Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
/tmp/yakuza.ppc.elf
|
/tmp/yakuza.ppc.elf
|
||
|
/tmp/yakuza.ppc.elf
|
-
|
||
|
/tmp/yakuza.ppc.elf
|
-
|
||
|
/tmp/yakuza.ppc.elf
|
-
|
||
|
/tmp/yakuza.ppc.elf
|
-
|
||
|
/bin/sh
|
sh -c "pkill -9 902i13 || busybox pkill -9 902i13"
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/pkill
|
pkill -9 902i13
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/busybox
|
busybox pkill -9 902i13
|
||
|
/tmp/yakuza.ppc.elf
|
-
|
||
|
/bin/sh
|
sh -c "pkill -9 BzSxLxBxeY || busybox pkill -9 BzSxLxBxeY"
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/pkill
|
pkill -9 BzSxLxBxeY
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/busybox
|
busybox pkill -9 BzSxLxBxeY
|
||
|
/tmp/yakuza.ppc.elf
|
-
|
||
|
/bin/sh
|
sh -c "pkill -9 HOHO-LUGO7 || busybox pkill -9 HOHO-LUGO7"
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/pkill
|
pkill -9 HOHO-LUGO7
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/busybox
|
busybox pkill -9 HOHO-LUGO7
|
||
|
/tmp/yakuza.ppc.elf
|
-
|
||
|
/bin/sh
|
sh -c "pkill -9 HOHO-U79OL || busybox pkill -9 HOHO-U79OL"
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/pkill
|
pkill -9 HOHO-U79OL
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/busybox
|
busybox pkill -9 HOHO-U79OL
|
||
|
/tmp/yakuza.ppc.elf
|
-
|
||
|
/bin/sh
|
sh -c "pkill -9 JuYfouyf87 || busybox pkill -9 JuYfouyf87"
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/pkill
|
pkill -9 JuYfouyf87
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/busybox
|
busybox pkill -9 JuYfouyf87
|
||
|
/tmp/yakuza.ppc.elf
|
-
|
||
|
/bin/sh
|
sh -c "pkill -9 NiGGeR69xd || busybox pkill -9 NiGGeR69xd"
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/pkill
|
pkill -9 NiGGeR69xd
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/busybox
|
busybox pkill -9 NiGGeR69xd
|
||
|
/tmp/yakuza.ppc.elf
|
-
|
||
|
/bin/sh
|
sh -c "pkill -9 SO190Ij1X || busybox pkill -9 SO190Ij1X"
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/pkill
|
pkill -9 SO190Ij1X
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/busybox
|
busybox pkill -9 SO190Ij1X
|
||
|
/tmp/yakuza.ppc.elf
|
-
|
||
|
/bin/sh
|
sh -c "pkill -9 LOLKIKEEEDDE || busybox pkill -9 LOLKIKEEEDDE"
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/pkill
|
pkill -9 LOLKIKEEEDDE
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/busybox
|
busybox pkill -9 LOLKIKEEEDDE
|
||
|
/tmp/yakuza.ppc.elf
|
-
|
||
|
/bin/sh
|
sh -c "pkill -9 ekjheory98e || busybox pkill -9 ekjheory98e"
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/pkill
|
pkill -9 ekjheory98e
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/busybox
|
busybox pkill -9 ekjheory98e
|
||
|
/tmp/yakuza.ppc.elf
|
-
|
||
|
/bin/sh
|
sh -c "pkill -9 scansh4 || busybox pkill -9 scansh4"
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/pkill
|
pkill -9 scansh4
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/busybox
|
busybox pkill -9 scansh4
|
||
|
/tmp/yakuza.ppc.elf
|
-
|
||
|
/bin/sh
|
sh -c "pkill -9 MDMA || busybox pkill -9 MDMA"
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/pkill
|
pkill -9 MDMA
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/busybox
|
busybox pkill -9 MDMA
|
||
|
/tmp/yakuza.ppc.elf
|
-
|
||
|
/bin/sh
|
sh -c "pkill -9 fdevalvex || busybox pkill -9 fdevalvex"
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/pkill
|
pkill -9 fdevalvex
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/busybox
|
busybox pkill -9 fdevalvex
|
||
|
/tmp/yakuza.ppc.elf
|
-
|
||
|
/bin/sh
|
sh -c "pkill -9 scanspc || busybox pkill -9 scanspc"
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/pkill
|
pkill -9 scanspc
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/busybox
|
busybox pkill -9 scanspc
|
||
|
/tmp/yakuza.ppc.elf
|
-
|
||
|
/bin/sh
|
sh -c "pkill -9 MELTEDNINJAREALZ || busybox pkill -9 MELTEDNINJAREALZ"
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/pkill
|
pkill -9 MELTEDNINJAREALZ
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/busybox
|
busybox pkill -9 MELTEDNINJAREALZ
|
||
|
/tmp/yakuza.ppc.elf
|
-
|
||
|
/bin/sh
|
sh -c "pkill -9 flexsonskids || busybox pkill -9 flexsonskids"
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/pkill
|
pkill -9 flexsonskids
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/busybox
|
busybox pkill -9 flexsonskids
|
||
|
/tmp/yakuza.ppc.elf
|
-
|
||
|
/bin/sh
|
sh -c "pkill -9 scanx86 || busybox pkill -9 scanx86"
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/pkill
|
pkill -9 scanx86
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/busybox
|
busybox pkill -9 scanx86
|
||
|
/tmp/yakuza.ppc.elf
|
-
|
||
|
/bin/sh
|
sh -c "pkill -9 MISAKI-U79OL || busybox pkill -9 MISAKI-U79OL"
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/pkill
|
pkill -9 MISAKI-U79OL
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/busybox
|
busybox pkill -9 MISAKI-U79OL
|
||
|
/tmp/yakuza.ppc.elf
|
-
|
||
|
/bin/sh
|
sh -c "pkill -9 foAxi102kxe || busybox pkill -9 foAxi102kxe"
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/pkill
|
pkill -9 foAxi102kxe
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/busybox
|
busybox pkill -9 foAxi102kxe
|
||
|
/tmp/yakuza.ppc.elf
|
-
|
||
|
/bin/sh
|
sh -c "pkill -9 swodjwodjwoj || busybox pkill -9 swodjwodjwoj"
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/pkill
|
pkill -9 swodjwodjwoj
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/busybox
|
busybox pkill -9 swodjwodjwoj
|
||
|
/tmp/yakuza.ppc.elf
|
-
|
||
|
/bin/sh
|
sh -c "pkill -9 MmKiy7f87l || busybox pkill -9 MmKiy7f87l"
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/pkill
|
pkill -9 MmKiy7f87l
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/busybox
|
busybox pkill -9 MmKiy7f87l
|
||
|
/tmp/yakuza.ppc.elf
|
-
|
||
|
/bin/sh
|
sh -c "pkill -9 freecookiex86 || busybox pkill -9 freecookiex86"
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/pkill
|
pkill -9 freecookiex86
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/busybox
|
busybox pkill -9 freecookiex86
|
||
|
/tmp/yakuza.ppc.elf
|
-
|
||
|
/bin/sh
|
sh -c "pkill -9 sysgpu || busybox pkill -9 sysgpu"
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/pkill
|
pkill -9 sysgpu
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/busybox
|
busybox pkill -9 sysgpu
|
||
|
/tmp/yakuza.ppc.elf
|
-
|
||
|
/bin/sh
|
sh -c "pkill -9 NiGGeR69xd || busybox pkill -9 NiGGeR69xd"
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/pkill
|
pkill -9 NiGGeR69xd
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/busybox
|
busybox pkill -9 NiGGeR69xd
|
||
|
/tmp/yakuza.ppc.elf
|
-
|
||
|
/bin/sh
|
sh -c "pkill -9 frgege || busybox pkill -9 frgege"
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/pkill
|
pkill -9 frgege
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/busybox
|
busybox pkill -9 frgege
|
||
|
/tmp/yakuza.ppc.elf
|
-
|
||
|
/bin/sh
|
sh -c "pkill -9 sysupdater || busybox pkill -9 sysupdater"
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/pkill
|
pkill -9 sysupdater
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/busybox
|
busybox pkill -9 sysupdater
|
||
|
/tmp/yakuza.ppc.elf
|
-
|
||
|
/bin/sh
|
sh -c "pkill -9 0DnAzepd || busybox pkill -9 0DnAzepd"
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/pkill
|
pkill -9 0DnAzepd
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/busybox
|
busybox pkill -9 0DnAzepd
|
||
|
/tmp/yakuza.ppc.elf
|
-
|
||
|
/bin/sh
|
sh -c "pkill -9 NiGGeRD0nks69 || busybox pkill -9 NiGGeRD0nks69"
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/pkill
|
pkill -9 NiGGeRD0nks69
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/busybox
|
busybox pkill -9 NiGGeRD0nks69
|
||
|
/tmp/yakuza.ppc.elf
|
-
|
||
|
/bin/sh
|
sh -c "pkill -9 frgreu || busybox pkill -9 frgreu"
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/pkill
|
pkill -9 frgreu
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/busybox
|
busybox pkill -9 frgreu
|
||
|
/tmp/yakuza.ppc.elf
|
-
|
||
|
/bin/sh
|
sh -c "pkill -9 telnetd || busybox pkill -9 telnetd"
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/pkill
|
pkill -9 telnetd
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/busybox
|
busybox pkill -9 telnetd
|
||
|
/tmp/yakuza.ppc.elf
|
-
|
||
|
/bin/sh
|
sh -c "pkill -9 0x766f6964 || busybox pkill -9 0x766f6964"
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/pkill
|
pkill -9 0x766f6964
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/busybox
|
busybox pkill -9 0x766f6964
|
||
|
/tmp/yakuza.ppc.elf
|
-
|
||
|
/bin/sh
|
sh -c "pkill -9 NiGGeRd0nks1337 || busybox pkill -9 NiGGeRd0nks1337"
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/pkill
|
pkill -9 NiGGeRd0nks1337
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/busybox
|
busybox pkill -9 NiGGeRd0nks1337
|
||
|
/tmp/yakuza.ppc.elf
|
-
|
||
|
/bin/sh
|
sh -c "pkill -9 gaft || busybox pkill -9 gaft"
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/pkill
|
pkill -9 gaft
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/busybox
|
busybox pkill -9 gaft
|
||
|
/tmp/yakuza.ppc.elf
|
-
|
||
|
/bin/sh
|
sh -c "pkill -9 urasgbsigboa || busybox pkill -9 urasgbsigboa"
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/pkill
|
pkill -9 urasgbsigboa
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/busybox
|
busybox pkill -9 urasgbsigboa
|
||
|
/tmp/yakuza.ppc.elf
|
-
|
||
|
/bin/sh
|
sh -c "pkill -9 120i3UI49 || busybox pkill -9 120i3UI49"
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/pkill
|
pkill -9 120i3UI49
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/busybox
|
busybox pkill -9 120i3UI49
|
||
|
/tmp/yakuza.ppc.elf
|
-
|
||
|
/bin/sh
|
sh -c "pkill -9 OaF3 || busybox pkill -9 OaF3"
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/pkill
|
pkill -9 OaF3
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/busybox
|
busybox pkill -9 OaF3
|
||
|
/tmp/yakuza.ppc.elf
|
-
|
||
|
/bin/sh
|
sh -c "pkill -9 geae || busybox pkill -9 geae"
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/pkill
|
pkill -9 geae
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/busybox
|
busybox pkill -9 geae
|
||
|
/tmp/yakuza.ppc.elf
|
-
|
||
|
/bin/sh
|
sh -c "pkill -9 vaiolmao || busybox pkill -9 vaiolmao"
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/pkill
|
pkill -9 vaiolmao
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/busybox
|
busybox pkill -9 vaiolmao
|
||
|
/tmp/yakuza.ppc.elf
|
-
|
||
|
/bin/sh
|
sh -c "pkill -9 123123a || busybox pkill -9 123123a"
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/pkill
|
pkill -9 123123a
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/busybox
|
busybox pkill -9 123123a
|
||
|
/tmp/yakuza.ppc.elf
|
-
|
||
|
/bin/sh
|
sh -c "pkill -9 Ofurain0n4H34D || busybox pkill -9 Ofurain0n4H34D"
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/pkill
|
pkill -9 Ofurain0n4H34D
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/busybox
|
busybox pkill -9 Ofurain0n4H34D
|
||
|
/tmp/yakuza.ppc.elf
|
-
|
||
|
/bin/sh
|
sh -c "pkill -9 ggTrex || busybox pkill -9 ggTrex"
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/pkill
|
pkill -9 ggTrex
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/busybox
|
busybox pkill -9 ggTrex
|
||
|
/tmp/yakuza.ppc.elf
|
-
|
||
|
/bin/sh
|
sh -c "pkill -9 wasads || busybox pkill -9 wasads"
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/pkill
|
pkill -9 wasads
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/busybox
|
busybox pkill -9 wasads
|
||
|
/tmp/yakuza.ppc.elf
|
-
|
||
|
/bin/sh
|
sh -c "pkill -9 1293194hjXD || busybox pkill -9 1293194hjXD"
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/pkill
|
pkill -9 1293194hjXD
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/busybox
|
busybox pkill -9 1293194hjXD
|
||
|
/tmp/yakuza.ppc.elf
|
-
|
||
|
/bin/sh
|
sh -c "pkill -9 OthLaLosn || busybox pkill -9 OthLaLosn"
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/pkill
|
pkill -9 OthLaLosn
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/busybox
|
busybox pkill -9 OthLaLosn
|
||
|
/tmp/yakuza.ppc.elf
|
-
|
||
|
/bin/sh
|
sh -c "pkill -9 ggt || busybox pkill -9 ggt"
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/pkill
|
pkill -9 ggt
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/busybox
|
busybox pkill -9 ggt
|
||
|
/tmp/yakuza.ppc.elf
|
-
|
||
|
/bin/sh
|
sh -c "pkill -9 wget-log || busybox pkill -9 wget-log"
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/pkill
|
pkill -9 wget-log
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/busybox
|
busybox pkill -9 wget-log
|
||
|
/tmp/yakuza.ppc.elf
|
-
|
||
|
/bin/sh
|
sh -c "pkill -9 1337SoraLOADER || busybox pkill -9 1337SoraLOADER"
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/pkill
|
pkill -9 1337SoraLOADER
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/busybox
|
busybox pkill -9 1337SoraLOADER
|
||
|
/tmp/yakuza.ppc.elf
|
-
|
||
|
/bin/sh
|
sh -c "pkill -9 SAIAKINA || busybox pkill -9 SAIAKINA"
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/pkill
|
pkill -9 SAIAKINA
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/busybox
|
busybox pkill -9 SAIAKINA
|
||
|
/tmp/yakuza.ppc.elf
|
-
|
||
|
/bin/sh
|
sh -c "pkill -9 ggtq || busybox pkill -9 ggtq"
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/pkill
|
pkill -9 ggtq
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/busybox
|
busybox pkill -9 ggtq
|
||
|
/tmp/yakuza.ppc.elf
|
-
|
||
|
/bin/sh
|
sh -c "pkill -9 1378bfp919GRB1Q2 || busybox pkill -9 1378bfp919GRB1Q2"
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/pkill
|
pkill -9 1378bfp919GRB1Q2
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/busybox
|
busybox pkill -9 1378bfp919GRB1Q2
|
||
|
/tmp/yakuza.ppc.elf
|
-
|
||
|
/bin/sh
|
sh -c "pkill -9 SAIAKUSO || busybox pkill -9 SAIAKUSO"
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/pkill
|
pkill -9 SAIAKUSO
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/busybox
|
busybox pkill -9 SAIAKUSO
|
||
|
/tmp/yakuza.ppc.elf
|
-
|
||
|
/bin/sh
|
sh -c "pkill -9 ggtr || busybox pkill -9 ggtr"
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/pkill
|
pkill -9 ggtr
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/busybox
|
busybox pkill -9 ggtr
|
There are 300 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://youtu.be/dQw4w9WgXcQ
|
unknown
|
||
|
http://linux-it.abuser.eu/yak.sh;
|
unknown
|
||
|
https://youtu.be/dQw4w9WgXcQNever
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
95.234.158.87
|
unknown
|
Italy
|
 |
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
7f4f4c01c000
|
page execute read
|
|
||
|
7f503c021000
|
page read and write
|
|||
|
7f504443c000
|
page read and write
|
|||
|
5627610e4000
|
page read and write
|
|||
|
7f5044ac0000
|
page read and write
|
|||
|
7f504444a000
|
page read and write
|
|||
|
7f5044f34000
|
page read and write
|
|||
|
5627610ec000
|
page read and write
|
|||
|
7f4f4c035000
|
page read and write
|
|||
|
7f50446d9000
|
page read and write
|
|||
|
7ffd370b5000
|
page read and write
|
|||
|
7f5044e0b000
|
page read and write
|
|||
|
7f4f4c02d000
|
page read and write
|
|||
|
7f5044f3c000
|
page read and write
|
|||
|
7f503c000000
|
page read and write
|
|||
|
562760e61000
|
page execute read
|
|||
|
7ffd371d2000
|
page execute read
|
|||
|
562763100000
|
page read and write
|
|||
|
7f5044f81000
|
page read and write
|
|||
|
7f5043c39000
|
page read and write
|
|||
|
5627630ea000
|
page execute and read and write
|
|||
|
56276493d000
|
page read and write
|
|||
|
7f5044a9b000
|
page read and write
|
There are 13 hidden memdumps, click here to show them.