Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Linux Analysis Report
yakuza.arm5.elf

Overview

General Information

Sample name:yakuza.arm5.elf
Analysis ID:1561406
MD5:8e346de014a435d53bfb3236bcbb22a0
SHA1:9c07a7b262c0b847bdf87e2d4f7a59cc7541a5cf
SHA256:d69aae30d881e1d095b928d962ef97e4cfbdb3a2e43a684d31613100fdaf1518
Tags:elfuser-abuse_ch
Infos:

Detection

Mirai
Score:72
Range:0 - 100
Whitelisted:false

Signatures

Malicious sample detected (through community Yara rule)
Multi AV Scanner detection for submitted file
Yara detected Mirai
Uses IRC for communication with a C&C
Uses known network protocols on non-standard ports
Detected TCP or UDP traffic on non-standard ports
Enumerates processes within the "proc" file system
Executes commands using a shell command-line interpreter
Executes the "kill" or "pkill" command typically used to terminate processes
Reads CPU information from /sys indicative of miner or evasive malware
Sample contains strings indicative of BusyBox which embeds multiple Unix commands in a single executable
Sample contains strings indicative of password brute-forcing capabilities
Sample contains strings that are user agent strings indicative of HTTP manipulation
Uses the "uname" system call to query kernel version information (possible evasion)
Yara signature match

Classification

General Information

Joe Sandbox version:41.0.0 Charoite
Analysis ID:1561406
Start date and time:2024-11-23 11:06:12 +01:00
Joe Sandbox product:CloudBasic
Overall analysis duration:0h 5m 13s
Hypervisor based Inspection enabled:false
Report type:full
Cookbook file name:defaultlinuxfilecookbook.jbs
Analysis system description:Ubuntu Linux 20.04 x64 (Kernel 5.4.0-72, Firefox 91.0, Evince Document Viewer 3.36.10, LibreOffice 6.4.7.2, OpenJDK 11.0.11)
Analysis Mode:default
Sample name:yakuza.arm5.elf
Detection:MAL
Classification:mal72.troj.linELF@0/0@2/0

Warnings

  • Report size exceeded maximum capacity and may have missing behavior information.

Runtime Messages

Command:/tmp/yakuza.arm5.elf
PID:5833
Exit Code:0
Exit Code Info:
Killed:False
Standard Output:
CAPSAICIN
Standard Error:

Process Tree

  • system is lnxubuntu20
  • yakuza.arm5.elf (PID: 5833, Parent: 5760, MD5: 5ebfcae4fe2471fcc5695c2394773ff1) Arguments: /tmp/yakuza.arm5.elf
    • yakuza.arm5.elf New Fork (PID: 5835, Parent: 5833)
      • sh (PID: 5845, Parent: 5835, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "pkill -9 902i13 || busybox pkill -9 902i13"
        • sh New Fork (PID: 5847, Parent: 5845)
        • pkill (PID: 5847, Parent: 5845, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 902i13
        • sh New Fork (PID: 5876, Parent: 5845)
        • busybox (PID: 5876, Parent: 5845, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 902i13
      • sh (PID: 5877, Parent: 5835, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "pkill -9 BzSxLxBxeY || busybox pkill -9 BzSxLxBxeY"
        • sh New Fork (PID: 5882, Parent: 5877)
        • pkill (PID: 5882, Parent: 5877, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 BzSxLxBxeY
        • sh New Fork (PID: 5883, Parent: 5877)
        • busybox (PID: 5883, Parent: 5877, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 BzSxLxBxeY
      • sh (PID: 5884, Parent: 5835, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "pkill -9 HOHO-LUGO7 || busybox pkill -9 HOHO-LUGO7"
        • sh New Fork (PID: 5886, Parent: 5884)
        • pkill (PID: 5886, Parent: 5884, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 HOHO-LUGO7
        • sh New Fork (PID: 5889, Parent: 5884)
        • busybox (PID: 5889, Parent: 5884, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 HOHO-LUGO7
      • sh (PID: 5890, Parent: 5835, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "pkill -9 HOHO-U79OL || busybox pkill -9 HOHO-U79OL"
        • sh New Fork (PID: 5892, Parent: 5890)
        • pkill (PID: 5892, Parent: 5890, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 HOHO-U79OL
        • sh New Fork (PID: 5893, Parent: 5890)
        • busybox (PID: 5893, Parent: 5890, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 HOHO-U79OL
      • sh (PID: 5894, Parent: 5835, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "pkill -9 JuYfouyf87 || busybox pkill -9 JuYfouyf87"
        • sh New Fork (PID: 5900, Parent: 5894)
        • pkill (PID: 5900, Parent: 5894, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 JuYfouyf87
        • sh New Fork (PID: 5901, Parent: 5894)
        • busybox (PID: 5901, Parent: 5894, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 JuYfouyf87
      • sh (PID: 5904, Parent: 5835, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "pkill -9 NiGGeR69xd || busybox pkill -9 NiGGeR69xd"
        • sh New Fork (PID: 5909, Parent: 5904)
        • pkill (PID: 5909, Parent: 5904, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 NiGGeR69xd
        • sh New Fork (PID: 5910, Parent: 5904)
        • busybox (PID: 5910, Parent: 5904, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 NiGGeR69xd
      • sh (PID: 5911, Parent: 5835, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "pkill -9 SO190Ij1X || busybox pkill -9 SO190Ij1X"
        • sh New Fork (PID: 5916, Parent: 5911)
        • pkill (PID: 5916, Parent: 5911, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 SO190Ij1X
        • sh New Fork (PID: 5917, Parent: 5911)
        • busybox (PID: 5917, Parent: 5911, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 SO190Ij1X
      • sh (PID: 5918, Parent: 5835, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "pkill -9 LOLKIKEEEDDE || busybox pkill -9 LOLKIKEEEDDE"
        • sh New Fork (PID: 5925, Parent: 5918)
        • pkill (PID: 5925, Parent: 5918, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 LOLKIKEEEDDE
        • sh New Fork (PID: 5926, Parent: 5918)
        • busybox (PID: 5926, Parent: 5918, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 LOLKIKEEEDDE
      • sh (PID: 5927, Parent: 5835, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "pkill -9 ekjheory98e || busybox pkill -9 ekjheory98e"
        • sh New Fork (PID: 5929, Parent: 5927)
        • pkill (PID: 5929, Parent: 5927, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 ekjheory98e
        • sh New Fork (PID: 5951, Parent: 5927)
        • busybox (PID: 5951, Parent: 5927, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 ekjheory98e
      • sh (PID: 5952, Parent: 5835, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "pkill -9 scansh4 || busybox pkill -9 scansh4"
        • sh New Fork (PID: 5954, Parent: 5952)
        • pkill (PID: 5954, Parent: 5952, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 scansh4
        • sh New Fork (PID: 5957, Parent: 5952)
        • busybox (PID: 5957, Parent: 5952, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 scansh4
      • sh (PID: 5958, Parent: 5835, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "pkill -9 MDMA || busybox pkill -9 MDMA"
        • sh New Fork (PID: 5963, Parent: 5958)
        • pkill (PID: 5963, Parent: 5958, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 MDMA
        • sh New Fork (PID: 5964, Parent: 5958)
        • busybox (PID: 5964, Parent: 5958, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 MDMA
      • sh (PID: 5965, Parent: 5835, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "pkill -9 fdevalvex || busybox pkill -9 fdevalvex"
        • sh New Fork (PID: 5971, Parent: 5965)
        • pkill (PID: 5971, Parent: 5965, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 fdevalvex
        • sh New Fork (PID: 5973, Parent: 5965)
        • busybox (PID: 5973, Parent: 5965, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 fdevalvex
      • sh (PID: 5976, Parent: 5835, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "pkill -9 scanspc || busybox pkill -9 scanspc"
        • sh New Fork (PID: 5980, Parent: 5976)
        • pkill (PID: 5980, Parent: 5976, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 scanspc
        • sh New Fork (PID: 5982, Parent: 5976)
        • busybox (PID: 5982, Parent: 5976, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 scanspc
      • sh (PID: 5983, Parent: 5835, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "pkill -9 MELTEDNINJAREALZ || busybox pkill -9 MELTEDNINJAREALZ"
        • sh New Fork (PID: 5988, Parent: 5983)
        • pkill (PID: 5988, Parent: 5983, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 MELTEDNINJAREALZ
        • sh New Fork (PID: 5989, Parent: 5983)
        • busybox (PID: 5989, Parent: 5983, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 MELTEDNINJAREALZ
      • sh (PID: 5990, Parent: 5835, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "pkill -9 flexsonskids || busybox pkill -9 flexsonskids"
        • sh New Fork (PID: 5995, Parent: 5990)
        • pkill (PID: 5995, Parent: 5990, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 flexsonskids
        • sh New Fork (PID: 5998, Parent: 5990)
        • busybox (PID: 5998, Parent: 5990, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 flexsonskids
      • sh (PID: 5999, Parent: 5835, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "pkill -9 scanx86 || busybox pkill -9 scanx86"
        • sh New Fork (PID: 6004, Parent: 5999)
        • pkill (PID: 6004, Parent: 5999, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 scanx86
        • sh New Fork (PID: 6005, Parent: 5999)
        • busybox (PID: 6005, Parent: 5999, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 scanx86
      • sh (PID: 6006, Parent: 5835, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "pkill -9 MISAKI-U79OL || busybox pkill -9 MISAKI-U79OL"
        • sh New Fork (PID: 6011, Parent: 6006)
        • pkill (PID: 6011, Parent: 6006, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 MISAKI-U79OL
        • sh New Fork (PID: 6014, Parent: 6006)
        • busybox (PID: 6014, Parent: 6006, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 MISAKI-U79OL
      • sh (PID: 6015, Parent: 5835, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "pkill -9 foAxi102kxe || busybox pkill -9 foAxi102kxe"
        • sh New Fork (PID: 6020, Parent: 6015)
        • pkill (PID: 6020, Parent: 6015, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 foAxi102kxe
        • sh New Fork (PID: 6021, Parent: 6015)
        • busybox (PID: 6021, Parent: 6015, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 foAxi102kxe
      • sh (PID: 6022, Parent: 5835, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "pkill -9 swodjwodjwoj || busybox pkill -9 swodjwodjwoj"
        • sh New Fork (PID: 6024, Parent: 6022)
        • pkill (PID: 6024, Parent: 6022, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 swodjwodjwoj
        • sh New Fork (PID: 6025, Parent: 6022)
        • busybox (PID: 6025, Parent: 6022, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 swodjwodjwoj
      • sh (PID: 6028, Parent: 5835, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "pkill -9 MmKiy7f87l || busybox pkill -9 MmKiy7f87l"
        • sh New Fork (PID: 6034, Parent: 6028)
        • pkill (PID: 6034, Parent: 6028, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 MmKiy7f87l
        • sh New Fork (PID: 6035, Parent: 6028)
        • busybox (PID: 6035, Parent: 6028, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 MmKiy7f87l
      • sh (PID: 6036, Parent: 5835, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "pkill -9 freecookiex86 || busybox pkill -9 freecookiex86"
        • sh New Fork (PID: 6041, Parent: 6036)
        • pkill (PID: 6041, Parent: 6036, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 freecookiex86
        • sh New Fork (PID: 6042, Parent: 6036)
        • busybox (PID: 6042, Parent: 6036, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 freecookiex86
      • sh (PID: 6045, Parent: 5835, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "pkill -9 sysgpu || busybox pkill -9 sysgpu"
        • sh New Fork (PID: 6050, Parent: 6045)
        • pkill (PID: 6050, Parent: 6045, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 sysgpu
        • sh New Fork (PID: 6051, Parent: 6045)
        • busybox (PID: 6051, Parent: 6045, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 sysgpu
      • sh (PID: 6052, Parent: 5835, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "pkill -9 NiGGeR69xd || busybox pkill -9 NiGGeR69xd"
        • sh New Fork (PID: 6057, Parent: 6052)
        • pkill (PID: 6057, Parent: 6052, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 NiGGeR69xd
        • sh New Fork (PID: 6060, Parent: 6052)
        • busybox (PID: 6060, Parent: 6052, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 NiGGeR69xd
      • sh (PID: 6061, Parent: 5835, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "pkill -9 frgege || busybox pkill -9 frgege"
        • sh New Fork (PID: 6063, Parent: 6061)
        • pkill (PID: 6063, Parent: 6061, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 frgege
        • sh New Fork (PID: 6066, Parent: 6061)
        • busybox (PID: 6066, Parent: 6061, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 frgege
      • sh (PID: 6067, Parent: 5835, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "pkill -9 sysupdater || busybox pkill -9 sysupdater"
        • sh New Fork (PID: 6072, Parent: 6067)
        • pkill (PID: 6072, Parent: 6067, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 sysupdater
        • sh New Fork (PID: 6073, Parent: 6067)
        • busybox (PID: 6073, Parent: 6067, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 sysupdater
      • sh (PID: 6074, Parent: 5835, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "pkill -9 0DnAzepd || busybox pkill -9 0DnAzepd"
        • sh New Fork (PID: 6076, Parent: 6074)
        • pkill (PID: 6076, Parent: 6074, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 0DnAzepd
        • sh New Fork (PID: 6077, Parent: 6074)
        • busybox (PID: 6077, Parent: 6074, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 0DnAzepd
      • sh (PID: 6081, Parent: 5835, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "pkill -9 NiGGeRD0nks69 || busybox pkill -9 NiGGeRD0nks69"
        • sh New Fork (PID: 6083, Parent: 6081)
        • pkill (PID: 6083, Parent: 6081, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 NiGGeRD0nks69
        • sh New Fork (PID: 6084, Parent: 6081)
        • busybox (PID: 6084, Parent: 6081, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 NiGGeRD0nks69
      • sh (PID: 6085, Parent: 5835, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "pkill -9 frgreu || busybox pkill -9 frgreu"
        • sh New Fork (PID: 6091, Parent: 6085)
        • pkill (PID: 6091, Parent: 6085, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 frgreu
        • sh New Fork (PID: 6092, Parent: 6085)
        • busybox (PID: 6092, Parent: 6085, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 frgreu
      • sh (PID: 6093, Parent: 5835, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "pkill -9 telnetd || busybox pkill -9 telnetd"
        • sh New Fork (PID: 6098, Parent: 6093)
        • pkill (PID: 6098, Parent: 6093, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 telnetd
        • sh New Fork (PID: 6099, Parent: 6093)
        • busybox (PID: 6099, Parent: 6093, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 telnetd
      • sh (PID: 6102, Parent: 5835, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "pkill -9 0x766f6964 || busybox pkill -9 0x766f6964"
        • sh New Fork (PID: 6106, Parent: 6102)
        • pkill (PID: 6106, Parent: 6102, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 0x766f6964
        • sh New Fork (PID: 6108, Parent: 6102)
        • busybox (PID: 6108, Parent: 6102, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 0x766f6964
      • sh (PID: 6109, Parent: 5835, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "pkill -9 NiGGeRd0nks1337 || busybox pkill -9 NiGGeRd0nks1337"
        • sh New Fork (PID: 6113, Parent: 6109)
        • pkill (PID: 6113, Parent: 6109, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 NiGGeRd0nks1337
        • sh New Fork (PID: 6115, Parent: 6109)
        • busybox (PID: 6115, Parent: 6109, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 NiGGeRd0nks1337
      • sh (PID: 6116, Parent: 5835, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "pkill -9 gaft || busybox pkill -9 gaft"
        • sh New Fork (PID: 6121, Parent: 6116)
        • pkill (PID: 6121, Parent: 6116, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 gaft
        • sh New Fork (PID: 6124, Parent: 6116)
        • busybox (PID: 6124, Parent: 6116, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 gaft
      • sh (PID: 6125, Parent: 5835, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "pkill -9 urasgbsigboa || busybox pkill -9 urasgbsigboa"
        • sh New Fork (PID: 6130, Parent: 6125)
        • pkill (PID: 6130, Parent: 6125, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 urasgbsigboa
        • sh New Fork (PID: 6131, Parent: 6125)
        • busybox (PID: 6131, Parent: 6125, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 urasgbsigboa
      • sh (PID: 6132, Parent: 5835, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "pkill -9 120i3UI49 || busybox pkill -9 120i3UI49"
        • sh New Fork (PID: 6138, Parent: 6132)
        • pkill (PID: 6138, Parent: 6132, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 120i3UI49
        • sh New Fork (PID: 6141, Parent: 6132)
        • busybox (PID: 6141, Parent: 6132, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 120i3UI49
      • sh (PID: 6142, Parent: 5835, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "pkill -9 OaF3 || busybox pkill -9 OaF3"
        • sh New Fork (PID: 6147, Parent: 6142)
        • pkill (PID: 6147, Parent: 6142, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 OaF3
        • sh New Fork (PID: 6148, Parent: 6142)
        • busybox (PID: 6148, Parent: 6142, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 OaF3
      • sh (PID: 6149, Parent: 5835, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "pkill -9 geae || busybox pkill -9 geae"
        • sh New Fork (PID: 6151, Parent: 6149)
        • pkill (PID: 6151, Parent: 6149, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 geae
        • sh New Fork (PID: 6152, Parent: 6149)
        • busybox (PID: 6152, Parent: 6149, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 geae
      • sh (PID: 6155, Parent: 5835, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "pkill -9 vaiolmao || busybox pkill -9 vaiolmao"
        • sh New Fork (PID: 6157, Parent: 6155)
        • pkill (PID: 6157, Parent: 6155, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 vaiolmao
        • sh New Fork (PID: 6158, Parent: 6155)
        • busybox (PID: 6158, Parent: 6155, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 vaiolmao
      • sh (PID: 6159, Parent: 5835, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "pkill -9 123123a || busybox pkill -9 123123a"
        • sh New Fork (PID: 6161, Parent: 6159)
        • pkill (PID: 6161, Parent: 6159, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 123123a
        • sh New Fork (PID: 6162, Parent: 6159)
        • busybox (PID: 6162, Parent: 6159, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 123123a
      • sh (PID: 6163, Parent: 5835, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "pkill -9 Ofurain0n4H34D || busybox pkill -9 Ofurain0n4H34D"
        • sh New Fork (PID: 6165, Parent: 6163)
        • pkill (PID: 6165, Parent: 6163, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 Ofurain0n4H34D
        • sh New Fork (PID: 6168, Parent: 6163)
        • busybox (PID: 6168, Parent: 6163, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 Ofurain0n4H34D
      • sh (PID: 6169, Parent: 5835, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "pkill -9 ggTrex || busybox pkill -9 ggTrex"
        • sh New Fork (PID: 6171, Parent: 6169)
        • pkill (PID: 6171, Parent: 6169, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 ggTrex
        • sh New Fork (PID: 6172, Parent: 6169)
        • busybox (PID: 6172, Parent: 6169, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 ggTrex
      • sh (PID: 6173, Parent: 5835, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "pkill -9 wasads || busybox pkill -9 wasads"
        • sh New Fork (PID: 6175, Parent: 6173)
        • pkill (PID: 6175, Parent: 6173, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 wasads
        • sh New Fork (PID: 6177, Parent: 6173)
        • busybox (PID: 6177, Parent: 6173, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 wasads
      • sh (PID: 6180, Parent: 5835, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "pkill -9 1293194hjXD || busybox pkill -9 1293194hjXD"
        • sh New Fork (PID: 6186, Parent: 6180)
        • pkill (PID: 6186, Parent: 6180, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 1293194hjXD
        • sh New Fork (PID: 6187, Parent: 6180)
        • busybox (PID: 6187, Parent: 6180, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 1293194hjXD
      • sh (PID: 6188, Parent: 5835, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "pkill -9 OthLaLosn || busybox pkill -9 OthLaLosn"
        • sh New Fork (PID: 6193, Parent: 6188)
        • pkill (PID: 6193, Parent: 6188, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 OthLaLosn
        • sh New Fork (PID: 6194, Parent: 6188)
        • busybox (PID: 6194, Parent: 6188, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 OthLaLosn
      • sh (PID: 6197, Parent: 5835, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "pkill -9 ggt || busybox pkill -9 ggt"
        • sh New Fork (PID: 6202, Parent: 6197)
        • pkill (PID: 6202, Parent: 6197, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 ggt
        • sh New Fork (PID: 6203, Parent: 6197)
        • busybox (PID: 6203, Parent: 6197, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 ggt
      • sh (PID: 6204, Parent: 5835, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "pkill -9 wget-log || busybox pkill -9 wget-log"
        • sh New Fork (PID: 6209, Parent: 6204)
        • pkill (PID: 6209, Parent: 6204, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 wget-log
        • sh New Fork (PID: 6210, Parent: 6204)
        • busybox (PID: 6210, Parent: 6204, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 wget-log
      • sh (PID: 6211, Parent: 5835, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "pkill -9 1337SoraLOADER || busybox pkill -9 1337SoraLOADER"
        • sh New Fork (PID: 6216, Parent: 6211)
        • pkill (PID: 6216, Parent: 6211, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 1337SoraLOADER
        • sh New Fork (PID: 6219, Parent: 6211)
        • busybox (PID: 6219, Parent: 6211, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 1337SoraLOADER
      • sh (PID: 6220, Parent: 5835, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "pkill -9 SAIAKINA || busybox pkill -9 SAIAKINA"
        • sh New Fork (PID: 6222, Parent: 6220)
        • pkill (PID: 6222, Parent: 6220, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 SAIAKINA
        • sh New Fork (PID: 6223, Parent: 6220)
        • busybox (PID: 6223, Parent: 6220, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 SAIAKINA
      • sh (PID: 6224, Parent: 5835, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "pkill -9 ggtq || busybox pkill -9 ggtq"
        • sh New Fork (PID: 6228, Parent: 6224)
        • pkill (PID: 6228, Parent: 6224, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 ggtq
        • sh New Fork (PID: 6231, Parent: 6224)
        • busybox (PID: 6231, Parent: 6224, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 ggtq
      • sh (PID: 6234, Parent: 5835, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "pkill -9 1378bfp919GRB1Q2 || busybox pkill -9 1378bfp919GRB1Q2"
        • sh New Fork (PID: 6238, Parent: 6234)
        • pkill (PID: 6238, Parent: 6234, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 1378bfp919GRB1Q2
        • sh New Fork (PID: 6240, Parent: 6234)
        • busybox (PID: 6240, Parent: 6234, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 1378bfp919GRB1Q2
      • sh (PID: 6241, Parent: 5835, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "pkill -9 SAIAKUSO || busybox pkill -9 SAIAKUSO"
        • sh New Fork (PID: 6246, Parent: 6241)
        • pkill (PID: 6246, Parent: 6241, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 SAIAKUSO
        • sh New Fork (PID: 6247, Parent: 6241)
        • busybox (PID: 6247, Parent: 6241, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 SAIAKUSO
      • sh (PID: 6250, Parent: 5835, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "pkill -9 ggtr || busybox pkill -9 ggtr"
        • sh New Fork (PID: 6255, Parent: 6250)
        • pkill (PID: 6255, Parent: 6250, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 ggtr
        • sh New Fork (PID: 6256, Parent: 6250)
        • busybox (PID: 6256, Parent: 6250, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 ggtr
      • sh (PID: 6257, Parent: 5835, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "pkill -9 14Fa || busybox pkill -9 14Fa"
        • sh New Fork (PID: 6262, Parent: 6257)
        • pkill (PID: 6262, Parent: 6257, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 14Fa
        • sh New Fork (PID: 6265, Parent: 6257)
        • busybox (PID: 6265, Parent: 6257, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 14Fa
      • sh (PID: 6266, Parent: 5835, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "pkill -9 SEXSLAVE1337 || busybox pkill -9 SEXSLAVE1337"
        • sh New Fork (PID: 6271, Parent: 6266)
        • pkill (PID: 6271, Parent: 6266, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 SEXSLAVE1337
        • sh New Fork (PID: 6274, Parent: 6266)
        • busybox (PID: 6274, Parent: 6266, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 SEXSLAVE1337
      • sh (PID: 6275, Parent: 5835, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "pkill -9 ggtt || busybox pkill -9 ggtt"
        • sh New Fork (PID: 6280, Parent: 6275)
        • pkill (PID: 6280, Parent: 6275, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 ggtt
        • sh New Fork (PID: 6281, Parent: 6275)
        • busybox (PID: 6281, Parent: 6275, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 ggtt
      • sh (PID: 6282, Parent: 5835, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "pkill -9 1902a3u912u3u4 || busybox pkill -9 1902a3u912u3u4"
        • sh New Fork (PID: 6288, Parent: 6282)
        • pkill (PID: 6288, Parent: 6282, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 1902a3u912u3u4
        • sh New Fork (PID: 6289, Parent: 6282)
        • busybox (PID: 6289, Parent: 6282, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 1902a3u912u3u4
      • sh (PID: 6291, Parent: 5835, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "pkill -9 SO190Ij1X || busybox pkill -9 SO190Ij1X"
        • sh New Fork (PID: 6298, Parent: 6291)
        • pkill (PID: 6298, Parent: 6291, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 SO190Ij1X
        • sh New Fork (PID: 6299, Parent: 6291)
        • busybox (PID: 6299, Parent: 6291, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 SO190Ij1X
      • sh (PID: 6300, Parent: 5835, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "pkill -9 haetrghbr || busybox pkill -9 haetrghbr"
        • sh New Fork (PID: 6305, Parent: 6300)
        • pkill (PID: 6305, Parent: 6300, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 haetrghbr
        • sh New Fork (PID: 6306, Parent: 6300)
        • busybox (PID: 6306, Parent: 6300, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 haetrghbr
      • sh (PID: 6307, Parent: 5835, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "pkill -9 19ju3d || busybox pkill -9 19ju3d"
        • sh New Fork (PID: 6312, Parent: 6307)
        • pkill (PID: 6312, Parent: 6307, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 19ju3d
        • sh New Fork (PID: 6315, Parent: 6307)
        • busybox (PID: 6315, Parent: 6307, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 19ju3d
      • sh (PID: 6316, Parent: 5835, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "pkill -9 SORAojkf120 || busybox pkill -9 SORAojkf120"
        • sh New Fork (PID: 6321, Parent: 6316)
        • pkill (PID: 6321, Parent: 6316, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 SORAojkf120
        • sh New Fork (PID: 6326, Parent: 6316)
        • busybox (PID: 6326, Parent: 6316, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 SORAojkf120
  • cleanup

Malware Threat Intel

Provided by

NameDescriptionAttributionBlogpost URLsLink
MiraiMirai is one of the first significant botnets targeting exposed networking devices running Linux. Found in August 2016 by MalwareMustDie, its name means "future" in Japanese. Nowadays it targets a wide range of networked embedded devices such as IP cameras, home routers (many vendors involved), and other IoT devices. Since the source code was published on "Hack Forums" many variants of the Mirai family appeared, infecting mostly home networks all around the world.No Attributionhttps://malpedia.caad.fkie.fraunhofer.de/details/elf.mirai

Yara Signatures

Initial Sample

SourceRuleDescriptionAuthorStrings
yakuza.arm5.elfJoeSecurity_Mirai_8Yara detected MiraiJoe Security
    yakuza.arm5.elfLinux_Trojan_Tsunami_8a11f9beunknownunknown
    • 0x17719:$a: 3E 20 3C 70 6F 72 74 3E 20 3C 72 65 66 6C 65 63 74 69 6F 6E 20
    • 0x17dad:$a: 3E 20 3C 70 6F 72 74 3E 20 3C 72 65 66 6C 65 63 74 69 6F 6E 20

    Memory Dumps

    SourceRuleDescriptionAuthorStrings
    5833.1.00007f70d4017000.00007f70d4032000.r-x.sdmpJoeSecurity_Mirai_8Yara detected MiraiJoe Security
      5833.1.00007f70d4017000.00007f70d4032000.r-x.sdmpLinux_Trojan_Tsunami_8a11f9beunknownunknown
      • 0x17719:$a: 3E 20 3C 70 6F 72 74 3E 20 3C 72 65 66 6C 65 63 74 69 6F 6E 20
      • 0x17dad:$a: 3E 20 3C 70 6F 72 74 3E 20 3C 72 65 66 6C 65 63 74 69 6F 6E 20
      5841.1.00007f70d4017000.00007f70d4032000.r-x.sdmpJoeSecurity_Mirai_8Yara detected MiraiJoe Security
        5841.1.00007f70d4017000.00007f70d4032000.r-x.sdmpLinux_Trojan_Tsunami_8a11f9beunknownunknown
        • 0x17719:$a: 3E 20 3C 70 6F 72 74 3E 20 3C 72 65 66 6C 65 63 74 69 6F 6E 20
        • 0x17dad:$a: 3E 20 3C 70 6F 72 74 3E 20 3C 72 65 66 6C 65 63 74 69 6F 6E 20
        Process Memory Space: yakuza.arm5.elf PID: 5833Linux_Trojan_Tsunami_8a11f9beunknownunknown
        • 0x3fb2:$a: 3E 20 3C 70 6F 72 74 3E 20 3C 72 65 66 6C 65 63 74 69 6F 6E 20
        • 0x40c4:$a: 3E 20 3C 70 6F 72 74 3E 20 3C 72 65 66 6C 65 63 74 69 6F 6E 20
        • 0x469c:$a: 3E 20 3C 70 6F 72 74 3E 20 3C 72 65 66 6C 65 63 74 69 6F 6E 20
        Click to see the 1 entries

        Suricata Signatures

        No Suricata rule has matched

        Joe Sandbox Signatures

        Click to jump to signature section

        Show All Signature Results

        AV Detection

        barindex
        Multi AV Scanner detection for submitted file
        Source: yakuza.arm5.elfReversingLabs: Detection: 60%
        Source: /usr/bin/pkill (PID: 5847)Reads CPU info from /sys: /sys/devices/system/cpu/onlineJump to behavior
        Source: /usr/bin/pkill (PID: 5882)Reads CPU info from /sys: /sys/devices/system/cpu/onlineJump to behavior
        Source: /usr/bin/pkill (PID: 5886)Reads CPU info from /sys: /sys/devices/system/cpu/onlineJump to behavior
        Source: /usr/bin/pkill (PID: 5892)Reads CPU info from /sys: /sys/devices/system/cpu/onlineJump to behavior
        Source: /usr/bin/pkill (PID: 5900)Reads CPU info from /sys: /sys/devices/system/cpu/onlineJump to behavior
        Source: /usr/bin/pkill (PID: 5909)Reads CPU info from /sys: /sys/devices/system/cpu/onlineJump to behavior
        Source: /usr/bin/pkill (PID: 5916)Reads CPU info from /sys: /sys/devices/system/cpu/onlineJump to behavior
        Source: /usr/bin/pkill (PID: 5925)Reads CPU info from /sys: /sys/devices/system/cpu/onlineJump to behavior
        Source: /usr/bin/pkill (PID: 5929)Reads CPU info from /sys: /sys/devices/system/cpu/onlineJump to behavior
        Source: /usr/bin/pkill (PID: 5954)Reads CPU info from /sys: /sys/devices/system/cpu/onlineJump to behavior
        Source: /usr/bin/pkill (PID: 5963)Reads CPU info from /sys: /sys/devices/system/cpu/onlineJump to behavior
        Source: /usr/bin/pkill (PID: 5971)Reads CPU info from /sys: /sys/devices/system/cpu/onlineJump to behavior
        Source: /usr/bin/pkill (PID: 5980)Reads CPU info from /sys: /sys/devices/system/cpu/onlineJump to behavior
        Source: /usr/bin/pkill (PID: 5988)Reads CPU info from /sys: /sys/devices/system/cpu/onlineJump to behavior
        Source: /usr/bin/pkill (PID: 5995)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 6004)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 6011)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 6020)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 6024)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 6034)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 6041)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 6050)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 6057)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 6063)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 6072)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 6076)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 6083)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 6091)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 6098)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 6106)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 6113)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 6121)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 6130)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 6138)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 6147)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 6151)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 6157)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 6161)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 6165)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 6171)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 6175)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 6186)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 6193)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 6202)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 6209)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 6216)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 6222)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 6228)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 6238)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 6246)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 6255)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 6262)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 6271)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 6280)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 6288)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 6298)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 6305)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 6312)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 6321)Reads CPU info from /sys: /sys/devices/system/cpu/online

        Networking

        barindex
        Uses IRC for communication with a C&C
        Source: unknownIRC traffic detected: 192.168.2.15:50314 -> 95.234.158.87:6780 NICK [OSX|ARM3]aA8U5 USER aA8U5 localhost localhost :aA8U5
        Uses known network protocols on non-standard ports
        Source: unknownNetwork traffic detected: IRC traffic on port 50314 -> 6780
        Source: unknownNetwork traffic detected: IRC traffic on port 50318 -> 6780
        Source: unknownNetwork traffic detected: IRC traffic on port 50320 -> 6780
        Source: unknownNetwork traffic detected: IRC traffic on port 50322 -> 6780
        Source: unknownNetwork traffic detected: IRC traffic on port 50324 -> 6780
        Source: unknownNetwork traffic detected: IRC traffic on port 50326 -> 6780
        Source: unknownNetwork traffic detected: IRC traffic on port 50328 -> 6780
        Source: unknownNetwork traffic detected: IRC traffic on port 50330 -> 6780
        Source: unknownNetwork traffic detected: IRC traffic on port 50332 -> 6780
        Source: unknownNetwork traffic detected: IRC traffic on port 50334 -> 6780
        Source: unknownNetwork traffic detected: IRC traffic on port 50336 -> 6780
        Source: unknownNetwork traffic detected: IRC traffic on port 50338 -> 6780
        Source: unknownNetwork traffic detected: IRC traffic on port 50340 -> 6780
        Source: unknownNetwork traffic detected: IRC traffic on port 50342 -> 6780
        Source: unknownNetwork traffic detected: IRC traffic on port 50344 -> 6780
        Source: unknownNetwork traffic detected: IRC traffic on port 50346 -> 6780
        Source: unknownNetwork traffic detected: IRC traffic on port 50348 -> 6780
        Source: unknownNetwork traffic detected: IRC traffic on port 50350 -> 6780
        Source: unknownNetwork traffic detected: IRC traffic on port 50352 -> 6780
        Source: unknownNetwork traffic detected: IRC traffic on port 50354 -> 6780
        Source: global trafficTCP traffic: 192.168.2.15:50314 -> 95.234.158.87:6780
        Source: unknownTCP traffic detected without corresponding DNS query: 95.234.158.87
        Source: unknownTCP traffic detected without corresponding DNS query: 95.234.158.87
        Source: unknownTCP traffic detected without corresponding DNS query: 95.234.158.87
        Source: unknownTCP traffic detected without corresponding DNS query: 95.234.158.87
        Source: unknownTCP traffic detected without corresponding DNS query: 95.234.158.87
        Source: unknownTCP traffic detected without corresponding DNS query: 95.234.158.87
        Source: unknownTCP traffic detected without corresponding DNS query: 95.234.158.87
        Source: unknownTCP traffic detected without corresponding DNS query: 95.234.158.87
        Source: unknownTCP traffic detected without corresponding DNS query: 95.234.158.87
        Source: unknownTCP traffic detected without corresponding DNS query: 95.234.158.87
        Source: unknownTCP traffic detected without corresponding DNS query: 95.234.158.87
        Source: unknownTCP traffic detected without corresponding DNS query: 95.234.158.87
        Source: unknownTCP traffic detected without corresponding DNS query: 95.234.158.87
        Source: unknownTCP traffic detected without corresponding DNS query: 95.234.158.87
        Source: unknownTCP traffic detected without corresponding DNS query: 95.234.158.87
        Source: unknownTCP traffic detected without corresponding DNS query: 95.234.158.87
        Source: unknownTCP traffic detected without corresponding DNS query: 95.234.158.87
        Source: unknownTCP traffic detected without corresponding DNS query: 95.234.158.87
        Source: unknownTCP traffic detected without corresponding DNS query: 95.234.158.87
        Source: unknownTCP traffic detected without corresponding DNS query: 95.234.158.87
        Source: unknownTCP traffic detected without corresponding DNS query: 95.234.158.87
        Source: unknownTCP traffic detected without corresponding DNS query: 95.234.158.87
        Source: unknownTCP traffic detected without corresponding DNS query: 95.234.158.87
        Source: unknownTCP traffic detected without corresponding DNS query: 95.234.158.87
        Source: unknownTCP traffic detected without corresponding DNS query: 95.234.158.87
        Source: unknownTCP traffic detected without corresponding DNS query: 95.234.158.87
        Source: unknownTCP traffic detected without corresponding DNS query: 95.234.158.87
        Source: unknownTCP traffic detected without corresponding DNS query: 95.234.158.87
        Source: unknownTCP traffic detected without corresponding DNS query: 95.234.158.87
        Source: unknownTCP traffic detected without corresponding DNS query: 95.234.158.87
        Source: unknownTCP traffic detected without corresponding DNS query: 95.234.158.87
        Source: unknownTCP traffic detected without corresponding DNS query: 95.234.158.87
        Source: unknownTCP traffic detected without corresponding DNS query: 95.234.158.87
        Source: unknownTCP traffic detected without corresponding DNS query: 95.234.158.87
        Source: unknownTCP traffic detected without corresponding DNS query: 95.234.158.87
        Source: unknownTCP traffic detected without corresponding DNS query: 95.234.158.87
        Source: unknownTCP traffic detected without corresponding DNS query: 95.234.158.87
        Source: unknownTCP traffic detected without corresponding DNS query: 95.234.158.87
        Source: unknownTCP traffic detected without corresponding DNS query: 95.234.158.87
        Source: unknownTCP traffic detected without corresponding DNS query: 95.234.158.87
        Source: unknownTCP traffic detected without corresponding DNS query: 95.234.158.87
        Source: unknownTCP traffic detected without corresponding DNS query: 95.234.158.87
        Source: unknownTCP traffic detected without corresponding DNS query: 95.234.158.87
        Source: unknownTCP traffic detected without corresponding DNS query: 95.234.158.87
        Source: unknownTCP traffic detected without corresponding DNS query: 95.234.158.87
        Source: unknownTCP traffic detected without corresponding DNS query: 95.234.158.87
        Source: unknownTCP traffic detected without corresponding DNS query: 95.234.158.87
        Source: unknownTCP traffic detected without corresponding DNS query: 95.234.158.87
        Source: unknownTCP traffic detected without corresponding DNS query: 95.234.158.87
        Source: unknownTCP traffic detected without corresponding DNS query: 95.234.158.87
        Source: global trafficDNS traffic detected: DNS query: daisy.ubuntu.com
        Source: yakuza.arm5.elfString found in binary or memory: http://linux-it.abuser.eu/yak.sh;
        Source: yakuza.arm5.elfString found in binary or memory: https://youtu.be/dQw4w9WgXcQ
        Source: yakuza.arm5.elfString found in binary or memory: https://youtu.be/dQw4w9WgXcQNever

        System Summary

        barindex
        Malicious sample detected (through community Yara rule)
        Source: yakuza.arm5.elf, type: SAMPLEMatched rule: Linux_Trojan_Tsunami_8a11f9be Author: unknown
        Source: 5833.1.00007f70d4017000.00007f70d4032000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Tsunami_8a11f9be Author: unknown
        Source: 5841.1.00007f70d4017000.00007f70d4032000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Tsunami_8a11f9be Author: unknown
        Source: Process Memory Space: yakuza.arm5.elf PID: 5833, type: MEMORYSTRMatched rule: Linux_Trojan_Tsunami_8a11f9be Author: unknown
        Source: Process Memory Space: yakuza.arm5.elf PID: 5841, type: MEMORYSTRMatched rule: Linux_Trojan_Tsunami_8a11f9be Author: unknown
        Source: Initial sampleString containing 'busybox' found: busybox
        Source: Initial sampleString containing 'busybox' found: pkill -9 %s || busybox pkill -9 %s
        Source: Initial sampleString containing 'busybox' found: pkill -9 %s || busybox pkill -9 %shistory -c;history -wcd /root;rm -f .bash_historycd /var/tmp; rm -f *NOTICE %s :MOVE <server>
        Source: Initial sampleString containing potential weak password found: guest
        Source: Initial sampleString containing potential weak password found: default
        Source: Initial sampleString containing potential weak password found: admin
        Source: Initial sampleString containing potential weak password found: supervisor
        Source: Initial sampleString containing potential weak password found: service
        Source: Initial sampleString containing potential weak password found: administrator
        Source: Initial sampleString containing potential weak password found: support
        Source: Initial sampleString containing potential weak password found: 123456
        Source: Initial sampleString containing potential weak password found: password
        Source: Initial sampleString containing potential weak password found: 12345
        Source: yakuza.arm5.elf, type: SAMPLEMatched rule: Linux_Trojan_Tsunami_8a11f9be reference_sample = 1f773d0e00d40eecde9e3ab80438698923a2620036c2fc33315ef95229e98571, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Tsunami, fingerprint = 91e2572a3bb8583e20042578e95e1746501c6a71ef7635af2c982a05b18d7c6d, id = 8a11f9be-dc85-4695-9f38-80ca0304780e, last_modified = 2021-09-16
        Source: 5833.1.00007f70d4017000.00007f70d4032000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Tsunami_8a11f9be reference_sample = 1f773d0e00d40eecde9e3ab80438698923a2620036c2fc33315ef95229e98571, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Tsunami, fingerprint = 91e2572a3bb8583e20042578e95e1746501c6a71ef7635af2c982a05b18d7c6d, id = 8a11f9be-dc85-4695-9f38-80ca0304780e, last_modified = 2021-09-16
        Source: 5841.1.00007f70d4017000.00007f70d4032000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Tsunami_8a11f9be reference_sample = 1f773d0e00d40eecde9e3ab80438698923a2620036c2fc33315ef95229e98571, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Tsunami, fingerprint = 91e2572a3bb8583e20042578e95e1746501c6a71ef7635af2c982a05b18d7c6d, id = 8a11f9be-dc85-4695-9f38-80ca0304780e, last_modified = 2021-09-16
        Source: Process Memory Space: yakuza.arm5.elf PID: 5833, type: MEMORYSTRMatched rule: Linux_Trojan_Tsunami_8a11f9be reference_sample = 1f773d0e00d40eecde9e3ab80438698923a2620036c2fc33315ef95229e98571, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Tsunami, fingerprint = 91e2572a3bb8583e20042578e95e1746501c6a71ef7635af2c982a05b18d7c6d, id = 8a11f9be-dc85-4695-9f38-80ca0304780e, last_modified = 2021-09-16
        Source: Process Memory Space: yakuza.arm5.elf PID: 5841, type: MEMORYSTRMatched rule: Linux_Trojan_Tsunami_8a11f9be reference_sample = 1f773d0e00d40eecde9e3ab80438698923a2620036c2fc33315ef95229e98571, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Tsunami, fingerprint = 91e2572a3bb8583e20042578e95e1746501c6a71ef7635af2c982a05b18d7c6d, id = 8a11f9be-dc85-4695-9f38-80ca0304780e, last_modified = 2021-09-16
        Source: classification engineClassification label: mal72.troj.linELF@0/0@2/0
        Source: yakuza.arm5.elfELF static info symbol of initial sample: /home/firmware/build/temp-armv5l/gcc-core/gcc/config/arm/lib1funcs.asm
        Source: yakuza.arm5.elfELF static info symbol of initial sample: /home/firmware/build/temp-armv5l/gcc-core/gcc/config/arm/lib1funcs.asm
        Source: yakuza.arm5.elfELF static info symbol of initial sample: /home/firmware/build/temp-armv5l/gcc-core/gcc/config/arm/lib1funcs.asm
        Source: yakuza.arm5.elfELF static info symbol of initial sample: /home/firmware/build/temp-armv5l/gcc-core/gcc/config/arm/lib1funcs.asm
        Source: yakuza.arm5.elfELF static info symbol of initial sample: /home/firmware/build/temp-armv5l/gcc-core/gcc/config/arm/lib1funcs.asm
        Source: /usr/bin/pkill (PID: 6076)File opened: /proc/110/status
        Source: /usr/bin/pkill (PID: 6076)File opened: /proc/110/cmdline
        Source: /usr/bin/pkill (PID: 6076)File opened: /proc/231/status
        Source: /usr/bin/pkill (PID: 6076)File opened: /proc/231/cmdline
        Source: /usr/bin/pkill (PID: 6076)File opened: /proc/5816/status
        Source: /usr/bin/pkill (PID: 6076)File opened: /proc/5816/cmdline
        Source: /usr/bin/pkill (PID: 6076)File opened: /proc/111/status
        Source: /usr/bin/pkill (PID: 6076)File opened: /proc/111/cmdline
        Source: /usr/bin/pkill (PID: 6076)File opened: /proc/5817/status
        Source: /usr/bin/pkill (PID: 6076)File opened: /proc/5817/cmdline
        Source: /usr/bin/pkill (PID: 6076)File opened: /proc/112/status
        Source: /usr/bin/pkill (PID: 6076)File opened: /proc/112/cmdline
        Source: /usr/bin/pkill (PID: 6076)File opened: /proc/233/status
        Source: /usr/bin/pkill (PID: 6076)File opened: /proc/233/cmdline
        Source: /usr/bin/pkill (PID: 6076)File opened: /proc/113/status
        Source: /usr/bin/pkill (PID: 6076)File opened: /proc/113/cmdline
        Source: /usr/bin/pkill (PID: 6076)File opened: /proc/114/status
        Source: /usr/bin/pkill (PID: 6076)File opened: /proc/114/cmdline
        Source: /usr/bin/pkill (PID: 6076)File opened: /proc/235/status
        Source: /usr/bin/pkill (PID: 6076)File opened: /proc/235/cmdline
        Source: /usr/bin/pkill (PID: 6076)File opened: /proc/115/status
        Source: /usr/bin/pkill (PID: 6076)File opened: /proc/115/cmdline
        Source: /usr/bin/pkill (PID: 6076)File opened: /proc/1333/status
        Source: /usr/bin/pkill (PID: 6076)File opened: /proc/1333/cmdline
        Source: /usr/bin/pkill (PID: 6076)File opened: /proc/116/status
        Source: /usr/bin/pkill (PID: 6076)File opened: /proc/116/cmdline
        Source: /usr/bin/pkill (PID: 6076)File opened: /proc/1695/status
        Source: /usr/bin/pkill (PID: 6076)File opened: /proc/1695/cmdline
        Source: /usr/bin/pkill (PID: 6076)File opened: /proc/117/status
        Source: /usr/bin/pkill (PID: 6076)File opened: /proc/117/cmdline
        Source: /usr/bin/pkill (PID: 6076)File opened: /proc/118/status
        Source: /usr/bin/pkill (PID: 6076)File opened: /proc/118/cmdline
        Source: /usr/bin/pkill (PID: 6076)File opened: /proc/119/status
        Source: /usr/bin/pkill (PID: 6076)File opened: /proc/119/cmdline
        Source: /usr/bin/pkill (PID: 6076)File opened: /proc/911/status
        Source: /usr/bin/pkill (PID: 6076)File opened: /proc/911/cmdline
        Source: /usr/bin/pkill (PID: 6076)File opened: /proc/914/status
        Source: /usr/bin/pkill (PID: 6076)File opened: /proc/914/cmdline
        Source: /usr/bin/pkill (PID: 6076)File opened: /proc/10/status
        Source: /usr/bin/pkill (PID: 6076)File opened: /proc/10/cmdline
        Source: /usr/bin/pkill (PID: 6076)File opened: /proc/917/status
        Source: /usr/bin/pkill (PID: 6076)File opened: /proc/917/cmdline
        Source: /usr/bin/pkill (PID: 6076)File opened: /proc/11/status
        Source: /usr/bin/pkill (PID: 6076)File opened: /proc/11/cmdline
        Source: /usr/bin/pkill (PID: 6076)File opened: /proc/12/status
        Source: /usr/bin/pkill (PID: 6076)File opened: /proc/12/cmdline
        Source: /usr/bin/pkill (PID: 6076)File opened: /proc/13/status
        Source: /usr/bin/pkill (PID: 6076)File opened: /proc/13/cmdline
        Source: /usr/bin/pkill (PID: 6076)File opened: /proc/14/status
        Source: /usr/bin/pkill (PID: 6076)File opened: /proc/14/cmdline
        Source: /usr/bin/pkill (PID: 6076)File opened: /proc/15/status
        Source: /usr/bin/pkill (PID: 6076)File opened: /proc/15/cmdline
        Source: /usr/bin/pkill (PID: 6076)File opened: /proc/16/status
        Source: /usr/bin/pkill (PID: 6076)File opened: /proc/16/cmdline
        Source: /usr/bin/pkill (PID: 6076)File opened: /proc/17/status
        Source: /usr/bin/pkill (PID: 6076)File opened: /proc/17/cmdline
        Source: /usr/bin/pkill (PID: 6076)File opened: /proc/18/status
        Source: /usr/bin/pkill (PID: 6076)File opened: /proc/18/cmdline
        Source: /usr/bin/pkill (PID: 6076)File opened: /proc/19/status
        Source: /usr/bin/pkill (PID: 6076)File opened: /proc/19/cmdline
        Source: /usr/bin/pkill (PID: 6076)File opened: /proc/1591/status
        Source: /usr/bin/pkill (PID: 6076)File opened: /proc/1591/cmdline
        Source: /usr/bin/pkill (PID: 6076)File opened: /proc/120/status
        Source: /usr/bin/pkill (PID: 6076)File opened: /proc/120/cmdline
        Source: /usr/bin/pkill (PID: 6076)File opened: /proc/121/status
        Source: /usr/bin/pkill (PID: 6076)File opened: /proc/121/cmdline
        Source: /usr/bin/pkill (PID: 6076)File opened: /proc/1/status
        Source: /usr/bin/pkill (PID: 6076)File opened: /proc/1/cmdline
        Source: /usr/bin/pkill (PID: 6076)File opened: /proc/122/status
        Source: /usr/bin/pkill (PID: 6076)File opened: /proc/122/cmdline
        Source: /usr/bin/pkill (PID: 6076)File opened: /proc/243/status
        Source: /usr/bin/pkill (PID: 6076)File opened: /proc/243/cmdline
        Source: /usr/bin/pkill (PID: 6076)File opened: /proc/2/status
        Source: /usr/bin/pkill (PID: 6076)File opened: /proc/2/cmdline
        Source: /usr/bin/pkill (PID: 6076)File opened: /proc/123/status
        Source: /usr/bin/pkill (PID: 6076)File opened: /proc/123/cmdline
        Source: /usr/bin/pkill (PID: 6076)File opened: /proc/3/status
        Source: /usr/bin/pkill (PID: 6076)File opened: /proc/3/cmdline
        Source: /usr/bin/pkill (PID: 6076)File opened: /proc/124/status
        Source: /usr/bin/pkill (PID: 6076)File opened: /proc/124/cmdline
        Source: /usr/bin/pkill (PID: 6076)File opened: /proc/1588/status
        Source: /usr/bin/pkill (PID: 6076)File opened: /proc/1588/cmdline
        Source: /usr/bin/pkill (PID: 6076)File opened: /proc/125/status
        Source: /usr/bin/pkill (PID: 6076)File opened: /proc/125/cmdline
        Source: /usr/bin/pkill (PID: 6076)File opened: /proc/4/status
        Source: /usr/bin/pkill (PID: 6076)File opened: /proc/4/cmdline
        Source: /usr/bin/pkill (PID: 6076)File opened: /proc/246/status
        Source: /usr/bin/pkill (PID: 6076)File opened: /proc/246/cmdline
        Source: /usr/bin/pkill (PID: 6076)File opened: /proc/126/status
        Source: /usr/bin/pkill (PID: 6076)File opened: /proc/126/cmdline
        Source: /usr/bin/pkill (PID: 6076)File opened: /proc/5/status
        Source: /usr/bin/pkill (PID: 6076)File opened: /proc/5/cmdline
        Source: /usr/bin/pkill (PID: 6076)File opened: /proc/127/status
        Source: /usr/bin/pkill (PID: 6076)File opened: /proc/127/cmdline
        Source: /usr/bin/pkill (PID: 6076)File opened: /proc/6/status
        Source: /usr/bin/pkill (PID: 6076)File opened: /proc/6/cmdline
        Source: /usr/bin/pkill (PID: 6076)File opened: /proc/1585/status
        Source: /usr/bin/pkill (PID: 6076)File opened: /proc/1585/cmdline
        Source: /usr/bin/pkill (PID: 6076)File opened: /proc/128/status
        Source: /usr/bin/pkill (PID: 6076)File opened: /proc/128/cmdline
        Source: /usr/bin/pkill (PID: 6076)File opened: /proc/7/status
        Source: /usr/bin/pkill (PID: 6076)File opened: /proc/7/cmdline
        Source: /usr/bin/pkill (PID: 6076)File opened: /proc/129/status
        Source: /usr/bin/pkill (PID: 6076)File opened: /proc/129/cmdline
        Source: /usr/bin/pkill (PID: 6076)File opened: /proc/8/status
        Source: /usr/bin/pkill (PID: 6076)File opened: /proc/8/cmdline
        Source: /tmp/yakuza.arm5.elf (PID: 5845)Shell command executed: sh -c "pkill -9 902i13 || busybox pkill -9 902i13"Jump to behavior
        Source: /tmp/yakuza.arm5.elf (PID: 5877)Shell command executed: sh -c "pkill -9 BzSxLxBxeY || busybox pkill -9 BzSxLxBxeY"Jump to behavior
        Source: /tmp/yakuza.arm5.elf (PID: 5884)Shell command executed: sh -c "pkill -9 HOHO-LUGO7 || busybox pkill -9 HOHO-LUGO7"Jump to behavior
        Source: /tmp/yakuza.arm5.elf (PID: 5890)Shell command executed: sh -c "pkill -9 HOHO-U79OL || busybox pkill -9 HOHO-U79OL"Jump to behavior
        Source: /tmp/yakuza.arm5.elf (PID: 5894)Shell command executed: sh -c "pkill -9 JuYfouyf87 || busybox pkill -9 JuYfouyf87"Jump to behavior
        Source: /tmp/yakuza.arm5.elf (PID: 5904)Shell command executed: sh -c "pkill -9 NiGGeR69xd || busybox pkill -9 NiGGeR69xd"Jump to behavior
        Source: /tmp/yakuza.arm5.elf (PID: 5911)Shell command executed: sh -c "pkill -9 SO190Ij1X || busybox pkill -9 SO190Ij1X"Jump to behavior
        Source: /tmp/yakuza.arm5.elf (PID: 5918)Shell command executed: sh -c "pkill -9 LOLKIKEEEDDE || busybox pkill -9 LOLKIKEEEDDE"Jump to behavior
        Source: /tmp/yakuza.arm5.elf (PID: 5927)Shell command executed: sh -c "pkill -9 ekjheory98e || busybox pkill -9 ekjheory98e"Jump to behavior
        Source: /tmp/yakuza.arm5.elf (PID: 5952)Shell command executed: sh -c "pkill -9 scansh4 || busybox pkill -9 scansh4"Jump to behavior
        Source: /tmp/yakuza.arm5.elf (PID: 5958)Shell command executed: sh -c "pkill -9 MDMA || busybox pkill -9 MDMA"Jump to behavior
        Source: /tmp/yakuza.arm5.elf (PID: 5965)Shell command executed: sh -c "pkill -9 fdevalvex || busybox pkill -9 fdevalvex"Jump to behavior
        Source: /tmp/yakuza.arm5.elf (PID: 5976)Shell command executed: sh -c "pkill -9 scanspc || busybox pkill -9 scanspc"Jump to behavior
        Source: /tmp/yakuza.arm5.elf (PID: 5983)Shell command executed: sh -c "pkill -9 MELTEDNINJAREALZ || busybox pkill -9 MELTEDNINJAREALZ"Jump to behavior
        Source: /tmp/yakuza.arm5.elf (PID: 5990)Shell command executed: sh -c "pkill -9 flexsonskids || busybox pkill -9 flexsonskids"Jump to behavior
        Source: /tmp/yakuza.arm5.elf (PID: 5999)Shell command executed: sh -c "pkill -9 scanx86 || busybox pkill -9 scanx86"
        Source: /tmp/yakuza.arm5.elf (PID: 6006)Shell command executed: sh -c "pkill -9 MISAKI-U79OL || busybox pkill -9 MISAKI-U79OL"
        Source: /tmp/yakuza.arm5.elf (PID: 6015)Shell command executed: sh -c "pkill -9 foAxi102kxe || busybox pkill -9 foAxi102kxe"
        Source: /tmp/yakuza.arm5.elf (PID: 6022)Shell command executed: sh -c "pkill -9 swodjwodjwoj || busybox pkill -9 swodjwodjwoj"
        Source: /tmp/yakuza.arm5.elf (PID: 6028)Shell command executed: sh -c "pkill -9 MmKiy7f87l || busybox pkill -9 MmKiy7f87l"
        Source: /tmp/yakuza.arm5.elf (PID: 6036)Shell command executed: sh -c "pkill -9 freecookiex86 || busybox pkill -9 freecookiex86"
        Source: /tmp/yakuza.arm5.elf (PID: 6045)Shell command executed: sh -c "pkill -9 sysgpu || busybox pkill -9 sysgpu"
        Source: /tmp/yakuza.arm5.elf (PID: 6052)Shell command executed: sh -c "pkill -9 NiGGeR69xd || busybox pkill -9 NiGGeR69xd"
        Source: /tmp/yakuza.arm5.elf (PID: 6061)Shell command executed: sh -c "pkill -9 frgege || busybox pkill -9 frgege"
        Source: /tmp/yakuza.arm5.elf (PID: 6067)Shell command executed: sh -c "pkill -9 sysupdater || busybox pkill -9 sysupdater"
        Source: /tmp/yakuza.arm5.elf (PID: 6074)Shell command executed: sh -c "pkill -9 0DnAzepd || busybox pkill -9 0DnAzepd"
        Source: /tmp/yakuza.arm5.elf (PID: 6081)Shell command executed: sh -c "pkill -9 NiGGeRD0nks69 || busybox pkill -9 NiGGeRD0nks69"
        Source: /tmp/yakuza.arm5.elf (PID: 6085)Shell command executed: sh -c "pkill -9 frgreu || busybox pkill -9 frgreu"
        Source: /tmp/yakuza.arm5.elf (PID: 6093)Shell command executed: sh -c "pkill -9 telnetd || busybox pkill -9 telnetd"
        Source: /tmp/yakuza.arm5.elf (PID: 6102)Shell command executed: sh -c "pkill -9 0x766f6964 || busybox pkill -9 0x766f6964"
        Source: /tmp/yakuza.arm5.elf (PID: 6109)Shell command executed: sh -c "pkill -9 NiGGeRd0nks1337 || busybox pkill -9 NiGGeRd0nks1337"
        Source: /tmp/yakuza.arm5.elf (PID: 6116)Shell command executed: sh -c "pkill -9 gaft || busybox pkill -9 gaft"
        Source: /tmp/yakuza.arm5.elf (PID: 6125)Shell command executed: sh -c "pkill -9 urasgbsigboa || busybox pkill -9 urasgbsigboa"
        Source: /tmp/yakuza.arm5.elf (PID: 6132)Shell command executed: sh -c "pkill -9 120i3UI49 || busybox pkill -9 120i3UI49"
        Source: /tmp/yakuza.arm5.elf (PID: 6142)Shell command executed: sh -c "pkill -9 OaF3 || busybox pkill -9 OaF3"
        Source: /tmp/yakuza.arm5.elf (PID: 6149)Shell command executed: sh -c "pkill -9 geae || busybox pkill -9 geae"
        Source: /tmp/yakuza.arm5.elf (PID: 6155)Shell command executed: sh -c "pkill -9 vaiolmao || busybox pkill -9 vaiolmao"
        Source: /tmp/yakuza.arm5.elf (PID: 6159)Shell command executed: sh -c "pkill -9 123123a || busybox pkill -9 123123a"
        Source: /tmp/yakuza.arm5.elf (PID: 6163)Shell command executed: sh -c "pkill -9 Ofurain0n4H34D || busybox pkill -9 Ofurain0n4H34D"
        Source: /tmp/yakuza.arm5.elf (PID: 6169)Shell command executed: sh -c "pkill -9 ggTrex || busybox pkill -9 ggTrex"
        Source: /tmp/yakuza.arm5.elf (PID: 6173)Shell command executed: sh -c "pkill -9 wasads || busybox pkill -9 wasads"
        Source: /tmp/yakuza.arm5.elf (PID: 6180)Shell command executed: sh -c "pkill -9 1293194hjXD || busybox pkill -9 1293194hjXD"
        Source: /tmp/yakuza.arm5.elf (PID: 6188)Shell command executed: sh -c "pkill -9 OthLaLosn || busybox pkill -9 OthLaLosn"
        Source: /tmp/yakuza.arm5.elf (PID: 6197)Shell command executed: sh -c "pkill -9 ggt || busybox pkill -9 ggt"
        Source: /tmp/yakuza.arm5.elf (PID: 6204)Shell command executed: sh -c "pkill -9 wget-log || busybox pkill -9 wget-log"
        Source: /tmp/yakuza.arm5.elf (PID: 6211)Shell command executed: sh -c "pkill -9 1337SoraLOADER || busybox pkill -9 1337SoraLOADER"
        Source: /tmp/yakuza.arm5.elf (PID: 6220)Shell command executed: sh -c "pkill -9 SAIAKINA || busybox pkill -9 SAIAKINA"
        Source: /tmp/yakuza.arm5.elf (PID: 6224)Shell command executed: sh -c "pkill -9 ggtq || busybox pkill -9 ggtq"
        Source: /tmp/yakuza.arm5.elf (PID: 6234)Shell command executed: sh -c "pkill -9 1378bfp919GRB1Q2 || busybox pkill -9 1378bfp919GRB1Q2"
        Source: /tmp/yakuza.arm5.elf (PID: 6241)Shell command executed: sh -c "pkill -9 SAIAKUSO || busybox pkill -9 SAIAKUSO"
        Source: /tmp/yakuza.arm5.elf (PID: 6250)Shell command executed: sh -c "pkill -9 ggtr || busybox pkill -9 ggtr"
        Source: /tmp/yakuza.arm5.elf (PID: 6257)Shell command executed: sh -c "pkill -9 14Fa || busybox pkill -9 14Fa"
        Source: /tmp/yakuza.arm5.elf (PID: 6266)Shell command executed: sh -c "pkill -9 SEXSLAVE1337 || busybox pkill -9 SEXSLAVE1337"
        Source: /tmp/yakuza.arm5.elf (PID: 6275)Shell command executed: sh -c "pkill -9 ggtt || busybox pkill -9 ggtt"
        Source: /tmp/yakuza.arm5.elf (PID: 6282)Shell command executed: sh -c "pkill -9 1902a3u912u3u4 || busybox pkill -9 1902a3u912u3u4"
        Source: /tmp/yakuza.arm5.elf (PID: 6291)Shell command executed: sh -c "pkill -9 SO190Ij1X || busybox pkill -9 SO190Ij1X"
        Source: /tmp/yakuza.arm5.elf (PID: 6300)Shell command executed: sh -c "pkill -9 haetrghbr || busybox pkill -9 haetrghbr"
        Source: /tmp/yakuza.arm5.elf (PID: 6307)Shell command executed: sh -c "pkill -9 19ju3d || busybox pkill -9 19ju3d"
        Source: /tmp/yakuza.arm5.elf (PID: 6316)Shell command executed: sh -c "pkill -9 SORAojkf120 || busybox pkill -9 SORAojkf120"
        Source: /bin/sh (PID: 5847)Pkill executable: /usr/bin/pkill -> pkill -9 902i13Jump to behavior
        Source: /bin/sh (PID: 5882)Pkill executable: /usr/bin/pkill -> pkill -9 BzSxLxBxeYJump to behavior
        Source: /bin/sh (PID: 5886)Pkill executable: /usr/bin/pkill -> pkill -9 HOHO-LUGO7Jump to behavior
        Source: /bin/sh (PID: 5892)Pkill executable: /usr/bin/pkill -> pkill -9 HOHO-U79OLJump to behavior
        Source: /bin/sh (PID: 5900)Pkill executable: /usr/bin/pkill -> pkill -9 JuYfouyf87Jump to behavior
        Source: /bin/sh (PID: 5909)Pkill executable: /usr/bin/pkill -> pkill -9 NiGGeR69xdJump to behavior
        Source: /bin/sh (PID: 5916)Pkill executable: /usr/bin/pkill -> pkill -9 SO190Ij1XJump to behavior
        Source: /bin/sh (PID: 5925)Pkill executable: /usr/bin/pkill -> pkill -9 LOLKIKEEEDDEJump to behavior
        Source: /bin/sh (PID: 5929)Pkill executable: /usr/bin/pkill -> pkill -9 ekjheory98eJump to behavior
        Source: /bin/sh (PID: 5954)Pkill executable: /usr/bin/pkill -> pkill -9 scansh4Jump to behavior
        Source: /bin/sh (PID: 5963)Pkill executable: /usr/bin/pkill -> pkill -9 MDMAJump to behavior
        Source: /bin/sh (PID: 5971)Pkill executable: /usr/bin/pkill -> pkill -9 fdevalvexJump to behavior
        Source: /bin/sh (PID: 5980)Pkill executable: /usr/bin/pkill -> pkill -9 scanspcJump to behavior
        Source: /bin/sh (PID: 5988)Pkill executable: /usr/bin/pkill -> pkill -9 MELTEDNINJAREALZJump to behavior
        Source: /bin/sh (PID: 5995)Pkill executable: /usr/bin/pkill -> pkill -9 flexsonskidsJump to behavior
        Source: /bin/sh (PID: 6004)Pkill executable: /usr/bin/pkill -> pkill -9 scanx86
        Source: /bin/sh (PID: 6011)Pkill executable: /usr/bin/pkill -> pkill -9 MISAKI-U79OL
        Source: /bin/sh (PID: 6020)Pkill executable: /usr/bin/pkill -> pkill -9 foAxi102kxe
        Source: /bin/sh (PID: 6024)Pkill executable: /usr/bin/pkill -> pkill -9 swodjwodjwoj
        Source: /bin/sh (PID: 6034)Pkill executable: /usr/bin/pkill -> pkill -9 MmKiy7f87l
        Source: /bin/sh (PID: 6041)Pkill executable: /usr/bin/pkill -> pkill -9 freecookiex86
        Source: /bin/sh (PID: 6050)Pkill executable: /usr/bin/pkill -> pkill -9 sysgpu
        Source: /bin/sh (PID: 6057)Pkill executable: /usr/bin/pkill -> pkill -9 NiGGeR69xd
        Source: /bin/sh (PID: 6063)Pkill executable: /usr/bin/pkill -> pkill -9 frgege
        Source: /bin/sh (PID: 6072)Pkill executable: /usr/bin/pkill -> pkill -9 sysupdater
        Source: /bin/sh (PID: 6076)Pkill executable: /usr/bin/pkill -> pkill -9 0DnAzepd
        Source: /bin/sh (PID: 6083)Pkill executable: /usr/bin/pkill -> pkill -9 NiGGeRD0nks69
        Source: /bin/sh (PID: 6091)Pkill executable: /usr/bin/pkill -> pkill -9 frgreu
        Source: /bin/sh (PID: 6098)Pkill executable: /usr/bin/pkill -> pkill -9 telnetd
        Source: /bin/sh (PID: 6106)Pkill executable: /usr/bin/pkill -> pkill -9 0x766f6964
        Source: /bin/sh (PID: 6113)Pkill executable: /usr/bin/pkill -> pkill -9 NiGGeRd0nks1337
        Source: /bin/sh (PID: 6121)Pkill executable: /usr/bin/pkill -> pkill -9 gaft
        Source: /bin/sh (PID: 6130)Pkill executable: /usr/bin/pkill -> pkill -9 urasgbsigboa
        Source: /bin/sh (PID: 6138)Pkill executable: /usr/bin/pkill -> pkill -9 120i3UI49
        Source: /bin/sh (PID: 6147)Pkill executable: /usr/bin/pkill -> pkill -9 OaF3
        Source: /bin/sh (PID: 6151)Pkill executable: /usr/bin/pkill -> pkill -9 geae
        Source: /bin/sh (PID: 6157)Pkill executable: /usr/bin/pkill -> pkill -9 vaiolmao
        Source: /bin/sh (PID: 6161)Pkill executable: /usr/bin/pkill -> pkill -9 123123a
        Source: /bin/sh (PID: 6165)Pkill executable: /usr/bin/pkill -> pkill -9 Ofurain0n4H34D
        Source: /bin/sh (PID: 6171)Pkill executable: /usr/bin/pkill -> pkill -9 ggTrex
        Source: /bin/sh (PID: 6175)Pkill executable: /usr/bin/pkill -> pkill -9 wasads
        Source: /bin/sh (PID: 6186)Pkill executable: /usr/bin/pkill -> pkill -9 1293194hjXD
        Source: /bin/sh (PID: 6193)Pkill executable: /usr/bin/pkill -> pkill -9 OthLaLosn
        Source: /bin/sh (PID: 6202)Pkill executable: /usr/bin/pkill -> pkill -9 ggt
        Source: /bin/sh (PID: 6209)Pkill executable: /usr/bin/pkill -> pkill -9 wget-log
        Source: /bin/sh (PID: 6216)Pkill executable: /usr/bin/pkill -> pkill -9 1337SoraLOADER
        Source: /bin/sh (PID: 6222)Pkill executable: /usr/bin/pkill -> pkill -9 SAIAKINA
        Source: /bin/sh (PID: 6228)Pkill executable: /usr/bin/pkill -> pkill -9 ggtq
        Source: /bin/sh (PID: 6238)Pkill executable: /usr/bin/pkill -> pkill -9 1378bfp919GRB1Q2
        Source: /bin/sh (PID: 6246)Pkill executable: /usr/bin/pkill -> pkill -9 SAIAKUSO
        Source: /bin/sh (PID: 6255)Pkill executable: /usr/bin/pkill -> pkill -9 ggtr
        Source: /bin/sh (PID: 6262)Pkill executable: /usr/bin/pkill -> pkill -9 14Fa
        Source: /bin/sh (PID: 6271)Pkill executable: /usr/bin/pkill -> pkill -9 SEXSLAVE1337
        Source: /bin/sh (PID: 6280)Pkill executable: /usr/bin/pkill -> pkill -9 ggtt
        Source: /bin/sh (PID: 6288)Pkill executable: /usr/bin/pkill -> pkill -9 1902a3u912u3u4
        Source: /bin/sh (PID: 6298)Pkill executable: /usr/bin/pkill -> pkill -9 SO190Ij1X
        Source: /bin/sh (PID: 6305)Pkill executable: /usr/bin/pkill -> pkill -9 haetrghbr
        Source: /bin/sh (PID: 6312)Pkill executable: /usr/bin/pkill -> pkill -9 19ju3d
        Source: /bin/sh (PID: 6321)Pkill executable: /usr/bin/pkill -> pkill -9 SORAojkf120

        Hooking and other Techniques for Hiding and Protection

        barindex
        Uses known network protocols on non-standard ports
        Source: unknownNetwork traffic detected: IRC traffic on port 50314 -> 6780
        Source: unknownNetwork traffic detected: IRC traffic on port 50318 -> 6780
        Source: unknownNetwork traffic detected: IRC traffic on port 50320 -> 6780
        Source: unknownNetwork traffic detected: IRC traffic on port 50322 -> 6780
        Source: unknownNetwork traffic detected: IRC traffic on port 50324 -> 6780
        Source: unknownNetwork traffic detected: IRC traffic on port 50326 -> 6780
        Source: unknownNetwork traffic detected: IRC traffic on port 50328 -> 6780
        Source: unknownNetwork traffic detected: IRC traffic on port 50330 -> 6780
        Source: unknownNetwork traffic detected: IRC traffic on port 50332 -> 6780
        Source: unknownNetwork traffic detected: IRC traffic on port 50334 -> 6780
        Source: unknownNetwork traffic detected: IRC traffic on port 50336 -> 6780
        Source: unknownNetwork traffic detected: IRC traffic on port 50338 -> 6780
        Source: unknownNetwork traffic detected: IRC traffic on port 50340 -> 6780
        Source: unknownNetwork traffic detected: IRC traffic on port 50342 -> 6780
        Source: unknownNetwork traffic detected: IRC traffic on port 50344 -> 6780
        Source: unknownNetwork traffic detected: IRC traffic on port 50346 -> 6780
        Source: unknownNetwork traffic detected: IRC traffic on port 50348 -> 6780
        Source: unknownNetwork traffic detected: IRC traffic on port 50350 -> 6780
        Source: unknownNetwork traffic detected: IRC traffic on port 50352 -> 6780
        Source: unknownNetwork traffic detected: IRC traffic on port 50354 -> 6780
        Source: /usr/bin/pkill (PID: 5847)Reads CPU info from /sys: /sys/devices/system/cpu/onlineJump to behavior
        Source: /usr/bin/pkill (PID: 5882)Reads CPU info from /sys: /sys/devices/system/cpu/onlineJump to behavior
        Source: /usr/bin/pkill (PID: 5886)Reads CPU info from /sys: /sys/devices/system/cpu/onlineJump to behavior
        Source: /usr/bin/pkill (PID: 5892)Reads CPU info from /sys: /sys/devices/system/cpu/onlineJump to behavior
        Source: /usr/bin/pkill (PID: 5900)Reads CPU info from /sys: /sys/devices/system/cpu/onlineJump to behavior
        Source: /usr/bin/pkill (PID: 5909)Reads CPU info from /sys: /sys/devices/system/cpu/onlineJump to behavior
        Source: /usr/bin/pkill (PID: 5916)Reads CPU info from /sys: /sys/devices/system/cpu/onlineJump to behavior
        Source: /usr/bin/pkill (PID: 5925)Reads CPU info from /sys: /sys/devices/system/cpu/onlineJump to behavior
        Source: /usr/bin/pkill (PID: 5929)Reads CPU info from /sys: /sys/devices/system/cpu/onlineJump to behavior
        Source: /usr/bin/pkill (PID: 5954)Reads CPU info from /sys: /sys/devices/system/cpu/onlineJump to behavior
        Source: /usr/bin/pkill (PID: 5963)Reads CPU info from /sys: /sys/devices/system/cpu/onlineJump to behavior
        Source: /usr/bin/pkill (PID: 5971)Reads CPU info from /sys: /sys/devices/system/cpu/onlineJump to behavior
        Source: /usr/bin/pkill (PID: 5980)Reads CPU info from /sys: /sys/devices/system/cpu/onlineJump to behavior
        Source: /usr/bin/pkill (PID: 5988)Reads CPU info from /sys: /sys/devices/system/cpu/onlineJump to behavior
        Source: /usr/bin/pkill (PID: 5995)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 6004)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 6011)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 6020)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 6024)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 6034)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 6041)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 6050)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 6057)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 6063)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 6072)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 6076)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 6083)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 6091)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 6098)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 6106)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 6113)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 6121)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 6130)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 6138)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 6147)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 6151)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 6157)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 6161)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 6165)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 6171)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 6175)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 6186)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 6193)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 6202)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 6209)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 6216)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 6222)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 6228)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 6238)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 6246)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 6255)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 6262)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 6271)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 6280)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 6288)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 6298)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 6305)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 6312)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /usr/bin/pkill (PID: 6321)Reads CPU info from /sys: /sys/devices/system/cpu/online
        Source: /tmp/yakuza.arm5.elf (PID: 5833)Queries kernel information via 'uname': Jump to behavior
        Source: /usr/bin/busybox (PID: 5876)Queries kernel information via 'uname': Jump to behavior
        Source: /usr/bin/busybox (PID: 5883)Queries kernel information via 'uname': Jump to behavior
        Source: /usr/bin/busybox (PID: 5889)Queries kernel information via 'uname': Jump to behavior
        Source: /usr/bin/busybox (PID: 5893)Queries kernel information via 'uname': Jump to behavior
        Source: /usr/bin/busybox (PID: 5901)Queries kernel information via 'uname': Jump to behavior
        Source: /usr/bin/busybox (PID: 5910)Queries kernel information via 'uname': Jump to behavior
        Source: /usr/bin/busybox (PID: 5917)Queries kernel information via 'uname': Jump to behavior
        Source: /usr/bin/busybox (PID: 5926)Queries kernel information via 'uname': Jump to behavior
        Source: /usr/bin/busybox (PID: 5951)Queries kernel information via 'uname': Jump to behavior
        Source: /usr/bin/busybox (PID: 5957)Queries kernel information via 'uname': Jump to behavior
        Source: /usr/bin/busybox (PID: 5964)Queries kernel information via 'uname': Jump to behavior
        Source: /usr/bin/busybox (PID: 5973)Queries kernel information via 'uname': Jump to behavior
        Source: /usr/bin/busybox (PID: 5982)Queries kernel information via 'uname': Jump to behavior
        Source: /usr/bin/busybox (PID: 5989)Queries kernel information via 'uname': Jump to behavior
        Source: /usr/bin/busybox (PID: 5998)Queries kernel information via 'uname':
        Source: /usr/bin/busybox (PID: 6005)Queries kernel information via 'uname':
        Source: /usr/bin/busybox (PID: 6014)Queries kernel information via 'uname':
        Source: /usr/bin/busybox (PID: 6021)Queries kernel information via 'uname':
        Source: /usr/bin/busybox (PID: 6025)Queries kernel information via 'uname':
        Source: /usr/bin/busybox (PID: 6035)Queries kernel information via 'uname':
        Source: /usr/bin/busybox (PID: 6042)Queries kernel information via 'uname':
        Source: /usr/bin/busybox (PID: 6051)Queries kernel information via 'uname':
        Source: /usr/bin/busybox (PID: 6060)Queries kernel information via 'uname':
        Source: /usr/bin/busybox (PID: 6066)Queries kernel information via 'uname':
        Source: /usr/bin/busybox (PID: 6073)Queries kernel information via 'uname':
        Source: /usr/bin/busybox (PID: 6077)Queries kernel information via 'uname':
        Source: /usr/bin/busybox (PID: 6084)Queries kernel information via 'uname':
        Source: /usr/bin/busybox (PID: 6092)Queries kernel information via 'uname':
        Source: /usr/bin/busybox (PID: 6099)Queries kernel information via 'uname':
        Source: /usr/bin/busybox (PID: 6108)Queries kernel information via 'uname':
        Source: /usr/bin/busybox (PID: 6115)Queries kernel information via 'uname':
        Source: /usr/bin/busybox (PID: 6124)Queries kernel information via 'uname':
        Source: /usr/bin/busybox (PID: 6131)Queries kernel information via 'uname':
        Source: /usr/bin/busybox (PID: 6141)Queries kernel information via 'uname':
        Source: /usr/bin/busybox (PID: 6148)Queries kernel information via 'uname':
        Source: /usr/bin/busybox (PID: 6152)Queries kernel information via 'uname':
        Source: /usr/bin/busybox (PID: 6158)Queries kernel information via 'uname':
        Source: /usr/bin/busybox (PID: 6162)Queries kernel information via 'uname':
        Source: /usr/bin/busybox (PID: 6168)Queries kernel information via 'uname':
        Source: /usr/bin/busybox (PID: 6172)Queries kernel information via 'uname':
        Source: /usr/bin/busybox (PID: 6177)Queries kernel information via 'uname':
        Source: /usr/bin/busybox (PID: 6187)Queries kernel information via 'uname':
        Source: /usr/bin/busybox (PID: 6194)Queries kernel information via 'uname':
        Source: /usr/bin/busybox (PID: 6203)Queries kernel information via 'uname':
        Source: /usr/bin/busybox (PID: 6210)Queries kernel information via 'uname':
        Source: /usr/bin/busybox (PID: 6219)Queries kernel information via 'uname':
        Source: /usr/bin/busybox (PID: 6223)Queries kernel information via 'uname':
        Source: /usr/bin/busybox (PID: 6231)Queries kernel information via 'uname':
        Source: /usr/bin/busybox (PID: 6240)Queries kernel information via 'uname':
        Source: /usr/bin/busybox (PID: 6247)Queries kernel information via 'uname':
        Source: /usr/bin/busybox (PID: 6256)Queries kernel information via 'uname':
        Source: /usr/bin/busybox (PID: 6265)Queries kernel information via 'uname':
        Source: /usr/bin/busybox (PID: 6274)Queries kernel information via 'uname':
        Source: /usr/bin/busybox (PID: 6281)Queries kernel information via 'uname':
        Source: /usr/bin/busybox (PID: 6289)Queries kernel information via 'uname':
        Source: /usr/bin/busybox (PID: 6299)Queries kernel information via 'uname':
        Source: /usr/bin/busybox (PID: 6306)Queries kernel information via 'uname':
        Source: /usr/bin/busybox (PID: 6315)Queries kernel information via 'uname':
        Source: /usr/bin/busybox (PID: 6326)Queries kernel information via 'uname':
        Source: yakuza.arm5.elf, 5833.1.000055c0d68ec000.000055c0d6a1a000.rw-.sdmp, yakuza.arm5.elf, 5841.1.000055c0d68ec000.000055c0d6a1a000.rw-.sdmpBinary or memory string: U!/etc/qemu-binfmt/arm
        Source: yakuza.arm5.elf, 5833.1.00007ffd969bb000.00007ffd969dc000.rw-.sdmp, yakuza.arm5.elf, 5841.1.00007ffd969bb000.00007ffd969dc000.rw-.sdmpBinary or memory string: x86_64/usr/bin/qemu-arm/tmp/yakuza.arm5.elfSUDO_USER=saturninoPATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/binDISPLAY=:1.0XAUTHORITY=/run/user/1000/gdm/XauthoritySUDO_UID=1000TERM=xterm-256colorCOLORTERM=truecolorLOGNAME=rootUSER=rootLANG=en_US.UTF-8SUDO_COMMAND=/bin/bashHOME=/rootMAIL=/var/mail/rootSUDO_GID=1000SHELL=/bin/bash/tmp/yakuza.arm5.elf
        Source: yakuza.arm5.elf, 5833.1.000055c0d68ec000.000055c0d6a1a000.rw-.sdmp, yakuza.arm5.elf, 5841.1.000055c0d68ec000.000055c0d6a1a000.rw-.sdmpBinary or memory string: /etc/qemu-binfmt/arm
        Source: yakuza.arm5.elf, 5833.1.00007ffd969bb000.00007ffd969dc000.rw-.sdmp, yakuza.arm5.elf, 5841.1.00007ffd969bb000.00007ffd969dc000.rw-.sdmpBinary or memory string: /usr/bin/qemu-arm
        Source: yakuza.arm5.elf, 5841.1.00007ffd969bb000.00007ffd969dc000.rw-.sdmpBinary or memory string: qemu: uncaught target signal 11 (Segmentation fault) - core dumped

        Stealing of Sensitive Information

        barindex
        Yara detected Mirai
        Source: Yara matchFile source: yakuza.arm5.elf, type: SAMPLE
        Source: Yara matchFile source: 5833.1.00007f70d4017000.00007f70d4032000.r-x.sdmp, type: MEMORY
        Source: Yara matchFile source: 5841.1.00007f70d4017000.00007f70d4032000.r-x.sdmp, type: MEMORY
        Source: Initial sampleUser agent string found: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:48.0) Gecko/20100101 Firefox/48.0
        Source: Initial sampleUser agent string found: Mozilla/5.0 (Macintosh; U; Intel Mac OS X; en; rv:1.8.1.11) Gecko/20071128 Camino/1.5.4
        Source: Initial sampleUser agent string found: Mozilla/5.0 (Windows; U; Windows NT 6.1; rv:2.2) Gecko/20110201
        Source: Initial sampleUser agent string found: Mozilla/5.0 (Windows; U; Windows NT 6.1; cs; rv:1.9.2.6) Gecko/20100628 myibrow/4alpha2
        Source: Initial sampleUser agent string found: Mozilla/5.0 (Windows; U; Win 9x 4.90; SG; rv:1.9.2.4) Gecko/20101104 Netscape/9.1.0285
        Source: Initial sampleUser agent string found: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.2.0 Lightning/4.0.2
        Source: Initial sampleUser agent string found: Opera/9.80 (X11; Linux i686; Ubuntu/14.10) Presto/2.12.388 Version/12.16
        Source: Initial sampleUser agent string found: Opera/9.80 (Windows NT 5.1; U;) Presto/2.7.62 Version/11.01
        Source: Initial sampleUser agent string found: Mozilla/5.0 (X11; Linux x86_64; U; de; rv:1.9.1.6) Gecko/20091201 Firefox/3.5.6 Opera 10.62
        Source: Initial sampleUser agent string found: Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2228.0 Safari/537.36
        Source: Initial sampleUser agent string found: Mozilla/5.0 (Linux; Android 4.4.3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/50.0.2661.89 Mobile Safari/537.36
        Source: Initial sampleUser agent string found: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:5.0) Gecko/20110517 Firefox/5.0 Fennec/5.0
        Source: Initial sampleUser agent string found: Mozilla/5.0 (Android; Linux armv7l; rv:9.0) Gecko/20111216 Firefox/9.0 Fennec/9.0
        Source: Initial sampleUser agent string found: Mozilla/5.0 (compatible; Teleca Q7; Brew 3.1.5; U; en) 480X800 LGE VX11000

        Remote Access Functionality

        barindex
        Yara detected Mirai
        Source: Yara matchFile source: yakuza.arm5.elf, type: SAMPLE
        Source: Yara matchFile source: 5833.1.00007f70d4017000.00007f70d4032000.r-x.sdmp, type: MEMORY
        Source: Yara matchFile source: 5841.1.00007f70d4017000.00007f70d4032000.r-x.sdmp, type: MEMORY

        Mitre Att&ck Matrix

        ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
        Gather Victim Identity Information1
        Scripting        		Valid AccountsWindows Management Instrumentation1
        Scripting        		Path Interception1
        Disable or Modify Tools        		1
        OS Credential Dumping        		11
        Security Software Discovery        		Remote ServicesData from Local System1
        Data Obfuscation        		Exfiltration Over Other Network MediumAbuse Accessibility Features
        CredentialsDomainsDefault AccountsScheduled Task/JobBoot or Logon Initialization ScriptsBoot or Logon Initialization ScriptsRootkit1
        Brute Force        		1
        System Information Discovery        		Remote Desktop ProtocolData from Removable Media11
        Non-Standard Port        		Exfiltration Over BluetoothNetwork Denial of Service
        Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)Logon Script (Windows)Obfuscated Files or InformationSecurity Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared Drive1
        Non-Application Layer Protocol        		Automated ExfiltrationData Encrypted for Impact
        Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin HookBinary PaddingNTDSSystem Network Configuration DiscoveryDistributed Component Object ModelInput Capture11
        Application Layer Protocol        		Traffic DuplicationData Destruction

        Malware Configuration

        No configs have been found

        Behavior Graph

        Hide Legend

        Legend:

        • Process
        • Signature
        • Created File
        • DNS/IP Info
        • Is Dropped
        • Number of created Files
        • Is malicious
        • Internet
        behaviorgraph top1 dnsIp2 2 Behavior Graph ID: 1561406 Sample: yakuza.arm5.elf Startdate: 23/11/2024 Architecture: LINUX Score: 72 39 95.234.158.87, 50314, 50318, 50320 ASN-IBSNAZIT Italy 2->39 41 daisy.ubuntu.com 2->41 43 Malicious sample detected (through community Yara rule) 2->43 45 Multi AV Scanner detection for submitted file 2->45 47 Yara detected Mirai 2->47 49 2 other signatures 2->49 9 yakuza.arm5.elf 2->9         started        signatures3 process4 process5 11 yakuza.arm5.elf 9->11         started        process6 13 yakuza.arm5.elf sh 11->13         started        15 yakuza.arm5.elf sh 11->15         started        17 yakuza.arm5.elf sh 11->17         started        19 58 other processes 11->19 process7 21 sh pkill 13->21         started        23 sh busybox 13->23         started        25 sh pkill 15->25         started        27 sh busybox 15->27         started        29 sh pkill 17->29         started        31 sh busybox 17->31         started        33 sh pkill 19->33         started        35 sh busybox 19->35         started        37 110 other processes 19->37

        Antivirus, Machine Learning and Genetic Malware Detection

        Initial Sample

        SourceDetectionScannerLabelLink
        yakuza.arm5.elf61%ReversingLabsLinux.Trojan.Tsunami

        Dropped Files

        No Antivirus matches

        Domains

        No Antivirus matches

        URLs

        No Antivirus matches

        Domains and IPs

        Contacted Domains

        NameIPActiveMaliciousAntivirus DetectionReputation
        daisy.ubuntu.com
        		162.213.35.24
        		truefalse
          		high

          URLs from Memory and Binaries

          NameSourceMaliciousAntivirus DetectionReputation
          https://youtu.be/dQw4w9WgXcQyakuza.arm5.elffalse
            		high
            http://linux-it.abuser.eu/yak.sh;yakuza.arm5.elffalse
              		unknown
              https://youtu.be/dQw4w9WgXcQNeveryakuza.arm5.elffalse
                		high

                World Map of Contacted IPs

                • No. of IPs < 25%
                • 25% < No. of IPs < 50%
                • 50% < No. of IPs < 75%
                • 75% < No. of IPs

                Public IPs

                IPDomainCountryFlagASNASN NameMalicious
                95.234.158.87
                		unknownItaly
                		3269ASN-IBSNAZITtrue

                Joe Sandbox View / Context

                IPs

                MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                95.234.158.87yakuza.x86.elfGet hashmaliciousMiraiBrowse
                  yakuza.m68k.elfGet hashmaliciousMiraiBrowse
                    yakuza.arm7.elfGet hashmaliciousMiraiBrowse
                      yakuza.ppc.elfGet hashmaliciousMiraiBrowse

                        Domains

                        MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                        daisy.ubuntu.comyakuza.arm7.elfGet hashmaliciousMiraiBrowse
                        • 162.213.35.24
                        la.bot.arm5.elfGet hashmaliciousUnknownBrowse
                        • 162.213.35.24
                        la.bot.sparc.elfGet hashmaliciousUnknownBrowse
                        • 162.213.35.25
                        la.bot.mips.elfGet hashmaliciousUnknownBrowse
                        • 162.213.35.24
                        la.bot.sh4.elfGet hashmaliciousUnknownBrowse
                        • 162.213.35.24
                        la.bot.powerpc.elfGet hashmaliciousUnknownBrowse
                        • 162.213.35.25
                        hidakibest.arm6.elfGet hashmaliciousGafgyt, MiraiBrowse
                        • 162.213.35.24
                        hidakibest.mips.elfGet hashmaliciousGafgyt, MiraiBrowse
                        • 162.213.35.25
                        hidakibest.mpsl.elfGet hashmaliciousGafgyt, MiraiBrowse
                        • 162.213.35.25
                        hidakibest.sparc.elfGet hashmaliciousGafgyt, MiraiBrowse
                        • 162.213.35.24

                        ASNs

                        MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                        ASN-IBSNAZITyakuza.x86.elfGet hashmaliciousMiraiBrowse
                        • 95.234.158.87
                        yakuza.m68k.elfGet hashmaliciousMiraiBrowse
                        • 95.234.158.87
                        yakuza.arm7.elfGet hashmaliciousMiraiBrowse
                        • 95.234.158.87
                        yakuza.ppc.elfGet hashmaliciousMiraiBrowse
                        • 95.234.158.87
                        sparc.nn.elfGet hashmaliciousMirai, OkiruBrowse
                        • 131.1.112.117
                        sh4.elfGet hashmaliciousMirai, MoobotBrowse
                        • 79.16.25.108
                        mpsl.elfGet hashmaliciousMirai, MoobotBrowse
                        • 95.224.165.124
                        powerpc.nn.elfGet hashmaliciousMirai, OkiruBrowse
                        • 79.58.184.246
                        mips.elfGet hashmaliciousMirai, MoobotBrowse
                        • 79.39.13.191
                        arm.elfGet hashmaliciousMirai, MoobotBrowse
                        • 2.114.140.56

                        JA3 Fingerprints

                        No context

                        Dropped Files

                        No context

                        Created / dropped Files

                        No created / dropped files found

                        Static File Info

                        General

                        File type:ELF 32-bit LSB executable, ARM, version 1 (ARM), statically linked, with debug_info, not stripped
                        Entropy (8bit):6.012799620245624
                        TrID:
                        • ELF Executable and Linkable format (generic) (4004/1) 100.00%
                        File name:yakuza.arm5.elf
                        File size:150'719 bytes
                        MD5:8e346de014a435d53bfb3236bcbb22a0
                        SHA1:9c07a7b262c0b847bdf87e2d4f7a59cc7541a5cf
                        SHA256:d69aae30d881e1d095b928d962ef97e4cfbdb3a2e43a684d31613100fdaf1518
                        SHA512:2f53c414f157304bca07005b1240c9ecb55ec76c16c57ae0931e9b0ad468ea8fae7361040a22b01c7d3f8b6999b34883d946bb693491e8d2665c17a194a9a0fe
                        SSDEEP:3072:LM9BrbnpBQNSgfJ7ORoRqXasyuZ0qsRkSyJ5NGeA2U0PcuOsAnvYlqijhH/uD36I:LMTnXaqZlYk7NGeTCvYlqijhfuD36I
                        TLSH:D9E32944FC54577BC2E23BFBF79A82CE372A5664979733115A291FB02BC1B8D1E29120
                        File Content Preview:.ELF...a..........(.........4...P.......4. ...(.....................,...,...............,...,...,...................Q.td..................................-...L."...lS..........0@-.\P...0....S.0...P@...0... ....R......0...0...........0... ....R..... 0....S

                        Static ELF Info

                        ELF header

                        Class:ELF32
                        Data:2's complement, little endian
                        Version:1 (current)
                        Machine:ARM
                        Version Number:0x1
                        Type:EXEC (Executable file)
                        OS/ABI:ARM - ABI
                        ABI Version:0
                        Entry Point Address:0x8190
                        Flags:0x2
                        ELF Header Size:52
                        Program Header Offset:52
                        Program Header Size:32
                        Number of Program Headers:3
                        Section Header Offset:116560
                        Section Header Size:40
                        Number of Section Headers:20
                        Header String Table Index:17

                        Sections

                        NameTypeAddressOffsetSizeEntSizeFlagsFlags DescriptionLinkInfoAlign
                        NULL0x00x00x00x00x0000
                        .initPROGBITS0x80940x940x180x00x6AX004
                        .textPROGBITS0x80b00xb00x14de80x00x6AX0016
                        .finiPROGBITS0x1ce980x14e980x140x00x6AX004
                        .rodataPROGBITS0x1ceac0x14eac0x557c0x00x2A004
                        .eh_framePROGBITS0x224280x1a4280x40x00x2A004
                        .ctorsPROGBITS0x2a42c0x1a42c0x80x00x3WA004
                        .dtorsPROGBITS0x2a4340x1a4340x80x00x3WA004
                        .jcrPROGBITS0x2a43c0x1a43c0x40x00x3WA004
                        .dataPROGBITS0x2a4400x1a4400xd800x00x3WA004
                        .bssNOBITS0x2b1c00x1b1c00x77f00x00x3WA004
                        .commentPROGBITS0x00x1b1c00xd4e0x00x0001
                        .debug_arangesPROGBITS0x00x1bf100xa00x00x0008
                        .debug_infoPROGBITS0x00x1bfb00x30c0x00x0001
                        .debug_abbrevPROGBITS0x00x1c2bc0x640x00x0001
                        .debug_linePROGBITS0x00x1c3200x2e70x00x0001
                        .debug_framePROGBITS0x00x1c6080xa00x00x0004
                        .shstrtabSTRTAB0x00x1c6a80xa80x00x0001
                        .symtabSYMTAB0x00x1ca700x57200x100x0197774
                        .strtabSTRTAB0x00x221900x2b2f0x00x0001

                        Program Segments

                        TypeOffsetVirtual AddressPhysical AddressFile SizeMemory SizeEntropyFlagsFlags DescriptionAlignProg InterpreterSection Mappings
                        LOAD0x00x80000x80000x1a42c0x1a42c6.14720x5R E0x8000.init .text .fini .rodata .eh_frame
                        LOAD0x1a42c0x2a42c0x2a42c0xd940x85844.19060x6RW 0x8000.ctors .dtors .jcr .data .bss
                        GNU_STACK0x00x00x00x00x00.00000x7RWE0x4

                        Symbols

                        NameVersion Info NameVersion Info File NameSection NameValueSizeSymbol TypeSymbol BindSymbol VisibilityNdx
                        .symtab0x00NOTYPE<unknown>DEFAULTSHN_UNDEF
                        .symtab0x80940SECTION<unknown>DEFAULT1
                        .symtab0x80b00SECTION<unknown>DEFAULT2
                        .symtab0x1ce980SECTION<unknown>DEFAULT3
                        .symtab0x1ceac0SECTION<unknown>DEFAULT4
                        .symtab0x224280SECTION<unknown>DEFAULT5
                        .symtab0x2a42c0SECTION<unknown>DEFAULT6
                        .symtab0x2a4340SECTION<unknown>DEFAULT7
                        .symtab0x2a43c0SECTION<unknown>DEFAULT8
                        .symtab0x2a4400SECTION<unknown>DEFAULT9
                        .symtab0x2b1c00SECTION<unknown>DEFAULT10
                        .symtab0x00SECTION<unknown>DEFAULT11
                        .symtab0x00SECTION<unknown>DEFAULT12
                        .symtab0x00SECTION<unknown>DEFAULT13
                        .symtab0x00SECTION<unknown>DEFAULT14
                        .symtab0x00SECTION<unknown>DEFAULT15
                        .symtab0x00SECTION<unknown>DEFAULT16
                        .symtab0x00SECTION<unknown>DEFAULT17
                        .symtab0x00SECTION<unknown>DEFAULT18
                        .symtab0x00SECTION<unknown>DEFAULT19
                        $a.symtab0x80940NOTYPE<unknown>DEFAULT1
                        $a.symtab0x1ce980NOTYPE<unknown>DEFAULT3
                        $a.symtab0x80b00NOTYPE<unknown>DEFAULT2
                        $a.symtab0x81280NOTYPE<unknown>DEFAULT2
                        $a.symtab0x1cea40NOTYPE<unknown>DEFAULT3
                        $a.symtab0x81880NOTYPE<unknown>DEFAULT2
                        $a.symtab0x80a00NOTYPE<unknown>DEFAULT1
                        $a.symtab0x1ce5c0NOTYPE<unknown>DEFAULT2
                        $a.symtab0x1ce900NOTYPE<unknown>DEFAULT2
                        $a.symtab0x80a40NOTYPE<unknown>DEFAULT1
                        $a.symtab0x80a80NOTYPE<unknown>DEFAULT1
                        $a.symtab0x1cea80NOTYPE<unknown>DEFAULT3
                        $a.symtab0x81900NOTYPE<unknown>DEFAULT2
                        $a.symtab0x81cc0NOTYPE<unknown>DEFAULT2
                        $a.symtab0x81e80NOTYPE<unknown>DEFAULT2
                        $a.symtab0x84f80NOTYPE<unknown>DEFAULT2
                        $a.symtab0x86680NOTYPE<unknown>DEFAULT2
                        $a.symtab0x88040NOTYPE<unknown>DEFAULT2
                        $a.symtab0x8be40NOTYPE<unknown>DEFAULT2
                        $a.symtab0x8eb00NOTYPE<unknown>DEFAULT2
                        $a.symtab0x94940NOTYPE<unknown>DEFAULT2
                        $a.symtab0x95cc0NOTYPE<unknown>DEFAULT2
                        $a.symtab0x96080NOTYPE<unknown>DEFAULT2
                        $a.symtab0x96c40NOTYPE<unknown>DEFAULT2
                        $a.symtab0x97bc0NOTYPE<unknown>DEFAULT2
                        $a.symtab0x98fc0NOTYPE<unknown>DEFAULT2
                        $a.symtab0x9a180NOTYPE<unknown>DEFAULT2
                        $a.symtab0x9ad80NOTYPE<unknown>DEFAULT2
                        $a.symtab0x9bac0NOTYPE<unknown>DEFAULT2
                        $a.symtab0x9ce40NOTYPE<unknown>DEFAULT2
                        $a.symtab0xa0040NOTYPE<unknown>DEFAULT2
                        $a.symtab0xa42c0NOTYPE<unknown>DEFAULT2
                        $a.symtab0xa5580NOTYPE<unknown>DEFAULT2
                        $a.symtab0xa8b00NOTYPE<unknown>DEFAULT2
                        $a.symtab0xabb40NOTYPE<unknown>DEFAULT2
                        $a.symtab0xad040NOTYPE<unknown>DEFAULT2
                        $a.symtab0xb33c0NOTYPE<unknown>DEFAULT2
                        $a.symtab0xb9dc0NOTYPE<unknown>DEFAULT2
                        $a.symtab0xbb1c0NOTYPE<unknown>DEFAULT2
                        $a.symtab0xc4380NOTYPE<unknown>DEFAULT2
                        $a.symtab0xc7440NOTYPE<unknown>DEFAULT2
                        $a.symtab0xcf0c0NOTYPE<unknown>DEFAULT2
                        $a.symtab0xd3200NOTYPE<unknown>DEFAULT2
                        $a.symtab0xd5b40NOTYPE<unknown>DEFAULT2
                        $a.symtab0xd5e40NOTYPE<unknown>DEFAULT2
                        $a.symtab0xd8200NOTYPE<unknown>DEFAULT2
                        $a.symtab0xdbf80NOTYPE<unknown>DEFAULT2
                        $a.symtab0xf3100NOTYPE<unknown>DEFAULT2
                        $a.symtab0xf40c0NOTYPE<unknown>DEFAULT2
                        $a.symtab0xf5b80NOTYPE<unknown>DEFAULT2
                        $a.symtab0xf6540NOTYPE<unknown>DEFAULT2
                        $a.symtab0xf6880NOTYPE<unknown>DEFAULT2
                        $a.symtab0xf7180NOTYPE<unknown>DEFAULT2
                        $a.symtab0xfaa40NOTYPE<unknown>DEFAULT2
                        $a.symtab0xfbd80NOTYPE<unknown>DEFAULT2
                        $a.symtab0xfc680NOTYPE<unknown>DEFAULT2
                        $a.symtab0xfcb40NOTYPE<unknown>DEFAULT2
                        $a.symtab0xfd740NOTYPE<unknown>DEFAULT2
                        $a.symtab0xfdb40NOTYPE<unknown>DEFAULT2
                        $a.symtab0xfec80NOTYPE<unknown>DEFAULT2
                        $a.symtab0x100940NOTYPE<unknown>DEFAULT2
                        $a.symtab0x10c900NOTYPE<unknown>DEFAULT2
                        $a.symtab0x10d340NOTYPE<unknown>DEFAULT2
                        $a.symtab0x10d6c0NOTYPE<unknown>DEFAULT2
                        $a.symtab0x10dec0NOTYPE<unknown>DEFAULT2
                        $a.symtab0x10ef80NOTYPE<unknown>DEFAULT2
                        $a.symtab0x1125c0NOTYPE<unknown>DEFAULT2
                        $a.symtab0x11e5c0NOTYPE<unknown>DEFAULT2
                        $a.symtab0x11f6c0NOTYPE<unknown>DEFAULT2
                        $a.symtab0x120380NOTYPE<unknown>DEFAULT2
                        $a.symtab0x1211c0NOTYPE<unknown>DEFAULT2
                        $a.symtab0x121200NOTYPE<unknown>DEFAULT2
                        $a.symtab0x121700NOTYPE<unknown>DEFAULT2
                        $a.symtab0x121e40NOTYPE<unknown>DEFAULT2
                        $a.symtab0x122340NOTYPE<unknown>DEFAULT2
                        $a.symtab0x122600NOTYPE<unknown>DEFAULT2
                        $a.symtab0x1228c0NOTYPE<unknown>DEFAULT2
                        $a.symtab0x122b80NOTYPE<unknown>DEFAULT2
                        $a.symtab0x123900NOTYPE<unknown>DEFAULT2
                        $a.symtab0x123b80NOTYPE<unknown>DEFAULT2
                        $a.symtab0x123d00NOTYPE<unknown>DEFAULT2
                        $a.symtab0x123fc0NOTYPE<unknown>DEFAULT2
                        $a.symtab0x124280NOTYPE<unknown>DEFAULT2
                        $a.symtab0x124540NOTYPE<unknown>DEFAULT2
                        $a.symtab0x124a40NOTYPE<unknown>DEFAULT2
                        $a.symtab0x124d00NOTYPE<unknown>DEFAULT2
                        $a.symtab0x124fc0NOTYPE<unknown>DEFAULT2
                        $a.symtab0x1252c0NOTYPE<unknown>DEFAULT2
                        $a.symtab0x125580NOTYPE<unknown>DEFAULT2
                        $a.symtab0x125840NOTYPE<unknown>DEFAULT2
                        $a.symtab0x125bc0NOTYPE<unknown>DEFAULT2
                        $a.symtab0x125c40NOTYPE<unknown>DEFAULT2
                        $a.symtab0x125f00NOTYPE<unknown>DEFAULT2
                        $a.symtab0x126240NOTYPE<unknown>DEFAULT2
                        $a.symtab0x126300NOTYPE<unknown>DEFAULT2
                        $a.symtab0x127b00NOTYPE<unknown>DEFAULT2
                        $a.symtab0x127bc0NOTYPE<unknown>DEFAULT2
                        $a.symtab0x128040NOTYPE<unknown>DEFAULT2
                        $a.symtab0x128b80NOTYPE<unknown>DEFAULT2
                        $a.symtab0x128c80NOTYPE<unknown>DEFAULT2
                        $a.symtab0x128f80NOTYPE<unknown>DEFAULT2
                        $a.symtab0x129280NOTYPE<unknown>DEFAULT2
                        $a.symtab0x1295c0NOTYPE<unknown>DEFAULT2
                        $a.symtab0x129e00NOTYPE<unknown>DEFAULT2
                        $a.symtab0x12a900NOTYPE<unknown>DEFAULT2
                        $a.symtab0x12b900NOTYPE<unknown>DEFAULT2
                        $a.symtab0x12dd80NOTYPE<unknown>DEFAULT2
                        $a.symtab0x130d00NOTYPE<unknown>DEFAULT2
                        $a.symtab0x131400NOTYPE<unknown>DEFAULT2
                        $a.symtab0x131500NOTYPE<unknown>DEFAULT2
                        $a.symtab0x132080NOTYPE<unknown>DEFAULT2
                        $a.symtab0x132380NOTYPE<unknown>DEFAULT2
                        $a.symtab0x132f40NOTYPE<unknown>DEFAULT2
                        $a.symtab0x139b80NOTYPE<unknown>DEFAULT2
                        $a.symtab0x13a500NOTYPE<unknown>DEFAULT2
                        $a.symtab0x13a880NOTYPE<unknown>DEFAULT2
                        $a.symtab0x13c240NOTYPE<unknown>DEFAULT2
                        $a.symtab0x13c700NOTYPE<unknown>DEFAULT2
                        $a.symtab0x141340NOTYPE<unknown>DEFAULT2
                        $a.symtab0x141b80NOTYPE<unknown>DEFAULT2
                        $a.symtab0x1424c0NOTYPE<unknown>DEFAULT2
                        $a.symtab0x143180NOTYPE<unknown>DEFAULT2
                        $a.symtab0x143a40NOTYPE<unknown>DEFAULT2
                        $a.symtab0x144e40NOTYPE<unknown>DEFAULT2
                        $a.symtab0x146c80NOTYPE<unknown>DEFAULT2
                        $a.symtab0x147600NOTYPE<unknown>DEFAULT2
                        $a.symtab0x148640NOTYPE<unknown>DEFAULT2
                        $a.symtab0x148980NOTYPE<unknown>DEFAULT2
                        $a.symtab0x149500NOTYPE<unknown>DEFAULT2
                        $a.symtab0x149600NOTYPE<unknown>DEFAULT2
                        $a.symtab0x149700NOTYPE<unknown>DEFAULT2
                        $a.symtab0x14a100NOTYPE<unknown>DEFAULT2
                        $a.symtab0x14a300NOTYPE<unknown>DEFAULT2
                        $a.symtab0x14a900NOTYPE<unknown>DEFAULT2
                        $a.symtab0x14aac0NOTYPE<unknown>DEFAULT2
                        $a.symtab0x14bd00NOTYPE<unknown>DEFAULT2
                        $a.symtab0x14c880NOTYPE<unknown>DEFAULT2
                        $a.symtab0x14d680NOTYPE<unknown>DEFAULT2
                        $a.symtab0x14d7c0NOTYPE<unknown>DEFAULT2
                        $a.symtab0x14e640NOTYPE<unknown>DEFAULT2
                        $a.symtab0x14ee00NOTYPE<unknown>DEFAULT2
                        $a.symtab0x14f7c0NOTYPE<unknown>DEFAULT2
                        $a.symtab0x14fac0NOTYPE<unknown>DEFAULT2
                        $a.symtab0x14fb80NOTYPE<unknown>DEFAULT2
                        $a.symtab0x14fd80NOTYPE<unknown>DEFAULT2
                        $a.symtab0x150440NOTYPE<unknown>DEFAULT2
                        $a.symtab0x150b40NOTYPE<unknown>DEFAULT2
                        $a.symtab0x15c480NOTYPE<unknown>DEFAULT2
                        $a.symtab0x15f640NOTYPE<unknown>DEFAULT2
                        $a.symtab0x162400NOTYPE<unknown>DEFAULT2
                        $a.symtab0x163a40NOTYPE<unknown>DEFAULT2
                        $a.symtab0x166040NOTYPE<unknown>DEFAULT2
                        $a.symtab0x166900NOTYPE<unknown>DEFAULT2
                        $a.symtab0x166b40NOTYPE<unknown>DEFAULT2
                        $a.symtab0x169c80NOTYPE<unknown>DEFAULT2
                        $a.symtab0x16d580NOTYPE<unknown>DEFAULT2
                        $a.symtab0x16d840NOTYPE<unknown>DEFAULT2
                        $a.symtab0x16db00NOTYPE<unknown>DEFAULT2
                        $a.symtab0x16ddc0NOTYPE<unknown>DEFAULT2
                        $a.symtab0x16e0c0NOTYPE<unknown>DEFAULT2
                        $a.symtab0x16e380NOTYPE<unknown>DEFAULT2
                        $a.symtab0x16e640NOTYPE<unknown>DEFAULT2
                        $a.symtab0x16e900NOTYPE<unknown>DEFAULT2
                        $a.symtab0x16ec40NOTYPE<unknown>DEFAULT2
                        $a.symtab0x16ef40NOTYPE<unknown>DEFAULT2
                        $a.symtab0x16f200NOTYPE<unknown>DEFAULT2
                        $a.symtab0x170740NOTYPE<unknown>DEFAULT2
                        $a.symtab0x171640NOTYPE<unknown>DEFAULT2
                        $a.symtab0x1727c0NOTYPE<unknown>DEFAULT2
                        $a.symtab0x173100NOTYPE<unknown>DEFAULT2
                        $a.symtab0x1739c0NOTYPE<unknown>DEFAULT2
                        $a.symtab0x174c40NOTYPE<unknown>DEFAULT2
                        $a.symtab0x1760c0NOTYPE<unknown>DEFAULT2
                        $a.symtab0x176100NOTYPE<unknown>DEFAULT2
                        $a.symtab0x1768c0NOTYPE<unknown>DEFAULT2
                        $a.symtab0x177180NOTYPE<unknown>DEFAULT2
                        $a.symtab0x177b00NOTYPE<unknown>DEFAULT2
                        $a.symtab0x1782c0NOTYPE<unknown>DEFAULT2
                        $a.symtab0x178ec0NOTYPE<unknown>DEFAULT2
                        $a.symtab0x1797c0NOTYPE<unknown>DEFAULT2
                        $a.symtab0x17a480NOTYPE<unknown>DEFAULT2
                        $a.symtab0x17b100NOTYPE<unknown>DEFAULT2
                        $a.symtab0x17c480NOTYPE<unknown>DEFAULT2
                        $a.symtab0x17c540NOTYPE<unknown>DEFAULT2
                        $a.symtab0x17c5c0NOTYPE<unknown>DEFAULT2
                        $a.symtab0x17c640NOTYPE<unknown>DEFAULT2
                        $a.symtab0x17dfc0NOTYPE<unknown>DEFAULT2
                        $a.symtab0x17e900NOTYPE<unknown>DEFAULT2
                        $a.symtab0x17f240NOTYPE<unknown>DEFAULT2
                        $a.symtab0x180c80NOTYPE<unknown>DEFAULT2
                        $a.symtab0x183300NOTYPE<unknown>DEFAULT2
                        $a.symtab0x184780NOTYPE<unknown>DEFAULT2
                        $a.symtab0x184c40NOTYPE<unknown>DEFAULT2
                        $a.symtab0x185300NOTYPE<unknown>DEFAULT2
                        $a.symtab0x185740NOTYPE<unknown>DEFAULT2
                        $a.symtab0x185d00NOTYPE<unknown>DEFAULT2
                        $a.symtab0x1881c0NOTYPE<unknown>DEFAULT2
                        $a.symtab0x189000NOTYPE<unknown>DEFAULT2
                        $a.symtab0x189300NOTYPE<unknown>DEFAULT2
                        $a.symtab0x189380NOTYPE<unknown>DEFAULT2
                        $a.symtab0x189640NOTYPE<unknown>DEFAULT2
                        $a.symtab0x1898c0NOTYPE<unknown>DEFAULT2
                        $a.symtab0x189b80NOTYPE<unknown>DEFAULT2
                        $a.symtab0x189e40NOTYPE<unknown>DEFAULT2
                        $a.symtab0x18a100NOTYPE<unknown>DEFAULT2
                        $a.symtab0x18a3c0NOTYPE<unknown>DEFAULT2
                        $a.symtab0x18a680NOTYPE<unknown>DEFAULT2
                        $a.symtab0x18a940NOTYPE<unknown>DEFAULT2
                        $a.symtab0x18ac00NOTYPE<unknown>DEFAULT2
                        $a.symtab0x18aec0NOTYPE<unknown>DEFAULT2
                        $a.symtab0x18b580NOTYPE<unknown>DEFAULT2
                        $a.symtab0x18b840NOTYPE<unknown>DEFAULT2
                        $a.symtab0x18bdc0NOTYPE<unknown>DEFAULT2
                        $a.symtab0x18c300NOTYPE<unknown>DEFAULT2
                        $a.symtab0x18c5c0NOTYPE<unknown>DEFAULT2
                        $a.symtab0x18c900NOTYPE<unknown>DEFAULT2
                        $a.symtab0x18c9c0NOTYPE<unknown>DEFAULT2
                        $a.symtab0x18cec0NOTYPE<unknown>DEFAULT2
                        $a.symtab0x18d0c0NOTYPE<unknown>DEFAULT2
                        $a.symtab0x18dc80NOTYPE<unknown>DEFAULT2
                        $a.symtab0x18e000NOTYPE<unknown>DEFAULT2
                        $a.symtab0x18ebc0NOTYPE<unknown>DEFAULT2
                        $a.symtab0x18ff40NOTYPE<unknown>DEFAULT2
                        $a.symtab0x190f80NOTYPE<unknown>DEFAULT2
                        $a.symtab0x191680NOTYPE<unknown>DEFAULT2
                        $a.symtab0x1919c0NOTYPE<unknown>DEFAULT2
                        $a.symtab0x192ec0NOTYPE<unknown>DEFAULT2
                        $a.symtab0x1970c0NOTYPE<unknown>DEFAULT2
                        $a.symtab0x199540NOTYPE<unknown>DEFAULT2
                        $a.symtab0x19a900NOTYPE<unknown>DEFAULT2
                        $a.symtab0x19f200NOTYPE<unknown>DEFAULT2
                        $a.symtab0x1a01c0NOTYPE<unknown>DEFAULT2
                        $a.symtab0x1a0340NOTYPE<unknown>DEFAULT2
                        $a.symtab0x1a1200NOTYPE<unknown>DEFAULT2
                        $a.symtab0x1a2280NOTYPE<unknown>DEFAULT2
                        $a.symtab0x1a29c0NOTYPE<unknown>DEFAULT2
                        $a.symtab0x1a2dc0NOTYPE<unknown>DEFAULT2
                        $a.symtab0x1a3100NOTYPE<unknown>DEFAULT2
                        $a.symtab0x1a5540NOTYPE<unknown>DEFAULT2
                        $a.symtab0x1a5900NOTYPE<unknown>DEFAULT2
                        $a.symtab0x1a6240NOTYPE<unknown>DEFAULT2
                        $a.symtab0x1a6d40NOTYPE<unknown>DEFAULT2
                        $a.symtab0x1a7c40NOTYPE<unknown>DEFAULT2
                        $a.symtab0x1a8180NOTYPE<unknown>DEFAULT2
                        $a.symtab0x1a93c0NOTYPE<unknown>DEFAULT2
                        $a.symtab0x1a9900NOTYPE<unknown>DEFAULT2
                        $a.symtab0x1aa200NOTYPE<unknown>DEFAULT2
                        $a.symtab0x1aab00NOTYPE<unknown>DEFAULT2
                        $a.symtab0x1ac440NOTYPE<unknown>DEFAULT2
                        $a.symtab0x1ac800NOTYPE<unknown>DEFAULT2
                        $a.symtab0x1ad6c0NOTYPE<unknown>DEFAULT2
                        $a.symtab0x1ae380NOTYPE<unknown>DEFAULT2
                        $a.symtab0x1b6440NOTYPE<unknown>DEFAULT2
                        $a.symtab0x1b9180NOTYPE<unknown>DEFAULT2
                        $a.symtab0x1b9600NOTYPE<unknown>DEFAULT2
                        $a.symtab0x1b9f40NOTYPE<unknown>DEFAULT2
                        $a.symtab0x1bd680NOTYPE<unknown>DEFAULT2
                        $a.symtab0x1bd980NOTYPE<unknown>DEFAULT2
                        $a.symtab0x1bdb00NOTYPE<unknown>DEFAULT2
                        $a.symtab0x1be680NOTYPE<unknown>DEFAULT2
                        $a.symtab0x1bed40NOTYPE<unknown>DEFAULT2
                        $a.symtab0x1bef80NOTYPE<unknown>DEFAULT2
                        $a.symtab0x1bf340NOTYPE<unknown>DEFAULT2
                        $a.symtab0x1bf500NOTYPE<unknown>DEFAULT2
                        $a.symtab0x1bf5c0NOTYPE<unknown>DEFAULT2
                        $a.symtab0x1bff40NOTYPE<unknown>DEFAULT2
                        $a.symtab0x1c1240NOTYPE<unknown>DEFAULT2
                        $a.symtab0x1c1800NOTYPE<unknown>DEFAULT2
                        $a.symtab0x1c24c0NOTYPE<unknown>DEFAULT2
                        $a.symtab0x1c2780NOTYPE<unknown>DEFAULT2
                        $a.symtab0x1c3340NOTYPE<unknown>DEFAULT2
                        $a.symtab0x1c3700NOTYPE<unknown>DEFAULT2
                        $a.symtab0x1c3800NOTYPE<unknown>DEFAULT2
                        $a.symtab0x1c4380NOTYPE<unknown>DEFAULT2
                        $a.symtab0x1c5000NOTYPE<unknown>DEFAULT2
                        $a.symtab0x1c5500NOTYPE<unknown>DEFAULT2
                        $a.symtab0x1c6380NOTYPE<unknown>DEFAULT2
                        $a.symtab0x1c6f00NOTYPE<unknown>DEFAULT2
                        $a.symtab0x1c74c0NOTYPE<unknown>DEFAULT2
                        $a.symtab0x1c7600NOTYPE<unknown>DEFAULT2
                        $a.symtab0x1c83c0NOTYPE<unknown>DEFAULT2
                        $a.symtab0x1c8700NOTYPE<unknown>DEFAULT2
                        $a.symtab0x1cb980NOTYPE<unknown>DEFAULT2
                        $a.symtab0x1cbfc0NOTYPE<unknown>DEFAULT2
                        $a.symtab0x1cc280NOTYPE<unknown>DEFAULT2
                        $a.symtab0x1ccd00NOTYPE<unknown>DEFAULT2
                        $a.symtab0x1cd1c0NOTYPE<unknown>DEFAULT2
                        $d.symtab0x2a42c0NOTYPE<unknown>DEFAULT6
                        $d.symtab0x2a4340NOTYPE<unknown>DEFAULT7
                        $d.symtab0x2a4480NOTYPE<unknown>DEFAULT9
                        $d.symtab0x81180NOTYPE<unknown>DEFAULT2
                        $d.symtab0x81740NOTYPE<unknown>DEFAULT2
                        $d.symtab0x1ce8c0NOTYPE<unknown>DEFAULT2
                        $d.symtab0x2a44c0NOTYPE<unknown>DEFAULT9
                        $d.symtab0x81c00NOTYPE<unknown>DEFAULT2
                        $d.symtab0x2a4500NOTYPE<unknown>DEFAULT9
                        $d.symtab0x81e40NOTYPE<unknown>DEFAULT2
                        $d.symtab0x84f40NOTYPE<unknown>DEFAULT2
                        $d.symtab0x86540NOTYPE<unknown>DEFAULT2
                        $d.symtab0x88000NOTYPE<unknown>DEFAULT2
                        $d.symtab0x8bdc0NOTYPE<unknown>DEFAULT2
                        $d.symtab0x8eac0NOTYPE<unknown>DEFAULT2
                        $d.symtab0x94840NOTYPE<unknown>DEFAULT2
                        $d.symtab0x95b80NOTYPE<unknown>DEFAULT2
                        $d.symtab0x96040NOTYPE<unknown>DEFAULT2
                        $d.symtab0x96b40NOTYPE<unknown>DEFAULT2
                        $d.symtab0x97b00NOTYPE<unknown>DEFAULT2
                        $d.symtab0x98d80NOTYPE<unknown>DEFAULT2
                        $d.symtab0x99f40NOTYPE<unknown>DEFAULT2
                        $d.symtab0x9acc0NOTYPE<unknown>DEFAULT2
                        $d.symtab0x9ba40NOTYPE<unknown>DEFAULT2
                        $d.symtab0x9cd80NOTYPE<unknown>DEFAULT2
                        $d.symtab0x9ff00NOTYPE<unknown>DEFAULT2
                        $d.symtab0xa41c0NOTYPE<unknown>DEFAULT2
                        $d.symtab0xa5500NOTYPE<unknown>DEFAULT2
                        $d.symtab0x1f3ec0NOTYPE<unknown>DEFAULT4
                        $d.symtab0xa89c0NOTYPE<unknown>DEFAULT2
                        $d.symtab0xaba80NOTYPE<unknown>DEFAULT2
                        $d.symtab0xacfc0NOTYPE<unknown>DEFAULT2
                        $d.symtab0xb3340NOTYPE<unknown>DEFAULT2
                        $d.symtab0xb9d40NOTYPE<unknown>DEFAULT2
                        $d.symtab0xbb180NOTYPE<unknown>DEFAULT2
                        $d.symtab0xc4200NOTYPE<unknown>DEFAULT2
                        $d.symtab0xc7380NOTYPE<unknown>DEFAULT2
                        $d.symtab0xcf080NOTYPE<unknown>DEFAULT2
                        $d.symtab0xd31c0NOTYPE<unknown>DEFAULT2
                        $d.symtab0xd5b00NOTYPE<unknown>DEFAULT2
                        $d.symtab0xd5e00NOTYPE<unknown>DEFAULT2
                        $d.symtab0xd81c0NOTYPE<unknown>DEFAULT2
                        $d.symtab0xdbd80NOTYPE<unknown>DEFAULT2
                        $d.symtab0xf2c80NOTYPE<unknown>DEFAULT2
                        $d.symtab0xf4080NOTYPE<unknown>DEFAULT2
                        $d.symtab0xf5880NOTYPE<unknown>DEFAULT2
                        $d.symtab0xf64c0NOTYPE<unknown>DEFAULT2
                        $d.symtab0xf67c0NOTYPE<unknown>DEFAULT2
                        $d.symtab0xf70c0NOTYPE<unknown>DEFAULT2
                        $d.symtab0xfa2c0NOTYPE<unknown>DEFAULT2
                        $d.symtab0xfbcc0NOTYPE<unknown>DEFAULT2
                        $d.symtab0xfc5c0NOTYPE<unknown>DEFAULT2
                        $d.symtab0xfcb00NOTYPE<unknown>DEFAULT2
                        $d.symtab0xfd700NOTYPE<unknown>DEFAULT2
                        $d.symtab0xfdb00NOTYPE<unknown>DEFAULT2
                        $d.symtab0xfec00NOTYPE<unknown>DEFAULT2
                        $d.symtab0x100780NOTYPE<unknown>DEFAULT2
                        $d.symtab0x10c300NOTYPE<unknown>DEFAULT2
                        $d.symtab0x10d180NOTYPE<unknown>DEFAULT2
                        $d.symtab0x10d680NOTYPE<unknown>DEFAULT2
                        $d.symtab0x10de80NOTYPE<unknown>DEFAULT2
                        $d.symtab0x10ef40NOTYPE<unknown>DEFAULT2
                        $d.symtab0x112480NOTYPE<unknown>DEFAULT2
                        $d.symtab0x11df00NOTYPE<unknown>DEFAULT2
                        $d.symtab0x123cc0NOTYPE<unknown>DEFAULT2
                        $d.symtab0x126200NOTYPE<unknown>DEFAULT2
                        $d.symtab0x2ae440NOTYPE<unknown>DEFAULT9
                        $d.symtab0x1262c0NOTYPE<unknown>DEFAULT2
                        $d.symtab0x127940NOTYPE<unknown>DEFAULT2
                        $d.symtab0x127f40NOTYPE<unknown>DEFAULT2
                        $d.symtab0x128a40NOTYPE<unknown>DEFAULT2
                        $d.symtab0x12b780NOTYPE<unknown>DEFAULT2
                        $d.symtab0x12db40NOTYPE<unknown>DEFAULT2
                        $d.symtab0x130a00NOTYPE<unknown>DEFAULT2
                        $d.symtab0x1313c0NOTYPE<unknown>DEFAULT2
                        $d.symtab0x1314c0NOTYPE<unknown>DEFAULT2
                        $d.symtab0x131f80NOTYPE<unknown>DEFAULT2
                        $d.symtab0x2ae4c0NOTYPE<unknown>DEFAULT9
                        $d.symtab0x210240NOTYPE<unknown>DEFAULT4
                        $d.symtab0x132e40NOTYPE<unknown>DEFAULT2
                        $d.symtab0x139a40NOTYPE<unknown>DEFAULT2
                        $d.symtab0x13c200NOTYPE<unknown>DEFAULT2
                        $d.symtab0x13c640NOTYPE<unknown>DEFAULT2
                        $d.symtab0x141100NOTYPE<unknown>DEFAULT2
                        $d.symtab0x141a80NOTYPE<unknown>DEFAULT2
                        $d.symtab0x1423c0NOTYPE<unknown>DEFAULT2
                        $d.symtab0x143080NOTYPE<unknown>DEFAULT2
                        $d.symtab0x143940NOTYPE<unknown>DEFAULT2
                        $d.symtab0x144bc0NOTYPE<unknown>DEFAULT2
                        $d.symtab0x146a40NOTYPE<unknown>DEFAULT2
                        $d.symtab0x14d600NOTYPE<unknown>DEFAULT2
                        $d.symtab0x14e5c0NOTYPE<unknown>DEFAULT2
                        $d.symtab0x14edc0NOTYPE<unknown>DEFAULT2
                        $d.symtab0x14f780NOTYPE<unknown>DEFAULT2
                        $d.symtab0x14fb40NOTYPE<unknown>DEFAULT2
                        $d.symtab0x150400NOTYPE<unknown>DEFAULT2
                        $d.symtab0x15c200NOTYPE<unknown>DEFAULT2
                        $d.symtab0x15f600NOTYPE<unknown>DEFAULT2
                        $d.symtab0x21c500NOTYPE<unknown>DEFAULT4
                        $d.symtab0x1623c0NOTYPE<unknown>DEFAULT2
                        $d.symtab0x163a00NOTYPE<unknown>DEFAULT2
                        $d.symtab0x165fc0NOTYPE<unknown>DEFAULT2
                        $d.symtab0x1668c0NOTYPE<unknown>DEFAULT2
                        $d.symtab0x169ac0NOTYPE<unknown>DEFAULT2
                        $d.symtab0x16d300NOTYPE<unknown>DEFAULT2
                        $d.symtab0x1705c0NOTYPE<unknown>DEFAULT2
                        $d.symtab0x2af880NOTYPE<unknown>DEFAULT9
                        $d.symtab0x1714c0NOTYPE<unknown>DEFAULT2
                        $d.symtab0x1726c0NOTYPE<unknown>DEFAULT2
                        $d.symtab0x175fc0NOTYPE<unknown>DEFAULT2
                        $d.symtab0x2b0900NOTYPE<unknown>DEFAULT9
                        $d.symtab0x176740NOTYPE<unknown>DEFAULT2
                        $d.symtab0x177000NOTYPE<unknown>DEFAULT2
                        $d.symtab0x177980NOTYPE<unknown>DEFAULT2
                        $d.symtab0x178140NOTYPE<unknown>DEFAULT2
                        $d.symtab0x2b0a80NOTYPE<unknown>DEFAULT9
                        $d.symtab0x178e80NOTYPE<unknown>DEFAULT2
                        $d.symtab0x179780NOTYPE<unknown>DEFAULT2
                        $d.symtab0x17a3c0NOTYPE<unknown>DEFAULT2
                        $d.symtab0x17b0c0NOTYPE<unknown>DEFAULT2
                        $d.symtab0x21d0c0NOTYPE<unknown>DEFAULT4
                        $d.symtab0x17c3c0NOTYPE<unknown>DEFAULT2
                        $d.symtab0x17df80NOTYPE<unknown>DEFAULT2
                        $d.symtab0x17e740NOTYPE<unknown>DEFAULT2
                        $d.symtab0x2b15c0NOTYPE<unknown>DEFAULT9
                        $d.symtab0x17f200NOTYPE<unknown>DEFAULT2
                        $d.symtab0x180c40NOTYPE<unknown>DEFAULT2
                        $d.symtab0x180d80NOTYPE<unknown>DEFAULT2
                        $d.symtab0x184680NOTYPE<unknown>DEFAULT2
                        $d.symtab0x184c00NOTYPE<unknown>DEFAULT2
                        $d.symtab0x185200NOTYPE<unknown>DEFAULT2
                        $d.symtab0x185700NOTYPE<unknown>DEFAULT2
                        $d.symtab0x185c00NOTYPE<unknown>DEFAULT2
                        $d.symtab0x187e80NOTYPE<unknown>DEFAULT2
                        $d.symtab0x2b1740NOTYPE<unknown>DEFAULT9
                        $d.symtab0x188f80NOTYPE<unknown>DEFAULT2
                        $d.symtab0x18b540NOTYPE<unknown>DEFAULT2
                        $d.symtab0x18bd80NOTYPE<unknown>DEFAULT2
                        $d.symtab0x18c8c0NOTYPE<unknown>DEFAULT2
                        $d.symtab0x2b1780NOTYPE<unknown>DEFAULT9
                        $d.symtab0x2b1800NOTYPE<unknown>DEFAULT9
                        $d.symtab0x316680NOTYPE<unknown>DEFAULT10
                        $d.symtab0x18c980NOTYPE<unknown>DEFAULT2
                        $d.symtab0x196d40NOTYPE<unknown>DEFAULT2
                        $d.symtab0x223540NOTYPE<unknown>DEFAULT4
                        $d.symtab0x19a800NOTYPE<unknown>DEFAULT2
                        $d.symtab0x1a0140NOTYPE<unknown>DEFAULT2
                        $d.symtab0x1a1180NOTYPE<unknown>DEFAULT2
                        $d.symtab0x1a2200NOTYPE<unknown>DEFAULT2
                        $d.symtab0x1a3080NOTYPE<unknown>DEFAULT2
                        $d.symtab0x1a5280NOTYPE<unknown>DEFAULT2
                        $d.symtab0x1a5840NOTYPE<unknown>DEFAULT2
                        $d.symtab0x1a6080NOTYPE<unknown>DEFAULT2
                        $d.symtab0x1a6b00NOTYPE<unknown>DEFAULT2
                        $d.symtab0x1a7ac0NOTYPE<unknown>DEFAULT2
                        $d.symtab0x1a80c0NOTYPE<unknown>DEFAULT2
                        $d.symtab0x1a9240NOTYPE<unknown>DEFAULT2
                        $d.symtab0x1a9840NOTYPE<unknown>DEFAULT2
                        $d.symtab0x2b1880NOTYPE<unknown>DEFAULT9
                        $d.symtab0x1aa1c0NOTYPE<unknown>DEFAULT2
                        $d.symtab0x1aaac0NOTYPE<unknown>DEFAULT2
                        $d.symtab0x1ac3c0NOTYPE<unknown>DEFAULT2
                        $d.symtab0x1ad680NOTYPE<unknown>DEFAULT2
                        $d.symtab0x1b6100NOTYPE<unknown>DEFAULT2
                        $d.symtab0x1b8d80NOTYPE<unknown>DEFAULT2
                        $d.symtab0x2b1a40NOTYPE<unknown>DEFAULT9
                        $d.symtab0x1bd4c0NOTYPE<unknown>DEFAULT2
                        $d.symtab0x1be640NOTYPE<unknown>DEFAULT2
                        $d.symtab0x1bef00NOTYPE<unknown>DEFAULT2
                        $d.symtab0x1bf300NOTYPE<unknown>DEFAULT2
                        $d.symtab0x1bfe40NOTYPE<unknown>DEFAULT2
                        $d.symtab0x1c1140NOTYPE<unknown>DEFAULT2
                        $d.symtab0x1c4300NOTYPE<unknown>DEFAULT2
                        $d.symtab0x1c8640NOTYPE<unknown>DEFAULT2
                        $d.symtab0x1cb940NOTYPE<unknown>DEFAULT2
                        /home/firmware/build/temp-armv5l/gcc-core/gcc/config/arm/lib1funcs.asm.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                        /home/firmware/build/temp-armv5l/gcc-core/gcc/config/arm/lib1funcs.asm.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                        /home/firmware/build/temp-armv5l/gcc-core/gcc/config/arm/lib1funcs.asm.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                        /home/firmware/build/temp-armv5l/gcc-core/gcc/config/arm/lib1funcs.asm.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                        /home/firmware/build/temp-armv5l/gcc-core/gcc/config/arm/lib1funcs.asm.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                        C.72.5492.symtab0x1ed7136OBJECT<unknown>DEFAULT4
                        C.90.5713.symtab0x1f3ec312OBJECT<unknown>DEFAULT4
                        C.97.5813.symtab0x1f59812OBJECT<unknown>DEFAULT4
                        ClearHistory.symtab0xf65452FUNC<unknown>DEFAULT2
                        HTTP.symtab0xabb4336FUNC<unknown>DEFAULT2
                        Laligned.symtab0x14a580NOTYPE<unknown>DEFAULT2
                        Llastword.symtab0x14a740NOTYPE<unknown>DEFAULT2
                        Q.symtab0x2b5f816384OBJECT<unknown>DEFAULT10
                        Send.symtab0x8494100FUNC<unknown>DEFAULT2
                        UserAgents.symtab0x2a778144OBJECT<unknown>DEFAULT9
                        _352.symtab0x10d6c36FUNC<unknown>DEFAULT2
                        _376.symtab0x10c90164FUNC<unknown>DEFAULT2
                        _433.symtab0x10d9092FUNC<unknown>DEFAULT2
                        _Jv_RegisterClasses.symtab0x00NOTYPE<unknown>DEFAULTSHN_UNDEF
                        _NICK.symtab0x10dec268FUNC<unknown>DEFAULT2
                        _PING.symtab0x10d3456FUNC<unknown>DEFAULT2
                        _PRIVMSG.symtab0x100943068FUNC<unknown>DEFAULT2
                        _READ.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                        _WRITE.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                        __CTOR_END__.symtab0x2a4300OBJECT<unknown>DEFAULT6
                        __CTOR_LIST__.symtab0x2a42c0OBJECT<unknown>DEFAULT6
                        __C_ctype_b.symtab0x2b1784OBJECT<unknown>DEFAULT9
                        __C_ctype_b.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                        __C_ctype_b_data.symtab0x21d3e768OBJECT<unknown>DEFAULT4
                        __C_ctype_tolower.symtab0x2b1804OBJECT<unknown>DEFAULT9
                        __C_ctype_tolower.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                        __C_ctype_tolower_data.symtab0x2203e768OBJECT<unknown>DEFAULT4
                        __C_ctype_toupper.symtab0x2ae444OBJECT<unknown>DEFAULT9
                        __C_ctype_toupper.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                        __C_ctype_toupper_data.symtab0x20d08768OBJECT<unknown>DEFAULT4
                        __DTOR_END__.symtab0x2a4380OBJECT<unknown>DEFAULT7
                        __DTOR_LIST__.symtab0x2a4340OBJECT<unknown>DEFAULT7
                        __EH_FRAME_BEGIN__.symtab0x224280OBJECT<unknown>DEFAULT5
                        __FRAME_END__.symtab0x224280OBJECT<unknown>DEFAULT5
                        __GI___C_ctype_b.symtab0x2b1784OBJECT<unknown>HIDDEN9
                        __GI___C_ctype_b_data.symtab0x21d3e768OBJECT<unknown>HIDDEN4
                        __GI___C_ctype_tolower.symtab0x2b1804OBJECT<unknown>HIDDEN9
                        __GI___C_ctype_tolower_data.symtab0x2203e768OBJECT<unknown>HIDDEN4
                        __GI___C_ctype_toupper.symtab0x2ae444OBJECT<unknown>HIDDEN9
                        __GI___C_ctype_toupper_data.symtab0x20d08768OBJECT<unknown>HIDDEN4
                        __GI___ctype_b.symtab0x2b17c4OBJECT<unknown>HIDDEN9
                        __GI___ctype_tolower.symtab0x2b1844OBJECT<unknown>HIDDEN9
                        __GI___ctype_toupper.symtab0x2ae484OBJECT<unknown>HIDDEN9
                        __GI___errno_location.symtab0x1262412FUNC<unknown>HIDDEN2
                        __GI___fgetc_unlocked.symtab0x19954304FUNC<unknown>HIDDEN2
                        __GI___fputc_unlocked.symtab0x14760260FUNC<unknown>HIDDEN2
                        __GI___glibc_strerror_r.symtab0x14d6820FUNC<unknown>HIDDEN2
                        __GI___h_errno_location.symtab0x18c9012FUNC<unknown>HIDDEN2
                        __GI___libc_fcntl.symtab0x12170116FUNC<unknown>HIDDEN2
                        __GI___libc_fcntl64.symtab0x121e480FUNC<unknown>HIDDEN2
                        __GI___libc_open.symtab0x18aec92FUNC<unknown>HIDDEN2
                        __GI___uClibc_fini.symtab0x184c4108FUNC<unknown>HIDDEN2
                        __GI___uClibc_init.symtab0x1857492FUNC<unknown>HIDDEN2
                        __GI___xpg_strerror_r.symtab0x14d7c232FUNC<unknown>HIDDEN2
                        __GI__exit.symtab0x1896440FUNC<unknown>HIDDEN2
                        __GI_abort.symtab0x174c4328FUNC<unknown>HIDDEN2
                        __GI_accept.symtab0x16d5844FUNC<unknown>HIDDEN2
                        __GI_asprintf.symtab0x128f848FUNC<unknown>HIDDEN2
                        __GI_atoi.symtab0x17c4812FUNC<unknown>HIDDEN2
                        __GI_atol.symtab0x17c4812FUNC<unknown>HIDDEN2
                        __GI_bind.symtab0x16d8444FUNC<unknown>HIDDEN2
                        __GI_brk.symtab0x1bef860FUNC<unknown>HIDDEN2
                        __GI_chdir.symtab0x1223444FUNC<unknown>HIDDEN2
                        __GI_clock_getres.symtab0x1898c44FUNC<unknown>HIDDEN2
                        __GI_close.symtab0x1226044FUNC<unknown>HIDDEN2
                        __GI_connect.symtab0x16db044FUNC<unknown>HIDDEN2
                        __GI_dup2.symtab0x189b844FUNC<unknown>HIDDEN2
                        __GI_endservent.symtab0x1a590148FUNC<unknown>HIDDEN2
                        __GI_errno.symtab0x316684OBJECT<unknown>HIDDEN10
                        __GI_execl.symtab0x17e90148FUNC<unknown>HIDDEN2
                        __GI_execve.symtab0x189e444FUNC<unknown>HIDDEN2
                        __GI_exit.symtab0x17dfc148FUNC<unknown>HIDDEN2
                        __GI_fclose.symtab0x12630384FUNC<unknown>HIDDEN2
                        __GI_fcntl.symtab0x12170116FUNC<unknown>HIDDEN2
                        __GI_fcntl64.symtab0x121e480FUNC<unknown>HIDDEN2
                        __GI_fdopen.symtab0x18dc856FUNC<unknown>HIDDEN2
                        __GI_fflush_unlocked.symtab0x144e4484FUNC<unknown>HIDDEN2
                        __GI_fgetc_unlocked.symtab0x19954304FUNC<unknown>HIDDEN2
                        __GI_fgets.symtab0x141b8148FUNC<unknown>HIDDEN2
                        __GI_fgets_unlocked.symtab0x146c8152FUNC<unknown>HIDDEN2
                        __GI_fopen.symtab0x127b012FUNC<unknown>HIDDEN2
                        __GI_fork.symtab0x1228c44FUNC<unknown>HIDDEN2
                        __GI_fprintf.symtab0x128c848FUNC<unknown>HIDDEN2
                        __GI_fputc.symtab0x1424c204FUNC<unknown>HIDDEN2
                        __GI_fputs.symtab0x14318140FUNC<unknown>HIDDEN2
                        __GI_fputs_unlocked.symtab0x1486452FUNC<unknown>HIDDEN2
                        __GI_freeaddrinfo.symtab0x15c4832FUNC<unknown>HIDDEN2
                        __GI_fseek.symtab0x1bf5012FUNC<unknown>HIDDEN2
                        __GI_fseeko64.symtab0x1bff4304FUNC<unknown>HIDDEN2
                        __GI_fwrite_unlocked.symtab0x14898172FUNC<unknown>HIDDEN2
                        __GI_getaddrinfo.symtab0x15c68764FUNC<unknown>HIDDEN2
                        __GI_getc_unlocked.symtab0x19954304FUNC<unknown>HIDDEN2
                        __GI_getcwd.symtab0x122b8216FUNC<unknown>HIDDEN2
                        __GI_getdtablesize.symtab0x1239040FUNC<unknown>HIDDEN2
                        __GI_getegid.symtab0x18a1044FUNC<unknown>HIDDEN2
                        __GI_geteuid.symtab0x18a3c44FUNC<unknown>HIDDEN2
                        __GI_getgid.symtab0x18a6844FUNC<unknown>HIDDEN2
                        __GI_gethostbyaddr_r.symtab0x169c8912FUNC<unknown>HIDDEN2
                        __GI_gethostbyname2_r.symtab0x166b4788FUNC<unknown>HIDDEN2
                        __GI_gethostbyname_r.symtab0x1b9f4884FUNC<unknown>HIDDEN2
                        __GI_getpagesize.symtab0x123b824FUNC<unknown>HIDDEN2
                        __GI_getpid.symtab0x123d044FUNC<unknown>HIDDEN2
                        __GI_getrlimit.symtab0x1242844FUNC<unknown>HIDDEN2
                        __GI_getservbyname_r.symtab0x1a818292FUNC<unknown>HIDDEN2
                        __GI_getservbyport.symtab0x1a7c484FUNC<unknown>HIDDEN2
                        __GI_getservbyport_r.symtab0x1a6d4240FUNC<unknown>HIDDEN2
                        __GI_getservent_r.symtab0x1a310580FUNC<unknown>HIDDEN2
                        __GI_getuid.symtab0x18a9444FUNC<unknown>HIDDEN2
                        __GI_h_errno.symtab0x3166c4OBJECT<unknown>HIDDEN10
                        __GI_if_freenameindex.symtab0x1ac4460FUNC<unknown>HIDDEN2
                        __GI_if_nameindex.symtab0x1aab0404FUNC<unknown>HIDDEN2
                        __GI_if_nametoindex.symtab0x1aa20144FUNC<unknown>HIDDEN2
                        __GI_in6addr_loopback.symtab0x21ccc16OBJECT<unknown>HIDDEN4
                        __GI_inet_addr.symtab0x1669036FUNC<unknown>HIDDEN2
                        __GI_inet_aton.symtab0x1ac80236FUNC<unknown>HIDDEN2
                        __GI_inet_ntoa.symtab0x1668412FUNC<unknown>HIDDEN2
                        __GI_inet_ntoa_r.symtab0x16604128FUNC<unknown>HIDDEN2
                        __GI_inet_ntop.symtab0x163a4608FUNC<unknown>HIDDEN2
                        __GI_inet_pton.symtab0x16030528FUNC<unknown>HIDDEN2
                        __GI_initstate_r.symtab0x17a48200FUNC<unknown>HIDDEN2
                        __GI_ioctl.symtab0x1245480FUNC<unknown>HIDDEN2
                        __GI_isatty.symtab0x14fb832FUNC<unknown>HIDDEN2
                        __GI_kill.symtab0x124a444FUNC<unknown>HIDDEN2
                        __GI_listen.symtab0x16e0c44FUNC<unknown>HIDDEN2
                        __GI_lseek64.symtab0x1cb98100FUNC<unknown>HIDDEN2
                        __GI_memchr.symtab0x19f20252FUNC<unknown>HIDDEN2
                        __GI_memcpy.symtab0x149604FUNC<unknown>HIDDEN2
                        __GI_memmove.symtab0x1c3704FUNC<unknown>HIDDEN2
                        __GI_mempcpy.symtab0x1a01c24FUNC<unknown>HIDDEN2
                        __GI_memrchr.symtab0x1a034236FUNC<unknown>HIDDEN2
                        __GI_memset.symtab0x14970156FUNC<unknown>HIDDEN2
                        __GI_nanosleep.symtab0x18ac044FUNC<unknown>HIDDEN2
                        __GI_open.symtab0x18aec92FUNC<unknown>HIDDEN2
                        __GI_perror.symtab0x127bc72FUNC<unknown>HIDDEN2
                        __GI_pipe.symtab0x18b5844FUNC<unknown>HIDDEN2
                        __GI_poll.symtab0x124d044FUNC<unknown>HIDDEN2
                        __GI_putc.symtab0x1424c204FUNC<unknown>HIDDEN2
                        __GI_putc_unlocked.symtab0x14760260FUNC<unknown>HIDDEN2
                        __GI_raise.symtab0x1bd9824FUNC<unknown>HIDDEN2
                        __GI_random.symtab0x17610124FUNC<unknown>HIDDEN2
                        __GI_random_r.symtab0x178ec144FUNC<unknown>HIDDEN2
                        __GI_rawmemchr.symtab0x1c380184FUNC<unknown>HIDDEN2
                        __GI_read.symtab0x1cbfc44FUNC<unknown>HIDDEN2
                        __GI_recv.symtab0x16e3844FUNC<unknown>HIDDEN2
                        __GI_rewind.symtab0x1bf5c152FUNC<unknown>HIDDEN2
                        __GI_sbrk.symtab0x18b8488FUNC<unknown>HIDDEN2
                        __GI_select.symtab0x124fc48FUNC<unknown>HIDDEN2
                        __GI_send.symtab0x16e6444FUNC<unknown>HIDDEN2
                        __GI_sendto.symtab0x16e9052FUNC<unknown>HIDDEN2
                        __GI_setservent.symtab0x1a624176FUNC<unknown>HIDDEN2
                        __GI_setsid.symtab0x1252c44FUNC<unknown>HIDDEN2
                        __GI_setsockopt.symtab0x16ec448FUNC<unknown>HIDDEN2
                        __GI_setstate_r.symtab0x1782c192FUNC<unknown>HIDDEN2
                        __GI_sigaction.symtab0x1881c228FUNC<unknown>HIDDEN2
                        __GI_signal.symtab0x1bdb0184FUNC<unknown>HIDDEN2
                        __GI_sigprocmask.symtab0x18bdc84FUNC<unknown>HIDDEN2
                        __GI_sleep.symtab0x17f24420FUNC<unknown>HIDDEN2
                        __GI_socket.symtab0x16ef444FUNC<unknown>HIDDEN2
                        __GI_sprintf.symtab0x1292852FUNC<unknown>HIDDEN2
                        __GI_srandom_r.symtab0x1797c204FUNC<unknown>HIDDEN2
                        __GI_strcasecmp.symtab0x14e64124FUNC<unknown>HIDDEN2
                        __GI_strcasestr.symtab0x14ee0156FUNC<unknown>HIDDEN2
                        __GI_strchr.symtab0x1a120264FUNC<unknown>HIDDEN2
                        __GI_strcmp.symtab0x14a1028FUNC<unknown>HIDDEN2
                        __GI_strcoll.symtab0x14a1028FUNC<unknown>HIDDEN2
                        __GI_strcpy.symtab0x14a9028FUNC<unknown>HIDDEN2
                        __GI_strdup.symtab0x14f7c48FUNC<unknown>HIDDEN2
                        __GI_strlen.symtab0x14a3096FUNC<unknown>HIDDEN2
                        __GI_strncat.symtab0x1c438200FUNC<unknown>HIDDEN2
                        __GI_strncmp.symtab0x14aac292FUNC<unknown>HIDDEN2
                        __GI_strncpy.symtab0x14bd0184FUNC<unknown>HIDDEN2
                        __GI_strnlen.symtab0x14c88224FUNC<unknown>HIDDEN2
                        __GI_strpbrk.symtab0x1a29c64FUNC<unknown>HIDDEN2
                        __GI_strspn.symtab0x1c50080FUNC<unknown>HIDDEN2
                        __GI_strtok.symtab0x14fac12FUNC<unknown>HIDDEN2
                        __GI_strtok_r.symtab0x1a228116FUNC<unknown>HIDDEN2
                        __GI_strtol.symtab0x17c548FUNC<unknown>HIDDEN2
                        __GI_strtoul.symtab0x17c5c8FUNC<unknown>HIDDEN2
                        __GI_sysconf.symtab0x180c8944FUNC<unknown>HIDDEN2
                        __GI_tcgetattr.symtab0x14fd8108FUNC<unknown>HIDDEN2
                        __GI_time.symtab0x1255844FUNC<unknown>HIDDEN2
                        __GI_tolower.symtab0x18c5c52FUNC<unknown>HIDDEN2
                        __GI_toupper.symtab0x125f052FUNC<unknown>HIDDEN2
                        __GI_vasprintf.symtab0x1295c132FUNC<unknown>HIDDEN2
                        __GI_vfork.symtab0x1890040FUNC<unknown>HIDDEN2
                        __GI_vfprintf.symtab0x13238188FUNC<unknown>HIDDEN2
                        __GI_vsnprintf.symtab0x129e0176FUNC<unknown>HIDDEN2
                        __GI_wait4.symtab0x18c3044FUNC<unknown>HIDDEN2
                        __GI_waitpid.symtab0x125bc8FUNC<unknown>HIDDEN2
                        __GI_wcrtomb.symtab0x18c9c80FUNC<unknown>HIDDEN2
                        __GI_wcsnrtombs.symtab0x18d0c188FUNC<unknown>HIDDEN2
                        __GI_wcsrtombs.symtab0x18cec32FUNC<unknown>HIDDEN2
                        __GI_write.symtab0x125c444FUNC<unknown>HIDDEN2
                        __JCR_END__.symtab0x2a43c0OBJECT<unknown>DEFAULT8
                        __JCR_LIST__.symtab0x2a43c0OBJECT<unknown>DEFAULT8
                        __aeabi_idiv.symtab0x1cd1c0FUNC<unknown>DEFAULT2
                        __aeabi_idiv0.symtab0x1211c4FUNC<unknown>DEFAULT2
                        __aeabi_idivmod.symtab0x1ce4424FUNC<unknown>DEFAULT2
                        __aeabi_ldiv0.symtab0x1211c4FUNC<unknown>DEFAULT2
                        __aeabi_uidiv.symtab0x11e5c0FUNC<unknown>DEFAULT2
                        __aeabi_uidivmod.symtab0x11f5424FUNC<unknown>DEFAULT2
                        __app_fini.symtab0x3165c4OBJECT<unknown>HIDDEN10
                        __atexit_lock.symtab0x2b15c24OBJECT<unknown>DEFAULT9
                        __bsd_signal.symtab0x1bdb0184FUNC<unknown>HIDDEN2
                        __bss_end__.symtab0x329b00NOTYPE<unknown>DEFAULTSHN_ABS
                        __bss_start.symtab0x2b1c00NOTYPE<unknown>DEFAULTSHN_ABS
                        __bss_start__.symtab0x2b1c00NOTYPE<unknown>DEFAULTSHN_ABS
                        __check_one_fd.symtab0x1853c56FUNC<unknown>DEFAULT2
                        __ctype_b.symtab0x2b17c4OBJECT<unknown>DEFAULT9
                        __ctype_tolower.symtab0x2b1844OBJECT<unknown>DEFAULT9
                        __ctype_toupper.symtab0x2ae484OBJECT<unknown>DEFAULT9
                        __curbrk.symtab0x316a84OBJECT<unknown>HIDDEN10
                        __data_start.symtab0x2a4400NOTYPE<unknown>DEFAULT9
                        __decode_answer.symtab0x1c760220FUNC<unknown>HIDDEN2
                        __decode_dotted.symtab0x1ad6c204FUNC<unknown>HIDDEN2
                        __decode_header.symtab0x1c638184FUNC<unknown>HIDDEN2
                        __default_rt_sa_restorer.symtab0x189340FUNC<unknown>DEFAULT2
                        __default_sa_restorer.symtab0x189300FUNC<unknown>DEFAULT2
                        __deregister_frame_info.symtab0x00NOTYPE<unknown>DEFAULTSHN_UNDEF
                        __div0.symtab0x1211c4FUNC<unknown>DEFAULT2
                        __divsi3.symtab0x1cd1c296FUNC<unknown>DEFAULT2
                        __dns_lookup.symtab0x1ae382060FUNC<unknown>HIDDEN2
                        __do_global_ctors_aux.symtab0x1ce5c0FUNC<unknown>DEFAULT2
                        __do_global_dtors_aux.symtab0x80b00FUNC<unknown>DEFAULT2
                        __dso_handle.symtab0x2a4440OBJECT<unknown>HIDDEN9
                        __encode_dotted.symtab0x1cc28168FUNC<unknown>HIDDEN2
                        __encode_header.symtab0x1c550232FUNC<unknown>HIDDEN2
                        __encode_question.symtab0x1c6f092FUNC<unknown>HIDDEN2
                        __end__.symtab0x329b00NOTYPE<unknown>DEFAULTSHN_ABS
                        __environ.symtab0x316544OBJECT<unknown>DEFAULT10
                        __errno_location.symtab0x1262412FUNC<unknown>DEFAULT2
                        __errno_location.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                        __error.symtab0x189240NOTYPE<unknown>DEFAULT2
                        __exit_cleanup.symtab0x3164c4OBJECT<unknown>HIDDEN10
                        __fgetc_unlocked.symtab0x19954304FUNC<unknown>DEFAULT2
                        __fini_array_end.symtab0x2a42c0NOTYPE<unknown>HIDDENSHN_ABS
                        __fini_array_start.symtab0x2a42c0NOTYPE<unknown>HIDDENSHN_ABS
                        __fputc_unlocked.symtab0x14760260FUNC<unknown>DEFAULT2
                        __get_hosts_byaddr_r.symtab0x1b960148FUNC<unknown>HIDDEN2
                        __get_hosts_byname_r.symtab0x1b91872FUNC<unknown>HIDDEN2
                        __getpagesize.symtab0x123b824FUNC<unknown>DEFAULT2
                        __glibc_strerror_r.symtab0x14d6820FUNC<unknown>DEFAULT2
                        __glibc_strerror_r.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                        __h_errno_location.symtab0x18c9012FUNC<unknown>DEFAULT2
                        __h_errno_location.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                        __heap_alloc.symtab0x1727c148FUNC<unknown>DEFAULT2
                        __heap_alloc_at.symtab0x17310140FUNC<unknown>DEFAULT2
                        __heap_free.symtab0x173d0244FUNC<unknown>DEFAULT2
                        __heap_link_free_area.symtab0x1739c32FUNC<unknown>DEFAULT2
                        __heap_link_free_area_after.symtab0x173bc20FUNC<unknown>DEFAULT2
                        __init_array_end.symtab0x2a42c0NOTYPE<unknown>HIDDENSHN_ABS
                        __init_array_start.symtab0x2a42c0NOTYPE<unknown>HIDDENSHN_ABS
                        __initbuf.symtab0x1a2dc52FUNC<unknown>DEFAULT2
                        __length_dotted.symtab0x1ccd076FUNC<unknown>HIDDEN2
                        __length_question.symtab0x1c74c20FUNC<unknown>HIDDEN2
                        __libc_accept.symtab0x16d5844FUNC<unknown>DEFAULT2
                        __libc_close.symtab0x1226044FUNC<unknown>DEFAULT2
                        __libc_connect.symtab0x16db044FUNC<unknown>DEFAULT2
                        __libc_creat.symtab0x18b4816FUNC<unknown>DEFAULT2
                        __libc_fcntl.symtab0x12170116FUNC<unknown>DEFAULT2
                        __libc_fcntl64.symtab0x121e480FUNC<unknown>DEFAULT2
                        __libc_fork.symtab0x1228c44FUNC<unknown>DEFAULT2
                        __libc_getpid.symtab0x123d044FUNC<unknown>DEFAULT2
                        __libc_lseek64.symtab0x1cb98100FUNC<unknown>DEFAULT2
                        __libc_nanosleep.symtab0x18ac044FUNC<unknown>DEFAULT2
                        __libc_open.symtab0x18aec92FUNC<unknown>DEFAULT2
                        __libc_poll.symtab0x124d044FUNC<unknown>DEFAULT2
                        __libc_read.symtab0x1cbfc44FUNC<unknown>DEFAULT2
                        __libc_recv.symtab0x16e3844FUNC<unknown>DEFAULT2
                        __libc_select.symtab0x124fc48FUNC<unknown>DEFAULT2
                        __libc_send.symtab0x16e6444FUNC<unknown>DEFAULT2
                        __libc_sendto.symtab0x16e9052FUNC<unknown>DEFAULT2
                        __libc_sigaction.symtab0x1881c228FUNC<unknown>DEFAULT2
                        __libc_stack_end.symtab0x316504OBJECT<unknown>DEFAULT10
                        __libc_system.symtab0x17b10312FUNC<unknown>DEFAULT2
                        __libc_waitpid.symtab0x125bc8FUNC<unknown>DEFAULT2
                        __libc_write.symtab0x125c444FUNC<unknown>DEFAULT2
                        __malloc_heap.symtab0x2af884OBJECT<unknown>DEFAULT9
                        __malloc_heap_lock.symtab0x3163024OBJECT<unknown>DEFAULT10
                        __malloc_sbrk_lock.symtab0x328ec24OBJECT<unknown>DEFAULT10
                        __modsi3.symtab0x12038228FUNC<unknown>DEFAULT2
                        __muldi3.symtab0x1212080FUNC<unknown>DEFAULT2
                        __nameserver.symtab0x3291412OBJECT<unknown>HIDDEN10
                        __nameservers.symtab0x329204OBJECT<unknown>HIDDEN10
                        __open_etc_hosts.symtab0x1c83c52FUNC<unknown>HIDDEN2
                        __open_nameservers.symtab0x1b644724FUNC<unknown>HIDDEN2
                        __opensock.symtab0x1bd6848FUNC<unknown>HIDDEN2
                        __pagesize.symtab0x316584OBJECT<unknown>DEFAULT10
                        __preinit_array_end.symtab0x2a42c0NOTYPE<unknown>HIDDENSHN_ABS
                        __preinit_array_start.symtab0x2a42c0NOTYPE<unknown>HIDDENSHN_ABS
                        __pthread_initialize_minimal.symtab0x00NOTYPE<unknown>DEFAULTSHN_UNDEF
                        __pthread_mutex_init.symtab0x185308FUNC<unknown>DEFAULT2
                        __pthread_mutex_lock.symtab0x185308FUNC<unknown>DEFAULT2
                        __pthread_mutex_trylock.symtab0x185308FUNC<unknown>DEFAULT2
                        __pthread_mutex_unlock.symtab0x185308FUNC<unknown>DEFAULT2
                        __pthread_return_0.symtab0x185308FUNC<unknown>DEFAULT2
                        __pthread_return_void.symtab0x185384FUNC<unknown>DEFAULT2
                        __raise.symtab0x1bd9824FUNC<unknown>HIDDEN2
                        __read_etc_hosts_r.symtab0x1c870808FUNC<unknown>HIDDEN2
                        __register_frame_info.symtab0x00NOTYPE<unknown>DEFAULTSHN_UNDEF
                        __resolv_lock.symtab0x2b1a424OBJECT<unknown>DEFAULT9
                        __rtld_fini.symtab0x316604OBJECT<unknown>HIDDEN10
                        __searchdomain.symtab0x3290416OBJECT<unknown>HIDDEN10
                        __searchdomains.symtab0x329244OBJECT<unknown>HIDDEN10
                        __sigaddset.symtab0x1be8c36FUNC<unknown>DEFAULT2
                        __sigdelset.symtab0x1beb036FUNC<unknown>DEFAULT2
                        __sigismember.symtab0x1be6836FUNC<unknown>DEFAULT2
                        __stdin.symtab0x2ae584OBJECT<unknown>DEFAULT9
                        __stdio_READ.symtab0x1c12492FUNC<unknown>HIDDEN2
                        __stdio_WRITE.symtab0x18e00188FUNC<unknown>HIDDEN2
                        __stdio_adjust_position.symtab0x1c180204FUNC<unknown>HIDDEN2
                        __stdio_fwrite.symtab0x18ebc312FUNC<unknown>HIDDEN2
                        __stdio_init_mutex.symtab0x1314016FUNC<unknown>HIDDEN2
                        __stdio_mutex_initializer.3929.symtab0x2102424OBJECT<unknown>DEFAULT4
                        __stdio_rfill.symtab0x1c24c44FUNC<unknown>HIDDEN2
                        __stdio_seek.symtab0x1c33448FUNC<unknown>HIDDEN2
                        __stdio_trans2r_o.symtab0x1c278188FUNC<unknown>HIDDEN2
                        __stdio_trans2w_o.symtab0x18ff4260FUNC<unknown>HIDDEN2
                        __stdio_wcommit.symtab0x1320848FUNC<unknown>HIDDEN2
                        __stdout.symtab0x2ae5c4OBJECT<unknown>DEFAULT9
                        __syscall_error.symtab0x1bf3428FUNC<unknown>HIDDEN2
                        __syscall_error.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                        __syscall_fcntl.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                        __syscall_fcntl64.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                        __syscall_rt_sigaction.symtab0x1893844FUNC<unknown>HIDDEN2
                        __syscall_rt_sigaction.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                        __uClibc_fini.symtab0x184c4108FUNC<unknown>DEFAULT2
                        __uClibc_init.symtab0x1857492FUNC<unknown>DEFAULT2
                        __uClibc_main.symtab0x185d0588FUNC<unknown>DEFAULT2
                        __uClibc_main.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                        __uclibc_progname.symtab0x2b1744OBJECT<unknown>HIDDEN9
                        __udivsi3.symtab0x11e5c248FUNC<unknown>DEFAULT2
                        __umodsi3.symtab0x11f6c204FUNC<unknown>DEFAULT2
                        __vfork.symtab0x1890040FUNC<unknown>HIDDEN2
                        __xpg_strerror_r.symtab0x14d7c232FUNC<unknown>DEFAULT2
                        __xpg_strerror_r.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                        _adjust_pos.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                        _bss_end__.symtab0x329b00NOTYPE<unknown>DEFAULTSHN_ABS
                        _charpad.symtab0x132f476FUNC<unknown>DEFAULT2
                        _cs_funcs.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                        _dl_aux_init.symtab0x1bed436FUNC<unknown>DEFAULT2
                        _dl_phdr.symtab0x329a84OBJECT<unknown>DEFAULT10
                        _dl_phnum.symtab0x329ac4OBJECT<unknown>DEFAULT10
                        _edata.symtab0x2b1c00NOTYPE<unknown>DEFAULTSHN_ABS
                        _end.symtab0x329b00NOTYPE<unknown>DEFAULTSHN_ABS
                        _errno.symtab0x316684OBJECT<unknown>DEFAULT10
                        _exit.symtab0x1896440FUNC<unknown>DEFAULT2
                        _exit.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                        _fini.symtab0x1ce984FUNC<unknown>DEFAULT3
                        _fixed_buffers.symtab0x2f61c8192OBJECT<unknown>DEFAULT10
                        _fopen.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                        _fp_out_narrow.symtab0x13340132FUNC<unknown>DEFAULT2
                        _fpmaxtostr.symtab0x192ec1640FUNC<unknown>HIDDEN2
                        _fpmaxtostr.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                        _fwrite.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                        _h_errno.symtab0x3166c4OBJECT<unknown>DEFAULT10
                        _init.symtab0x80944FUNC<unknown>DEFAULT1
                        _load_inttype.symtab0x190f8112FUNC<unknown>HIDDEN2
                        _load_inttype.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                        _memcpy.symtab0x19a900FUNC<unknown>HIDDEN2
                        _ppfs_init.symtab0x139b8152FUNC<unknown>HIDDEN2
                        _ppfs_init.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                        _ppfs_parsespec.symtab0x13c701220FUNC<unknown>HIDDEN2
                        _ppfs_parsespec.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                        _ppfs_prepargs.symtab0x13a5056FUNC<unknown>HIDDEN2
                        _ppfs_prepargs.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                        _ppfs_setargs.symtab0x13a88412FUNC<unknown>HIDDEN2
                        _ppfs_setargs.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                        _promoted_size.symtab0x13c2476FUNC<unknown>DEFAULT2
                        _pthread_cleanup_pop_restore.symtab0x185384FUNC<unknown>DEFAULT2
                        _pthread_cleanup_push_defer.symtab0x185384FUNC<unknown>DEFAULT2
                        _rfill.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                        _sigintr.symtab0x32928128OBJECT<unknown>HIDDEN10
                        _start.symtab0x81900FUNC<unknown>DEFAULT2
                        _stdio.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                        _stdio_fopen.symtab0x12dd8760FUNC<unknown>HIDDEN2
                        _stdio_init.symtab0x130d0112FUNC<unknown>HIDDEN2
                        _stdio_openlist.symtab0x2ae604OBJECT<unknown>DEFAULT9
                        _stdio_openlist_add_lock.symtab0x2ae6424OBJECT<unknown>DEFAULT9
                        _stdio_openlist_dec_use.symtab0x143a4320FUNC<unknown>DEFAULT2
                        _stdio_openlist_del_count.symtab0x2f6184OBJECT<unknown>DEFAULT10
                        _stdio_openlist_del_lock.symtab0x2ae7c24OBJECT<unknown>DEFAULT9
                        _stdio_openlist_use_count.symtab0x2f6144OBJECT<unknown>DEFAULT10
                        _stdio_streams.symtab0x2ae98240OBJECT<unknown>DEFAULT9
                        _stdio_term.symtab0x13150184FUNC<unknown>HIDDEN2
                        _stdio_user_locking.symtab0x2ae944OBJECT<unknown>DEFAULT9
                        _stdlib_strto_l.symtab0x17c64408FUNC<unknown>HIDDEN2
                        _stdlib_strto_l.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                        _store_inttype.symtab0x1916852FUNC<unknown>HIDDEN2
                        _store_inttype.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                        _string_syserrmsgs.symtab0x210f42906OBJECT<unknown>HIDDEN4
                        _string_syserrmsgs.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                        _trans2r.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                        _trans2w.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                        _uintmaxtostr.symtab0x1919c336FUNC<unknown>HIDDEN2
                        _uintmaxtostr.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                        _vfprintf_internal.symtab0x133c41524FUNC<unknown>HIDDEN2
                        _vfprintf_internal.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                        _wcommit.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                        abort.symtab0x174c4328FUNC<unknown>DEFAULT2
                        abort.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                        accept.symtab0x16d5844FUNC<unknown>DEFAULT2
                        accept.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                        actualparent.symtab0x317c04OBJECT<unknown>DEFAULT10
                        advance_telstate.symtab0xd858112FUNC<unknown>DEFAULT2
                        advances.symtab0x2aca828OBJECT<unknown>DEFAULT9
                        advances2.symtab0x2ad0844OBJECT<unknown>DEFAULT9
                        ak47scan.symtab0xf310252FUNC<unknown>DEFAULT2
                        ak47scantoggle.symtab0xf40c428FUNC<unknown>DEFAULT2
                        ak47telscan.symtab0xd9446604FUNC<unknown>DEFAULT2
                        append.symtab0xfc6876FUNC<unknown>DEFAULT2
                        asprintf.symtab0x128f848FUNC<unknown>DEFAULT2
                        asprintf.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                        atoi.symtab0x17c4812FUNC<unknown>DEFAULT2
                        atol.symtab0x17c4812FUNC<unknown>DEFAULT2
                        atol.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                        bcopy.symtab0x1495016FUNC<unknown>DEFAULT2
                        been_there_done_that.symtab0x316484OBJECT<unknown>DEFAULT10
                        been_there_done_that.2789.symtab0x316644OBJECT<unknown>DEFAULT10
                        bind.symtab0x16d8444FUNC<unknown>DEFAULT2
                        bind.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                        blacknurse.symtab0x9ce4800FUNC<unknown>DEFAULT2
                        botkill.symtab0xf5b8156FUNC<unknown>DEFAULT2
                        brk.symtab0x1bef860FUNC<unknown>DEFAULT2
                        brk.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                        bsd_signal.symtab0x1bdb0184FUNC<unknown>DEFAULT2
                        buf.2613.symtab0x3162016OBJECT<unknown>DEFAULT10
                        c.symtab0x2ad444OBJECT<unknown>DEFAULT9
                        call___do_global_ctors_aux.symtab0x1ce900FUNC<unknown>DEFAULT2
                        call___do_global_dtors_aux.symtab0x81280FUNC<unknown>DEFAULT2
                        call_frame_dummy.symtab0x81880FUNC<unknown>DEFAULT2
                        capsaicin2.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                        chan.symtab0x328e44OBJECT<unknown>DEFAULT10
                        changeservers.symtab0x2b1e04OBJECT<unknown>DEFAULT10
                        chdir.symtab0x1223444FUNC<unknown>DEFAULT2
                        chdir.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                        clock_getres.symtab0x1898c44FUNC<unknown>DEFAULT2
                        clock_getres.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                        close.symtab0x1226044FUNC<unknown>DEFAULT2
                        close.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                        completed.2555.symtab0x2b1c01OBJECT<unknown>DEFAULT10
                        con.symtab0x10ef8868FUNC<unknown>DEFAULT2
                        connect.symtab0x16db044FUNC<unknown>DEFAULT2
                        connect.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                        contains_fail.symtab0xd5b448FUNC<unknown>DEFAULT2
                        contains_response.symtab0xd5e496FUNC<unknown>DEFAULT2
                        contains_string.symtab0xd4ac216FUNC<unknown>DEFAULT2
                        contains_success.symtab0xd58448FUNC<unknown>DEFAULT2
                        creat.symtab0x18b4816FUNC<unknown>DEFAULT2
                        crtstuff.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                        crtstuff.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                        csum.symtab0x81e8260FUNC<unknown>DEFAULT2
                        data_start.symtab0x2a44c0NOTYPE<unknown>DEFAULT9
                        decodea.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                        decoded.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                        decodeh.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                        disable.symtab0x97bc320FUNC<unknown>DEFAULT2
                        disabled.symtab0x2b1e41OBJECT<unknown>DEFAULT10
                        dispass.symtab0x316ac256OBJECT<unknown>DEFAULT10
                        dl-support.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                        dns.symtab0xc438780FUNC<unknown>DEFAULT2
                        dns_format.symtab0xb9dc320FUNC<unknown>DEFAULT2
                        dns_hdr_create.symtab0xbb1c172FUNC<unknown>DEFAULT2
                        dns_send.symtab0xbbc81640FUNC<unknown>DEFAULT2
                        dnsflood.symtab0xc230520FUNC<unknown>DEFAULT2
                        dnslookup.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                        download.symtab0x8eb01508FUNC<unknown>DEFAULT2
                        dup2.symtab0x189b844FUNC<unknown>DEFAULT2
                        dup2.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                        enable.symtab0x98fc284FUNC<unknown>DEFAULT2
                        encoded.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                        encodeh.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                        encodeq.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                        endservent.symtab0x1a590148FUNC<unknown>DEFAULT2
                        environ.symtab0x316544OBJECT<unknown>DEFAULT10
                        errno.symtab0x316684OBJECT<unknown>DEFAULT10
                        errno.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                        execfile.symtab0x317cc256OBJECT<unknown>DEFAULT10
                        execl.symtab0x17e90148FUNC<unknown>DEFAULT2
                        execl.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                        execve.symtab0x189e444FUNC<unknown>DEFAULT2
                        execve.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                        exit.symtab0x17dfc148FUNC<unknown>DEFAULT2
                        exit.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                        exp10_table.symtab0x2235472OBJECT<unknown>DEFAULT4
                        fails.symtab0x2acc436OBJECT<unknown>DEFAULT9
                        fastflux.symtab0xfec8460FUNC<unknown>DEFAULT2
                        fclose.symtab0x12630384FUNC<unknown>DEFAULT2
                        fclose.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                        fcntl.symtab0x12170116FUNC<unknown>DEFAULT2
                        fcntl64.symtab0x121e480FUNC<unknown>DEFAULT2
                        fdopen.symtab0x18dc856FUNC<unknown>DEFAULT2
                        fdopen.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                        feof.symtab0x14134132FUNC<unknown>DEFAULT2
                        feof.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                        fflush_unlocked.symtab0x144e4484FUNC<unknown>DEFAULT2
                        fflush_unlocked.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                        fgetc_unlocked.symtab0x19954304FUNC<unknown>DEFAULT2
                        fgetc_unlocked.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                        fgets.symtab0x141b8148FUNC<unknown>DEFAULT2
                        fgets.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                        fgets_unlocked.symtab0x146c8152FUNC<unknown>DEFAULT2
                        fgets_unlocked.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                        filter.symtab0x8668144FUNC<unknown>DEFAULT2
                        flooders.symtab0x2ad54176OBJECT<unknown>DEFAULT9
                        fmt.symtab0x2234020OBJECT<unknown>DEFAULT4
                        fopen.symtab0x127b012FUNC<unknown>DEFAULT2
                        fopen.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                        force_to_data.symtab0x2a4400OBJECT<unknown>DEFAULT9
                        force_to_data.symtab0x2b1bc0OBJECT<unknown>DEFAULT9
                        fork.symtab0x1228c44FUNC<unknown>DEFAULT2
                        fork.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                        fprintf.symtab0x128c848FUNC<unknown>DEFAULT2
                        fprintf.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                        fputc.symtab0x1424c204FUNC<unknown>DEFAULT2
                        fputc.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                        fputc_unlocked.symtab0x14760260FUNC<unknown>DEFAULT2
                        fputc_unlocked.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                        fputs.symtab0x14318140FUNC<unknown>DEFAULT2
                        fputs.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                        fputs_unlocked.symtab0x1486452FUNC<unknown>DEFAULT2
                        fputs_unlocked.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                        frame_dummy.symtab0x81300FUNC<unknown>DEFAULT2
                        free.symtab0x17074240FUNC<unknown>DEFAULT2
                        free.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                        freeaddrinfo.symtab0x15c4832FUNC<unknown>DEFAULT2
                        fseek.symtab0x1bf5012FUNC<unknown>DEFAULT2
                        fseeko.symtab0x1bf5012FUNC<unknown>DEFAULT2
                        fseeko.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                        fseeko64.symtab0x1bff4304FUNC<unknown>DEFAULT2
                        fseeko64.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                        fwrite_unlocked.symtab0x14898172FUNC<unknown>DEFAULT2
                        fwrite_unlocked.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                        gaih.symtab0x21c5024OBJECT<unknown>DEFAULT4
                        gaih_inet.symtab0x151802760FUNC<unknown>DEFAULT2
                        gaih_inet_serv.symtab0x150b4204FUNC<unknown>DEFAULT2
                        gaih_inet_typeproto.symtab0x21c6840OBJECT<unknown>DEFAULT4

                        Network Behavior

                        Network Port Distribution

                        TCP Packets

                        TimestampSource PortDest PortSource IPDest IP
                        Nov 23, 2024 11:07:30.330177069 CET503146780192.168.2.1595.234.158.87
                        Nov 23, 2024 11:07:30.450002909 CET67805031495.234.158.87192.168.2.15
                        Nov 23, 2024 11:07:30.450089931 CET503146780192.168.2.1595.234.158.87
                        Nov 23, 2024 11:07:31.380430937 CET503146780192.168.2.1595.234.158.87
                        Nov 23, 2024 11:07:31.500324011 CET67805031495.234.158.87192.168.2.15
                        Nov 23, 2024 11:07:31.649158955 CET67805031495.234.158.87192.168.2.15
                        Nov 23, 2024 11:07:31.649269104 CET503146780192.168.2.1595.234.158.87
                        Nov 23, 2024 11:07:31.649326086 CET67805031495.234.158.87192.168.2.15
                        Nov 23, 2024 11:07:31.649775982 CET503146780192.168.2.1595.234.158.87
                        Nov 23, 2024 11:07:31.769295931 CET67805031495.234.158.87192.168.2.15
                        Nov 23, 2024 11:07:31.870184898 CET5576653192.168.2.158.8.8.8
                        Nov 23, 2024 11:07:31.990263939 CET53557668.8.8.8192.168.2.15
                        Nov 23, 2024 11:07:31.990355015 CET5576653192.168.2.158.8.8.8
                        Nov 23, 2024 11:07:31.990411997 CET5576653192.168.2.158.8.8.8
                        Nov 23, 2024 11:07:31.990411997 CET5576653192.168.2.158.8.8.8
                        Nov 23, 2024 11:07:32.110138893 CET53557668.8.8.8192.168.2.15
                        Nov 23, 2024 11:07:32.110205889 CET53557668.8.8.8192.168.2.15
                        Nov 23, 2024 11:07:33.105581045 CET53557668.8.8.8192.168.2.15
                        Nov 23, 2024 11:07:33.105660915 CET5576653192.168.2.158.8.8.8
                        Nov 23, 2024 11:07:35.130465984 CET53557668.8.8.8192.168.2.15
                        Nov 23, 2024 11:07:35.130597115 CET5576653192.168.2.158.8.8.8
                        Nov 23, 2024 11:07:35.250418901 CET53557668.8.8.8192.168.2.15
                        Nov 23, 2024 11:07:36.701446056 CET503186780192.168.2.1595.234.158.87
                        Nov 23, 2024 11:07:36.821178913 CET67805031895.234.158.87192.168.2.15
                        Nov 23, 2024 11:07:36.821371078 CET503186780192.168.2.1595.234.158.87
                        Nov 23, 2024 11:07:37.722357035 CET503186780192.168.2.1595.234.158.87
                        Nov 23, 2024 11:07:37.842000008 CET67805031895.234.158.87192.168.2.15
                        Nov 23, 2024 11:07:38.012737036 CET67805031895.234.158.87192.168.2.15
                        Nov 23, 2024 11:07:38.012798071 CET67805031895.234.158.87192.168.2.15
                        Nov 23, 2024 11:07:38.012799978 CET503186780192.168.2.1595.234.158.87
                        Nov 23, 2024 11:07:38.012860060 CET503186780192.168.2.1595.234.158.87
                        Nov 23, 2024 11:07:38.012923956 CET503186780192.168.2.1595.234.158.87
                        Nov 23, 2024 11:07:38.132586002 CET67805031895.234.158.87192.168.2.15
                        Nov 23, 2024 11:07:43.015145063 CET503206780192.168.2.1595.234.158.87
                        Nov 23, 2024 11:07:43.134973049 CET67805032095.234.158.87192.168.2.15
                        Nov 23, 2024 11:07:43.139137983 CET503206780192.168.2.1595.234.158.87
                        Nov 23, 2024 11:07:44.019287109 CET503206780192.168.2.1595.234.158.87
                        Nov 23, 2024 11:07:44.139106989 CET67805032095.234.158.87192.168.2.15
                        Nov 23, 2024 11:07:44.287086010 CET67805032095.234.158.87192.168.2.15
                        Nov 23, 2024 11:07:44.287158012 CET503206780192.168.2.1595.234.158.87
                        Nov 23, 2024 11:07:44.287225962 CET67805032095.234.158.87192.168.2.15
                        Nov 23, 2024 11:07:44.287240982 CET503206780192.168.2.1595.234.158.87
                        Nov 23, 2024 11:07:44.287276983 CET503206780192.168.2.1595.234.158.87
                        Nov 23, 2024 11:07:44.406982899 CET67805032095.234.158.87192.168.2.15
                        Nov 23, 2024 11:07:49.289437056 CET503226780192.168.2.1595.234.158.87
                        Nov 23, 2024 11:07:49.410228014 CET67805032295.234.158.87192.168.2.15
                        Nov 23, 2024 11:07:49.410415888 CET503226780192.168.2.1595.234.158.87
                        Nov 23, 2024 11:07:50.294325113 CET503226780192.168.2.1595.234.158.87
                        Nov 23, 2024 11:07:50.420727968 CET67805032295.234.158.87192.168.2.15
                        Nov 23, 2024 11:07:50.520471096 CET67805032295.234.158.87192.168.2.15
                        Nov 23, 2024 11:07:50.520529985 CET503226780192.168.2.1595.234.158.87
                        Nov 23, 2024 11:07:50.520561934 CET503226780192.168.2.1595.234.158.87
                        Nov 23, 2024 11:07:50.520600080 CET67805032295.234.158.87192.168.2.15
                        Nov 23, 2024 11:07:50.520638943 CET503226780192.168.2.1595.234.158.87
                        Nov 23, 2024 11:07:50.640275955 CET67805032295.234.158.87192.168.2.15
                        Nov 23, 2024 11:07:55.522198915 CET503246780192.168.2.1595.234.158.87
                        Nov 23, 2024 11:07:55.641772985 CET67805032495.234.158.87192.168.2.15
                        Nov 23, 2024 11:07:55.641926050 CET503246780192.168.2.1595.234.158.87
                        Nov 23, 2024 11:07:56.527591944 CET503246780192.168.2.1595.234.158.87
                        Nov 23, 2024 11:07:56.647352934 CET67805032495.234.158.87192.168.2.15
                        Nov 23, 2024 11:07:56.791416883 CET67805032495.234.158.87192.168.2.15
                        Nov 23, 2024 11:07:56.791513920 CET503246780192.168.2.1595.234.158.87
                        Nov 23, 2024 11:07:56.791513920 CET503246780192.168.2.1595.234.158.87
                        Nov 23, 2024 11:07:56.791577101 CET67805032495.234.158.87192.168.2.15
                        Nov 23, 2024 11:07:56.791706085 CET503246780192.168.2.1595.234.158.87
                        Nov 23, 2024 11:07:56.911307096 CET67805032495.234.158.87192.168.2.15
                        Nov 23, 2024 11:08:01.793107033 CET503266780192.168.2.1595.234.158.87
                        Nov 23, 2024 11:08:01.912837982 CET67805032695.234.158.87192.168.2.15
                        Nov 23, 2024 11:08:01.912926912 CET503266780192.168.2.1595.234.158.87
                        Nov 23, 2024 11:08:02.798163891 CET503266780192.168.2.1595.234.158.87
                        Nov 23, 2024 11:08:02.917929888 CET67805032695.234.158.87192.168.2.15
                        Nov 23, 2024 11:08:03.063565016 CET67805032695.234.158.87192.168.2.15
                        Nov 23, 2024 11:08:03.063633919 CET503266780192.168.2.1595.234.158.87
                        Nov 23, 2024 11:08:03.063678026 CET503266780192.168.2.1595.234.158.87
                        Nov 23, 2024 11:08:03.063832045 CET67805032695.234.158.87192.168.2.15
                        Nov 23, 2024 11:08:03.063874006 CET503266780192.168.2.1595.234.158.87
                        Nov 23, 2024 11:08:03.183439016 CET67805032695.234.158.87192.168.2.15
                        Nov 23, 2024 11:08:08.065130949 CET503286780192.168.2.1595.234.158.87
                        Nov 23, 2024 11:08:08.184871912 CET67805032895.234.158.87192.168.2.15
                        Nov 23, 2024 11:08:08.185004950 CET503286780192.168.2.1595.234.158.87
                        Nov 23, 2024 11:08:09.067581892 CET503286780192.168.2.1595.234.158.87
                        Nov 23, 2024 11:08:09.187520981 CET67805032895.234.158.87192.168.2.15
                        Nov 23, 2024 11:08:09.396770954 CET67805032895.234.158.87192.168.2.15
                        Nov 23, 2024 11:08:09.396842003 CET503286780192.168.2.1595.234.158.87
                        Nov 23, 2024 11:08:09.396871090 CET503286780192.168.2.1595.234.158.87
                        Nov 23, 2024 11:08:09.396891117 CET67805032895.234.158.87192.168.2.15
                        Nov 23, 2024 11:08:09.396945953 CET503286780192.168.2.1595.234.158.87
                        Nov 23, 2024 11:08:09.516562939 CET67805032895.234.158.87192.168.2.15
                        Nov 23, 2024 11:08:14.398406982 CET503306780192.168.2.1595.234.158.87
                        Nov 23, 2024 11:08:14.518223047 CET67805033095.234.158.87192.168.2.15
                        Nov 23, 2024 11:08:14.518297911 CET503306780192.168.2.1595.234.158.87
                        Nov 23, 2024 11:08:15.450107098 CET503306780192.168.2.1595.234.158.87
                        Nov 23, 2024 11:08:15.574309111 CET67805033095.234.158.87192.168.2.15
                        Nov 23, 2024 11:08:15.677129984 CET67805033095.234.158.87192.168.2.15
                        Nov 23, 2024 11:08:15.677154064 CET67805033095.234.158.87192.168.2.15
                        Nov 23, 2024 11:08:15.677339077 CET503306780192.168.2.1595.234.158.87
                        Nov 23, 2024 11:08:15.677339077 CET503306780192.168.2.1595.234.158.87
                        Nov 23, 2024 11:08:15.796930075 CET67805033095.234.158.87192.168.2.15
                        Nov 23, 2024 11:08:20.678776979 CET503326780192.168.2.1595.234.158.87
                        Nov 23, 2024 11:08:20.798403978 CET67805033295.234.158.87192.168.2.15
                        Nov 23, 2024 11:08:20.798489094 CET503326780192.168.2.1595.234.158.87
                        Nov 23, 2024 11:08:21.682398081 CET503326780192.168.2.1595.234.158.87
                        Nov 23, 2024 11:08:21.802206993 CET67805033295.234.158.87192.168.2.15
                        Nov 23, 2024 11:08:21.904619932 CET67805033295.234.158.87192.168.2.15
                        Nov 23, 2024 11:08:21.904747009 CET67805033295.234.158.87192.168.2.15
                        Nov 23, 2024 11:08:21.907154083 CET503326780192.168.2.1595.234.158.87
                        Nov 23, 2024 11:08:21.907154083 CET503326780192.168.2.1595.234.158.87
                        Nov 23, 2024 11:08:22.026971102 CET67805033295.234.158.87192.168.2.15
                        Nov 23, 2024 11:08:26.924079895 CET503346780192.168.2.1595.234.158.87
                        Nov 23, 2024 11:08:27.043651104 CET67805033495.234.158.87192.168.2.15
                        Nov 23, 2024 11:08:27.043889999 CET503346780192.168.2.1595.234.158.87
                        Nov 23, 2024 11:08:27.926865101 CET503346780192.168.2.1595.234.158.87
                        Nov 23, 2024 11:08:28.048003912 CET67805033495.234.158.87192.168.2.15
                        Nov 23, 2024 11:08:28.187453985 CET67805033495.234.158.87192.168.2.15
                        Nov 23, 2024 11:08:28.187469959 CET67805033495.234.158.87192.168.2.15
                        Nov 23, 2024 11:08:28.187495947 CET503346780192.168.2.1595.234.158.87
                        Nov 23, 2024 11:08:28.187561035 CET503346780192.168.2.1595.234.158.87
                        Nov 23, 2024 11:08:28.307288885 CET67805033495.234.158.87192.168.2.15
                        Nov 23, 2024 11:08:33.188857079 CET503366780192.168.2.1595.234.158.87
                        Nov 23, 2024 11:08:33.308434963 CET67805033695.234.158.87192.168.2.15
                        Nov 23, 2024 11:08:33.308501005 CET503366780192.168.2.1595.234.158.87
                        Nov 23, 2024 11:08:34.191580057 CET503366780192.168.2.1595.234.158.87
                        Nov 23, 2024 11:08:34.311191082 CET67805033695.234.158.87192.168.2.15
                        Nov 23, 2024 11:08:34.458111048 CET67805033695.234.158.87192.168.2.15
                        Nov 23, 2024 11:08:34.458158016 CET503366780192.168.2.1595.234.158.87
                        Nov 23, 2024 11:08:34.458209038 CET503366780192.168.2.1595.234.158.87
                        Nov 23, 2024 11:08:34.458462954 CET67805033695.234.158.87192.168.2.15
                        Nov 23, 2024 11:08:34.458494902 CET503366780192.168.2.1595.234.158.87
                        Nov 23, 2024 11:08:34.577779055 CET67805033695.234.158.87192.168.2.15
                        Nov 23, 2024 11:08:39.459863901 CET503386780192.168.2.1595.234.158.87
                        Nov 23, 2024 11:08:39.579365015 CET67805033895.234.158.87192.168.2.15
                        Nov 23, 2024 11:08:39.579454899 CET503386780192.168.2.1595.234.158.87
                        Nov 23, 2024 11:08:40.462990046 CET503386780192.168.2.1595.234.158.87
                        Nov 23, 2024 11:08:40.587198973 CET67805033895.234.158.87192.168.2.15
                        Nov 23, 2024 11:08:40.766392946 CET67805033895.234.158.87192.168.2.15
                        Nov 23, 2024 11:08:40.766436100 CET503386780192.168.2.1595.234.158.87
                        Nov 23, 2024 11:08:40.766455889 CET67805033895.234.158.87192.168.2.15
                        Nov 23, 2024 11:08:40.766514063 CET503386780192.168.2.1595.234.158.87
                        Nov 23, 2024 11:08:40.886961937 CET67805033895.234.158.87192.168.2.15
                        Nov 23, 2024 11:08:45.768292904 CET503406780192.168.2.1595.234.158.87
                        Nov 23, 2024 11:08:45.889803886 CET67805034095.234.158.87192.168.2.15
                        Nov 23, 2024 11:08:45.889902115 CET503406780192.168.2.1595.234.158.87
                        Nov 23, 2024 11:08:46.771428108 CET503406780192.168.2.1595.234.158.87
                        Nov 23, 2024 11:08:46.892750978 CET67805034095.234.158.87192.168.2.15
                        Nov 23, 2024 11:08:47.003053904 CET67805034095.234.158.87192.168.2.15
                        Nov 23, 2024 11:08:47.003129959 CET503406780192.168.2.1595.234.158.87
                        Nov 23, 2024 11:08:47.003177881 CET503406780192.168.2.1595.234.158.87
                        Nov 23, 2024 11:08:47.003205061 CET67805034095.234.158.87192.168.2.15
                        Nov 23, 2024 11:08:47.003256083 CET503406780192.168.2.1595.234.158.87
                        Nov 23, 2024 11:08:47.122879982 CET67805034095.234.158.87192.168.2.15
                        Nov 23, 2024 11:08:52.005145073 CET503426780192.168.2.1595.234.158.87
                        Nov 23, 2024 11:08:52.124990940 CET67805034295.234.158.87192.168.2.15
                        Nov 23, 2024 11:08:52.125041962 CET503426780192.168.2.1595.234.158.87
                        Nov 23, 2024 11:08:53.008995056 CET503426780192.168.2.1595.234.158.87
                        Nov 23, 2024 11:08:53.128526926 CET67805034295.234.158.87192.168.2.15
                        Nov 23, 2024 11:08:53.268348932 CET67805034295.234.158.87192.168.2.15
                        Nov 23, 2024 11:08:53.268448114 CET67805034295.234.158.87192.168.2.15
                        Nov 23, 2024 11:08:53.268587112 CET503426780192.168.2.1595.234.158.87
                        Nov 23, 2024 11:08:53.268587112 CET503426780192.168.2.1595.234.158.87
                        Nov 23, 2024 11:08:53.388158083 CET67805034295.234.158.87192.168.2.15
                        Nov 23, 2024 11:08:58.270437956 CET503446780192.168.2.1595.234.158.87
                        Nov 23, 2024 11:08:58.390099049 CET67805034495.234.158.87192.168.2.15
                        Nov 23, 2024 11:08:58.393704891 CET503446780192.168.2.1595.234.158.87
                        Nov 23, 2024 11:08:59.273446083 CET503446780192.168.2.1595.234.158.87
                        Nov 23, 2024 11:08:59.393114090 CET67805034495.234.158.87192.168.2.15
                        Nov 23, 2024 11:08:59.505597115 CET67805034495.234.158.87192.168.2.15
                        Nov 23, 2024 11:08:59.505671978 CET503446780192.168.2.1595.234.158.87
                        Nov 23, 2024 11:08:59.505714893 CET503446780192.168.2.1595.234.158.87
                        Nov 23, 2024 11:08:59.505729914 CET67805034495.234.158.87192.168.2.15
                        Nov 23, 2024 11:08:59.505785942 CET503446780192.168.2.1595.234.158.87
                        Nov 23, 2024 11:08:59.630280018 CET67805034495.234.158.87192.168.2.15
                        Nov 23, 2024 11:09:04.507221937 CET503466780192.168.2.1595.234.158.87
                        Nov 23, 2024 11:09:04.626810074 CET67805034695.234.158.87192.168.2.15
                        Nov 23, 2024 11:09:04.626879930 CET503466780192.168.2.1595.234.158.87
                        Nov 23, 2024 11:09:05.510890961 CET503466780192.168.2.1595.234.158.87
                        Nov 23, 2024 11:09:05.630568027 CET67805034695.234.158.87192.168.2.15
                        Nov 23, 2024 11:09:05.791892052 CET67805034695.234.158.87192.168.2.15
                        Nov 23, 2024 11:09:05.791919947 CET67805034695.234.158.87192.168.2.15
                        Nov 23, 2024 11:09:05.791937113 CET503466780192.168.2.1595.234.158.87
                        Nov 23, 2024 11:09:05.792009115 CET503466780192.168.2.1595.234.158.87
                        Nov 23, 2024 11:09:05.915195942 CET67805034695.234.158.87192.168.2.15
                        Nov 23, 2024 11:09:10.793395042 CET503486780192.168.2.1595.234.158.87
                        Nov 23, 2024 11:09:10.914848089 CET67805034895.234.158.87192.168.2.15
                        Nov 23, 2024 11:09:10.914938927 CET503486780192.168.2.1595.234.158.87
                        Nov 23, 2024 11:09:11.799163103 CET503486780192.168.2.1595.234.158.87
                        Nov 23, 2024 11:09:11.918947935 CET67805034895.234.158.87192.168.2.15
                        Nov 23, 2024 11:09:12.032327890 CET67805034895.234.158.87192.168.2.15
                        Nov 23, 2024 11:09:12.032368898 CET503486780192.168.2.1595.234.158.87
                        Nov 23, 2024 11:09:12.032424927 CET67805034895.234.158.87192.168.2.15
                        Nov 23, 2024 11:09:12.032430887 CET503486780192.168.2.1595.234.158.87
                        Nov 23, 2024 11:09:12.032468081 CET503486780192.168.2.1595.234.158.87
                        Nov 23, 2024 11:09:12.152031898 CET67805034895.234.158.87192.168.2.15
                        Nov 23, 2024 11:09:17.033623934 CET503506780192.168.2.1595.234.158.87
                        Nov 23, 2024 11:09:17.153247118 CET67805035095.234.158.87192.168.2.15
                        Nov 23, 2024 11:09:17.153345108 CET503506780192.168.2.1595.234.158.87
                        Nov 23, 2024 11:09:18.037589073 CET503506780192.168.2.1595.234.158.87
                        Nov 23, 2024 11:09:18.158262968 CET67805035095.234.158.87192.168.2.15
                        Nov 23, 2024 11:09:18.315994024 CET67805035095.234.158.87192.168.2.15
                        Nov 23, 2024 11:09:18.316035032 CET503506780192.168.2.1595.234.158.87
                        Nov 23, 2024 11:09:18.316081047 CET67805035095.234.158.87192.168.2.15
                        Nov 23, 2024 11:09:18.316097975 CET503506780192.168.2.1595.234.158.87
                        Nov 23, 2024 11:09:18.316118956 CET503506780192.168.2.1595.234.158.87
                        Nov 23, 2024 11:09:18.435992956 CET67805035095.234.158.87192.168.2.15
                        Nov 23, 2024 11:09:23.317643881 CET503526780192.168.2.1595.234.158.87
                        Nov 23, 2024 11:09:23.437510967 CET67805035295.234.158.87192.168.2.15
                        Nov 23, 2024 11:09:23.437669039 CET503526780192.168.2.1595.234.158.87
                        Nov 23, 2024 11:09:24.320089102 CET503526780192.168.2.1595.234.158.87
                        Nov 23, 2024 11:09:24.439801931 CET67805035295.234.158.87192.168.2.15
                        Nov 23, 2024 11:09:24.555387974 CET67805035295.234.158.87192.168.2.15
                        Nov 23, 2024 11:09:24.555418015 CET67805035295.234.158.87192.168.2.15
                        Nov 23, 2024 11:09:24.555444956 CET503526780192.168.2.1595.234.158.87
                        Nov 23, 2024 11:09:24.555495024 CET503526780192.168.2.1595.234.158.87
                        Nov 23, 2024 11:09:24.675275087 CET67805035295.234.158.87192.168.2.15
                        Nov 23, 2024 11:09:29.557233095 CET503546780192.168.2.1595.234.158.87
                        Nov 23, 2024 11:09:29.676841021 CET67805035495.234.158.87192.168.2.15
                        Nov 23, 2024 11:09:29.677037001 CET503546780192.168.2.1595.234.158.87
                        Nov 23, 2024 11:09:30.560029984 CET503546780192.168.2.1595.234.158.87
                        Nov 23, 2024 11:09:30.682183027 CET67805035495.234.158.87192.168.2.15
                        Nov 23, 2024 11:09:30.885664940 CET67805035495.234.158.87192.168.2.15
                        Nov 23, 2024 11:09:30.885771990 CET67805035495.234.158.87192.168.2.15
                        Nov 23, 2024 11:09:30.885840893 CET503546780192.168.2.1595.234.158.87
                        Nov 23, 2024 11:09:30.885977030 CET503546780192.168.2.1595.234.158.87
                        Nov 23, 2024 11:09:31.005491018 CET67805035495.234.158.87192.168.2.15

                        DNS Queries

                        TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                        Nov 23, 2024 11:07:31.990411997 CET192.168.2.158.8.8.80x1aabStandard query (0)daisy.ubuntu.comA (IP address)IN (0x0001)false
                        Nov 23, 2024 11:07:31.990411997 CET192.168.2.158.8.8.80x70ddStandard query (0)daisy.ubuntu.com28IN (0x0001)false

                        DNS Answers

                        TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                        Nov 23, 2024 11:07:33.105581045 CET8.8.8.8192.168.2.150x1aabNo error (0)daisy.ubuntu.com162.213.35.24A (IP address)IN (0x0001)false
                        Nov 23, 2024 11:07:33.105581045 CET8.8.8.8192.168.2.150x1aabNo error (0)daisy.ubuntu.com162.213.35.25A (IP address)IN (0x0001)false

                        IRC Packets

                        TimestampSource PortDest PortSource IPDest IPCommands
                        Nov 23, 2024 11:07:31.380430937 CET503146780192.168.2.1595.234.158.87NICK [OSX|ARM3]aA8U5
                        USER aA8U5 localhost localhost :aA8U5
                        Nov 23, 2024 11:07:37.722357035 CET503186780192.168.2.1595.234.158.87NICK [OSX|ARM3]aA8U5
                        USER aA8U5 localhost localhost :aA8U5
                        Nov 23, 2024 11:07:44.019287109 CET503206780192.168.2.1595.234.158.87NICK [OSX|ARM3]aA8U5
                        USER aA8U5 localhost localhost :aA8U5
                        Nov 23, 2024 11:07:50.294325113 CET503226780192.168.2.1595.234.158.87NICK [OSX|ARM3]aA8U5
                        USER aA8U5 localhost localhost :aA8U5
                        Nov 23, 2024 11:07:56.527591944 CET503246780192.168.2.1595.234.158.87NICK [OSX|ARM3]aA8U5
                        USER aA8U5 localhost localhost :aA8U5
                        Nov 23, 2024 11:08:02.798163891 CET503266780192.168.2.1595.234.158.87NICK [OSX|ARM3]aA8U5
                        USER aA8U5 localhost localhost :aA8U5
                        Nov 23, 2024 11:08:09.067581892 CET503286780192.168.2.1595.234.158.87NICK [OSX|ARM3]aA8U5
                        USER aA8U5 localhost localhost :aA8U5
                        Nov 23, 2024 11:08:15.450107098 CET503306780192.168.2.1595.234.158.87NICK [OSX|ARM3]aA8U5
                        USER aA8U5 localhost localhost :aA8U5
                        Nov 23, 2024 11:08:21.682398081 CET503326780192.168.2.1595.234.158.87NICK [OSX|ARM3]aA8U5
                        USER aA8U5 localhost localhost :aA8U5
                        Nov 23, 2024 11:08:27.926865101 CET503346780192.168.2.1595.234.158.87NICK [OSX|ARM3]aA8U5
                        USER aA8U5 localhost localhost :aA8U5
                        Nov 23, 2024 11:08:34.191580057 CET503366780192.168.2.1595.234.158.87NICK [OSX|ARM3]aA8U5
                        USER aA8U5 localhost localhost :aA8U5
                        Nov 23, 2024 11:08:40.462990046 CET503386780192.168.2.1595.234.158.87NICK [OSX|ARM3]aA8U5
                        USER aA8U5 localhost localhost :aA8U5
                        Nov 23, 2024 11:08:46.771428108 CET503406780192.168.2.1595.234.158.87NICK [OSX|ARM3]aA8U5
                        USER aA8U5 localhost localhost :aA8U5
                        Nov 23, 2024 11:08:53.008995056 CET503426780192.168.2.1595.234.158.87NICK [OSX|ARM3]aA8U5
                        USER aA8U5 localhost localhost :aA8U5
                        Nov 23, 2024 11:08:59.273446083 CET503446780192.168.2.1595.234.158.87NICK [OSX|ARM3]aA8U5
                        USER aA8U5 localhost localhost :aA8U5
                        Nov 23, 2024 11:09:05.510890961 CET503466780192.168.2.1595.234.158.87NICK [OSX|ARM3]aA8U5
                        USER aA8U5 localhost localhost :aA8U5
                        Nov 23, 2024 11:09:11.799163103 CET503486780192.168.2.1595.234.158.87NICK [OSX|ARM3]aA8U5
                        USER aA8U5 localhost localhost :aA8U5
                        Nov 23, 2024 11:09:18.037589073 CET503506780192.168.2.1595.234.158.87NICK [OSX|ARM3]aA8U5
                        USER aA8U5 localhost localhost :aA8U5
                        Nov 23, 2024 11:09:24.320089102 CET503526780192.168.2.1595.234.158.87NICK [OSX|ARM3]aA8U5
                        USER aA8U5 localhost localhost :aA8U5
                        Nov 23, 2024 11:09:30.560029984 CET503546780192.168.2.1595.234.158.87NICK [OSX|ARM3]aA8U5
                        USER aA8U5 localhost localhost :aA8U5

                        System Behavior

                        General

                        Start time (UTC):10:07:29
                        Start date (UTC):23/11/2024
                        Path:/tmp/yakuza.arm5.elf
                        Arguments:/tmp/yakuza.arm5.elf
                        File size:4956856 bytes
                        MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                        Chronological Activities


                        General

                        Start time (UTC):10:07:29
                        Start date (UTC):23/11/2024
                        Path:/tmp/yakuza.arm5.elf
                        Arguments:-
                        File size:4956856 bytes
                        MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                        Chronological Activities


                        General

                        Start time (UTC):10:07:29
                        Start date (UTC):23/11/2024
                        Path:/tmp/yakuza.arm5.elf
                        Arguments:-
                        File size:4956856 bytes
                        MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                        Chronological Activities


                        General

                        Start time (UTC):10:07:29
                        Start date (UTC):23/11/2024
                        Path:/tmp/yakuza.arm5.elf
                        Arguments:-
                        File size:4956856 bytes
                        MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                        Chronological Activities


                        General

                        Start time (UTC):10:07:29
                        Start date (UTC):23/11/2024
                        Path:/tmp/yakuza.arm5.elf
                        Arguments:-
                        File size:4956856 bytes
                        MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                        Chronological Activities


                        General

                        Start time (UTC):10:07:29
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:sh -c "pkill -9 902i13 || busybox pkill -9 902i13"
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        Chronological Activities


                        General

                        Start time (UTC):10:07:29
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:-
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        Chronological Activities


                        General

                        Start time (UTC):10:07:29
                        Start date (UTC):23/11/2024
                        Path:/usr/bin/pkill
                        Arguments:pkill -9 902i13
                        File size:30968 bytes
                        MD5 hash:fa96a75a08109d8842e4865b2907d51f

                        Chronological Activities


                        General

                        Start time (UTC):10:07:33
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:-
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        Chronological Activities


                        General

                        Start time (UTC):10:07:33
                        Start date (UTC):23/11/2024
                        Path:/usr/bin/busybox
                        Arguments:busybox pkill -9 902i13
                        File size:2172376 bytes
                        MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                        Chronological Activities


                        General

                        Start time (UTC):10:07:34
                        Start date (UTC):23/11/2024
                        Path:/tmp/yakuza.arm5.elf
                        Arguments:-
                        File size:4956856 bytes
                        MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                        Chronological Activities


                        General

                        Start time (UTC):10:07:34
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:sh -c "pkill -9 BzSxLxBxeY || busybox pkill -9 BzSxLxBxeY"
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        Chronological Activities


                        General

                        Start time (UTC):10:07:34
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:-
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        Chronological Activities


                        General

                        Start time (UTC):10:07:34
                        Start date (UTC):23/11/2024
                        Path:/usr/bin/pkill
                        Arguments:pkill -9 BzSxLxBxeY
                        File size:30968 bytes
                        MD5 hash:fa96a75a08109d8842e4865b2907d51f

                        Chronological Activities


                        General

                        Start time (UTC):10:07:35
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:-
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        Chronological Activities


                        General

                        Start time (UTC):10:07:35
                        Start date (UTC):23/11/2024
                        Path:/usr/bin/busybox
                        Arguments:busybox pkill -9 BzSxLxBxeY
                        File size:2172376 bytes
                        MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                        Chronological Activities


                        General

                        Start time (UTC):10:07:36
                        Start date (UTC):23/11/2024
                        Path:/tmp/yakuza.arm5.elf
                        Arguments:-
                        File size:4956856 bytes
                        MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                        Chronological Activities


                        General

                        Start time (UTC):10:07:36
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:sh -c "pkill -9 HOHO-LUGO7 || busybox pkill -9 HOHO-LUGO7"
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        Chronological Activities


                        General

                        Start time (UTC):10:07:36
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:-
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        Chronological Activities


                        General

                        Start time (UTC):10:07:36
                        Start date (UTC):23/11/2024
                        Path:/usr/bin/pkill
                        Arguments:pkill -9 HOHO-LUGO7
                        File size:30968 bytes
                        MD5 hash:fa96a75a08109d8842e4865b2907d51f

                        Chronological Activities


                        General

                        Start time (UTC):10:07:37
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:-
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        Chronological Activities


                        General

                        Start time (UTC):10:07:37
                        Start date (UTC):23/11/2024
                        Path:/usr/bin/busybox
                        Arguments:busybox pkill -9 HOHO-LUGO7
                        File size:2172376 bytes
                        MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                        Chronological Activities


                        General

                        Start time (UTC):10:07:38
                        Start date (UTC):23/11/2024
                        Path:/tmp/yakuza.arm5.elf
                        Arguments:-
                        File size:4956856 bytes
                        MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                        Chronological Activities


                        General

                        Start time (UTC):10:07:38
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:sh -c "pkill -9 HOHO-U79OL || busybox pkill -9 HOHO-U79OL"
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        Chronological Activities


                        General

                        Start time (UTC):10:07:38
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:-
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        Chronological Activities


                        General

                        Start time (UTC):10:07:38
                        Start date (UTC):23/11/2024
                        Path:/usr/bin/pkill
                        Arguments:pkill -9 HOHO-U79OL
                        File size:30968 bytes
                        MD5 hash:fa96a75a08109d8842e4865b2907d51f

                        Chronological Activities


                        General

                        Start time (UTC):10:07:39
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:-
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        Chronological Activities


                        General

                        Start time (UTC):10:07:39
                        Start date (UTC):23/11/2024
                        Path:/usr/bin/busybox
                        Arguments:busybox pkill -9 HOHO-U79OL
                        File size:2172376 bytes
                        MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                        Chronological Activities


                        General

                        Start time (UTC):10:07:40
                        Start date (UTC):23/11/2024
                        Path:/tmp/yakuza.arm5.elf
                        Arguments:-
                        File size:4956856 bytes
                        MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                        Chronological Activities


                        General

                        Start time (UTC):10:07:41
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:sh -c "pkill -9 JuYfouyf87 || busybox pkill -9 JuYfouyf87"
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        Chronological Activities


                        General

                        Start time (UTC):10:07:41
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:-
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        Chronological Activities


                        General

                        Start time (UTC):10:07:41
                        Start date (UTC):23/11/2024
                        Path:/usr/bin/pkill
                        Arguments:pkill -9 JuYfouyf87
                        File size:30968 bytes
                        MD5 hash:fa96a75a08109d8842e4865b2907d51f

                        Chronological Activities


                        General

                        Start time (UTC):10:07:41
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:-
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        Chronological Activities


                        General

                        Start time (UTC):10:07:41
                        Start date (UTC):23/11/2024
                        Path:/usr/bin/busybox
                        Arguments:busybox pkill -9 JuYfouyf87
                        File size:2172376 bytes
                        MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                        Chronological Activities


                        General

                        Start time (UTC):10:07:42
                        Start date (UTC):23/11/2024
                        Path:/tmp/yakuza.arm5.elf
                        Arguments:-
                        File size:4956856 bytes
                        MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                        Chronological Activities


                        General

                        Start time (UTC):10:07:42
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:sh -c "pkill -9 NiGGeR69xd || busybox pkill -9 NiGGeR69xd"
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        Chronological Activities


                        General

                        Start time (UTC):10:07:43
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:-
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        Chronological Activities


                        General

                        Start time (UTC):10:07:43
                        Start date (UTC):23/11/2024
                        Path:/usr/bin/pkill
                        Arguments:pkill -9 NiGGeR69xd
                        File size:30968 bytes
                        MD5 hash:fa96a75a08109d8842e4865b2907d51f

                        Chronological Activities


                        General

                        Start time (UTC):10:07:44
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:-
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        Chronological Activities


                        General

                        Start time (UTC):10:07:44
                        Start date (UTC):23/11/2024
                        Path:/usr/bin/busybox
                        Arguments:busybox pkill -9 NiGGeR69xd
                        File size:2172376 bytes
                        MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                        Chronological Activities


                        General

                        Start time (UTC):10:07:45
                        Start date (UTC):23/11/2024
                        Path:/tmp/yakuza.arm5.elf
                        Arguments:-
                        File size:4956856 bytes
                        MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                        Chronological Activities


                        General

                        Start time (UTC):10:07:45
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:sh -c "pkill -9 SO190Ij1X || busybox pkill -9 SO190Ij1X"
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        Chronological Activities


                        General

                        Start time (UTC):10:07:45
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:-
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        Chronological Activities


                        General

                        Start time (UTC):10:07:45
                        Start date (UTC):23/11/2024
                        Path:/usr/bin/pkill
                        Arguments:pkill -9 SO190Ij1X
                        File size:30968 bytes
                        MD5 hash:fa96a75a08109d8842e4865b2907d51f

                        Chronological Activities


                        General

                        Start time (UTC):10:07:46
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:-
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        Chronological Activities


                        General

                        Start time (UTC):10:07:46
                        Start date (UTC):23/11/2024
                        Path:/usr/bin/busybox
                        Arguments:busybox pkill -9 SO190Ij1X
                        File size:2172376 bytes
                        MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                        Chronological Activities


                        General

                        Start time (UTC):10:07:47
                        Start date (UTC):23/11/2024
                        Path:/tmp/yakuza.arm5.elf
                        Arguments:-
                        File size:4956856 bytes
                        MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                        Chronological Activities


                        General

                        Start time (UTC):10:07:47
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:sh -c "pkill -9 LOLKIKEEEDDE || busybox pkill -9 LOLKIKEEEDDE"
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        Chronological Activities


                        General

                        Start time (UTC):10:07:47
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:-
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        Chronological Activities


                        General

                        Start time (UTC):10:07:47
                        Start date (UTC):23/11/2024
                        Path:/usr/bin/pkill
                        Arguments:pkill -9 LOLKIKEEEDDE
                        File size:30968 bytes
                        MD5 hash:fa96a75a08109d8842e4865b2907d51f

                        Chronological Activities


                        General

                        Start time (UTC):10:07:48
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:-
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        Chronological Activities


                        General

                        Start time (UTC):10:07:48
                        Start date (UTC):23/11/2024
                        Path:/usr/bin/busybox
                        Arguments:busybox pkill -9 LOLKIKEEEDDE
                        File size:2172376 bytes
                        MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                        Chronological Activities


                        General

                        Start time (UTC):10:07:49
                        Start date (UTC):23/11/2024
                        Path:/tmp/yakuza.arm5.elf
                        Arguments:-
                        File size:4956856 bytes
                        MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                        Chronological Activities


                        General

                        Start time (UTC):10:07:49
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:sh -c "pkill -9 ekjheory98e || busybox pkill -9 ekjheory98e"
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        Chronological Activities


                        General

                        Start time (UTC):10:07:49
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:-
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        Chronological Activities


                        General

                        Start time (UTC):10:07:49
                        Start date (UTC):23/11/2024
                        Path:/usr/bin/pkill
                        Arguments:pkill -9 ekjheory98e
                        File size:30968 bytes
                        MD5 hash:fa96a75a08109d8842e4865b2907d51f

                        Chronological Activities


                        General

                        Start time (UTC):10:07:50
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:-
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        Chronological Activities


                        General

                        Start time (UTC):10:07:50
                        Start date (UTC):23/11/2024
                        Path:/usr/bin/busybox
                        Arguments:busybox pkill -9 ekjheory98e
                        File size:2172376 bytes
                        MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                        Chronological Activities


                        General

                        Start time (UTC):10:07:51
                        Start date (UTC):23/11/2024
                        Path:/tmp/yakuza.arm5.elf
                        Arguments:-
                        File size:4956856 bytes
                        MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                        Chronological Activities


                        General

                        Start time (UTC):10:07:51
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:sh -c "pkill -9 scansh4 || busybox pkill -9 scansh4"
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        Chronological Activities


                        General

                        Start time (UTC):10:07:51
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:-
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        Chronological Activities


                        General

                        Start time (UTC):10:07:51
                        Start date (UTC):23/11/2024
                        Path:/usr/bin/pkill
                        Arguments:pkill -9 scansh4
                        File size:30968 bytes
                        MD5 hash:fa96a75a08109d8842e4865b2907d51f

                        Chronological Activities


                        General

                        Start time (UTC):10:07:52
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:-
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        Chronological Activities


                        General

                        Start time (UTC):10:07:52
                        Start date (UTC):23/11/2024
                        Path:/usr/bin/busybox
                        Arguments:busybox pkill -9 scansh4
                        File size:2172376 bytes
                        MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                        Chronological Activities


                        General

                        Start time (UTC):10:07:53
                        Start date (UTC):23/11/2024
                        Path:/tmp/yakuza.arm5.elf
                        Arguments:-
                        File size:4956856 bytes
                        MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                        Chronological Activities


                        General

                        Start time (UTC):10:07:53
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:sh -c "pkill -9 MDMA || busybox pkill -9 MDMA"
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        Chronological Activities


                        General

                        Start time (UTC):10:07:53
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:-
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        Chronological Activities


                        General

                        Start time (UTC):10:07:53
                        Start date (UTC):23/11/2024
                        Path:/usr/bin/pkill
                        Arguments:pkill -9 MDMA
                        File size:30968 bytes
                        MD5 hash:fa96a75a08109d8842e4865b2907d51f

                        Chronological Activities


                        General

                        Start time (UTC):10:07:54
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:-
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        Chronological Activities


                        General

                        Start time (UTC):10:07:54
                        Start date (UTC):23/11/2024
                        Path:/usr/bin/busybox
                        Arguments:busybox pkill -9 MDMA
                        File size:2172376 bytes
                        MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                        Chronological Activities


                        General

                        Start time (UTC):10:07:55
                        Start date (UTC):23/11/2024
                        Path:/tmp/yakuza.arm5.elf
                        Arguments:-
                        File size:4956856 bytes
                        MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                        Chronological Activities


                        General

                        Start time (UTC):10:07:55
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:sh -c "pkill -9 fdevalvex || busybox pkill -9 fdevalvex"
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        Chronological Activities


                        General

                        Start time (UTC):10:07:55
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:-
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        Chronological Activities


                        General

                        Start time (UTC):10:07:55
                        Start date (UTC):23/11/2024
                        Path:/usr/bin/pkill
                        Arguments:pkill -9 fdevalvex
                        File size:30968 bytes
                        MD5 hash:fa96a75a08109d8842e4865b2907d51f

                        Chronological Activities


                        General

                        Start time (UTC):10:07:56
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:-
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        Chronological Activities


                        General

                        Start time (UTC):10:07:56
                        Start date (UTC):23/11/2024
                        Path:/usr/bin/busybox
                        Arguments:busybox pkill -9 fdevalvex
                        File size:2172376 bytes
                        MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                        Chronological Activities


                        General

                        Start time (UTC):10:07:57
                        Start date (UTC):23/11/2024
                        Path:/tmp/yakuza.arm5.elf
                        Arguments:-
                        File size:4956856 bytes
                        MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                        Chronological Activities


                        General

                        Start time (UTC):10:07:57
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:sh -c "pkill -9 scanspc || busybox pkill -9 scanspc"
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        Chronological Activities


                        General

                        Start time (UTC):10:07:57
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:-
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        Chronological Activities


                        General

                        Start time (UTC):10:07:57
                        Start date (UTC):23/11/2024
                        Path:/usr/bin/pkill
                        Arguments:pkill -9 scanspc
                        File size:30968 bytes
                        MD5 hash:fa96a75a08109d8842e4865b2907d51f

                        Chronological Activities


                        General

                        Start time (UTC):10:07:58
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:-
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        Chronological Activities


                        General

                        Start time (UTC):10:07:58
                        Start date (UTC):23/11/2024
                        Path:/usr/bin/busybox
                        Arguments:busybox pkill -9 scanspc
                        File size:2172376 bytes
                        MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                        Chronological Activities


                        General

                        Start time (UTC):10:07:59
                        Start date (UTC):23/11/2024
                        Path:/tmp/yakuza.arm5.elf
                        Arguments:-
                        File size:4956856 bytes
                        MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                        Chronological Activities


                        General

                        Start time (UTC):10:07:59
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:sh -c "pkill -9 MELTEDNINJAREALZ || busybox pkill -9 MELTEDNINJAREALZ"
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        Chronological Activities


                        General

                        Start time (UTC):10:07:59
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:-
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        Chronological Activities


                        General

                        Start time (UTC):10:07:59
                        Start date (UTC):23/11/2024
                        Path:/usr/bin/pkill
                        Arguments:pkill -9 MELTEDNINJAREALZ
                        File size:30968 bytes
                        MD5 hash:fa96a75a08109d8842e4865b2907d51f

                        Chronological Activities


                        General

                        Start time (UTC):10:08:01
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:-
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        Chronological Activities


                        General

                        Start time (UTC):10:08:01
                        Start date (UTC):23/11/2024
                        Path:/usr/bin/busybox
                        Arguments:busybox pkill -9 MELTEDNINJAREALZ
                        File size:2172376 bytes
                        MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                        Chronological Activities


                        General

                        Start time (UTC):10:08:02
                        Start date (UTC):23/11/2024
                        Path:/tmp/yakuza.arm5.elf
                        Arguments:-
                        File size:4956856 bytes
                        MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                        Chronological Activities


                        General

                        Start time (UTC):10:08:02
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:sh -c "pkill -9 flexsonskids || busybox pkill -9 flexsonskids"
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        Chronological Activities


                        General

                        Start time (UTC):10:08:02
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:-
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        Chronological Activities


                        General

                        Start time (UTC):10:08:02
                        Start date (UTC):23/11/2024
                        Path:/usr/bin/pkill
                        Arguments:pkill -9 flexsonskids
                        File size:30968 bytes
                        MD5 hash:fa96a75a08109d8842e4865b2907d51f

                        Chronological Activities


                        General

                        Start time (UTC):10:08:03
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:-
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        General

                        Start time (UTC):10:08:03
                        Start date (UTC):23/11/2024
                        Path:/usr/bin/busybox
                        Arguments:busybox pkill -9 flexsonskids
                        File size:2172376 bytes
                        MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                        General

                        Start time (UTC):10:08:04
                        Start date (UTC):23/11/2024
                        Path:/tmp/yakuza.arm5.elf
                        Arguments:-
                        File size:4956856 bytes
                        MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                        General

                        Start time (UTC):10:08:04
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:sh -c "pkill -9 scanx86 || busybox pkill -9 scanx86"
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        General

                        Start time (UTC):10:08:04
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:-
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        General

                        Start time (UTC):10:08:04
                        Start date (UTC):23/11/2024
                        Path:/usr/bin/pkill
                        Arguments:pkill -9 scanx86
                        File size:30968 bytes
                        MD5 hash:fa96a75a08109d8842e4865b2907d51f

                        General

                        Start time (UTC):10:08:05
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:-
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        General

                        Start time (UTC):10:08:05
                        Start date (UTC):23/11/2024
                        Path:/usr/bin/busybox
                        Arguments:busybox pkill -9 scanx86
                        File size:2172376 bytes
                        MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                        General

                        Start time (UTC):10:08:06
                        Start date (UTC):23/11/2024
                        Path:/tmp/yakuza.arm5.elf
                        Arguments:-
                        File size:4956856 bytes
                        MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                        General

                        Start time (UTC):10:08:06
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:sh -c "pkill -9 MISAKI-U79OL || busybox pkill -9 MISAKI-U79OL"
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        General

                        Start time (UTC):10:08:06
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:-
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        General

                        Start time (UTC):10:08:06
                        Start date (UTC):23/11/2024
                        Path:/usr/bin/pkill
                        Arguments:pkill -9 MISAKI-U79OL
                        File size:30968 bytes
                        MD5 hash:fa96a75a08109d8842e4865b2907d51f

                        General

                        Start time (UTC):10:08:07
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:-
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        General

                        Start time (UTC):10:08:07
                        Start date (UTC):23/11/2024
                        Path:/usr/bin/busybox
                        Arguments:busybox pkill -9 MISAKI-U79OL
                        File size:2172376 bytes
                        MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                        General

                        Start time (UTC):10:08:08
                        Start date (UTC):23/11/2024
                        Path:/tmp/yakuza.arm5.elf
                        Arguments:-
                        File size:4956856 bytes
                        MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                        General

                        Start time (UTC):10:08:08
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:sh -c "pkill -9 foAxi102kxe || busybox pkill -9 foAxi102kxe"
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        General

                        Start time (UTC):10:08:08
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:-
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        General

                        Start time (UTC):10:08:08
                        Start date (UTC):23/11/2024
                        Path:/usr/bin/pkill
                        Arguments:pkill -9 foAxi102kxe
                        File size:30968 bytes
                        MD5 hash:fa96a75a08109d8842e4865b2907d51f

                        General

                        Start time (UTC):10:08:09
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:-
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        General

                        Start time (UTC):10:08:09
                        Start date (UTC):23/11/2024
                        Path:/usr/bin/busybox
                        Arguments:busybox pkill -9 foAxi102kxe
                        File size:2172376 bytes
                        MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                        General

                        Start time (UTC):10:08:10
                        Start date (UTC):23/11/2024
                        Path:/tmp/yakuza.arm5.elf
                        Arguments:-
                        File size:4956856 bytes
                        MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                        General

                        Start time (UTC):10:08:10
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:sh -c "pkill -9 swodjwodjwoj || busybox pkill -9 swodjwodjwoj"
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        General

                        Start time (UTC):10:08:10
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:-
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        General

                        Start time (UTC):10:08:10
                        Start date (UTC):23/11/2024
                        Path:/usr/bin/pkill
                        Arguments:pkill -9 swodjwodjwoj
                        File size:30968 bytes
                        MD5 hash:fa96a75a08109d8842e4865b2907d51f

                        General

                        Start time (UTC):10:08:11
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:-
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        General

                        Start time (UTC):10:08:11
                        Start date (UTC):23/11/2024
                        Path:/usr/bin/busybox
                        Arguments:busybox pkill -9 swodjwodjwoj
                        File size:2172376 bytes
                        MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                        General

                        Start time (UTC):10:08:12
                        Start date (UTC):23/11/2024
                        Path:/tmp/yakuza.arm5.elf
                        Arguments:-
                        File size:4956856 bytes
                        MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                        General

                        Start time (UTC):10:08:12
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:sh -c "pkill -9 MmKiy7f87l || busybox pkill -9 MmKiy7f87l"
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        General

                        Start time (UTC):10:08:12
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:-
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        General

                        Start time (UTC):10:08:12
                        Start date (UTC):23/11/2024
                        Path:/usr/bin/pkill
                        Arguments:pkill -9 MmKiy7f87l
                        File size:30968 bytes
                        MD5 hash:fa96a75a08109d8842e4865b2907d51f

                        General

                        Start time (UTC):10:08:14
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:-
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        General

                        Start time (UTC):10:08:14
                        Start date (UTC):23/11/2024
                        Path:/usr/bin/busybox
                        Arguments:busybox pkill -9 MmKiy7f87l
                        File size:2172376 bytes
                        MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                        General

                        Start time (UTC):10:08:15
                        Start date (UTC):23/11/2024
                        Path:/tmp/yakuza.arm5.elf
                        Arguments:-
                        File size:4956856 bytes
                        MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                        General

                        Start time (UTC):10:08:15
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:sh -c "pkill -9 freecookiex86 || busybox pkill -9 freecookiex86"
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        General

                        Start time (UTC):10:08:15
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:-
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        General

                        Start time (UTC):10:08:15
                        Start date (UTC):23/11/2024
                        Path:/usr/bin/pkill
                        Arguments:pkill -9 freecookiex86
                        File size:30968 bytes
                        MD5 hash:fa96a75a08109d8842e4865b2907d51f

                        General

                        Start time (UTC):10:08:16
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:-
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        General

                        Start time (UTC):10:08:16
                        Start date (UTC):23/11/2024
                        Path:/usr/bin/busybox
                        Arguments:busybox pkill -9 freecookiex86
                        File size:2172376 bytes
                        MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                        General

                        Start time (UTC):10:08:17
                        Start date (UTC):23/11/2024
                        Path:/tmp/yakuza.arm5.elf
                        Arguments:-
                        File size:4956856 bytes
                        MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                        General

                        Start time (UTC):10:08:17
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:sh -c "pkill -9 sysgpu || busybox pkill -9 sysgpu"
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        General

                        Start time (UTC):10:08:17
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:-
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        General

                        Start time (UTC):10:08:17
                        Start date (UTC):23/11/2024
                        Path:/usr/bin/pkill
                        Arguments:pkill -9 sysgpu
                        File size:30968 bytes
                        MD5 hash:fa96a75a08109d8842e4865b2907d51f

                        General

                        Start time (UTC):10:08:18
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:-
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        General

                        Start time (UTC):10:08:18
                        Start date (UTC):23/11/2024
                        Path:/usr/bin/busybox
                        Arguments:busybox pkill -9 sysgpu
                        File size:2172376 bytes
                        MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                        General

                        Start time (UTC):10:08:19
                        Start date (UTC):23/11/2024
                        Path:/tmp/yakuza.arm5.elf
                        Arguments:-
                        File size:4956856 bytes
                        MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                        General

                        Start time (UTC):10:08:19
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:sh -c "pkill -9 NiGGeR69xd || busybox pkill -9 NiGGeR69xd"
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        General

                        Start time (UTC):10:08:19
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:-
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        General

                        Start time (UTC):10:08:19
                        Start date (UTC):23/11/2024
                        Path:/usr/bin/pkill
                        Arguments:pkill -9 NiGGeR69xd
                        File size:30968 bytes
                        MD5 hash:fa96a75a08109d8842e4865b2907d51f

                        General

                        Start time (UTC):10:08:20
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:-
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        General

                        Start time (UTC):10:08:20
                        Start date (UTC):23/11/2024
                        Path:/usr/bin/busybox
                        Arguments:busybox pkill -9 NiGGeR69xd
                        File size:2172376 bytes
                        MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                        General

                        Start time (UTC):10:08:21
                        Start date (UTC):23/11/2024
                        Path:/tmp/yakuza.arm5.elf
                        Arguments:-
                        File size:4956856 bytes
                        MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                        General

                        Start time (UTC):10:08:21
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:sh -c "pkill -9 frgege || busybox pkill -9 frgege"
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        General

                        Start time (UTC):10:08:21
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:-
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        General

                        Start time (UTC):10:08:21
                        Start date (UTC):23/11/2024
                        Path:/usr/bin/pkill
                        Arguments:pkill -9 frgege
                        File size:30968 bytes
                        MD5 hash:fa96a75a08109d8842e4865b2907d51f

                        General

                        Start time (UTC):10:08:22
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:-
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        General

                        Start time (UTC):10:08:22
                        Start date (UTC):23/11/2024
                        Path:/usr/bin/busybox
                        Arguments:busybox pkill -9 frgege
                        File size:2172376 bytes
                        MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                        General

                        Start time (UTC):10:08:23
                        Start date (UTC):23/11/2024
                        Path:/tmp/yakuza.arm5.elf
                        Arguments:-
                        File size:4956856 bytes
                        MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                        General

                        Start time (UTC):10:08:23
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:sh -c "pkill -9 sysupdater || busybox pkill -9 sysupdater"
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        General

                        Start time (UTC):10:08:23
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:-
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        General

                        Start time (UTC):10:08:23
                        Start date (UTC):23/11/2024
                        Path:/usr/bin/pkill
                        Arguments:pkill -9 sysupdater
                        File size:30968 bytes
                        MD5 hash:fa96a75a08109d8842e4865b2907d51f

                        General

                        Start time (UTC):10:08:24
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:-
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        General

                        Start time (UTC):10:08:24
                        Start date (UTC):23/11/2024
                        Path:/usr/bin/busybox
                        Arguments:busybox pkill -9 sysupdater
                        File size:2172376 bytes
                        MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                        General

                        Start time (UTC):10:08:25
                        Start date (UTC):23/11/2024
                        Path:/tmp/yakuza.arm5.elf
                        Arguments:-
                        File size:4956856 bytes
                        MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                        General

                        Start time (UTC):10:08:25
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:sh -c "pkill -9 0DnAzepd || busybox pkill -9 0DnAzepd"
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        General

                        Start time (UTC):10:08:25
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:-
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        General

                        Start time (UTC):10:08:25
                        Start date (UTC):23/11/2024
                        Path:/usr/bin/pkill
                        Arguments:pkill -9 0DnAzepd
                        File size:30968 bytes
                        MD5 hash:fa96a75a08109d8842e4865b2907d51f

                        General

                        Start time (UTC):10:08:26
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:-
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        General

                        Start time (UTC):10:08:26
                        Start date (UTC):23/11/2024
                        Path:/usr/bin/busybox
                        Arguments:busybox pkill -9 0DnAzepd
                        File size:2172376 bytes
                        MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                        General

                        Start time (UTC):10:08:27
                        Start date (UTC):23/11/2024
                        Path:/tmp/yakuza.arm5.elf
                        Arguments:-
                        File size:4956856 bytes
                        MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                        General

                        Start time (UTC):10:08:27
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:sh -c "pkill -9 NiGGeRD0nks69 || busybox pkill -9 NiGGeRD0nks69"
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        General

                        Start time (UTC):10:08:27
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:-
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        General

                        Start time (UTC):10:08:27
                        Start date (UTC):23/11/2024
                        Path:/usr/bin/pkill
                        Arguments:pkill -9 NiGGeRD0nks69
                        File size:30968 bytes
                        MD5 hash:fa96a75a08109d8842e4865b2907d51f

                        General

                        Start time (UTC):10:08:28
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:-
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        General

                        Start time (UTC):10:08:28
                        Start date (UTC):23/11/2024
                        Path:/usr/bin/busybox
                        Arguments:busybox pkill -9 NiGGeRD0nks69
                        File size:2172376 bytes
                        MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                        General

                        Start time (UTC):10:08:29
                        Start date (UTC):23/11/2024
                        Path:/tmp/yakuza.arm5.elf
                        Arguments:-
                        File size:4956856 bytes
                        MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                        General

                        Start time (UTC):10:08:29
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:sh -c "pkill -9 frgreu || busybox pkill -9 frgreu"
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        General

                        Start time (UTC):10:08:29
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:-
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        General

                        Start time (UTC):10:08:29
                        Start date (UTC):23/11/2024
                        Path:/usr/bin/pkill
                        Arguments:pkill -9 frgreu
                        File size:30968 bytes
                        MD5 hash:fa96a75a08109d8842e4865b2907d51f

                        General

                        Start time (UTC):10:08:30
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:-
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        General

                        Start time (UTC):10:08:30
                        Start date (UTC):23/11/2024
                        Path:/usr/bin/busybox
                        Arguments:busybox pkill -9 frgreu
                        File size:2172376 bytes
                        MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                        General

                        Start time (UTC):10:08:31
                        Start date (UTC):23/11/2024
                        Path:/tmp/yakuza.arm5.elf
                        Arguments:-
                        File size:4956856 bytes
                        MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                        General

                        Start time (UTC):10:08:31
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:sh -c "pkill -9 telnetd || busybox pkill -9 telnetd"
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        General

                        Start time (UTC):10:08:31
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:-
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        General

                        Start time (UTC):10:08:31
                        Start date (UTC):23/11/2024
                        Path:/usr/bin/pkill
                        Arguments:pkill -9 telnetd
                        File size:30968 bytes
                        MD5 hash:fa96a75a08109d8842e4865b2907d51f

                        General

                        Start time (UTC):10:08:32
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:-
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        General

                        Start time (UTC):10:08:32
                        Start date (UTC):23/11/2024
                        Path:/usr/bin/busybox
                        Arguments:busybox pkill -9 telnetd
                        File size:2172376 bytes
                        MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                        General

                        Start time (UTC):10:08:33
                        Start date (UTC):23/11/2024
                        Path:/tmp/yakuza.arm5.elf
                        Arguments:-
                        File size:4956856 bytes
                        MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                        General

                        Start time (UTC):10:08:33
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:sh -c "pkill -9 0x766f6964 || busybox pkill -9 0x766f6964"
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        General

                        Start time (UTC):10:08:33
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:-
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        General

                        Start time (UTC):10:08:33
                        Start date (UTC):23/11/2024
                        Path:/usr/bin/pkill
                        Arguments:pkill -9 0x766f6964
                        File size:30968 bytes
                        MD5 hash:fa96a75a08109d8842e4865b2907d51f

                        General

                        Start time (UTC):10:08:34
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:-
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        General

                        Start time (UTC):10:08:34
                        Start date (UTC):23/11/2024
                        Path:/usr/bin/busybox
                        Arguments:busybox pkill -9 0x766f6964
                        File size:2172376 bytes
                        MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                        General

                        Start time (UTC):10:08:35
                        Start date (UTC):23/11/2024
                        Path:/tmp/yakuza.arm5.elf
                        Arguments:-
                        File size:4956856 bytes
                        MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                        General

                        Start time (UTC):10:08:35
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:sh -c "pkill -9 NiGGeRd0nks1337 || busybox pkill -9 NiGGeRd0nks1337"
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        General

                        Start time (UTC):10:08:35
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:-
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        General

                        Start time (UTC):10:08:35
                        Start date (UTC):23/11/2024
                        Path:/usr/bin/pkill
                        Arguments:pkill -9 NiGGeRd0nks1337
                        File size:30968 bytes
                        MD5 hash:fa96a75a08109d8842e4865b2907d51f

                        General

                        Start time (UTC):10:08:36
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:-
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        General

                        Start time (UTC):10:08:36
                        Start date (UTC):23/11/2024
                        Path:/usr/bin/busybox
                        Arguments:busybox pkill -9 NiGGeRd0nks1337
                        File size:2172376 bytes
                        MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                        General

                        Start time (UTC):10:08:37
                        Start date (UTC):23/11/2024
                        Path:/tmp/yakuza.arm5.elf
                        Arguments:-
                        File size:4956856 bytes
                        MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                        General

                        Start time (UTC):10:08:37
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:sh -c "pkill -9 gaft || busybox pkill -9 gaft"
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        General

                        Start time (UTC):10:08:37
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:-
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        General

                        Start time (UTC):10:08:37
                        Start date (UTC):23/11/2024
                        Path:/usr/bin/pkill
                        Arguments:pkill -9 gaft
                        File size:30968 bytes
                        MD5 hash:fa96a75a08109d8842e4865b2907d51f

                        General

                        Start time (UTC):10:08:38
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:-
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        General

                        Start time (UTC):10:08:38
                        Start date (UTC):23/11/2024
                        Path:/usr/bin/busybox
                        Arguments:busybox pkill -9 gaft
                        File size:2172376 bytes
                        MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                        General

                        Start time (UTC):10:08:39
                        Start date (UTC):23/11/2024
                        Path:/tmp/yakuza.arm5.elf
                        Arguments:-
                        File size:4956856 bytes
                        MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                        General

                        Start time (UTC):10:08:39
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:sh -c "pkill -9 urasgbsigboa || busybox pkill -9 urasgbsigboa"
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        General

                        Start time (UTC):10:08:39
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:-
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        General

                        Start time (UTC):10:08:39
                        Start date (UTC):23/11/2024
                        Path:/usr/bin/pkill
                        Arguments:pkill -9 urasgbsigboa
                        File size:30968 bytes
                        MD5 hash:fa96a75a08109d8842e4865b2907d51f

                        General

                        Start time (UTC):10:08:40
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:-
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        General

                        Start time (UTC):10:08:40
                        Start date (UTC):23/11/2024
                        Path:/usr/bin/busybox
                        Arguments:busybox pkill -9 urasgbsigboa
                        File size:2172376 bytes
                        MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                        General

                        Start time (UTC):10:08:41
                        Start date (UTC):23/11/2024
                        Path:/tmp/yakuza.arm5.elf
                        Arguments:-
                        File size:4956856 bytes
                        MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                        General

                        Start time (UTC):10:08:41
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:sh -c "pkill -9 120i3UI49 || busybox pkill -9 120i3UI49"
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        General

                        Start time (UTC):10:08:41
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:-
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        General

                        Start time (UTC):10:08:41
                        Start date (UTC):23/11/2024
                        Path:/usr/bin/pkill
                        Arguments:pkill -9 120i3UI49
                        File size:30968 bytes
                        MD5 hash:fa96a75a08109d8842e4865b2907d51f

                        General

                        Start time (UTC):10:08:42
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:-
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        General

                        Start time (UTC):10:08:42
                        Start date (UTC):23/11/2024
                        Path:/usr/bin/busybox
                        Arguments:busybox pkill -9 120i3UI49
                        File size:2172376 bytes
                        MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                        General

                        Start time (UTC):10:08:43
                        Start date (UTC):23/11/2024
                        Path:/tmp/yakuza.arm5.elf
                        Arguments:-
                        File size:4956856 bytes
                        MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                        General

                        Start time (UTC):10:08:43
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:sh -c "pkill -9 OaF3 || busybox pkill -9 OaF3"
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        General

                        Start time (UTC):10:08:43
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:-
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        General

                        Start time (UTC):10:08:43
                        Start date (UTC):23/11/2024
                        Path:/usr/bin/pkill
                        Arguments:pkill -9 OaF3
                        File size:30968 bytes
                        MD5 hash:fa96a75a08109d8842e4865b2907d51f

                        General

                        Start time (UTC):10:08:44
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:-
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        General

                        Start time (UTC):10:08:44
                        Start date (UTC):23/11/2024
                        Path:/usr/bin/busybox
                        Arguments:busybox pkill -9 OaF3
                        File size:2172376 bytes
                        MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                        General

                        Start time (UTC):10:08:45
                        Start date (UTC):23/11/2024
                        Path:/tmp/yakuza.arm5.elf
                        Arguments:-
                        File size:4956856 bytes
                        MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                        General

                        Start time (UTC):10:08:45
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:sh -c "pkill -9 geae || busybox pkill -9 geae"
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        General

                        Start time (UTC):10:08:45
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:-
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        General

                        Start time (UTC):10:08:45
                        Start date (UTC):23/11/2024
                        Path:/usr/bin/pkill
                        Arguments:pkill -9 geae
                        File size:30968 bytes
                        MD5 hash:fa96a75a08109d8842e4865b2907d51f

                        General

                        Start time (UTC):10:08:46
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:-
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        General

                        Start time (UTC):10:08:46
                        Start date (UTC):23/11/2024
                        Path:/usr/bin/busybox
                        Arguments:busybox pkill -9 geae
                        File size:2172376 bytes
                        MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                        General

                        Start time (UTC):10:08:47
                        Start date (UTC):23/11/2024
                        Path:/tmp/yakuza.arm5.elf
                        Arguments:-
                        File size:4956856 bytes
                        MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                        General

                        Start time (UTC):10:08:47
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:sh -c "pkill -9 vaiolmao || busybox pkill -9 vaiolmao"
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        General

                        Start time (UTC):10:08:47
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:-
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        General

                        Start time (UTC):10:08:47
                        Start date (UTC):23/11/2024
                        Path:/usr/bin/pkill
                        Arguments:pkill -9 vaiolmao
                        File size:30968 bytes
                        MD5 hash:fa96a75a08109d8842e4865b2907d51f

                        General

                        Start time (UTC):10:08:48
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:-
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        General

                        Start time (UTC):10:08:48
                        Start date (UTC):23/11/2024
                        Path:/usr/bin/busybox
                        Arguments:busybox pkill -9 vaiolmao
                        File size:2172376 bytes
                        MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                        General

                        Start time (UTC):10:08:49
                        Start date (UTC):23/11/2024
                        Path:/tmp/yakuza.arm5.elf
                        Arguments:-
                        File size:4956856 bytes
                        MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                        General

                        Start time (UTC):10:08:49
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:sh -c "pkill -9 123123a || busybox pkill -9 123123a"
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        General

                        Start time (UTC):10:08:49
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:-
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        General

                        Start time (UTC):10:08:49
                        Start date (UTC):23/11/2024
                        Path:/usr/bin/pkill
                        Arguments:pkill -9 123123a
                        File size:30968 bytes
                        MD5 hash:fa96a75a08109d8842e4865b2907d51f

                        General

                        Start time (UTC):10:08:50
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:-
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        General

                        Start time (UTC):10:08:50
                        Start date (UTC):23/11/2024
                        Path:/usr/bin/busybox
                        Arguments:busybox pkill -9 123123a
                        File size:2172376 bytes
                        MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                        General

                        Start time (UTC):10:08:51
                        Start date (UTC):23/11/2024
                        Path:/tmp/yakuza.arm5.elf
                        Arguments:-
                        File size:4956856 bytes
                        MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                        General

                        Start time (UTC):10:08:51
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:sh -c "pkill -9 Ofurain0n4H34D || busybox pkill -9 Ofurain0n4H34D"
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        General

                        Start time (UTC):10:08:51
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:-
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        General

                        Start time (UTC):10:08:51
                        Start date (UTC):23/11/2024
                        Path:/usr/bin/pkill
                        Arguments:pkill -9 Ofurain0n4H34D
                        File size:30968 bytes
                        MD5 hash:fa96a75a08109d8842e4865b2907d51f

                        General

                        Start time (UTC):10:08:52
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:-
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        General

                        Start time (UTC):10:08:52
                        Start date (UTC):23/11/2024
                        Path:/usr/bin/busybox
                        Arguments:busybox pkill -9 Ofurain0n4H34D
                        File size:2172376 bytes
                        MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                        General

                        Start time (UTC):10:08:53
                        Start date (UTC):23/11/2024
                        Path:/tmp/yakuza.arm5.elf
                        Arguments:-
                        File size:4956856 bytes
                        MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                        General

                        Start time (UTC):10:08:53
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:sh -c "pkill -9 ggTrex || busybox pkill -9 ggTrex"
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        General

                        Start time (UTC):10:08:53
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:-
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        General

                        Start time (UTC):10:08:53
                        Start date (UTC):23/11/2024
                        Path:/usr/bin/pkill
                        Arguments:pkill -9 ggTrex
                        File size:30968 bytes
                        MD5 hash:fa96a75a08109d8842e4865b2907d51f

                        General

                        Start time (UTC):10:08:54
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:-
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        General

                        Start time (UTC):10:08:54
                        Start date (UTC):23/11/2024
                        Path:/usr/bin/busybox
                        Arguments:busybox pkill -9 ggTrex
                        File size:2172376 bytes
                        MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                        General

                        Start time (UTC):10:08:55
                        Start date (UTC):23/11/2024
                        Path:/tmp/yakuza.arm5.elf
                        Arguments:-
                        File size:4956856 bytes
                        MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                        General

                        Start time (UTC):10:08:55
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:sh -c "pkill -9 wasads || busybox pkill -9 wasads"
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        General

                        Start time (UTC):10:08:55
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:-
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        General

                        Start time (UTC):10:08:55
                        Start date (UTC):23/11/2024
                        Path:/usr/bin/pkill
                        Arguments:pkill -9 wasads
                        File size:30968 bytes
                        MD5 hash:fa96a75a08109d8842e4865b2907d51f

                        General

                        Start time (UTC):10:08:56
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:-
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        General

                        Start time (UTC):10:08:56
                        Start date (UTC):23/11/2024
                        Path:/usr/bin/busybox
                        Arguments:busybox pkill -9 wasads
                        File size:2172376 bytes
                        MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                        General

                        Start time (UTC):10:08:58
                        Start date (UTC):23/11/2024
                        Path:/tmp/yakuza.arm5.elf
                        Arguments:-
                        File size:4956856 bytes
                        MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                        General

                        Start time (UTC):10:08:58
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:sh -c "pkill -9 1293194hjXD || busybox pkill -9 1293194hjXD"
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        General

                        Start time (UTC):10:08:58
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:-
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        General

                        Start time (UTC):10:08:58
                        Start date (UTC):23/11/2024
                        Path:/usr/bin/pkill
                        Arguments:pkill -9 1293194hjXD
                        File size:30968 bytes
                        MD5 hash:fa96a75a08109d8842e4865b2907d51f

                        General

                        Start time (UTC):10:08:59
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:-
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        General

                        Start time (UTC):10:08:59
                        Start date (UTC):23/11/2024
                        Path:/usr/bin/busybox
                        Arguments:busybox pkill -9 1293194hjXD
                        File size:2172376 bytes
                        MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                        General

                        Start time (UTC):10:09:00
                        Start date (UTC):23/11/2024
                        Path:/tmp/yakuza.arm5.elf
                        Arguments:-
                        File size:4956856 bytes
                        MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                        General

                        Start time (UTC):10:09:00
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:sh -c "pkill -9 OthLaLosn || busybox pkill -9 OthLaLosn"
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        General

                        Start time (UTC):10:09:00
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:-
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        General

                        Start time (UTC):10:09:00
                        Start date (UTC):23/11/2024
                        Path:/usr/bin/pkill
                        Arguments:pkill -9 OthLaLosn
                        File size:30968 bytes
                        MD5 hash:fa96a75a08109d8842e4865b2907d51f

                        General

                        Start time (UTC):10:09:01
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:-
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        General

                        Start time (UTC):10:09:01
                        Start date (UTC):23/11/2024
                        Path:/usr/bin/busybox
                        Arguments:busybox pkill -9 OthLaLosn
                        File size:2172376 bytes
                        MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                        General

                        Start time (UTC):10:09:02
                        Start date (UTC):23/11/2024
                        Path:/tmp/yakuza.arm5.elf
                        Arguments:-
                        File size:4956856 bytes
                        MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                        General

                        Start time (UTC):10:09:02
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:sh -c "pkill -9 ggt || busybox pkill -9 ggt"
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        General

                        Start time (UTC):10:09:02
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:-
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        General

                        Start time (UTC):10:09:02
                        Start date (UTC):23/11/2024
                        Path:/usr/bin/pkill
                        Arguments:pkill -9 ggt
                        File size:30968 bytes
                        MD5 hash:fa96a75a08109d8842e4865b2907d51f

                        General

                        Start time (UTC):10:09:03
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:-
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        General

                        Start time (UTC):10:09:03
                        Start date (UTC):23/11/2024
                        Path:/usr/bin/busybox
                        Arguments:busybox pkill -9 ggt
                        File size:2172376 bytes
                        MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                        General

                        Start time (UTC):10:09:04
                        Start date (UTC):23/11/2024
                        Path:/tmp/yakuza.arm5.elf
                        Arguments:-
                        File size:4956856 bytes
                        MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                        General

                        Start time (UTC):10:09:04
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:sh -c "pkill -9 wget-log || busybox pkill -9 wget-log"
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        General

                        Start time (UTC):10:09:04
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:-
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        General

                        Start time (UTC):10:09:04
                        Start date (UTC):23/11/2024
                        Path:/usr/bin/pkill
                        Arguments:pkill -9 wget-log
                        File size:30968 bytes
                        MD5 hash:fa96a75a08109d8842e4865b2907d51f

                        General

                        Start time (UTC):10:09:05
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:-
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        General

                        Start time (UTC):10:09:05
                        Start date (UTC):23/11/2024
                        Path:/usr/bin/busybox
                        Arguments:busybox pkill -9 wget-log
                        File size:2172376 bytes
                        MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                        General

                        Start time (UTC):10:09:06
                        Start date (UTC):23/11/2024
                        Path:/tmp/yakuza.arm5.elf
                        Arguments:-
                        File size:4956856 bytes
                        MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                        General

                        Start time (UTC):10:09:06
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:sh -c "pkill -9 1337SoraLOADER || busybox pkill -9 1337SoraLOADER"
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        General

                        Start time (UTC):10:09:06
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:-
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        General

                        Start time (UTC):10:09:06
                        Start date (UTC):23/11/2024
                        Path:/usr/bin/pkill
                        Arguments:pkill -9 1337SoraLOADER
                        File size:30968 bytes
                        MD5 hash:fa96a75a08109d8842e4865b2907d51f

                        General

                        Start time (UTC):10:09:08
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:-
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        General

                        Start time (UTC):10:09:08
                        Start date (UTC):23/11/2024
                        Path:/usr/bin/busybox
                        Arguments:busybox pkill -9 1337SoraLOADER
                        File size:2172376 bytes
                        MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                        General

                        Start time (UTC):10:09:09
                        Start date (UTC):23/11/2024
                        Path:/tmp/yakuza.arm5.elf
                        Arguments:-
                        File size:4956856 bytes
                        MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                        General

                        Start time (UTC):10:09:09
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:sh -c "pkill -9 SAIAKINA || busybox pkill -9 SAIAKINA"
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        General

                        Start time (UTC):10:09:09
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:-
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        General

                        Start time (UTC):10:09:09
                        Start date (UTC):23/11/2024
                        Path:/usr/bin/pkill
                        Arguments:pkill -9 SAIAKINA
                        File size:30968 bytes
                        MD5 hash:fa96a75a08109d8842e4865b2907d51f

                        General

                        Start time (UTC):10:09:10
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:-
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        General

                        Start time (UTC):10:09:10
                        Start date (UTC):23/11/2024
                        Path:/usr/bin/busybox
                        Arguments:busybox pkill -9 SAIAKINA
                        File size:2172376 bytes
                        MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                        General

                        Start time (UTC):10:09:11
                        Start date (UTC):23/11/2024
                        Path:/tmp/yakuza.arm5.elf
                        Arguments:-
                        File size:4956856 bytes
                        MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                        General

                        Start time (UTC):10:09:11
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:sh -c "pkill -9 ggtq || busybox pkill -9 ggtq"
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        General

                        Start time (UTC):10:09:11
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:-
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        General

                        Start time (UTC):10:09:11
                        Start date (UTC):23/11/2024
                        Path:/usr/bin/pkill
                        Arguments:pkill -9 ggtq
                        File size:30968 bytes
                        MD5 hash:fa96a75a08109d8842e4865b2907d51f

                        General

                        Start time (UTC):10:09:12
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:-
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        General

                        Start time (UTC):10:09:12
                        Start date (UTC):23/11/2024
                        Path:/usr/bin/busybox
                        Arguments:busybox pkill -9 ggtq
                        File size:2172376 bytes
                        MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                        General

                        Start time (UTC):10:09:13
                        Start date (UTC):23/11/2024
                        Path:/tmp/yakuza.arm5.elf
                        Arguments:-
                        File size:4956856 bytes
                        MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                        General

                        Start time (UTC):10:09:13
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:sh -c "pkill -9 1378bfp919GRB1Q2 || busybox pkill -9 1378bfp919GRB1Q2"
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        General

                        Start time (UTC):10:09:13
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:-
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        General

                        Start time (UTC):10:09:13
                        Start date (UTC):23/11/2024
                        Path:/usr/bin/pkill
                        Arguments:pkill -9 1378bfp919GRB1Q2
                        File size:30968 bytes
                        MD5 hash:fa96a75a08109d8842e4865b2907d51f

                        General

                        Start time (UTC):10:09:14
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:-
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        General

                        Start time (UTC):10:09:14
                        Start date (UTC):23/11/2024
                        Path:/usr/bin/busybox
                        Arguments:busybox pkill -9 1378bfp919GRB1Q2
                        File size:2172376 bytes
                        MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                        General

                        Start time (UTC):10:09:15
                        Start date (UTC):23/11/2024
                        Path:/tmp/yakuza.arm5.elf
                        Arguments:-
                        File size:4956856 bytes
                        MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                        General

                        Start time (UTC):10:09:15
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:sh -c "pkill -9 SAIAKUSO || busybox pkill -9 SAIAKUSO"
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        General

                        Start time (UTC):10:09:15
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:-
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        General

                        Start time (UTC):10:09:15
                        Start date (UTC):23/11/2024
                        Path:/usr/bin/pkill
                        Arguments:pkill -9 SAIAKUSO
                        File size:30968 bytes
                        MD5 hash:fa96a75a08109d8842e4865b2907d51f

                        General

                        Start time (UTC):10:09:16
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:-
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        General

                        Start time (UTC):10:09:16
                        Start date (UTC):23/11/2024
                        Path:/usr/bin/busybox
                        Arguments:busybox pkill -9 SAIAKUSO
                        File size:2172376 bytes
                        MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                        General

                        Start time (UTC):10:09:17
                        Start date (UTC):23/11/2024
                        Path:/tmp/yakuza.arm5.elf
                        Arguments:-
                        File size:4956856 bytes
                        MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                        General

                        Start time (UTC):10:09:17
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:sh -c "pkill -9 ggtr || busybox pkill -9 ggtr"
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        General

                        Start time (UTC):10:09:17
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:-
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        General

                        Start time (UTC):10:09:17
                        Start date (UTC):23/11/2024
                        Path:/usr/bin/pkill
                        Arguments:pkill -9 ggtr
                        File size:30968 bytes
                        MD5 hash:fa96a75a08109d8842e4865b2907d51f

                        General

                        Start time (UTC):10:09:18
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:-
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        General

                        Start time (UTC):10:09:18
                        Start date (UTC):23/11/2024
                        Path:/usr/bin/busybox
                        Arguments:busybox pkill -9 ggtr
                        File size:2172376 bytes
                        MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                        General

                        Start time (UTC):10:09:19
                        Start date (UTC):23/11/2024
                        Path:/tmp/yakuza.arm5.elf
                        Arguments:-
                        File size:4956856 bytes
                        MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                        General

                        Start time (UTC):10:09:19
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:sh -c "pkill -9 14Fa || busybox pkill -9 14Fa"
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        General

                        Start time (UTC):10:09:19
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:-
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        General

                        Start time (UTC):10:09:19
                        Start date (UTC):23/11/2024
                        Path:/usr/bin/pkill
                        Arguments:pkill -9 14Fa
                        File size:30968 bytes
                        MD5 hash:fa96a75a08109d8842e4865b2907d51f

                        General

                        Start time (UTC):10:09:20
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:-
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        General

                        Start time (UTC):10:09:20
                        Start date (UTC):23/11/2024
                        Path:/usr/bin/busybox
                        Arguments:busybox pkill -9 14Fa
                        File size:2172376 bytes
                        MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                        General

                        Start time (UTC):10:09:21
                        Start date (UTC):23/11/2024
                        Path:/tmp/yakuza.arm5.elf
                        Arguments:-
                        File size:4956856 bytes
                        MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                        General

                        Start time (UTC):10:09:21
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:sh -c "pkill -9 SEXSLAVE1337 || busybox pkill -9 SEXSLAVE1337"
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        General

                        Start time (UTC):10:09:21
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:-
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        General

                        Start time (UTC):10:09:21
                        Start date (UTC):23/11/2024
                        Path:/usr/bin/pkill
                        Arguments:pkill -9 SEXSLAVE1337
                        File size:30968 bytes
                        MD5 hash:fa96a75a08109d8842e4865b2907d51f

                        General

                        Start time (UTC):10:09:22
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:-
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        General

                        Start time (UTC):10:09:22
                        Start date (UTC):23/11/2024
                        Path:/usr/bin/busybox
                        Arguments:busybox pkill -9 SEXSLAVE1337
                        File size:2172376 bytes
                        MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                        General

                        Start time (UTC):10:09:23
                        Start date (UTC):23/11/2024
                        Path:/tmp/yakuza.arm5.elf
                        Arguments:-
                        File size:4956856 bytes
                        MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                        General

                        Start time (UTC):10:09:23
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:sh -c "pkill -9 ggtt || busybox pkill -9 ggtt"
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        General

                        Start time (UTC):10:09:23
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:-
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        General

                        Start time (UTC):10:09:23
                        Start date (UTC):23/11/2024
                        Path:/usr/bin/pkill
                        Arguments:pkill -9 ggtt
                        File size:30968 bytes
                        MD5 hash:fa96a75a08109d8842e4865b2907d51f

                        General

                        Start time (UTC):10:09:24
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:-
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        General

                        Start time (UTC):10:09:24
                        Start date (UTC):23/11/2024
                        Path:/usr/bin/busybox
                        Arguments:busybox pkill -9 ggtt
                        File size:2172376 bytes
                        MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                        General

                        Start time (UTC):10:09:25
                        Start date (UTC):23/11/2024
                        Path:/tmp/yakuza.arm5.elf
                        Arguments:-
                        File size:4956856 bytes
                        MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                        General

                        Start time (UTC):10:09:25
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:sh -c "pkill -9 1902a3u912u3u4 || busybox pkill -9 1902a3u912u3u4"
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        General

                        Start time (UTC):10:09:25
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:-
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        General

                        Start time (UTC):10:09:25
                        Start date (UTC):23/11/2024
                        Path:/usr/bin/pkill
                        Arguments:pkill -9 1902a3u912u3u4
                        File size:30968 bytes
                        MD5 hash:fa96a75a08109d8842e4865b2907d51f

                        General

                        Start time (UTC):10:09:26
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:-
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        General

                        Start time (UTC):10:09:26
                        Start date (UTC):23/11/2024
                        Path:/usr/bin/busybox
                        Arguments:busybox pkill -9 1902a3u912u3u4
                        File size:2172376 bytes
                        MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                        General

                        Start time (UTC):10:09:27
                        Start date (UTC):23/11/2024
                        Path:/tmp/yakuza.arm5.elf
                        Arguments:-
                        File size:4956856 bytes
                        MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                        General

                        Start time (UTC):10:09:27
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:sh -c "pkill -9 SO190Ij1X || busybox pkill -9 SO190Ij1X"
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        General

                        Start time (UTC):10:09:27
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:-
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        General

                        Start time (UTC):10:09:27
                        Start date (UTC):23/11/2024
                        Path:/usr/bin/pkill
                        Arguments:pkill -9 SO190Ij1X
                        File size:30968 bytes
                        MD5 hash:fa96a75a08109d8842e4865b2907d51f

                        General

                        Start time (UTC):10:09:28
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:-
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        General

                        Start time (UTC):10:09:28
                        Start date (UTC):23/11/2024
                        Path:/usr/bin/busybox
                        Arguments:busybox pkill -9 SO190Ij1X
                        File size:2172376 bytes
                        MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                        General

                        Start time (UTC):10:09:29
                        Start date (UTC):23/11/2024
                        Path:/tmp/yakuza.arm5.elf
                        Arguments:-
                        File size:4956856 bytes
                        MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                        General

                        Start time (UTC):10:09:29
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:sh -c "pkill -9 haetrghbr || busybox pkill -9 haetrghbr"
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        General

                        Start time (UTC):10:09:29
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:-
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        General

                        Start time (UTC):10:09:29
                        Start date (UTC):23/11/2024
                        Path:/usr/bin/pkill
                        Arguments:pkill -9 haetrghbr
                        File size:30968 bytes
                        MD5 hash:fa96a75a08109d8842e4865b2907d51f

                        General

                        Start time (UTC):10:09:30
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:-
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        General

                        Start time (UTC):10:09:30
                        Start date (UTC):23/11/2024
                        Path:/usr/bin/busybox
                        Arguments:busybox pkill -9 haetrghbr
                        File size:2172376 bytes
                        MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                        General

                        Start time (UTC):10:09:31
                        Start date (UTC):23/11/2024
                        Path:/tmp/yakuza.arm5.elf
                        Arguments:-
                        File size:4956856 bytes
                        MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                        General

                        Start time (UTC):10:09:31
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:sh -c "pkill -9 19ju3d || busybox pkill -9 19ju3d"
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        General

                        Start time (UTC):10:09:31
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:-
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        General

                        Start time (UTC):10:09:31
                        Start date (UTC):23/11/2024
                        Path:/usr/bin/pkill
                        Arguments:pkill -9 19ju3d
                        File size:30968 bytes
                        MD5 hash:fa96a75a08109d8842e4865b2907d51f

                        General

                        Start time (UTC):10:09:32
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:-
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        General

                        Start time (UTC):10:09:32
                        Start date (UTC):23/11/2024
                        Path:/usr/bin/busybox
                        Arguments:busybox pkill -9 19ju3d
                        File size:2172376 bytes
                        MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                        General

                        Start time (UTC):10:09:33
                        Start date (UTC):23/11/2024
                        Path:/tmp/yakuza.arm5.elf
                        Arguments:-
                        File size:4956856 bytes
                        MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                        General

                        Start time (UTC):10:09:33
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:sh -c "pkill -9 SORAojkf120 || busybox pkill -9 SORAojkf120"
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        General

                        Start time (UTC):10:09:33
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:-
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        General

                        Start time (UTC):10:09:33
                        Start date (UTC):23/11/2024
                        Path:/usr/bin/pkill
                        Arguments:pkill -9 SORAojkf120
                        File size:30968 bytes
                        MD5 hash:fa96a75a08109d8842e4865b2907d51f

                        General

                        Start time (UTC):10:09:34
                        Start date (UTC):23/11/2024
                        Path:/bin/sh
                        Arguments:-
                        File size:129816 bytes
                        MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                        General

                        Start time (UTC):10:09:34
                        Start date (UTC):23/11/2024
                        Path:/usr/bin/busybox
                        Arguments:busybox pkill -9 SORAojkf120
                        File size:2172376 bytes
                        MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc