Source: unknown | TCP traffic detected without corresponding DNS query: 205.181.36.236 |
Source: unknown | TCP traffic detected without corresponding DNS query: 45.126.195.192 |
Source: unknown | TCP traffic detected without corresponding DNS query: 156.144.18.206 |
Source: unknown | TCP traffic detected without corresponding DNS query: 94.156.227.234 |
Source: unknown | TCP traffic detected without corresponding DNS query: 103.196.5.144 |
Source: unknown | TCP traffic detected without corresponding DNS query: 111.125.55.91 |
Source: unknown | TCP traffic detected without corresponding DNS query: 62.225.116.100 |
Source: unknown | TCP traffic detected without corresponding DNS query: 52.84.118.146 |
Source: unknown | TCP traffic detected without corresponding DNS query: 73.218.255.124 |
Source: unknown | TCP traffic detected without corresponding DNS query: 223.38.1.80 |
Source: unknown | TCP traffic detected without corresponding DNS query: 219.241.165.108 |
Source: unknown | TCP traffic detected without corresponding DNS query: 216.250.19.190 |
Source: unknown | TCP traffic detected without corresponding DNS query: 6.211.13.65 |
Source: unknown | TCP traffic detected without corresponding DNS query: 213.55.245.14 |
Source: unknown | TCP traffic detected without corresponding DNS query: 215.52.26.4 |
Source: unknown | TCP traffic detected without corresponding DNS query: 9.129.94.122 |
Source: unknown | TCP traffic detected without corresponding DNS query: 47.141.90.29 |
Source: unknown | TCP traffic detected without corresponding DNS query: 28.27.182.234 |
Source: unknown | TCP traffic detected without corresponding DNS query: 53.236.44.244 |
Source: unknown | TCP traffic detected without corresponding DNS query: 116.88.3.27 |
Source: unknown | TCP traffic detected without corresponding DNS query: 154.216.19.139 |
Source: unknown | TCP traffic detected without corresponding DNS query: 167.167.140.221 |
Source: unknown | TCP traffic detected without corresponding DNS query: 18.242.255.3 |
Source: unknown | TCP traffic detected without corresponding DNS query: 204.76.192.171 |
Source: unknown | TCP traffic detected without corresponding DNS query: 122.159.244.47 |
Source: unknown | TCP traffic detected without corresponding DNS query: 191.141.13.246 |
Source: unknown | TCP traffic detected without corresponding DNS query: 35.38.189.105 |
Source: unknown | TCP traffic detected without corresponding DNS query: 205.181.36.236 |
Source: unknown | TCP traffic detected without corresponding DNS query: 45.126.195.192 |
Source: unknown | TCP traffic detected without corresponding DNS query: 156.144.18.206 |
Source: unknown | TCP traffic detected without corresponding DNS query: 94.156.227.234 |
Source: unknown | TCP traffic detected without corresponding DNS query: 103.196.5.144 |
Source: unknown | TCP traffic detected without corresponding DNS query: 111.125.55.91 |
Source: unknown | TCP traffic detected without corresponding DNS query: 62.225.116.100 |
Source: unknown | TCP traffic detected without corresponding DNS query: 52.84.118.146 |
Source: unknown | TCP traffic detected without corresponding DNS query: 73.218.255.124 |
Source: unknown | TCP traffic detected without corresponding DNS query: 223.38.1.80 |
Source: unknown | TCP traffic detected without corresponding DNS query: 219.241.165.108 |
Source: unknown | TCP traffic detected without corresponding DNS query: 216.250.19.190 |
Source: unknown | TCP traffic detected without corresponding DNS query: 215.52.26.4 |
Source: unknown | TCP traffic detected without corresponding DNS query: 47.141.90.29 |
Source: unknown | TCP traffic detected without corresponding DNS query: 6.211.13.65 |
Source: unknown | TCP traffic detected without corresponding DNS query: 116.88.3.27 |
Source: unknown | TCP traffic detected without corresponding DNS query: 154.216.19.139 |
Source: unknown | TCP traffic detected without corresponding DNS query: 204.76.192.171 |
Source: unknown | TCP traffic detected without corresponding DNS query: 28.27.182.234 |
Source: unknown | TCP traffic detected without corresponding DNS query: 53.236.44.244 |
Source: unknown | TCP traffic detected without corresponding DNS query: 9.129.94.122 |
Source: unknown | TCP traffic detected without corresponding DNS query: 18.242.255.3 |
Source: unknown | TCP traffic detected without corresponding DNS query: 167.167.140.221 |
Source: x86_64.nn.elf, type: SAMPLE | Matched rule: Linux_Trojan_Gafgyt_9e9530a7 Author: unknown |
Source: x86_64.nn.elf, type: SAMPLE | Matched rule: Linux_Trojan_Gafgyt_807911a2 Author: unknown |
Source: x86_64.nn.elf, type: SAMPLE | Matched rule: Linux_Trojan_Gafgyt_d4227dbf Author: unknown |
Source: x86_64.nn.elf, type: SAMPLE | Matched rule: Linux_Trojan_Gafgyt_d996d335 Author: unknown |
Source: x86_64.nn.elf, type: SAMPLE | Matched rule: Linux_Trojan_Gafgyt_620087b9 Author: unknown |
Source: x86_64.nn.elf, type: SAMPLE | Matched rule: Linux_Trojan_Gafgyt_33b4111a Author: unknown |
Source: x86_64.nn.elf, type: SAMPLE | Matched rule: Linux_Trojan_Mirai_e0cf29e2 Author: unknown |
Source: 6316.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Gafgyt_9e9530a7 Author: unknown |
Source: 6316.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Gafgyt_807911a2 Author: unknown |
Source: 6316.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Gafgyt_d4227dbf Author: unknown |
Source: 6316.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Gafgyt_d996d335 Author: unknown |
Source: 6316.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Gafgyt_620087b9 Author: unknown |
Source: 6316.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Gafgyt_33b4111a Author: unknown |
Source: 6316.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Mirai_e0cf29e2 Author: unknown |
Source: 6255.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Gafgyt_9e9530a7 Author: unknown |
Source: 6255.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Gafgyt_807911a2 Author: unknown |
Source: 6255.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Gafgyt_d4227dbf Author: unknown |
Source: 6255.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Gafgyt_d996d335 Author: unknown |
Source: 6255.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Gafgyt_620087b9 Author: unknown |
Source: 6255.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Gafgyt_33b4111a Author: unknown |
Source: 6255.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Mirai_e0cf29e2 Author: unknown |
Source: 6326.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Gafgyt_9e9530a7 Author: unknown |
Source: 6326.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Gafgyt_807911a2 Author: unknown |
Source: 6326.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Gafgyt_d4227dbf Author: unknown |
Source: 6326.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Gafgyt_d996d335 Author: unknown |
Source: 6326.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Gafgyt_620087b9 Author: unknown |
Source: 6326.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Gafgyt_33b4111a Author: unknown |
Source: 6326.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Mirai_e0cf29e2 Author: unknown |
Source: 6318.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Gafgyt_9e9530a7 Author: unknown |
Source: 6318.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Gafgyt_807911a2 Author: unknown |
Source: 6318.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Gafgyt_d4227dbf Author: unknown |
Source: 6318.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Gafgyt_d996d335 Author: unknown |
Source: 6318.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Gafgyt_620087b9 Author: unknown |
Source: 6318.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Gafgyt_33b4111a Author: unknown |
Source: 6318.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Mirai_e0cf29e2 Author: unknown |
Source: 6327.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Gafgyt_9e9530a7 Author: unknown |
Source: 6327.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Gafgyt_807911a2 Author: unknown |
Source: 6327.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Gafgyt_d4227dbf Author: unknown |
Source: 6327.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Gafgyt_d996d335 Author: unknown |
Source: 6327.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Gafgyt_620087b9 Author: unknown |
Source: 6327.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Gafgyt_33b4111a Author: unknown |
Source: 6327.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Mirai_e0cf29e2 Author: unknown |
Source: x86_64.nn.elf, type: SAMPLE | Matched rule: Linux_Trojan_Gafgyt_9e9530a7 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = d6ad6512051e87c8c35dc168d82edd071b122d026dce21d39b9782b3d6a01e50, id = 9e9530a7-ad4d-4a44-b764-437b7621052f, last_modified = 2021-09-16 |
Source: x86_64.nn.elf, type: SAMPLE | Matched rule: Linux_Trojan_Gafgyt_807911a2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = f409037091b7372f5a42bbe437316bd11c655e7a5fe1fcf83d1981cb5c4a389f, id = 807911a2-f6ec-4e65-924f-61cb065dafc6, last_modified = 2021-09-16 |
Source: x86_64.nn.elf, type: SAMPLE | Matched rule: Linux_Trojan_Gafgyt_d4227dbf reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 58c4b1d4d167876b64cfa10f609911a80284180e4db093917fea16fae8ccd4e3, id = d4227dbf-6ab4-4637-a6ba-0e604acaafb4, last_modified = 2021-09-16 |
Source: x86_64.nn.elf, type: SAMPLE | Matched rule: Linux_Trojan_Gafgyt_d996d335 reference_sample = b511eacd4b44744c8cf82d1b4a9bc6f1022fe6be7c5d17356b171f727ddc6eda, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = e9ccb8412f32187c309b0e9afcc3a6da21ad2f1ffa251c27f9f720ccb284e3ac, id = d996d335-e049-4052-bf36-6cd07c911a8b, last_modified = 2021-09-16 |
Source: x86_64.nn.elf, type: SAMPLE | Matched rule: Linux_Trojan_Gafgyt_620087b9 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 06cd7e6eb62352ec2ccb9ed48e58c0583c02fefd137cd048d053ab30b5330307, id = 620087b9-c87d-4752-89e8-ca1c16486b28, last_modified = 2021-09-16 |
Source: x86_64.nn.elf, type: SAMPLE | Matched rule: Linux_Trojan_Gafgyt_33b4111a reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 9c3b63b9a0f54006bae12abcefdb518904a85f78be573f0780f0a265b12d2d6e, id = 33b4111a-e59e-48db-9d74-34ca44fcd9f5, last_modified = 2021-09-16 |
Source: x86_64.nn.elf, type: SAMPLE | Matched rule: Linux_Trojan_Mirai_e0cf29e2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 3f124c3c9f124264dfbbcca1e4b4d7cfcf3274170d4bf8966b6559045873948f, id = e0cf29e2-88d7-4aa4-b60a-c24626f2b246, last_modified = 2021-09-16 |
Source: 6316.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Gafgyt_9e9530a7 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = d6ad6512051e87c8c35dc168d82edd071b122d026dce21d39b9782b3d6a01e50, id = 9e9530a7-ad4d-4a44-b764-437b7621052f, last_modified = 2021-09-16 |
Source: 6316.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Gafgyt_807911a2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = f409037091b7372f5a42bbe437316bd11c655e7a5fe1fcf83d1981cb5c4a389f, id = 807911a2-f6ec-4e65-924f-61cb065dafc6, last_modified = 2021-09-16 |
Source: 6316.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Gafgyt_d4227dbf reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 58c4b1d4d167876b64cfa10f609911a80284180e4db093917fea16fae8ccd4e3, id = d4227dbf-6ab4-4637-a6ba-0e604acaafb4, last_modified = 2021-09-16 |
Source: 6316.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Gafgyt_d996d335 reference_sample = b511eacd4b44744c8cf82d1b4a9bc6f1022fe6be7c5d17356b171f727ddc6eda, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = e9ccb8412f32187c309b0e9afcc3a6da21ad2f1ffa251c27f9f720ccb284e3ac, id = d996d335-e049-4052-bf36-6cd07c911a8b, last_modified = 2021-09-16 |
Source: 6316.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Gafgyt_620087b9 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 06cd7e6eb62352ec2ccb9ed48e58c0583c02fefd137cd048d053ab30b5330307, id = 620087b9-c87d-4752-89e8-ca1c16486b28, last_modified = 2021-09-16 |
Source: 6316.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Gafgyt_33b4111a reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 9c3b63b9a0f54006bae12abcefdb518904a85f78be573f0780f0a265b12d2d6e, id = 33b4111a-e59e-48db-9d74-34ca44fcd9f5, last_modified = 2021-09-16 |
Source: 6316.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Mirai_e0cf29e2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 3f124c3c9f124264dfbbcca1e4b4d7cfcf3274170d4bf8966b6559045873948f, id = e0cf29e2-88d7-4aa4-b60a-c24626f2b246, last_modified = 2021-09-16 |
Source: 6255.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Gafgyt_9e9530a7 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = d6ad6512051e87c8c35dc168d82edd071b122d026dce21d39b9782b3d6a01e50, id = 9e9530a7-ad4d-4a44-b764-437b7621052f, last_modified = 2021-09-16 |
Source: 6255.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Gafgyt_807911a2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = f409037091b7372f5a42bbe437316bd11c655e7a5fe1fcf83d1981cb5c4a389f, id = 807911a2-f6ec-4e65-924f-61cb065dafc6, last_modified = 2021-09-16 |
Source: 6255.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Gafgyt_d4227dbf reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 58c4b1d4d167876b64cfa10f609911a80284180e4db093917fea16fae8ccd4e3, id = d4227dbf-6ab4-4637-a6ba-0e604acaafb4, last_modified = 2021-09-16 |
Source: 6255.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Gafgyt_d996d335 reference_sample = b511eacd4b44744c8cf82d1b4a9bc6f1022fe6be7c5d17356b171f727ddc6eda, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = e9ccb8412f32187c309b0e9afcc3a6da21ad2f1ffa251c27f9f720ccb284e3ac, id = d996d335-e049-4052-bf36-6cd07c911a8b, last_modified = 2021-09-16 |
Source: 6255.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Gafgyt_620087b9 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 06cd7e6eb62352ec2ccb9ed48e58c0583c02fefd137cd048d053ab30b5330307, id = 620087b9-c87d-4752-89e8-ca1c16486b28, last_modified = 2021-09-16 |
Source: 6255.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Gafgyt_33b4111a reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 9c3b63b9a0f54006bae12abcefdb518904a85f78be573f0780f0a265b12d2d6e, id = 33b4111a-e59e-48db-9d74-34ca44fcd9f5, last_modified = 2021-09-16 |
Source: 6255.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Mirai_e0cf29e2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 3f124c3c9f124264dfbbcca1e4b4d7cfcf3274170d4bf8966b6559045873948f, id = e0cf29e2-88d7-4aa4-b60a-c24626f2b246, last_modified = 2021-09-16 |
Source: 6326.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Gafgyt_9e9530a7 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = d6ad6512051e87c8c35dc168d82edd071b122d026dce21d39b9782b3d6a01e50, id = 9e9530a7-ad4d-4a44-b764-437b7621052f, last_modified = 2021-09-16 |
Source: 6326.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Gafgyt_807911a2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = f409037091b7372f5a42bbe437316bd11c655e7a5fe1fcf83d1981cb5c4a389f, id = 807911a2-f6ec-4e65-924f-61cb065dafc6, last_modified = 2021-09-16 |
Source: 6326.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Gafgyt_d4227dbf reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 58c4b1d4d167876b64cfa10f609911a80284180e4db093917fea16fae8ccd4e3, id = d4227dbf-6ab4-4637-a6ba-0e604acaafb4, last_modified = 2021-09-16 |
Source: 6326.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Gafgyt_d996d335 reference_sample = b511eacd4b44744c8cf82d1b4a9bc6f1022fe6be7c5d17356b171f727ddc6eda, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = e9ccb8412f32187c309b0e9afcc3a6da21ad2f1ffa251c27f9f720ccb284e3ac, id = d996d335-e049-4052-bf36-6cd07c911a8b, last_modified = 2021-09-16 |
Source: 6326.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Gafgyt_620087b9 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 06cd7e6eb62352ec2ccb9ed48e58c0583c02fefd137cd048d053ab30b5330307, id = 620087b9-c87d-4752-89e8-ca1c16486b28, last_modified = 2021-09-16 |
Source: 6326.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Gafgyt_33b4111a reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 9c3b63b9a0f54006bae12abcefdb518904a85f78be573f0780f0a265b12d2d6e, id = 33b4111a-e59e-48db-9d74-34ca44fcd9f5, last_modified = 2021-09-16 |
Source: 6326.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Mirai_e0cf29e2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 3f124c3c9f124264dfbbcca1e4b4d7cfcf3274170d4bf8966b6559045873948f, id = e0cf29e2-88d7-4aa4-b60a-c24626f2b246, last_modified = 2021-09-16 |
Source: 6318.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Gafgyt_9e9530a7 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = d6ad6512051e87c8c35dc168d82edd071b122d026dce21d39b9782b3d6a01e50, id = 9e9530a7-ad4d-4a44-b764-437b7621052f, last_modified = 2021-09-16 |
Source: 6318.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Gafgyt_807911a2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = f409037091b7372f5a42bbe437316bd11c655e7a5fe1fcf83d1981cb5c4a389f, id = 807911a2-f6ec-4e65-924f-61cb065dafc6, last_modified = 2021-09-16 |
Source: 6318.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Gafgyt_d4227dbf reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 58c4b1d4d167876b64cfa10f609911a80284180e4db093917fea16fae8ccd4e3, id = d4227dbf-6ab4-4637-a6ba-0e604acaafb4, last_modified = 2021-09-16 |
Source: 6318.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Gafgyt_d996d335 reference_sample = b511eacd4b44744c8cf82d1b4a9bc6f1022fe6be7c5d17356b171f727ddc6eda, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = e9ccb8412f32187c309b0e9afcc3a6da21ad2f1ffa251c27f9f720ccb284e3ac, id = d996d335-e049-4052-bf36-6cd07c911a8b, last_modified = 2021-09-16 |
Source: 6318.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Gafgyt_620087b9 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 06cd7e6eb62352ec2ccb9ed48e58c0583c02fefd137cd048d053ab30b5330307, id = 620087b9-c87d-4752-89e8-ca1c16486b28, last_modified = 2021-09-16 |
Source: 6318.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Gafgyt_33b4111a reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 9c3b63b9a0f54006bae12abcefdb518904a85f78be573f0780f0a265b12d2d6e, id = 33b4111a-e59e-48db-9d74-34ca44fcd9f5, last_modified = 2021-09-16 |
Source: 6318.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Mirai_e0cf29e2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 3f124c3c9f124264dfbbcca1e4b4d7cfcf3274170d4bf8966b6559045873948f, id = e0cf29e2-88d7-4aa4-b60a-c24626f2b246, last_modified = 2021-09-16 |
Source: 6327.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Gafgyt_9e9530a7 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = d6ad6512051e87c8c35dc168d82edd071b122d026dce21d39b9782b3d6a01e50, id = 9e9530a7-ad4d-4a44-b764-437b7621052f, last_modified = 2021-09-16 |
Source: 6327.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Gafgyt_807911a2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = f409037091b7372f5a42bbe437316bd11c655e7a5fe1fcf83d1981cb5c4a389f, id = 807911a2-f6ec-4e65-924f-61cb065dafc6, last_modified = 2021-09-16 |
Source: 6327.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Gafgyt_d4227dbf reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 58c4b1d4d167876b64cfa10f609911a80284180e4db093917fea16fae8ccd4e3, id = d4227dbf-6ab4-4637-a6ba-0e604acaafb4, last_modified = 2021-09-16 |
Source: 6327.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Gafgyt_d996d335 reference_sample = b511eacd4b44744c8cf82d1b4a9bc6f1022fe6be7c5d17356b171f727ddc6eda, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = e9ccb8412f32187c309b0e9afcc3a6da21ad2f1ffa251c27f9f720ccb284e3ac, id = d996d335-e049-4052-bf36-6cd07c911a8b, last_modified = 2021-09-16 |
Source: 6327.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Gafgyt_620087b9 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 06cd7e6eb62352ec2ccb9ed48e58c0583c02fefd137cd048d053ab30b5330307, id = 620087b9-c87d-4752-89e8-ca1c16486b28, last_modified = 2021-09-16 |
Source: 6327.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Gafgyt_33b4111a reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 9c3b63b9a0f54006bae12abcefdb518904a85f78be573f0780f0a265b12d2d6e, id = 33b4111a-e59e-48db-9d74-34ca44fcd9f5, last_modified = 2021-09-16 |
Source: 6327.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORY | Matched rule: Linux_Trojan_Mirai_e0cf29e2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 3f124c3c9f124264dfbbcca1e4b4d7cfcf3274170d4bf8966b6559045873948f, id = e0cf29e2-88d7-4aa4-b60a-c24626f2b246, last_modified = 2021-09-16 |
Source: /tmp/x86_64.nn.elf (PID: 6319) | File opened: /proc/6373/status | Jump to behavior |
Source: /tmp/x86_64.nn.elf (PID: 6319) | File opened: /proc/6472/status | Jump to behavior |
Source: /tmp/x86_64.nn.elf (PID: 6319) | File opened: /proc/6372/status | Jump to behavior |
Source: /tmp/x86_64.nn.elf (PID: 6319) | File opened: /proc/6471/status | Jump to behavior |
Source: /tmp/x86_64.nn.elf (PID: 6319) | File opened: /proc/6430/status | Jump to behavior |
Source: /tmp/x86_64.nn.elf (PID: 6319) | File opened: /proc/6375/status | Jump to behavior |
Source: /tmp/x86_64.nn.elf (PID: 6319) | File opened: /proc/6474/status | Jump to behavior |
Source: /tmp/x86_64.nn.elf (PID: 6319) | File opened: /proc/6374/status | Jump to behavior |
Source: /tmp/x86_64.nn.elf (PID: 6319) | File opened: /proc/6473/status | Jump to behavior |
Source: /tmp/x86_64.nn.elf (PID: 6319) | File opened: /proc/6431/status | Jump to behavior |
Source: /tmp/x86_64.nn.elf (PID: 6319) | File opened: /proc/6475/status | Jump to behavior |
Source: /tmp/x86_64.nn.elf (PID: 6319) | File opened: /proc/6371/status | Jump to behavior |
Source: /tmp/x86_64.nn.elf (PID: 6319) | File opened: /proc/6470/status | Jump to behavior |
Source: /tmp/x86_64.nn.elf (PID: 6319) | File opened: /proc/6370/status | Jump to behavior |
Source: /tmp/x86_64.nn.elf (PID: 6319) | File opened: /proc/799/cmdline | Jump to behavior |
Source: /tmp/x86_64.nn.elf (PID: 6319) | File opened: /proc/6425/status | Jump to behavior |
Source: /tmp/x86_64.nn.elf (PID: 6319) | File opened: /proc/6447/status | Jump to behavior |
Source: /tmp/x86_64.nn.elf (PID: 6319) | File opened: /proc/6469/status | Jump to behavior |
Source: /tmp/x86_64.nn.elf (PID: 6319) | File opened: /proc/6369/status | Jump to behavior |
Source: /tmp/x86_64.nn.elf (PID: 6319) | File opened: /proc/6446/status | Jump to behavior |
Source: /tmp/x86_64.nn.elf (PID: 6319) | File opened: /proc/6468/status | Jump to behavior |
Source: /tmp/x86_64.nn.elf (PID: 6319) | File opened: /proc/6405/status | Jump to behavior |
Source: /tmp/x86_64.nn.elf (PID: 6319) | File opened: /proc/6449/status | Jump to behavior |
Source: /tmp/x86_64.nn.elf (PID: 6319) | File opened: /proc/6448/status | Jump to behavior |
Source: /tmp/x86_64.nn.elf (PID: 6319) | File opened: /proc/6426/status | Jump to behavior |
Source: /tmp/x86_64.nn.elf (PID: 6319) | File opened: /proc/6429/status | Jump to behavior |
Source: /tmp/x86_64.nn.elf (PID: 6319) | File opened: /proc/6428/status | Jump to behavior |
Source: /tmp/x86_64.nn.elf (PID: 6319) | File opened: /proc/6461/status | Jump to behavior |
Source: /tmp/x86_64.nn.elf (PID: 6319) | File opened: /proc/6460/status | Jump to behavior |
Source: /tmp/x86_64.nn.elf (PID: 6319) | File opened: /proc/6089/cmdline | Jump to behavior |
Source: /tmp/x86_64.nn.elf (PID: 6319) | File opened: /proc/6463/status | Jump to behavior |
Source: /tmp/x86_64.nn.elf (PID: 6319) | File opened: /proc/6462/status | Jump to behavior |
Source: /tmp/x86_64.nn.elf (PID: 6319) | File opened: /proc/6465/status | Jump to behavior |
Source: /tmp/x86_64.nn.elf (PID: 6319) | File opened: /proc/6464/status | Jump to behavior |
Source: /tmp/x86_64.nn.elf (PID: 6319) | File opened: /proc/6445/status | Jump to behavior |
Source: /tmp/x86_64.nn.elf (PID: 6319) | File opened: /proc/6467/status | Jump to behavior |
Source: /tmp/x86_64.nn.elf (PID: 6319) | File opened: /proc/6466/status | Jump to behavior |
Source: /tmp/x86_64.nn.elf (PID: 6319) | File opened: /proc/6459/status | Jump to behavior |