Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Linux Analysis Report
yakuza.arm4.elf

Overview

General Information

Sample name:yakuza.arm4.elf
Analysis ID:1561403
MD5:40eaafab329b57c06e41187911820918
SHA1:dc275d568e2439205e848c555f55d49241b8a7cc
SHA256:a7fa91f5eafa3d3da75a5468c2a8dec879db0a4adf6360b55d430c4d33f10985
Tags:elfuser-abuse_ch
Infos:

Detection

Mirai
Score:72
Range:0 - 100
Whitelisted:false

Signatures

Malicious sample detected (through community Yara rule)
Multi AV Scanner detection for submitted file
Yara detected Mirai
Uses IRC for communication with a C&C
Uses known network protocols on non-standard ports
Detected TCP or UDP traffic on non-standard ports
Enumerates processes within the "proc" file system
Executes commands using a shell command-line interpreter
Executes the "kill" or "pkill" command typically used to terminate processes
Reads CPU information from /sys indicative of miner or evasive malware
Sample contains strings indicative of BusyBox which embeds multiple Unix commands in a single executable
Sample contains strings indicative of password brute-forcing capabilities
Sample contains strings that are user agent strings indicative of HTTP manipulation
Uses the "uname" system call to query kernel version information (possible evasion)
Yara signature match

Classification

General Information

Joe Sandbox version:41.0.0 Charoite
Analysis ID:1561403
Start date and time:2024-11-23 11:06:05 +01:00
Joe Sandbox product:CloudBasic
Overall analysis duration:0h 5m 5s
Hypervisor based Inspection enabled:false
Report type:full
Cookbook file name:defaultlinuxfilecookbook.jbs
Analysis system description:Ubuntu Linux 20.04 x64 (Kernel 5.4.0-72, Firefox 91.0, Evince Document Viewer 3.36.10, LibreOffice 6.4.7.2, OpenJDK 11.0.11)
Analysis Mode:default
Sample name:yakuza.arm4.elf
Detection:MAL
Classification:mal72.troj.linELF@0/0@2/0

Warnings

  • Report size exceeded maximum capacity and may have missing behavior information.

Runtime Messages

Command:/tmp/yakuza.arm4.elf
PID:5497
Exit Code:0
Exit Code Info:
Killed:False
Standard Output:
CAPSAICIN
Standard Error:

Process Tree

  • system is lnxubuntu20
  • yakuza.arm4.elf (PID: 5497, Parent: 5421, MD5: 5ebfcae4fe2471fcc5695c2394773ff1) Arguments: /tmp/yakuza.arm4.elf
    • yakuza.arm4.elf New Fork (PID: 5499, Parent: 5497)
      • sh (PID: 5504, Parent: 5499, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "pkill -9 902i13 || busybox pkill -9 902i13"
        • sh New Fork (PID: 5512, Parent: 5504)
        • pkill (PID: 5512, Parent: 5504, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 902i13
        • sh New Fork (PID: 5538, Parent: 5504)
        • busybox (PID: 5538, Parent: 5504, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 902i13
      • sh (PID: 5539, Parent: 5499, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "pkill -9 BzSxLxBxeY || busybox pkill -9 BzSxLxBxeY"
        • sh New Fork (PID: 5546, Parent: 5539)
        • pkill (PID: 5546, Parent: 5539, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 BzSxLxBxeY
        • sh New Fork (PID: 5547, Parent: 5539)
        • busybox (PID: 5547, Parent: 5539, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 BzSxLxBxeY
      • sh (PID: 5548, Parent: 5499, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "pkill -9 HOHO-LUGO7 || busybox pkill -9 HOHO-LUGO7"
        • sh New Fork (PID: 5550, Parent: 5548)
        • pkill (PID: 5550, Parent: 5548, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 HOHO-LUGO7
        • sh New Fork (PID: 5551, Parent: 5548)
        • busybox (PID: 5551, Parent: 5548, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 HOHO-LUGO7
      • sh (PID: 5554, Parent: 5499, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "pkill -9 HOHO-U79OL || busybox pkill -9 HOHO-U79OL"
        • sh New Fork (PID: 5559, Parent: 5554)
        • pkill (PID: 5559, Parent: 5554, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 HOHO-U79OL
        • sh New Fork (PID: 5560, Parent: 5554)
        • busybox (PID: 5560, Parent: 5554, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 HOHO-U79OL
      • sh (PID: 5561, Parent: 5499, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "pkill -9 JuYfouyf87 || busybox pkill -9 JuYfouyf87"
        • sh New Fork (PID: 5563, Parent: 5561)
        • pkill (PID: 5563, Parent: 5561, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 JuYfouyf87
        • sh New Fork (PID: 5564, Parent: 5561)
        • busybox (PID: 5564, Parent: 5561, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 JuYfouyf87
      • sh (PID: 5565, Parent: 5499, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "pkill -9 NiGGeR69xd || busybox pkill -9 NiGGeR69xd"
        • sh New Fork (PID: 5573, Parent: 5565)
        • pkill (PID: 5573, Parent: 5565, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 NiGGeR69xd
        • sh New Fork (PID: 5574, Parent: 5565)
        • busybox (PID: 5574, Parent: 5565, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 NiGGeR69xd
      • sh (PID: 5575, Parent: 5499, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "pkill -9 SO190Ij1X || busybox pkill -9 SO190Ij1X"
        • sh New Fork (PID: 5577, Parent: 5575)
        • pkill (PID: 5577, Parent: 5575, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 SO190Ij1X
        • sh New Fork (PID: 5578, Parent: 5575)
        • busybox (PID: 5578, Parent: 5575, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 SO190Ij1X
      • sh (PID: 5579, Parent: 5499, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "pkill -9 LOLKIKEEEDDE || busybox pkill -9 LOLKIKEEEDDE"
        • sh New Fork (PID: 5584, Parent: 5579)
        • pkill (PID: 5584, Parent: 5579, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 LOLKIKEEEDDE
        • sh New Fork (PID: 5609, Parent: 5579)
        • busybox (PID: 5609, Parent: 5579, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 LOLKIKEEEDDE
      • sh (PID: 5610, Parent: 5499, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "pkill -9 ekjheory98e || busybox pkill -9 ekjheory98e"
        • sh New Fork (PID: 5615, Parent: 5610)
        • pkill (PID: 5615, Parent: 5610, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 ekjheory98e
        • sh New Fork (PID: 5616, Parent: 5610)
        • busybox (PID: 5616, Parent: 5610, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 ekjheory98e
      • sh (PID: 5617, Parent: 5499, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "pkill -9 scansh4 || busybox pkill -9 scansh4"
        • sh New Fork (PID: 5622, Parent: 5617)
        • pkill (PID: 5622, Parent: 5617, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 scansh4
        • sh New Fork (PID: 5625, Parent: 5617)
        • busybox (PID: 5625, Parent: 5617, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 scansh4
      • sh (PID: 5627, Parent: 5499, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "pkill -9 MDMA || busybox pkill -9 MDMA"
        • sh New Fork (PID: 5633, Parent: 5627)
        • pkill (PID: 5633, Parent: 5627, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 MDMA
        • sh New Fork (PID: 5634, Parent: 5627)
        • busybox (PID: 5634, Parent: 5627, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 MDMA
      • sh (PID: 5635, Parent: 5499, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "pkill -9 fdevalvex || busybox pkill -9 fdevalvex"
        • sh New Fork (PID: 5637, Parent: 5635)
        • pkill (PID: 5637, Parent: 5635, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 fdevalvex
        • sh New Fork (PID: 5638, Parent: 5635)
        • busybox (PID: 5638, Parent: 5635, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 fdevalvex
      • sh (PID: 5641, Parent: 5499, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "pkill -9 scanspc || busybox pkill -9 scanspc"
        • sh New Fork (PID: 5646, Parent: 5641)
        • pkill (PID: 5646, Parent: 5641, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 scanspc
        • sh New Fork (PID: 5647, Parent: 5641)
        • busybox (PID: 5647, Parent: 5641, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 scanspc
      • sh (PID: 5648, Parent: 5499, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "pkill -9 MELTEDNINJAREALZ || busybox pkill -9 MELTEDNINJAREALZ"
        • sh New Fork (PID: 5653, Parent: 5648)
        • pkill (PID: 5653, Parent: 5648, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 MELTEDNINJAREALZ
        • sh New Fork (PID: 5654, Parent: 5648)
        • busybox (PID: 5654, Parent: 5648, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 MELTEDNINJAREALZ
      • sh (PID: 5657, Parent: 5499, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "pkill -9 flexsonskids || busybox pkill -9 flexsonskids"
        • sh New Fork (PID: 5662, Parent: 5657)
        • pkill (PID: 5662, Parent: 5657, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 flexsonskids
        • sh New Fork (PID: 5663, Parent: 5657)
        • busybox (PID: 5663, Parent: 5657, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 flexsonskids
      • sh (PID: 5664, Parent: 5499, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "pkill -9 scanx86 || busybox pkill -9 scanx86"
        • sh New Fork (PID: 5669, Parent: 5664)
        • pkill (PID: 5669, Parent: 5664, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 scanx86
        • sh New Fork (PID: 5670, Parent: 5664)
        • busybox (PID: 5670, Parent: 5664, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 scanx86
      • sh (PID: 5671, Parent: 5499, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "pkill -9 MISAKI-U79OL || busybox pkill -9 MISAKI-U79OL"
        • sh New Fork (PID: 5676, Parent: 5671)
        • pkill (PID: 5676, Parent: 5671, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 MISAKI-U79OL
        • sh New Fork (PID: 5679, Parent: 5671)
        • busybox (PID: 5679, Parent: 5671, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 MISAKI-U79OL
      • sh (PID: 5680, Parent: 5499, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "pkill -9 foAxi102kxe || busybox pkill -9 foAxi102kxe"
        • sh New Fork (PID: 5686, Parent: 5680)
        • pkill (PID: 5686, Parent: 5680, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 foAxi102kxe
        • sh New Fork (PID: 5687, Parent: 5680)
        • busybox (PID: 5687, Parent: 5680, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 foAxi102kxe
      • sh (PID: 5688, Parent: 5499, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "pkill -9 swodjwodjwoj || busybox pkill -9 swodjwodjwoj"
        • sh New Fork (PID: 5693, Parent: 5688)
        • pkill (PID: 5693, Parent: 5688, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 swodjwodjwoj
        • sh New Fork (PID: 5696, Parent: 5688)
        • busybox (PID: 5696, Parent: 5688, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 swodjwodjwoj
      • sh (PID: 5697, Parent: 5499, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "pkill -9 MmKiy7f87l || busybox pkill -9 MmKiy7f87l"
        • sh New Fork (PID: 5702, Parent: 5697)
        • pkill (PID: 5702, Parent: 5697, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 MmKiy7f87l
        • sh New Fork (PID: 5703, Parent: 5697)
        • busybox (PID: 5703, Parent: 5697, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 MmKiy7f87l
      • sh (PID: 5704, Parent: 5499, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "pkill -9 freecookiex86 || busybox pkill -9 freecookiex86"
        • sh New Fork (PID: 5709, Parent: 5704)
        • pkill (PID: 5709, Parent: 5704, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 freecookiex86
        • sh New Fork (PID: 5710, Parent: 5704)
        • busybox (PID: 5710, Parent: 5704, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 freecookiex86
      • sh (PID: 5715, Parent: 5499, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "pkill -9 sysgpu || busybox pkill -9 sysgpu"
        • sh New Fork (PID: 5720, Parent: 5715)
        • pkill (PID: 5720, Parent: 5715, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 sysgpu
        • sh New Fork (PID: 5721, Parent: 5715)
        • busybox (PID: 5721, Parent: 5715, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 sysgpu
      • sh (PID: 5722, Parent: 5499, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "pkill -9 NiGGeR69xd || busybox pkill -9 NiGGeR69xd"
        • sh New Fork (PID: 5727, Parent: 5722)
        • pkill (PID: 5727, Parent: 5722, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 NiGGeR69xd
        • sh New Fork (PID: 5728, Parent: 5722)
        • busybox (PID: 5728, Parent: 5722, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 NiGGeR69xd
      • sh (PID: 5729, Parent: 5499, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "pkill -9 frgege || busybox pkill -9 frgege"
        • sh New Fork (PID: 5734, Parent: 5729)
        • pkill (PID: 5734, Parent: 5729, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 frgege
        • sh New Fork (PID: 5738, Parent: 5729)
        • busybox (PID: 5738, Parent: 5729, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 frgege
      • sh (PID: 5739, Parent: 5499, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "pkill -9 sysupdater || busybox pkill -9 sysupdater"
        • sh New Fork (PID: 5741, Parent: 5739)
        • pkill (PID: 5741, Parent: 5739, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 sysupdater
        • sh New Fork (PID: 5742, Parent: 5739)
        • busybox (PID: 5742, Parent: 5739, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 sysupdater
      • sh (PID: 5743, Parent: 5499, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "pkill -9 0DnAzepd || busybox pkill -9 0DnAzepd"
        • sh New Fork (PID: 5745, Parent: 5743)
        • pkill (PID: 5745, Parent: 5743, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 0DnAzepd
        • sh New Fork (PID: 5748, Parent: 5743)
        • busybox (PID: 5748, Parent: 5743, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 0DnAzepd
      • sh (PID: 5749, Parent: 5499, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "pkill -9 NiGGeRD0nks69 || busybox pkill -9 NiGGeRD0nks69"
        • sh New Fork (PID: 5755, Parent: 5749)
        • pkill (PID: 5755, Parent: 5749, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 NiGGeRD0nks69
        • sh New Fork (PID: 5756, Parent: 5749)
        • busybox (PID: 5756, Parent: 5749, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 NiGGeRD0nks69
      • sh (PID: 5757, Parent: 5499, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "pkill -9 frgreu || busybox pkill -9 frgreu"
        • sh New Fork (PID: 5759, Parent: 5757)
        • pkill (PID: 5759, Parent: 5757, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 frgreu
        • sh New Fork (PID: 5762, Parent: 5757)
        • busybox (PID: 5762, Parent: 5757, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 frgreu
      • sh (PID: 5763, Parent: 5499, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "pkill -9 telnetd || busybox pkill -9 telnetd"
        • sh New Fork (PID: 5768, Parent: 5763)
        • pkill (PID: 5768, Parent: 5763, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 telnetd
        • sh New Fork (PID: 5769, Parent: 5763)
        • busybox (PID: 5769, Parent: 5763, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 telnetd
      • sh (PID: 5770, Parent: 5499, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "pkill -9 0x766f6964 || busybox pkill -9 0x766f6964"
        • sh New Fork (PID: 5775, Parent: 5770)
        • pkill (PID: 5775, Parent: 5770, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 0x766f6964
        • sh New Fork (PID: 5776, Parent: 5770)
        • busybox (PID: 5776, Parent: 5770, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 0x766f6964
      • sh (PID: 5779, Parent: 5499, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "pkill -9 NiGGeRd0nks1337 || busybox pkill -9 NiGGeRd0nks1337"
        • sh New Fork (PID: 5781, Parent: 5779)
        • pkill (PID: 5781, Parent: 5779, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 NiGGeRd0nks1337
        • sh New Fork (PID: 5782, Parent: 5779)
        • busybox (PID: 5782, Parent: 5779, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 NiGGeRd0nks1337
      • sh (PID: 5783, Parent: 5499, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "pkill -9 gaft || busybox pkill -9 gaft"
        • sh New Fork (PID: 5789, Parent: 5783)
        • pkill (PID: 5789, Parent: 5783, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 gaft
        • sh New Fork (PID: 5790, Parent: 5783)
        • busybox (PID: 5790, Parent: 5783, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 gaft
      • sh (PID: 5793, Parent: 5499, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "pkill -9 urasgbsigboa || busybox pkill -9 urasgbsigboa"
        • sh New Fork (PID: 5798, Parent: 5793)
        • pkill (PID: 5798, Parent: 5793, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 urasgbsigboa
        • sh New Fork (PID: 5799, Parent: 5793)
        • busybox (PID: 5799, Parent: 5793, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 urasgbsigboa
      • sh (PID: 5800, Parent: 5499, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "pkill -9 120i3UI49 || busybox pkill -9 120i3UI49"
        • sh New Fork (PID: 5805, Parent: 5800)
        • pkill (PID: 5805, Parent: 5800, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 120i3UI49
        • sh New Fork (PID: 5806, Parent: 5800)
        • busybox (PID: 5806, Parent: 5800, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 120i3UI49
      • sh (PID: 5807, Parent: 5499, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "pkill -9 OaF3 || busybox pkill -9 OaF3"
        • sh New Fork (PID: 5812, Parent: 5807)
        • pkill (PID: 5812, Parent: 5807, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 OaF3
        • sh New Fork (PID: 5815, Parent: 5807)
        • busybox (PID: 5815, Parent: 5807, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 OaF3
      • sh (PID: 5816, Parent: 5499, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "pkill -9 geae || busybox pkill -9 geae"
        • sh New Fork (PID: 5821, Parent: 5816)
        • pkill (PID: 5821, Parent: 5816, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 geae
        • sh New Fork (PID: 5822, Parent: 5816)
        • busybox (PID: 5822, Parent: 5816, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 geae
      • sh (PID: 5823, Parent: 5499, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "pkill -9 vaiolmao || busybox pkill -9 vaiolmao"
        • sh New Fork (PID: 5828, Parent: 5823)
        • pkill (PID: 5828, Parent: 5823, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 vaiolmao
        • sh New Fork (PID: 5831, Parent: 5823)
        • busybox (PID: 5831, Parent: 5823, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 vaiolmao
      • sh (PID: 5833, Parent: 5499, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "pkill -9 123123a || busybox pkill -9 123123a"
        • sh New Fork (PID: 5839, Parent: 5833)
        • pkill (PID: 5839, Parent: 5833, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 123123a
        • sh New Fork (PID: 5840, Parent: 5833)
        • busybox (PID: 5840, Parent: 5833, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 123123a
      • sh (PID: 5841, Parent: 5499, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "pkill -9 Ofurain0n4H34D || busybox pkill -9 Ofurain0n4H34D"
        • sh New Fork (PID: 5843, Parent: 5841)
        • pkill (PID: 5843, Parent: 5841, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 Ofurain0n4H34D
        • sh New Fork (PID: 5846, Parent: 5841)
        • busybox (PID: 5846, Parent: 5841, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 Ofurain0n4H34D
      • sh (PID: 5847, Parent: 5499, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "pkill -9 ggTrex || busybox pkill -9 ggTrex"
        • sh New Fork (PID: 5852, Parent: 5847)
        • pkill (PID: 5852, Parent: 5847, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 ggTrex
        • sh New Fork (PID: 5853, Parent: 5847)
        • busybox (PID: 5853, Parent: 5847, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 ggTrex
      • sh (PID: 5854, Parent: 5499, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "pkill -9 wasads || busybox pkill -9 wasads"
        • sh New Fork (PID: 5859, Parent: 5854)
        • pkill (PID: 5859, Parent: 5854, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 wasads
        • sh New Fork (PID: 5860, Parent: 5854)
        • busybox (PID: 5860, Parent: 5854, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 wasads
      • sh (PID: 5863, Parent: 5499, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "pkill -9 1293194hjXD || busybox pkill -9 1293194hjXD"
        • sh New Fork (PID: 5868, Parent: 5863)
        • pkill (PID: 5868, Parent: 5863, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 1293194hjXD
        • sh New Fork (PID: 5869, Parent: 5863)
        • busybox (PID: 5869, Parent: 5863, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 1293194hjXD
      • sh (PID: 5870, Parent: 5499, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "pkill -9 OthLaLosn || busybox pkill -9 OthLaLosn"
        • sh New Fork (PID: 5875, Parent: 5870)
        • pkill (PID: 5875, Parent: 5870, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 OthLaLosn
        • sh New Fork (PID: 5876, Parent: 5870)
        • busybox (PID: 5876, Parent: 5870, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 OthLaLosn
      • sh (PID: 5877, Parent: 5499, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "pkill -9 ggt || busybox pkill -9 ggt"
        • sh New Fork (PID: 5879, Parent: 5877)
        • pkill (PID: 5879, Parent: 5877, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 ggt
        • sh New Fork (PID: 5882, Parent: 5877)
        • busybox (PID: 5882, Parent: 5877, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 ggt
      • sh (PID: 5883, Parent: 5499, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "pkill -9 wget-log || busybox pkill -9 wget-log"
        • sh New Fork (PID: 5889, Parent: 5883)
        • pkill (PID: 5889, Parent: 5883, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 wget-log
        • sh New Fork (PID: 5890, Parent: 5883)
        • busybox (PID: 5890, Parent: 5883, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 wget-log
      • sh (PID: 5891, Parent: 5499, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "pkill -9 1337SoraLOADER || busybox pkill -9 1337SoraLOADER"
        • sh New Fork (PID: 5896, Parent: 5891)
        • pkill (PID: 5896, Parent: 5891, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 1337SoraLOADER
        • sh New Fork (PID: 5899, Parent: 5891)
        • busybox (PID: 5899, Parent: 5891, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 1337SoraLOADER
      • sh (PID: 5900, Parent: 5499, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "pkill -9 SAIAKINA || busybox pkill -9 SAIAKINA"
        • sh New Fork (PID: 5905, Parent: 5900)
        • pkill (PID: 5905, Parent: 5900, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 SAIAKINA
        • sh New Fork (PID: 5906, Parent: 5900)
        • busybox (PID: 5906, Parent: 5900, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 SAIAKINA
      • sh (PID: 5907, Parent: 5499, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "pkill -9 ggtq || busybox pkill -9 ggtq"
        • sh New Fork (PID: 5909, Parent: 5907)
        • pkill (PID: 5909, Parent: 5907, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 ggtq
        • sh New Fork (PID: 5910, Parent: 5907)
        • busybox (PID: 5910, Parent: 5907, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 ggtq
      • sh (PID: 5915, Parent: 5499, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "pkill -9 1378bfp919GRB1Q2 || busybox pkill -9 1378bfp919GRB1Q2"
        • sh New Fork (PID: 5920, Parent: 5915)
        • pkill (PID: 5920, Parent: 5915, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 1378bfp919GRB1Q2
        • sh New Fork (PID: 5921, Parent: 5915)
        • busybox (PID: 5921, Parent: 5915, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 1378bfp919GRB1Q2
      • sh (PID: 5922, Parent: 5499, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "pkill -9 SAIAKUSO || busybox pkill -9 SAIAKUSO"
        • sh New Fork (PID: 5927, Parent: 5922)
        • pkill (PID: 5927, Parent: 5922, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 SAIAKUSO
        • sh New Fork (PID: 5928, Parent: 5922)
        • busybox (PID: 5928, Parent: 5922, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 SAIAKUSO
      • sh (PID: 5929, Parent: 5499, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "pkill -9 ggtr || busybox pkill -9 ggtr"
        • sh New Fork (PID: 5934, Parent: 5929)
        • pkill (PID: 5934, Parent: 5929, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 ggtr
        • sh New Fork (PID: 5937, Parent: 5929)
        • busybox (PID: 5937, Parent: 5929, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 ggtr
      • sh (PID: 5939, Parent: 5499, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "pkill -9 14Fa || busybox pkill -9 14Fa"
        • sh New Fork (PID: 5941, Parent: 5939)
        • pkill (PID: 5941, Parent: 5939, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 14Fa
        • sh New Fork (PID: 5942, Parent: 5939)
        • busybox (PID: 5942, Parent: 5939, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 14Fa
      • sh (PID: 5943, Parent: 5499, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "pkill -9 SEXSLAVE1337 || busybox pkill -9 SEXSLAVE1337"
        • sh New Fork (PID: 5945, Parent: 5943)
        • pkill (PID: 5945, Parent: 5943, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 SEXSLAVE1337
        • sh New Fork (PID: 5948, Parent: 5943)
        • busybox (PID: 5948, Parent: 5943, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 SEXSLAVE1337
      • sh (PID: 5949, Parent: 5499, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "pkill -9 ggtt || busybox pkill -9 ggtt"
        • sh New Fork (PID: 5955, Parent: 5949)
        • pkill (PID: 5955, Parent: 5949, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 ggtt
        • sh New Fork (PID: 5956, Parent: 5949)
        • busybox (PID: 5956, Parent: 5949, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 ggtt
      • sh (PID: 5957, Parent: 5499, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "pkill -9 1902a3u912u3u4 || busybox pkill -9 1902a3u912u3u4"
        • sh New Fork (PID: 5962, Parent: 5957)
        • pkill (PID: 5962, Parent: 5957, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 1902a3u912u3u4
  • cleanup

Malware Threat Intel

Provided by

NameDescriptionAttributionBlogpost URLsLink
MiraiMirai is one of the first significant botnets targeting exposed networking devices running Linux. Found in August 2016 by MalwareMustDie, its name means "future" in Japanese. Nowadays it targets a wide range of networked embedded devices such as IP cameras, home routers (many vendors involved), and other IoT devices. Since the source code was published on "Hack Forums" many variants of the Mirai family appeared, infecting mostly home networks all around the world.No Attributionhttps://malpedia.caad.fkie.fraunhofer.de/details/elf.mirai

Yara Signatures

Initial Sample

SourceRuleDescriptionAuthorStrings
yakuza.arm4.elfJoeSecurity_Mirai_8Yara detected MiraiJoe Security
    yakuza.arm4.elfLinux_Trojan_Tsunami_8a11f9beunknownunknown
    • 0x18341:$a: 3E 20 3C 70 6F 72 74 3E 20 3C 72 65 66 6C 65 63 74 69 6F 6E 20
    • 0x189d5:$a: 3E 20 3C 70 6F 72 74 3E 20 3C 72 65 66 6C 65 63 74 69 6F 6E 20

    Memory Dumps

    SourceRuleDescriptionAuthorStrings
    5497.1.00007f91b8017000.00007f91b8033000.r-x.sdmpJoeSecurity_Mirai_8Yara detected MiraiJoe Security
      5497.1.00007f91b8017000.00007f91b8033000.r-x.sdmpLinux_Trojan_Tsunami_8a11f9beunknownunknown
      • 0x18341:$a: 3E 20 3C 70 6F 72 74 3E 20 3C 72 65 66 6C 65 63 74 69 6F 6E 20
      • 0x189d5:$a: 3E 20 3C 70 6F 72 74 3E 20 3C 72 65 66 6C 65 63 74 69 6F 6E 20
      5501.1.00007f91b8017000.00007f91b8033000.r-x.sdmpJoeSecurity_Mirai_8Yara detected MiraiJoe Security
        5501.1.00007f91b8017000.00007f91b8033000.r-x.sdmpLinux_Trojan_Tsunami_8a11f9beunknownunknown
        • 0x18341:$a: 3E 20 3C 70 6F 72 74 3E 20 3C 72 65 66 6C 65 63 74 69 6F 6E 20
        • 0x189d5:$a: 3E 20 3C 70 6F 72 74 3E 20 3C 72 65 66 6C 65 63 74 69 6F 6E 20
        Process Memory Space: yakuza.arm4.elf PID: 5497Linux_Trojan_Tsunami_8a11f9beunknownunknown
        • 0x4b8c:$a: 3E 20 3C 70 6F 72 74 3E 20 3C 72 65 66 6C 65 63 74 69 6F 6E 20
        • 0x4c9e:$a: 3E 20 3C 70 6F 72 74 3E 20 3C 72 65 66 6C 65 63 74 69 6F 6E 20
        • 0x5276:$a: 3E 20 3C 70 6F 72 74 3E 20 3C 72 65 66 6C 65 63 74 69 6F 6E 20
        Click to see the 1 entries

        Suricata Signatures

        No Suricata rule has matched

        Joe Sandbox Signatures

        Click to jump to signature section

        Show All Signature Results

        AV Detection

        barindex
        Multi AV Scanner detection for submitted file
        Source: yakuza.arm4.elfReversingLabs: Detection: 60%
        Source: /usr/bin/pkill (PID: 5512)Reads CPU info from /sys: /sys/devices/system/cpu/onlineJump to behavior
        Source: /usr/bin/pkill (PID: 5546)Reads CPU info from /sys: /sys/devices/system/cpu/onlineJump to behavior
        Source: /usr/bin/pkill (PID: 5550)Reads CPU info from /sys: /sys/devices/system/cpu/onlineJump to behavior
        Source: /usr/bin/pkill (PID: 5559)Reads CPU info from /sys: /sys/devices/system/cpu/onlineJump to behavior
        Source: /usr/bin/pkill (PID: 5563)Reads CPU info from /sys: /sys/devices/system/cpu/onlineJump to behavior
        Source: /usr/bin/pkill (PID: 5573)Reads CPU info from /sys: /sys/devices/system/cpu/onlineJump to behavior
        Source: /usr/bin/pkill (PID: 5577)Reads CPU info from /sys: /sys/devices/system/cpu/onlineJump to behavior
        Source: /usr/bin/pkill (PID: 5584)Reads CPU info from /sys: /sys/devices/system/cpu/onlineJump to behavior
        Source: /usr/bin/pkill (PID: 5615)Reads CPU info from /sys: /sys/devices/system/cpu/onlineJump to behavior
        Source: /usr/bin/pkill (PID: 5622)Reads CPU info from /sys: /sys/devices/system/cpu/onlineJump to behavior
        Source: /usr/bin/pkill (PID: 5633)Reads CPU info from /sys: /sys/devices/system/cpu/onlineJump to behavior
        Source: /usr/bin/pkill (PID: 5637)Reads CPU info from /sys: /sys/devices/system/cpu/onlineJump to behavior
        Source: /usr/bin/pkill (PID: 5646)Reads CPU info from /sys: /sys/devices/system/cpu/onlineJump to behavior
        Source: /usr/bin/pkill (PID: 5653)Reads CPU info from /sys: /sys/devices/system/cpu/onlineJump to behavior
        Source: /usr/bin/pkill (PID: 5662)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 5669)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 5676)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 5686)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 5693)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 5702)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 5709)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 5720)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 5727)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 5734)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 5741)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 5745)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 5755)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 5759)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 5768)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 5775)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 5781)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 5789)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 5798)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 5805)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 5812)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 5821)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 5828)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 5839)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 5843)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 5852)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 5859)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 5868)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 5875)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 5879)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 5889)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 5896)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 5905)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 5909)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 5920)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 5927)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 5934)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 5941)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 5945)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 5955)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 5962)Reads CPU info from /sys: /sys/devices/system/cpu/online

        Networking

        barindex
        Uses IRC for communication with a C&C
        Source: unknownIRC traffic detected: 192.168.2.13:60600 -> 95.234.158.87:6780 NICK [OSX|ARM3]ET1x USER ET1x localhost localhost :ET1x
        Uses known network protocols on non-standard ports
        Source: unknownNetwork traffic detected: IRC traffic on port 60600 -> 6780
        Source: unknownNetwork traffic detected: IRC traffic on port 60602 -> 6780
        Source: unknownNetwork traffic detected: IRC traffic on port 60604 -> 6780
        Source: unknownNetwork traffic detected: IRC traffic on port 60606 -> 6780
        Source: unknownNetwork traffic detected: IRC traffic on port 60608 -> 6780
        Source: unknownNetwork traffic detected: IRC traffic on port 60610 -> 6780
        Source: unknownNetwork traffic detected: IRC traffic on port 60612 -> 6780
        Source: unknownNetwork traffic detected: IRC traffic on port 60614 -> 6780
        Source: unknownNetwork traffic detected: IRC traffic on port 60616 -> 6780
        Source: unknownNetwork traffic detected: IRC traffic on port 60618 -> 6780
        Source: unknownNetwork traffic detected: IRC traffic on port 60620 -> 6780
        Source: unknownNetwork traffic detected: IRC traffic on port 60622 -> 6780
        Source: unknownNetwork traffic detected: IRC traffic on port 60624 -> 6780
        Source: unknownNetwork traffic detected: IRC traffic on port 60626 -> 6780
        Source: unknownNetwork traffic detected: IRC traffic on port 60628 -> 6780
        Source: unknownNetwork traffic detected: IRC traffic on port 60630 -> 6780
        Source: unknownNetwork traffic detected: IRC traffic on port 60632 -> 6780
        Source: unknownNetwork traffic detected: IRC traffic on port 60634 -> 6780
        Source: unknownNetwork traffic detected: IRC traffic on port 60636 -> 6780
        Source: unknownNetwork traffic detected: IRC traffic on port 60638 -> 6780
        Source: global trafficTCP traffic: 192.168.2.13:60600 -> 95.234.158.87:6780
        Source: unknownTCP traffic detected without corresponding DNS query: 95.234.158.87
        Source: unknownTCP traffic detected without corresponding DNS query: 95.234.158.87
        Source: unknownTCP traffic detected without corresponding DNS query: 95.234.158.87
        Source: unknownTCP traffic detected without corresponding DNS query: 95.234.158.87
        Source: unknownTCP traffic detected without corresponding DNS query: 95.234.158.87
        Source: unknownTCP traffic detected without corresponding DNS query: 95.234.158.87
        Source: unknownTCP traffic detected without corresponding DNS query: 95.234.158.87
        Source: unknownTCP traffic detected without corresponding DNS query: 95.234.158.87
        Source: unknownTCP traffic detected without corresponding DNS query: 95.234.158.87
        Source: unknownTCP traffic detected without corresponding DNS query: 95.234.158.87
        Source: unknownTCP traffic detected without corresponding DNS query: 95.234.158.87
        Source: unknownTCP traffic detected without corresponding DNS query: 95.234.158.87
        Source: unknownTCP traffic detected without corresponding DNS query: 95.234.158.87
        Source: unknownTCP traffic detected without corresponding DNS query: 95.234.158.87
        Source: unknownTCP traffic detected without corresponding DNS query: 95.234.158.87
        Source: unknownTCP traffic detected without corresponding DNS query: 95.234.158.87
        Source: unknownTCP traffic detected without corresponding DNS query: 95.234.158.87
        Source: unknownTCP traffic detected without corresponding DNS query: 95.234.158.87
        Source: unknownTCP traffic detected without corresponding DNS query: 95.234.158.87
        Source: unknownTCP traffic detected without corresponding DNS query: 95.234.158.87
        Source: unknownTCP traffic detected without corresponding DNS query: 95.234.158.87
        Source: unknownTCP traffic detected without corresponding DNS query: 95.234.158.87
        Source: unknownTCP traffic detected without corresponding DNS query: 95.234.158.87
        Source: unknownTCP traffic detected without corresponding DNS query: 95.234.158.87
        Source: unknownTCP traffic detected without corresponding DNS query: 95.234.158.87
        Source: unknownTCP traffic detected without corresponding DNS query: 95.234.158.87
        Source: unknownTCP traffic detected without corresponding DNS query: 95.234.158.87
        Source: unknownTCP traffic detected without corresponding DNS query: 95.234.158.87
        Source: unknownTCP traffic detected without corresponding DNS query: 95.234.158.87
        Source: unknownTCP traffic detected without corresponding DNS query: 95.234.158.87
        Source: unknownTCP traffic detected without corresponding DNS query: 95.234.158.87
        Source: unknownTCP traffic detected without corresponding DNS query: 95.234.158.87
        Source: unknownTCP traffic detected without corresponding DNS query: 95.234.158.87
        Source: unknownTCP traffic detected without corresponding DNS query: 95.234.158.87
        Source: unknownTCP traffic detected without corresponding DNS query: 95.234.158.87
        Source: unknownTCP traffic detected without corresponding DNS query: 95.234.158.87
        Source: unknownTCP traffic detected without corresponding DNS query: 95.234.158.87
        Source: unknownTCP traffic detected without corresponding DNS query: 95.234.158.87
        Source: unknownTCP traffic detected without corresponding DNS query: 95.234.158.87
        Source: unknownTCP traffic detected without corresponding DNS query: 95.234.158.87
        Source: unknownTCP traffic detected without corresponding DNS query: 95.234.158.87
        Source: unknownTCP traffic detected without corresponding DNS query: 95.234.158.87
        Source: unknownTCP traffic detected without corresponding DNS query: 95.234.158.87
        Source: unknownTCP traffic detected without corresponding DNS query: 95.234.158.87
        Source: unknownTCP traffic detected without corresponding DNS query: 95.234.158.87
        Source: unknownTCP traffic detected without corresponding DNS query: 95.234.158.87
        Source: unknownTCP traffic detected without corresponding DNS query: 95.234.158.87
        Source: unknownTCP traffic detected without corresponding DNS query: 95.234.158.87
        Source: unknownTCP traffic detected without corresponding DNS query: 95.234.158.87
        Source: unknownTCP traffic detected without corresponding DNS query: 95.234.158.87
        Source: global trafficDNS traffic detected: DNS query: daisy.ubuntu.com
        Source: yakuza.arm4.elfString found in binary or memory: http://linux-it.abuser.eu/yak.sh;
        Source: yakuza.arm4.elfString found in binary or memory: https://youtu.be/dQw4w9WgXcQ
        Source: yakuza.arm4.elfString found in binary or memory: https://youtu.be/dQw4w9WgXcQNever

        System Summary

        barindex
        Malicious sample detected (through community Yara rule)
        Source: yakuza.arm4.elf, type: SAMPLEMatched rule: Linux_Trojan_Tsunami_8a11f9be Author: unknown
        Source: 5497.1.00007f91b8017000.00007f91b8033000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Tsunami_8a11f9be Author: unknown
        Source: 5501.1.00007f91b8017000.00007f91b8033000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Tsunami_8a11f9be Author: unknown
        Source: Process Memory Space: yakuza.arm4.elf PID: 5497, type: MEMORYSTRMatched rule: Linux_Trojan_Tsunami_8a11f9be Author: unknown
        Source: Process Memory Space: yakuza.arm4.elf PID: 5501, type: MEMORYSTRMatched rule: Linux_Trojan_Tsunami_8a11f9be Author: unknown
        Source: Initial sampleString containing 'busybox' found: busybox
        Source: Initial sampleString containing 'busybox' found: pkill -9 %s || busybox pkill -9 %s
        Source: Initial sampleString containing 'busybox' found: pkill -9 %s || busybox pkill -9 %shistory -c;history -wcd /root;rm -f .bash_historycd /var/tmp; rm -f *NOTICE %s :MOVE <server>
        Source: Initial sampleString containing potential weak password found: guest
        Source: Initial sampleString containing potential weak password found: default
        Source: Initial sampleString containing potential weak password found: admin
        Source: Initial sampleString containing potential weak password found: supervisor
        Source: Initial sampleString containing potential weak password found: service
        Source: Initial sampleString containing potential weak password found: administrator
        Source: Initial sampleString containing potential weak password found: support
        Source: Initial sampleString containing potential weak password found: 123456
        Source: Initial sampleString containing potential weak password found: password
        Source: Initial sampleString containing potential weak password found: 12345
        Source: yakuza.arm4.elf, type: SAMPLEMatched rule: Linux_Trojan_Tsunami_8a11f9be reference_sample = 1f773d0e00d40eecde9e3ab80438698923a2620036c2fc33315ef95229e98571, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Tsunami, fingerprint = 91e2572a3bb8583e20042578e95e1746501c6a71ef7635af2c982a05b18d7c6d, id = 8a11f9be-dc85-4695-9f38-80ca0304780e, last_modified = 2021-09-16
        Source: 5497.1.00007f91b8017000.00007f91b8033000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Tsunami_8a11f9be reference_sample = 1f773d0e00d40eecde9e3ab80438698923a2620036c2fc33315ef95229e98571, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Tsunami, fingerprint = 91e2572a3bb8583e20042578e95e1746501c6a71ef7635af2c982a05b18d7c6d, id = 8a11f9be-dc85-4695-9f38-80ca0304780e, last_modified = 2021-09-16
        Source: 5501.1.00007f91b8017000.00007f91b8033000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Tsunami_8a11f9be reference_sample = 1f773d0e00d40eecde9e3ab80438698923a2620036c2fc33315ef95229e98571, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Tsunami, fingerprint = 91e2572a3bb8583e20042578e95e1746501c6a71ef7635af2c982a05b18d7c6d, id = 8a11f9be-dc85-4695-9f38-80ca0304780e, last_modified = 2021-09-16
        Source: Process Memory Space: yakuza.arm4.elf PID: 5497, type: MEMORYSTRMatched rule: Linux_Trojan_Tsunami_8a11f9be reference_sample = 1f773d0e00d40eecde9e3ab80438698923a2620036c2fc33315ef95229e98571, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Tsunami, fingerprint = 91e2572a3bb8583e20042578e95e1746501c6a71ef7635af2c982a05b18d7c6d, id = 8a11f9be-dc85-4695-9f38-80ca0304780e, last_modified = 2021-09-16
        Source: Process Memory Space: yakuza.arm4.elf PID: 5501, type: MEMORYSTRMatched rule: Linux_Trojan_Tsunami_8a11f9be reference_sample = 1f773d0e00d40eecde9e3ab80438698923a2620036c2fc33315ef95229e98571, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Tsunami, fingerprint = 91e2572a3bb8583e20042578e95e1746501c6a71ef7635af2c982a05b18d7c6d, id = 8a11f9be-dc85-4695-9f38-80ca0304780e, last_modified = 2021-09-16
        Source: classification engineClassification label: mal72.troj.linELF@0/0@2/0
        Source: yakuza.arm4.elfELF static info symbol of initial sample: /home/firmware/build/temp-armv4l/gcc-core/gcc/config/arm/lib1funcs.asm
        Source: yakuza.arm4.elfELF static info symbol of initial sample: /home/firmware/build/temp-armv4l/gcc-core/gcc/config/arm/lib1funcs.asm
        Source: yakuza.arm4.elfELF static info symbol of initial sample: /home/firmware/build/temp-armv4l/gcc-core/gcc/config/arm/lib1funcs.asm
        Source: yakuza.arm4.elfELF static info symbol of initial sample: /home/firmware/build/temp-armv4l/gcc-core/gcc/config/arm/lib1funcs.asm
        Source: yakuza.arm4.elfELF static info symbol of initial sample: /home/firmware/build/temp-armv4l/gcc-core/gcc/config/arm/lib1funcs.asm
        Source: yakuza.arm4.elfELF static info symbol of initial sample: /home/firmware/build/temp-armv4l/gcc-core/gcc/config/arm/lib1funcs.asm
        Source: yakuza.arm4.elfELF static info symbol of initial sample: /home/firmware/build/temp-armv4l/gcc-core/gcc/config/arm/lib1funcs.asm
        Source: yakuza.arm4.elfELF static info symbol of initial sample: /home/firmware/build/temp-armv4l/gcc-core/gcc/config/arm/lib1funcs.asm
        Source: yakuza.arm4.elfELF static info symbol of initial sample: /home/firmware/build/temp-armv4l/gcc-core/gcc/config/arm/lib1funcs.asm
        Source: /usr/bin/pkill (PID: 5781)File opened: /proc/230/status
        Source: /usr/bin/pkill (PID: 5781)File opened: /proc/230/cmdline
        Source: /usr/bin/pkill (PID: 5781)File opened: /proc/110/status
        Source: /usr/bin/pkill (PID: 5781)File opened: /proc/110/cmdline
        Source: /usr/bin/pkill (PID: 5781)File opened: /proc/231/status
        Source: /usr/bin/pkill (PID: 5781)File opened: /proc/231/cmdline
        Source: /usr/bin/pkill (PID: 5781)File opened: /proc/111/status
        Source: /usr/bin/pkill (PID: 5781)File opened: /proc/111/cmdline
        Source: /usr/bin/pkill (PID: 5781)File opened: /proc/232/status
        Source: /usr/bin/pkill (PID: 5781)File opened: /proc/232/cmdline
        Source: /usr/bin/pkill (PID: 5781)File opened: /proc/112/status
        Source: /usr/bin/pkill (PID: 5781)File opened: /proc/112/cmdline
        Source: /usr/bin/pkill (PID: 5781)File opened: /proc/233/status
        Source: /usr/bin/pkill (PID: 5781)File opened: /proc/233/cmdline
        Source: /usr/bin/pkill (PID: 5781)File opened: /proc/113/status
        Source: /usr/bin/pkill (PID: 5781)File opened: /proc/113/cmdline
        Source: /usr/bin/pkill (PID: 5781)File opened: /proc/234/status
        Source: /usr/bin/pkill (PID: 5781)File opened: /proc/234/cmdline
        Source: /usr/bin/pkill (PID: 5781)File opened: /proc/114/status
        Source: /usr/bin/pkill (PID: 5781)File opened: /proc/114/cmdline
        Source: /usr/bin/pkill (PID: 5781)File opened: /proc/235/status
        Source: /usr/bin/pkill (PID: 5781)File opened: /proc/235/cmdline
        Source: /usr/bin/pkill (PID: 5781)File opened: /proc/115/status
        Source: /usr/bin/pkill (PID: 5781)File opened: /proc/115/cmdline
        Source: /usr/bin/pkill (PID: 5781)File opened: /proc/236/status
        Source: /usr/bin/pkill (PID: 5781)File opened: /proc/236/cmdline
        Source: /usr/bin/pkill (PID: 5781)File opened: /proc/116/status
        Source: /usr/bin/pkill (PID: 5781)File opened: /proc/116/cmdline
        Source: /usr/bin/pkill (PID: 5781)File opened: /proc/237/status
        Source: /usr/bin/pkill (PID: 5781)File opened: /proc/237/cmdline
        Source: /usr/bin/pkill (PID: 5781)File opened: /proc/117/status
        Source: /usr/bin/pkill (PID: 5781)File opened: /proc/117/cmdline
        Source: /usr/bin/pkill (PID: 5781)File opened: /proc/238/status
        Source: /usr/bin/pkill (PID: 5781)File opened: /proc/238/cmdline
        Source: /usr/bin/pkill (PID: 5781)File opened: /proc/118/status
        Source: /usr/bin/pkill (PID: 5781)File opened: /proc/118/cmdline
        Source: /usr/bin/pkill (PID: 5781)File opened: /proc/239/status
        Source: /usr/bin/pkill (PID: 5781)File opened: /proc/239/cmdline
        Source: /usr/bin/pkill (PID: 5781)File opened: /proc/119/status
        Source: /usr/bin/pkill (PID: 5781)File opened: /proc/119/cmdline
        Source: /usr/bin/pkill (PID: 5781)File opened: /proc/914/status
        Source: /usr/bin/pkill (PID: 5781)File opened: /proc/914/cmdline
        Source: /usr/bin/pkill (PID: 5781)File opened: /proc/10/status
        Source: /usr/bin/pkill (PID: 5781)File opened: /proc/10/cmdline
        Source: /usr/bin/pkill (PID: 5781)File opened: /proc/917/status
        Source: /usr/bin/pkill (PID: 5781)File opened: /proc/917/cmdline
        Source: /usr/bin/pkill (PID: 5781)File opened: /proc/11/status
        Source: /usr/bin/pkill (PID: 5781)File opened: /proc/11/cmdline
        Source: /usr/bin/pkill (PID: 5781)File opened: /proc/12/status
        Source: /usr/bin/pkill (PID: 5781)File opened: /proc/12/cmdline
        Source: /usr/bin/pkill (PID: 5781)File opened: /proc/13/status
        Source: /usr/bin/pkill (PID: 5781)File opened: /proc/13/cmdline
        Source: /usr/bin/pkill (PID: 5781)File opened: /proc/14/status
        Source: /usr/bin/pkill (PID: 5781)File opened: /proc/14/cmdline
        Source: /usr/bin/pkill (PID: 5781)File opened: /proc/15/status
        Source: /usr/bin/pkill (PID: 5781)File opened: /proc/15/cmdline
        Source: /usr/bin/pkill (PID: 5781)File opened: /proc/16/status
        Source: /usr/bin/pkill (PID: 5781)File opened: /proc/16/cmdline
        Source: /usr/bin/pkill (PID: 5781)File opened: /proc/17/status
        Source: /usr/bin/pkill (PID: 5781)File opened: /proc/17/cmdline
        Source: /usr/bin/pkill (PID: 5781)File opened: /proc/18/status
        Source: /usr/bin/pkill (PID: 5781)File opened: /proc/18/cmdline
        Source: /usr/bin/pkill (PID: 5781)File opened: /proc/19/status
        Source: /usr/bin/pkill (PID: 5781)File opened: /proc/19/cmdline
        Source: /usr/bin/pkill (PID: 5781)File opened: /proc/240/status
        Source: /usr/bin/pkill (PID: 5781)File opened: /proc/240/cmdline
        Source: /usr/bin/pkill (PID: 5781)File opened: /proc/3095/status
        Source: /usr/bin/pkill (PID: 5781)File opened: /proc/3095/cmdline
        Source: /usr/bin/pkill (PID: 5781)File opened: /proc/120/status
        Source: /usr/bin/pkill (PID: 5781)File opened: /proc/120/cmdline
        Source: /usr/bin/pkill (PID: 5781)File opened: /proc/241/status
        Source: /usr/bin/pkill (PID: 5781)File opened: /proc/241/cmdline
        Source: /usr/bin/pkill (PID: 5781)File opened: /proc/121/status
        Source: /usr/bin/pkill (PID: 5781)File opened: /proc/121/cmdline
        Source: /usr/bin/pkill (PID: 5781)File opened: /proc/242/status
        Source: /usr/bin/pkill (PID: 5781)File opened: /proc/242/cmdline
        Source: /usr/bin/pkill (PID: 5781)File opened: /proc/1/status
        Source: /usr/bin/pkill (PID: 5781)File opened: /proc/1/cmdline
        Source: /usr/bin/pkill (PID: 5781)File opened: /proc/122/status
        Source: /usr/bin/pkill (PID: 5781)File opened: /proc/122/cmdline
        Source: /usr/bin/pkill (PID: 5781)File opened: /proc/243/status
        Source: /usr/bin/pkill (PID: 5781)File opened: /proc/243/cmdline
        Source: /usr/bin/pkill (PID: 5781)File opened: /proc/2/status
        Source: /usr/bin/pkill (PID: 5781)File opened: /proc/2/cmdline
        Source: /usr/bin/pkill (PID: 5781)File opened: /proc/123/status
        Source: /usr/bin/pkill (PID: 5781)File opened: /proc/123/cmdline
        Source: /usr/bin/pkill (PID: 5781)File opened: /proc/244/status
        Source: /usr/bin/pkill (PID: 5781)File opened: /proc/244/cmdline
        Source: /usr/bin/pkill (PID: 5781)File opened: /proc/3/status
        Source: /usr/bin/pkill (PID: 5781)File opened: /proc/3/cmdline
        Source: /usr/bin/pkill (PID: 5781)File opened: /proc/124/status
        Source: /usr/bin/pkill (PID: 5781)File opened: /proc/124/cmdline
        Source: /usr/bin/pkill (PID: 5781)File opened: /proc/245/status
        Source: /usr/bin/pkill (PID: 5781)File opened: /proc/245/cmdline
        Source: /usr/bin/pkill (PID: 5781)File opened: /proc/1588/status
        Source: /usr/bin/pkill (PID: 5781)File opened: /proc/1588/cmdline
        Source: /usr/bin/pkill (PID: 5781)File opened: /proc/125/status
        Source: /usr/bin/pkill (PID: 5781)File opened: /proc/125/cmdline
        Source: /usr/bin/pkill (PID: 5781)File opened: /proc/4/status
        Source: /usr/bin/pkill (PID: 5781)File opened: /proc/4/cmdline
        Source: /usr/bin/pkill (PID: 5781)File opened: /proc/246/status
        Source: /usr/bin/pkill (PID: 5781)File opened: /proc/246/cmdline
        Source: /usr/bin/pkill (PID: 5781)File opened: /proc/126/status
        Source: /usr/bin/pkill (PID: 5781)File opened: /proc/126/cmdline
        Source: /usr/bin/pkill (PID: 5781)File opened: /proc/5/status
        Source: /usr/bin/pkill (PID: 5781)File opened: /proc/5/cmdline
        Source: /tmp/yakuza.arm4.elf (PID: 5504)Shell command executed: sh -c "pkill -9 902i13 || busybox pkill -9 902i13"Jump to behavior
        Source: /tmp/yakuza.arm4.elf (PID: 5539)Shell command executed: sh -c "pkill -9 BzSxLxBxeY || busybox pkill -9 BzSxLxBxeY"Jump to behavior
        Source: /tmp/yakuza.arm4.elf (PID: 5548)Shell command executed: sh -c "pkill -9 HOHO-LUGO7 || busybox pkill -9 HOHO-LUGO7"Jump to behavior
        Source: /tmp/yakuza.arm4.elf (PID: 5554)Shell command executed: sh -c "pkill -9 HOHO-U79OL || busybox pkill -9 HOHO-U79OL"Jump to behavior
        Source: /tmp/yakuza.arm4.elf (PID: 5561)Shell command executed: sh -c "pkill -9 JuYfouyf87 || busybox pkill -9 JuYfouyf87"Jump to behavior
        Source: /tmp/yakuza.arm4.elf (PID: 5565)Shell command executed: sh -c "pkill -9 NiGGeR69xd || busybox pkill -9 NiGGeR69xd"Jump to behavior
        Source: /tmp/yakuza.arm4.elf (PID: 5575)Shell command executed: sh -c "pkill -9 SO190Ij1X || busybox pkill -9 SO190Ij1X"Jump to behavior
        Source: /tmp/yakuza.arm4.elf (PID: 5579)Shell command executed: sh -c "pkill -9 LOLKIKEEEDDE || busybox pkill -9 LOLKIKEEEDDE"Jump to behavior
        Source: /tmp/yakuza.arm4.elf (PID: 5610)Shell command executed: sh -c "pkill -9 ekjheory98e || busybox pkill -9 ekjheory98e"Jump to behavior
        Source: /tmp/yakuza.arm4.elf (PID: 5617)Shell command executed: sh -c "pkill -9 scansh4 || busybox pkill -9 scansh4"Jump to behavior
        Source: /tmp/yakuza.arm4.elf (PID: 5627)Shell command executed: sh -c "pkill -9 MDMA || busybox pkill -9 MDMA"Jump to behavior
        Source: /tmp/yakuza.arm4.elf (PID: 5635)Shell command executed: sh -c "pkill -9 fdevalvex || busybox pkill -9 fdevalvex"Jump to behavior
        Source: /tmp/yakuza.arm4.elf (PID: 5641)Shell command executed: sh -c "pkill -9 scanspc || busybox pkill -9 scanspc"Jump to behavior
        Source: /tmp/yakuza.arm4.elf (PID: 5648)Shell command executed: sh -c "pkill -9 MELTEDNINJAREALZ || busybox pkill -9 MELTEDNINJAREALZ"Jump to behavior
        Source: /tmp/yakuza.arm4.elf (PID: 5657)Shell command executed: sh -c "pkill -9 flexsonskids || busybox pkill -9 flexsonskids"Jump to behavior
        Source: /tmp/yakuza.arm4.elf (PID: 5664)Shell command executed: sh -c "pkill -9 scanx86 || busybox pkill -9 scanx86"
        Source: /tmp/yakuza.arm4.elf (PID: 5671)Shell command executed: sh -c "pkill -9 MISAKI-U79OL || busybox pkill -9 MISAKI-U79OL"
        Source: /tmp/yakuza.arm4.elf (PID: 5680)Shell command executed: sh -c "pkill -9 foAxi102kxe || busybox pkill -9 foAxi102kxe"
        Source: /tmp/yakuza.arm4.elf (PID: 5688)Shell command executed: sh -c "pkill -9 swodjwodjwoj || busybox pkill -9 swodjwodjwoj"
        Source: /tmp/yakuza.arm4.elf (PID: 5697)Shell command executed: sh -c "pkill -9 MmKiy7f87l || busybox pkill -9 MmKiy7f87l"
        Source: /tmp/yakuza.arm4.elf (PID: 5704)Shell command executed: sh -c "pkill -9 freecookiex86 || busybox pkill -9 freecookiex86"
        Source: /tmp/yakuza.arm4.elf (PID: 5715)Shell command executed: sh -c "pkill -9 sysgpu || busybox pkill -9 sysgpu"
        Source: /tmp/yakuza.arm4.elf (PID: 5722)Shell command executed: sh -c "pkill -9 NiGGeR69xd || busybox pkill -9 NiGGeR69xd"
        Source: /tmp/yakuza.arm4.elf (PID: 5729)Shell command executed: sh -c "pkill -9 frgege || busybox pkill -9 frgege"
        Source: /tmp/yakuza.arm4.elf (PID: 5739)Shell command executed: sh -c "pkill -9 sysupdater || busybox pkill -9 sysupdater"
        Source: /tmp/yakuza.arm4.elf (PID: 5743)Shell command executed: sh -c "pkill -9 0DnAzepd || busybox pkill -9 0DnAzepd"
        Source: /tmp/yakuza.arm4.elf (PID: 5749)Shell command executed: sh -c "pkill -9 NiGGeRD0nks69 || busybox pkill -9 NiGGeRD0nks69"
        Source: /tmp/yakuza.arm4.elf (PID: 5757)Shell command executed: sh -c "pkill -9 frgreu || busybox pkill -9 frgreu"
        Source: /tmp/yakuza.arm4.elf (PID: 5763)Shell command executed: sh -c "pkill -9 telnetd || busybox pkill -9 telnetd"
        Source: /tmp/yakuza.arm4.elf (PID: 5770)Shell command executed: sh -c "pkill -9 0x766f6964 || busybox pkill -9 0x766f6964"
        Source: /tmp/yakuza.arm4.elf (PID: 5779)Shell command executed: sh -c "pkill -9 NiGGeRd0nks1337 || busybox pkill -9 NiGGeRd0nks1337"
        Source: /tmp/yakuza.arm4.elf (PID: 5783)Shell command executed: sh -c "pkill -9 gaft || busybox pkill -9 gaft"
        Source: /tmp/yakuza.arm4.elf (PID: 5793)Shell command executed: sh -c "pkill -9 urasgbsigboa || busybox pkill -9 urasgbsigboa"
        Source: /tmp/yakuza.arm4.elf (PID: 5800)Shell command executed: sh -c "pkill -9 120i3UI49 || busybox pkill -9 120i3UI49"
        Source: /tmp/yakuza.arm4.elf (PID: 5807)Shell command executed: sh -c "pkill -9 OaF3 || busybox pkill -9 OaF3"
        Source: /tmp/yakuza.arm4.elf (PID: 5816)Shell command executed: sh -c "pkill -9 geae || busybox pkill -9 geae"
        Source: /tmp/yakuza.arm4.elf (PID: 5823)Shell command executed: sh -c "pkill -9 vaiolmao || busybox pkill -9 vaiolmao"
        Source: /tmp/yakuza.arm4.elf (PID: 5833)Shell command executed: sh -c "pkill -9 123123a || busybox pkill -9 123123a"
        Source: /tmp/yakuza.arm4.elf (PID: 5841)Shell command executed: sh -c "pkill -9 Ofurain0n4H34D || busybox pkill -9 Ofurain0n4H34D"
        Source: /tmp/yakuza.arm4.elf (PID: 5847)Shell command executed: sh -c "pkill -9 ggTrex || busybox pkill -9 ggTrex"
        Source: /tmp/yakuza.arm4.elf (PID: 5854)Shell command executed: sh -c "pkill -9 wasads || busybox pkill -9 wasads"
        Source: /tmp/yakuza.arm4.elf (PID: 5863)Shell command executed: sh -c "pkill -9 1293194hjXD || busybox pkill -9 1293194hjXD"
        Source: /tmp/yakuza.arm4.elf (PID: 5870)Shell command executed: sh -c "pkill -9 OthLaLosn || busybox pkill -9 OthLaLosn"
        Source: /tmp/yakuza.arm4.elf (PID: 5877)Shell command executed: sh -c "pkill -9 ggt || busybox pkill -9 ggt"
        Source: /tmp/yakuza.arm4.elf (PID: 5883)Shell command executed: sh -c "pkill -9 wget-log || busybox pkill -9 wget-log"
        Source: /tmp/yakuza.arm4.elf (PID: 5891)Shell command executed: sh -c "pkill -9 1337SoraLOADER || busybox pkill -9 1337SoraLOADER"
        Source: /tmp/yakuza.arm4.elf (PID: 5900)Shell command executed: sh -c "pkill -9 SAIAKINA || busybox pkill -9 SAIAKINA"
        Source: /tmp/yakuza.arm4.elf (PID: 5907)Shell command executed: sh -c "pkill -9 ggtq || busybox pkill -9 ggtq"
        Source: /tmp/yakuza.arm4.elf (PID: 5915)Shell command executed: sh -c "pkill -9 1378bfp919GRB1Q2 || busybox pkill -9 1378bfp919GRB1Q2"
        Source: /tmp/yakuza.arm4.elf (PID: 5922)Shell command executed: sh -c "pkill -9 SAIAKUSO || busybox pkill -9 SAIAKUSO"
        Source: /tmp/yakuza.arm4.elf (PID: 5929)Shell command executed: sh -c "pkill -9 ggtr || busybox pkill -9 ggtr"
        Source: /tmp/yakuza.arm4.elf (PID: 5939)Shell command executed: sh -c "pkill -9 14Fa || busybox pkill -9 14Fa"
        Source: /tmp/yakuza.arm4.elf (PID: 5943)Shell command executed: sh -c "pkill -9 SEXSLAVE1337 || busybox pkill -9 SEXSLAVE1337"
        Source: /tmp/yakuza.arm4.elf (PID: 5949)Shell command executed: sh -c "pkill -9 ggtt || busybox pkill -9 ggtt"
        Source: /tmp/yakuza.arm4.elf (PID: 5957)Shell command executed: sh -c "pkill -9 1902a3u912u3u4 || busybox pkill -9 1902a3u912u3u4"
        Source: /bin/sh (PID: 5512)Pkill executable: /usr/bin/pkill -> pkill -9 902i13Jump to behavior
        Source: /bin/sh (PID: 5546)Pkill executable: /usr/bin/pkill -> pkill -9 BzSxLxBxeYJump to behavior
        Source: /bin/sh (PID: 5550)Pkill executable: /usr/bin/pkill -> pkill -9 HOHO-LUGO7Jump to behavior
        Source: /bin/sh (PID: 5559)Pkill executable: /usr/bin/pkill -> pkill -9 HOHO-U79OLJump to behavior
        Source: /bin/sh (PID: 5563)Pkill executable: /usr/bin/pkill -> pkill -9 JuYfouyf87Jump to behavior
        Source: /bin/sh (PID: 5573)Pkill executable: /usr/bin/pkill -> pkill -9 NiGGeR69xdJump to behavior
        Source: /bin/sh (PID: 5577)Pkill executable: /usr/bin/pkill -> pkill -9 SO190Ij1XJump to behavior
        Source: /bin/sh (PID: 5584)Pkill executable: /usr/bin/pkill -> pkill -9 LOLKIKEEEDDEJump to behavior
        Source: /bin/sh (PID: 5615)Pkill executable: /usr/bin/pkill -> pkill -9 ekjheory98eJump to behavior
        Source: /bin/sh (PID: 5622)Pkill executable: /usr/bin/pkill -> pkill -9 scansh4Jump to behavior
        Source: /bin/sh (PID: 5633)Pkill executable: /usr/bin/pkill -> pkill -9 MDMAJump to behavior
        Source: /bin/sh (PID: 5637)Pkill executable: /usr/bin/pkill -> pkill -9 fdevalvexJump to behavior
        Source: /bin/sh (PID: 5646)Pkill executable: /usr/bin/pkill -> pkill -9 scanspcJump to behavior
        Source: /bin/sh (PID: 5653)Pkill executable: /usr/bin/pkill -> pkill -9 MELTEDNINJAREALZJump to behavior
        Source: /bin/sh (PID: 5662)Pkill executable: /usr/bin/pkill -> pkill -9 flexsonskidsJump to behavior
        Source: /bin/sh (PID: 5669)Pkill executable: /usr/bin/pkill -> pkill -9 scanx86
        Source: /bin/sh (PID: 5676)Pkill executable: /usr/bin/pkill -> pkill -9 MISAKI-U79OL
        Source: /bin/sh (PID: 5686)Pkill executable: /usr/bin/pkill -> pkill -9 foAxi102kxe
        Source: /bin/sh (PID: 5693)Pkill executable: /usr/bin/pkill -> pkill -9 swodjwodjwoj
        Source: /bin/sh (PID: 5702)Pkill executable: /usr/bin/pkill -> pkill -9 MmKiy7f87l
        Source: /bin/sh (PID: 5709)Pkill executable: /usr/bin/pkill -> pkill -9 freecookiex86
        Source: /bin/sh (PID: 5720)Pkill executable: /usr/bin/pkill -> pkill -9 sysgpu
        Source: /bin/sh (PID: 5727)Pkill executable: /usr/bin/pkill -> pkill -9 NiGGeR69xd
        Source: /bin/sh (PID: 5734)Pkill executable: /usr/bin/pkill -> pkill -9 frgege
        Source: /bin/sh (PID: 5741)Pkill executable: /usr/bin/pkill -> pkill -9 sysupdater
        Source: /bin/sh (PID: 5745)Pkill executable: /usr/bin/pkill -> pkill -9 0DnAzepd
        Source: /bin/sh (PID: 5755)Pkill executable: /usr/bin/pkill -> pkill -9 NiGGeRD0nks69
        Source: /bin/sh (PID: 5759)Pkill executable: /usr/bin/pkill -> pkill -9 frgreu
        Source: /bin/sh (PID: 5768)Pkill executable: /usr/bin/pkill -> pkill -9 telnetd
        Source: /bin/sh (PID: 5775)Pkill executable: /usr/bin/pkill -> pkill -9 0x766f6964
        Source: /bin/sh (PID: 5781)Pkill executable: /usr/bin/pkill -> pkill -9 NiGGeRd0nks1337
        Source: /bin/sh (PID: 5789)Pkill executable: /usr/bin/pkill -> pkill -9 gaft
        Source: /bin/sh (PID: 5798)Pkill executable: /usr/bin/pkill -> pkill -9 urasgbsigboa
        Source: /bin/sh (PID: 5805)Pkill executable: /usr/bin/pkill -> pkill -9 120i3UI49
        Source: /bin/sh (PID: 5812)Pkill executable: /usr/bin/pkill -> pkill -9 OaF3
        Source: /bin/sh (PID: 5821)Pkill executable: /usr/bin/pkill -> pkill -9 geae
        Source: /bin/sh (PID: 5828)Pkill executable: /usr/bin/pkill -> pkill -9 vaiolmao
        Source: /bin/sh (PID: 5839)Pkill executable: /usr/bin/pkill -> pkill -9 123123a
        Source: /bin/sh (PID: 5843)Pkill executable: /usr/bin/pkill -> pkill -9 Ofurain0n4H34D
        Source: /bin/sh (PID: 5852)Pkill executable: /usr/bin/pkill -> pkill -9 ggTrex
        Source: /bin/sh (PID: 5859)Pkill executable: /usr/bin/pkill -> pkill -9 wasads
        Source: /bin/sh (PID: 5868)Pkill executable: /usr/bin/pkill -> pkill -9 1293194hjXD
        Source: /bin/sh (PID: 5875)Pkill executable: /usr/bin/pkill -> pkill -9 OthLaLosn
        Source: /bin/sh (PID: 5879)Pkill executable: /usr/bin/pkill -> pkill -9 ggt
        Source: /bin/sh (PID: 5889)Pkill executable: /usr/bin/pkill -> pkill -9 wget-log
        Source: /bin/sh (PID: 5896)Pkill executable: /usr/bin/pkill -> pkill -9 1337SoraLOADER
        Source: /bin/sh (PID: 5905)Pkill executable: /usr/bin/pkill -> pkill -9 SAIAKINA
        Source: /bin/sh (PID: 5909)Pkill executable: /usr/bin/pkill -> pkill -9 ggtq
        Source: /bin/sh (PID: 5920)Pkill executable: /usr/bin/pkill -> pkill -9 1378bfp919GRB1Q2
        Source: /bin/sh (PID: 5927)Pkill executable: /usr/bin/pkill -> pkill -9 SAIAKUSO
        Source: /bin/sh (PID: 5934)Pkill executable: /usr/bin/pkill -> pkill -9 ggtr
        Source: /bin/sh (PID: 5941)Pkill executable: /usr/bin/pkill -> pkill -9 14Fa
        Source: /bin/sh (PID: 5945)Pkill executable: /usr/bin/pkill -> pkill -9 SEXSLAVE1337
        Source: /bin/sh (PID: 5955)Pkill executable: /usr/bin/pkill -> pkill -9 ggtt
        Source: /bin/sh (PID: 5962)Pkill executable: /usr/bin/pkill -> pkill -9 1902a3u912u3u4

        Hooking and other Techniques for Hiding and Protection

        barindex
        Uses known network protocols on non-standard ports
        Source: unknownNetwork traffic detected: IRC traffic on port 60600 -> 6780
        Source: unknownNetwork traffic detected: IRC traffic on port 60602 -> 6780
        Source: unknownNetwork traffic detected: IRC traffic on port 60604 -> 6780
        Source: unknownNetwork traffic detected: IRC traffic on port 60606 -> 6780
        Source: unknownNetwork traffic detected: IRC traffic on port 60608 -> 6780
        Source: unknownNetwork traffic detected: IRC traffic on port 60610 -> 6780
        Source: unknownNetwork traffic detected: IRC traffic on port 60612 -> 6780
        Source: unknownNetwork traffic detected: IRC traffic on port 60614 -> 6780
        Source: unknownNetwork traffic detected: IRC traffic on port 60616 -> 6780
        Source: unknownNetwork traffic detected: IRC traffic on port 60618 -> 6780
        Source: unknownNetwork traffic detected: IRC traffic on port 60620 -> 6780
        Source: unknownNetwork traffic detected: IRC traffic on port 60622 -> 6780
        Source: unknownNetwork traffic detected: IRC traffic on port 60624 -> 6780
        Source: unknownNetwork traffic detected: IRC traffic on port 60626 -> 6780
        Source: unknownNetwork traffic detected: IRC traffic on port 60628 -> 6780
        Source: unknownNetwork traffic detected: IRC traffic on port 60630 -> 6780
        Source: unknownNetwork traffic detected: IRC traffic on port 60632 -> 6780
        Source: unknownNetwork traffic detected: IRC traffic on port 60634 -> 6780
        Source: unknownNetwork traffic detected: IRC traffic on port 60636 -> 6780
        Source: unknownNetwork traffic detected: IRC traffic on port 60638 -> 6780
        Source: /usr/bin/pkill (PID: 5512)Reads CPU info from /sys: /sys/devices/system/cpu/onlineJump to behavior
        Source: /usr/bin/pkill (PID: 5546)Reads CPU info from /sys: /sys/devices/system/cpu/onlineJump to behavior
        Source: /usr/bin/pkill (PID: 5550)Reads CPU info from /sys: /sys/devices/system/cpu/onlineJump to behavior
        Source: /usr/bin/pkill (PID: 5559)Reads CPU info from /sys: /sys/devices/system/cpu/onlineJump to behavior
        Source: /usr/bin/pkill (PID: 5563)Reads CPU info from /sys: /sys/devices/system/cpu/onlineJump to behavior
        Source: /usr/bin/pkill (PID: 5573)Reads CPU info from /sys: /sys/devices/system/cpu/onlineJump to behavior
        Source: /usr/bin/pkill (PID: 5577)Reads CPU info from /sys: /sys/devices/system/cpu/onlineJump to behavior
        Source: /usr/bin/pkill (PID: 5584)Reads CPU info from /sys: /sys/devices/system/cpu/onlineJump to behavior
        Source: /usr/bin/pkill (PID: 5615)Reads CPU info from /sys: /sys/devices/system/cpu/onlineJump to behavior
        Source: /usr/bin/pkill (PID: 5622)Reads CPU info from /sys: /sys/devices/system/cpu/onlineJump to behavior
        Source: /usr/bin/pkill (PID: 5633)Reads CPU info from /sys: /sys/devices/system/cpu/onlineJump to behavior
        Source: /usr/bin/pkill (PID: 5637)Reads CPU info from /sys: /sys/devices/system/cpu/onlineJump to behavior
        Source: /usr/bin/pkill (PID: 5646)Reads CPU info from /sys: /sys/devices/system/cpu/onlineJump to behavior
        Source: /usr/bin/pkill (PID: 5653)Reads CPU info from /sys: /sys/devices/system/cpu/onlineJump to behavior
        Source: /usr/bin/pkill (PID: 5662)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 5669)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 5676)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 5686)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 5693)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 5702)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 5709)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 5720)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 5727)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 5734)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 5741)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 5745)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 5755)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 5759)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 5768)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 5775)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 5781)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 5789)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 5798)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 5805)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 5812)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 5821)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 5828)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 5839)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 5843)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 5852)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 5859)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 5868)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 5875)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 5879)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 5889)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 5896)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 5905)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 5909)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 5920)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 5927)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 5934)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 5941)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 5945)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 5955)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 5962)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /tmp/yakuza.arm4.elf (PID: 5497)Queries kernel information via 'uname': Jump to behavior
        Source: /usr/bin/busybox (PID: 5538)Queries kernel information via 'uname': Jump to behavior
        Source: /usr/bin/busybox (PID: 5547)Queries kernel information via 'uname': Jump to behavior
        Source: /usr/bin/busybox (PID: 5551)Queries kernel information via 'uname': Jump to behavior
        Source: /usr/bin/busybox (PID: 5560)Queries kernel information via 'uname': Jump to behavior
        Source: /usr/bin/busybox (PID: 5564)Queries kernel information via 'uname': Jump to behavior
        Source: /usr/bin/busybox (PID: 5574)Queries kernel information via 'uname': Jump to behavior
        Source: /usr/bin/busybox (PID: 5578)Queries kernel information via 'uname': Jump to behavior
        Source: /usr/bin/busybox (PID: 5609)Queries kernel information via 'uname': Jump to behavior
        Source: /usr/bin/busybox (PID: 5616)Queries kernel information via 'uname': Jump to behavior
        Source: /usr/bin/busybox (PID: 5625)Queries kernel information via 'uname': Jump to behavior
        Source: /usr/bin/busybox (PID: 5634)Queries kernel information via 'uname': Jump to behavior
        Source: /usr/bin/busybox (PID: 5638)Queries kernel information via 'uname': Jump to behavior
        Source: /usr/bin/busybox (PID: 5647)Queries kernel information via 'uname': Jump to behavior
        Source: /usr/bin/busybox (PID: 5654)Queries kernel information via 'uname': Jump to behavior
        Source: /usr/bin/busybox (PID: 5663)Queries kernel information via 'uname':
        Source: /usr/bin/busybox (PID: 5670)Queries kernel information via 'uname':
        Source: /usr/bin/busybox (PID: 5679)Queries kernel information via 'uname':
        Source: /usr/bin/busybox (PID: 5687)Queries kernel information via 'uname':
        Source: /usr/bin/busybox (PID: 5696)Queries kernel information via 'uname':
        Source: /usr/bin/busybox (PID: 5703)Queries kernel information via 'uname':
        Source: /usr/bin/busybox (PID: 5710)Queries kernel information via 'uname':
        Source: /usr/bin/busybox (PID: 5721)Queries kernel information via 'uname':
        Source: /usr/bin/busybox (PID: 5728)Queries kernel information via 'uname':
        Source: /usr/bin/busybox (PID: 5738)Queries kernel information via 'uname':
        Source: /usr/bin/busybox (PID: 5742)Queries kernel information via 'uname':
        Source: /usr/bin/busybox (PID: 5748)Queries kernel information via 'uname':
        Source: /usr/bin/busybox (PID: 5756)Queries kernel information via 'uname':
        Source: /usr/bin/busybox (PID: 5762)Queries kernel information via 'uname':
        Source: /usr/bin/busybox (PID: 5769)Queries kernel information via 'uname':
        Source: /usr/bin/busybox (PID: 5776)Queries kernel information via 'uname':
        Source: /usr/bin/busybox (PID: 5782)Queries kernel information via 'uname':
        Source: /usr/bin/busybox (PID: 5790)Queries kernel information via 'uname':
        Source: /usr/bin/busybox (PID: 5799)Queries kernel information via 'uname':
        Source: /usr/bin/busybox (PID: 5806)Queries kernel information via 'uname':
        Source: /usr/bin/busybox (PID: 5815)Queries kernel information via 'uname':
        Source: /usr/bin/busybox (PID: 5822)Queries kernel information via 'uname':
        Source: /usr/bin/busybox (PID: 5831)Queries kernel information via 'uname':
        Source: /usr/bin/busybox (PID: 5840)Queries kernel information via 'uname':
        Source: /usr/bin/busybox (PID: 5846)Queries kernel information via 'uname':
        Source: /usr/bin/busybox (PID: 5853)Queries kernel information via 'uname':
        Source: /usr/bin/busybox (PID: 5860)Queries kernel information via 'uname':
        Source: /usr/bin/busybox (PID: 5869)Queries kernel information via 'uname':
        Source: /usr/bin/busybox (PID: 5876)Queries kernel information via 'uname':
        Source: /usr/bin/busybox (PID: 5882)Queries kernel information via 'uname':
        Source: /usr/bin/busybox (PID: 5890)Queries kernel information via 'uname':
        Source: /usr/bin/busybox (PID: 5899)Queries kernel information via 'uname':
        Source: /usr/bin/busybox (PID: 5906)Queries kernel information via 'uname':
        Source: /usr/bin/busybox (PID: 5910)Queries kernel information via 'uname':
        Source: /usr/bin/busybox (PID: 5921)Queries kernel information via 'uname':
        Source: /usr/bin/busybox (PID: 5928)Queries kernel information via 'uname':
        Source: /usr/bin/busybox (PID: 5937)Queries kernel information via 'uname':
        Source: /usr/bin/busybox (PID: 5942)Queries kernel information via 'uname':
        Source: /usr/bin/busybox (PID: 5948)Queries kernel information via 'uname':
        Source: /usr/bin/busybox (PID: 5956)Queries kernel information via 'uname':
        Source: yakuza.arm4.elf, 5497.1.000056357460a000.0000563574738000.rw-.sdmp, yakuza.arm4.elf, 5501.1.000056357460a000.0000563574738000.rw-.sdmpBinary or memory string: bt5V!/etc/qemu-binfmt/arm
        Source: yakuza.arm4.elf, 5497.1.000056357460a000.0000563574738000.rw-.sdmp, yakuza.arm4.elf, 5501.1.000056357460a000.0000563574738000.rw-.sdmpBinary or memory string: /etc/qemu-binfmt/arm
        Source: yakuza.arm4.elf, 5497.1.00007ffd50edf000.00007ffd50f00000.rw-.sdmp, yakuza.arm4.elf, 5501.1.00007ffd50edf000.00007ffd50f00000.rw-.sdmpBinary or memory string: /usr/bin/qemu-arm
        Source: yakuza.arm4.elf, 5497.1.00007ffd50edf000.00007ffd50f00000.rw-.sdmp, yakuza.arm4.elf, 5501.1.00007ffd50edf000.00007ffd50f00000.rw-.sdmpBinary or memory string: x86_64/usr/bin/qemu-arm/tmp/yakuza.arm4.elfSUDO_USER=saturninoPATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/binDISPLAY=:1.0XAUTHORITY=/run/user/1000/gdm/XauthoritySUDO_UID=1000TERM=xterm-256colorCOLORTERM=truecolorLOGNAME=rootUSER=rootLANG=en_US.UTF-8SUDO_COMMAND=/bin/bashHOME=/rootMAIL=/var/mail/rootSUDO_GID=1000SHELL=/bin/bash/tmp/yakuza.arm4.elf
        Source: yakuza.arm4.elf, 5501.1.00007ffd50edf000.00007ffd50f00000.rw-.sdmpBinary or memory string: qemu: uncaught target signal 11 (Segmentation fault) - core dumped

        Stealing of Sensitive Information

        barindex
        Yara detected Mirai
        Source: Yara matchFile source: yakuza.arm4.elf, type: SAMPLE
        Source: Yara matchFile source: 5497.1.00007f91b8017000.00007f91b8033000.r-x.sdmp, type: MEMORY
        Source: Yara matchFile source: 5501.1.00007f91b8017000.00007f91b8033000.r-x.sdmp, type: MEMORY
        Source: Initial sampleUser agent string found: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:48.0) Gecko/20100101 Firefox/48.0
        Source: Initial sampleUser agent string found: Mozilla/5.0 (Macintosh; U; Intel Mac OS X; en; rv:1.8.1.11) Gecko/20071128 Camino/1.5.4
        Source: Initial sampleUser agent string found: Mozilla/5.0 (Windows; U; Windows NT 6.1; rv:2.2) Gecko/20110201
        Source: Initial sampleUser agent string found: Mozilla/5.0 (Windows; U; Windows NT 6.1; cs; rv:1.9.2.6) Gecko/20100628 myibrow/4alpha2
        Source: Initial sampleUser agent string found: Mozilla/5.0 (Windows; U; Win 9x 4.90; SG; rv:1.9.2.4) Gecko/20101104 Netscape/9.1.0285
        Source: Initial sampleUser agent string found: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.2.0 Lightning/4.0.2
        Source: Initial sampleUser agent string found: Opera/9.80 (X11; Linux i686; Ubuntu/14.10) Presto/2.12.388 Version/12.16
        Source: Initial sampleUser agent string found: Opera/9.80 (Windows NT 5.1; U;) Presto/2.7.62 Version/11.01
        Source: Initial sampleUser agent string found: Mozilla/5.0 (X11; Linux x86_64; U; de; rv:1.9.1.6) Gecko/20091201 Firefox/3.5.6 Opera 10.62
        Source: Initial sampleUser agent string found: Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2228.0 Safari/537.36
        Source: Initial sampleUser agent string found: Mozilla/5.0 (Linux; Android 4.4.3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/50.0.2661.89 Mobile Safari/537.36
        Source: Initial sampleUser agent string found: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:5.0) Gecko/20110517 Firefox/5.0 Fennec/5.0
        Source: Initial sampleUser agent string found: Mozilla/5.0 (Android; Linux armv7l; rv:9.0) Gecko/20111216 Firefox/9.0 Fennec/9.0
        Source: Initial sampleUser agent string found: Mozilla/5.0 (compatible; Teleca Q7; Brew 3.1.5; U; en) 480X800 LGE VX11000

        Remote Access Functionality

        barindex
        Yara detected Mirai
        Source: Yara matchFile source: yakuza.arm4.elf, type: SAMPLE
        Source: Yara matchFile source: 5497.1.00007f91b8017000.00007f91b8033000.r-x.sdmp, type: MEMORY
        Source: Yara matchFile source: 5501.1.00007f91b8017000.00007f91b8033000.r-x.sdmp, type: MEMORY

        Mitre Att&ck Matrix

        ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
        Gather Victim Identity Information1
        Scripting        		Valid AccountsWindows Management Instrumentation1
        Scripting        		Path Interception1
        Disable or Modify Tools        		1
        OS Credential Dumping        		11
        Security Software Discovery        		Remote ServicesData from Local System1
        Data Obfuscation        		Exfiltration Over Other Network MediumAbuse Accessibility Features
        CredentialsDomainsDefault AccountsScheduled Task/JobBoot or Logon Initialization ScriptsBoot or Logon Initialization ScriptsRootkit1
        Brute Force        		1
        System Information Discovery        		Remote Desktop ProtocolData from Removable Media11
        Non-Standard Port        		Exfiltration Over BluetoothNetwork Denial of Service
        Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)Logon Script (Windows)Obfuscated Files or InformationSecurity Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared Drive1
        Non-Application Layer Protocol        		Automated ExfiltrationData Encrypted for Impact
        Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin HookBinary PaddingNTDSSystem Network Configuration DiscoveryDistributed Component Object ModelInput Capture11
        Application Layer Protocol        		Traffic DuplicationData Destruction

        Malware Configuration

        No configs have been found

        Behavior Graph

        Hide Legend

        Legend:

        • Process
        • Signature
        • Created File
        • DNS/IP Info
        • Is Dropped
        • Number of created Files
        • Is malicious
        • Internet
        behaviorgraph top1 dnsIp2 2 Behavior Graph ID: 1561403 Sample: yakuza.arm4.elf Startdate: 23/11/2024 Architecture: LINUX Score: 72 39 95.234.158.87, 60600, 60602, 60604 ASN-IBSNAZIT Italy 2->39 41 daisy.ubuntu.com 2->41 43 Malicious sample detected (through community Yara rule) 2->43 45 Multi AV Scanner detection for submitted file 2->45 47 Yara detected Mirai 2->47 49 2 other signatures 2->49 9 yakuza.arm4.elf 2->9         started        signatures3 process4 process5 11 yakuza.arm4.elf 9->11         started        process6 13 yakuza.arm4.elf sh 11->13         started        15 yakuza.arm4.elf sh 11->15         started        17 yakuza.arm4.elf sh 11->17         started        19 54 other processes 11->19 process7 21 sh pkill 13->21         started        23 sh busybox 13->23         started        25 sh pkill 15->25         started        27 sh busybox 15->27         started        29 sh pkill 17->29         started        31 sh busybox 17->31         started        33 sh pkill 19->33         started        35 sh busybox 19->35         started        37 101 other processes 19->37

        Antivirus, Machine Learning and Genetic Malware Detection

        Initial Sample

        SourceDetectionScannerLabelLink
        yakuza.arm4.elf61%ReversingLabsLinux.Trojan.Tsunami

        Dropped Files

        No Antivirus matches

        Domains

        No Antivirus matches

        URLs

        No Antivirus matches

        Domains and IPs

        Contacted Domains

        NameIPActiveMaliciousAntivirus DetectionReputation
        daisy.ubuntu.com
        		162.213.35.24
        		truefalse
          		high

          URLs from Memory and Binaries

          NameSourceMaliciousAntivirus DetectionReputation
          https://youtu.be/dQw4w9WgXcQyakuza.arm4.elffalse
            		high
            http://linux-it.abuser.eu/yak.sh;yakuza.arm4.elffalse
              		unknown
              https://youtu.be/dQw4w9WgXcQNeveryakuza.arm4.elffalse
                		high

                World Map of Contacted IPs

                • No. of IPs < 25%
                • 25% < No. of IPs < 50%
                • 50% < No. of IPs < 75%
                • 75% < No. of IPs

                Public IPs

                IPDomainCountryFlagASNASN NameMalicious
                95.234.158.87
                		unknownItaly
                		3269ASN-IBSNAZITtrue

                Joe Sandbox View / Context

                IPs

                MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                95.234.158.87yakuza.m68k.elfGet hashmaliciousMiraiBrowse
                  yakuza.arm7.elfGet hashmaliciousMiraiBrowse
                    yakuza.ppc.elfGet hashmaliciousMiraiBrowse

                      Domains

                      MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                      daisy.ubuntu.comyakuza.arm7.elfGet hashmaliciousMiraiBrowse
                      • 162.213.35.24
                      la.bot.arm5.elfGet hashmaliciousUnknownBrowse
                      • 162.213.35.24
                      la.bot.sparc.elfGet hashmaliciousUnknownBrowse
                      • 162.213.35.25
                      la.bot.mips.elfGet hashmaliciousUnknownBrowse
                      • 162.213.35.24
                      la.bot.sh4.elfGet hashmaliciousUnknownBrowse
                      • 162.213.35.24
                      la.bot.powerpc.elfGet hashmaliciousUnknownBrowse
                      • 162.213.35.25
                      hidakibest.arm6.elfGet hashmaliciousGafgyt, MiraiBrowse
                      • 162.213.35.24
                      hidakibest.mips.elfGet hashmaliciousGafgyt, MiraiBrowse
                      • 162.213.35.25
                      hidakibest.mpsl.elfGet hashmaliciousGafgyt, MiraiBrowse
                      • 162.213.35.25
                      hidakibest.sparc.elfGet hashmaliciousGafgyt, MiraiBrowse
                      • 162.213.35.24

                      ASNs

                      MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                      ASN-IBSNAZITyakuza.m68k.elfGet hashmaliciousMiraiBrowse
                      • 95.234.158.87
                      yakuza.arm7.elfGet hashmaliciousMiraiBrowse
                      • 95.234.158.87
                      yakuza.ppc.elfGet hashmaliciousMiraiBrowse
                      • 95.234.158.87
                      sparc.nn.elfGet hashmaliciousMirai, OkiruBrowse
                      • 131.1.112.117
                      sh4.elfGet hashmaliciousMirai, MoobotBrowse
                      • 79.16.25.108
                      mpsl.elfGet hashmaliciousMirai, MoobotBrowse
                      • 95.224.165.124
                      powerpc.nn.elfGet hashmaliciousMirai, OkiruBrowse
                      • 79.58.184.246
                      mips.elfGet hashmaliciousMirai, MoobotBrowse
                      • 79.39.13.191
                      arm.elfGet hashmaliciousMirai, MoobotBrowse
                      • 2.114.140.56
                      m68k.elfGet hashmaliciousMirai, MoobotBrowse
                      • 87.16.92.237

                      JA3 Fingerprints

                      No context

                      Dropped Files

                      No context

                      Created / dropped Files

                      No created / dropped files found

                      Static File Info

                      General

                      File type:ELF 32-bit LSB executable, ARM, version 1 (ARM), statically linked, with debug_info, not stripped
                      Entropy (8bit):6.030419969080555
                      TrID:
                      • ELF Executable and Linkable format (generic) (4004/1) 100.00%
                      File name:yakuza.arm4.elf
                      File size:157'281 bytes
                      MD5:40eaafab329b57c06e41187911820918
                      SHA1:dc275d568e2439205e848c555f55d49241b8a7cc
                      SHA256:a7fa91f5eafa3d3da75a5468c2a8dec879db0a4adf6360b55d430c4d33f10985
                      SHA512:dbe45e75dd1e08bb80cc7965888c4a9ad519e9ed31170da1813009f7c7c92dcfa16eeb14c49407cba6ae5aab789fc08c1ba80c8a8dfd79a5a95faa6d54929913
                      SSDEEP:3072:Xq9d8WnpBQNSgfJ7ORHM9rGcYtlgMDU9JyJCNleUU4/31VQoydV7vnGr0fYpHJDl:Xq8JrGLlbw9JNleHlvnGr0fYZJDRyI
                      TLSH:1DE34A49FC54973BC2E23BFBF79A43CE372A5754978733115A296EB02BC17981E29120
                      File Content Preview:.ELF...a..........(.........4...........4. ...(.....................T...T...............T...T...T...................Q.td..................................-...L."...vV..........0@-.\P...0....S.0...P@...0... ....R......0...0...........0... ....R..... 0....S

                      Static ELF Info

                      ELF header

                      Class:ELF32
                      Data:2's complement, little endian
                      Version:1 (current)
                      Machine:ARM
                      Version Number:0x1
                      Type:EXEC (Executable file)
                      OS/ABI:ARM - ABI
                      ABI Version:0
                      Entry Point Address:0x8190
                      Flags:0x202
                      ELF Header Size:52
                      Program Header Offset:52
                      Program Header Size:32
                      Number of Program Headers:3
                      Section Header Offset:121996
                      Section Header Size:40
                      Number of Section Headers:20
                      Header String Table Index:17

                      Sections

                      NameTypeAddressOffsetSizeEntSizeFlagsFlags DescriptionLinkInfoAlign
                      NULL0x00x00x00x00x0000
                      .initPROGBITS0x80940x940x180x00x6AX004
                      .textPROGBITS0x80b00xb00x15a100x00x6AX0016
                      .finiPROGBITS0x1dac00x15ac00x140x00x6AX004
                      .rodataPROGBITS0x1dad40x15ad40x557c0x00x2A004
                      .eh_framePROGBITS0x230500x1b0500x40x00x2A004
                      .ctorsPROGBITS0x2b0540x1b0540x80x00x3WA004
                      .dtorsPROGBITS0x2b05c0x1b05c0x80x00x3WA004
                      .jcrPROGBITS0x2b0640x1b0640x40x00x3WA004
                      .dataPROGBITS0x2b0680x1b0680xd800x00x3WA004
                      .bssNOBITS0x2bde80x1bde80x77f00x00x3WA004
                      .commentPROGBITS0x00x1bde80xd4e0x00x0001
                      .debug_arangesPROGBITS0x00x1cb380x1200x00x0008
                      .debug_infoPROGBITS0x00x1cc580x5780x00x0001
                      .debug_abbrevPROGBITS0x00x1d1d00xb40x00x0001
                      .debug_linePROGBITS0x00x1d2840x8bd0x00x0001
                      .debug_framePROGBITS0x00x1db440xa00x00x0004
                      .shstrtabSTRTAB0x00x1dbe40xa80x00x0001
                      .symtabSYMTAB0x00x1dfac0x59d00x100x0197844
                      .strtabSTRTAB0x00x2397c0x2ce50x00x0001

                      Program Segments

                      TypeOffsetVirtual AddressPhysical AddressFile SizeMemory SizeEntropyFlagsFlags DescriptionAlignProg InterpreterSection Mappings
                      LOAD0x00x80000x80000x1b0540x1b0546.15210x5R E0x8000.init .text .fini .rodata .eh_frame
                      LOAD0x1b0540x2b0540x2b0540xd940x85844.21160x6RW 0x8000.ctors .dtors .jcr .data .bss
                      GNU_STACK0x00x00x00x00x00.00000x7RWE0x4

                      Symbols

                      NameVersion Info NameVersion Info File NameSection NameValueSizeSymbol TypeSymbol BindSymbol VisibilityNdx
                      .symtab0x00NOTYPE<unknown>DEFAULTSHN_UNDEF
                      .symtab0x80940SECTION<unknown>DEFAULT1
                      .symtab0x80b00SECTION<unknown>DEFAULT2
                      .symtab0x1dac00SECTION<unknown>DEFAULT3
                      .symtab0x1dad40SECTION<unknown>DEFAULT4
                      .symtab0x230500SECTION<unknown>DEFAULT5
                      .symtab0x2b0540SECTION<unknown>DEFAULT6
                      .symtab0x2b05c0SECTION<unknown>DEFAULT7
                      .symtab0x2b0640SECTION<unknown>DEFAULT8
                      .symtab0x2b0680SECTION<unknown>DEFAULT9
                      .symtab0x2bde80SECTION<unknown>DEFAULT10
                      .symtab0x00SECTION<unknown>DEFAULT11
                      .symtab0x00SECTION<unknown>DEFAULT12
                      .symtab0x00SECTION<unknown>DEFAULT13
                      .symtab0x00SECTION<unknown>DEFAULT14
                      .symtab0x00SECTION<unknown>DEFAULT15
                      .symtab0x00SECTION<unknown>DEFAULT16
                      .symtab0x00SECTION<unknown>DEFAULT17
                      .symtab0x00SECTION<unknown>DEFAULT18
                      .symtab0x00SECTION<unknown>DEFAULT19
                      $a.symtab0x80940NOTYPE<unknown>DEFAULT1
                      $a.symtab0x1dac00NOTYPE<unknown>DEFAULT3
                      $a.symtab0x80b00NOTYPE<unknown>DEFAULT2
                      $a.symtab0x81280NOTYPE<unknown>DEFAULT2
                      $a.symtab0x1dacc0NOTYPE<unknown>DEFAULT3
                      $a.symtab0x81880NOTYPE<unknown>DEFAULT2
                      $a.symtab0x80a00NOTYPE<unknown>DEFAULT1
                      $a.symtab0x1da840NOTYPE<unknown>DEFAULT2
                      $a.symtab0x1dab80NOTYPE<unknown>DEFAULT2
                      $a.symtab0x80a40NOTYPE<unknown>DEFAULT1
                      $a.symtab0x80a80NOTYPE<unknown>DEFAULT1
                      $a.symtab0x1dad00NOTYPE<unknown>DEFAULT3
                      $a.symtab0x81900NOTYPE<unknown>DEFAULT2
                      $a.symtab0x81cc0NOTYPE<unknown>DEFAULT2
                      $a.symtab0x81e80NOTYPE<unknown>DEFAULT2
                      $a.symtab0x84f80NOTYPE<unknown>DEFAULT2
                      $a.symtab0x86680NOTYPE<unknown>DEFAULT2
                      $a.symtab0x88040NOTYPE<unknown>DEFAULT2
                      $a.symtab0x8be40NOTYPE<unknown>DEFAULT2
                      $a.symtab0x8eb00NOTYPE<unknown>DEFAULT2
                      $a.symtab0x94940NOTYPE<unknown>DEFAULT2
                      $a.symtab0x95cc0NOTYPE<unknown>DEFAULT2
                      $a.symtab0x96080NOTYPE<unknown>DEFAULT2
                      $a.symtab0x96c40NOTYPE<unknown>DEFAULT2
                      $a.symtab0x97bc0NOTYPE<unknown>DEFAULT2
                      $a.symtab0x98fc0NOTYPE<unknown>DEFAULT2
                      $a.symtab0x9a180NOTYPE<unknown>DEFAULT2
                      $a.symtab0x9ad80NOTYPE<unknown>DEFAULT2
                      $a.symtab0x9bac0NOTYPE<unknown>DEFAULT2
                      $a.symtab0x9ce40NOTYPE<unknown>DEFAULT2
                      $a.symtab0xa0040NOTYPE<unknown>DEFAULT2
                      $a.symtab0xa42c0NOTYPE<unknown>DEFAULT2
                      $a.symtab0xa5580NOTYPE<unknown>DEFAULT2
                      $a.symtab0xa8b00NOTYPE<unknown>DEFAULT2
                      $a.symtab0xabb40NOTYPE<unknown>DEFAULT2
                      $a.symtab0xad040NOTYPE<unknown>DEFAULT2
                      $a.symtab0xb33c0NOTYPE<unknown>DEFAULT2
                      $a.symtab0xb9dc0NOTYPE<unknown>DEFAULT2
                      $a.symtab0xbb1c0NOTYPE<unknown>DEFAULT2
                      $a.symtab0xc4380NOTYPE<unknown>DEFAULT2
                      $a.symtab0xc7440NOTYPE<unknown>DEFAULT2
                      $a.symtab0xcf0c0NOTYPE<unknown>DEFAULT2
                      $a.symtab0xd3200NOTYPE<unknown>DEFAULT2
                      $a.symtab0xd5b40NOTYPE<unknown>DEFAULT2
                      $a.symtab0xd5e40NOTYPE<unknown>DEFAULT2
                      $a.symtab0xd8200NOTYPE<unknown>DEFAULT2
                      $a.symtab0xdbf80NOTYPE<unknown>DEFAULT2
                      $a.symtab0xf3100NOTYPE<unknown>DEFAULT2
                      $a.symtab0xf40c0NOTYPE<unknown>DEFAULT2
                      $a.symtab0xf5b80NOTYPE<unknown>DEFAULT2
                      $a.symtab0xf6540NOTYPE<unknown>DEFAULT2
                      $a.symtab0xf6880NOTYPE<unknown>DEFAULT2
                      $a.symtab0xf7180NOTYPE<unknown>DEFAULT2
                      $a.symtab0xfaa40NOTYPE<unknown>DEFAULT2
                      $a.symtab0xfbd80NOTYPE<unknown>DEFAULT2
                      $a.symtab0xfc680NOTYPE<unknown>DEFAULT2
                      $a.symtab0xfcb40NOTYPE<unknown>DEFAULT2
                      $a.symtab0xfd740NOTYPE<unknown>DEFAULT2
                      $a.symtab0xfdb40NOTYPE<unknown>DEFAULT2
                      $a.symtab0xfec80NOTYPE<unknown>DEFAULT2
                      $a.symtab0x100940NOTYPE<unknown>DEFAULT2
                      $a.symtab0x10c900NOTYPE<unknown>DEFAULT2
                      $a.symtab0x10d340NOTYPE<unknown>DEFAULT2
                      $a.symtab0x10d6c0NOTYPE<unknown>DEFAULT2
                      $a.symtab0x10dec0NOTYPE<unknown>DEFAULT2
                      $a.symtab0x10ef80NOTYPE<unknown>DEFAULT2
                      $a.symtab0x1125c0NOTYPE<unknown>DEFAULT2
                      $a.symtab0x11e5c0NOTYPE<unknown>DEFAULT2
                      $a.symtab0x11f6c0NOTYPE<unknown>DEFAULT2
                      $a.symtab0x120380NOTYPE<unknown>DEFAULT2
                      $a.symtab0x1211c0NOTYPE<unknown>DEFAULT2
                      $a.symtab0x121200NOTYPE<unknown>DEFAULT2
                      $a.symtab0x121700NOTYPE<unknown>DEFAULT2
                      $a.symtab0x121e40NOTYPE<unknown>DEFAULT2
                      $a.symtab0x122340NOTYPE<unknown>DEFAULT2
                      $a.symtab0x122600NOTYPE<unknown>DEFAULT2
                      $a.symtab0x1228c0NOTYPE<unknown>DEFAULT2
                      $a.symtab0x122b80NOTYPE<unknown>DEFAULT2
                      $a.symtab0x123900NOTYPE<unknown>DEFAULT2
                      $a.symtab0x123b80NOTYPE<unknown>DEFAULT2
                      $a.symtab0x123d00NOTYPE<unknown>DEFAULT2
                      $a.symtab0x123fc0NOTYPE<unknown>DEFAULT2
                      $a.symtab0x124280NOTYPE<unknown>DEFAULT2
                      $a.symtab0x124540NOTYPE<unknown>DEFAULT2
                      $a.symtab0x124a40NOTYPE<unknown>DEFAULT2
                      $a.symtab0x124d00NOTYPE<unknown>DEFAULT2
                      $a.symtab0x124fc0NOTYPE<unknown>DEFAULT2
                      $a.symtab0x1252c0NOTYPE<unknown>DEFAULT2
                      $a.symtab0x125580NOTYPE<unknown>DEFAULT2
                      $a.symtab0x125840NOTYPE<unknown>DEFAULT2
                      $a.symtab0x125bc0NOTYPE<unknown>DEFAULT2
                      $a.symtab0x125c40NOTYPE<unknown>DEFAULT2
                      $a.symtab0x125f00NOTYPE<unknown>DEFAULT2
                      $a.symtab0x126240NOTYPE<unknown>DEFAULT2
                      $a.symtab0x126300NOTYPE<unknown>DEFAULT2
                      $a.symtab0x127b00NOTYPE<unknown>DEFAULT2
                      $a.symtab0x127bc0NOTYPE<unknown>DEFAULT2
                      $a.symtab0x128040NOTYPE<unknown>DEFAULT2
                      $a.symtab0x128b80NOTYPE<unknown>DEFAULT2
                      $a.symtab0x128c80NOTYPE<unknown>DEFAULT2
                      $a.symtab0x128f80NOTYPE<unknown>DEFAULT2
                      $a.symtab0x129280NOTYPE<unknown>DEFAULT2
                      $a.symtab0x1295c0NOTYPE<unknown>DEFAULT2
                      $a.symtab0x129e00NOTYPE<unknown>DEFAULT2
                      $a.symtab0x12a900NOTYPE<unknown>DEFAULT2
                      $a.symtab0x12b900NOTYPE<unknown>DEFAULT2
                      $a.symtab0x12dd80NOTYPE<unknown>DEFAULT2
                      $a.symtab0x130d00NOTYPE<unknown>DEFAULT2
                      $a.symtab0x131400NOTYPE<unknown>DEFAULT2
                      $a.symtab0x131500NOTYPE<unknown>DEFAULT2
                      $a.symtab0x132080NOTYPE<unknown>DEFAULT2
                      $a.symtab0x132380NOTYPE<unknown>DEFAULT2
                      $a.symtab0x132f40NOTYPE<unknown>DEFAULT2
                      $a.symtab0x139b80NOTYPE<unknown>DEFAULT2
                      $a.symtab0x13a500NOTYPE<unknown>DEFAULT2
                      $a.symtab0x13a880NOTYPE<unknown>DEFAULT2
                      $a.symtab0x13c240NOTYPE<unknown>DEFAULT2
                      $a.symtab0x13c700NOTYPE<unknown>DEFAULT2
                      $a.symtab0x141340NOTYPE<unknown>DEFAULT2
                      $a.symtab0x141b80NOTYPE<unknown>DEFAULT2
                      $a.symtab0x1424c0NOTYPE<unknown>DEFAULT2
                      $a.symtab0x143180NOTYPE<unknown>DEFAULT2
                      $a.symtab0x143a40NOTYPE<unknown>DEFAULT2
                      $a.symtab0x144e40NOTYPE<unknown>DEFAULT2
                      $a.symtab0x146c80NOTYPE<unknown>DEFAULT2
                      $a.symtab0x147600NOTYPE<unknown>DEFAULT2
                      $a.symtab0x148640NOTYPE<unknown>DEFAULT2
                      $a.symtab0x148980NOTYPE<unknown>DEFAULT2
                      $a.symtab0x149500NOTYPE<unknown>DEFAULT2
                      $a.symtab0x149600NOTYPE<unknown>DEFAULT2
                      $a.symtab0x149700NOTYPE<unknown>DEFAULT2
                      $a.symtab0x14a100NOTYPE<unknown>DEFAULT2
                      $a.symtab0x14a300NOTYPE<unknown>DEFAULT2
                      $a.symtab0x14a900NOTYPE<unknown>DEFAULT2
                      $a.symtab0x14aac0NOTYPE<unknown>DEFAULT2
                      $a.symtab0x14bd00NOTYPE<unknown>DEFAULT2
                      $a.symtab0x14c880NOTYPE<unknown>DEFAULT2
                      $a.symtab0x14d680NOTYPE<unknown>DEFAULT2
                      $a.symtab0x14d7c0NOTYPE<unknown>DEFAULT2
                      $a.symtab0x14e640NOTYPE<unknown>DEFAULT2
                      $a.symtab0x14ee00NOTYPE<unknown>DEFAULT2
                      $a.symtab0x14f7c0NOTYPE<unknown>DEFAULT2
                      $a.symtab0x14fac0NOTYPE<unknown>DEFAULT2
                      $a.symtab0x14fb80NOTYPE<unknown>DEFAULT2
                      $a.symtab0x14fd80NOTYPE<unknown>DEFAULT2
                      $a.symtab0x150440NOTYPE<unknown>DEFAULT2
                      $a.symtab0x150b40NOTYPE<unknown>DEFAULT2
                      $a.symtab0x15c480NOTYPE<unknown>DEFAULT2
                      $a.symtab0x15f640NOTYPE<unknown>DEFAULT2
                      $a.symtab0x162400NOTYPE<unknown>DEFAULT2
                      $a.symtab0x163a40NOTYPE<unknown>DEFAULT2
                      $a.symtab0x166040NOTYPE<unknown>DEFAULT2
                      $a.symtab0x166900NOTYPE<unknown>DEFAULT2
                      $a.symtab0x166b40NOTYPE<unknown>DEFAULT2
                      $a.symtab0x169c80NOTYPE<unknown>DEFAULT2
                      $a.symtab0x16d580NOTYPE<unknown>DEFAULT2
                      $a.symtab0x16d840NOTYPE<unknown>DEFAULT2
                      $a.symtab0x16db00NOTYPE<unknown>DEFAULT2
                      $a.symtab0x16ddc0NOTYPE<unknown>DEFAULT2
                      $a.symtab0x16e0c0NOTYPE<unknown>DEFAULT2
                      $a.symtab0x16e380NOTYPE<unknown>DEFAULT2
                      $a.symtab0x16e640NOTYPE<unknown>DEFAULT2
                      $a.symtab0x16e900NOTYPE<unknown>DEFAULT2
                      $a.symtab0x16ec40NOTYPE<unknown>DEFAULT2
                      $a.symtab0x16ef40NOTYPE<unknown>DEFAULT2
                      $a.symtab0x16f200NOTYPE<unknown>DEFAULT2
                      $a.symtab0x170740NOTYPE<unknown>DEFAULT2
                      $a.symtab0x171640NOTYPE<unknown>DEFAULT2
                      $a.symtab0x1727c0NOTYPE<unknown>DEFAULT2
                      $a.symtab0x173100NOTYPE<unknown>DEFAULT2
                      $a.symtab0x1739c0NOTYPE<unknown>DEFAULT2
                      $a.symtab0x174c40NOTYPE<unknown>DEFAULT2
                      $a.symtab0x1760c0NOTYPE<unknown>DEFAULT2
                      $a.symtab0x176100NOTYPE<unknown>DEFAULT2
                      $a.symtab0x1768c0NOTYPE<unknown>DEFAULT2
                      $a.symtab0x177180NOTYPE<unknown>DEFAULT2
                      $a.symtab0x177b00NOTYPE<unknown>DEFAULT2
                      $a.symtab0x1782c0NOTYPE<unknown>DEFAULT2
                      $a.symtab0x178ec0NOTYPE<unknown>DEFAULT2
                      $a.symtab0x1797c0NOTYPE<unknown>DEFAULT2
                      $a.symtab0x17a480NOTYPE<unknown>DEFAULT2
                      $a.symtab0x17b100NOTYPE<unknown>DEFAULT2
                      $a.symtab0x17c480NOTYPE<unknown>DEFAULT2
                      $a.symtab0x17c540NOTYPE<unknown>DEFAULT2
                      $a.symtab0x17c5c0NOTYPE<unknown>DEFAULT2
                      $a.symtab0x17c640NOTYPE<unknown>DEFAULT2
                      $a.symtab0x17dfc0NOTYPE<unknown>DEFAULT2
                      $a.symtab0x17e900NOTYPE<unknown>DEFAULT2
                      $a.symtab0x17f240NOTYPE<unknown>DEFAULT2
                      $a.symtab0x180c80NOTYPE<unknown>DEFAULT2
                      $a.symtab0x183300NOTYPE<unknown>DEFAULT2
                      $a.symtab0x184780NOTYPE<unknown>DEFAULT2
                      $a.symtab0x184c40NOTYPE<unknown>DEFAULT2
                      $a.symtab0x185300NOTYPE<unknown>DEFAULT2
                      $a.symtab0x185740NOTYPE<unknown>DEFAULT2
                      $a.symtab0x185d00NOTYPE<unknown>DEFAULT2
                      $a.symtab0x1881c0NOTYPE<unknown>DEFAULT2
                      $a.symtab0x189000NOTYPE<unknown>DEFAULT2
                      $a.symtab0x189300NOTYPE<unknown>DEFAULT2
                      $a.symtab0x189380NOTYPE<unknown>DEFAULT2
                      $a.symtab0x189640NOTYPE<unknown>DEFAULT2
                      $a.symtab0x1898c0NOTYPE<unknown>DEFAULT2
                      $a.symtab0x189b80NOTYPE<unknown>DEFAULT2
                      $a.symtab0x189e40NOTYPE<unknown>DEFAULT2
                      $a.symtab0x18a100NOTYPE<unknown>DEFAULT2
                      $a.symtab0x18a3c0NOTYPE<unknown>DEFAULT2
                      $a.symtab0x18a680NOTYPE<unknown>DEFAULT2
                      $a.symtab0x18a940NOTYPE<unknown>DEFAULT2
                      $a.symtab0x18ac00NOTYPE<unknown>DEFAULT2
                      $a.symtab0x18aec0NOTYPE<unknown>DEFAULT2
                      $a.symtab0x18b580NOTYPE<unknown>DEFAULT2
                      $a.symtab0x18b840NOTYPE<unknown>DEFAULT2
                      $a.symtab0x18bdc0NOTYPE<unknown>DEFAULT2
                      $a.symtab0x18c300NOTYPE<unknown>DEFAULT2
                      $a.symtab0x18c5c0NOTYPE<unknown>DEFAULT2
                      $a.symtab0x18c900NOTYPE<unknown>DEFAULT2
                      $a.symtab0x18c9c0NOTYPE<unknown>DEFAULT2
                      $a.symtab0x18cec0NOTYPE<unknown>DEFAULT2
                      $a.symtab0x18d0c0NOTYPE<unknown>DEFAULT2
                      $a.symtab0x18dc80NOTYPE<unknown>DEFAULT2
                      $a.symtab0x18e000NOTYPE<unknown>DEFAULT2
                      $a.symtab0x18ebc0NOTYPE<unknown>DEFAULT2
                      $a.symtab0x18ff40NOTYPE<unknown>DEFAULT2
                      $a.symtab0x190f80NOTYPE<unknown>DEFAULT2
                      $a.symtab0x191680NOTYPE<unknown>DEFAULT2
                      $a.symtab0x1919c0NOTYPE<unknown>DEFAULT2
                      $a.symtab0x192ec0NOTYPE<unknown>DEFAULT2
                      $a.symtab0x19ae00NOTYPE<unknown>DEFAULT2
                      $a.symtab0x19c100NOTYPE<unknown>DEFAULT2
                      $a.symtab0x1a0a00NOTYPE<unknown>DEFAULT2
                      $a.symtab0x1a19c0NOTYPE<unknown>DEFAULT2
                      $a.symtab0x1a1b40NOTYPE<unknown>DEFAULT2
                      $a.symtab0x1a2a00NOTYPE<unknown>DEFAULT2
                      $a.symtab0x1a3a80NOTYPE<unknown>DEFAULT2
                      $a.symtab0x1a41c0NOTYPE<unknown>DEFAULT2
                      $a.symtab0x1a45c0NOTYPE<unknown>DEFAULT2
                      $a.symtab0x1a4900NOTYPE<unknown>DEFAULT2
                      $a.symtab0x1a6d40NOTYPE<unknown>DEFAULT2
                      $a.symtab0x1a7100NOTYPE<unknown>DEFAULT2
                      $a.symtab0x1a7a40NOTYPE<unknown>DEFAULT2
                      $a.symtab0x1a8540NOTYPE<unknown>DEFAULT2
                      $a.symtab0x1a9440NOTYPE<unknown>DEFAULT2
                      $a.symtab0x1a9980NOTYPE<unknown>DEFAULT2
                      $a.symtab0x1aabc0NOTYPE<unknown>DEFAULT2
                      $a.symtab0x1ab100NOTYPE<unknown>DEFAULT2
                      $a.symtab0x1aba00NOTYPE<unknown>DEFAULT2
                      $a.symtab0x1ac300NOTYPE<unknown>DEFAULT2
                      $a.symtab0x1adc40NOTYPE<unknown>DEFAULT2
                      $a.symtab0x1ae000NOTYPE<unknown>DEFAULT2
                      $a.symtab0x1aeec0NOTYPE<unknown>DEFAULT2
                      $a.symtab0x1afb80NOTYPE<unknown>DEFAULT2
                      $a.symtab0x1b7c40NOTYPE<unknown>DEFAULT2
                      $a.symtab0x1ba980NOTYPE<unknown>DEFAULT2
                      $a.symtab0x1bae00NOTYPE<unknown>DEFAULT2
                      $a.symtab0x1bb740NOTYPE<unknown>DEFAULT2
                      $a.symtab0x1bee80NOTYPE<unknown>DEFAULT2
                      $a.symtab0x1bf180NOTYPE<unknown>DEFAULT2
                      $a.symtab0x1bf300NOTYPE<unknown>DEFAULT2
                      $a.symtab0x1bfe80NOTYPE<unknown>DEFAULT2
                      $a.symtab0x1c0540NOTYPE<unknown>DEFAULT2
                      $a.symtab0x1c0780NOTYPE<unknown>DEFAULT2
                      $a.symtab0x1c0b40NOTYPE<unknown>DEFAULT2
                      $a.symtab0x1c0d00NOTYPE<unknown>DEFAULT2
                      $a.symtab0x1c0dc0NOTYPE<unknown>DEFAULT2
                      $a.symtab0x1c1740NOTYPE<unknown>DEFAULT2
                      $a.symtab0x1c2a40NOTYPE<unknown>DEFAULT2
                      $a.symtab0x1c3000NOTYPE<unknown>DEFAULT2
                      $a.symtab0x1c3cc0NOTYPE<unknown>DEFAULT2
                      $a.symtab0x1c3f80NOTYPE<unknown>DEFAULT2
                      $a.symtab0x1c4b40NOTYPE<unknown>DEFAULT2
                      $a.symtab0x1c4f00NOTYPE<unknown>DEFAULT2
                      $a.symtab0x1c5000NOTYPE<unknown>DEFAULT2
                      $a.symtab0x1c5b80NOTYPE<unknown>DEFAULT2
                      $a.symtab0x1c6800NOTYPE<unknown>DEFAULT2
                      $a.symtab0x1c6d00NOTYPE<unknown>DEFAULT2
                      $a.symtab0x1c7b80NOTYPE<unknown>DEFAULT2
                      $a.symtab0x1c8700NOTYPE<unknown>DEFAULT2
                      $a.symtab0x1c8cc0NOTYPE<unknown>DEFAULT2
                      $a.symtab0x1c8e00NOTYPE<unknown>DEFAULT2
                      $a.symtab0x1c9bc0NOTYPE<unknown>DEFAULT2
                      $a.symtab0x1c9f00NOTYPE<unknown>DEFAULT2
                      $a.symtab0x1cd180NOTYPE<unknown>DEFAULT2
                      $a.symtab0x1cd7c0NOTYPE<unknown>DEFAULT2
                      $a.symtab0x1cda80NOTYPE<unknown>DEFAULT2
                      $a.symtab0x1ce500NOTYPE<unknown>DEFAULT2
                      $a.symtab0x1ce9c0NOTYPE<unknown>DEFAULT2
                      $a.symtab0x1cfdc0NOTYPE<unknown>DEFAULT2
                      $a.symtab0x1d3dc0NOTYPE<unknown>DEFAULT2
                      $a.symtab0x1d9080NOTYPE<unknown>DEFAULT2
                      $a.symtab0x1da300NOTYPE<unknown>DEFAULT2
                      $d.symtab0x2b0540NOTYPE<unknown>DEFAULT6
                      $d.symtab0x2b05c0NOTYPE<unknown>DEFAULT7
                      $d.symtab0x2b0700NOTYPE<unknown>DEFAULT9
                      $d.symtab0x81180NOTYPE<unknown>DEFAULT2
                      $d.symtab0x81740NOTYPE<unknown>DEFAULT2
                      $d.symtab0x1dab40NOTYPE<unknown>DEFAULT2
                      $d.symtab0x2b0740NOTYPE<unknown>DEFAULT9
                      $d.symtab0x81c00NOTYPE<unknown>DEFAULT2
                      $d.symtab0x2b0780NOTYPE<unknown>DEFAULT9
                      $d.symtab0x81e40NOTYPE<unknown>DEFAULT2
                      $d.symtab0x84f40NOTYPE<unknown>DEFAULT2
                      $d.symtab0x86540NOTYPE<unknown>DEFAULT2
                      $d.symtab0x88000NOTYPE<unknown>DEFAULT2
                      $d.symtab0x8bdc0NOTYPE<unknown>DEFAULT2
                      $d.symtab0x8eac0NOTYPE<unknown>DEFAULT2
                      $d.symtab0x94840NOTYPE<unknown>DEFAULT2
                      $d.symtab0x95b80NOTYPE<unknown>DEFAULT2
                      $d.symtab0x96040NOTYPE<unknown>DEFAULT2
                      $d.symtab0x96b40NOTYPE<unknown>DEFAULT2
                      $d.symtab0x97b00NOTYPE<unknown>DEFAULT2
                      $d.symtab0x98d80NOTYPE<unknown>DEFAULT2
                      $d.symtab0x99f40NOTYPE<unknown>DEFAULT2
                      $d.symtab0x9acc0NOTYPE<unknown>DEFAULT2
                      $d.symtab0x9ba40NOTYPE<unknown>DEFAULT2
                      $d.symtab0x9cd80NOTYPE<unknown>DEFAULT2
                      $d.symtab0x9ff00NOTYPE<unknown>DEFAULT2
                      $d.symtab0xa41c0NOTYPE<unknown>DEFAULT2
                      $d.symtab0xa5500NOTYPE<unknown>DEFAULT2
                      $d.symtab0x200140NOTYPE<unknown>DEFAULT4
                      $d.symtab0xa89c0NOTYPE<unknown>DEFAULT2
                      $d.symtab0xaba80NOTYPE<unknown>DEFAULT2
                      $d.symtab0xacfc0NOTYPE<unknown>DEFAULT2
                      $d.symtab0xb3340NOTYPE<unknown>DEFAULT2
                      $d.symtab0xb9d40NOTYPE<unknown>DEFAULT2
                      $d.symtab0xbb180NOTYPE<unknown>DEFAULT2
                      $d.symtab0xc4200NOTYPE<unknown>DEFAULT2
                      $d.symtab0xc7380NOTYPE<unknown>DEFAULT2
                      $d.symtab0xcf080NOTYPE<unknown>DEFAULT2
                      $d.symtab0xd31c0NOTYPE<unknown>DEFAULT2
                      $d.symtab0xd5b00NOTYPE<unknown>DEFAULT2
                      $d.symtab0xd5e00NOTYPE<unknown>DEFAULT2
                      $d.symtab0xd81c0NOTYPE<unknown>DEFAULT2
                      $d.symtab0xdbd80NOTYPE<unknown>DEFAULT2
                      $d.symtab0xf2c80NOTYPE<unknown>DEFAULT2
                      $d.symtab0xf4080NOTYPE<unknown>DEFAULT2
                      $d.symtab0xf5880NOTYPE<unknown>DEFAULT2
                      $d.symtab0xf64c0NOTYPE<unknown>DEFAULT2
                      $d.symtab0xf67c0NOTYPE<unknown>DEFAULT2
                      $d.symtab0xf70c0NOTYPE<unknown>DEFAULT2
                      $d.symtab0xfa2c0NOTYPE<unknown>DEFAULT2
                      $d.symtab0xfbcc0NOTYPE<unknown>DEFAULT2
                      $d.symtab0xfc5c0NOTYPE<unknown>DEFAULT2
                      $d.symtab0xfcb00NOTYPE<unknown>DEFAULT2
                      $d.symtab0xfd700NOTYPE<unknown>DEFAULT2
                      $d.symtab0xfdb00NOTYPE<unknown>DEFAULT2
                      $d.symtab0xfec00NOTYPE<unknown>DEFAULT2
                      $d.symtab0x100780NOTYPE<unknown>DEFAULT2
                      $d.symtab0x10c300NOTYPE<unknown>DEFAULT2
                      $d.symtab0x10d180NOTYPE<unknown>DEFAULT2
                      $d.symtab0x10d680NOTYPE<unknown>DEFAULT2
                      $d.symtab0x10de80NOTYPE<unknown>DEFAULT2
                      $d.symtab0x10ef40NOTYPE<unknown>DEFAULT2
                      $d.symtab0x112480NOTYPE<unknown>DEFAULT2
                      $d.symtab0x11df00NOTYPE<unknown>DEFAULT2
                      $d.symtab0x123cc0NOTYPE<unknown>DEFAULT2
                      $d.symtab0x126200NOTYPE<unknown>DEFAULT2
                      $d.symtab0x2ba6c0NOTYPE<unknown>DEFAULT9
                      $d.symtab0x1262c0NOTYPE<unknown>DEFAULT2
                      $d.symtab0x127940NOTYPE<unknown>DEFAULT2
                      $d.symtab0x127f40NOTYPE<unknown>DEFAULT2
                      $d.symtab0x128a40NOTYPE<unknown>DEFAULT2
                      $d.symtab0x12b780NOTYPE<unknown>DEFAULT2
                      $d.symtab0x12db40NOTYPE<unknown>DEFAULT2
                      $d.symtab0x130a00NOTYPE<unknown>DEFAULT2
                      $d.symtab0x1313c0NOTYPE<unknown>DEFAULT2
                      $d.symtab0x1314c0NOTYPE<unknown>DEFAULT2
                      $d.symtab0x131f80NOTYPE<unknown>DEFAULT2
                      $d.symtab0x2ba740NOTYPE<unknown>DEFAULT9
                      $d.symtab0x21c4c0NOTYPE<unknown>DEFAULT4
                      $d.symtab0x132e40NOTYPE<unknown>DEFAULT2
                      $d.symtab0x139a40NOTYPE<unknown>DEFAULT2
                      $d.symtab0x13c200NOTYPE<unknown>DEFAULT2
                      $d.symtab0x13c640NOTYPE<unknown>DEFAULT2
                      $d.symtab0x141100NOTYPE<unknown>DEFAULT2
                      $d.symtab0x141a80NOTYPE<unknown>DEFAULT2
                      $d.symtab0x1423c0NOTYPE<unknown>DEFAULT2
                      $d.symtab0x143080NOTYPE<unknown>DEFAULT2
                      $d.symtab0x143940NOTYPE<unknown>DEFAULT2
                      $d.symtab0x144bc0NOTYPE<unknown>DEFAULT2
                      $d.symtab0x146a40NOTYPE<unknown>DEFAULT2
                      $d.symtab0x14d600NOTYPE<unknown>DEFAULT2
                      $d.symtab0x14e5c0NOTYPE<unknown>DEFAULT2
                      $d.symtab0x14edc0NOTYPE<unknown>DEFAULT2
                      $d.symtab0x14f780NOTYPE<unknown>DEFAULT2
                      $d.symtab0x14fb40NOTYPE<unknown>DEFAULT2
                      $d.symtab0x150400NOTYPE<unknown>DEFAULT2
                      $d.symtab0x15c200NOTYPE<unknown>DEFAULT2
                      $d.symtab0x15f600NOTYPE<unknown>DEFAULT2
                      $d.symtab0x228780NOTYPE<unknown>DEFAULT4
                      $d.symtab0x1623c0NOTYPE<unknown>DEFAULT2
                      $d.symtab0x163a00NOTYPE<unknown>DEFAULT2
                      $d.symtab0x165fc0NOTYPE<unknown>DEFAULT2
                      $d.symtab0x1668c0NOTYPE<unknown>DEFAULT2
                      $d.symtab0x169ac0NOTYPE<unknown>DEFAULT2
                      $d.symtab0x16d300NOTYPE<unknown>DEFAULT2
                      $d.symtab0x1705c0NOTYPE<unknown>DEFAULT2
                      $d.symtab0x2bbb00NOTYPE<unknown>DEFAULT9
                      $d.symtab0x1714c0NOTYPE<unknown>DEFAULT2
                      $d.symtab0x1726c0NOTYPE<unknown>DEFAULT2
                      $d.symtab0x175fc0NOTYPE<unknown>DEFAULT2
                      $d.symtab0x2bcb80NOTYPE<unknown>DEFAULT9
                      $d.symtab0x176740NOTYPE<unknown>DEFAULT2
                      $d.symtab0x177000NOTYPE<unknown>DEFAULT2
                      $d.symtab0x177980NOTYPE<unknown>DEFAULT2
                      $d.symtab0x178140NOTYPE<unknown>DEFAULT2
                      $d.symtab0x2bcd00NOTYPE<unknown>DEFAULT9
                      $d.symtab0x178e80NOTYPE<unknown>DEFAULT2
                      $d.symtab0x179780NOTYPE<unknown>DEFAULT2
                      $d.symtab0x17a3c0NOTYPE<unknown>DEFAULT2
                      $d.symtab0x17b0c0NOTYPE<unknown>DEFAULT2
                      $d.symtab0x229340NOTYPE<unknown>DEFAULT4
                      $d.symtab0x17c3c0NOTYPE<unknown>DEFAULT2
                      $d.symtab0x17df80NOTYPE<unknown>DEFAULT2
                      $d.symtab0x17e740NOTYPE<unknown>DEFAULT2
                      $d.symtab0x2bd840NOTYPE<unknown>DEFAULT9
                      $d.symtab0x17f200NOTYPE<unknown>DEFAULT2
                      $d.symtab0x180c40NOTYPE<unknown>DEFAULT2
                      $d.symtab0x180d80NOTYPE<unknown>DEFAULT2
                      $d.symtab0x184680NOTYPE<unknown>DEFAULT2
                      $d.symtab0x184c00NOTYPE<unknown>DEFAULT2
                      $d.symtab0x185200NOTYPE<unknown>DEFAULT2
                      $d.symtab0x185700NOTYPE<unknown>DEFAULT2
                      $d.symtab0x185c00NOTYPE<unknown>DEFAULT2
                      $d.symtab0x187e80NOTYPE<unknown>DEFAULT2
                      $d.symtab0x2bd9c0NOTYPE<unknown>DEFAULT9
                      $d.symtab0x188f80NOTYPE<unknown>DEFAULT2
                      $d.symtab0x18b540NOTYPE<unknown>DEFAULT2
                      $d.symtab0x18bd80NOTYPE<unknown>DEFAULT2
                      $d.symtab0x18c8c0NOTYPE<unknown>DEFAULT2
                      $d.symtab0x2bda00NOTYPE<unknown>DEFAULT9
                      $d.symtab0x2bda80NOTYPE<unknown>DEFAULT9
                      $d.symtab0x322900NOTYPE<unknown>DEFAULT10
                      $d.symtab0x18c980NOTYPE<unknown>DEFAULT2
                      $d.symtab0x19ab80NOTYPE<unknown>DEFAULT2
                      $d.symtab0x22f7c0NOTYPE<unknown>DEFAULT4
                      $d.symtab0x19c0c0NOTYPE<unknown>DEFAULT2
                      $d.symtab0x1a1940NOTYPE<unknown>DEFAULT2
                      $d.symtab0x1a2980NOTYPE<unknown>DEFAULT2
                      $d.symtab0x1a3a00NOTYPE<unknown>DEFAULT2
                      $d.symtab0x1a4880NOTYPE<unknown>DEFAULT2
                      $d.symtab0x1a6a80NOTYPE<unknown>DEFAULT2
                      $d.symtab0x1a7040NOTYPE<unknown>DEFAULT2
                      $d.symtab0x1a7880NOTYPE<unknown>DEFAULT2
                      $d.symtab0x1a8300NOTYPE<unknown>DEFAULT2
                      $d.symtab0x1a92c0NOTYPE<unknown>DEFAULT2
                      $d.symtab0x1a98c0NOTYPE<unknown>DEFAULT2
                      $d.symtab0x1aaa40NOTYPE<unknown>DEFAULT2
                      $d.symtab0x1ab040NOTYPE<unknown>DEFAULT2
                      $d.symtab0x2bdb00NOTYPE<unknown>DEFAULT9
                      $d.symtab0x1ab9c0NOTYPE<unknown>DEFAULT2
                      $d.symtab0x1ac2c0NOTYPE<unknown>DEFAULT2
                      $d.symtab0x1adbc0NOTYPE<unknown>DEFAULT2
                      $d.symtab0x1aee80NOTYPE<unknown>DEFAULT2
                      $d.symtab0x1b7900NOTYPE<unknown>DEFAULT2
                      $d.symtab0x1ba580NOTYPE<unknown>DEFAULT2
                      $d.symtab0x2bdcc0NOTYPE<unknown>DEFAULT9
                      $d.symtab0x1becc0NOTYPE<unknown>DEFAULT2
                      $d.symtab0x1bfe40NOTYPE<unknown>DEFAULT2
                      $d.symtab0x1c0700NOTYPE<unknown>DEFAULT2
                      $d.symtab0x1c0b00NOTYPE<unknown>DEFAULT2
                      $d.symtab0x1c1640NOTYPE<unknown>DEFAULT2
                      $d.symtab0x1c2940NOTYPE<unknown>DEFAULT2
                      $d.symtab0x1c5b00NOTYPE<unknown>DEFAULT2
                      $d.symtab0x1c9e40NOTYPE<unknown>DEFAULT2
                      $d.symtab0x1cd140NOTYPE<unknown>DEFAULT2
                      /home/firmware/build/temp-armv4l/gcc-core/gcc/config/arm/lib1funcs.asm.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                      /home/firmware/build/temp-armv4l/gcc-core/gcc/config/arm/lib1funcs.asm.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                      /home/firmware/build/temp-armv4l/gcc-core/gcc/config/arm/lib1funcs.asm.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                      /home/firmware/build/temp-armv4l/gcc-core/gcc/config/arm/lib1funcs.asm.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                      /home/firmware/build/temp-armv4l/gcc-core/gcc/config/arm/lib1funcs.asm.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                      /home/firmware/build/temp-armv4l/gcc-core/gcc/config/arm/lib1funcs.asm.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                      /home/firmware/build/temp-armv4l/gcc-core/gcc/config/arm/lib1funcs.asm.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                      /home/firmware/build/temp-armv4l/gcc-core/gcc/config/arm/lib1funcs.asm.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                      /home/firmware/build/temp-armv4l/gcc-core/gcc/config/arm/lib1funcs.asm.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                      C.72.5492.symtab0x1f99936OBJECT<unknown>DEFAULT4
                      C.90.5713.symtab0x20014312OBJECT<unknown>DEFAULT4
                      C.97.5813.symtab0x201c012OBJECT<unknown>DEFAULT4
                      ClearHistory.symtab0xf65452FUNC<unknown>DEFAULT2
                      HTTP.symtab0xabb4336FUNC<unknown>DEFAULT2
                      Laligned.symtab0x14a580NOTYPE<unknown>DEFAULT2
                      Llastword.symtab0x14a740NOTYPE<unknown>DEFAULT2
                      Q.symtab0x2c22016384OBJECT<unknown>DEFAULT10
                      Send.symtab0x8494100FUNC<unknown>DEFAULT2
                      UserAgents.symtab0x2b3a0144OBJECT<unknown>DEFAULT9
                      _352.symtab0x10d6c36FUNC<unknown>DEFAULT2
                      _376.symtab0x10c90164FUNC<unknown>DEFAULT2
                      _433.symtab0x10d9092FUNC<unknown>DEFAULT2
                      _Jv_RegisterClasses.symtab0x00NOTYPE<unknown>DEFAULTSHN_UNDEF
                      _NICK.symtab0x10dec268FUNC<unknown>DEFAULT2
                      _PING.symtab0x10d3456FUNC<unknown>DEFAULT2
                      _PRIVMSG.symtab0x100943068FUNC<unknown>DEFAULT2
                      _READ.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                      _WRITE.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                      __CTOR_END__.symtab0x2b0580OBJECT<unknown>DEFAULT6
                      __CTOR_LIST__.symtab0x2b0540OBJECT<unknown>DEFAULT6
                      __C_ctype_b.symtab0x2bda04OBJECT<unknown>DEFAULT9
                      __C_ctype_b.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                      __C_ctype_b_data.symtab0x22966768OBJECT<unknown>DEFAULT4
                      __C_ctype_tolower.symtab0x2bda84OBJECT<unknown>DEFAULT9
                      __C_ctype_tolower.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                      __C_ctype_tolower_data.symtab0x22c66768OBJECT<unknown>DEFAULT4
                      __C_ctype_toupper.symtab0x2ba6c4OBJECT<unknown>DEFAULT9
                      __C_ctype_toupper.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                      __C_ctype_toupper_data.symtab0x21930768OBJECT<unknown>DEFAULT4
                      __DTOR_END__.symtab0x2b0600OBJECT<unknown>DEFAULT7
                      __DTOR_LIST__.symtab0x2b05c0OBJECT<unknown>DEFAULT7
                      __EH_FRAME_BEGIN__.symtab0x230500OBJECT<unknown>DEFAULT5
                      __FRAME_END__.symtab0x230500OBJECT<unknown>DEFAULT5
                      __GI___C_ctype_b.symtab0x2bda04OBJECT<unknown>HIDDEN9
                      __GI___C_ctype_b_data.symtab0x22966768OBJECT<unknown>HIDDEN4
                      __GI___C_ctype_tolower.symtab0x2bda84OBJECT<unknown>HIDDEN9
                      __GI___C_ctype_tolower_data.symtab0x22c66768OBJECT<unknown>HIDDEN4
                      __GI___C_ctype_toupper.symtab0x2ba6c4OBJECT<unknown>HIDDEN9
                      __GI___C_ctype_toupper_data.symtab0x21930768OBJECT<unknown>HIDDEN4
                      __GI___ctype_b.symtab0x2bda44OBJECT<unknown>HIDDEN9
                      __GI___ctype_tolower.symtab0x2bdac4OBJECT<unknown>HIDDEN9
                      __GI___ctype_toupper.symtab0x2ba704OBJECT<unknown>HIDDEN9
                      __GI___errno_location.symtab0x1262412FUNC<unknown>HIDDEN2
                      __GI___fgetc_unlocked.symtab0x19ae0304FUNC<unknown>HIDDEN2
                      __GI___fputc_unlocked.symtab0x14760260FUNC<unknown>HIDDEN2
                      __GI___glibc_strerror_r.symtab0x14d6820FUNC<unknown>HIDDEN2
                      __GI___h_errno_location.symtab0x18c9012FUNC<unknown>HIDDEN2
                      __GI___libc_fcntl.symtab0x12170116FUNC<unknown>HIDDEN2
                      __GI___libc_fcntl64.symtab0x121e480FUNC<unknown>HIDDEN2
                      __GI___libc_open.symtab0x18aec92FUNC<unknown>HIDDEN2
                      __GI___uClibc_fini.symtab0x184c4108FUNC<unknown>HIDDEN2
                      __GI___uClibc_init.symtab0x1857492FUNC<unknown>HIDDEN2
                      __GI___xpg_strerror_r.symtab0x14d7c232FUNC<unknown>HIDDEN2
                      __GI__exit.symtab0x1896440FUNC<unknown>HIDDEN2
                      __GI_abort.symtab0x174c4328FUNC<unknown>HIDDEN2
                      __GI_accept.symtab0x16d5844FUNC<unknown>HIDDEN2
                      __GI_asprintf.symtab0x128f848FUNC<unknown>HIDDEN2
                      __GI_atoi.symtab0x17c4812FUNC<unknown>HIDDEN2
                      __GI_atol.symtab0x17c4812FUNC<unknown>HIDDEN2
                      __GI_bind.symtab0x16d8444FUNC<unknown>HIDDEN2
                      __GI_brk.symtab0x1c07860FUNC<unknown>HIDDEN2
                      __GI_chdir.symtab0x1223444FUNC<unknown>HIDDEN2
                      __GI_clock_getres.symtab0x1898c44FUNC<unknown>HIDDEN2
                      __GI_close.symtab0x1226044FUNC<unknown>HIDDEN2
                      __GI_connect.symtab0x16db044FUNC<unknown>HIDDEN2
                      __GI_dup2.symtab0x189b844FUNC<unknown>HIDDEN2
                      __GI_endservent.symtab0x1a710148FUNC<unknown>HIDDEN2
                      __GI_errno.symtab0x322904OBJECT<unknown>HIDDEN10
                      __GI_execl.symtab0x17e90148FUNC<unknown>HIDDEN2
                      __GI_execve.symtab0x189e444FUNC<unknown>HIDDEN2
                      __GI_exit.symtab0x17dfc148FUNC<unknown>HIDDEN2
                      __GI_fclose.symtab0x12630384FUNC<unknown>HIDDEN2
                      __GI_fcntl.symtab0x12170116FUNC<unknown>HIDDEN2
                      __GI_fcntl64.symtab0x121e480FUNC<unknown>HIDDEN2
                      __GI_fdopen.symtab0x18dc856FUNC<unknown>HIDDEN2
                      __GI_fflush_unlocked.symtab0x144e4484FUNC<unknown>HIDDEN2
                      __GI_fgetc_unlocked.symtab0x19ae0304FUNC<unknown>HIDDEN2
                      __GI_fgets.symtab0x141b8148FUNC<unknown>HIDDEN2
                      __GI_fgets_unlocked.symtab0x146c8152FUNC<unknown>HIDDEN2
                      __GI_fopen.symtab0x127b012FUNC<unknown>HIDDEN2
                      __GI_fork.symtab0x1228c44FUNC<unknown>HIDDEN2
                      __GI_fprintf.symtab0x128c848FUNC<unknown>HIDDEN2
                      __GI_fputc.symtab0x1424c204FUNC<unknown>HIDDEN2
                      __GI_fputs.symtab0x14318140FUNC<unknown>HIDDEN2
                      __GI_fputs_unlocked.symtab0x1486452FUNC<unknown>HIDDEN2
                      __GI_freeaddrinfo.symtab0x15c4832FUNC<unknown>HIDDEN2
                      __GI_fseek.symtab0x1c0d012FUNC<unknown>HIDDEN2
                      __GI_fseeko64.symtab0x1c174304FUNC<unknown>HIDDEN2
                      __GI_fwrite_unlocked.symtab0x14898172FUNC<unknown>HIDDEN2
                      __GI_getaddrinfo.symtab0x15c68764FUNC<unknown>HIDDEN2
                      __GI_getc_unlocked.symtab0x19ae0304FUNC<unknown>HIDDEN2
                      __GI_getcwd.symtab0x122b8216FUNC<unknown>HIDDEN2
                      __GI_getdtablesize.symtab0x1239040FUNC<unknown>HIDDEN2
                      __GI_getegid.symtab0x18a1044FUNC<unknown>HIDDEN2
                      __GI_geteuid.symtab0x18a3c44FUNC<unknown>HIDDEN2
                      __GI_getgid.symtab0x18a6844FUNC<unknown>HIDDEN2
                      __GI_gethostbyaddr_r.symtab0x169c8912FUNC<unknown>HIDDEN2
                      __GI_gethostbyname2_r.symtab0x166b4788FUNC<unknown>HIDDEN2
                      __GI_gethostbyname_r.symtab0x1bb74884FUNC<unknown>HIDDEN2
                      __GI_getpagesize.symtab0x123b824FUNC<unknown>HIDDEN2
                      __GI_getpid.symtab0x123d044FUNC<unknown>HIDDEN2
                      __GI_getrlimit.symtab0x1242844FUNC<unknown>HIDDEN2
                      __GI_getservbyname_r.symtab0x1a998292FUNC<unknown>HIDDEN2
                      __GI_getservbyport.symtab0x1a94484FUNC<unknown>HIDDEN2
                      __GI_getservbyport_r.symtab0x1a854240FUNC<unknown>HIDDEN2
                      __GI_getservent_r.symtab0x1a490580FUNC<unknown>HIDDEN2
                      __GI_getuid.symtab0x18a9444FUNC<unknown>HIDDEN2
                      __GI_h_errno.symtab0x322944OBJECT<unknown>HIDDEN10
                      __GI_if_freenameindex.symtab0x1adc460FUNC<unknown>HIDDEN2
                      __GI_if_nameindex.symtab0x1ac30404FUNC<unknown>HIDDEN2
                      __GI_if_nametoindex.symtab0x1aba0144FUNC<unknown>HIDDEN2
                      __GI_in6addr_loopback.symtab0x228f416OBJECT<unknown>HIDDEN4
                      __GI_inet_addr.symtab0x1669036FUNC<unknown>HIDDEN2
                      __GI_inet_aton.symtab0x1ae00236FUNC<unknown>HIDDEN2
                      __GI_inet_ntoa.symtab0x1668412FUNC<unknown>HIDDEN2
                      __GI_inet_ntoa_r.symtab0x16604128FUNC<unknown>HIDDEN2
                      __GI_inet_ntop.symtab0x163a4608FUNC<unknown>HIDDEN2
                      __GI_inet_pton.symtab0x16030528FUNC<unknown>HIDDEN2
                      __GI_initstate_r.symtab0x17a48200FUNC<unknown>HIDDEN2
                      __GI_ioctl.symtab0x1245480FUNC<unknown>HIDDEN2
                      __GI_isatty.symtab0x14fb832FUNC<unknown>HIDDEN2
                      __GI_kill.symtab0x124a444FUNC<unknown>HIDDEN2
                      __GI_listen.symtab0x16e0c44FUNC<unknown>HIDDEN2
                      __GI_lseek64.symtab0x1cd18100FUNC<unknown>HIDDEN2
                      __GI_memchr.symtab0x1a0a0252FUNC<unknown>HIDDEN2
                      __GI_memcpy.symtab0x149604FUNC<unknown>HIDDEN2
                      __GI_memmove.symtab0x1c4f04FUNC<unknown>HIDDEN2
                      __GI_mempcpy.symtab0x1a19c24FUNC<unknown>HIDDEN2
                      __GI_memrchr.symtab0x1a1b4236FUNC<unknown>HIDDEN2
                      __GI_memset.symtab0x14970156FUNC<unknown>HIDDEN2
                      __GI_nanosleep.symtab0x18ac044FUNC<unknown>HIDDEN2
                      __GI_open.symtab0x18aec92FUNC<unknown>HIDDEN2
                      __GI_perror.symtab0x127bc72FUNC<unknown>HIDDEN2
                      __GI_pipe.symtab0x18b5844FUNC<unknown>HIDDEN2
                      __GI_poll.symtab0x124d044FUNC<unknown>HIDDEN2
                      __GI_putc.symtab0x1424c204FUNC<unknown>HIDDEN2
                      __GI_putc_unlocked.symtab0x14760260FUNC<unknown>HIDDEN2
                      __GI_raise.symtab0x1bf1824FUNC<unknown>HIDDEN2
                      __GI_random.symtab0x17610124FUNC<unknown>HIDDEN2
                      __GI_random_r.symtab0x178ec144FUNC<unknown>HIDDEN2
                      __GI_rawmemchr.symtab0x1c500184FUNC<unknown>HIDDEN2
                      __GI_read.symtab0x1cd7c44FUNC<unknown>HIDDEN2
                      __GI_recv.symtab0x16e3844FUNC<unknown>HIDDEN2
                      __GI_rewind.symtab0x1c0dc152FUNC<unknown>HIDDEN2
                      __GI_sbrk.symtab0x18b8488FUNC<unknown>HIDDEN2
                      __GI_select.symtab0x124fc48FUNC<unknown>HIDDEN2
                      __GI_send.symtab0x16e6444FUNC<unknown>HIDDEN2
                      __GI_sendto.symtab0x16e9052FUNC<unknown>HIDDEN2
                      __GI_setservent.symtab0x1a7a4176FUNC<unknown>HIDDEN2
                      __GI_setsid.symtab0x1252c44FUNC<unknown>HIDDEN2
                      __GI_setsockopt.symtab0x16ec448FUNC<unknown>HIDDEN2
                      __GI_setstate_r.symtab0x1782c192FUNC<unknown>HIDDEN2
                      __GI_sigaction.symtab0x1881c228FUNC<unknown>HIDDEN2
                      __GI_signal.symtab0x1bf30184FUNC<unknown>HIDDEN2
                      __GI_sigprocmask.symtab0x18bdc84FUNC<unknown>HIDDEN2
                      __GI_sleep.symtab0x17f24420FUNC<unknown>HIDDEN2
                      __GI_socket.symtab0x16ef444FUNC<unknown>HIDDEN2
                      __GI_sprintf.symtab0x1292852FUNC<unknown>HIDDEN2
                      __GI_srandom_r.symtab0x1797c204FUNC<unknown>HIDDEN2
                      __GI_strcasecmp.symtab0x14e64124FUNC<unknown>HIDDEN2
                      __GI_strcasestr.symtab0x14ee0156FUNC<unknown>HIDDEN2
                      __GI_strchr.symtab0x1a2a0264FUNC<unknown>HIDDEN2
                      __GI_strcmp.symtab0x14a1028FUNC<unknown>HIDDEN2
                      __GI_strcoll.symtab0x14a1028FUNC<unknown>HIDDEN2
                      __GI_strcpy.symtab0x14a9028FUNC<unknown>HIDDEN2
                      __GI_strdup.symtab0x14f7c48FUNC<unknown>HIDDEN2
                      __GI_strlen.symtab0x14a3096FUNC<unknown>HIDDEN2
                      __GI_strncat.symtab0x1c5b8200FUNC<unknown>HIDDEN2
                      __GI_strncmp.symtab0x14aac292FUNC<unknown>HIDDEN2
                      __GI_strncpy.symtab0x14bd0184FUNC<unknown>HIDDEN2
                      __GI_strnlen.symtab0x14c88224FUNC<unknown>HIDDEN2
                      __GI_strpbrk.symtab0x1a41c64FUNC<unknown>HIDDEN2
                      __GI_strspn.symtab0x1c68080FUNC<unknown>HIDDEN2
                      __GI_strtok.symtab0x14fac12FUNC<unknown>HIDDEN2
                      __GI_strtok_r.symtab0x1a3a8116FUNC<unknown>HIDDEN2
                      __GI_strtol.symtab0x17c548FUNC<unknown>HIDDEN2
                      __GI_strtoul.symtab0x17c5c8FUNC<unknown>HIDDEN2
                      __GI_sysconf.symtab0x180c8944FUNC<unknown>HIDDEN2
                      __GI_tcgetattr.symtab0x14fd8108FUNC<unknown>HIDDEN2
                      __GI_time.symtab0x1255844FUNC<unknown>HIDDEN2
                      __GI_tolower.symtab0x18c5c52FUNC<unknown>HIDDEN2
                      __GI_toupper.symtab0x125f052FUNC<unknown>HIDDEN2
                      __GI_vasprintf.symtab0x1295c132FUNC<unknown>HIDDEN2
                      __GI_vfork.symtab0x1890040FUNC<unknown>HIDDEN2
                      __GI_vfprintf.symtab0x13238188FUNC<unknown>HIDDEN2
                      __GI_vsnprintf.symtab0x129e0176FUNC<unknown>HIDDEN2
                      __GI_wait4.symtab0x18c3044FUNC<unknown>HIDDEN2
                      __GI_waitpid.symtab0x125bc8FUNC<unknown>HIDDEN2
                      __GI_wcrtomb.symtab0x18c9c80FUNC<unknown>HIDDEN2
                      __GI_wcsnrtombs.symtab0x18d0c188FUNC<unknown>HIDDEN2
                      __GI_wcsrtombs.symtab0x18cec32FUNC<unknown>HIDDEN2
                      __GI_write.symtab0x125c444FUNC<unknown>HIDDEN2
                      __JCR_END__.symtab0x2b0640OBJECT<unknown>DEFAULT8
                      __JCR_LIST__.symtab0x2b0640OBJECT<unknown>DEFAULT8
                      __adddf3.symtab0x1cfe8736FUNC<unknown>DEFAULT2
                      __aeabi_cdcmpeq.symtab0x1d9b820FUNC<unknown>DEFAULT2
                      __aeabi_cdcmple.symtab0x1d9b820FUNC<unknown>DEFAULT2
                      __aeabi_cdrcmple.symtab0x1d99c48FUNC<unknown>DEFAULT2
                      __aeabi_d2uiz.symtab0x1da3084FUNC<unknown>DEFAULT2
                      __aeabi_dadd.symtab0x1cfe8736FUNC<unknown>DEFAULT2
                      __aeabi_dcmpeq.symtab0x1d9cc20FUNC<unknown>DEFAULT2
                      __aeabi_dcmpge.symtab0x1da0820FUNC<unknown>DEFAULT2
                      __aeabi_dcmpgt.symtab0x1da1c20FUNC<unknown>DEFAULT2
                      __aeabi_dcmple.symtab0x1d9f420FUNC<unknown>DEFAULT2
                      __aeabi_dcmplt.symtab0x1d9e020FUNC<unknown>DEFAULT2
                      __aeabi_ddiv.symtab0x1d704516FUNC<unknown>DEFAULT2
                      __aeabi_dmul.symtab0x1d3dc808FUNC<unknown>DEFAULT2
                      __aeabi_drsub.symtab0x1cfdc0FUNC<unknown>DEFAULT2
                      __aeabi_dsub.symtab0x1cfe4740FUNC<unknown>DEFAULT2
                      __aeabi_f2d.symtab0x1d31c64FUNC<unknown>DEFAULT2
                      __aeabi_i2d.symtab0x1d2f044FUNC<unknown>DEFAULT2
                      __aeabi_idiv.symtab0x1ce9c0FUNC<unknown>DEFAULT2
                      __aeabi_idiv0.symtab0x1211c4FUNC<unknown>DEFAULT2
                      __aeabi_idivmod.symtab0x1cfc424FUNC<unknown>DEFAULT2
                      __aeabi_l2d.symtab0x1d370108FUNC<unknown>DEFAULT2
                      __aeabi_ldiv0.symtab0x1211c4FUNC<unknown>DEFAULT2
                      __aeabi_ui2d.symtab0x1d2c840FUNC<unknown>DEFAULT2
                      __aeabi_uidiv.symtab0x11e5c0FUNC<unknown>DEFAULT2
                      __aeabi_uidivmod.symtab0x11f5424FUNC<unknown>DEFAULT2
                      __aeabi_ul2d.symtab0x1d35c128FUNC<unknown>DEFAULT2
                      __app_fini.symtab0x322844OBJECT<unknown>HIDDEN10
                      __atexit_lock.symtab0x2bd8424OBJECT<unknown>DEFAULT9
                      __bsd_signal.symtab0x1bf30184FUNC<unknown>HIDDEN2
                      __bss_end__.symtab0x335d80NOTYPE<unknown>DEFAULTSHN_ABS
                      __bss_start.symtab0x2bde80NOTYPE<unknown>DEFAULTSHN_ABS
                      __bss_start__.symtab0x2bde80NOTYPE<unknown>DEFAULTSHN_ABS
                      __check_one_fd.symtab0x1853c56FUNC<unknown>DEFAULT2
                      __cmpdf2.symtab0x1d918132FUNC<unknown>DEFAULT2
                      __ctype_b.symtab0x2bda44OBJECT<unknown>DEFAULT9
                      __ctype_tolower.symtab0x2bdac4OBJECT<unknown>DEFAULT9
                      __ctype_toupper.symtab0x2ba704OBJECT<unknown>DEFAULT9
                      __curbrk.symtab0x322d04OBJECT<unknown>HIDDEN10
                      __data_start.symtab0x2b0680NOTYPE<unknown>DEFAULT9
                      __decode_answer.symtab0x1c8e0220FUNC<unknown>HIDDEN2
                      __decode_dotted.symtab0x1aeec204FUNC<unknown>HIDDEN2
                      __decode_header.symtab0x1c7b8184FUNC<unknown>HIDDEN2
                      __default_rt_sa_restorer.symtab0x189340FUNC<unknown>DEFAULT2
                      __default_sa_restorer.symtab0x189300FUNC<unknown>DEFAULT2
                      __deregister_frame_info.symtab0x00NOTYPE<unknown>DEFAULTSHN_UNDEF
                      __div0.symtab0x1211c4FUNC<unknown>DEFAULT2
                      __divdf3.symtab0x1d704516FUNC<unknown>DEFAULT2
                      __divsi3.symtab0x1ce9c296FUNC<unknown>DEFAULT2
                      __dns_lookup.symtab0x1afb82060FUNC<unknown>HIDDEN2
                      __do_global_ctors_aux.symtab0x1da840FUNC<unknown>DEFAULT2
                      __do_global_dtors_aux.symtab0x80b00FUNC<unknown>DEFAULT2
                      __dso_handle.symtab0x2b06c0OBJECT<unknown>HIDDEN9
                      __encode_dotted.symtab0x1cda8168FUNC<unknown>HIDDEN2
                      __encode_header.symtab0x1c6d0232FUNC<unknown>HIDDEN2
                      __encode_question.symtab0x1c87092FUNC<unknown>HIDDEN2
                      __end__.symtab0x335d80NOTYPE<unknown>DEFAULTSHN_ABS
                      __environ.symtab0x3227c4OBJECT<unknown>DEFAULT10
                      __eqdf2.symtab0x1d918132FUNC<unknown>DEFAULT2
                      __errno_location.symtab0x1262412FUNC<unknown>DEFAULT2
                      __errno_location.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                      __error.symtab0x189240NOTYPE<unknown>DEFAULT2
                      __exit_cleanup.symtab0x322744OBJECT<unknown>HIDDEN10
                      __extendsfdf2.symtab0x1d31c64FUNC<unknown>DEFAULT2
                      __fgetc_unlocked.symtab0x19ae0304FUNC<unknown>DEFAULT2
                      __fini_array_end.symtab0x2b0540NOTYPE<unknown>HIDDENSHN_ABS
                      __fini_array_start.symtab0x2b0540NOTYPE<unknown>HIDDENSHN_ABS
                      __fixunsdfsi.symtab0x1da3084FUNC<unknown>DEFAULT2
                      __floatdidf.symtab0x1d370108FUNC<unknown>DEFAULT2
                      __floatsidf.symtab0x1d2f044FUNC<unknown>DEFAULT2
                      __floatundidf.symtab0x1d35c128FUNC<unknown>DEFAULT2
                      __floatunsidf.symtab0x1d2c840FUNC<unknown>DEFAULT2
                      __fputc_unlocked.symtab0x14760260FUNC<unknown>DEFAULT2
                      __gedf2.symtab0x1d908148FUNC<unknown>DEFAULT2
                      __get_hosts_byaddr_r.symtab0x1bae0148FUNC<unknown>HIDDEN2
                      __get_hosts_byname_r.symtab0x1ba9872FUNC<unknown>HIDDEN2
                      __getpagesize.symtab0x123b824FUNC<unknown>DEFAULT2
                      __glibc_strerror_r.symtab0x14d6820FUNC<unknown>DEFAULT2
                      __glibc_strerror_r.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                      __gtdf2.symtab0x1d908148FUNC<unknown>DEFAULT2
                      __h_errno_location.symtab0x18c9012FUNC<unknown>DEFAULT2
                      __h_errno_location.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                      __heap_alloc.symtab0x1727c148FUNC<unknown>DEFAULT2
                      __heap_alloc_at.symtab0x17310140FUNC<unknown>DEFAULT2
                      __heap_free.symtab0x173d0244FUNC<unknown>DEFAULT2
                      __heap_link_free_area.symtab0x1739c32FUNC<unknown>DEFAULT2
                      __heap_link_free_area_after.symtab0x173bc20FUNC<unknown>DEFAULT2
                      __init_array_end.symtab0x2b0540NOTYPE<unknown>HIDDENSHN_ABS
                      __init_array_start.symtab0x2b0540NOTYPE<unknown>HIDDENSHN_ABS
                      __initbuf.symtab0x1a45c52FUNC<unknown>DEFAULT2
                      __ledf2.symtab0x1d910140FUNC<unknown>DEFAULT2
                      __length_dotted.symtab0x1ce5076FUNC<unknown>HIDDEN2
                      __length_question.symtab0x1c8cc20FUNC<unknown>HIDDEN2
                      __libc_accept.symtab0x16d5844FUNC<unknown>DEFAULT2
                      __libc_close.symtab0x1226044FUNC<unknown>DEFAULT2
                      __libc_connect.symtab0x16db044FUNC<unknown>DEFAULT2
                      __libc_creat.symtab0x18b4816FUNC<unknown>DEFAULT2
                      __libc_fcntl.symtab0x12170116FUNC<unknown>DEFAULT2
                      __libc_fcntl64.symtab0x121e480FUNC<unknown>DEFAULT2
                      __libc_fork.symtab0x1228c44FUNC<unknown>DEFAULT2
                      __libc_getpid.symtab0x123d044FUNC<unknown>DEFAULT2
                      __libc_lseek64.symtab0x1cd18100FUNC<unknown>DEFAULT2
                      __libc_nanosleep.symtab0x18ac044FUNC<unknown>DEFAULT2
                      __libc_open.symtab0x18aec92FUNC<unknown>DEFAULT2
                      __libc_poll.symtab0x124d044FUNC<unknown>DEFAULT2
                      __libc_read.symtab0x1cd7c44FUNC<unknown>DEFAULT2
                      __libc_recv.symtab0x16e3844FUNC<unknown>DEFAULT2
                      __libc_select.symtab0x124fc48FUNC<unknown>DEFAULT2
                      __libc_send.symtab0x16e6444FUNC<unknown>DEFAULT2
                      __libc_sendto.symtab0x16e9052FUNC<unknown>DEFAULT2
                      __libc_sigaction.symtab0x1881c228FUNC<unknown>DEFAULT2
                      __libc_stack_end.symtab0x322784OBJECT<unknown>DEFAULT10
                      __libc_system.symtab0x17b10312FUNC<unknown>DEFAULT2
                      __libc_waitpid.symtab0x125bc8FUNC<unknown>DEFAULT2
                      __libc_write.symtab0x125c444FUNC<unknown>DEFAULT2
                      __ltdf2.symtab0x1d910140FUNC<unknown>DEFAULT2
                      __malloc_heap.symtab0x2bbb04OBJECT<unknown>DEFAULT9
                      __malloc_heap_lock.symtab0x3225824OBJECT<unknown>DEFAULT10
                      __malloc_sbrk_lock.symtab0x3351424OBJECT<unknown>DEFAULT10
                      __modsi3.symtab0x12038228FUNC<unknown>DEFAULT2
                      __muldf3.symtab0x1d3dc808FUNC<unknown>DEFAULT2
                      __muldi3.symtab0x1212080FUNC<unknown>DEFAULT2
                      __nameserver.symtab0x3353c12OBJECT<unknown>HIDDEN10
                      __nameservers.symtab0x335484OBJECT<unknown>HIDDEN10
                      __nedf2.symtab0x1d918132FUNC<unknown>DEFAULT2
                      __open_etc_hosts.symtab0x1c9bc52FUNC<unknown>HIDDEN2
                      __open_nameservers.symtab0x1b7c4724FUNC<unknown>HIDDEN2
                      __opensock.symtab0x1bee848FUNC<unknown>HIDDEN2
                      __pagesize.symtab0x322804OBJECT<unknown>DEFAULT10
                      __preinit_array_end.symtab0x2b0540NOTYPE<unknown>HIDDENSHN_ABS
                      __preinit_array_start.symtab0x2b0540NOTYPE<unknown>HIDDENSHN_ABS
                      __pthread_initialize_minimal.symtab0x00NOTYPE<unknown>DEFAULTSHN_UNDEF
                      __pthread_mutex_init.symtab0x185308FUNC<unknown>DEFAULT2
                      __pthread_mutex_lock.symtab0x185308FUNC<unknown>DEFAULT2
                      __pthread_mutex_trylock.symtab0x185308FUNC<unknown>DEFAULT2
                      __pthread_mutex_unlock.symtab0x185308FUNC<unknown>DEFAULT2
                      __pthread_return_0.symtab0x185308FUNC<unknown>DEFAULT2
                      __pthread_return_void.symtab0x185384FUNC<unknown>DEFAULT2
                      __raise.symtab0x1bf1824FUNC<unknown>HIDDEN2
                      __read_etc_hosts_r.symtab0x1c9f0808FUNC<unknown>HIDDEN2
                      __register_frame_info.symtab0x00NOTYPE<unknown>DEFAULTSHN_UNDEF
                      __resolv_lock.symtab0x2bdcc24OBJECT<unknown>DEFAULT9
                      __rtld_fini.symtab0x322884OBJECT<unknown>HIDDEN10
                      __searchdomain.symtab0x3352c16OBJECT<unknown>HIDDEN10
                      __searchdomains.symtab0x3354c4OBJECT<unknown>HIDDEN10
                      __sigaddset.symtab0x1c00c36FUNC<unknown>DEFAULT2
                      __sigdelset.symtab0x1c03036FUNC<unknown>DEFAULT2
                      __sigismember.symtab0x1bfe836FUNC<unknown>DEFAULT2
                      __stdin.symtab0x2ba804OBJECT<unknown>DEFAULT9
                      __stdio_READ.symtab0x1c2a492FUNC<unknown>HIDDEN2
                      __stdio_WRITE.symtab0x18e00188FUNC<unknown>HIDDEN2
                      __stdio_adjust_position.symtab0x1c300204FUNC<unknown>HIDDEN2
                      __stdio_fwrite.symtab0x18ebc312FUNC<unknown>HIDDEN2
                      __stdio_init_mutex.symtab0x1314016FUNC<unknown>HIDDEN2
                      __stdio_mutex_initializer.3929.symtab0x21c4c24OBJECT<unknown>DEFAULT4
                      __stdio_rfill.symtab0x1c3cc44FUNC<unknown>HIDDEN2
                      __stdio_seek.symtab0x1c4b448FUNC<unknown>HIDDEN2
                      __stdio_trans2r_o.symtab0x1c3f8188FUNC<unknown>HIDDEN2
                      __stdio_trans2w_o.symtab0x18ff4260FUNC<unknown>HIDDEN2
                      __stdio_wcommit.symtab0x1320848FUNC<unknown>HIDDEN2
                      __stdout.symtab0x2ba844OBJECT<unknown>DEFAULT9
                      __subdf3.symtab0x1cfe4740FUNC<unknown>DEFAULT2
                      __syscall_error.symtab0x1c0b428FUNC<unknown>HIDDEN2
                      __syscall_error.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                      __syscall_fcntl.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                      __syscall_fcntl64.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                      __syscall_rt_sigaction.symtab0x1893844FUNC<unknown>HIDDEN2
                      __syscall_rt_sigaction.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                      __uClibc_fini.symtab0x184c4108FUNC<unknown>DEFAULT2
                      __uClibc_init.symtab0x1857492FUNC<unknown>DEFAULT2
                      __uClibc_main.symtab0x185d0588FUNC<unknown>DEFAULT2
                      __uClibc_main.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                      __uclibc_progname.symtab0x2bd9c4OBJECT<unknown>HIDDEN9
                      __udivsi3.symtab0x11e5c248FUNC<unknown>DEFAULT2
                      __umodsi3.symtab0x11f6c204FUNC<unknown>DEFAULT2
                      __vfork.symtab0x1890040FUNC<unknown>HIDDEN2
                      __xpg_strerror_r.symtab0x14d7c232FUNC<unknown>DEFAULT2
                      __xpg_strerror_r.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                      _adjust_pos.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                      _bss_end__.symtab0x335d80NOTYPE<unknown>DEFAULTSHN_ABS
                      _charpad.symtab0x132f476FUNC<unknown>DEFAULT2
                      _cs_funcs.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                      _dl_aux_init.symtab0x1c05436FUNC<unknown>DEFAULT2
                      _dl_phdr.symtab0x335d04OBJECT<unknown>DEFAULT10
                      _dl_phnum.symtab0x335d44OBJECT<unknown>DEFAULT10
                      _edata.symtab0x2bde80NOTYPE<unknown>DEFAULTSHN_ABS
                      _end.symtab0x335d80NOTYPE<unknown>DEFAULTSHN_ABS
                      _errno.symtab0x322904OBJECT<unknown>DEFAULT10
                      _exit.symtab0x1896440FUNC<unknown>DEFAULT2
                      _exit.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                      _fini.symtab0x1dac04FUNC<unknown>DEFAULT3
                      _fixed_buffers.symtab0x302448192OBJECT<unknown>DEFAULT10
                      _fopen.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                      _fp_out_narrow.symtab0x13340132FUNC<unknown>DEFAULT2
                      _fpmaxtostr.symtab0x192ec2036FUNC<unknown>HIDDEN2
                      _fpmaxtostr.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                      _fwrite.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                      _h_errno.symtab0x322944OBJECT<unknown>DEFAULT10
                      _init.symtab0x80944FUNC<unknown>DEFAULT1
                      _load_inttype.symtab0x190f8112FUNC<unknown>HIDDEN2
                      _load_inttype.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                      _memcpy.symtab0x19c100FUNC<unknown>HIDDEN2
                      _ppfs_init.symtab0x139b8152FUNC<unknown>HIDDEN2
                      _ppfs_init.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                      _ppfs_parsespec.symtab0x13c701220FUNC<unknown>HIDDEN2
                      _ppfs_parsespec.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                      _ppfs_prepargs.symtab0x13a5056FUNC<unknown>HIDDEN2
                      _ppfs_prepargs.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                      _ppfs_setargs.symtab0x13a88412FUNC<unknown>HIDDEN2
                      _ppfs_setargs.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                      _promoted_size.symtab0x13c2476FUNC<unknown>DEFAULT2
                      _pthread_cleanup_pop_restore.symtab0x185384FUNC<unknown>DEFAULT2
                      _pthread_cleanup_push_defer.symtab0x185384FUNC<unknown>DEFAULT2
                      _rfill.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                      _sigintr.symtab0x33550128OBJECT<unknown>HIDDEN10
                      _start.symtab0x81900FUNC<unknown>DEFAULT2
                      _stdio.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                      _stdio_fopen.symtab0x12dd8760FUNC<unknown>HIDDEN2
                      _stdio_init.symtab0x130d0112FUNC<unknown>HIDDEN2
                      _stdio_openlist.symtab0x2ba884OBJECT<unknown>DEFAULT9
                      _stdio_openlist_add_lock.symtab0x2ba8c24OBJECT<unknown>DEFAULT9
                      _stdio_openlist_dec_use.symtab0x143a4320FUNC<unknown>DEFAULT2
                      _stdio_openlist_del_count.symtab0x302404OBJECT<unknown>DEFAULT10
                      _stdio_openlist_del_lock.symtab0x2baa424OBJECT<unknown>DEFAULT9
                      _stdio_openlist_use_count.symtab0x3023c4OBJECT<unknown>DEFAULT10
                      _stdio_streams.symtab0x2bac0240OBJECT<unknown>DEFAULT9
                      _stdio_term.symtab0x13150184FUNC<unknown>HIDDEN2
                      _stdio_user_locking.symtab0x2babc4OBJECT<unknown>DEFAULT9
                      _stdlib_strto_l.symtab0x17c64408FUNC<unknown>HIDDEN2
                      _stdlib_strto_l.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                      _store_inttype.symtab0x1916852FUNC<unknown>HIDDEN2
                      _store_inttype.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                      _string_syserrmsgs.symtab0x21d1c2906OBJECT<unknown>HIDDEN4
                      _string_syserrmsgs.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                      _trans2r.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                      _trans2w.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                      _uintmaxtostr.symtab0x1919c336FUNC<unknown>HIDDEN2
                      _uintmaxtostr.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                      _vfprintf_internal.symtab0x133c41524FUNC<unknown>HIDDEN2
                      _vfprintf_internal.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                      _wcommit.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                      abort.symtab0x174c4328FUNC<unknown>DEFAULT2
                      abort.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                      accept.symtab0x16d5844FUNC<unknown>DEFAULT2
                      accept.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                      actualparent.symtab0x323e84OBJECT<unknown>DEFAULT10
                      advance_telstate.symtab0xd858112FUNC<unknown>DEFAULT2
                      advances.symtab0x2b8d028OBJECT<unknown>DEFAULT9
                      advances2.symtab0x2b93044OBJECT<unknown>DEFAULT9
                      ak47scan.symtab0xf310252FUNC<unknown>DEFAULT2
                      ak47scantoggle.symtab0xf40c428FUNC<unknown>DEFAULT2
                      ak47telscan.symtab0xd9446604FUNC<unknown>DEFAULT2
                      append.symtab0xfc6876FUNC<unknown>DEFAULT2
                      asprintf.symtab0x128f848FUNC<unknown>DEFAULT2
                      asprintf.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                      atoi.symtab0x17c4812FUNC<unknown>DEFAULT2
                      atol.symtab0x17c4812FUNC<unknown>DEFAULT2
                      atol.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                      bcopy.symtab0x1495016FUNC<unknown>DEFAULT2
                      been_there_done_that.symtab0x322704OBJECT<unknown>DEFAULT10
                      been_there_done_that.2789.symtab0x3228c4OBJECT<unknown>DEFAULT10
                      bind.symtab0x16d8444FUNC<unknown>DEFAULT2
                      bind.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                      blacknurse.symtab0x9ce4800FUNC<unknown>DEFAULT2
                      botkill.symtab0xf5b8156FUNC<unknown>DEFAULT2
                      brk.symtab0x1c07860FUNC<unknown>DEFAULT2
                      brk.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                      bsd_signal.symtab0x1bf30184FUNC<unknown>DEFAULT2
                      buf.2613.symtab0x3224816OBJECT<unknown>DEFAULT10
                      c.symtab0x2b96c4OBJECT<unknown>DEFAULT9
                      call___do_global_ctors_aux.symtab0x1dab80FUNC<unknown>DEFAULT2
                      call___do_global_dtors_aux.symtab0x81280FUNC<unknown>DEFAULT2
                      call_frame_dummy.symtab0x81880FUNC<unknown>DEFAULT2
                      capsaicin2.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                      chan.symtab0x3350c4OBJECT<unknown>DEFAULT10
                      changeservers.symtab0x2be084OBJECT<unknown>DEFAULT10
                      chdir.symtab0x1223444FUNC<unknown>DEFAULT2
                      chdir.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                      clock_getres.symtab0x1898c44FUNC<unknown>DEFAULT2
                      clock_getres.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                      close.symtab0x1226044FUNC<unknown>DEFAULT2
                      close.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                      completed.2555.symtab0x2bde81OBJECT<unknown>DEFAULT10
                      con.symtab0x10ef8868FUNC<unknown>DEFAULT2
                      connect.symtab0x16db044FUNC<unknown>DEFAULT2
                      connect.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                      contains_fail.symtab0xd5b448FUNC<unknown>DEFAULT2
                      contains_response.symtab0xd5e496FUNC<unknown>DEFAULT2
                      contains_string.symtab0xd4ac216FUNC<unknown>DEFAULT2
                      contains_success.symtab0xd58448FUNC<unknown>DEFAULT2
                      creat.symtab0x18b4816FUNC<unknown>DEFAULT2
                      crtstuff.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                      crtstuff.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                      csum.symtab0x81e8260FUNC<unknown>DEFAULT2
                      data_start.symtab0x2b0740NOTYPE<unknown>DEFAULT9
                      decodea.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                      decoded.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                      decodeh.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                      disable.symtab0x97bc320FUNC<unknown>DEFAULT2
                      disabled.symtab0x2be0c1OBJECT<unknown>DEFAULT10
                      dispass.symtab0x322d4256OBJECT<unknown>DEFAULT10
                      dl-support.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                      dns.symtab0xc438780FUNC<unknown>DEFAULT2
                      dns_format.symtab0xb9dc320FUNC<unknown>DEFAULT2
                      dns_hdr_create.symtab0xbb1c172FUNC<unknown>DEFAULT2
                      dns_send.symtab0xbbc81640FUNC<unknown>DEFAULT2
                      dnsflood.symtab0xc230520FUNC<unknown>DEFAULT2
                      dnslookup.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                      download.symtab0x8eb01508FUNC<unknown>DEFAULT2
                      dup2.symtab0x189b844FUNC<unknown>DEFAULT2
                      dup2.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                      enable.symtab0x98fc284FUNC<unknown>DEFAULT2
                      encoded.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                      encodeh.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                      encodeq.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                      endservent.symtab0x1a710148FUNC<unknown>DEFAULT2
                      environ.symtab0x3227c4OBJECT<unknown>DEFAULT10
                      errno.symtab0x322904OBJECT<unknown>DEFAULT10
                      errno.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                      execfile.symtab0x323f4256OBJECT<unknown>DEFAULT10
                      execl.symtab0x17e90148FUNC<unknown>DEFAULT2
                      execl.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                      execve.symtab0x189e444FUNC<unknown>DEFAULT2
                      execve.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                      exit.symtab0x17dfc148FUNC<unknown>DEFAULT2
                      exit.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                      exp10_table.symtab0x22f7c72OBJECT<unknown>DEFAULT4
                      fails.symtab0x2b8ec36OBJECT<unknown>DEFAULT9
                      fastflux.symtab0xfec8460FUNC<unknown>DEFAULT2
                      fclose.symtab0x12630384FUNC<unknown>DEFAULT2
                      fclose.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                      fcntl.symtab0x12170116FUNC<unknown>DEFAULT2
                      fcntl64.symtab0x121e480FUNC<unknown>DEFAULT2
                      fdopen.symtab0x18dc856FUNC<unknown>DEFAULT2
                      fdopen.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                      feof.symtab0x14134132FUNC<unknown>DEFAULT2

                      Network Behavior

                      Network Port Distribution

                      TCP Packets

                      TimestampSource PortDest PortSource IPDest IP
                      Nov 23, 2024 11:07:17.029009104 CET606006780192.168.2.1395.234.158.87
                      Nov 23, 2024 11:07:17.148837090 CET67806060095.234.158.87192.168.2.13
                      Nov 23, 2024 11:07:17.148937941 CET606006780192.168.2.1395.234.158.87
                      Nov 23, 2024 11:07:18.042795897 CET606006780192.168.2.1395.234.158.87
                      Nov 23, 2024 11:07:18.162621975 CET67806060095.234.158.87192.168.2.13
                      Nov 23, 2024 11:07:18.432663918 CET67806060095.234.158.87192.168.2.13
                      Nov 23, 2024 11:07:18.432796955 CET606006780192.168.2.1395.234.158.87
                      Nov 23, 2024 11:07:18.543559074 CET67806060095.234.158.87192.168.2.13
                      Nov 23, 2024 11:07:18.543649912 CET67806060095.234.158.87192.168.2.13
                      Nov 23, 2024 11:07:18.543664932 CET606006780192.168.2.1395.234.158.87
                      Nov 23, 2024 11:07:18.544054985 CET606006780192.168.2.1395.234.158.87
                      Nov 23, 2024 11:07:18.544076920 CET606006780192.168.2.1395.234.158.87
                      Nov 23, 2024 11:07:18.663569927 CET67806060095.234.158.87192.168.2.13
                      Nov 23, 2024 11:07:23.547741890 CET606026780192.168.2.1395.234.158.87
                      Nov 23, 2024 11:07:23.667711020 CET67806060295.234.158.87192.168.2.13
                      Nov 23, 2024 11:07:23.667920113 CET606026780192.168.2.1395.234.158.87
                      Nov 23, 2024 11:07:24.552851915 CET606026780192.168.2.1395.234.158.87
                      Nov 23, 2024 11:07:24.672612906 CET67806060295.234.158.87192.168.2.13
                      Nov 23, 2024 11:07:24.869491100 CET67806060295.234.158.87192.168.2.13
                      Nov 23, 2024 11:07:24.869524002 CET67806060295.234.158.87192.168.2.13
                      Nov 23, 2024 11:07:24.869652033 CET606026780192.168.2.1395.234.158.87
                      Nov 23, 2024 11:07:24.869745970 CET606026780192.168.2.1395.234.158.87
                      Nov 23, 2024 11:07:24.990716934 CET67806060295.234.158.87192.168.2.13
                      Nov 23, 2024 11:07:29.871730089 CET606046780192.168.2.1395.234.158.87
                      Nov 23, 2024 11:07:29.991420031 CET67806060495.234.158.87192.168.2.13
                      Nov 23, 2024 11:07:29.991488934 CET606046780192.168.2.1395.234.158.87
                      Nov 23, 2024 11:07:30.876358986 CET606046780192.168.2.1395.234.158.87
                      Nov 23, 2024 11:07:30.996413946 CET67806060495.234.158.87192.168.2.13
                      Nov 23, 2024 11:07:31.156168938 CET67806060495.234.158.87192.168.2.13
                      Nov 23, 2024 11:07:31.156203032 CET67806060495.234.158.87192.168.2.13
                      Nov 23, 2024 11:07:31.156429052 CET606046780192.168.2.1395.234.158.87
                      Nov 23, 2024 11:07:31.156430006 CET606046780192.168.2.1395.234.158.87
                      Nov 23, 2024 11:07:31.276336908 CET67806060495.234.158.87192.168.2.13
                      Nov 23, 2024 11:07:36.158910036 CET606066780192.168.2.1395.234.158.87
                      Nov 23, 2024 11:07:36.278810024 CET67806060695.234.158.87192.168.2.13
                      Nov 23, 2024 11:07:36.278928995 CET606066780192.168.2.1395.234.158.87
                      Nov 23, 2024 11:07:37.162693024 CET606066780192.168.2.1395.234.158.87
                      Nov 23, 2024 11:07:37.286369085 CET67806060695.234.158.87192.168.2.13
                      Nov 23, 2024 11:07:37.431950092 CET67806060695.234.158.87192.168.2.13
                      Nov 23, 2024 11:07:37.432142019 CET606066780192.168.2.1395.234.158.87
                      Nov 23, 2024 11:07:37.432142019 CET606066780192.168.2.1395.234.158.87
                      Nov 23, 2024 11:07:37.432154894 CET67806060695.234.158.87192.168.2.13
                      Nov 23, 2024 11:07:37.432209015 CET606066780192.168.2.1395.234.158.87
                      Nov 23, 2024 11:07:37.551846981 CET67806060695.234.158.87192.168.2.13
                      Nov 23, 2024 11:07:42.434607029 CET606086780192.168.2.1395.234.158.87
                      Nov 23, 2024 11:07:42.554548025 CET67806060895.234.158.87192.168.2.13
                      Nov 23, 2024 11:07:42.554780006 CET606086780192.168.2.1395.234.158.87
                      Nov 23, 2024 11:07:43.439234972 CET606086780192.168.2.1395.234.158.87
                      Nov 23, 2024 11:07:43.559123039 CET67806060895.234.158.87192.168.2.13
                      Nov 23, 2024 11:07:43.711882114 CET67806060895.234.158.87192.168.2.13
                      Nov 23, 2024 11:07:43.711945057 CET67806060895.234.158.87192.168.2.13
                      Nov 23, 2024 11:07:43.711958885 CET606086780192.168.2.1395.234.158.87
                      Nov 23, 2024 11:07:43.712042093 CET606086780192.168.2.1395.234.158.87
                      Nov 23, 2024 11:07:43.831625938 CET67806060895.234.158.87192.168.2.13
                      Nov 23, 2024 11:07:48.713777065 CET606106780192.168.2.1395.234.158.87
                      Nov 23, 2024 11:07:48.833647013 CET67806061095.234.158.87192.168.2.13
                      Nov 23, 2024 11:07:48.833796024 CET606106780192.168.2.1395.234.158.87
                      Nov 23, 2024 11:07:49.717683077 CET606106780192.168.2.1395.234.158.87
                      Nov 23, 2024 11:07:49.837491035 CET67806061095.234.158.87192.168.2.13
                      Nov 23, 2024 11:07:49.981049061 CET67806061095.234.158.87192.168.2.13
                      Nov 23, 2024 11:07:49.981091976 CET606106780192.168.2.1395.234.158.87
                      Nov 23, 2024 11:07:49.981148005 CET606106780192.168.2.1395.234.158.87
                      Nov 23, 2024 11:07:49.981209040 CET67806061095.234.158.87192.168.2.13
                      Nov 23, 2024 11:07:49.981265068 CET606106780192.168.2.1395.234.158.87
                      Nov 23, 2024 11:07:50.101120949 CET67806061095.234.158.87192.168.2.13
                      Nov 23, 2024 11:07:54.982547045 CET606126780192.168.2.1395.234.158.87
                      Nov 23, 2024 11:07:55.102710009 CET67806061295.234.158.87192.168.2.13
                      Nov 23, 2024 11:07:55.102794886 CET606126780192.168.2.1395.234.158.87
                      Nov 23, 2024 11:07:55.985893965 CET606126780192.168.2.1395.234.158.87
                      Nov 23, 2024 11:07:56.105778933 CET67806061295.234.158.87192.168.2.13
                      Nov 23, 2024 11:07:56.255862951 CET67806061295.234.158.87192.168.2.13
                      Nov 23, 2024 11:07:56.255908012 CET67806061295.234.158.87192.168.2.13
                      Nov 23, 2024 11:07:56.255979061 CET606126780192.168.2.1395.234.158.87
                      Nov 23, 2024 11:07:56.256202936 CET606126780192.168.2.1395.234.158.87
                      Nov 23, 2024 11:07:56.376775026 CET67806061295.234.158.87192.168.2.13
                      Nov 23, 2024 11:08:01.257479906 CET606146780192.168.2.1395.234.158.87
                      Nov 23, 2024 11:08:01.377335072 CET67806061495.234.158.87192.168.2.13
                      Nov 23, 2024 11:08:01.377407074 CET606146780192.168.2.1395.234.158.87
                      Nov 23, 2024 11:08:02.271133900 CET606146780192.168.2.1395.234.158.87
                      Nov 23, 2024 11:08:02.390746117 CET67806061495.234.158.87192.168.2.13
                      Nov 23, 2024 11:08:02.565238953 CET67806061495.234.158.87192.168.2.13
                      Nov 23, 2024 11:08:02.565289974 CET67806061495.234.158.87192.168.2.13
                      Nov 23, 2024 11:08:02.565622091 CET606146780192.168.2.1395.234.158.87
                      Nov 23, 2024 11:08:02.565622091 CET606146780192.168.2.1395.234.158.87
                      Nov 23, 2024 11:08:02.685277939 CET67806061495.234.158.87192.168.2.13
                      Nov 23, 2024 11:08:07.567307949 CET606166780192.168.2.1395.234.158.87
                      Nov 23, 2024 11:08:07.687375069 CET67806061695.234.158.87192.168.2.13
                      Nov 23, 2024 11:08:07.687436104 CET606166780192.168.2.1395.234.158.87
                      Nov 23, 2024 11:08:08.681257963 CET606166780192.168.2.1395.234.158.87
                      Nov 23, 2024 11:08:08.800774097 CET67806061695.234.158.87192.168.2.13
                      Nov 23, 2024 11:08:08.832499027 CET67806061695.234.158.87192.168.2.13
                      Nov 23, 2024 11:08:08.832575083 CET606166780192.168.2.1395.234.158.87
                      Nov 23, 2024 11:08:08.832679987 CET606166780192.168.2.1395.234.158.87
                      Nov 23, 2024 11:08:08.832798004 CET67806061695.234.158.87192.168.2.13
                      Nov 23, 2024 11:08:08.832839966 CET606166780192.168.2.1395.234.158.87
                      Nov 23, 2024 11:08:08.952255964 CET67806061695.234.158.87192.168.2.13
                      Nov 23, 2024 11:08:13.834517002 CET606186780192.168.2.1395.234.158.87
                      Nov 23, 2024 11:08:13.954111099 CET67806061895.234.158.87192.168.2.13
                      Nov 23, 2024 11:08:13.954216003 CET606186780192.168.2.1395.234.158.87
                      Nov 23, 2024 11:08:14.838478088 CET606186780192.168.2.1395.234.158.87
                      Nov 23, 2024 11:08:14.960680008 CET67806061895.234.158.87192.168.2.13
                      Nov 23, 2024 11:08:15.068092108 CET67806061895.234.158.87192.168.2.13
                      Nov 23, 2024 11:08:15.068156004 CET606186780192.168.2.1395.234.158.87
                      Nov 23, 2024 11:08:15.068188906 CET606186780192.168.2.1395.234.158.87
                      Nov 23, 2024 11:08:15.068314075 CET67806061895.234.158.87192.168.2.13
                      Nov 23, 2024 11:08:15.068348885 CET606186780192.168.2.1395.234.158.87
                      Nov 23, 2024 11:08:15.188946009 CET67806061895.234.158.87192.168.2.13
                      Nov 23, 2024 11:08:20.082262039 CET606206780192.168.2.1395.234.158.87
                      Nov 23, 2024 11:08:20.203869104 CET67806062095.234.158.87192.168.2.13
                      Nov 23, 2024 11:08:20.203923941 CET606206780192.168.2.1395.234.158.87
                      Nov 23, 2024 11:08:21.085664988 CET606206780192.168.2.1395.234.158.87
                      Nov 23, 2024 11:08:21.205210924 CET67806062095.234.158.87192.168.2.13
                      Nov 23, 2024 11:08:21.401691914 CET67806062095.234.158.87192.168.2.13
                      Nov 23, 2024 11:08:21.401721954 CET67806062095.234.158.87192.168.2.13
                      Nov 23, 2024 11:08:21.401774883 CET606206780192.168.2.1395.234.158.87
                      Nov 23, 2024 11:08:21.401834965 CET606206780192.168.2.1395.234.158.87
                      Nov 23, 2024 11:08:21.523309946 CET67806062095.234.158.87192.168.2.13
                      Nov 23, 2024 11:08:26.403419971 CET606226780192.168.2.1395.234.158.87
                      Nov 23, 2024 11:08:26.523113966 CET67806062295.234.158.87192.168.2.13
                      Nov 23, 2024 11:08:26.523205996 CET606226780192.168.2.1395.234.158.87
                      Nov 23, 2024 11:08:27.406371117 CET606226780192.168.2.1395.234.158.87
                      Nov 23, 2024 11:08:27.527126074 CET67806062295.234.158.87192.168.2.13
                      Nov 23, 2024 11:08:27.630050898 CET67806062295.234.158.87192.168.2.13
                      Nov 23, 2024 11:08:27.630111933 CET67806062295.234.158.87192.168.2.13
                      Nov 23, 2024 11:08:27.630134106 CET606226780192.168.2.1395.234.158.87
                      Nov 23, 2024 11:08:27.630219936 CET606226780192.168.2.1395.234.158.87
                      Nov 23, 2024 11:08:27.751612902 CET67806062295.234.158.87192.168.2.13
                      Nov 23, 2024 11:08:32.631711960 CET606246780192.168.2.1395.234.158.87
                      Nov 23, 2024 11:08:32.751522064 CET67806062495.234.158.87192.168.2.13
                      Nov 23, 2024 11:08:32.751651049 CET606246780192.168.2.1395.234.158.87
                      Nov 23, 2024 11:08:33.634695053 CET606246780192.168.2.1395.234.158.87
                      Nov 23, 2024 11:08:33.754694939 CET67806062495.234.158.87192.168.2.13
                      Nov 23, 2024 11:08:33.947460890 CET67806062495.234.158.87192.168.2.13
                      Nov 23, 2024 11:08:33.947562933 CET606246780192.168.2.1395.234.158.87
                      Nov 23, 2024 11:08:33.947562933 CET606246780192.168.2.1395.234.158.87
                      Nov 23, 2024 11:08:33.947618008 CET67806062495.234.158.87192.168.2.13
                      Nov 23, 2024 11:08:33.947658062 CET606246780192.168.2.1395.234.158.87
                      Nov 23, 2024 11:08:34.068540096 CET67806062495.234.158.87192.168.2.13
                      Nov 23, 2024 11:08:38.949497938 CET606266780192.168.2.1395.234.158.87
                      Nov 23, 2024 11:08:39.069284916 CET67806062695.234.158.87192.168.2.13
                      Nov 23, 2024 11:08:39.069401979 CET606266780192.168.2.1395.234.158.87
                      Nov 23, 2024 11:08:39.953413010 CET606266780192.168.2.1395.234.158.87
                      Nov 23, 2024 11:08:40.073272943 CET67806062695.234.158.87192.168.2.13
                      Nov 23, 2024 11:08:40.228394032 CET67806062695.234.158.87192.168.2.13
                      Nov 23, 2024 11:08:40.228524923 CET606266780192.168.2.1395.234.158.87
                      Nov 23, 2024 11:08:40.228614092 CET606266780192.168.2.1395.234.158.87
                      Nov 23, 2024 11:08:40.229417086 CET67806062695.234.158.87192.168.2.13
                      Nov 23, 2024 11:08:40.229448080 CET606266780192.168.2.1395.234.158.87
                      Nov 23, 2024 11:08:40.348675966 CET67806062695.234.158.87192.168.2.13
                      Nov 23, 2024 11:08:45.275162935 CET606286780192.168.2.1395.234.158.87
                      Nov 23, 2024 11:08:45.394958019 CET67806062895.234.158.87192.168.2.13
                      Nov 23, 2024 11:08:45.395081043 CET606286780192.168.2.1395.234.158.87
                      Nov 23, 2024 11:08:46.313333035 CET606286780192.168.2.1395.234.158.87
                      Nov 23, 2024 11:08:46.433437109 CET67806062895.234.158.87192.168.2.13
                      Nov 23, 2024 11:08:46.636065960 CET67806062895.234.158.87192.168.2.13
                      Nov 23, 2024 11:08:46.636137962 CET606286780192.168.2.1395.234.158.87
                      Nov 23, 2024 11:08:46.743150949 CET67806062895.234.158.87192.168.2.13
                      Nov 23, 2024 11:08:46.743196011 CET67806062895.234.158.87192.168.2.13
                      Nov 23, 2024 11:08:46.743220091 CET606286780192.168.2.1395.234.158.87
                      Nov 23, 2024 11:08:46.743294954 CET606286780192.168.2.1395.234.158.87
                      Nov 23, 2024 11:08:46.865250111 CET67806062895.234.158.87192.168.2.13
                      Nov 23, 2024 11:08:51.745418072 CET606306780192.168.2.1395.234.158.87
                      Nov 23, 2024 11:08:51.865339041 CET67806063095.234.158.87192.168.2.13
                      Nov 23, 2024 11:08:51.865474939 CET606306780192.168.2.1395.234.158.87
                      Nov 23, 2024 11:08:52.749526024 CET606306780192.168.2.1395.234.158.87
                      Nov 23, 2024 11:08:52.869527102 CET67806063095.234.158.87192.168.2.13
                      Nov 23, 2024 11:08:53.007698059 CET67806063095.234.158.87192.168.2.13
                      Nov 23, 2024 11:08:53.007783890 CET606306780192.168.2.1395.234.158.87
                      Nov 23, 2024 11:08:53.007910013 CET606306780192.168.2.1395.234.158.87
                      Nov 23, 2024 11:08:53.007936954 CET67806063095.234.158.87192.168.2.13
                      Nov 23, 2024 11:08:53.008048058 CET606306780192.168.2.1395.234.158.87
                      Nov 23, 2024 11:08:53.127769947 CET67806063095.234.158.87192.168.2.13
                      Nov 23, 2024 11:08:58.041222095 CET606326780192.168.2.1395.234.158.87
                      Nov 23, 2024 11:08:58.160803080 CET67806063295.234.158.87192.168.2.13
                      Nov 23, 2024 11:08:58.160885096 CET606326780192.168.2.1395.234.158.87
                      Nov 23, 2024 11:08:59.108608961 CET606326780192.168.2.1395.234.158.87
                      Nov 23, 2024 11:08:59.228344917 CET67806063295.234.158.87192.168.2.13
                      Nov 23, 2024 11:08:59.330256939 CET67806063295.234.158.87192.168.2.13
                      Nov 23, 2024 11:08:59.330297947 CET606326780192.168.2.1395.234.158.87
                      Nov 23, 2024 11:08:59.330328941 CET606326780192.168.2.1395.234.158.87
                      Nov 23, 2024 11:08:59.330462933 CET67806063295.234.158.87192.168.2.13
                      Nov 23, 2024 11:08:59.330504894 CET606326780192.168.2.1395.234.158.87
                      Nov 23, 2024 11:08:59.450020075 CET67806063295.234.158.87192.168.2.13
                      Nov 23, 2024 11:09:04.332273006 CET606346780192.168.2.1395.234.158.87
                      Nov 23, 2024 11:09:04.451992035 CET67806063495.234.158.87192.168.2.13
                      Nov 23, 2024 11:09:04.452166080 CET606346780192.168.2.1395.234.158.87
                      Nov 23, 2024 11:09:05.335153103 CET606346780192.168.2.1395.234.158.87
                      Nov 23, 2024 11:09:05.454839945 CET67806063495.234.158.87192.168.2.13
                      Nov 23, 2024 11:09:05.586550951 CET67806063495.234.158.87192.168.2.13
                      Nov 23, 2024 11:09:05.586636066 CET67806063495.234.158.87192.168.2.13
                      Nov 23, 2024 11:09:05.586671114 CET606346780192.168.2.1395.234.158.87
                      Nov 23, 2024 11:09:05.586671114 CET606346780192.168.2.1395.234.158.87
                      Nov 23, 2024 11:09:05.586671114 CET606346780192.168.2.1395.234.158.87
                      Nov 23, 2024 11:09:05.706525087 CET67806063495.234.158.87192.168.2.13
                      Nov 23, 2024 11:09:10.588603973 CET606366780192.168.2.1395.234.158.87
                      Nov 23, 2024 11:09:10.708343983 CET67806063695.234.158.87192.168.2.13
                      Nov 23, 2024 11:09:10.708437920 CET606366780192.168.2.1395.234.158.87
                      Nov 23, 2024 11:09:11.592549086 CET606366780192.168.2.1395.234.158.87
                      Nov 23, 2024 11:09:11.712150097 CET67806063695.234.158.87192.168.2.13
                      Nov 23, 2024 11:09:11.817121029 CET67806063695.234.158.87192.168.2.13
                      Nov 23, 2024 11:09:11.817173004 CET606366780192.168.2.1395.234.158.87
                      Nov 23, 2024 11:09:11.817217112 CET67806063695.234.158.87192.168.2.13
                      Nov 23, 2024 11:09:11.817239046 CET606366780192.168.2.1395.234.158.87
                      Nov 23, 2024 11:09:11.817292929 CET606366780192.168.2.1395.234.158.87
                      Nov 23, 2024 11:09:11.936758995 CET67806063695.234.158.87192.168.2.13
                      Nov 23, 2024 11:09:16.819010019 CET606386780192.168.2.1395.234.158.87
                      Nov 23, 2024 11:09:16.941067934 CET67806063895.234.158.87192.168.2.13
                      Nov 23, 2024 11:09:16.941195965 CET606386780192.168.2.1395.234.158.87
                      Nov 23, 2024 11:09:17.822354078 CET606386780192.168.2.1395.234.158.87
                      Nov 23, 2024 11:09:17.942038059 CET67806063895.234.158.87192.168.2.13
                      Nov 23, 2024 11:09:18.110860109 CET67806063895.234.158.87192.168.2.13
                      Nov 23, 2024 11:09:18.110939026 CET67806063895.234.158.87192.168.2.13
                      Nov 23, 2024 11:09:18.111109972 CET606386780192.168.2.1395.234.158.87
                      Nov 23, 2024 11:09:18.111241102 CET606386780192.168.2.1395.234.158.87
                      Nov 23, 2024 11:09:18.231328011 CET67806063895.234.158.87192.168.2.13

                      UDP Packets

                      TimestampSource PortDest PortSource IPDest IP
                      Nov 23, 2024 11:07:18.661796093 CET5482053192.168.2.131.1.1.1
                      Nov 23, 2024 11:07:18.661914110 CET4244353192.168.2.131.1.1.1
                      Nov 23, 2024 11:07:18.800683022 CET53424431.1.1.1192.168.2.13
                      Nov 23, 2024 11:07:18.883739948 CET53548201.1.1.1192.168.2.13

                      DNS Queries

                      TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                      Nov 23, 2024 11:07:18.661796093 CET192.168.2.131.1.1.10x75deStandard query (0)daisy.ubuntu.comA (IP address)IN (0x0001)false
                      Nov 23, 2024 11:07:18.661914110 CET192.168.2.131.1.1.10xe598Standard query (0)daisy.ubuntu.com28IN (0x0001)false

                      DNS Answers

                      TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                      Nov 23, 2024 11:07:18.883739948 CET1.1.1.1192.168.2.130x75deNo error (0)daisy.ubuntu.com162.213.35.24A (IP address)IN (0x0001)false
                      Nov 23, 2024 11:07:18.883739948 CET1.1.1.1192.168.2.130x75deNo error (0)daisy.ubuntu.com162.213.35.25A (IP address)IN (0x0001)false

                      IRC Packets

                      TimestampSource PortDest PortSource IPDest IPCommands
                      Nov 23, 2024 11:07:18.042795897 CET606006780192.168.2.1395.234.158.87NICK [OSX|ARM3]ET1x
                      USER ET1x localhost localhost :ET1x
                      Nov 23, 2024 11:07:24.552851915 CET606026780192.168.2.1395.234.158.87NICK [OSX|ARM3]ET1x
                      USER ET1x localhost localhost :ET1x
                      Nov 23, 2024 11:07:30.876358986 CET606046780192.168.2.1395.234.158.87NICK [OSX|ARM3]ET1x
                      USER ET1x localhost localhost :ET1x
                      Nov 23, 2024 11:07:37.162693024 CET606066780192.168.2.1395.234.158.87NICK [OSX|ARM3]ET1x
                      USER ET1x localhost localhost :ET1x
                      Nov 23, 2024 11:07:43.439234972 CET606086780192.168.2.1395.234.158.87NICK [OSX|ARM3]ET1x
                      USER ET1x localhost localhost :ET1x
                      Nov 23, 2024 11:07:49.717683077 CET606106780192.168.2.1395.234.158.87NICK [OSX|ARM3]ET1x
                      USER ET1x localhost localhost :ET1x
                      Nov 23, 2024 11:07:55.985893965 CET606126780192.168.2.1395.234.158.87NICK [OSX|ARM3]ET1x
                      USER ET1x localhost localhost :ET1x
                      Nov 23, 2024 11:08:02.271133900 CET606146780192.168.2.1395.234.158.87NICK [OSX|ARM3]ET1x
                      USER ET1x localhost localhost :ET1x
                      Nov 23, 2024 11:08:08.681257963 CET606166780192.168.2.1395.234.158.87NICK [OSX|ARM3]ET1x
                      USER ET1x localhost localhost :ET1x
                      Nov 23, 2024 11:08:14.838478088 CET606186780192.168.2.1395.234.158.87NICK [OSX|ARM3]ET1x
                      USER ET1x localhost localhost :ET1x
                      Nov 23, 2024 11:08:21.085664988 CET606206780192.168.2.1395.234.158.87NICK [OSX|ARM3]ET1x
                      USER ET1x localhost localhost :ET1x
                      Nov 23, 2024 11:08:27.406371117 CET606226780192.168.2.1395.234.158.87NICK [OSX|ARM3]ET1x
                      USER ET1x localhost localhost :ET1x
                      Nov 23, 2024 11:08:33.634695053 CET606246780192.168.2.1395.234.158.87NICK [OSX|ARM3]ET1x
                      USER ET1x localhost localhost :ET1x
                      Nov 23, 2024 11:08:39.953413010 CET606266780192.168.2.1395.234.158.87NICK [OSX|ARM3]ET1x
                      USER ET1x localhost localhost :ET1x
                      Nov 23, 2024 11:08:46.313333035 CET606286780192.168.2.1395.234.158.87NICK [OSX|ARM3]ET1x
                      USER ET1x localhost localhost :ET1x
                      Nov 23, 2024 11:08:52.749526024 CET606306780192.168.2.1395.234.158.87NICK [OSX|ARM3]ET1x
                      USER ET1x localhost localhost :ET1x
                      Nov 23, 2024 11:08:59.108608961 CET606326780192.168.2.1395.234.158.87NICK [OSX|ARM3]ET1x
                      USER ET1x localhost localhost :ET1x
                      Nov 23, 2024 11:09:05.335153103 CET606346780192.168.2.1395.234.158.87NICK [OSX|ARM3]ET1x
                      USER ET1x localhost localhost :ET1x
                      Nov 23, 2024 11:09:11.592549086 CET606366780192.168.2.1395.234.158.87NICK [OSX|ARM3]ET1x
                      USER ET1x localhost localhost :ET1x
                      Nov 23, 2024 11:09:17.822354078 CET606386780192.168.2.1395.234.158.87NICK [OSX|ARM3]ET1x
                      USER ET1x localhost localhost :ET1x

                      System Behavior

                      General

                      Start time (UTC):10:07:16
                      Start date (UTC):23/11/2024
                      Path:/tmp/yakuza.arm4.elf
                      Arguments:/tmp/yakuza.arm4.elf
                      File size:4956856 bytes
                      MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                      Chronological Activities


                      General

                      Start time (UTC):10:07:16
                      Start date (UTC):23/11/2024
                      Path:/tmp/yakuza.arm4.elf
                      Arguments:-
                      File size:4956856 bytes
                      MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                      Chronological Activities


                      General

                      Start time (UTC):10:07:16
                      Start date (UTC):23/11/2024
                      Path:/tmp/yakuza.arm4.elf
                      Arguments:-
                      File size:4956856 bytes
                      MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                      Chronological Activities


                      General

                      Start time (UTC):10:07:16
                      Start date (UTC):23/11/2024
                      Path:/tmp/yakuza.arm4.elf
                      Arguments:-
                      File size:4956856 bytes
                      MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                      Chronological Activities


                      General

                      Start time (UTC):10:07:16
                      Start date (UTC):23/11/2024
                      Path:/tmp/yakuza.arm4.elf
                      Arguments:-
                      File size:4956856 bytes
                      MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                      Chronological Activities


                      General

                      Start time (UTC):10:07:16
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:sh -c "pkill -9 902i13 || busybox pkill -9 902i13"
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      Chronological Activities


                      General

                      Start time (UTC):10:07:16
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:-
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      Chronological Activities


                      General

                      Start time (UTC):10:07:16
                      Start date (UTC):23/11/2024
                      Path:/usr/bin/pkill
                      Arguments:pkill -9 902i13
                      File size:30968 bytes
                      MD5 hash:fa96a75a08109d8842e4865b2907d51f

                      Chronological Activities


                      General

                      Start time (UTC):10:07:19
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:-
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      Chronological Activities


                      General

                      Start time (UTC):10:07:19
                      Start date (UTC):23/11/2024
                      Path:/usr/bin/busybox
                      Arguments:busybox pkill -9 902i13
                      File size:2172376 bytes
                      MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                      Chronological Activities


                      General

                      Start time (UTC):10:07:20
                      Start date (UTC):23/11/2024
                      Path:/tmp/yakuza.arm4.elf
                      Arguments:-
                      File size:4956856 bytes
                      MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                      Chronological Activities


                      General

                      Start time (UTC):10:07:20
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:sh -c "pkill -9 BzSxLxBxeY || busybox pkill -9 BzSxLxBxeY"
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      Chronological Activities


                      General

                      Start time (UTC):10:07:20
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:-
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      Chronological Activities


                      General

                      Start time (UTC):10:07:20
                      Start date (UTC):23/11/2024
                      Path:/usr/bin/pkill
                      Arguments:pkill -9 BzSxLxBxeY
                      File size:30968 bytes
                      MD5 hash:fa96a75a08109d8842e4865b2907d51f

                      Chronological Activities


                      General

                      Start time (UTC):10:07:22
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:-
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      Chronological Activities


                      General

                      Start time (UTC):10:07:22
                      Start date (UTC):23/11/2024
                      Path:/usr/bin/busybox
                      Arguments:busybox pkill -9 BzSxLxBxeY
                      File size:2172376 bytes
                      MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                      Chronological Activities


                      General

                      Start time (UTC):10:07:23
                      Start date (UTC):23/11/2024
                      Path:/tmp/yakuza.arm4.elf
                      Arguments:-
                      File size:4956856 bytes
                      MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                      Chronological Activities


                      General

                      Start time (UTC):10:07:23
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:sh -c "pkill -9 HOHO-LUGO7 || busybox pkill -9 HOHO-LUGO7"
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      Chronological Activities


                      General

                      Start time (UTC):10:07:23
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:-
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      Chronological Activities


                      General

                      Start time (UTC):10:07:23
                      Start date (UTC):23/11/2024
                      Path:/usr/bin/pkill
                      Arguments:pkill -9 HOHO-LUGO7
                      File size:30968 bytes
                      MD5 hash:fa96a75a08109d8842e4865b2907d51f

                      Chronological Activities


                      General

                      Start time (UTC):10:07:24
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:-
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      Chronological Activities


                      General

                      Start time (UTC):10:07:24
                      Start date (UTC):23/11/2024
                      Path:/usr/bin/busybox
                      Arguments:busybox pkill -9 HOHO-LUGO7
                      File size:2172376 bytes
                      MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                      Chronological Activities


                      General

                      Start time (UTC):10:07:25
                      Start date (UTC):23/11/2024
                      Path:/tmp/yakuza.arm4.elf
                      Arguments:-
                      File size:4956856 bytes
                      MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                      Chronological Activities


                      General

                      Start time (UTC):10:07:25
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:sh -c "pkill -9 HOHO-U79OL || busybox pkill -9 HOHO-U79OL"
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      Chronological Activities


                      General

                      Start time (UTC):10:07:26
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:-
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      Chronological Activities


                      General

                      Start time (UTC):10:07:26
                      Start date (UTC):23/11/2024
                      Path:/usr/bin/pkill
                      Arguments:pkill -9 HOHO-U79OL
                      File size:30968 bytes
                      MD5 hash:fa96a75a08109d8842e4865b2907d51f

                      Chronological Activities


                      General

                      Start time (UTC):10:07:27
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:-
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      Chronological Activities


                      General

                      Start time (UTC):10:07:27
                      Start date (UTC):23/11/2024
                      Path:/usr/bin/busybox
                      Arguments:busybox pkill -9 HOHO-U79OL
                      File size:2172376 bytes
                      MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                      Chronological Activities


                      General

                      Start time (UTC):10:07:28
                      Start date (UTC):23/11/2024
                      Path:/tmp/yakuza.arm4.elf
                      Arguments:-
                      File size:4956856 bytes
                      MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                      Chronological Activities


                      General

                      Start time (UTC):10:07:28
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:sh -c "pkill -9 JuYfouyf87 || busybox pkill -9 JuYfouyf87"
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      Chronological Activities


                      General

                      Start time (UTC):10:07:28
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:-
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      Chronological Activities


                      General

                      Start time (UTC):10:07:28
                      Start date (UTC):23/11/2024
                      Path:/usr/bin/pkill
                      Arguments:pkill -9 JuYfouyf87
                      File size:30968 bytes
                      MD5 hash:fa96a75a08109d8842e4865b2907d51f

                      Chronological Activities


                      General

                      Start time (UTC):10:07:29
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:-
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      Chronological Activities


                      General

                      Start time (UTC):10:07:29
                      Start date (UTC):23/11/2024
                      Path:/usr/bin/busybox
                      Arguments:busybox pkill -9 JuYfouyf87
                      File size:2172376 bytes
                      MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                      Chronological Activities


                      General

                      Start time (UTC):10:07:30
                      Start date (UTC):23/11/2024
                      Path:/tmp/yakuza.arm4.elf
                      Arguments:-
                      File size:4956856 bytes
                      MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                      Chronological Activities


                      General

                      Start time (UTC):10:07:30
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:sh -c "pkill -9 NiGGeR69xd || busybox pkill -9 NiGGeR69xd"
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      Chronological Activities


                      General

                      Start time (UTC):10:07:30
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:-
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      Chronological Activities


                      General

                      Start time (UTC):10:07:30
                      Start date (UTC):23/11/2024
                      Path:/usr/bin/pkill
                      Arguments:pkill -9 NiGGeR69xd
                      File size:30968 bytes
                      MD5 hash:fa96a75a08109d8842e4865b2907d51f

                      Chronological Activities


                      General

                      Start time (UTC):10:07:32
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:-
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      Chronological Activities


                      General

                      Start time (UTC):10:07:32
                      Start date (UTC):23/11/2024
                      Path:/usr/bin/busybox
                      Arguments:busybox pkill -9 NiGGeR69xd
                      File size:2172376 bytes
                      MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                      Chronological Activities


                      General

                      Start time (UTC):10:07:33
                      Start date (UTC):23/11/2024
                      Path:/tmp/yakuza.arm4.elf
                      Arguments:-
                      File size:4956856 bytes
                      MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                      Chronological Activities


                      General

                      Start time (UTC):10:07:33
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:sh -c "pkill -9 SO190Ij1X || busybox pkill -9 SO190Ij1X"
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      Chronological Activities


                      General

                      Start time (UTC):10:07:33
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:-
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      Chronological Activities


                      General

                      Start time (UTC):10:07:33
                      Start date (UTC):23/11/2024
                      Path:/usr/bin/pkill
                      Arguments:pkill -9 SO190Ij1X
                      File size:30968 bytes
                      MD5 hash:fa96a75a08109d8842e4865b2907d51f

                      Chronological Activities


                      General

                      Start time (UTC):10:07:34
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:-
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      Chronological Activities


                      General

                      Start time (UTC):10:07:34
                      Start date (UTC):23/11/2024
                      Path:/usr/bin/busybox
                      Arguments:busybox pkill -9 SO190Ij1X
                      File size:2172376 bytes
                      MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                      Chronological Activities


                      General

                      Start time (UTC):10:07:35
                      Start date (UTC):23/11/2024
                      Path:/tmp/yakuza.arm4.elf
                      Arguments:-
                      File size:4956856 bytes
                      MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                      Chronological Activities


                      General

                      Start time (UTC):10:07:35
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:sh -c "pkill -9 LOLKIKEEEDDE || busybox pkill -9 LOLKIKEEEDDE"
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      Chronological Activities


                      General

                      Start time (UTC):10:07:35
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:-
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      Chronological Activities


                      General

                      Start time (UTC):10:07:35
                      Start date (UTC):23/11/2024
                      Path:/usr/bin/pkill
                      Arguments:pkill -9 LOLKIKEEEDDE
                      File size:30968 bytes
                      MD5 hash:fa96a75a08109d8842e4865b2907d51f

                      Chronological Activities


                      General

                      Start time (UTC):10:07:36
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:-
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      Chronological Activities


                      General

                      Start time (UTC):10:07:36
                      Start date (UTC):23/11/2024
                      Path:/usr/bin/busybox
                      Arguments:busybox pkill -9 LOLKIKEEEDDE
                      File size:2172376 bytes
                      MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                      Chronological Activities


                      General

                      Start time (UTC):10:07:37
                      Start date (UTC):23/11/2024
                      Path:/tmp/yakuza.arm4.elf
                      Arguments:-
                      File size:4956856 bytes
                      MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                      Chronological Activities


                      General

                      Start time (UTC):10:07:37
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:sh -c "pkill -9 ekjheory98e || busybox pkill -9 ekjheory98e"
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      Chronological Activities


                      General

                      Start time (UTC):10:07:37
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:-
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      Chronological Activities


                      General

                      Start time (UTC):10:07:37
                      Start date (UTC):23/11/2024
                      Path:/usr/bin/pkill
                      Arguments:pkill -9 ekjheory98e
                      File size:30968 bytes
                      MD5 hash:fa96a75a08109d8842e4865b2907d51f

                      Chronological Activities


                      General

                      Start time (UTC):10:07:38
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:-
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      Chronological Activities


                      General

                      Start time (UTC):10:07:38
                      Start date (UTC):23/11/2024
                      Path:/usr/bin/busybox
                      Arguments:busybox pkill -9 ekjheory98e
                      File size:2172376 bytes
                      MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                      Chronological Activities


                      General

                      Start time (UTC):10:07:39
                      Start date (UTC):23/11/2024
                      Path:/tmp/yakuza.arm4.elf
                      Arguments:-
                      File size:4956856 bytes
                      MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                      Chronological Activities


                      General

                      Start time (UTC):10:07:39
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:sh -c "pkill -9 scansh4 || busybox pkill -9 scansh4"
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      Chronological Activities


                      General

                      Start time (UTC):10:07:40
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:-
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      Chronological Activities


                      General

                      Start time (UTC):10:07:40
                      Start date (UTC):23/11/2024
                      Path:/usr/bin/pkill
                      Arguments:pkill -9 scansh4
                      File size:30968 bytes
                      MD5 hash:fa96a75a08109d8842e4865b2907d51f

                      Chronological Activities


                      General

                      Start time (UTC):10:07:41
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:-
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      Chronological Activities


                      General

                      Start time (UTC):10:07:41
                      Start date (UTC):23/11/2024
                      Path:/usr/bin/busybox
                      Arguments:busybox pkill -9 scansh4
                      File size:2172376 bytes
                      MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                      Chronological Activities


                      General

                      Start time (UTC):10:07:42
                      Start date (UTC):23/11/2024
                      Path:/tmp/yakuza.arm4.elf
                      Arguments:-
                      File size:4956856 bytes
                      MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                      Chronological Activities


                      General

                      Start time (UTC):10:07:42
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:sh -c "pkill -9 MDMA || busybox pkill -9 MDMA"
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      Chronological Activities


                      General

                      Start time (UTC):10:07:42
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:-
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      Chronological Activities


                      General

                      Start time (UTC):10:07:42
                      Start date (UTC):23/11/2024
                      Path:/usr/bin/pkill
                      Arguments:pkill -9 MDMA
                      File size:30968 bytes
                      MD5 hash:fa96a75a08109d8842e4865b2907d51f

                      Chronological Activities


                      General

                      Start time (UTC):10:07:43
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:-
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      Chronological Activities


                      General

                      Start time (UTC):10:07:43
                      Start date (UTC):23/11/2024
                      Path:/usr/bin/busybox
                      Arguments:busybox pkill -9 MDMA
                      File size:2172376 bytes
                      MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                      Chronological Activities


                      General

                      Start time (UTC):10:07:44
                      Start date (UTC):23/11/2024
                      Path:/tmp/yakuza.arm4.elf
                      Arguments:-
                      File size:4956856 bytes
                      MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                      Chronological Activities


                      General

                      Start time (UTC):10:07:44
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:sh -c "pkill -9 fdevalvex || busybox pkill -9 fdevalvex"
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      Chronological Activities


                      General

                      Start time (UTC):10:07:44
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:-
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      Chronological Activities


                      General

                      Start time (UTC):10:07:44
                      Start date (UTC):23/11/2024
                      Path:/usr/bin/pkill
                      Arguments:pkill -9 fdevalvex
                      File size:30968 bytes
                      MD5 hash:fa96a75a08109d8842e4865b2907d51f

                      Chronological Activities


                      General

                      Start time (UTC):10:07:45
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:-
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      Chronological Activities


                      General

                      Start time (UTC):10:07:45
                      Start date (UTC):23/11/2024
                      Path:/usr/bin/busybox
                      Arguments:busybox pkill -9 fdevalvex
                      File size:2172376 bytes
                      MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                      Chronological Activities


                      General

                      Start time (UTC):10:07:46
                      Start date (UTC):23/11/2024
                      Path:/tmp/yakuza.arm4.elf
                      Arguments:-
                      File size:4956856 bytes
                      MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                      Chronological Activities


                      General

                      Start time (UTC):10:07:46
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:sh -c "pkill -9 scanspc || busybox pkill -9 scanspc"
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      Chronological Activities


                      General

                      Start time (UTC):10:07:46
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:-
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      Chronological Activities


                      General

                      Start time (UTC):10:07:46
                      Start date (UTC):23/11/2024
                      Path:/usr/bin/pkill
                      Arguments:pkill -9 scanspc
                      File size:30968 bytes
                      MD5 hash:fa96a75a08109d8842e4865b2907d51f

                      Chronological Activities


                      General

                      Start time (UTC):10:07:48
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:-
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      Chronological Activities


                      General

                      Start time (UTC):10:07:48
                      Start date (UTC):23/11/2024
                      Path:/usr/bin/busybox
                      Arguments:busybox pkill -9 scanspc
                      File size:2172376 bytes
                      MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                      Chronological Activities


                      General

                      Start time (UTC):10:07:49
                      Start date (UTC):23/11/2024
                      Path:/tmp/yakuza.arm4.elf
                      Arguments:-
                      File size:4956856 bytes
                      MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                      Chronological Activities


                      General

                      Start time (UTC):10:07:49
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:sh -c "pkill -9 MELTEDNINJAREALZ || busybox pkill -9 MELTEDNINJAREALZ"
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      Chronological Activities


                      General

                      Start time (UTC):10:07:49
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:-
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      Chronological Activities


                      General

                      Start time (UTC):10:07:49
                      Start date (UTC):23/11/2024
                      Path:/usr/bin/pkill
                      Arguments:pkill -9 MELTEDNINJAREALZ
                      File size:30968 bytes
                      MD5 hash:fa96a75a08109d8842e4865b2907d51f

                      Chronological Activities


                      General

                      Start time (UTC):10:07:50
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:-
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      Chronological Activities


                      General

                      Start time (UTC):10:07:50
                      Start date (UTC):23/11/2024
                      Path:/usr/bin/busybox
                      Arguments:busybox pkill -9 MELTEDNINJAREALZ
                      File size:2172376 bytes
                      MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                      Chronological Activities


                      General

                      Start time (UTC):10:07:51
                      Start date (UTC):23/11/2024
                      Path:/tmp/yakuza.arm4.elf
                      Arguments:-
                      File size:4956856 bytes
                      MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                      Chronological Activities


                      General

                      Start time (UTC):10:07:51
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:sh -c "pkill -9 flexsonskids || busybox pkill -9 flexsonskids"
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      Chronological Activities


                      General

                      Start time (UTC):10:07:51
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:-
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      Chronological Activities


                      General

                      Start time (UTC):10:07:51
                      Start date (UTC):23/11/2024
                      Path:/usr/bin/pkill
                      Arguments:pkill -9 flexsonskids
                      File size:30968 bytes
                      MD5 hash:fa96a75a08109d8842e4865b2907d51f

                      Chronological Activities


                      General

                      Start time (UTC):10:07:52
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:-
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      General

                      Start time (UTC):10:07:52
                      Start date (UTC):23/11/2024
                      Path:/usr/bin/busybox
                      Arguments:busybox pkill -9 flexsonskids
                      File size:2172376 bytes
                      MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                      General

                      Start time (UTC):10:07:53
                      Start date (UTC):23/11/2024
                      Path:/tmp/yakuza.arm4.elf
                      Arguments:-
                      File size:4956856 bytes
                      MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                      General

                      Start time (UTC):10:07:53
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:sh -c "pkill -9 scanx86 || busybox pkill -9 scanx86"
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      General

                      Start time (UTC):10:07:53
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:-
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      General

                      Start time (UTC):10:07:53
                      Start date (UTC):23/11/2024
                      Path:/usr/bin/pkill
                      Arguments:pkill -9 scanx86
                      File size:30968 bytes
                      MD5 hash:fa96a75a08109d8842e4865b2907d51f

                      General

                      Start time (UTC):10:07:54
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:-
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      General

                      Start time (UTC):10:07:54
                      Start date (UTC):23/11/2024
                      Path:/usr/bin/busybox
                      Arguments:busybox pkill -9 scanx86
                      File size:2172376 bytes
                      MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                      General

                      Start time (UTC):10:07:55
                      Start date (UTC):23/11/2024
                      Path:/tmp/yakuza.arm4.elf
                      Arguments:-
                      File size:4956856 bytes
                      MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                      General

                      Start time (UTC):10:07:55
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:sh -c "pkill -9 MISAKI-U79OL || busybox pkill -9 MISAKI-U79OL"
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      General

                      Start time (UTC):10:07:55
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:-
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      General

                      Start time (UTC):10:07:55
                      Start date (UTC):23/11/2024
                      Path:/usr/bin/pkill
                      Arguments:pkill -9 MISAKI-U79OL
                      File size:30968 bytes
                      MD5 hash:fa96a75a08109d8842e4865b2907d51f

                      General

                      Start time (UTC):10:07:56
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:-
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      General

                      Start time (UTC):10:07:56
                      Start date (UTC):23/11/2024
                      Path:/usr/bin/busybox
                      Arguments:busybox pkill -9 MISAKI-U79OL
                      File size:2172376 bytes
                      MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                      General

                      Start time (UTC):10:07:57
                      Start date (UTC):23/11/2024
                      Path:/tmp/yakuza.arm4.elf
                      Arguments:-
                      File size:4956856 bytes
                      MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                      General

                      Start time (UTC):10:07:57
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:sh -c "pkill -9 foAxi102kxe || busybox pkill -9 foAxi102kxe"
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      General

                      Start time (UTC):10:07:57
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:-
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      General

                      Start time (UTC):10:07:57
                      Start date (UTC):23/11/2024
                      Path:/usr/bin/pkill
                      Arguments:pkill -9 foAxi102kxe
                      File size:30968 bytes
                      MD5 hash:fa96a75a08109d8842e4865b2907d51f

                      General

                      Start time (UTC):10:07:59
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:-
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      General

                      Start time (UTC):10:07:59
                      Start date (UTC):23/11/2024
                      Path:/usr/bin/busybox
                      Arguments:busybox pkill -9 foAxi102kxe
                      File size:2172376 bytes
                      MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                      General

                      Start time (UTC):10:08:00
                      Start date (UTC):23/11/2024
                      Path:/tmp/yakuza.arm4.elf
                      Arguments:-
                      File size:4956856 bytes
                      MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                      General

                      Start time (UTC):10:08:00
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:sh -c "pkill -9 swodjwodjwoj || busybox pkill -9 swodjwodjwoj"
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      General

                      Start time (UTC):10:08:00
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:-
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      General

                      Start time (UTC):10:08:00
                      Start date (UTC):23/11/2024
                      Path:/usr/bin/pkill
                      Arguments:pkill -9 swodjwodjwoj
                      File size:30968 bytes
                      MD5 hash:fa96a75a08109d8842e4865b2907d51f

                      General

                      Start time (UTC):10:08:01
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:-
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      General

                      Start time (UTC):10:08:01
                      Start date (UTC):23/11/2024
                      Path:/usr/bin/busybox
                      Arguments:busybox pkill -9 swodjwodjwoj
                      File size:2172376 bytes
                      MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                      General

                      Start time (UTC):10:08:02
                      Start date (UTC):23/11/2024
                      Path:/tmp/yakuza.arm4.elf
                      Arguments:-
                      File size:4956856 bytes
                      MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                      General

                      Start time (UTC):10:08:02
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:sh -c "pkill -9 MmKiy7f87l || busybox pkill -9 MmKiy7f87l"
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      General

                      Start time (UTC):10:08:02
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:-
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      General

                      Start time (UTC):10:08:02
                      Start date (UTC):23/11/2024
                      Path:/usr/bin/pkill
                      Arguments:pkill -9 MmKiy7f87l
                      File size:30968 bytes
                      MD5 hash:fa96a75a08109d8842e4865b2907d51f

                      General

                      Start time (UTC):10:08:03
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:-
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      General

                      Start time (UTC):10:08:03
                      Start date (UTC):23/11/2024
                      Path:/usr/bin/busybox
                      Arguments:busybox pkill -9 MmKiy7f87l
                      File size:2172376 bytes
                      MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                      General

                      Start time (UTC):10:08:04
                      Start date (UTC):23/11/2024
                      Path:/tmp/yakuza.arm4.elf
                      Arguments:-
                      File size:4956856 bytes
                      MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                      General

                      Start time (UTC):10:08:04
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:sh -c "pkill -9 freecookiex86 || busybox pkill -9 freecookiex86"
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      General

                      Start time (UTC):10:08:04
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:-
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      General

                      Start time (UTC):10:08:04
                      Start date (UTC):23/11/2024
                      Path:/usr/bin/pkill
                      Arguments:pkill -9 freecookiex86
                      File size:30968 bytes
                      MD5 hash:fa96a75a08109d8842e4865b2907d51f

                      General

                      Start time (UTC):10:08:05
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:-
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      General

                      Start time (UTC):10:08:05
                      Start date (UTC):23/11/2024
                      Path:/usr/bin/busybox
                      Arguments:busybox pkill -9 freecookiex86
                      File size:2172376 bytes
                      MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                      General

                      Start time (UTC):10:08:06
                      Start date (UTC):23/11/2024
                      Path:/tmp/yakuza.arm4.elf
                      Arguments:-
                      File size:4956856 bytes
                      MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                      General

                      Start time (UTC):10:08:06
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:sh -c "pkill -9 sysgpu || busybox pkill -9 sysgpu"
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      General

                      Start time (UTC):10:08:06
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:-
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      General

                      Start time (UTC):10:08:06
                      Start date (UTC):23/11/2024
                      Path:/usr/bin/pkill
                      Arguments:pkill -9 sysgpu
                      File size:30968 bytes
                      MD5 hash:fa96a75a08109d8842e4865b2907d51f

                      General

                      Start time (UTC):10:08:07
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:-
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      General

                      Start time (UTC):10:08:07
                      Start date (UTC):23/11/2024
                      Path:/usr/bin/busybox
                      Arguments:busybox pkill -9 sysgpu
                      File size:2172376 bytes
                      MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                      General

                      Start time (UTC):10:08:08
                      Start date (UTC):23/11/2024
                      Path:/tmp/yakuza.arm4.elf
                      Arguments:-
                      File size:4956856 bytes
                      MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                      General

                      Start time (UTC):10:08:08
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:sh -c "pkill -9 NiGGeR69xd || busybox pkill -9 NiGGeR69xd"
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      General

                      Start time (UTC):10:08:08
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:-
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      General

                      Start time (UTC):10:08:08
                      Start date (UTC):23/11/2024
                      Path:/usr/bin/pkill
                      Arguments:pkill -9 NiGGeR69xd
                      File size:30968 bytes
                      MD5 hash:fa96a75a08109d8842e4865b2907d51f

                      General

                      Start time (UTC):10:08:09
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:-
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      General

                      Start time (UTC):10:08:09
                      Start date (UTC):23/11/2024
                      Path:/usr/bin/busybox
                      Arguments:busybox pkill -9 NiGGeR69xd
                      File size:2172376 bytes
                      MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                      General

                      Start time (UTC):10:08:10
                      Start date (UTC):23/11/2024
                      Path:/tmp/yakuza.arm4.elf
                      Arguments:-
                      File size:4956856 bytes
                      MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                      General

                      Start time (UTC):10:08:10
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:sh -c "pkill -9 frgege || busybox pkill -9 frgege"
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      General

                      Start time (UTC):10:08:10
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:-
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      General

                      Start time (UTC):10:08:10
                      Start date (UTC):23/11/2024
                      Path:/usr/bin/pkill
                      Arguments:pkill -9 frgege
                      File size:30968 bytes
                      MD5 hash:fa96a75a08109d8842e4865b2907d51f

                      General

                      Start time (UTC):10:08:11
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:-
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      General

                      Start time (UTC):10:08:11
                      Start date (UTC):23/11/2024
                      Path:/usr/bin/busybox
                      Arguments:busybox pkill -9 frgege
                      File size:2172376 bytes
                      MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                      General

                      Start time (UTC):10:08:12
                      Start date (UTC):23/11/2024
                      Path:/tmp/yakuza.arm4.elf
                      Arguments:-
                      File size:4956856 bytes
                      MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                      General

                      Start time (UTC):10:08:12
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:sh -c "pkill -9 sysupdater || busybox pkill -9 sysupdater"
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      General

                      Start time (UTC):10:08:12
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:-
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      General

                      Start time (UTC):10:08:12
                      Start date (UTC):23/11/2024
                      Path:/usr/bin/pkill
                      Arguments:pkill -9 sysupdater
                      File size:30968 bytes
                      MD5 hash:fa96a75a08109d8842e4865b2907d51f

                      General

                      Start time (UTC):10:08:14
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:-
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      General

                      Start time (UTC):10:08:14
                      Start date (UTC):23/11/2024
                      Path:/usr/bin/busybox
                      Arguments:busybox pkill -9 sysupdater
                      File size:2172376 bytes
                      MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                      General

                      Start time (UTC):10:08:15
                      Start date (UTC):23/11/2024
                      Path:/tmp/yakuza.arm4.elf
                      Arguments:-
                      File size:4956856 bytes
                      MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                      General

                      Start time (UTC):10:08:15
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:sh -c "pkill -9 0DnAzepd || busybox pkill -9 0DnAzepd"
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      General

                      Start time (UTC):10:08:15
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:-
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      General

                      Start time (UTC):10:08:15
                      Start date (UTC):23/11/2024
                      Path:/usr/bin/pkill
                      Arguments:pkill -9 0DnAzepd
                      File size:30968 bytes
                      MD5 hash:fa96a75a08109d8842e4865b2907d51f

                      General

                      Start time (UTC):10:08:16
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:-
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      General

                      Start time (UTC):10:08:16
                      Start date (UTC):23/11/2024
                      Path:/usr/bin/busybox
                      Arguments:busybox pkill -9 0DnAzepd
                      File size:2172376 bytes
                      MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                      General

                      Start time (UTC):10:08:17
                      Start date (UTC):23/11/2024
                      Path:/tmp/yakuza.arm4.elf
                      Arguments:-
                      File size:4956856 bytes
                      MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                      General

                      Start time (UTC):10:08:17
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:sh -c "pkill -9 NiGGeRD0nks69 || busybox pkill -9 NiGGeRD0nks69"
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      General

                      Start time (UTC):10:08:17
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:-
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      General

                      Start time (UTC):10:08:17
                      Start date (UTC):23/11/2024
                      Path:/usr/bin/pkill
                      Arguments:pkill -9 NiGGeRD0nks69
                      File size:30968 bytes
                      MD5 hash:fa96a75a08109d8842e4865b2907d51f

                      General

                      Start time (UTC):10:08:18
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:-
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      General

                      Start time (UTC):10:08:18
                      Start date (UTC):23/11/2024
                      Path:/usr/bin/busybox
                      Arguments:busybox pkill -9 NiGGeRD0nks69
                      File size:2172376 bytes
                      MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                      General

                      Start time (UTC):10:08:19
                      Start date (UTC):23/11/2024
                      Path:/tmp/yakuza.arm4.elf
                      Arguments:-
                      File size:4956856 bytes
                      MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                      General

                      Start time (UTC):10:08:19
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:sh -c "pkill -9 frgreu || busybox pkill -9 frgreu"
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      General

                      Start time (UTC):10:08:19
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:-
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      General

                      Start time (UTC):10:08:19
                      Start date (UTC):23/11/2024
                      Path:/usr/bin/pkill
                      Arguments:pkill -9 frgreu
                      File size:30968 bytes
                      MD5 hash:fa96a75a08109d8842e4865b2907d51f

                      General

                      Start time (UTC):10:08:21
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:-
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      General

                      Start time (UTC):10:08:21
                      Start date (UTC):23/11/2024
                      Path:/usr/bin/busybox
                      Arguments:busybox pkill -9 frgreu
                      File size:2172376 bytes
                      MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                      General

                      Start time (UTC):10:08:22
                      Start date (UTC):23/11/2024
                      Path:/tmp/yakuza.arm4.elf
                      Arguments:-
                      File size:4956856 bytes
                      MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                      General

                      Start time (UTC):10:08:22
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:sh -c "pkill -9 telnetd || busybox pkill -9 telnetd"
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      General

                      Start time (UTC):10:08:22
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:-
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      General

                      Start time (UTC):10:08:22
                      Start date (UTC):23/11/2024
                      Path:/usr/bin/pkill
                      Arguments:pkill -9 telnetd
                      File size:30968 bytes
                      MD5 hash:fa96a75a08109d8842e4865b2907d51f

                      General

                      Start time (UTC):10:08:23
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:-
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      General

                      Start time (UTC):10:08:23
                      Start date (UTC):23/11/2024
                      Path:/usr/bin/busybox
                      Arguments:busybox pkill -9 telnetd
                      File size:2172376 bytes
                      MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                      General

                      Start time (UTC):10:08:24
                      Start date (UTC):23/11/2024
                      Path:/tmp/yakuza.arm4.elf
                      Arguments:-
                      File size:4956856 bytes
                      MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                      General

                      Start time (UTC):10:08:24
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:sh -c "pkill -9 0x766f6964 || busybox pkill -9 0x766f6964"
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      General

                      Start time (UTC):10:08:24
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:-
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      General

                      Start time (UTC):10:08:24
                      Start date (UTC):23/11/2024
                      Path:/usr/bin/pkill
                      Arguments:pkill -9 0x766f6964
                      File size:30968 bytes
                      MD5 hash:fa96a75a08109d8842e4865b2907d51f

                      General

                      Start time (UTC):10:08:25
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:-
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      General

                      Start time (UTC):10:08:25
                      Start date (UTC):23/11/2024
                      Path:/usr/bin/busybox
                      Arguments:busybox pkill -9 0x766f6964
                      File size:2172376 bytes
                      MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                      General

                      Start time (UTC):10:08:26
                      Start date (UTC):23/11/2024
                      Path:/tmp/yakuza.arm4.elf
                      Arguments:-
                      File size:4956856 bytes
                      MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                      General

                      Start time (UTC):10:08:26
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:sh -c "pkill -9 NiGGeRd0nks1337 || busybox pkill -9 NiGGeRd0nks1337"
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      General

                      Start time (UTC):10:08:26
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:-
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      General

                      Start time (UTC):10:08:26
                      Start date (UTC):23/11/2024
                      Path:/usr/bin/pkill
                      Arguments:pkill -9 NiGGeRd0nks1337
                      File size:30968 bytes
                      MD5 hash:fa96a75a08109d8842e4865b2907d51f

                      General

                      Start time (UTC):10:08:27
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:-
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      General

                      Start time (UTC):10:08:27
                      Start date (UTC):23/11/2024
                      Path:/usr/bin/busybox
                      Arguments:busybox pkill -9 NiGGeRd0nks1337
                      File size:2172376 bytes
                      MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                      General

                      Start time (UTC):10:08:28
                      Start date (UTC):23/11/2024
                      Path:/tmp/yakuza.arm4.elf
                      Arguments:-
                      File size:4956856 bytes
                      MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                      General

                      Start time (UTC):10:08:28
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:sh -c "pkill -9 gaft || busybox pkill -9 gaft"
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      General

                      Start time (UTC):10:08:28
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:-
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      General

                      Start time (UTC):10:08:28
                      Start date (UTC):23/11/2024
                      Path:/usr/bin/pkill
                      Arguments:pkill -9 gaft
                      File size:30968 bytes
                      MD5 hash:fa96a75a08109d8842e4865b2907d51f

                      General

                      Start time (UTC):10:08:30
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:-
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      General

                      Start time (UTC):10:08:30
                      Start date (UTC):23/11/2024
                      Path:/usr/bin/busybox
                      Arguments:busybox pkill -9 gaft
                      File size:2172376 bytes
                      MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                      General

                      Start time (UTC):10:08:31
                      Start date (UTC):23/11/2024
                      Path:/tmp/yakuza.arm4.elf
                      Arguments:-
                      File size:4956856 bytes
                      MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                      General

                      Start time (UTC):10:08:31
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:sh -c "pkill -9 urasgbsigboa || busybox pkill -9 urasgbsigboa"
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      General

                      Start time (UTC):10:08:31
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:-
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      General

                      Start time (UTC):10:08:31
                      Start date (UTC):23/11/2024
                      Path:/usr/bin/pkill
                      Arguments:pkill -9 urasgbsigboa
                      File size:30968 bytes
                      MD5 hash:fa96a75a08109d8842e4865b2907d51f

                      General

                      Start time (UTC):10:08:32
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:-
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      General

                      Start time (UTC):10:08:32
                      Start date (UTC):23/11/2024
                      Path:/usr/bin/busybox
                      Arguments:busybox pkill -9 urasgbsigboa
                      File size:2172376 bytes
                      MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                      General

                      Start time (UTC):10:08:33
                      Start date (UTC):23/11/2024
                      Path:/tmp/yakuza.arm4.elf
                      Arguments:-
                      File size:4956856 bytes
                      MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                      General

                      Start time (UTC):10:08:33
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:sh -c "pkill -9 120i3UI49 || busybox pkill -9 120i3UI49"
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      General

                      Start time (UTC):10:08:33
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:-
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      General

                      Start time (UTC):10:08:33
                      Start date (UTC):23/11/2024
                      Path:/usr/bin/pkill
                      Arguments:pkill -9 120i3UI49
                      File size:30968 bytes
                      MD5 hash:fa96a75a08109d8842e4865b2907d51f

                      General

                      Start time (UTC):10:08:34
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:-
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      General

                      Start time (UTC):10:08:34
                      Start date (UTC):23/11/2024
                      Path:/usr/bin/busybox
                      Arguments:busybox pkill -9 120i3UI49
                      File size:2172376 bytes
                      MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                      General

                      Start time (UTC):10:08:35
                      Start date (UTC):23/11/2024
                      Path:/tmp/yakuza.arm4.elf
                      Arguments:-
                      File size:4956856 bytes
                      MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                      General

                      Start time (UTC):10:08:35
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:sh -c "pkill -9 OaF3 || busybox pkill -9 OaF3"
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      General

                      Start time (UTC):10:08:35
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:-
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      General

                      Start time (UTC):10:08:35
                      Start date (UTC):23/11/2024
                      Path:/usr/bin/pkill
                      Arguments:pkill -9 OaF3
                      File size:30968 bytes
                      MD5 hash:fa96a75a08109d8842e4865b2907d51f

                      General

                      Start time (UTC):10:08:36
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:-
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      General

                      Start time (UTC):10:08:36
                      Start date (UTC):23/11/2024
                      Path:/usr/bin/busybox
                      Arguments:busybox pkill -9 OaF3
                      File size:2172376 bytes
                      MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                      General

                      Start time (UTC):10:08:37
                      Start date (UTC):23/11/2024
                      Path:/tmp/yakuza.arm4.elf
                      Arguments:-
                      File size:4956856 bytes
                      MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                      General

                      Start time (UTC):10:08:37
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:sh -c "pkill -9 geae || busybox pkill -9 geae"
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      General

                      Start time (UTC):10:08:38
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:-
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      General

                      Start time (UTC):10:08:38
                      Start date (UTC):23/11/2024
                      Path:/usr/bin/pkill
                      Arguments:pkill -9 geae
                      File size:30968 bytes
                      MD5 hash:fa96a75a08109d8842e4865b2907d51f

                      General

                      Start time (UTC):10:08:39
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:-
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      General

                      Start time (UTC):10:08:39
                      Start date (UTC):23/11/2024
                      Path:/usr/bin/busybox
                      Arguments:busybox pkill -9 geae
                      File size:2172376 bytes
                      MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                      General

                      Start time (UTC):10:08:40
                      Start date (UTC):23/11/2024
                      Path:/tmp/yakuza.arm4.elf
                      Arguments:-
                      File size:4956856 bytes
                      MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                      General

                      Start time (UTC):10:08:40
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:sh -c "pkill -9 vaiolmao || busybox pkill -9 vaiolmao"
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      General

                      Start time (UTC):10:08:40
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:-
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      General

                      Start time (UTC):10:08:40
                      Start date (UTC):23/11/2024
                      Path:/usr/bin/pkill
                      Arguments:pkill -9 vaiolmao
                      File size:30968 bytes
                      MD5 hash:fa96a75a08109d8842e4865b2907d51f

                      General

                      Start time (UTC):10:08:41
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:-
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      General

                      Start time (UTC):10:08:41
                      Start date (UTC):23/11/2024
                      Path:/usr/bin/busybox
                      Arguments:busybox pkill -9 vaiolmao
                      File size:2172376 bytes
                      MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                      General

                      Start time (UTC):10:08:42
                      Start date (UTC):23/11/2024
                      Path:/tmp/yakuza.arm4.elf
                      Arguments:-
                      File size:4956856 bytes
                      MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                      General

                      Start time (UTC):10:08:42
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:sh -c "pkill -9 123123a || busybox pkill -9 123123a"
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      General

                      Start time (UTC):10:08:42
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:-
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      General

                      Start time (UTC):10:08:42
                      Start date (UTC):23/11/2024
                      Path:/usr/bin/pkill
                      Arguments:pkill -9 123123a
                      File size:30968 bytes
                      MD5 hash:fa96a75a08109d8842e4865b2907d51f

                      General

                      Start time (UTC):10:08:43
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:-
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      General

                      Start time (UTC):10:08:43
                      Start date (UTC):23/11/2024
                      Path:/usr/bin/busybox
                      Arguments:busybox pkill -9 123123a
                      File size:2172376 bytes
                      MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                      General

                      Start time (UTC):10:08:44
                      Start date (UTC):23/11/2024
                      Path:/tmp/yakuza.arm4.elf
                      Arguments:-
                      File size:4956856 bytes
                      MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                      General

                      Start time (UTC):10:08:44
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:sh -c "pkill -9 Ofurain0n4H34D || busybox pkill -9 Ofurain0n4H34D"
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      General

                      Start time (UTC):10:08:44
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:-
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      General

                      Start time (UTC):10:08:44
                      Start date (UTC):23/11/2024
                      Path:/usr/bin/pkill
                      Arguments:pkill -9 Ofurain0n4H34D
                      File size:30968 bytes
                      MD5 hash:fa96a75a08109d8842e4865b2907d51f

                      General

                      Start time (UTC):10:08:46
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:-
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      General

                      Start time (UTC):10:08:46
                      Start date (UTC):23/11/2024
                      Path:/usr/bin/busybox
                      Arguments:busybox pkill -9 Ofurain0n4H34D
                      File size:2172376 bytes
                      MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                      General

                      Start time (UTC):10:08:47
                      Start date (UTC):23/11/2024
                      Path:/tmp/yakuza.arm4.elf
                      Arguments:-
                      File size:4956856 bytes
                      MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                      General

                      Start time (UTC):10:08:47
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:sh -c "pkill -9 ggTrex || busybox pkill -9 ggTrex"
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      General

                      Start time (UTC):10:08:47
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:-
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      General

                      Start time (UTC):10:08:47
                      Start date (UTC):23/11/2024
                      Path:/usr/bin/pkill
                      Arguments:pkill -9 ggTrex
                      File size:30968 bytes
                      MD5 hash:fa96a75a08109d8842e4865b2907d51f

                      General

                      Start time (UTC):10:08:48
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:-
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      General

                      Start time (UTC):10:08:48
                      Start date (UTC):23/11/2024
                      Path:/usr/bin/busybox
                      Arguments:busybox pkill -9 ggTrex
                      File size:2172376 bytes
                      MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                      General

                      Start time (UTC):10:08:49
                      Start date (UTC):23/11/2024
                      Path:/tmp/yakuza.arm4.elf
                      Arguments:-
                      File size:4956856 bytes
                      MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                      General

                      Start time (UTC):10:08:49
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:sh -c "pkill -9 wasads || busybox pkill -9 wasads"
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      General

                      Start time (UTC):10:08:49
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:-
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      General

                      Start time (UTC):10:08:49
                      Start date (UTC):23/11/2024
                      Path:/usr/bin/pkill
                      Arguments:pkill -9 wasads
                      File size:30968 bytes
                      MD5 hash:fa96a75a08109d8842e4865b2907d51f

                      General

                      Start time (UTC):10:08:50
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:-
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      General

                      Start time (UTC):10:08:50
                      Start date (UTC):23/11/2024
                      Path:/usr/bin/busybox
                      Arguments:busybox pkill -9 wasads
                      File size:2172376 bytes
                      MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                      General

                      Start time (UTC):10:08:51
                      Start date (UTC):23/11/2024
                      Path:/tmp/yakuza.arm4.elf
                      Arguments:-
                      File size:4956856 bytes
                      MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                      General

                      Start time (UTC):10:08:51
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:sh -c "pkill -9 1293194hjXD || busybox pkill -9 1293194hjXD"
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      General

                      Start time (UTC):10:08:51
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:-
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      General

                      Start time (UTC):10:08:51
                      Start date (UTC):23/11/2024
                      Path:/usr/bin/pkill
                      Arguments:pkill -9 1293194hjXD
                      File size:30968 bytes
                      MD5 hash:fa96a75a08109d8842e4865b2907d51f

                      General

                      Start time (UTC):10:08:52
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:-
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      General

                      Start time (UTC):10:08:52
                      Start date (UTC):23/11/2024
                      Path:/usr/bin/busybox
                      Arguments:busybox pkill -9 1293194hjXD
                      File size:2172376 bytes
                      MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                      General

                      Start time (UTC):10:08:53
                      Start date (UTC):23/11/2024
                      Path:/tmp/yakuza.arm4.elf
                      Arguments:-
                      File size:4956856 bytes
                      MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                      General

                      Start time (UTC):10:08:53
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:sh -c "pkill -9 OthLaLosn || busybox pkill -9 OthLaLosn"
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      General

                      Start time (UTC):10:08:53
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:-
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      General

                      Start time (UTC):10:08:53
                      Start date (UTC):23/11/2024
                      Path:/usr/bin/pkill
                      Arguments:pkill -9 OthLaLosn
                      File size:30968 bytes
                      MD5 hash:fa96a75a08109d8842e4865b2907d51f

                      General

                      Start time (UTC):10:08:54
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:-
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      General

                      Start time (UTC):10:08:54
                      Start date (UTC):23/11/2024
                      Path:/usr/bin/busybox
                      Arguments:busybox pkill -9 OthLaLosn
                      File size:2172376 bytes
                      MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                      General

                      Start time (UTC):10:08:55
                      Start date (UTC):23/11/2024
                      Path:/tmp/yakuza.arm4.elf
                      Arguments:-
                      File size:4956856 bytes
                      MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                      General

                      Start time (UTC):10:08:55
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:sh -c "pkill -9 ggt || busybox pkill -9 ggt"
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      General

                      Start time (UTC):10:08:55
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:-
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      General

                      Start time (UTC):10:08:55
                      Start date (UTC):23/11/2024
                      Path:/usr/bin/pkill
                      Arguments:pkill -9 ggt
                      File size:30968 bytes
                      MD5 hash:fa96a75a08109d8842e4865b2907d51f

                      General

                      Start time (UTC):10:08:56
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:-
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      General

                      Start time (UTC):10:08:56
                      Start date (UTC):23/11/2024
                      Path:/usr/bin/busybox
                      Arguments:busybox pkill -9 ggt
                      File size:2172376 bytes
                      MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                      General

                      Start time (UTC):10:08:57
                      Start date (UTC):23/11/2024
                      Path:/tmp/yakuza.arm4.elf
                      Arguments:-
                      File size:4956856 bytes
                      MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                      General

                      Start time (UTC):10:08:57
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:sh -c "pkill -9 wget-log || busybox pkill -9 wget-log"
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      General

                      Start time (UTC):10:08:57
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:-
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      General

                      Start time (UTC):10:08:57
                      Start date (UTC):23/11/2024
                      Path:/usr/bin/pkill
                      Arguments:pkill -9 wget-log
                      File size:30968 bytes
                      MD5 hash:fa96a75a08109d8842e4865b2907d51f

                      General

                      Start time (UTC):10:08:58
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:-
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      General

                      Start time (UTC):10:08:58
                      Start date (UTC):23/11/2024
                      Path:/usr/bin/busybox
                      Arguments:busybox pkill -9 wget-log
                      File size:2172376 bytes
                      MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                      General

                      Start time (UTC):10:08:59
                      Start date (UTC):23/11/2024
                      Path:/tmp/yakuza.arm4.elf
                      Arguments:-
                      File size:4956856 bytes
                      MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                      General

                      Start time (UTC):10:08:59
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:sh -c "pkill -9 1337SoraLOADER || busybox pkill -9 1337SoraLOADER"
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      General

                      Start time (UTC):10:08:59
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:-
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      General

                      Start time (UTC):10:08:59
                      Start date (UTC):23/11/2024
                      Path:/usr/bin/pkill
                      Arguments:pkill -9 1337SoraLOADER
                      File size:30968 bytes
                      MD5 hash:fa96a75a08109d8842e4865b2907d51f

                      General

                      Start time (UTC):10:09:01
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:-
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      General

                      Start time (UTC):10:09:01
                      Start date (UTC):23/11/2024
                      Path:/usr/bin/busybox
                      Arguments:busybox pkill -9 1337SoraLOADER
                      File size:2172376 bytes
                      MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                      General

                      Start time (UTC):10:09:02
                      Start date (UTC):23/11/2024
                      Path:/tmp/yakuza.arm4.elf
                      Arguments:-
                      File size:4956856 bytes
                      MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                      General

                      Start time (UTC):10:09:02
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:sh -c "pkill -9 SAIAKINA || busybox pkill -9 SAIAKINA"
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      General

                      Start time (UTC):10:09:02
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:-
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      General

                      Start time (UTC):10:09:02
                      Start date (UTC):23/11/2024
                      Path:/usr/bin/pkill
                      Arguments:pkill -9 SAIAKINA
                      File size:30968 bytes
                      MD5 hash:fa96a75a08109d8842e4865b2907d51f

                      General

                      Start time (UTC):10:09:03
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:-
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      General

                      Start time (UTC):10:09:03
                      Start date (UTC):23/11/2024
                      Path:/usr/bin/busybox
                      Arguments:busybox pkill -9 SAIAKINA
                      File size:2172376 bytes
                      MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                      General

                      Start time (UTC):10:09:04
                      Start date (UTC):23/11/2024
                      Path:/tmp/yakuza.arm4.elf
                      Arguments:-
                      File size:4956856 bytes
                      MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                      General

                      Start time (UTC):10:09:04
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:sh -c "pkill -9 ggtq || busybox pkill -9 ggtq"
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      General

                      Start time (UTC):10:09:04
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:-
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      General

                      Start time (UTC):10:09:04
                      Start date (UTC):23/11/2024
                      Path:/usr/bin/pkill
                      Arguments:pkill -9 ggtq
                      File size:30968 bytes
                      MD5 hash:fa96a75a08109d8842e4865b2907d51f

                      General

                      Start time (UTC):10:09:05
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:-
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      General

                      Start time (UTC):10:09:05
                      Start date (UTC):23/11/2024
                      Path:/usr/bin/busybox
                      Arguments:busybox pkill -9 ggtq
                      File size:2172376 bytes
                      MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                      General

                      Start time (UTC):10:09:06
                      Start date (UTC):23/11/2024
                      Path:/tmp/yakuza.arm4.elf
                      Arguments:-
                      File size:4956856 bytes
                      MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                      General

                      Start time (UTC):10:09:06
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:sh -c "pkill -9 1378bfp919GRB1Q2 || busybox pkill -9 1378bfp919GRB1Q2"
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      General

                      Start time (UTC):10:09:06
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:-
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      General

                      Start time (UTC):10:09:06
                      Start date (UTC):23/11/2024
                      Path:/usr/bin/pkill
                      Arguments:pkill -9 1378bfp919GRB1Q2
                      File size:30968 bytes
                      MD5 hash:fa96a75a08109d8842e4865b2907d51f

                      General

                      Start time (UTC):10:09:07
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:-
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      General

                      Start time (UTC):10:09:07
                      Start date (UTC):23/11/2024
                      Path:/usr/bin/busybox
                      Arguments:busybox pkill -9 1378bfp919GRB1Q2
                      File size:2172376 bytes
                      MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                      General

                      Start time (UTC):10:09:08
                      Start date (UTC):23/11/2024
                      Path:/tmp/yakuza.arm4.elf
                      Arguments:-
                      File size:4956856 bytes
                      MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                      General

                      Start time (UTC):10:09:08
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:sh -c "pkill -9 SAIAKUSO || busybox pkill -9 SAIAKUSO"
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      General

                      Start time (UTC):10:09:08
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:-
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      General

                      Start time (UTC):10:09:08
                      Start date (UTC):23/11/2024
                      Path:/usr/bin/pkill
                      Arguments:pkill -9 SAIAKUSO
                      File size:30968 bytes
                      MD5 hash:fa96a75a08109d8842e4865b2907d51f

                      General

                      Start time (UTC):10:09:09
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:-
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      General

                      Start time (UTC):10:09:09
                      Start date (UTC):23/11/2024
                      Path:/usr/bin/busybox
                      Arguments:busybox pkill -9 SAIAKUSO
                      File size:2172376 bytes
                      MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                      General

                      Start time (UTC):10:09:10
                      Start date (UTC):23/11/2024
                      Path:/tmp/yakuza.arm4.elf
                      Arguments:-
                      File size:4956856 bytes
                      MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                      General

                      Start time (UTC):10:09:10
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:sh -c "pkill -9 ggtr || busybox pkill -9 ggtr"
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      General

                      Start time (UTC):10:09:10
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:-
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      General

                      Start time (UTC):10:09:10
                      Start date (UTC):23/11/2024
                      Path:/usr/bin/pkill
                      Arguments:pkill -9 ggtr
                      File size:30968 bytes
                      MD5 hash:fa96a75a08109d8842e4865b2907d51f

                      General

                      Start time (UTC):10:09:11
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:-
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      General

                      Start time (UTC):10:09:11
                      Start date (UTC):23/11/2024
                      Path:/usr/bin/busybox
                      Arguments:busybox pkill -9 ggtr
                      File size:2172376 bytes
                      MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                      General

                      Start time (UTC):10:09:12
                      Start date (UTC):23/11/2024
                      Path:/tmp/yakuza.arm4.elf
                      Arguments:-
                      File size:4956856 bytes
                      MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                      General

                      Start time (UTC):10:09:12
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:sh -c "pkill -9 14Fa || busybox pkill -9 14Fa"
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      General

                      Start time (UTC):10:09:12
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:-
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      General

                      Start time (UTC):10:09:12
                      Start date (UTC):23/11/2024
                      Path:/usr/bin/pkill
                      Arguments:pkill -9 14Fa
                      File size:30968 bytes
                      MD5 hash:fa96a75a08109d8842e4865b2907d51f

                      General

                      Start time (UTC):10:09:14
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:-
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      General

                      Start time (UTC):10:09:14
                      Start date (UTC):23/11/2024
                      Path:/usr/bin/busybox
                      Arguments:busybox pkill -9 14Fa
                      File size:2172376 bytes
                      MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                      General

                      Start time (UTC):10:09:15
                      Start date (UTC):23/11/2024
                      Path:/tmp/yakuza.arm4.elf
                      Arguments:-
                      File size:4956856 bytes
                      MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                      General

                      Start time (UTC):10:09:15
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:sh -c "pkill -9 SEXSLAVE1337 || busybox pkill -9 SEXSLAVE1337"
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      General

                      Start time (UTC):10:09:15
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:-
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      General

                      Start time (UTC):10:09:15
                      Start date (UTC):23/11/2024
                      Path:/usr/bin/pkill
                      Arguments:pkill -9 SEXSLAVE1337
                      File size:30968 bytes
                      MD5 hash:fa96a75a08109d8842e4865b2907d51f

                      General

                      Start time (UTC):10:09:16
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:-
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      General

                      Start time (UTC):10:09:16
                      Start date (UTC):23/11/2024
                      Path:/usr/bin/busybox
                      Arguments:busybox pkill -9 SEXSLAVE1337
                      File size:2172376 bytes
                      MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                      General

                      Start time (UTC):10:09:17
                      Start date (UTC):23/11/2024
                      Path:/tmp/yakuza.arm4.elf
                      Arguments:-
                      File size:4956856 bytes
                      MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                      General

                      Start time (UTC):10:09:17
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:sh -c "pkill -9 ggtt || busybox pkill -9 ggtt"
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      General

                      Start time (UTC):10:09:17
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:-
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      General

                      Start time (UTC):10:09:17
                      Start date (UTC):23/11/2024
                      Path:/usr/bin/pkill
                      Arguments:pkill -9 ggtt
                      File size:30968 bytes
                      MD5 hash:fa96a75a08109d8842e4865b2907d51f

                      General

                      Start time (UTC):10:09:18
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:-
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      General

                      Start time (UTC):10:09:18
                      Start date (UTC):23/11/2024
                      Path:/usr/bin/busybox
                      Arguments:busybox pkill -9 ggtt
                      File size:2172376 bytes
                      MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                      General

                      Start time (UTC):10:09:19
                      Start date (UTC):23/11/2024
                      Path:/tmp/yakuza.arm4.elf
                      Arguments:-
                      File size:4956856 bytes
                      MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                      General

                      Start time (UTC):10:09:19
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:sh -c "pkill -9 1902a3u912u3u4 || busybox pkill -9 1902a3u912u3u4"
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      General

                      Start time (UTC):10:09:19
                      Start date (UTC):23/11/2024
                      Path:/bin/sh
                      Arguments:-
                      File size:129816 bytes
                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                      General

                      Start time (UTC):10:09:19
                      Start date (UTC):23/11/2024
                      Path:/usr/bin/pkill
                      Arguments:pkill -9 1902a3u912u3u4
                      File size:30968 bytes
                      MD5 hash:fa96a75a08109d8842e4865b2907d51f