Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Linux Analysis Report
ub8ehJSePAfc9FYqZIT6.x86_64.elf

Overview

General Information

Sample name:ub8ehJSePAfc9FYqZIT6.x86_64.elf
Analysis ID:1581073
MD5:8c12d2392db8546a0f1a870c8d8da4bb
SHA1:41857b0229bb9533a6e9949b30b593504ab05404
SHA256:c161ac5c4cf291df85f5aa76370cce82b05a99901821ef294052ab788e1e4479
Tags:elfuser-abuse_ch
Infos:

Detection

Score:64
Range:0 - 100
Whitelisted:false

Signatures

Malicious sample detected (through community Yara rule)
Multi AV Scanner detection for submitted file
Machine Learning detection for sample
Sample is packed with UPX
Detected TCP or UDP traffic on non-standard ports
ELF contains segments with high entropy indicating compressed/encrypted content
Enumerates processes within the "proc" file system
Sample contains only a LOAD segment without any section mappings
Yara signature match

Classification

General Information

Joe Sandbox version:41.0.0 Charoite
Analysis ID:1581073
Start date and time:2024-12-26 22:10:28 +01:00
Joe Sandbox product:CloudBasic
Overall analysis duration:0h 4m 53s
Hypervisor based Inspection enabled:false
Report type:full
Cookbook file name:defaultlinuxfilecookbook.jbs
Analysis system description:Ubuntu Linux 20.04 x64 (Kernel 5.4.0-72, Firefox 91.0, Evince Document Viewer 3.36.10, LibreOffice 6.4.7.2, OpenJDK 11.0.11)
Analysis Mode:default
Sample name:ub8ehJSePAfc9FYqZIT6.x86_64.elf
Detection:MAL
Classification:mal64.evad.linELF@0/0@0/0

Warnings

  • VT rate limit hit for: ub8ehJSePAfc9FYqZIT6.x86_64.elf

Runtime Messages

Command:/tmp/ub8ehJSePAfc9FYqZIT6.x86_64.elf
PID:5474
Exit Code:0
Exit Code Info:
Killed:False
Standard Output:
lzrd cock fest"/proc/"/exe
Standard Error:

Process Tree

  • system is lnxubuntu20
  • cleanup

Yara Signatures

Memory Dumps

SourceRuleDescriptionAuthorStrings
5474.1.0000000000400000.0000000000413000.r-x.sdmpLinux_Trojan_Gafgyt_28a2fe0cunknownunknown
  • 0xfeb8:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0xfecc:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0xfee0:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0xfef4:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0xff08:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0xff1c:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0xff30:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0xff44:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0xff58:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0xff6c:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0xff80:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0xff94:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0xffa8:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0xffbc:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0xffd0:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0xffe4:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0xfff8:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x1000c:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x10020:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x10034:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x10048:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
5474.1.0000000000400000.0000000000413000.r-x.sdmpLinux_Trojan_Mirai_564b8edaunknownunknown
  • 0x49b2:$a: 83 FE 01 76 12 0F B7 07 83 EE 02 48 83 C7 02 48 01 C1 83 FE 01
5476.1.0000000000400000.0000000000413000.r-x.sdmpLinux_Trojan_Gafgyt_28a2fe0cunknownunknown
  • 0xfeb8:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0xfecc:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0xfee0:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0xfef4:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0xff08:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0xff1c:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0xff30:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0xff44:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0xff58:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0xff6c:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0xff80:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0xff94:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0xffa8:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0xffbc:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0xffd0:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0xffe4:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0xfff8:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x1000c:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x10020:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x10034:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x10048:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
5476.1.0000000000400000.0000000000413000.r-x.sdmpLinux_Trojan_Mirai_564b8edaunknownunknown
  • 0x49b2:$a: 83 FE 01 76 12 0F B7 07 83 EE 02 48 83 C7 02 48 01 C1 83 FE 01
5475.1.0000000000400000.0000000000413000.r-x.sdmpLinux_Trojan_Gafgyt_28a2fe0cunknownunknown
  • 0xfeb8:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0xfecc:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0xfee0:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0xfef4:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0xff08:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0xff1c:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0xff30:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0xff44:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0xff58:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0xff6c:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0xff80:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0xff94:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0xffa8:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0xffbc:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0xffd0:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0xffe4:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0xfff8:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x1000c:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x10020:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x10034:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x10048:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
Click to see the 7 entries

Suricata Signatures

No Suricata rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

AV Detection

barindex
Multi AV Scanner detection for submitted file
Source: ub8ehJSePAfc9FYqZIT6.x86_64.elfReversingLabs: Detection: 39%
Machine Learning detection for sample
Source: ub8ehJSePAfc9FYqZIT6.x86_64.elfJoe Sandbox ML: detected
Source: global trafficTCP traffic: 192.168.2.13:33618 -> 92.118.56.167:3778
Source: unknownTCP traffic detected without corresponding DNS query: 92.118.56.167
Source: unknownTCP traffic detected without corresponding DNS query: 92.118.56.167
Source: unknownTCP traffic detected without corresponding DNS query: 92.118.56.167
Source: unknownTCP traffic detected without corresponding DNS query: 92.118.56.167
Source: unknownTCP traffic detected without corresponding DNS query: 92.118.56.167
Source: unknownTCP traffic detected without corresponding DNS query: 92.118.56.167
Source: unknownTCP traffic detected without corresponding DNS query: 92.118.56.167
Source: unknownTCP traffic detected without corresponding DNS query: 92.118.56.167
Source: unknownTCP traffic detected without corresponding DNS query: 92.118.56.167
Source: unknownTCP traffic detected without corresponding DNS query: 92.118.56.167
Source: unknownTCP traffic detected without corresponding DNS query: 92.118.56.167
Source: unknownTCP traffic detected without corresponding DNS query: 92.118.56.167
Source: unknownTCP traffic detected without corresponding DNS query: 92.118.56.167
Source: unknownTCP traffic detected without corresponding DNS query: 92.118.56.167
Source: unknownTCP traffic detected without corresponding DNS query: 92.118.56.167
Source: unknownTCP traffic detected without corresponding DNS query: 92.118.56.167
Source: unknownTCP traffic detected without corresponding DNS query: 92.118.56.167
Source: unknownTCP traffic detected without corresponding DNS query: 92.118.56.167
Source: unknownTCP traffic detected without corresponding DNS query: 92.118.56.167
Source: unknownTCP traffic detected without corresponding DNS query: 92.118.56.167
Source: unknownTCP traffic detected without corresponding DNS query: 92.118.56.167
Source: unknownTCP traffic detected without corresponding DNS query: 92.118.56.167
Source: unknownTCP traffic detected without corresponding DNS query: 92.118.56.167
Source: unknownTCP traffic detected without corresponding DNS query: 92.118.56.167
Source: unknownTCP traffic detected without corresponding DNS query: 92.118.56.167
Source: unknownTCP traffic detected without corresponding DNS query: 92.118.56.167
Source: unknownTCP traffic detected without corresponding DNS query: 92.118.56.167
Source: unknownTCP traffic detected without corresponding DNS query: 92.118.56.167
Source: unknownTCP traffic detected without corresponding DNS query: 92.118.56.167
Source: unknownTCP traffic detected without corresponding DNS query: 92.118.56.167
Source: unknownTCP traffic detected without corresponding DNS query: 92.118.56.167
Source: unknownTCP traffic detected without corresponding DNS query: 92.118.56.167
Source: unknownTCP traffic detected without corresponding DNS query: 92.118.56.167
Source: unknownTCP traffic detected without corresponding DNS query: 92.118.56.167
Source: unknownTCP traffic detected without corresponding DNS query: 92.118.56.167
Source: unknownTCP traffic detected without corresponding DNS query: 92.118.56.167
Source: unknownTCP traffic detected without corresponding DNS query: 92.118.56.167
Source: unknownTCP traffic detected without corresponding DNS query: 92.118.56.167
Source: unknownTCP traffic detected without corresponding DNS query: 92.118.56.167
Source: unknownTCP traffic detected without corresponding DNS query: 92.118.56.167
Source: unknownTCP traffic detected without corresponding DNS query: 92.118.56.167
Source: unknownTCP traffic detected without corresponding DNS query: 92.118.56.167
Source: unknownTCP traffic detected without corresponding DNS query: 92.118.56.167
Source: unknownTCP traffic detected without corresponding DNS query: 92.118.56.167
Source: unknownTCP traffic detected without corresponding DNS query: 92.118.56.167
Source: unknownTCP traffic detected without corresponding DNS query: 92.118.56.167
Source: unknownTCP traffic detected without corresponding DNS query: 92.118.56.167
Source: unknownTCP traffic detected without corresponding DNS query: 92.118.56.167
Source: unknownTCP traffic detected without corresponding DNS query: 92.118.56.167
Source: unknownTCP traffic detected without corresponding DNS query: 92.118.56.167
Source: ub8ehJSePAfc9FYqZIT6.x86_64.elfString found in binary or memory: http://upx.sf.net

System Summary

barindex
Malicious sample detected (through community Yara rule)
Source: 5474.1.0000000000400000.0000000000413000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
Source: 5474.1.0000000000400000.0000000000413000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Mirai_564b8eda Author: unknown
Source: 5476.1.0000000000400000.0000000000413000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
Source: 5476.1.0000000000400000.0000000000413000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Mirai_564b8eda Author: unknown
Source: 5475.1.0000000000400000.0000000000413000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
Source: 5475.1.0000000000400000.0000000000413000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Mirai_564b8eda Author: unknown
Source: 5480.1.0000000000400000.0000000000413000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
Source: 5480.1.0000000000400000.0000000000413000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Mirai_564b8eda Author: unknown
Source: Process Memory Space: ub8ehJSePAfc9FYqZIT6.x86_64.elf PID: 5474, type: MEMORYSTRMatched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
Source: Process Memory Space: ub8ehJSePAfc9FYqZIT6.x86_64.elf PID: 5475, type: MEMORYSTRMatched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
Source: Process Memory Space: ub8ehJSePAfc9FYqZIT6.x86_64.elf PID: 5476, type: MEMORYSTRMatched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
Source: Process Memory Space: ub8ehJSePAfc9FYqZIT6.x86_64.elf PID: 5480, type: MEMORYSTRMatched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
Source: LOAD without section mappingsProgram segment: 0x400000
Source: 5474.1.0000000000400000.0000000000413000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
Source: 5474.1.0000000000400000.0000000000413000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Mirai_564b8eda reference_sample = ff04921d7bf9ca01ae33a9fc0743dce9ca250e42a33547c5665b1c9a0b5260ee, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 63a9e43902e7db0b7a20498b5a860e36201bacc407e9e336faca0b7cfbc37819, id = 564b8eda-6f0e-45b8-bef6-d61b0f090a36, last_modified = 2021-09-16
Source: 5476.1.0000000000400000.0000000000413000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
Source: 5476.1.0000000000400000.0000000000413000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Mirai_564b8eda reference_sample = ff04921d7bf9ca01ae33a9fc0743dce9ca250e42a33547c5665b1c9a0b5260ee, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 63a9e43902e7db0b7a20498b5a860e36201bacc407e9e336faca0b7cfbc37819, id = 564b8eda-6f0e-45b8-bef6-d61b0f090a36, last_modified = 2021-09-16
Source: 5475.1.0000000000400000.0000000000413000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
Source: 5475.1.0000000000400000.0000000000413000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Mirai_564b8eda reference_sample = ff04921d7bf9ca01ae33a9fc0743dce9ca250e42a33547c5665b1c9a0b5260ee, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 63a9e43902e7db0b7a20498b5a860e36201bacc407e9e336faca0b7cfbc37819, id = 564b8eda-6f0e-45b8-bef6-d61b0f090a36, last_modified = 2021-09-16
Source: 5480.1.0000000000400000.0000000000413000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
Source: 5480.1.0000000000400000.0000000000413000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Mirai_564b8eda reference_sample = ff04921d7bf9ca01ae33a9fc0743dce9ca250e42a33547c5665b1c9a0b5260ee, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 63a9e43902e7db0b7a20498b5a860e36201bacc407e9e336faca0b7cfbc37819, id = 564b8eda-6f0e-45b8-bef6-d61b0f090a36, last_modified = 2021-09-16
Source: Process Memory Space: ub8ehJSePAfc9FYqZIT6.x86_64.elf PID: 5474, type: MEMORYSTRMatched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
Source: Process Memory Space: ub8ehJSePAfc9FYqZIT6.x86_64.elf PID: 5475, type: MEMORYSTRMatched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
Source: Process Memory Space: ub8ehJSePAfc9FYqZIT6.x86_64.elf PID: 5476, type: MEMORYSTRMatched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
Source: Process Memory Space: ub8ehJSePAfc9FYqZIT6.x86_64.elf PID: 5480, type: MEMORYSTRMatched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
Source: classification engineClassification label: mal64.evad.linELF@0/0@0/0

Data Obfuscation

barindex
Sample is packed with UPX
Source: initial sampleString containing UPX found: $Info: This file is packed with the UPX executable packer http://upx.sf.net $
Source: initial sampleString containing UPX found: $Info: This file is packed with the UPX executable packer http://upx.sf.net $
Source: initial sampleString containing UPX found: $Id: UPX 3.94 Copyright (C) 1996-2017 the UPX Team. All Rights Reserved. $
Source: /tmp/ub8ehJSePAfc9FYqZIT6.x86_64.elf (PID: 5474)File opened: /proc/230/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.x86_64.elf (PID: 5474)File opened: /proc/110/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.x86_64.elf (PID: 5474)File opened: /proc/231/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.x86_64.elf (PID: 5474)File opened: /proc/111/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.x86_64.elf (PID: 5474)File opened: /proc/232/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.x86_64.elf (PID: 5474)File opened: /proc/112/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.x86_64.elf (PID: 5474)File opened: /proc/233/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.x86_64.elf (PID: 5474)File opened: /proc/113/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.x86_64.elf (PID: 5474)File opened: /proc/234/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.x86_64.elf (PID: 5474)File opened: /proc/114/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.x86_64.elf (PID: 5474)File opened: /proc/235/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.x86_64.elf (PID: 5474)File opened: /proc/115/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.x86_64.elf (PID: 5474)File opened: /proc/236/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.x86_64.elf (PID: 5474)File opened: /proc/116/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.x86_64.elf (PID: 5474)File opened: /proc/237/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.x86_64.elf (PID: 5474)File opened: /proc/117/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.x86_64.elf (PID: 5474)File opened: /proc/238/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.x86_64.elf (PID: 5474)File opened: /proc/118/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.x86_64.elf (PID: 5474)File opened: /proc/239/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.x86_64.elf (PID: 5474)File opened: /proc/119/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.x86_64.elf (PID: 5474)File opened: /proc/3631/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.x86_64.elf (PID: 5474)File opened: /proc/914/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.x86_64.elf (PID: 5474)File opened: /proc/10/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.x86_64.elf (PID: 5474)File opened: /proc/917/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.x86_64.elf (PID: 5474)File opened: /proc/11/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.x86_64.elf (PID: 5474)File opened: /proc/12/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.x86_64.elf (PID: 5474)File opened: /proc/13/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.x86_64.elf (PID: 5474)File opened: /proc/14/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.x86_64.elf (PID: 5474)File opened: /proc/15/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.x86_64.elf (PID: 5474)File opened: /proc/16/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.x86_64.elf (PID: 5474)File opened: /proc/17/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.x86_64.elf (PID: 5474)File opened: /proc/18/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.x86_64.elf (PID: 5474)File opened: /proc/19/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.x86_64.elf (PID: 5474)File opened: /proc/240/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.x86_64.elf (PID: 5474)File opened: /proc/3095/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.x86_64.elf (PID: 5474)File opened: /proc/120/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.x86_64.elf (PID: 5474)File opened: /proc/241/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.x86_64.elf (PID: 5474)File opened: /proc/121/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.x86_64.elf (PID: 5474)File opened: /proc/242/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.x86_64.elf (PID: 5474)File opened: /proc/1/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.x86_64.elf (PID: 5474)File opened: /proc/122/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.x86_64.elf (PID: 5474)File opened: /proc/243/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.x86_64.elf (PID: 5474)File opened: /proc/2/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.x86_64.elf (PID: 5474)File opened: /proc/123/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.x86_64.elf (PID: 5474)File opened: /proc/244/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.x86_64.elf (PID: 5474)File opened: /proc/3/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.x86_64.elf (PID: 5474)File opened: /proc/124/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.x86_64.elf (PID: 5474)File opened: /proc/245/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.x86_64.elf (PID: 5474)File opened: /proc/1588/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.x86_64.elf (PID: 5474)File opened: /proc/125/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.x86_64.elf (PID: 5474)File opened: /proc/4/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.x86_64.elf (PID: 5474)File opened: /proc/246/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.x86_64.elf (PID: 5474)File opened: /proc/126/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.x86_64.elf (PID: 5474)File opened: /proc/5/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.x86_64.elf (PID: 5474)File opened: /proc/247/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.x86_64.elf (PID: 5474)File opened: /proc/127/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.x86_64.elf (PID: 5474)File opened: /proc/6/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.x86_64.elf (PID: 5474)File opened: /proc/248/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.x86_64.elf (PID: 5474)File opened: /proc/128/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.x86_64.elf (PID: 5474)File opened: /proc/7/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.x86_64.elf (PID: 5474)File opened: /proc/249/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.x86_64.elf (PID: 5474)File opened: /proc/129/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.x86_64.elf (PID: 5474)File opened: /proc/8/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.x86_64.elf (PID: 5474)File opened: /proc/800/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.x86_64.elf (PID: 5474)File opened: /proc/9/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.x86_64.elf (PID: 5474)File opened: /proc/1906/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.x86_64.elf (PID: 5474)File opened: /proc/802/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.x86_64.elf (PID: 5474)File opened: /proc/803/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.x86_64.elf (PID: 5474)File opened: /proc/20/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.x86_64.elf (PID: 5474)File opened: /proc/21/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.x86_64.elf (PID: 5474)File opened: /proc/22/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.x86_64.elf (PID: 5474)File opened: /proc/23/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.x86_64.elf (PID: 5474)File opened: /proc/24/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.x86_64.elf (PID: 5474)File opened: /proc/25/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.x86_64.elf (PID: 5474)File opened: /proc/26/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.x86_64.elf (PID: 5474)File opened: /proc/27/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.x86_64.elf (PID: 5474)File opened: /proc/28/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.x86_64.elf (PID: 5474)File opened: /proc/29/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.x86_64.elf (PID: 5474)File opened: /proc/3420/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.x86_64.elf (PID: 5474)File opened: /proc/1482/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.x86_64.elf (PID: 5474)File opened: /proc/490/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.x86_64.elf (PID: 5474)File opened: /proc/1480/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.x86_64.elf (PID: 5474)File opened: /proc/250/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.x86_64.elf (PID: 5474)File opened: /proc/371/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.x86_64.elf (PID: 5474)File opened: /proc/130/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.x86_64.elf (PID: 5474)File opened: /proc/251/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.x86_64.elf (PID: 5474)File opened: /proc/131/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.x86_64.elf (PID: 5474)File opened: /proc/252/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.x86_64.elf (PID: 5474)File opened: /proc/132/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.x86_64.elf (PID: 5474)File opened: /proc/253/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.x86_64.elf (PID: 5474)File opened: /proc/254/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.x86_64.elf (PID: 5474)File opened: /proc/1238/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.x86_64.elf (PID: 5474)File opened: /proc/134/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.x86_64.elf (PID: 5474)File opened: /proc/255/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.x86_64.elf (PID: 5474)File opened: /proc/256/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.x86_64.elf (PID: 5474)File opened: /proc/257/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.x86_64.elf (PID: 5474)File opened: /proc/378/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.x86_64.elf (PID: 5474)File opened: /proc/3413/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.x86_64.elf (PID: 5474)File opened: /proc/258/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.x86_64.elf (PID: 5474)File opened: /proc/259/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.x86_64.elf (PID: 5474)File opened: /proc/1475/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.x86_64.elf (PID: 5474)File opened: /proc/936/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.x86_64.elf (PID: 5474)File opened: /proc/30/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.x86_64.elf (PID: 5474)File opened: /proc/816/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.x86_64.elf (PID: 5474)File opened: /proc/35/statusJump to behavior
Source: ub8ehJSePAfc9FYqZIT6.x86_64.elfSubmission file: segment LOAD with 7.9628 entropy (max. 8.0)

Mitre Att&ck Matrix

ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
Gather Victim Identity InformationAcquire InfrastructureValid AccountsWindows Management InstrumentationPath InterceptionPath Interception11
Obfuscated Files or Information		1
OS Credential Dumping		System Service DiscoveryRemote ServicesData from Local System1
Non-Standard Port		Exfiltration Over Other Network MediumAbuse Accessibility Features

Malware Configuration

No configs have been found

Behavior Graph

Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Number of created Files
  • Is malicious
  • Internet
behaviorgraph top1 dnsIp2 2 Behavior Graph ID: 1581073 Sample: ub8ehJSePAfc9FYqZIT6.x86_64.elf Startdate: 26/12/2024 Architecture: LINUX Score: 64 20 92.118.56.167, 33618, 33620, 33622 M247GB Germany 2->20 22 Malicious sample detected (through community Yara rule) 2->22 24 Multi AV Scanner detection for submitted file 2->24 26 Machine Learning detection for sample 2->26 28 Sample is packed with UPX 2->28 8 ub8ehJSePAfc9FYqZIT6.x86_64.elf 2->8         started        signatures3 process4 process5 10 ub8ehJSePAfc9FYqZIT6.x86_64.elf 8->10         started        12 ub8ehJSePAfc9FYqZIT6.x86_64.elf 8->12         started        14 ub8ehJSePAfc9FYqZIT6.x86_64.elf 8->14         started        process6 16 ub8ehJSePAfc9FYqZIT6.x86_64.elf 10->16         started        18 ub8ehJSePAfc9FYqZIT6.x86_64.elf 10->18         started       

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

SourceDetectionScannerLabelLink
ub8ehJSePAfc9FYqZIT6.x86_64.elf39%ReversingLabsLinux.Backdoor.Mirai
ub8ehJSePAfc9FYqZIT6.x86_64.elf100%Joe Sandbox ML

Dropped Files

No Antivirus matches

Domains

No Antivirus matches

URLs

No Antivirus matches

Domains and IPs

Contacted Domains

No contacted domains info

URLs from Memory and Binaries

NameSourceMaliciousAntivirus DetectionReputation
http://upx.sf.netub8ehJSePAfc9FYqZIT6.x86_64.elffalse
    		high

    World Map of Contacted IPs

    • No. of IPs < 25%
    • 25% < No. of IPs < 50%
    • 50% < No. of IPs < 75%
    • 75% < No. of IPs

    Public IPs

    IPDomainCountryFlagASNASN NameMalicious
    92.118.56.167
    		unknownGermany
    		9009M247GBfalse

    Joe Sandbox View / Context

    IPs

    MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
    92.118.56.167ub8ehJSePAfc9FYqZIT6.ppc.elfGet hashmaliciousUnknownBrowse
      ub8ehJSePAfc9FYqZIT6.mips.elfGet hashmaliciousUnknownBrowse
        ub8ehJSePAfc9FYqZIT6.mpsl.elfGet hashmaliciousUnknownBrowse
          ub8ehJSePAfc9FYqZIT6.arm.elfGet hashmaliciousMiraiBrowse
            ub8ehJSePAfc9FYqZIT6.m68k.elfGet hashmaliciousMiraiBrowse
              ub8ehJSePAfc9FYqZIT6.sh4.elfGet hashmaliciousUnknownBrowse
                ub8ehJSePAfc9FYqZIT6.i686.elfGet hashmaliciousUnknownBrowse
                  ub8ehJSePAfc9FYqZIT6.x86.elfGet hashmaliciousUnknownBrowse

                    Domains

                    No context

                    ASNs

                    MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                    M247GBub8ehJSePAfc9FYqZIT6.ppc.elfGet hashmaliciousUnknownBrowse
                    • 92.118.56.167
                    ub8ehJSePAfc9FYqZIT6.mips.elfGet hashmaliciousUnknownBrowse
                    • 92.118.56.167
                    ub8ehJSePAfc9FYqZIT6.mpsl.elfGet hashmaliciousUnknownBrowse
                    • 92.118.56.167
                    ub8ehJSePAfc9FYqZIT6.arm.elfGet hashmaliciousMiraiBrowse
                    • 92.118.56.167
                    ub8ehJSePAfc9FYqZIT6.m68k.elfGet hashmaliciousMiraiBrowse
                    • 92.118.56.167
                    ub8ehJSePAfc9FYqZIT6.sh4.elfGet hashmaliciousUnknownBrowse
                    • 92.118.56.167
                    ub8ehJSePAfc9FYqZIT6.i686.elfGet hashmaliciousUnknownBrowse
                    • 92.118.56.167
                    ub8ehJSePAfc9FYqZIT6.x86.elfGet hashmaliciousUnknownBrowse
                    • 92.118.56.167
                    http://au.kirmalk.com/watch.php?vid=7750fd3c8Get hashmaliciousUnknownBrowse
                    • 38.132.109.126
                    nklppc.elfGet hashmaliciousUnknownBrowse
                    • 193.160.72.174

                    JA3 Fingerprints

                    No context

                    Dropped Files

                    No context

                    Created / dropped Files

                    No created / dropped files found

                    Static File Info

                    General

                    File type:ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, no section header
                    Entropy (8bit):7.96078273108832
                    TrID:
                    • ELF Executable and Linkable format (generic) (4004/1) 100.00%
                    File name:ub8ehJSePAfc9FYqZIT6.x86_64.elf
                    File size:37'532 bytes
                    MD5:8c12d2392db8546a0f1a870c8d8da4bb
                    SHA1:41857b0229bb9533a6e9949b30b593504ab05404
                    SHA256:c161ac5c4cf291df85f5aa76370cce82b05a99901821ef294052ab788e1e4479
                    SHA512:6c47d0d9c80681443b8fab1490ab9eb7081a5aa3242b26dc7e38789a1e8d8825b32b0e95209de17df338f15a6900e9d39e906005e9dc660f86292944209a3323
                    SSDEEP:768:GLR/W7ThZdFW7v2Sv4BB4lA+YVzzHiyCxVwpGtj94/fL/1RWx0o:GV2zdIT5v4BBH+Ydi76MSj6R
                    TLSH:02F2E1AF902AB576C5F251F2582C11C9FD835C05B01F07A70FAEB96AACEDCD11F42985
                    File Content Preview:.ELF..............>.....X.@.....@...................@.8...@.......................@.......@....................... ......................Ka......Ka.............................Q.td.....................................................I..UPX!H.......8:..8:.

                    Static ELF Info

                    ELF header

                    Class:ELF64
                    Data:2's complement, little endian
                    Version:1 (current)
                    Machine:Advanced Micro Devices X86-64
                    Version Number:0x1
                    Type:EXEC (Executable file)
                    OS/ABI:UNIX - System V
                    ABI Version:0
                    Entry Point Address:0x408058
                    Flags:0x0
                    ELF Header Size:64
                    Program Header Offset:64
                    Program Header Size:56
                    Number of Program Headers:3
                    Section Header Offset:0
                    Section Header Size:64
                    Number of Section Headers:0
                    Header String Table Index:0

                    Program Segments

                    TypeOffsetVirtual AddressPhysical AddressFile SizeMemory SizeEntropyFlagsFlags DescriptionAlignProg InterpreterSection Mappings
                    LOAD0x00x4000000x4000000x91940x91947.96280x5R E0x200000
                    LOAD0xb000x614b000x614b000x00x00.00000x6RW 0x1000
                    GNU_STACK0x00x00x00x00x00.00000x6RW 0x8

                    Network Behavior

                    Network Port Distribution

                    TCP Packets

                    TimestampSource PortDest PortSource IPDest IP
                    Dec 26, 2024 22:11:40.829637051 CET336183778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:11:40.949496031 CET37783361892.118.56.167192.168.2.13
                    Dec 26, 2024 22:11:40.949549913 CET336183778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:11:40.950365067 CET336183778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:11:41.069892883 CET37783361892.118.56.167192.168.2.13
                    Dec 26, 2024 22:11:41.069936991 CET336183778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:11:41.189575911 CET37783361892.118.56.167192.168.2.13
                    Dec 26, 2024 22:11:42.215476990 CET37783361892.118.56.167192.168.2.13
                    Dec 26, 2024 22:11:42.215701103 CET336183778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:11:42.215701103 CET336183778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:11:42.216120005 CET336203778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:11:42.335597038 CET37783362092.118.56.167192.168.2.13
                    Dec 26, 2024 22:11:42.335869074 CET336203778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:11:42.336863995 CET336203778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:11:42.456300020 CET37783362092.118.56.167192.168.2.13
                    Dec 26, 2024 22:11:42.456402063 CET336203778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:11:42.575948000 CET37783362092.118.56.167192.168.2.13
                    Dec 26, 2024 22:11:43.569561958 CET37783362092.118.56.167192.168.2.13
                    Dec 26, 2024 22:11:43.569909096 CET336203778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:11:43.569922924 CET336203778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:11:43.570379972 CET336223778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:11:43.689865112 CET37783362292.118.56.167192.168.2.13
                    Dec 26, 2024 22:11:43.689968109 CET336223778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:11:43.690629959 CET336223778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:11:43.810059071 CET37783362292.118.56.167192.168.2.13
                    Dec 26, 2024 22:11:43.810147047 CET336223778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:11:43.933448076 CET37783362292.118.56.167192.168.2.13
                    Dec 26, 2024 22:11:44.920850039 CET37783362292.118.56.167192.168.2.13
                    Dec 26, 2024 22:11:44.921041012 CET336223778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:11:44.921056986 CET336223778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:11:44.921663046 CET336243778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:11:45.041522980 CET37783362492.118.56.167192.168.2.13
                    Dec 26, 2024 22:11:45.041680098 CET336243778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:11:45.042249918 CET336243778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:11:45.412564993 CET336243778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:11:45.441595078 CET37783362492.118.56.167192.168.2.13
                    Dec 26, 2024 22:11:45.532169104 CET37783362492.118.56.167192.168.2.13
                    Dec 26, 2024 22:11:46.322273970 CET336263778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:11:46.442029953 CET37783362692.118.56.167192.168.2.13
                    Dec 26, 2024 22:11:46.442212105 CET336263778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:11:46.443048954 CET336263778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:11:46.551173925 CET37783362492.118.56.167192.168.2.13
                    Dec 26, 2024 22:11:46.551354885 CET336243778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:11:46.551373959 CET336243778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:11:46.551708937 CET336283778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:11:46.562937021 CET37783362692.118.56.167192.168.2.13
                    Dec 26, 2024 22:11:46.563013077 CET336263778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:11:46.671221018 CET37783362892.118.56.167192.168.2.13
                    Dec 26, 2024 22:11:46.671350002 CET336283778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:11:46.671993971 CET336283778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:11:46.682558060 CET37783362692.118.56.167192.168.2.13
                    Dec 26, 2024 22:11:46.791404009 CET37783362892.118.56.167192.168.2.13
                    Dec 26, 2024 22:11:46.791640043 CET336283778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:11:46.911477089 CET37783362892.118.56.167192.168.2.13
                    Dec 26, 2024 22:11:47.671614885 CET37783362692.118.56.167192.168.2.13
                    Dec 26, 2024 22:11:47.671852112 CET336263778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:11:47.671921015 CET336263778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:11:47.672514915 CET336303778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:11:47.791989088 CET37783363092.118.56.167192.168.2.13
                    Dec 26, 2024 22:11:47.792277098 CET336303778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:11:47.793409109 CET336303778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:11:47.900624990 CET37783362892.118.56.167192.168.2.13
                    Dec 26, 2024 22:11:47.900715113 CET336283778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:11:47.900728941 CET336283778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:11:47.901109934 CET336323778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:11:47.913568020 CET37783363092.118.56.167192.168.2.13
                    Dec 26, 2024 22:11:47.913705111 CET336303778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:11:48.020608902 CET37783363292.118.56.167192.168.2.13
                    Dec 26, 2024 22:11:48.020826101 CET336323778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:11:48.021523952 CET336323778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:11:48.033380032 CET37783363092.118.56.167192.168.2.13
                    Dec 26, 2024 22:11:48.140980959 CET37783363292.118.56.167192.168.2.13
                    Dec 26, 2024 22:11:48.141151905 CET336323778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:11:48.260751009 CET37783363292.118.56.167192.168.2.13
                    Dec 26, 2024 22:11:49.022047043 CET37783363092.118.56.167192.168.2.13
                    Dec 26, 2024 22:11:49.022375107 CET336303778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:11:49.022375107 CET336303778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:11:49.022993088 CET336343778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:11:49.142565012 CET37783363492.118.56.167192.168.2.13
                    Dec 26, 2024 22:11:49.142683983 CET336343778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:11:49.143754005 CET336343778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:11:49.250220060 CET37783363292.118.56.167192.168.2.13
                    Dec 26, 2024 22:11:49.250478983 CET336323778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:11:49.250504971 CET336323778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:11:49.250834942 CET336363778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:11:49.263902903 CET37783363492.118.56.167192.168.2.13
                    Dec 26, 2024 22:11:49.263964891 CET336343778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:11:49.370320082 CET37783363692.118.56.167192.168.2.13
                    Dec 26, 2024 22:11:49.370512009 CET336363778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:11:49.383424044 CET37783363492.118.56.167192.168.2.13
                    Dec 26, 2024 22:11:50.276618958 CET336363778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:11:50.396358013 CET37783363692.118.56.167192.168.2.13
                    Dec 26, 2024 22:11:50.396670103 CET336363778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:11:50.397289991 CET336363778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:11:50.408109903 CET37783363492.118.56.167192.168.2.13
                    Dec 26, 2024 22:11:50.408178091 CET336343778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:11:50.408233881 CET336343778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:11:50.408730030 CET336383778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:11:50.516956091 CET37783363692.118.56.167192.168.2.13
                    Dec 26, 2024 22:11:50.517200947 CET336363778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:11:50.528166056 CET37783363892.118.56.167192.168.2.13
                    Dec 26, 2024 22:11:50.528265953 CET336383778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:11:50.637118101 CET37783363692.118.56.167192.168.2.13
                    Dec 26, 2024 22:11:51.428608894 CET336383778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:11:51.836714983 CET37783363692.118.56.167192.168.2.13
                    Dec 26, 2024 22:11:51.836730003 CET37783363892.118.56.167192.168.2.13
                    Dec 26, 2024 22:11:51.836986065 CET336383778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:11:51.837044001 CET336363778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:11:51.837097883 CET336363778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:11:51.837757111 CET336403778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:11:51.839016914 CET336383778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:11:51.957264900 CET37783364092.118.56.167192.168.2.13
                    Dec 26, 2024 22:11:51.957381964 CET336403778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:11:51.958430052 CET336403778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:11:51.958555937 CET37783363892.118.56.167192.168.2.13
                    Dec 26, 2024 22:11:51.958606958 CET336383778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:11:52.078227043 CET37783364092.118.56.167192.168.2.13
                    Dec 26, 2024 22:11:52.078318119 CET336403778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:11:52.078341961 CET37783363892.118.56.167192.168.2.13
                    Dec 26, 2024 22:11:52.197863102 CET37783364092.118.56.167192.168.2.13
                    Dec 26, 2024 22:11:53.073560953 CET37783363892.118.56.167192.168.2.13
                    Dec 26, 2024 22:11:53.073802948 CET336383778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:11:53.073836088 CET336383778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:11:53.074655056 CET336423778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:11:53.194184065 CET37783364292.118.56.167192.168.2.13
                    Dec 26, 2024 22:11:53.194349051 CET336423778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:11:53.195631027 CET336423778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:11:53.218288898 CET37783364092.118.56.167192.168.2.13
                    Dec 26, 2024 22:11:53.218548059 CET336403778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:11:53.218624115 CET336403778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:11:53.219250917 CET336443778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:11:53.315186024 CET37783364292.118.56.167192.168.2.13
                    Dec 26, 2024 22:11:53.315387964 CET336423778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:11:53.338728905 CET37783364492.118.56.167192.168.2.13
                    Dec 26, 2024 22:11:53.338999987 CET336443778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:11:53.340178013 CET336443778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:11:53.435159922 CET37783364292.118.56.167192.168.2.13
                    Dec 26, 2024 22:11:53.459707975 CET37783364492.118.56.167192.168.2.13
                    Dec 26, 2024 22:11:53.459853888 CET336443778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:11:53.579358101 CET37783364492.118.56.167192.168.2.13
                    Dec 26, 2024 22:11:54.424678087 CET37783364292.118.56.167192.168.2.13
                    Dec 26, 2024 22:11:54.424916983 CET336423778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:11:54.424959898 CET336423778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:11:54.425656080 CET336463778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:11:55.006438971 CET37783364492.118.56.167192.168.2.13
                    Dec 26, 2024 22:11:55.006455898 CET37783364292.118.56.167192.168.2.13
                    Dec 26, 2024 22:11:55.006573915 CET37783364292.118.56.167192.168.2.13
                    Dec 26, 2024 22:11:55.006582975 CET37783364492.118.56.167192.168.2.13
                    Dec 26, 2024 22:11:55.006589890 CET37783364492.118.56.167192.168.2.13
                    Dec 26, 2024 22:11:55.006618977 CET336443778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:11:55.006634951 CET336443778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:11:55.006634951 CET336443778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:11:55.006649017 CET336443778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:11:55.006752968 CET336423778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:11:55.006795883 CET336423778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:11:55.006874084 CET37783364692.118.56.167192.168.2.13
                    Dec 26, 2024 22:11:55.006979942 CET336463778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:11:55.007210016 CET336483778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:11:55.008601904 CET336463778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:11:55.269047976 CET37783364892.118.56.167192.168.2.13
                    Dec 26, 2024 22:11:55.269097090 CET37783364692.118.56.167192.168.2.13
                    Dec 26, 2024 22:11:55.269216061 CET336483778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:11:55.269238949 CET336463778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:11:55.269937992 CET336483778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:11:55.388761997 CET37783364692.118.56.167192.168.2.13
                    Dec 26, 2024 22:11:55.389378071 CET37783364892.118.56.167192.168.2.13
                    Dec 26, 2024 22:11:55.389452934 CET336483778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:11:55.508944035 CET37783364892.118.56.167192.168.2.13
                    Dec 26, 2024 22:11:56.379343033 CET37783364692.118.56.167192.168.2.13
                    Dec 26, 2024 22:11:56.379699945 CET336463778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:11:56.379779100 CET336463778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:11:56.380615950 CET336503778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:11:56.499260902 CET37783364892.118.56.167192.168.2.13
                    Dec 26, 2024 22:11:56.499598026 CET336483778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:11:56.499614954 CET336483778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:11:56.500086069 CET37783365092.118.56.167192.168.2.13
                    Dec 26, 2024 22:11:56.500171900 CET336503778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:11:56.500255108 CET336523778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:11:56.501951933 CET336503778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:11:56.619724035 CET37783365292.118.56.167192.168.2.13
                    Dec 26, 2024 22:11:56.620012045 CET336523778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:11:56.620748043 CET336523778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:11:56.621474028 CET37783365092.118.56.167192.168.2.13
                    Dec 26, 2024 22:11:56.621521950 CET336503778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:11:56.740186930 CET37783365292.118.56.167192.168.2.13
                    Dec 26, 2024 22:11:56.740570068 CET336523778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:11:56.740911007 CET37783365092.118.56.167192.168.2.13
                    Dec 26, 2024 22:11:56.860057116 CET37783365292.118.56.167192.168.2.13
                    Dec 26, 2024 22:11:57.729038000 CET37783365092.118.56.167192.168.2.13
                    Dec 26, 2024 22:11:57.729247093 CET336503778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:11:57.729410887 CET336503778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:11:57.730014086 CET336543778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:11:57.849069118 CET37783365292.118.56.167192.168.2.13
                    Dec 26, 2024 22:11:57.849390030 CET336523778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:11:57.849407911 CET336523778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:11:57.849493980 CET37783365492.118.56.167192.168.2.13
                    Dec 26, 2024 22:11:57.849553108 CET336543778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:11:57.849766016 CET336563778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:11:57.851161003 CET336543778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:11:57.969238997 CET37783365692.118.56.167192.168.2.13
                    Dec 26, 2024 22:11:57.969446898 CET336563778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:11:57.970211029 CET336563778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:11:57.970693111 CET37783365492.118.56.167192.168.2.13
                    Dec 26, 2024 22:11:57.970731020 CET336543778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:11:58.089715958 CET37783365692.118.56.167192.168.2.13
                    Dec 26, 2024 22:11:58.089818001 CET336563778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:11:58.090169907 CET37783365492.118.56.167192.168.2.13
                    Dec 26, 2024 22:11:58.209506989 CET37783365692.118.56.167192.168.2.13
                    Dec 26, 2024 22:11:59.079109907 CET37783365492.118.56.167192.168.2.13
                    Dec 26, 2024 22:11:59.079260111 CET336543778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:11:59.079345942 CET336543778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:11:59.080106974 CET336583778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:11:59.199630022 CET37783365892.118.56.167192.168.2.13
                    Dec 26, 2024 22:11:59.199779034 CET336583778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:11:59.200956106 CET336583778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:11:59.202882051 CET37783365692.118.56.167192.168.2.13
                    Dec 26, 2024 22:11:59.202955961 CET336563778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:11:59.203011036 CET336563778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:11:59.203587055 CET336603778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:11:59.320410013 CET37783365892.118.56.167192.168.2.13
                    Dec 26, 2024 22:11:59.320561886 CET336583778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:11:59.323070049 CET37783366092.118.56.167192.168.2.13
                    Dec 26, 2024 22:11:59.323152065 CET336603778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:11:59.324476004 CET336603778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:11:59.440360069 CET37783365892.118.56.167192.168.2.13
                    Dec 26, 2024 22:11:59.443928957 CET37783366092.118.56.167192.168.2.13
                    Dec 26, 2024 22:11:59.444005013 CET336603778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:11:59.563730001 CET37783366092.118.56.167192.168.2.13
                    Dec 26, 2024 22:12:00.432780981 CET37783365892.118.56.167192.168.2.13
                    Dec 26, 2024 22:12:00.433077097 CET336583778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:00.433077097 CET336583778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:00.433900118 CET336623778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:00.553409100 CET37783366292.118.56.167192.168.2.13
                    Dec 26, 2024 22:12:00.553677082 CET336623778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:00.555135965 CET336623778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:00.561197996 CET37783366092.118.56.167192.168.2.13
                    Dec 26, 2024 22:12:00.561275005 CET336603778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:00.561335087 CET336603778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:00.561928034 CET336643778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:00.674658060 CET37783366292.118.56.167192.168.2.13
                    Dec 26, 2024 22:12:00.674773932 CET336623778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:00.681534052 CET37783366492.118.56.167192.168.2.13
                    Dec 26, 2024 22:12:00.681642056 CET336643778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:00.682826996 CET336643778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:00.794748068 CET37783366292.118.56.167192.168.2.13
                    Dec 26, 2024 22:12:00.802395105 CET37783366492.118.56.167192.168.2.13
                    Dec 26, 2024 22:12:00.802650928 CET336643778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:00.922285080 CET37783366492.118.56.167192.168.2.13
                    Dec 26, 2024 22:12:01.783719063 CET37783366292.118.56.167192.168.2.13
                    Dec 26, 2024 22:12:01.784090042 CET336623778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:01.784132957 CET336623778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:01.784787893 CET336663778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:01.904367924 CET37783366692.118.56.167192.168.2.13
                    Dec 26, 2024 22:12:01.904596090 CET336663778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:01.905682087 CET336663778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:01.931921005 CET37783366492.118.56.167192.168.2.13
                    Dec 26, 2024 22:12:01.932054996 CET336643778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:01.932100058 CET336643778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:01.932678938 CET336683778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:02.025229931 CET37783366692.118.56.167192.168.2.13
                    Dec 26, 2024 22:12:02.025333881 CET336663778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:02.052156925 CET37783366892.118.56.167192.168.2.13
                    Dec 26, 2024 22:12:02.052294016 CET336683778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:02.053421974 CET336683778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:02.144984007 CET37783366692.118.56.167192.168.2.13
                    Dec 26, 2024 22:12:02.173268080 CET37783366892.118.56.167192.168.2.13
                    Dec 26, 2024 22:12:02.173530102 CET336683778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:02.296607018 CET37783366892.118.56.167192.168.2.13
                    Dec 26, 2024 22:12:03.134848118 CET37783366692.118.56.167192.168.2.13
                    Dec 26, 2024 22:12:03.135201931 CET336663778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:03.135253906 CET336663778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:03.136070967 CET336703778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:03.255676031 CET37783367092.118.56.167192.168.2.13
                    Dec 26, 2024 22:12:03.255835056 CET336703778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:03.256803989 CET336703778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:03.278789997 CET37783366892.118.56.167192.168.2.13
                    Dec 26, 2024 22:12:03.278940916 CET336683778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:03.279012918 CET336683778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:03.279629946 CET336723778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:03.376310110 CET37783367092.118.56.167192.168.2.13
                    Dec 26, 2024 22:12:03.376425982 CET336703778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:03.399113894 CET37783367292.118.56.167192.168.2.13
                    Dec 26, 2024 22:12:03.399202108 CET336723778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:03.400218010 CET336723778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:03.495932102 CET37783367092.118.56.167192.168.2.13
                    Dec 26, 2024 22:12:03.519712925 CET37783367292.118.56.167192.168.2.13
                    Dec 26, 2024 22:12:03.519804955 CET336723778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:03.639486074 CET37783367292.118.56.167192.168.2.13
                    Dec 26, 2024 22:12:04.754919052 CET37783367092.118.56.167192.168.2.13
                    Dec 26, 2024 22:12:04.754961014 CET37783367292.118.56.167192.168.2.13
                    Dec 26, 2024 22:12:04.754976988 CET37783367092.118.56.167192.168.2.13
                    Dec 26, 2024 22:12:04.755177975 CET336703778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:04.755192995 CET336723778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:04.755208015 CET336703778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:04.755263090 CET336703778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:04.755460978 CET336723778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:04.756227970 CET336743778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:04.756561041 CET336763778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:04.866260052 CET37783367092.118.56.167192.168.2.13
                    Dec 26, 2024 22:12:04.866457939 CET336703778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:04.875689030 CET37783367492.118.56.167192.168.2.13
                    Dec 26, 2024 22:12:04.875818014 CET336743778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:04.875991106 CET37783367692.118.56.167192.168.2.13
                    Dec 26, 2024 22:12:04.876076937 CET336763778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:04.878106117 CET336743778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:04.878556967 CET336763778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:04.997648001 CET37783367492.118.56.167192.168.2.13
                    Dec 26, 2024 22:12:04.997761965 CET336743778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:04.998013020 CET37783367692.118.56.167192.168.2.13
                    Dec 26, 2024 22:12:04.998097897 CET336763778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:05.117292881 CET37783367492.118.56.167192.168.2.13
                    Dec 26, 2024 22:12:05.117582083 CET37783367692.118.56.167192.168.2.13
                    Dec 26, 2024 22:12:06.103735924 CET37783367492.118.56.167192.168.2.13
                    Dec 26, 2024 22:12:06.103991032 CET336743778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:06.104043961 CET336743778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:06.104731083 CET336783778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:06.105290890 CET37783367692.118.56.167192.168.2.13
                    Dec 26, 2024 22:12:06.105391979 CET336763778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:06.105426073 CET336763778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:06.105920076 CET336803778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:06.224250078 CET37783367892.118.56.167192.168.2.13
                    Dec 26, 2024 22:12:06.224503040 CET336783778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:06.225414038 CET37783368092.118.56.167192.168.2.13
                    Dec 26, 2024 22:12:06.225481033 CET336803778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:06.226021051 CET336783778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:06.226524115 CET336803778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:06.345546961 CET37783367892.118.56.167192.168.2.13
                    Dec 26, 2024 22:12:06.345673084 CET336783778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:06.346040964 CET37783368092.118.56.167192.168.2.13
                    Dec 26, 2024 22:12:06.346107006 CET336803778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:06.465516090 CET37783367892.118.56.167192.168.2.13
                    Dec 26, 2024 22:12:06.465958118 CET37783368092.118.56.167192.168.2.13
                    Dec 26, 2024 22:12:07.472335100 CET37783367892.118.56.167192.168.2.13
                    Dec 26, 2024 22:12:07.472371101 CET37783368092.118.56.167192.168.2.13
                    Dec 26, 2024 22:12:07.472493887 CET336783778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:07.472507954 CET336803778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:07.472569942 CET336783778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:07.472903013 CET336803778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:07.473648071 CET336823778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:07.473944902 CET336843778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:07.593492031 CET37783368292.118.56.167192.168.2.13
                    Dec 26, 2024 22:12:07.593602896 CET37783368492.118.56.167192.168.2.13
                    Dec 26, 2024 22:12:07.593617916 CET336823778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:07.593806028 CET336843778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:07.595813990 CET336843778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:07.595932007 CET336823778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:07.715298891 CET37783368492.118.56.167192.168.2.13
                    Dec 26, 2024 22:12:07.715358019 CET37783368292.118.56.167192.168.2.13
                    Dec 26, 2024 22:12:07.715420008 CET336823778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:07.715523958 CET336843778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:07.835028887 CET37783368292.118.56.167192.168.2.13
                    Dec 26, 2024 22:12:07.835040092 CET37783368492.118.56.167192.168.2.13
                    Dec 26, 2024 22:12:08.828120947 CET37783368292.118.56.167192.168.2.13
                    Dec 26, 2024 22:12:08.828397036 CET336823778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:08.828480959 CET336823778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:08.829140902 CET336863778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:08.948581934 CET37783368692.118.56.167192.168.2.13
                    Dec 26, 2024 22:12:08.948740959 CET336863778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:08.950011015 CET336863778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:09.069725990 CET37783368692.118.56.167192.168.2.13
                    Dec 26, 2024 22:12:09.069824934 CET336863778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:09.189474106 CET37783368692.118.56.167192.168.2.13
                    Dec 26, 2024 22:12:10.178427935 CET37783368692.118.56.167192.168.2.13
                    Dec 26, 2024 22:12:10.178647041 CET336863778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:10.178663969 CET336863778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:10.179426908 CET336883778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:10.298927069 CET37783368892.118.56.167192.168.2.13
                    Dec 26, 2024 22:12:10.299118996 CET336883778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:10.300483942 CET336883778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:10.419975042 CET37783368892.118.56.167192.168.2.13
                    Dec 26, 2024 22:12:10.420133114 CET336883778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:10.539633989 CET37783368892.118.56.167192.168.2.13
                    Dec 26, 2024 22:12:11.616031885 CET37783368892.118.56.167192.168.2.13
                    Dec 26, 2024 22:12:11.616323948 CET336883778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:11.616394043 CET336883778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:11.617160082 CET336903778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:11.736618996 CET37783369092.118.56.167192.168.2.13
                    Dec 26, 2024 22:12:11.736830950 CET336903778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:11.737579107 CET336903778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:11.857125998 CET37783369092.118.56.167192.168.2.13
                    Dec 26, 2024 22:12:11.857189894 CET336903778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:11.976757050 CET37783369092.118.56.167192.168.2.13
                    Dec 26, 2024 22:12:13.019409895 CET37783369092.118.56.167192.168.2.13
                    Dec 26, 2024 22:12:13.019687891 CET336903778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:13.019764900 CET336903778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:13.020442009 CET336923778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:13.139906883 CET37783369292.118.56.167192.168.2.13
                    Dec 26, 2024 22:12:13.140043974 CET336923778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:13.140717983 CET336923778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:13.451324940 CET37783369292.118.56.167192.168.2.13
                    Dec 26, 2024 22:12:13.451574087 CET336923778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:13.571260929 CET37783369292.118.56.167192.168.2.13
                    Dec 26, 2024 22:12:14.561192036 CET37783369292.118.56.167192.168.2.13
                    Dec 26, 2024 22:12:14.561527967 CET336923778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:14.561676979 CET336923778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:14.562447071 CET336943778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:14.681896925 CET37783369492.118.56.167192.168.2.13
                    Dec 26, 2024 22:12:14.682022095 CET336943778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:14.683099031 CET336943778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:14.802578926 CET37783369492.118.56.167192.168.2.13
                    Dec 26, 2024 22:12:14.802822113 CET336943778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:14.922350883 CET37783369492.118.56.167192.168.2.13
                    Dec 26, 2024 22:12:15.911864042 CET37783369492.118.56.167192.168.2.13
                    Dec 26, 2024 22:12:15.912163019 CET336943778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:15.912201881 CET336943778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:15.912884951 CET336963778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:16.032444954 CET37783369692.118.56.167192.168.2.13
                    Dec 26, 2024 22:12:16.032628059 CET336963778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:16.033615112 CET336963778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:16.154737949 CET37783369692.118.56.167192.168.2.13
                    Dec 26, 2024 22:12:16.154881954 CET336963778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:16.274517059 CET37783369692.118.56.167192.168.2.13
                    Dec 26, 2024 22:12:17.265669107 CET37783369692.118.56.167192.168.2.13
                    Dec 26, 2024 22:12:17.265841961 CET336963778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:17.265925884 CET336963778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:17.266473055 CET336983778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:17.386177063 CET37783369892.118.56.167192.168.2.13
                    Dec 26, 2024 22:12:17.386312962 CET336983778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:17.387346029 CET336983778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:17.506870031 CET37783369892.118.56.167192.168.2.13
                    Dec 26, 2024 22:12:17.507019043 CET336983778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:17.605992079 CET336843778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:17.626559973 CET37783369892.118.56.167192.168.2.13
                    Dec 26, 2024 22:12:17.725488901 CET37783368492.118.56.167192.168.2.13
                    Dec 26, 2024 22:12:17.964643955 CET37783368492.118.56.167192.168.2.13
                    Dec 26, 2024 22:12:17.964792013 CET336843778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:18.615989923 CET37783369892.118.56.167192.168.2.13
                    Dec 26, 2024 22:12:18.616357088 CET336983778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:18.616441965 CET336983778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:18.617173910 CET337003778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:18.736623049 CET37783370092.118.56.167192.168.2.13
                    Dec 26, 2024 22:12:18.736855984 CET337003778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:18.738385916 CET337003778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:18.859617949 CET37783370092.118.56.167192.168.2.13
                    Dec 26, 2024 22:12:18.859777927 CET337003778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:18.980700970 CET37783370092.118.56.167192.168.2.13
                    Dec 26, 2024 22:12:19.969660044 CET37783370092.118.56.167192.168.2.13
                    Dec 26, 2024 22:12:19.969856024 CET337003778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:19.969883919 CET337003778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:19.970530033 CET337023778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:20.090079069 CET37783370292.118.56.167192.168.2.13
                    Dec 26, 2024 22:12:20.090173006 CET337023778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:20.090856075 CET337023778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:20.211376905 CET37783370292.118.56.167192.168.2.13
                    Dec 26, 2024 22:12:20.211474895 CET337023778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:20.330980062 CET37783370292.118.56.167192.168.2.13
                    Dec 26, 2024 22:12:21.321700096 CET37783370292.118.56.167192.168.2.13
                    Dec 26, 2024 22:12:21.321993113 CET337023778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:21.322010040 CET337023778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:21.322630882 CET337043778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:21.442282915 CET37783370492.118.56.167192.168.2.13
                    Dec 26, 2024 22:12:21.442449093 CET337043778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:21.443689108 CET337043778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:21.563710928 CET37783370492.118.56.167192.168.2.13
                    Dec 26, 2024 22:12:21.563800097 CET337043778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:21.683475018 CET37783370492.118.56.167192.168.2.13
                    Dec 26, 2024 22:12:22.673985004 CET37783370492.118.56.167192.168.2.13
                    Dec 26, 2024 22:12:22.674113035 CET337043778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:22.674130917 CET337043778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:22.674864054 CET337063778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:22.794545889 CET37783370692.118.56.167192.168.2.13
                    Dec 26, 2024 22:12:22.794635057 CET337063778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:22.795494080 CET337063778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:23.172710896 CET337063778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:23.187068939 CET37783370692.118.56.167192.168.2.13
                    Dec 26, 2024 22:12:23.292453051 CET37783370692.118.56.167192.168.2.13
                    Dec 26, 2024 22:12:24.310064077 CET37783370692.118.56.167192.168.2.13
                    Dec 26, 2024 22:12:24.310223103 CET337063778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:24.310292959 CET337063778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:24.311009884 CET337083778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:24.430489063 CET37783370892.118.56.167192.168.2.13
                    Dec 26, 2024 22:12:24.430566072 CET337083778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:24.431881905 CET337083778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:24.551377058 CET37783370892.118.56.167192.168.2.13
                    Dec 26, 2024 22:12:24.551575899 CET337083778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:24.671108961 CET37783370892.118.56.167192.168.2.13
                    Dec 26, 2024 22:12:25.662172079 CET37783370892.118.56.167192.168.2.13
                    Dec 26, 2024 22:12:25.662301064 CET337083778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:25.662301064 CET337083778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:25.662863016 CET337103778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:25.782572031 CET37783371092.118.56.167192.168.2.13
                    Dec 26, 2024 22:12:25.782742977 CET337103778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:25.783781052 CET337103778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:25.903297901 CET37783371092.118.56.167192.168.2.13
                    Dec 26, 2024 22:12:25.903444052 CET337103778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:26.023108006 CET37783371092.118.56.167192.168.2.13
                    Dec 26, 2024 22:12:27.012887001 CET37783371092.118.56.167192.168.2.13
                    Dec 26, 2024 22:12:27.013189077 CET337103778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:27.013264894 CET337103778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:27.013951063 CET337123778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:27.133546114 CET37783371292.118.56.167192.168.2.13
                    Dec 26, 2024 22:12:27.133786917 CET337123778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:27.135025024 CET337123778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:27.254493952 CET37783371292.118.56.167192.168.2.13
                    Dec 26, 2024 22:12:27.254622936 CET337123778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:27.374114037 CET37783371292.118.56.167192.168.2.13
                    Dec 26, 2024 22:12:28.363838911 CET37783371292.118.56.167192.168.2.13
                    Dec 26, 2024 22:12:28.364067078 CET337123778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:28.364068031 CET337123778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:28.364564896 CET337143778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:28.484098911 CET37783371492.118.56.167192.168.2.13
                    Dec 26, 2024 22:12:28.484210968 CET337143778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:28.485542059 CET337143778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:28.605020046 CET37783371492.118.56.167192.168.2.13
                    Dec 26, 2024 22:12:28.605108976 CET337143778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:28.724634886 CET37783371492.118.56.167192.168.2.13
                    Dec 26, 2024 22:12:29.802880049 CET37783371492.118.56.167192.168.2.13
                    Dec 26, 2024 22:12:29.803220987 CET337143778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:29.803261995 CET337143778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:29.803989887 CET337163778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:29.923472881 CET37783371692.118.56.167192.168.2.13
                    Dec 26, 2024 22:12:29.923629045 CET337163778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:29.924863100 CET337163778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:30.044301033 CET37783371692.118.56.167192.168.2.13
                    Dec 26, 2024 22:12:30.044559002 CET337163778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:30.164359093 CET37783371692.118.56.167192.168.2.13
                    Dec 26, 2024 22:12:31.164788008 CET37783371692.118.56.167192.168.2.13
                    Dec 26, 2024 22:12:31.164947033 CET337163778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:31.165008068 CET337163778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:31.165685892 CET337183778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:31.286708117 CET37783371892.118.56.167192.168.2.13
                    Dec 26, 2024 22:12:31.286827087 CET337183778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:31.288059950 CET337183778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:31.407517910 CET37783371892.118.56.167192.168.2.13
                    Dec 26, 2024 22:12:31.407592058 CET337183778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:31.528597116 CET37783371892.118.56.167192.168.2.13
                    Dec 26, 2024 22:12:32.516350031 CET37783371892.118.56.167192.168.2.13
                    Dec 26, 2024 22:12:32.516474962 CET337183778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:32.516525030 CET337183778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:32.517153978 CET337203778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:32.840791941 CET37783371892.118.56.167192.168.2.13
                    Dec 26, 2024 22:12:32.840874910 CET37783372092.118.56.167192.168.2.13
                    Dec 26, 2024 22:12:32.840892076 CET337183778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:32.840929031 CET337203778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:32.841976881 CET337203778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:32.961488008 CET37783372092.118.56.167192.168.2.13
                    Dec 26, 2024 22:12:32.961564064 CET337203778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:33.081180096 CET37783372092.118.56.167192.168.2.13
                    Dec 26, 2024 22:12:42.852092981 CET337203778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:12:42.971748114 CET37783372092.118.56.167192.168.2.13
                    Dec 26, 2024 22:12:43.210735083 CET37783372092.118.56.167192.168.2.13
                    Dec 26, 2024 22:12:43.210815907 CET337203778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:13:18.001327991 CET336843778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:13:18.121123075 CET37783368492.118.56.167192.168.2.13
                    Dec 26, 2024 22:13:18.359992981 CET37783368492.118.56.167192.168.2.13
                    Dec 26, 2024 22:13:18.360286951 CET336843778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:13:43.268929005 CET337203778192.168.2.1392.118.56.167
                    Dec 26, 2024 22:13:43.388605118 CET37783372092.118.56.167192.168.2.13
                    Dec 26, 2024 22:13:43.627532005 CET37783372092.118.56.167192.168.2.13
                    Dec 26, 2024 22:13:43.627625942 CET337203778192.168.2.1392.118.56.167

                    System Behavior

                    General

                    Start time (UTC):21:11:39
                    Start date (UTC):26/12/2024
                    Path:/tmp/ub8ehJSePAfc9FYqZIT6.x86_64.elf
                    Arguments:/tmp/ub8ehJSePAfc9FYqZIT6.x86_64.elf
                    File size:37532 bytes
                    MD5 hash:8c12d2392db8546a0f1a870c8d8da4bb

                    Chronological Activities


                    General

                    Start time (UTC):21:11:39
                    Start date (UTC):26/12/2024
                    Path:/tmp/ub8ehJSePAfc9FYqZIT6.x86_64.elf
                    Arguments:-
                    File size:37532 bytes
                    MD5 hash:8c12d2392db8546a0f1a870c8d8da4bb

                    Chronological Activities


                    General

                    Start time (UTC):21:11:39
                    Start date (UTC):26/12/2024
                    Path:/tmp/ub8ehJSePAfc9FYqZIT6.x86_64.elf
                    Arguments:-
                    File size:37532 bytes
                    MD5 hash:8c12d2392db8546a0f1a870c8d8da4bb

                    Chronological Activities


                    General

                    Start time (UTC):21:11:39
                    Start date (UTC):26/12/2024
                    Path:/tmp/ub8ehJSePAfc9FYqZIT6.x86_64.elf
                    Arguments:-
                    File size:37532 bytes
                    MD5 hash:8c12d2392db8546a0f1a870c8d8da4bb

                    Chronological Activities


                    General

                    Start time (UTC):21:11:45
                    Start date (UTC):26/12/2024
                    Path:/tmp/ub8ehJSePAfc9FYqZIT6.x86_64.elf
                    Arguments:-
                    File size:37532 bytes
                    MD5 hash:8c12d2392db8546a0f1a870c8d8da4bb

                    Chronological Activities


                    General

                    Start time (UTC):21:11:45
                    Start date (UTC):26/12/2024
                    Path:/tmp/ub8ehJSePAfc9FYqZIT6.x86_64.elf
                    Arguments:-
                    File size:37532 bytes
                    MD5 hash:8c12d2392db8546a0f1a870c8d8da4bb

                    Chronological Activities