183:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 146.126.49.166:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 199.205.247.235:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 93.187.199.254:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 84.43.220.4:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 58.177.216.164:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 186.135.126.6:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 40.220.148.25:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 54.92.121.108:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 100.243.5.244:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 5.244.25.80:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 159.139.9.32:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 109.140.253.108:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 126.54.13.57:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 190.140.41.94:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 119.195.130.149:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 85.243.174.241:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 154.72.105.150:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 58.55.41.79:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 121.176.46.94:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 96.97.56.111:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 95.77.185.95:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 204.184.85.141:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 49.135.207.144:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 199.17.91.0:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 194.147.24.59:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 122.177.216.236:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 148.122.102.50:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 79.70.74.103:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 38.213.74.233:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 168.107.159.121:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 163.16.28.94:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 47.30.204.235:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 2.181.134.232:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 137.254.160.225:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 68.0.158.83:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 18.29.238.138:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 62.117.230.247:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 105.90.71.190:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 27.114.225.41:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 132.28.167.198:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 144.173.220.97:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 217.241.249.76:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 113.227.45.168:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 99.57.172.129:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 186.190.187.16:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 133.95.80.81:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 93.15.19.149:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 153.158.99.199:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 77.169.90.4:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 222.91.127.79:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 125.15.239.160:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 118.47.117.124:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 100.206.236.9:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 84.46.218.111:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 206.185.62.93:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 208.179.117.89:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 143.143.207.45:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 208.93.199.69:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 98.170.7.81:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 104.27.206.12:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 20.154.172.24:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 193.196.236.118:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 77.177.254.243:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 102.206.165.199:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 185.75.90.242:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 70.47.48.132:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 188.118.77.94:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 174.20.169.100:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 62.113.181.163:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 223.180.155.41:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 163.48.4.77:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 43.225.133.179:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 62.183.144.97:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 196.126.172.87:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 112.63.69.20:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 108.41.203.214:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 173.161.229.51:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 19.19.214.102:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 64.51.182.97:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 31.154.36.131:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 120.182.6.97:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 66.69.92.139:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 198.61.197.211:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 207.112.12.166:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 23.30.191.32:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 88.160.46.20:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 213.114.198.123:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 116.238.228.86:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 135.239.129.28:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 116.109.31.252:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 106.16.243.217:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 35.84.62.116:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 143.3.126.214:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 150.217.169.61:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 105.61.169.214:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 115.190.89.30:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 199.137.163.202:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 106.2.83.152:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 185.154.211.43:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 122.30.202.87:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 196.140.139.185:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 221.40.102.144:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 173.198.55.229:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 199.151.213.199:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 87.1.18.197:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 169.51.53.198:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 92.185.219.69:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 37.149.48.15:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 177.156.75.140:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 218.229.10.114:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 116.107.127.128:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 166.132.152.118:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 155.102.164.96:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 49.149.151.123:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 206.207.9.157:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 150.42.76.252:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 27.209.86.182:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 220.195.194.63:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 88.113.93.109:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 211.31.6.6:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 74.232.67.61:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 180.215.108.213:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 159.93.240.198:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 34.247.234.167:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 142.247.79.0:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 186.78.105.230:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 94.97.225.230:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 86.101.13.210:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 187.165.165.108:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 48.64.222.199:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 175.186.167.11:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 160.208.94.108:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 54.64.231.73:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 162.65.10.120:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 182.98.156.179:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 85.104.99.247:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 217.203.91.78:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 32.154.221.98:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 151.243.166.66:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 65.176.170.175:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 132.244.210.219:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 177.102.38.32:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 97.94.237.179:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 221.48.82.165:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 206.222.65.25:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 43.74.194.77:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 32.153.232.224:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 13.56.216.8:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 222.121.69.144:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 123.30.174.26:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 17.140.116.137:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 140.66.183.226:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 160.184.27.48:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 80.49.116.219:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 131.221.199.197:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 43.149.62.8:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 202.132.97.158:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 14.122.210.226:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 60.237.152.100:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 51.73.122.144:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 70.208.89.181:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 123.110.102.96:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 130.213.37.162:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 130.15.248.24:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 82.59.110.217:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 94.32.134.219:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 175.137.132.47:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 104.17.151.215:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 111.6.246.243:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 38.207.67.61:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 109.164.239.111:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 155.207.237.197:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 100.23.224.0:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 84.23.148.22:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 43.234.201.221:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 115.177.254.165:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 142.246.144.171:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 38.227.254.42:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 112.132.19.143:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 110.235.70.207:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 190.196.197.255:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 77.238.227.164:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 199.102.39.106:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 84.224.168.247:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 170.232.17.44:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 12.87.89.121:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 62.54.235.47:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 186.175.122.210:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 83.105.62.116:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 216.62.179.129:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 199.32.89.52:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 196.142.248.121:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 73.176.199.54:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 177.36.16.17:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 2.149.245.123:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 177.121.13.217:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 109.25.130.235:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 12.189.18.54:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 119.218.45.230:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 183.88.11.15:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 180.4.154.82:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 120.99.39.165:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 171.175.52.105:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 142.5.70.153:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 96.136.26.120:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 4.208.242.123:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 51.218.68.70:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 111.192.7.163:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 186.232.147.196:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 200.91.89.223:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 60.139.226.140:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 48.181.6.102:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 186.200.196.217:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 25.111.53.117:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 66.144.29.22:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 101.132.185.136:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 174.22.43.58:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 96.35.20.44:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 25.150.149.193:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 212.99.222.181:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 177.114.32.102:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 74.134.208.234:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 146.100.242.44:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 41.55.51.197:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 187.110.33.35:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 82.37.50.77:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 217.231.22.226:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 174.222.96.195:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 78.205.21.186:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 181.102.30.67:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 36.43.191.180:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 25.166.142.66:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 123.160.203.194:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 106.114.161.171:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 76.24.115.59:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 218.20.245.50:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 80.241.69.99:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 125.39.94.178:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 101.102.82.203:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 65.162.217.22:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 67.155.222.60:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 19.172.79.205:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 155.221.168.141:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 166.5.185.152:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 61.77.136.161:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 156.88.90.186:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 212.74.154.90:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 80.190.201.157:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 96.247.143.142:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 46.11.91.215:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 175.16.180.172:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 170.140.203.199:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 210.48.63.21:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 54.202.206.201:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 74.143.237.5:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 212.149.218.159:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 119.233.109.212:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 138.177.124.66:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 166.84.50.54:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 135.239.252.30:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 82.126.74.238:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 152.25.245.178:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 175.238.111.124:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 40.159.154.146:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 129.163.208.15:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 189.115.200.41:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 144.23.34.26:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 112.253.114.211:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 43.119.248.58:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 126.112.234.42:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 147.224.89.76:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 156.49.108.99:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 160.79.249.117:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 114.15.45.192:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 177.129.155.240:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 145.29.173.179:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 34.22.254.114:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 161.179.68.131:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 75.43.241.158:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 144.116.249.246:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 202.43.209.30:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 59.41.179.21:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 77.181.43.111:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 111.157.165.73:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 111.46.35.66:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 14.100.0.127:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 48.49.187.56:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 48.94.255.198:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 211.131.79.112:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 108.253.124.213:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 176.59.4.224:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 69.83.212.118:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 42.101.149.160:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 148.107.35.108:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 188.245.82.200:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 190.95.48.161:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 220.67.203.83:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 130.143.170.70:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 111.172.145.7:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 152.143.65.55:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 101.61.90.160:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 77.156.70.109:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 77.194.36.193:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 212.52.222.237:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 12.138.53.227:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 178.60.118.225:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 71.153.168.97:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 176.186.35.210:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 60.54.8.37:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 135.66.240.73:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 101.207.124.18:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 72.189.229.7:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 177.230.212.22:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 177.158.198.182:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 80.201.120.121:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 175.123.152.191:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 66.177.225.114:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 49.34.34.47:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 149.14.23.57:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 107.101.8.232:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 144.31.234.98:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 166.115.132.131:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 34.194.63.10:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 143.178.130.82:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 175.58.17.223:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 66.120.32.224:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 94.103.116.199:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 61.244.113.145:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 194.173.227.116:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 70.227.60.205:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 98.168.0.5:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 43.240.251.188:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 133.90.110.128:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 188.172.120.130:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 168.79.4.180:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 177.230.178.46:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 160.147.94.42:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 185.157.108.100:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 99.103.195.112:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 111.250.173.237:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 86.128.83.65:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 48.14.145.14:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 129.15.52.252:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 128.129.210.228:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 170.82.211.75:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 169.242.62.94:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 206.52.172.71:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 82.48.52.115:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 154.91.137.41:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 81.31.97.222:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 156.14.253.2:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 23.244.164.193:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 150.56.92.199:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 196.139.39.18:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 67.108.168.54:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 168.239.134.238:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 73.99.65.70:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 66.251.119.110:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 14.188.7.30:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 195.149.107.214:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 197.152.21.233:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 46.76.204.222:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 181.81.38.77:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 124.99.138.48:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 177.129.92.172:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 20.21.2.120:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 194.81.123.238:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 117.228.133.210:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 97.110.241.200:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 92.72.16.178:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 187.39.203.149:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 66.165.207.45:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 178.95.234.112:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 31.181.187.235:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 20.198.3.184:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 188.66.196.224:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 185.34.121.77:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 129.108.27.138:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 202.41.189.200:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 194.86.104.221:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 79.227.212.135:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 61.170.232.246:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 221.229.144.228:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 144.113.117.127:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 218.183.61.77:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 93.157.208.175:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 115.141.171.185:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 222.19.59.76:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 14.236.66.35:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 187.210.147.70:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 190.99.100.119:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 80.20.241.225:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 82.153.7.97:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 168.175.156.46:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 105.11.245.87:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 84.213.8.218:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 58.49.78.172:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 159.43.128.194:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 188.74.120.218:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 75.14.97.177:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 135.182.155.84:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 184.98.133.99:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 138.127.26.247:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 19.245.85.176:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 73.94.170.12:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 201.160.130.130:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 104.200.105.130:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 187.100.42.246:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 49.11.64.124:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 140.244.8.193:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 204.133.208.94:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 142.247.248.194:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 198.165.117.87:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 147.205.86.84:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 165.40.40.213:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 198.25.174.43:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 62.75.162.147:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 76.171.172.45:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 111.144.40.224:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 25.47.29.153:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 36.191.117.158:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 156.83.81.229:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 183.102.13.198:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 35.226.23.180:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 182.9.92.105:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 99.239.13.105:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 39.103.101.83:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 46.236.243.102:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 137.156.199.193:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 143.224.145.207:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 155.243.54.151:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 167.254.218.193:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 159.24.9.123:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 38.84.174.120:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 148.10.120.243:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 112.94.184.59:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 130.67.233.93:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 108.125.72.32:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 165.217.104.192:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 182.55.34.93:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 58.229.12.73:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 9.161.183.19:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 86.56.219.214:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 159.16.236.224:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 173.218.37.70:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 149.109.233.197:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 13.122.192.183:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 43.29.15.7:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 121.124.168.189:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 66.120.108.187:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 63.53.173.198:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 54.177.94.56:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 99.171.123.20:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 89.251.117.68:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 130.115.101.60:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 211.250.215.55:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 61.131.54.38:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 23.183.76.39:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 218.160.162.39:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 47.20.50.120:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 108.22.140.93:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 167.200.70.216:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 180.37.29.241:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 52.117.103.81:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 74.206.51.149:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 222.125.108.63:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 208.155.176.202:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 105.144.234.28:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 13.66.131.36:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 54.72.230.193:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 64.9.0.248:2323

Sample listens on a socket

Source: /tmp/HTUyCRuDev.elf (PID: 6210)

Socket: 127.0.0.1:1926

Jump to behavior

Tries to connect to HTTP servers, but all servers are down (expired dropper behavior)

Source: global traffic	TCP traffic: 192.168.2.23:43928 -> 91.189.91.42:443
Source: global traffic	TCP traffic: 192.168.2.23:42836 -> 91.189.91.43:443
Source: global traffic	TCP traffic: 192.168.2.23:42516 -> 109.202.202.202:80

Source: unknown	TCP traffic detected without corresponding DNS query: 91.189.91.42
Source: unknown	TCP traffic detected without corresponding DNS query: 147.78.103.47
Source: unknown	TCP traffic detected without corresponding DNS query: 147.78.103.47
Source: unknown	TCP traffic detected without corresponding DNS query: 101.246.247.34
Source: unknown	TCP traffic detected without corresponding DNS query: 123.237.200.34
Source: unknown	TCP traffic detected without corresponding DNS query: 156.199.253.162
Source: unknown	TCP traffic detected without corresponding DNS query: 75.177.211.33
Source: unknown	TCP traffic detected without corresponding DNS query: 204.228.177.112
Source: unknown	TCP traffic detected without corresponding DNS query: 78.55.208.33
Source: unknown	TCP traffic detected without corresponding DNS query: 42.250.209.51
Source: unknown	TCP traffic detected without corresponding DNS query: 150.89.44.147
Source: unknown	TCP traffic detected without corresponding DNS query: 128.222.86.92
Source: unknown	TCP traffic detected without corresponding DNS query: 106.95.241.245
Source: unknown	TCP traffic detected without corresponding DNS query: 73.168.241.230
Source: unknown	TCP traffic detected without corresponding DNS query: 111.16.142.215
Source: unknown	TCP traffic detected without corresponding DNS query: 98.163.160.169
Source: unknown	TCP traffic detected without corresponding DNS query: 91.169.89.0
Source: unknown	TCP traffic detected without corresponding DNS query: 205.125.0.234
Source: unknown	TCP traffic detected without corresponding DNS query: 201.155.129.126
Source: unknown	TCP traffic detected without corresponding DNS query: 183.191.203.221
Source: unknown	TCP traffic detected without corresponding DNS query: 196.122.33.244
Source: unknown	TCP traffic detected without corresponding DNS query: 191.243.20.122
Source: unknown	TCP traffic detected without corresponding DNS query: 168.252.50.172
Source: unknown	TCP traffic detected without corresponding DNS query: 144.139.1.102
Source: unknown	TCP traffic detected without corresponding DNS query: 85.49.141.210
Source: unknown	TCP traffic detected without corresponding DNS query: 97.91.11.243
Source: unknown	TCP traffic detected without corresponding DNS query: 152.172.14.171
Source: unknown	TCP traffic detected without corresponding DNS query: 183.182.153.35
Source: unknown	TCP traffic detected without corresponding DNS query: 54.16.196.2
Source: unknown	TCP traffic detected without corresponding DNS query: 124.54.183.186
Source: unknown	TCP traffic detected without corresponding DNS query: 167.241.117.66
Source: unknown	TCP traffic detected without corresponding DNS query: 131.230.161.24
Source: unknown	TCP traffic detected without corresponding DNS query: 81.231.16.241
Source: unknown	TCP traffic detected without corresponding DNS query: 63.209.76.37
Source: unknown	TCP traffic detected without corresponding DNS query: 71.145.108.147
Source: unknown	TCP traffic detected without corresponding DNS query: 200.36.140.53
Source: unknown	TCP traffic detected without corresponding DNS query: 157.180.219.161
Source: unknown	TCP traffic detected without corresponding DNS query: 57.107.162.192
Source: unknown	TCP traffic detected without corresponding DNS query: 50.30.164.239
Source: unknown	TCP traffic detected without corresponding DNS query: 169.87.5.77
Source: unknown	TCP traffic detected without corresponding DNS query: 50.180.220.42
Source: unknown	TCP traffic detected without corresponding DNS query: 82.90.211.127
Source: unknown	TCP traffic detected without corresponding DNS query: 44.116.253.51
Source: unknown	TCP traffic detected without corresponding DNS query: 24.233.116.49
Source: unknown	TCP traffic detected without corresponding DNS query: 182.244.43.78
Source: unknown	TCP traffic detected without corresponding DNS query: 202.150.199.206
Source: unknown	TCP traffic detected without corresponding DNS query: 8.189.254.195
Source: unknown	TCP traffic detected without corresponding DNS query: 43.163.80.240
Source: unknown	TCP traffic detected without corresponding DNS query: 94.4.27.44
Source: unknown	TCP traffic detected without corresponding DNS query: 222.144.106.110

Source: unknown	Network traffic detected: HTTP traffic on port 43928 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 42836 -> 443

Sample has stripped symbol table

Source: ELF static info symbol of initial sample

.symtab present: no

Source: classification engine

Classification label: mal56.linELF@0/0@0/0

Uses the "uname" system call to query kernel version information (possible evasion)

Source: /tmp/HTUyCRuDev.elf (PID: 6210)

Queries kernel information via 'uname':

Jump to behavior

Source: HTUyCRuDev.elf, 6210.1.00005595e97f2000.00005595e9877000.rw-.sdmp, HTUyCRuDev.elf, 6212.1.00005595e97f2000.00005595e9877000.rw-.sdmp, HTUyCRuDev.elf, 6216.1.00005595e97f2000.00005595e9877000.rw-.sdmp	Binary or memory string: U!/etc/qemu-binfmt/m68k
Source: HTUyCRuDev.elf, 6210.1.00007ffdcb1a2000.00007ffdcb1c3000.rw-.sdmp, HTUyCRuDev.elf, 6212.1.00007ffdcb1a2000.00007ffdcb1c3000.rw-.sdmp, HTUyCRuDev.elf, 6216.1.00007ffdcb1a2000.00007ffdcb1c3000.rw-.sdmp	Binary or memory string: /usr/bin/qemu-m68k
Source: HTUyCRuDev.elf, 6210.1.00005595e97f2000.00005595e9877000.rw-.sdmp, HTUyCRuDev.elf, 6212.1.00005595e97f2000.00005595e9877000.rw-.sdmp, HTUyCRuDev.elf, 6216.1.00005595e97f2000.00005595e9877000.rw-.sdmp	Binary or memory string: /etc/qemu-binfmt/m68k
Source: HTUyCRuDev.elf, 6210.1.00007ffdcb1a2000.00007ffdcb1c3000.rw-.sdmp, HTUyCRuDev.elf, 6212.1.00007ffdcb1a2000.00007ffdcb1c3000.rw-.sdmp, HTUyCRuDev.elf, 6216.1.00007ffdcb1a2000.00007ffdcb1c3000.rw-.sdmp	Binary or memory string: x86_64/usr/bin/qemu-m68k/tmp/HTUyCRuDev.elfSUDO_USER=saturninoPATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/binDISPLAY=:1.0XAUTHORITY=/run/user/1000/gdm/XauthoritySUDO_UID=1000TERM=xterm-256colorCOLORTERM=truecolorLOGNAME=rootUSER=rootLANG=en_US.UTF-8SUDO_COMMAND=/bin/bashHOME=/rootMAIL=/var/mail/rootSUDO_GID=1000SHELL=/bin/bash/tmp/HTUyCRuDev.elf

Screenshots

No Screenshots

Network Map

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Contacted Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
98.139.142.32	unknown	United States	26101	YAHOO-3US	false
116.175.62.41	unknown	China	4837	CHINA169-BACKBONECHINAUNICOMChina169BackboneCN	false
211.214.93.246	unknown	Korea Republic of	9318	SKB-ASSKBroadbandCoLtdKR	false
58.40.193.242	unknown	China	4812	CHINANET-SH-APChinaTelecomGroupCN	false
111.80.81.134	unknown	Taiwan; Republic of China (ROC)	2510	INFOWEBFUJITSULIMITEDJP	false
65.66.253.140	unknown	United States	7018	ATT-INTERNET4US	false
139.191.120.134	unknown	European Union	2611	BELNETBE	false
155.229.97.21	unknown	United States	18566	MEGAPATH5-US	false
115.188.31.87	unknown	New Zealand	4771	SPARKNZSparkNewZealandTradingLtdNZ	false
63.75.247.60	unknown	United States	701	UUNETUS	false
114.73.115.157	unknown	Australia	4804	MPX-ASMicroplexPTYLTDAU	false
184.216.100.5	unknown	United States	10507	SPCSUS	false
176.243.1.41	unknown	Italy	30722	VODAFONE-IT-ASNIT	false
77.91.171.207	unknown	Palestinian Territory Occupied	12975	PALTEL-ASPALTELAutonomousSystemPS	false
97.118.60.43	unknown	United States	209	CENTURYLINK-US-LEGACY-QWESTUS	false
173.229.136.204	unknown	United States	10405	UPRR-ASN-01US	false
117.114.195.159	unknown	China	4847	CNIX-APChinaNetworksInter-ExchangeCN	false
155.90.12.142	unknown	United States	4010	DNIC-AS-04010US	false
93.231.244.24	unknown	Germany	3320	DTAGInternetserviceprovideroperationsDE	false
121.44.191.221	unknown	Australia	4739	INTERNODE-ASInternodePtyLtdAU	false
47.111.235.129	unknown	China	37963	CNNIC-ALIBABA-CN-NET-APHangzhouAlibabaAdvertisingCoLtd	false
53.25.129.93	unknown	Germany	31399	DAIMLER-ASITIGNGlobalNetworkDE	false
186.164.26.182	unknown	Venezuela	21575	ENTELPERUSAPE	false
174.50.238.101	unknown	United States	7922	COMCAST-7922US	false
109.183.73.38	unknown	Czech Republic	12767	PRAGONET-ASCZ	false
12.174.10.254	unknown	United States	7018	ATT-INTERNET4US	false
175.131.187.169	unknown	Japan	2516	KDDIKDDICORPORATIONJP	false
112.220.121.6	unknown	Korea Republic of	3786	LGDACOMLGDACOMCorporationKR	false
182.23.97.162	unknown	Indonesia	4800	LINTASARTA-AS-APNetworkAccessProviderandInternetServic	false
4.31.146.161	unknown	United States	3356	LEVEL3US	false
114.52.161.116	unknown	Korea Republic of	18302	SKG_NW-AS-KRSKTelecomKR	false
109.32.62.199	unknown	Netherlands	15480	VFNL-ASVodafoneNLAutonomousSystemNL	false
49.57.109.29	unknown	Korea Republic of	4766	KIXS-AS-KRKoreaTelecomKR	false
12.77.153.113	unknown	United States	7018	ATT-INTERNET4US	false
138.203.175.153	unknown	Belgium	5488	BELGACOMBE	false
27.191.234.159	unknown	China	4134	CHINANET-BACKBONENo31Jin-rongStreetCN	false
132.145.12.79	unknown	United States	31898	ORACLE-BMC-31898US	false
221.215.46.75	unknown	China	4837	CHINA169-BACKBONECHINAUNICOMChina169BackboneCN	false
164.219.30.78	unknown	United States	5180	DNIC-ASBLK-05120-05376US	false
182.116.76.173	unknown	China	4837	CHINA169-BACKBONECHINAUNICOMChina169BackboneCN	false
92.161.37.70	unknown	France	3215	FranceTelecom-OrangeFR	false
198.216.73.110	unknown	United States	3354	THENET-AS-3354US	false
184.145.64.108	unknown	Canada	577	BACOMCA	false
200.133.116.170	unknown	Brazil	1916	AssociacaoRedeNacionaldeEnsinoePesquisaBR	false
160.194.248.96	unknown	Japan	2907	SINET-ASResearchOrganizationofInformationandSystemsN	false
183.153.123.185	unknown	China	4134	CHINANET-BACKBONENo31Jin-rongStreetCN	false
61.58.219.52	unknown	Taiwan; Republic of China (ROC)	9676	SAVECOM-TWSaveComInternationIncTW	false
93.7.2.230	unknown	France	15557	LDCOMNETFR	false
35.184.32.6	unknown	United States	15169	GOOGLEUS	false
113.171.247.190	unknown	Viet Nam	45899	VNPT-AS-VNVNPTCorpVN	false
170.11.192.63	unknown	United States	1621	ASN-SECURIANUS	false
190.205.79.171	unknown	Venezuela	8048	CANTVServiciosVenezuelaVE	false
104.169.169.5	unknown	United States	5650	FRONTIER-FRTRUS	false
206.155.113.41	unknown	United States	23280	OS33US	false
8.222.72.242	unknown	Singapore	45102	CNNIC-ALIBABA-US-NET-APAlibabaUSTechnologyCoLtdC	false
52.168.74.222	unknown	United States	8075	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
23.154.57.240	unknown	Reserved	26445	BNCUS	false
39.180.65.78	unknown	China	56041	CMNET-ZHEJIANG-APChinaMobilecommunicationscorporationC	false
47.42.232.95	unknown	United States	20115	CHARTER-20115US	false
121.180.167.109	unknown	Korea Republic of	4766	KIXS-AS-KRKoreaTelecomKR	false
220.70.36.136	unknown	Korea Republic of	4766	KIXS-AS-KRKoreaTelecomKR	false
147.118.233.65	unknown	United States	10370	NORTHWEST-AIRLINESUS	false
36.37.168.145	unknown	Cambodia	38623	VIETTELCAMBODIA-AS-APISPIXPINCAMBODIAWITHTHEBESTVERV	false
98.10.209.90	unknown	United States	11351	TWC-11351-NORTHEASTUS	false
126.68.137.13	unknown	Japan	17676	GIGAINFRASoftbankBBCorpJP	false
76.207.131.216	unknown	United States	7018	ATT-INTERNET4US	false
12.88.113.233	unknown	United States	7018	ATT-INTERNET4US	false
161.252.64.155	unknown	Kuwait	42781	ZNETAS-KW	false
64.151.37.208	unknown	United States	18712	SUREWEST-KANSASUS	false
113.148.217.183	unknown	Japan	2516	KDDIKDDICORPORATIONJP	false
110.129.234.181	unknown	Japan	9824	JTCL-JP-ASJupiterTelecommunicationCoLtdJP	false
210.239.174.147	unknown	Japan	2516	KDDIKDDICORPORATIONJP	false
107.170.128.159	unknown	United States	14061	DIGITALOCEAN-ASNUS	false
134.198.98.189	unknown	United States	36269	UOFSCRANTONUS	false
53.152.119.186	unknown	Germany	31399	DAIMLER-ASITIGNGlobalNetworkDE	false
143.250.200.104	unknown	United States	27064	DNIC-ASBLK-27032-27159US	false
178.73.57.176	unknown	Poland	6830	LIBERTYGLOBALLibertyGlobalformerlyUPCBroadbandHolding	false
93.43.182.90	unknown	Italy	12874	FASTWEBIT	false
126.83.62.95	unknown	Japan	17676	GIGAINFRASoftbankBBCorpJP	false
58.49.78.172	unknown	China	4134	CHINANET-BACKBONENo31Jin-rongStreetCN	false
71.207.148.163	unknown	United States	7922	COMCAST-7922US	false
114.69.243.149	unknown	India	18002	WORLDPHONE-INASNumberforInterdomainRoutingIN	false
113.105.112.161	unknown	China	58466	CT-GUANGZHOU-IDCCHINANETGuangdongprovincenetworkCN	false
196.147.109.227	unknown	Egypt	36935	Vodafone-EG	false
189.227.237.82	unknown	Mexico	8151	UninetSAdeCVMX	false
100.158.41.172	unknown	United States	21928	T-MOBILE-AS21928US	false
169.151.182.215	unknown	United States	2386	INS-ASUS	false
134.31.121.145	unknown	Canada	680	DFNVereinzurFoerderungeinesDeutschenForschungsnetzese	false
92.255.42.53	unknown	Russian Federation	205282	RUSENRESRU	false
179.120.163.203	unknown	Brazil	26615	TIMSABR	false
137.175.34.2	unknown	United States	54600	PEGTECHINCUS	false
112.44.125.146	unknown	China	9808	CMNET-GDGuangdongMobileCommunicationCoLtdCN	false
50.206.19.177	unknown	United States	7922	COMCAST-7922US	false
92.96.166.207	unknown	United Arab Emirates	5384	EMIRATES-INTERNETEmiratesInternetAE	false
74.112.91.89	unknown	Canada	63350	FONCLOUDCA	false
37.251.157.124	unknown	Romania	34358	WEBCLASSITRO	false
39.29.180.17	unknown	Korea Republic of	4766	KIXS-AS-KRKoreaTelecomKR	false
19.57.4.154	unknown	United States	3	MIT-GATEWAYSUS	false
162.199.226.9	unknown	United States	7018	ATT-INTERNET4US	false
135.198.43.75	unknown	United States	8190	MDNXGB	false

AV Detection

Antivirus / Scanner detection for submitted sample

Source: HTUyCRuDev.elf

Avira: detected

Multi AV Scanner detection for submitted file

Source: HTUyCRuDev.elf

ReversingLabs: Detection: 55%

Detected TCP or UDP traffic on non-standard ports

Source: global traffic	TCP traffic: 192.168.2.23:36546 -> 147.78.103.47:9931
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 101.246.247.34:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 106.95.241.245:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 168.252.50.172:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 63.209.76.37:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 50.180.220.42:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 211.10.230.95:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 64.206.147.37:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 2.151.210.196:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 98.30.232.32:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 177.85.62.157:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 145.239.176.87:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 135.63.94.177:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 185.54.101.77:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 166.49.73.178:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 211.225.173.223:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 201.242.145.215:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 154.108.149.50:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 117.117.250.191:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 223.97.98.186:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 8.11.152.88:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 193.65.89.238:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 52.134.231.63:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 207.236.9.248:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 159.224.147.123:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 158.168.176.181:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 128.38.100.88:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 84.159.182.185:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 25.112.138.183:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 146.126.49.166:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 199.205.247.235:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 93.187.199.254:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 84.43.220.4:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 58.177.216.164:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 186.135.126.6:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 40.220.148.25:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 54.92.121.108:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 100.243.5.244:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 5.244.25.80:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 159.139.9.32:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 109.140.253.108:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 126.54.13.57:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 190.140.41.94:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 119.195.130.149:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 85.243.174.241:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 154.72.105.150:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 58.55.41.79:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 121.176.46.94:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 96.97.56.111:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 95.77.185.95:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 204.184.85.141:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 49.135.207.144:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 199.17.91.0:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 194.147.24.59:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 122.177.216.236:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 148.122.102.50:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 79.70.74.103:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 38.213.74.233:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 168.107.159.121:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 163.16.28.94:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 47.30.204.235:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 2.181.134.232:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 137.254.160.225:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 68.0.158.83:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 18.29.238.138:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 62.117.230.247:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 105.90.71.190:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 27.114.225.41:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 132.28.167.198:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 144.173.220.97:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 217.241.249.76:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 113.227.45.168:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 99.57.172.129:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 186.190.187.16:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 133.95.80.81:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 93.15.19.149:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 153.158.99.199:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 77.169.90.4:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 222.91.127.79:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 125.15.239.160:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 118.47.117.124:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 100.206.236.9:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 84.46.218.111:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 206.185.62.93:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 208.179.117.89:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 143.143.207.45:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 208.93.199.69:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 98.170.7.81:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 104.27.206.12:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 20.154.172.24:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 193.196.236.118:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 77.177.254.243:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 102.206.165.199:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 185.75.90.242:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 70.47.48.132:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 188.118.77.94:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 174.20.169.100:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 62.113.181.163:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 223.180.155.41:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 163.48.4.77:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 43.225.133.179:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 62.183.144.97:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 196.126.172.87:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 112.63.69.20:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 108.41.203.214:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 173.161.229.51:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 19.19.214.102:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 64.51.182.97:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 31.154.36.131:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 120.182.6.97:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 66.69.92.139:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 198.61.197.211:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 207.112.12.166:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 23.30.191.32:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 88.160.46.20:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 213.114.198.123:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 116.238.228.86:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 135.239.129.28:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 116.109.31.252:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 106.16.243.217:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 35.84.62.116:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 143.3.126.214:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 150.217.169.61:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 105.61.169.214:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 115.190.89.30:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 199.137.163.202:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 106.2.83.152:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 185.154.211.43:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 122.30.202.87:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 196.140.139.185:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 221.40.102.144:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 173.198.55.229:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 199.151.213.199:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 87.1.18.197:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 169.51.53.198:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 92.185.219.69:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 37.149.48.15:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 177.156.75.140:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 218.229.10.114:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 116.107.127.128:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 166.132.152.118:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 155.102.164.96:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 49.149.151.123:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 206.207.9.157:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 150.42.76.252:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 27.209.86.182:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 220.195.194.63:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 88.113.93.109:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 211.31.6.6:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 74.232.67.61:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 180.215.108.213:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 159.93.240.198:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 34.247.234.167:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 142.247.79.0:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 186.78.105.230:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 94.97.225.230:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 86.101.13.210:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 187.165.165.108:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 48.64.222.199:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 175.186.167.11:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 160.208.94.108:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 54.64.231.73:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 162.65.10.120:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 182.98.156.179:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 85.104.99.247:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 217.203.91.78:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 32.154.221.98:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 151.243.166.66:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 65.176.170.175:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 132.244.210.219:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 177.102.38.32:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 97.94.237.179:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 221.48.82.165:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 206.222.65.25:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 43.74.194.77:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 32.153.232.224:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 13.56.216.8:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 222.121.69.144:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 123.30.174.26:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 17.140.116.137:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 140.66.183.226:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 160.184.27.48:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 80.49.116.219:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 131.221.199.197:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 43.149.62.8:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 202.132.97.158:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 14.122.210.226:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 60.237.152.100:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 51.73.122.144:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 70.208.89.181:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 123.110.102.96:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 130.213.37.162:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 130.15.248.24:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 82.59.110.217:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 94.32.134.219:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 175.137.132.47:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 104.17.151.215:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 111.6.246.243:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 38.207.67.61:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 109.164.239.111:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 155.207.237.197:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 100.23.224.0:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 84.23.148.22:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 43.234.201.221:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 115.177.254.165:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 142.246.144.171:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 38.227.254.42:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 112.132.19.143:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 110.235.70.207:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 190.196.197.255:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 77.238.227.164:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 199.102.39.106:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 84.224.168.247:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 170.232.17.44:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 12.87.89.121:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 62.54.235.47:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 186.175.122.210:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 83.105.62.116:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 216.62.179.129:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 199.32.89.52:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 196.142.248.121:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 73.176.199.54:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 177.36.16.17:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 2.149.245.123:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 177.121.13.217:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 109.25.130.235:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 12.189.18.54:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 119.218.45.230:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 183.88.11.15:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 180.4.154.82:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 120.99.39.165:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 171.175.52.105:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 142.5.70.153:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 96.136.26.120:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 4.208.242.123:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 51.218.68.70:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 111.192.7.163:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 186.232.147.196:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 200.91.89.223:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 60.139.226.140:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 48.181.6.102:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 186.200.196.217:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 25.111.53.117:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 66.144.29.22:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 101.132.185.136:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 174.22.43.58:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 96.35.20.44:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 25.150.149.193:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 212.99.222.181:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 177.114.32.102:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 74.134.208.234:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 146.100.242.44:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 41.55.51.197:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 187.110.33.35:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 82.37.50.77:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 217.231.22.226:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 174.222.96.195:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 78.205.21.186:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 181.102.30.67:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 36.43.191.180:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 25.166.142.66:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 123.160.203.194:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 106.114.161.171:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 76.24.115.59:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 218.20.245.50:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 80.241.69.99:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 125.39.94.178:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 101.102.82.203:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 65.162.217.22:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 67.155.222.60:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 19.172.79.205:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 155.221.168.141:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 166.5.185.152:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 61.77.136.161:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 156.88.90.186:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 212.74.154.90:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 80.190.201.157:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 96.247.143.142:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 46.11.91.215:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 175.16.180.172:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 170.140.203.199:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 210.48.63.21:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 54.202.206.201:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 74.143.237.5:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 212.149.218.159:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 119.233.109.212:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 138.177.124.66:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 166.84.50.54:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 135.239.252.30:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 82.126.74.238:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 152.25.245.178:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 175.238.111.124:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 40.159.154.146:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 129.163.208.15:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 189.115.200.41:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 144.23.34.26:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 112.253.114.211:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 43.119.248.58:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 126.112.234.42:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 147.224.89.76:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 156.49.108.99:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 160.79.249.117:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 114.15.45.192:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 177.129.155.240:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 145.29.173.179:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 34.22.254.114:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 161.179.68.131:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 75.43.241.158:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 144.116.249.246:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 202.43.209.30:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 59.41.179.21:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 77.181.43.111:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 111.157.165.73:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 111.46.35.66:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 14.100.0.127:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 48.49.187.56:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 48.94.255.198:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 211.131.79.112:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 108.253.124.213:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 176.59.4.224:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 69.83.212.118:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 42.101.149.160:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 148.107.35.108:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 188.245.82.200:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 190.95.48.161:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 220.67.203.83:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 130.143.170.70:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 111.172.145.7:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 152.143.65.55:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 101.61.90.160:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 77.156.70.109:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 77.194.36.193:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 212.52.222.237:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 12.138.53.227:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 178.60.118.225:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 71.153.168.97:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 176.186.35.210:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 60.54.8.37:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 135.66.240.73:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 101.207.124.18:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 72.189.229.7:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 177.230.212.22:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 177.158.198.182:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 80.201.120.121:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 175.123.152.191:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 66.177.225.114:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 49.34.34.47:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 149.14.23.57:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 107.101.8.232:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 144.31.234.98:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 166.115.132.131:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 34.194.63.10:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 143.178.130.82:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 175.58.17.223:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 66.120.32.224:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 94.103.116.199:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 61.244.113.145:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 194.173.227.116:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 70.227.60.205:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 98.168.0.5:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 43.240.251.188:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 133.90.110.128:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 188.172.120.130:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 168.79.4.180:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 177.230.178.46:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 160.147.94.42:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 185.157.108.100:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 99.103.195.112:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 111.250.173.237:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 86.128.83.65:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 48.14.145.14:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 129.15.52.252:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 128.129.210.228:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 170.82.211.75:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 169.242.62.94:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 206.52.172.71:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 82.48.52.115:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 154.91.137.41:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 81.31.97.222:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 156.14.253.2:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 23.244.164.193:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 150.56.92.199:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 196.139.39.18:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 67.108.168.54:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 168.239.134.238:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 73.99.65.70:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 66.251.119.110:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 14.188.7.30:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 195.149.107.214:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 197.152.21.233:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 46.76.204.222:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 181.81.38.77:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 124.99.138.48:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 177.129.92.172:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 20.21.2.120:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 194.81.123.238:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 117.228.133.210:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 97.110.241.200:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 92.72.16.178:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 187.39.203.149:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 66.165.207.45:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 178.95.234.112:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 31.181.187.235:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 20.198.3.184:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 188.66.196.224:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 185.34.121.77:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 129.108.27.138:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 202.41.189.200:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 194.86.104.221:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 79.227.212.135:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 61.170.232.246:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 221.229.144.228:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 144.113.117.127:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 218.183.61.77:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 93.157.208.175:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 115.141.171.185:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 222.19.59.76:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 14.236.66.35:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 187.210.147.70:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 190.99.100.119:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 80.20.241.225:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 82.153.7.97:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 168.175.156.46:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 105.11.245.87:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 84.213.8.218:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 58.49.78.172:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 159.43.128.194:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 188.74.120.218:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 75.14.97.177:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 135.182.155.84:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 184.98.133.99:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 138.127.26.247:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 19.245.85.176:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 73.94.170.12:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 201.160.130.130:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 104.200.105.130:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 187.100.42.246:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 49.11.64.124:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 140.244.8.193:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 204.133.208.94:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 142.247.248.194:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 198.165.117.87:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 147.205.86.84:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 165.40.40.213:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 198.25.174.43:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 62.75.162.147:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 76.171.172.45:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 111.144.40.224:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 25.47.29.153:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 36.191.117.158:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 156.83.81.229:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 183.102.13.198:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 35.226.23.180:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 182.9.92.105:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 99.239.13.105:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 39.103.101.83:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 46.236.243.102:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 137.156.199.193:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 143.224.145.207:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 155.243.54.151:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 167.254.218.193:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 159.24.9.123:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 38.84.174.120:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 148.10.120.243:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 112.94.184.59:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 130.67.233.93:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 108.125.72.32:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 165.217.104.192:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 182.55.34.93:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 58.229.12.73:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 9.161.183.19:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 86.56.219.214:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 159.16.236.224:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 173.218.37.70:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 149.109.233.197:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 13.122.192.183:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 43.29.15.7:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 121.124.168.189:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 66.120.108.187:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 63.53.173.198:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 54.177.94.56:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 99.171.123.20:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 89.251.117.68:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 130.115.101.60:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 211.250.215.55:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 61.131.54.38:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 23.183.76.39:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 218.160.162.39:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 47.20.50.120:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 108.22.140.93:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 167.200.70.216:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 180.37.29.241:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 52.117.103.81:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 74.206.51.149:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 222.125.108.63:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 208.155.176.202:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 105.144.234.28:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 13.66.131.36:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 54.72.230.193:2323
Source: global traffic	TCP traffic: 192.168.2.23:23879 -> 64.9.0.248:2323

Sample listens on a socket

Source: /tmp/HTUyCRuDev.elf (PID: 6210)

Socket: 127.0.0.1:1926

Jump to behavior

Tries to connect to HTTP servers, but all servers are down (expired dropper behavior)

Source: global traffic	TCP traffic: 192.168.2.23:43928 -> 91.189.91.42:443
Source: global traffic	TCP traffic: 192.168.2.23:42836 -> 91.189.91.43:443
Source: global traffic	TCP traffic: 192.168.2.23:42516 -> 109.202.202.202:80

Source: unknown	TCP traffic detected without corresponding DNS query: 91.189.91.42
Source: unknown	TCP traffic detected without corresponding DNS query: 147.78.103.47
Source: unknown	TCP traffic detected without corresponding DNS query: 147.78.103.47
Source: unknown	TCP traffic detected without corresponding DNS query: 101.246.247.34
Source: unknown	TCP traffic detected without corresponding DNS query: 123.237.200.34
Source: unknown	TCP traffic detected without corresponding DNS query: 156.199.253.162
Source: unknown	TCP traffic detected without corresponding DNS query: 75.177.211.33
Source: unknown	TCP traffic detected without corresponding DNS query: 204.228.177.112
Source: unknown	TCP traffic detected without corresponding DNS query: 78.55.208.33
Source: unknown	TCP traffic detected without corresponding DNS query: 42.250.209.51
Source: unknown	TCP traffic detected without corresponding DNS query: 150.89.44.147
Source: unknown	TCP traffic detected without corresponding DNS query: 128.222.86.92
Source: unknown	TCP traffic detected without corresponding DNS query: 106.95.241.245
Source: unknown	TCP traffic detected without corresponding DNS query: 73.168.241.230
Source: unknown	TCP traffic detected without corresponding DNS query: 111.16.142.215
Source: unknown	TCP traffic detected without corresponding DNS query: 98.163.160.169
Source: unknown	TCP traffic detected without corresponding DNS query: 91.169.89.0
Source: unknown	TCP traffic detected without corresponding DNS query: 205.125.0.234
Source: unknown	TCP traffic detected without corresponding DNS query: 201.155.129.126
Source: unknown	TCP traffic detected without corresponding DNS query: 183.191.203.221
Source: unknown	TCP traffic detected without corresponding DNS query: 196.122.33.244
Source: unknown	TCP traffic detected without corresponding DNS query: 191.243.20.122
Source: unknown	TCP traffic detected without corresponding DNS query: 168.252.50.172
Source: unknown	TCP traffic detected without corresponding DNS query: 144.139.1.102
Source: unknown	TCP traffic detected without corresponding DNS query: 85.49.141.210
Source: unknown	TCP traffic detected without corresponding DNS query: 97.91.11.243
Source: unknown	TCP traffic detected without corresponding DNS query: 152.172.14.171
Source: unknown	TCP traffic detected without corresponding DNS query: 183.182.153.35
Source: unknown	TCP traffic detected without corresponding DNS query: 54.16.196.2
Source: unknown	TCP traffic detected without corresponding DNS query: 124.54.183.186
Source: unknown	TCP traffic detected without corresponding DNS query: 167.241.117.66
Source: unknown	TCP traffic detected without corresponding DNS query: 131.230.161.24
Source: unknown	TCP traffic detected without corresponding DNS query: 81.231.16.241
Source: unknown	TCP traffic detected without corresponding DNS query: 63.209.76.37
Source: unknown	TCP traffic detected without corresponding DNS query: 71.145.108.147
Source: unknown	TCP traffic detected without corresponding DNS query: 200.36.140.53
Source: unknown	TCP traffic detected without corresponding DNS query: 157.180.219.161
Source: unknown	TCP traffic detected without corresponding DNS query: 57.107.162.192
Source: unknown	TCP traffic detected without corresponding DNS query: 50.30.164.239
Source: unknown	TCP traffic detected without corresponding DNS query: 169.87.5.77
Source: unknown	TCP traffic detected without corresponding DNS query: 50.180.220.42
Source: unknown	TCP traffic detected without corresponding DNS query: 82.90.211.127
Source: unknown	TCP traffic detected without corresponding DNS query: 44.116.253.51
Source: unknown	TCP traffic detected without corresponding DNS query: 24.233.116.49
Source: unknown	TCP traffic detected without corresponding DNS query: 182.244.43.78
Source: unknown	TCP traffic detected without corresponding DNS query: 202.150.199.206
Source: unknown	TCP traffic detected without corresponding DNS query: 8.189.254.195
Source: unknown	TCP traffic detected without corresponding DNS query: 43.163.80.240
Source: unknown	TCP traffic detected without corresponding DNS query: 94.4.27.44
Source: unknown	TCP traffic detected without corresponding DNS query: 222.144.106.110

Source: unknown	Network traffic detected: HTTP traffic on port 43928 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 42836 -> 443

Sample has stripped symbol table

Source: ELF static info symbol of initial sample

.symtab present: no

Source: classification engine

Classification label: mal56.linELF@0/0@0/0

Uses the "uname" system call to query kernel version information (possible evasion)

Source: /tmp/HTUyCRuDev.elf (PID: 6210)

Queries kernel information via 'uname':

Jump to behavior

Source: HTUyCRuDev.elf, 6210.1.00005595e97f2000.00005595e9877000.rw-.sdmp, HTUyCRuDev.elf, 6212.1.00005595e97f2000.00005595e9877000.rw-.sdmp, HTUyCRuDev.elf, 6216.1.00005595e97f2000.00005595e9877000.rw-.sdmp	Binary or memory string: U!/etc/qemu-binfmt/m68k
Source: HTUyCRuDev.elf, 6210.1.00007ffdcb1a2000.00007ffdcb1c3000.rw-.sdmp, HTUyCRuDev.elf, 6212.1.00007ffdcb1a2000.00007ffdcb1c3000.rw-.sdmp, HTUyCRuDev.elf, 6216.1.00007ffdcb1a2000.00007ffdcb1c3000.rw-.sdmp	Binary or memory string: /usr/bin/qemu-m68k
Source: HTUyCRuDev.elf, 6210.1.00005595e97f2000.00005595e9877000.rw-.sdmp, HTUyCRuDev.elf, 6212.1.00005595e97f2000.00005595e9877000.rw-.sdmp, HTUyCRuDev.elf, 6216.1.00005595e97f2000.00005595e9877000.rw-.sdmp	Binary or memory string: /etc/qemu-binfmt/m68k
Source: HTUyCRuDev.elf, 6210.1.00007ffdcb1a2000.00007ffdcb1c3000.rw-.sdmp, HTUyCRuDev.elf, 6212.1.00007ffdcb1a2000.00007ffdcb1c3000.rw-.sdmp, HTUyCRuDev.elf, 6216.1.00007ffdcb1a2000.00007ffdcb1c3000.rw-.sdmp	Binary or memory string: x86_64/usr/bin/qemu-m68k/tmp/HTUyCRuDev.elfSUDO_USER=saturninoPATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/binDISPLAY=:1.0XAUTHORITY=/run/user/1000/gdm/XauthoritySUDO_UID=1000TERM=xterm-256colorCOLORTERM=truecolorLOGNAME=rootUSER=rootLANG=en_US.UTF-8SUDO_COMMAND=/bin/bashHOME=/rootMAIL=/var/mail/rootSUDO_GID=1000SHELL=/bin/bash/tmp/HTUyCRuDev.elf

ID:	1456793
Product:	CloudBasic
Start time:	19:35:35
Start date:	13.06.2024
Sample:	HTUyCRuDev.elf
Cookbook:	defaultlinuxfilecookbook.jbs
System description:	Ubuntu Linux 20.04 x64 (Kernel 5.4.0-72, Firefox 91.0, Evince Document Viewer 3.36.10, LibreOffice 6.4.7.2, OpenJDK 11.0.11)
Architecture:	LINUX
MD5:	cdfd23d13080c787cf5784248d62133f
SHA1:	92244f7c8392ac821276be00de438806e9eba4c7
SHA256:	4dc3b6dc4cfda3cd8762083e96f394bae961573ffa269f961737a4ce6705c79f
Filetype:	ELF Executable and Linkable format (generic) (4004/1) 100.00%

Linux Analysis Report
HTUyCRuDev.elf

Overview

General Information

Detection

Signatures

Classification

Signatures

AV Detection

Networking

System Summary

Malware Analysis System Evasion

Screenshots

Network Map

Contacted Public IPs

Linux Analysis Report HTUyCRuDev.elf

Overview

General Information

Detection

Signatures

Classification

Signatures

AV Detection

Networking

System Summary

Malware Analysis System Evasion

Screenshots

Network Map

Contacted Public IPs

Linux Analysis Report
HTUyCRuDev.elf