Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Linux Analysis Report
yakuza.arm7.elf

Overview

General Information

Sample name:yakuza.arm7.elf
Analysis ID:1581657
MD5:f52c46728980b545ba0d77ab4f760ec5
SHA1:5a9d5d78fb73d7b3e44519eeae184ef70a1c9f8a
SHA256:8548da81d8ab3ba337cd246c5642dcbbf05aa606d75d5a520b2a0bca4922a1c1
Tags:elfuser-abuse_ch
Infos:

Detection

Mirai
Score:64
Range:0 - 100
Whitelisted:false

Signatures

Malicious sample detected (through community Yara rule)
Multi AV Scanner detection for submitted file
Yara detected Mirai
Enumerates processes within the "proc" file system
Executes commands using a shell command-line interpreter
Executes the "kill" or "pkill" command typically used to terminate processes
Reads CPU information from /sys indicative of miner or evasive malware
Reads the 'hosts' file potentially containing internal network hosts
Sample and/or dropped files contains symbols with suspicious names
Sample contains strings indicative of BusyBox which embeds multiple Unix commands in a single executable
Sample contains strings indicative of password brute-forcing capabilities
Sample contains strings that are user agent strings indicative of HTTP manipulation
Tries to connect to HTTP servers, but all servers are down (expired dropper behavior)
Uses the "uname" system call to query kernel version information (possible evasion)
Yara signature match

Classification

General Information

Joe Sandbox version:41.0.0 Charoite
Analysis ID:1581657
Start date and time:2024-12-28 12:46:05 +01:00
Joe Sandbox product:CloudBasic
Overall analysis duration:0h 4m 36s
Hypervisor based Inspection enabled:false
Report type:full
Cookbook file name:defaultlinuxfilecookbook.jbs
Analysis system description:Ubuntu Linux 20.04 x64 (Kernel 5.4.0-72, Firefox 91.0, Evince Document Viewer 3.36.10, LibreOffice 6.4.7.2, OpenJDK 11.0.11)
Analysis Mode:default
Sample name:yakuza.arm7.elf
Detection:MAL
Classification:mal64.troj.linELF@0/0@1/0

Warnings

  • Report size exceeded maximum capacity and may have missing behavior information.
  • VT rate limit hit for: pirati.privatedns.org

Runtime Messages

Command:/tmp/yakuza.arm7.elf
PID:6213
Exit Code:0
Exit Code Info:
Killed:False
Standard Output:
CAPSAICIN
Standard Error:

Process Tree

  • system is lnxubuntu20
  • yakuza.arm7.elf (PID: 6213, Parent: 6129, MD5: 5ebfcae4fe2471fcc5695c2394773ff1) Arguments: /tmp/yakuza.arm7.elf
    • yakuza.arm7.elf New Fork (PID: 6215, Parent: 6213)
      • sh (PID: 6220, Parent: 6215, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: /bin/sh -c "pkill -9 902i13 || busybox pkill -9 902i13"
        • sh New Fork (PID: 6228, Parent: 6220)
        • pkill (PID: 6228, Parent: 6220, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 902i13
        • sh New Fork (PID: 6241, Parent: 6220)
        • busybox (PID: 6241, Parent: 6220, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 902i13
      • sh (PID: 6250, Parent: 6215, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: /bin/sh -c "pkill -9 BzSxLxBxeY || busybox pkill -9 BzSxLxBxeY"
        • sh New Fork (PID: 6256, Parent: 6250)
        • pkill (PID: 6256, Parent: 6250, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 BzSxLxBxeY
        • sh New Fork (PID: 6257, Parent: 6250)
        • busybox (PID: 6257, Parent: 6250, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 BzSxLxBxeY
      • sh (PID: 6258, Parent: 6215, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: /bin/sh -c "pkill -9 HOHO-LUGO7 || busybox pkill -9 HOHO-LUGO7"
        • sh New Fork (PID: 6263, Parent: 6258)
        • pkill (PID: 6263, Parent: 6258, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 HOHO-LUGO7
        • sh New Fork (PID: 6264, Parent: 6258)
        • busybox (PID: 6264, Parent: 6258, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 HOHO-LUGO7
      • sh (PID: 6265, Parent: 6215, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: /bin/sh -c "pkill -9 HOHO-U79OL || busybox pkill -9 HOHO-U79OL"
        • sh New Fork (PID: 6270, Parent: 6265)
        • pkill (PID: 6270, Parent: 6265, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 HOHO-U79OL
        • sh New Fork (PID: 6273, Parent: 6265)
        • busybox (PID: 6273, Parent: 6265, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 HOHO-U79OL
      • sh (PID: 6274, Parent: 6215, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: /bin/sh -c "pkill -9 JuYfouyf87 || busybox pkill -9 JuYfouyf87"
        • sh New Fork (PID: 6276, Parent: 6274)
        • pkill (PID: 6276, Parent: 6274, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 JuYfouyf87
        • sh New Fork (PID: 6277, Parent: 6274)
        • busybox (PID: 6277, Parent: 6274, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 JuYfouyf87
      • sh (PID: 6278, Parent: 6215, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: /bin/sh -c "pkill -9 NiGGeR69xd || busybox pkill -9 NiGGeR69xd"
        • sh New Fork (PID: 6280, Parent: 6278)
        • pkill (PID: 6280, Parent: 6278, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 NiGGeR69xd
        • sh New Fork (PID: 6283, Parent: 6278)
        • busybox (PID: 6283, Parent: 6278, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 NiGGeR69xd
      • sh (PID: 6284, Parent: 6215, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: /bin/sh -c "pkill -9 SO190Ij1X || busybox pkill -9 SO190Ij1X"
        • sh New Fork (PID: 6286, Parent: 6284)
        • pkill (PID: 6286, Parent: 6284, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 SO190Ij1X
        • sh New Fork (PID: 6287, Parent: 6284)
        • busybox (PID: 6287, Parent: 6284, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 SO190Ij1X
      • sh (PID: 6289, Parent: 6215, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: /bin/sh -c "pkill -9 LOLKIKEEEDDE || busybox pkill -9 LOLKIKEEEDDE"
        • sh New Fork (PID: 6295, Parent: 6289)
        • pkill (PID: 6295, Parent: 6289, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 LOLKIKEEEDDE
        • sh New Fork (PID: 6296, Parent: 6289)
        • busybox (PID: 6296, Parent: 6289, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 LOLKIKEEEDDE
      • sh (PID: 6299, Parent: 6215, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: /bin/sh -c "pkill -9 ekjheory98e || busybox pkill -9 ekjheory98e"
        • sh New Fork (PID: 6304, Parent: 6299)
        • pkill (PID: 6304, Parent: 6299, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 ekjheory98e
        • sh New Fork (PID: 6305, Parent: 6299)
        • busybox (PID: 6305, Parent: 6299, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 ekjheory98e
      • sh (PID: 6323, Parent: 6215, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: /bin/sh -c "pkill -9 scansh4 || busybox pkill -9 scansh4"
        • sh New Fork (PID: 6328, Parent: 6323)
        • pkill (PID: 6328, Parent: 6323, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 scansh4
        • sh New Fork (PID: 6329, Parent: 6323)
        • busybox (PID: 6329, Parent: 6323, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 scansh4
      • sh (PID: 6330, Parent: 6215, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: /bin/sh -c "pkill -9 MDMA || busybox pkill -9 MDMA"
        • sh New Fork (PID: 6335, Parent: 6330)
        • pkill (PID: 6335, Parent: 6330, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 MDMA
        • sh New Fork (PID: 6338, Parent: 6330)
        • busybox (PID: 6338, Parent: 6330, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 MDMA
      • sh (PID: 6339, Parent: 6215, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: /bin/sh -c "pkill -9 fdevalvex || busybox pkill -9 fdevalvex"
        • sh New Fork (PID: 6344, Parent: 6339)
        • pkill (PID: 6344, Parent: 6339, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 fdevalvex
        • sh New Fork (PID: 6345, Parent: 6339)
        • busybox (PID: 6345, Parent: 6339, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 fdevalvex
      • sh (PID: 6346, Parent: 6215, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: /bin/sh -c "pkill -9 scanspc || busybox pkill -9 scanspc"
        • sh New Fork (PID: 6351, Parent: 6346)
        • pkill (PID: 6351, Parent: 6346, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 scanspc
        • sh New Fork (PID: 6352, Parent: 6346)
        • busybox (PID: 6352, Parent: 6346, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 scanspc
      • sh (PID: 6355, Parent: 6215, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: /bin/sh -c "pkill -9 MELTEDNINJAREALZ || busybox pkill -9 MELTEDNINJAREALZ"
        • sh New Fork (PID: 6360, Parent: 6355)
        • pkill (PID: 6360, Parent: 6355, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 MELTEDNINJAREALZ
        • sh New Fork (PID: 6361, Parent: 6355)
        • busybox (PID: 6361, Parent: 6355, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 MELTEDNINJAREALZ
      • sh (PID: 6362, Parent: 6215, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: /bin/sh -c "pkill -9 flexsonskids || busybox pkill -9 flexsonskids"
        • sh New Fork (PID: 6367, Parent: 6362)
        • pkill (PID: 6367, Parent: 6362, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 flexsonskids
        • sh New Fork (PID: 6368, Parent: 6362)
        • busybox (PID: 6368, Parent: 6362, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 flexsonskids
      • sh (PID: 6369, Parent: 6215, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: /bin/sh -c "pkill -9 scanx86 || busybox pkill -9 scanx86"
        • sh New Fork (PID: 6375, Parent: 6369)
        • pkill (PID: 6375, Parent: 6369, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 scanx86
        • sh New Fork (PID: 6378, Parent: 6369)
        • busybox (PID: 6378, Parent: 6369, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 scanx86
      • sh (PID: 6379, Parent: 6215, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: /bin/sh -c "pkill -9 MISAKI-U79OL || busybox pkill -9 MISAKI-U79OL"
        • sh New Fork (PID: 6384, Parent: 6379)
        • pkill (PID: 6384, Parent: 6379, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 MISAKI-U79OL
        • sh New Fork (PID: 6385, Parent: 6379)
        • busybox (PID: 6385, Parent: 6379, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 MISAKI-U79OL
      • sh (PID: 6386, Parent: 6215, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: /bin/sh -c "pkill -9 foAxi102kxe || busybox pkill -9 foAxi102kxe"
        • sh New Fork (PID: 6388, Parent: 6386)
        • pkill (PID: 6388, Parent: 6386, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 foAxi102kxe
        • sh New Fork (PID: 6389, Parent: 6386)
        • busybox (PID: 6389, Parent: 6386, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 foAxi102kxe
      • sh (PID: 6392, Parent: 6215, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: /bin/sh -c "pkill -9 swodjwodjwoj || busybox pkill -9 swodjwodjwoj"
        • sh New Fork (PID: 6397, Parent: 6392)
        • pkill (PID: 6397, Parent: 6392, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 swodjwodjwoj
        • sh New Fork (PID: 6398, Parent: 6392)
        • busybox (PID: 6398, Parent: 6392, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 swodjwodjwoj
      • sh (PID: 6399, Parent: 6215, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: /bin/sh -c "pkill -9 MmKiy7f87l || busybox pkill -9 MmKiy7f87l"
        • sh New Fork (PID: 6404, Parent: 6399)
        • pkill (PID: 6404, Parent: 6399, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 MmKiy7f87l
        • sh New Fork (PID: 6405, Parent: 6399)
        • busybox (PID: 6405, Parent: 6399, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 MmKiy7f87l
      • sh (PID: 6406, Parent: 6215, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: /bin/sh -c "pkill -9 freecookiex86 || busybox pkill -9 freecookiex86"
        • sh New Fork (PID: 6411, Parent: 6406)
        • pkill (PID: 6411, Parent: 6406, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 freecookiex86
        • sh New Fork (PID: 6414, Parent: 6406)
        • busybox (PID: 6414, Parent: 6406, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 freecookiex86
      • sh (PID: 6415, Parent: 6215, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: /bin/sh -c "pkill -9 sysgpu || busybox pkill -9 sysgpu"
        • sh New Fork (PID: 6420, Parent: 6415)
        • pkill (PID: 6420, Parent: 6415, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 sysgpu
        • sh New Fork (PID: 6422, Parent: 6415)
        • busybox (PID: 6422, Parent: 6415, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 sysgpu
      • sh (PID: 6423, Parent: 6215, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: /bin/sh -c "pkill -9 NiGGeR69xd || busybox pkill -9 NiGGeR69xd"
        • sh New Fork (PID: 6429, Parent: 6423)
        • pkill (PID: 6429, Parent: 6423, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 NiGGeR69xd
        • sh New Fork (PID: 6430, Parent: 6423)
        • busybox (PID: 6430, Parent: 6423, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 NiGGeR69xd
      • sh (PID: 6433, Parent: 6215, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: /bin/sh -c "pkill -9 frgege || busybox pkill -9 frgege"
        • sh New Fork (PID: 6438, Parent: 6433)
        • pkill (PID: 6438, Parent: 6433, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 frgege
        • sh New Fork (PID: 6439, Parent: 6433)
        • busybox (PID: 6439, Parent: 6433, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 frgege
      • sh (PID: 6442, Parent: 6215, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: /bin/sh -c "pkill -9 sysupdater || busybox pkill -9 sysupdater"
        • sh New Fork (PID: 6447, Parent: 6442)
        • pkill (PID: 6447, Parent: 6442, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 sysupdater
        • sh New Fork (PID: 6448, Parent: 6442)
        • busybox (PID: 6448, Parent: 6442, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 sysupdater
      • sh (PID: 6449, Parent: 6215, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: /bin/sh -c "pkill -9 0DnAzepd || busybox pkill -9 0DnAzepd"
        • sh New Fork (PID: 6454, Parent: 6449)
        • pkill (PID: 6454, Parent: 6449, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 0DnAzepd
        • sh New Fork (PID: 6457, Parent: 6449)
        • busybox (PID: 6457, Parent: 6449, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 0DnAzepd
      • sh (PID: 6458, Parent: 6215, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: /bin/sh -c "pkill -9 NiGGeRD0nks69 || busybox pkill -9 NiGGeRD0nks69"
        • sh New Fork (PID: 6463, Parent: 6458)
        • pkill (PID: 6463, Parent: 6458, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 NiGGeRD0nks69
        • sh New Fork (PID: 6464, Parent: 6458)
        • busybox (PID: 6464, Parent: 6458, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 NiGGeRD0nks69
      • sh (PID: 6465, Parent: 6215, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: /bin/sh -c "pkill -9 frgreu || busybox pkill -9 frgreu"
        • sh New Fork (PID: 6467, Parent: 6465)
        • pkill (PID: 6467, Parent: 6465, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 frgreu
        • sh New Fork (PID: 6470, Parent: 6465)
        • busybox (PID: 6470, Parent: 6465, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 frgreu
      • sh (PID: 6471, Parent: 6215, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: /bin/sh -c "pkill -9 telnetd || busybox pkill -9 telnetd"
        • sh New Fork (PID: 6476, Parent: 6471)
        • pkill (PID: 6476, Parent: 6471, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 telnetd
        • sh New Fork (PID: 6477, Parent: 6471)
        • busybox (PID: 6477, Parent: 6471, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 telnetd
      • sh (PID: 6478, Parent: 6215, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: /bin/sh -c "pkill -9 0x766f6964 || busybox pkill -9 0x766f6964"
        • sh New Fork (PID: 6480, Parent: 6478)
        • pkill (PID: 6480, Parent: 6478, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 0x766f6964
        • sh New Fork (PID: 6481, Parent: 6478)
        • busybox (PID: 6481, Parent: 6478, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 0x766f6964
      • sh (PID: 6484, Parent: 6215, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: /bin/sh -c "pkill -9 NiGGeRd0nks1337 || busybox pkill -9 NiGGeRd0nks1337"
        • sh New Fork (PID: 6490, Parent: 6484)
        • pkill (PID: 6490, Parent: 6484, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 NiGGeRd0nks1337
        • sh New Fork (PID: 6491, Parent: 6484)
        • busybox (PID: 6491, Parent: 6484, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 NiGGeRd0nks1337
      • sh (PID: 6492, Parent: 6215, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: /bin/sh -c "pkill -9 gaft || busybox pkill -9 gaft"
        • sh New Fork (PID: 6497, Parent: 6492)
        • pkill (PID: 6497, Parent: 6492, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 gaft
        • sh New Fork (PID: 6498, Parent: 6492)
        • busybox (PID: 6498, Parent: 6492, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 gaft
      • sh (PID: 6499, Parent: 6215, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: /bin/sh -c "pkill -9 urasgbsigboa || busybox pkill -9 urasgbsigboa"
        • sh New Fork (PID: 6504, Parent: 6499)
        • pkill (PID: 6504, Parent: 6499, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 urasgbsigboa
        • sh New Fork (PID: 6507, Parent: 6499)
        • busybox (PID: 6507, Parent: 6499, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 urasgbsigboa
      • sh (PID: 6508, Parent: 6215, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: /bin/sh -c "pkill -9 120i3UI49 || busybox pkill -9 120i3UI49"
        • sh New Fork (PID: 6513, Parent: 6508)
        • pkill (PID: 6513, Parent: 6508, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 120i3UI49
        • sh New Fork (PID: 6514, Parent: 6508)
        • busybox (PID: 6514, Parent: 6508, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 120i3UI49
      • sh (PID: 6515, Parent: 6215, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: /bin/sh -c "pkill -9 OaF3 || busybox pkill -9 OaF3"
        • sh New Fork (PID: 6520, Parent: 6515)
        • pkill (PID: 6520, Parent: 6515, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 OaF3
        • sh New Fork (PID: 6521, Parent: 6515)
        • busybox (PID: 6521, Parent: 6515, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 OaF3
      • sh (PID: 6524, Parent: 6215, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: /bin/sh -c "pkill -9 geae || busybox pkill -9 geae"
        • sh New Fork (PID: 6529, Parent: 6524)
        • pkill (PID: 6529, Parent: 6524, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 geae
        • sh New Fork (PID: 6530, Parent: 6524)
        • busybox (PID: 6530, Parent: 6524, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 geae
      • sh (PID: 6532, Parent: 6215, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: /bin/sh -c "pkill -9 vaiolmao || busybox pkill -9 vaiolmao"
        • sh New Fork (PID: 6538, Parent: 6532)
        • pkill (PID: 6538, Parent: 6532, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 vaiolmao
        • sh New Fork (PID: 6539, Parent: 6532)
        • busybox (PID: 6539, Parent: 6532, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 vaiolmao
      • sh (PID: 6542, Parent: 6215, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: /bin/sh -c "pkill -9 123123a || busybox pkill -9 123123a"
        • sh New Fork (PID: 6547, Parent: 6542)
        • pkill (PID: 6547, Parent: 6542, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 123123a
        • sh New Fork (PID: 6548, Parent: 6542)
        • busybox (PID: 6548, Parent: 6542, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 123123a
      • sh (PID: 6549, Parent: 6215, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: /bin/sh -c "pkill -9 Ofurain0n4H34D || busybox pkill -9 Ofurain0n4H34D"
        • sh New Fork (PID: 6551, Parent: 6549)
        • pkill (PID: 6551, Parent: 6549, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 Ofurain0n4H34D
        • sh New Fork (PID: 6552, Parent: 6549)
        • busybox (PID: 6552, Parent: 6549, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 Ofurain0n4H34D
      • sh (PID: 6553, Parent: 6215, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: /bin/sh -c "pkill -9 ggTrex || busybox pkill -9 ggTrex"
        • sh New Fork (PID: 6558, Parent: 6553)
        • pkill (PID: 6558, Parent: 6553, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 ggTrex
        • sh New Fork (PID: 6561, Parent: 6553)
        • busybox (PID: 6561, Parent: 6553, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 ggTrex
      • sh (PID: 6562, Parent: 6215, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: /bin/sh -c "pkill -9 wasads || busybox pkill -9 wasads"
        • sh New Fork (PID: 6566, Parent: 6562)
        • pkill (PID: 6566, Parent: 6562, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 wasads
        • sh New Fork (PID: 6568, Parent: 6562)
        • busybox (PID: 6568, Parent: 6562, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 wasads
      • sh (PID: 6569, Parent: 6215, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: /bin/sh -c "pkill -9 1293194hjXD || busybox pkill -9 1293194hjXD"
        • sh New Fork (PID: 6574, Parent: 6569)
        • pkill (PID: 6574, Parent: 6569, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 1293194hjXD
        • sh New Fork (PID: 6575, Parent: 6569)
        • busybox (PID: 6575, Parent: 6569, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 1293194hjXD
      • sh (PID: 6578, Parent: 6215, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: /bin/sh -c "pkill -9 OthLaLosn || busybox pkill -9 OthLaLosn"
        • sh New Fork (PID: 6583, Parent: 6578)
        • pkill (PID: 6583, Parent: 6578, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 OthLaLosn
        • sh New Fork (PID: 6584, Parent: 6578)
        • busybox (PID: 6584, Parent: 6578, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 OthLaLosn
      • sh (PID: 6585, Parent: 6215, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: /bin/sh -c "pkill -9 ggt || busybox pkill -9 ggt"
        • sh New Fork (PID: 6591, Parent: 6585)
        • pkill (PID: 6591, Parent: 6585, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 ggt
        • sh New Fork (PID: 6592, Parent: 6585)
        • busybox (PID: 6592, Parent: 6585, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 ggt
      • sh (PID: 6593, Parent: 6215, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: /bin/sh -c "pkill -9 wget-log || busybox pkill -9 wget-log"
        • sh New Fork (PID: 6598, Parent: 6593)
        • pkill (PID: 6598, Parent: 6593, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 wget-log
        • sh New Fork (PID: 6601, Parent: 6593)
        • busybox (PID: 6601, Parent: 6593, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 wget-log
      • sh (PID: 6602, Parent: 6215, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: /bin/sh -c "pkill -9 1337SoraLOADER || busybox pkill -9 1337SoraLOADER"
        • sh New Fork (PID: 6607, Parent: 6602)
        • pkill (PID: 6607, Parent: 6602, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 1337SoraLOADER
        • sh New Fork (PID: 6608, Parent: 6602)
        • busybox (PID: 6608, Parent: 6602, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 1337SoraLOADER
      • sh (PID: 6609, Parent: 6215, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: /bin/sh -c "pkill -9 SAIAKINA || busybox pkill -9 SAIAKINA"
        • sh New Fork (PID: 6614, Parent: 6609)
        • pkill (PID: 6614, Parent: 6609, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 SAIAKINA
        • sh New Fork (PID: 6616, Parent: 6609)
        • busybox (PID: 6616, Parent: 6609, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 SAIAKINA
      • sh (PID: 6619, Parent: 6215, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: /bin/sh -c "pkill -9 ggtq || busybox pkill -9 ggtq"
        • sh New Fork (PID: 6624, Parent: 6619)
        • pkill (PID: 6624, Parent: 6619, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 ggtq
        • sh New Fork (PID: 6625, Parent: 6619)
        • busybox (PID: 6625, Parent: 6619, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 ggtq
      • sh (PID: 6626, Parent: 6215, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: /bin/sh -c "pkill -9 1378bfp919GRB1Q2 || busybox pkill -9 1378bfp919GRB1Q2"
        • sh New Fork (PID: 6631, Parent: 6626)
        • pkill (PID: 6631, Parent: 6626, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 1378bfp919GRB1Q2
        • sh New Fork (PID: 6632, Parent: 6626)
        • busybox (PID: 6632, Parent: 6626, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 1378bfp919GRB1Q2
      • sh (PID: 6633, Parent: 6215, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: /bin/sh -c "pkill -9 SAIAKUSO || busybox pkill -9 SAIAKUSO"
        • sh New Fork (PID: 6638, Parent: 6633)
        • pkill (PID: 6638, Parent: 6633, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 SAIAKUSO
        • sh New Fork (PID: 6641, Parent: 6633)
        • busybox (PID: 6641, Parent: 6633, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 SAIAKUSO
      • sh (PID: 6642, Parent: 6215, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: /bin/sh -c "pkill -9 ggtr || busybox pkill -9 ggtr"
        • sh New Fork (PID: 6647, Parent: 6642)
        • pkill (PID: 6647, Parent: 6642, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 ggtr
        • sh New Fork (PID: 6649, Parent: 6642)
        • busybox (PID: 6649, Parent: 6642, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 ggtr
      • sh (PID: 6650, Parent: 6215, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: /bin/sh -c "pkill -9 14Fa || busybox pkill -9 14Fa"
        • sh New Fork (PID: 6656, Parent: 6650)
        • pkill (PID: 6656, Parent: 6650, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 14Fa
        • sh New Fork (PID: 6657, Parent: 6650)
        • busybox (PID: 6657, Parent: 6650, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 14Fa
      • sh (PID: 6660, Parent: 6215, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: /bin/sh -c "pkill -9 SEXSLAVE1337 || busybox pkill -9 SEXSLAVE1337"
        • sh New Fork (PID: 6664, Parent: 6660)
        • pkill (PID: 6664, Parent: 6660, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 SEXSLAVE1337
        • sh New Fork (PID: 6666, Parent: 6660)
        • busybox (PID: 6666, Parent: 6660, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 SEXSLAVE1337
      • sh (PID: 6669, Parent: 6215, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: /bin/sh -c "pkill -9 ggtt || busybox pkill -9 ggtt"
        • sh New Fork (PID: 6674, Parent: 6669)
        • pkill (PID: 6674, Parent: 6669, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 ggtt
        • sh New Fork (PID: 6675, Parent: 6669)
        • busybox (PID: 6675, Parent: 6669, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 ggtt
      • sh (PID: 6676, Parent: 6215, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: /bin/sh -c "pkill -9 1902a3u912u3u4 || busybox pkill -9 1902a3u912u3u4"
        • sh New Fork (PID: 6681, Parent: 6676)
        • pkill (PID: 6681, Parent: 6676, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 1902a3u912u3u4
        • sh New Fork (PID: 6684, Parent: 6676)
        • busybox (PID: 6684, Parent: 6676, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 1902a3u912u3u4
      • sh (PID: 6685, Parent: 6215, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: /bin/sh -c "pkill -9 SO190Ij1X || busybox pkill -9 SO190Ij1X"
        • sh New Fork (PID: 6690, Parent: 6685)
        • pkill (PID: 6690, Parent: 6685, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 SO190Ij1X
        • sh New Fork (PID: 6691, Parent: 6685)
        • busybox (PID: 6691, Parent: 6685, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 SO190Ij1X
      • sh (PID: 6692, Parent: 6215, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: /bin/sh -c "pkill -9 haetrghbr || busybox pkill -9 haetrghbr"
        • sh New Fork (PID: 6697, Parent: 6692)
        • pkill (PID: 6697, Parent: 6692, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 haetrghbr
        • sh New Fork (PID: 6698, Parent: 6692)
        • busybox (PID: 6698, Parent: 6692, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 haetrghbr
      • sh (PID: 6701, Parent: 6215, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: /bin/sh -c "pkill -9 19ju3d || busybox pkill -9 19ju3d"
        • sh New Fork (PID: 6706, Parent: 6701)
        • pkill (PID: 6706, Parent: 6701, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 19ju3d
        • sh New Fork (PID: 6707, Parent: 6701)
        • busybox (PID: 6707, Parent: 6701, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 19ju3d
      • sh (PID: 6708, Parent: 6215, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: /bin/sh -c "pkill -9 SORAojkf120 || busybox pkill -9 SORAojkf120"
        • sh New Fork (PID: 6714, Parent: 6708)
        • pkill (PID: 6714, Parent: 6708, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 SORAojkf120
        • sh New Fork (PID: 6715, Parent: 6708)
        • busybox (PID: 6715, Parent: 6708, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 SORAojkf120
      • sh (PID: 6716, Parent: 6215, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: /bin/sh -c "pkill -9 hehahejeje92 || busybox pkill -9 hehahejeje92"
        • sh New Fork (PID: 6721, Parent: 6716)
        • pkill (PID: 6721, Parent: 6716, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 hehahejeje92
        • sh New Fork (PID: 6724, Parent: 6716)
        • busybox (PID: 6724, Parent: 6716, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 hehahejeje92
      • sh (PID: 6725, Parent: 6215, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: /bin/sh -c "pkill -9 2U2JDJA901F91 || busybox pkill -9 2U2JDJA901F91"
        • sh New Fork (PID: 6729, Parent: 6725)
        • pkill (PID: 6729, Parent: 6725, MD5: fa96a75a08109d8842e4865b2907d51f) Arguments: pkill -9 2U2JDJA901F91
        • sh New Fork (PID: 6731, Parent: 6725)
        • busybox (PID: 6731, Parent: 6725, MD5: 70584dffe9cb0309eb22ba78aa54bcdc) Arguments: busybox pkill -9 2U2JDJA901F91
  • cleanup

Malware Threat Intel

Provided by

NameDescriptionAttributionBlogpost URLsLink
MiraiMirai is one of the first significant botnets targeting exposed networking devices running Linux. Found in August 2016 by MalwareMustDie, its name means "future" in Japanese. Nowadays it targets a wide range of networked embedded devices such as IP cameras, home routers (many vendors involved), and other IoT devices. Since the source code was published on "Hack Forums" many variants of the Mirai family appeared, infecting mostly home networks all around the world.No Attributionhttps://malpedia.caad.fkie.fraunhofer.de/details/elf.mirai

Yara Signatures

Initial Sample

SourceRuleDescriptionAuthorStrings
yakuza.arm7.elfJoeSecurity_Mirai_8Yara detected MiraiJoe Security
    yakuza.arm7.elfLinux_Trojan_Gafgyt_6a510422unknownunknown
    • 0x436:$a: 0B E5 24 30 1B E5 2C 30 0B E5 1C 00 00 EA 18 30 1B E5 00 30
    yakuza.arm7.elfLinux_Trojan_Gafgyt_d2953f92unknownunknown
    • 0x346:$a: 1B E5 2A 00 53 E3 0A 00 00 0A 30 30 1B E5 3F 00 53 E3 23 00
    yakuza.arm7.elfLinux_Trojan_Tsunami_8a11f9beunknownunknown
    • 0x1ec2d:$a: 3E 20 3C 70 6F 72 74 3E 20 3C 72 65 66 6C 65 63 74 69 6F 6E 20
    • 0x1f2c5:$a: 3E 20 3C 70 6F 72 74 3E 20 3C 72 65 66 6C 65 63 74 69 6F 6E 20

    Memory Dumps

    SourceRuleDescriptionAuthorStrings
    6219.1.00007ffce1214000.00007ffce1235000.rw-.sdmpLinux_Trojan_Gafgyt_d2953f92unknownunknown
    • 0x1fdb6:$a: 1B E5 2A 00 53 E3 0A 00 00 0A 30 30 1B E5 3F 00 53 E3 23 00
    6217.1.00007fcd00017000.00007fcd00039000.r-x.sdmpJoeSecurity_Mirai_8Yara detected MiraiJoe Security
      6217.1.00007fcd00017000.00007fcd00039000.r-x.sdmpLinux_Trojan_Gafgyt_6a510422unknownunknown
      • 0x436:$a: 0B E5 24 30 1B E5 2C 30 0B E5 1C 00 00 EA 18 30 1B E5 00 30
      6217.1.00007fcd00017000.00007fcd00039000.r-x.sdmpLinux_Trojan_Gafgyt_d2953f92unknownunknown
      • 0x346:$a: 1B E5 2A 00 53 E3 0A 00 00 0A 30 30 1B E5 3F 00 53 E3 23 00
      6217.1.00007fcd00017000.00007fcd00039000.r-x.sdmpLinux_Trojan_Tsunami_8a11f9beunknownunknown
      • 0x1ec2d:$a: 3E 20 3C 70 6F 72 74 3E 20 3C 72 65 66 6C 65 63 74 69 6F 6E 20
      • 0x1f2c5:$a: 3E 20 3C 70 6F 72 74 3E 20 3C 72 65 66 6C 65 63 74 69 6F 6E 20
      Click to see the 13 entries

      Suricata Signatures

      No Suricata rule has matched

      Joe Sandbox Signatures

      Click to jump to signature section

      Show All Signature Results

      AV Detection

      barindex
      Multi AV Scanner detection for submitted file
      Source: yakuza.arm7.elfReversingLabs: Detection: 44%
      Source: /usr/bin/pkill (PID: 6228)Reads CPU info from /sys: /sys/devices/system/cpu/onlineJump to behavior
      Source: /usr/bin/pkill (PID: 6256)Reads CPU info from /sys: /sys/devices/system/cpu/onlineJump to behavior
      Source: /usr/bin/pkill (PID: 6263)Reads CPU info from /sys: /sys/devices/system/cpu/onlineJump to behavior
      Source: /usr/bin/pkill (PID: 6270)Reads CPU info from /sys: /sys/devices/system/cpu/onlineJump to behavior
      Source: /usr/bin/pkill (PID: 6276)Reads CPU info from /sys: /sys/devices/system/cpu/onlineJump to behavior
      Source: /usr/bin/pkill (PID: 6280)Reads CPU info from /sys: /sys/devices/system/cpu/onlineJump to behavior
      Source: /usr/bin/pkill (PID: 6286)Reads CPU info from /sys: /sys/devices/system/cpu/onlineJump to behavior
      Source: /usr/bin/pkill (PID: 6295)Reads CPU info from /sys: /sys/devices/system/cpu/onlineJump to behavior
      Source: /usr/bin/pkill (PID: 6304)Reads CPU info from /sys: /sys/devices/system/cpu/onlineJump to behavior
      Source: /usr/bin/pkill (PID: 6328)Reads CPU info from /sys: /sys/devices/system/cpu/onlineJump to behavior
      Source: /usr/bin/pkill (PID: 6335)Reads CPU info from /sys: /sys/devices/system/cpu/onlineJump to behavior
      Source: /usr/bin/pkill (PID: 6344)Reads CPU info from /sys: /sys/devices/system/cpu/onlineJump to behavior
      Source: /usr/bin/pkill (PID: 6351)Reads CPU info from /sys: /sys/devices/system/cpu/onlineJump to behavior
      Source: /usr/bin/pkill (PID: 6360)Reads CPU info from /sys: /sys/devices/system/cpu/onlineJump to behavior
      Source: /usr/bin/pkill (PID: 6367)Reads CPU info from /sys: /sys/devices/system/cpu/onlineJump to behavior
      Source: /usr/bin/pkill (PID: 6375)Reads CPU info from /sys: /sys/devices/system/cpu/online
      Source: /usr/bin/pkill (PID: 6384)Reads CPU info from /sys: /sys/devices/system/cpu/online
      Source: /usr/bin/pkill (PID: 6388)Reads CPU info from /sys: /sys/devices/system/cpu/online
      Source: /usr/bin/pkill (PID: 6397)Reads CPU info from /sys: /sys/devices/system/cpu/online
      Source: /usr/bin/pkill (PID: 6404)Reads CPU info from /sys: /sys/devices/system/cpu/online
      Source: /usr/bin/pkill (PID: 6411)Reads CPU info from /sys: /sys/devices/system/cpu/online
      Source: /usr/bin/pkill (PID: 6420)Reads CPU info from /sys: /sys/devices/system/cpu/online
      Source: /usr/bin/pkill (PID: 6429)Reads CPU info from /sys: /sys/devices/system/cpu/online
      Source: /usr/bin/pkill (PID: 6438)Reads CPU info from /sys: /sys/devices/system/cpu/online
      Source: /usr/bin/pkill (PID: 6447)Reads CPU info from /sys: /sys/devices/system/cpu/online
      Source: /usr/bin/pkill (PID: 6454)Reads CPU info from /sys: /sys/devices/system/cpu/online
      Source: /usr/bin/pkill (PID: 6463)Reads CPU info from /sys: /sys/devices/system/cpu/online
      Source: /usr/bin/pkill (PID: 6467)Reads CPU info from /sys: /sys/devices/system/cpu/online
      Source: /usr/bin/pkill (PID: 6476)Reads CPU info from /sys: /sys/devices/system/cpu/online
      Source: /usr/bin/pkill (PID: 6480)Reads CPU info from /sys: /sys/devices/system/cpu/online
      Source: /usr/bin/pkill (PID: 6490)Reads CPU info from /sys: /sys/devices/system/cpu/online
      Source: /usr/bin/pkill (PID: 6497)Reads CPU info from /sys: /sys/devices/system/cpu/online
      Source: /usr/bin/pkill (PID: 6504)Reads CPU info from /sys: /sys/devices/system/cpu/online
      Source: /usr/bin/pkill (PID: 6513)Reads CPU info from /sys: /sys/devices/system/cpu/online
      Source: /usr/bin/pkill (PID: 6520)Reads CPU info from /sys: /sys/devices/system/cpu/online
      Source: /usr/bin/pkill (PID: 6529)Reads CPU info from /sys: /sys/devices/system/cpu/online
      Source: /usr/bin/pkill (PID: 6538)Reads CPU info from /sys: /sys/devices/system/cpu/online
      Source: /usr/bin/pkill (PID: 6547)Reads CPU info from /sys: /sys/devices/system/cpu/online
      Source: /usr/bin/pkill (PID: 6551)Reads CPU info from /sys: /sys/devices/system/cpu/online
      Source: /usr/bin/pkill (PID: 6558)Reads CPU info from /sys: /sys/devices/system/cpu/online
      Source: /usr/bin/pkill (PID: 6566)Reads CPU info from /sys: /sys/devices/system/cpu/online
      Source: /usr/bin/pkill (PID: 6574)Reads CPU info from /sys: /sys/devices/system/cpu/online
      Source: /usr/bin/pkill (PID: 6583)Reads CPU info from /sys: /sys/devices/system/cpu/online
      Source: /usr/bin/pkill (PID: 6591)Reads CPU info from /sys: /sys/devices/system/cpu/online
      Source: /usr/bin/pkill (PID: 6598)Reads CPU info from /sys: /sys/devices/system/cpu/online
      Source: /usr/bin/pkill (PID: 6607)Reads CPU info from /sys: /sys/devices/system/cpu/online
      Source: /usr/bin/pkill (PID: 6614)Reads CPU info from /sys: /sys/devices/system/cpu/online
      Source: /usr/bin/pkill (PID: 6624)Reads CPU info from /sys: /sys/devices/system/cpu/online
      Source: /usr/bin/pkill (PID: 6631)Reads CPU info from /sys: /sys/devices/system/cpu/online
      Source: /usr/bin/pkill (PID: 6638)Reads CPU info from /sys: /sys/devices/system/cpu/online
      Source: /usr/bin/pkill (PID: 6647)Reads CPU info from /sys: /sys/devices/system/cpu/online
      Source: /usr/bin/pkill (PID: 6656)Reads CPU info from /sys: /sys/devices/system/cpu/online
      Source: /usr/bin/pkill (PID: 6664)Reads CPU info from /sys: /sys/devices/system/cpu/online
      Source: /usr/bin/pkill (PID: 6674)Reads CPU info from /sys: /sys/devices/system/cpu/online
      Source: /usr/bin/pkill (PID: 6681)Reads CPU info from /sys: /sys/devices/system/cpu/online
      Source: /usr/bin/pkill (PID: 6690)Reads CPU info from /sys: /sys/devices/system/cpu/online
      Source: /usr/bin/pkill (PID: 6697)Reads CPU info from /sys: /sys/devices/system/cpu/online
      Source: /usr/bin/pkill (PID: 6706)Reads CPU info from /sys: /sys/devices/system/cpu/online
      Source: /usr/bin/pkill (PID: 6714)Reads CPU info from /sys: /sys/devices/system/cpu/online
      Source: /usr/bin/pkill (PID: 6721)Reads CPU info from /sys: /sys/devices/system/cpu/online
      Source: /usr/bin/pkill (PID: 6729)Reads CPU info from /sys: /sys/devices/system/cpu/online
      Source: /tmp/yakuza.arm7.elf (PID: 6219)Reads hosts file: /etc/hostsJump to behavior
      Source: global trafficTCP traffic: 192.168.2.23:43928 -> 91.189.91.42:443
      Source: global trafficTCP traffic: 192.168.2.23:42836 -> 91.189.91.43:443
      Source: global trafficTCP traffic: 192.168.2.23:42516 -> 109.202.202.202:80
      Source: unknownTCP traffic detected without corresponding DNS query: 91.189.91.42
      Source: unknownTCP traffic detected without corresponding DNS query: 91.189.91.43
      Source: unknownTCP traffic detected without corresponding DNS query: 109.202.202.202
      Source: unknownTCP traffic detected without corresponding DNS query: 91.189.91.42
      Source: unknownTCP traffic detected without corresponding DNS query: 91.189.91.43
      Source: unknownTCP traffic detected without corresponding DNS query: 109.202.202.202
      Source: unknownTCP traffic detected without corresponding DNS query: 91.189.91.42
      Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
      Source: global trafficDNS traffic detected: DNS query: pirati.privatedns.org
      Source: yakuza.arm7.elfString found in binary or memory: http://linux-it.abuser.eu/yak.sh;
      Source: yakuza.arm7.elfString found in binary or memory: https://youtu.be/dQw4w9WgXcQ
      Source: yakuza.arm7.elfString found in binary or memory: https://youtu.be/dQw4w9WgXcQNever
      Source: unknownNetwork traffic detected: HTTP traffic on port 43928 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 42836 -> 443

      System Summary

      barindex
      Malicious sample detected (through community Yara rule)
      Source: yakuza.arm7.elf, type: SAMPLEMatched rule: Linux_Trojan_Gafgyt_6a510422 Author: unknown
      Source: yakuza.arm7.elf, type: SAMPLEMatched rule: Linux_Trojan_Gafgyt_d2953f92 Author: unknown
      Source: yakuza.arm7.elf, type: SAMPLEMatched rule: Linux_Trojan_Tsunami_8a11f9be Author: unknown
      Source: 6219.1.00007ffce1214000.00007ffce1235000.rw-.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_d2953f92 Author: unknown
      Source: 6217.1.00007fcd00017000.00007fcd00039000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_6a510422 Author: unknown
      Source: 6217.1.00007fcd00017000.00007fcd00039000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_d2953f92 Author: unknown
      Source: 6217.1.00007fcd00017000.00007fcd00039000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Tsunami_8a11f9be Author: unknown
      Source: 6213.1.00007ffce1214000.00007ffce1235000.rw-.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_d2953f92 Author: unknown
      Source: 6219.1.00007fcd00017000.00007fcd00039000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_6a510422 Author: unknown
      Source: 6219.1.00007fcd00017000.00007fcd00039000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_d2953f92 Author: unknown
      Source: 6219.1.00007fcd00017000.00007fcd00039000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Tsunami_8a11f9be Author: unknown
      Source: 6217.1.00007ffce1214000.00007ffce1235000.rw-.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_d2953f92 Author: unknown
      Source: 6213.1.00007fcd00017000.00007fcd00039000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_6a510422 Author: unknown
      Source: 6213.1.00007fcd00017000.00007fcd00039000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_d2953f92 Author: unknown
      Source: 6213.1.00007fcd00017000.00007fcd00039000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Tsunami_8a11f9be Author: unknown
      Source: Process Memory Space: yakuza.arm7.elf PID: 6213, type: MEMORYSTRMatched rule: Linux_Trojan_Tsunami_8a11f9be Author: unknown
      Source: Process Memory Space: yakuza.arm7.elf PID: 6217, type: MEMORYSTRMatched rule: Linux_Trojan_Tsunami_8a11f9be Author: unknown
      Source: Process Memory Space: yakuza.arm7.elf PID: 6219, type: MEMORYSTRMatched rule: Linux_Trojan_Tsunami_8a11f9be Author: unknown
      Source: yakuza.arm7.elfELF static info symbol of initial sample: __gnu_unwind_execute
      Source: Initial sampleString containing 'busybox' found: busybox
      Source: Initial sampleString containing 'busybox' found: pkill -9 %s || busybox pkill -9 %s
      Source: Initial sampleString containing 'busybox' found: pkill -9 %s || busybox pkill -9 %shistory -c;history -wcd /root;rm -f .bash_historycd /var/tmp; rm -f *NOTICE %s :MOVE <server>
      Source: Initial sampleString containing potential weak password found: guest
      Source: Initial sampleString containing potential weak password found: default
      Source: Initial sampleString containing potential weak password found: admin
      Source: Initial sampleString containing potential weak password found: supervisor
      Source: Initial sampleString containing potential weak password found: service
      Source: Initial sampleString containing potential weak password found: administrator
      Source: Initial sampleString containing potential weak password found: support
      Source: Initial sampleString containing potential weak password found: 123456
      Source: Initial sampleString containing potential weak password found: password
      Source: Initial sampleString containing potential weak password found: 12345
      Source: yakuza.arm7.elf, type: SAMPLEMatched rule: Linux_Trojan_Gafgyt_6a510422 severity = 100, os = linux, arch_context = x86, creation_date = 2021-06-28, scan_context = file, memory, reference = 14cc92b99daa0c91aa09d9a7996ee5549a5cacd7be733960b2cf3681a7c2b628, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 8ee116ff41236771cdc8dc4b796c3b211502413ae631d5b5aedbbaa2eccc3b75, id = 6a510422-3662-4fdb-9c03-0101f16e87cd, last_modified = 2021-09-16
      Source: yakuza.arm7.elf, type: SAMPLEMatched rule: Linux_Trojan_Gafgyt_d2953f92 severity = 100, os = linux, arch_context = x86, creation_date = 2021-06-28, scan_context = file, memory, reference = 14cc92b99daa0c91aa09d9a7996ee5549a5cacd7be733960b2cf3681a7c2b628, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 276c6d62a8a335d0e2421b6b5b90c2c0eb69eec294bc9fcdeb7743abbf08d8bc, id = d2953f92-62ee-428d-88c5-723914c88c6e, last_modified = 2021-09-16
      Source: yakuza.arm7.elf, type: SAMPLEMatched rule: Linux_Trojan_Tsunami_8a11f9be reference_sample = 1f773d0e00d40eecde9e3ab80438698923a2620036c2fc33315ef95229e98571, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Tsunami, fingerprint = 91e2572a3bb8583e20042578e95e1746501c6a71ef7635af2c982a05b18d7c6d, id = 8a11f9be-dc85-4695-9f38-80ca0304780e, last_modified = 2021-09-16
      Source: 6219.1.00007ffce1214000.00007ffce1235000.rw-.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_d2953f92 severity = 100, os = linux, arch_context = x86, creation_date = 2021-06-28, scan_context = file, memory, reference = 14cc92b99daa0c91aa09d9a7996ee5549a5cacd7be733960b2cf3681a7c2b628, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 276c6d62a8a335d0e2421b6b5b90c2c0eb69eec294bc9fcdeb7743abbf08d8bc, id = d2953f92-62ee-428d-88c5-723914c88c6e, last_modified = 2021-09-16
      Source: 6217.1.00007fcd00017000.00007fcd00039000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_6a510422 severity = 100, os = linux, arch_context = x86, creation_date = 2021-06-28, scan_context = file, memory, reference = 14cc92b99daa0c91aa09d9a7996ee5549a5cacd7be733960b2cf3681a7c2b628, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 8ee116ff41236771cdc8dc4b796c3b211502413ae631d5b5aedbbaa2eccc3b75, id = 6a510422-3662-4fdb-9c03-0101f16e87cd, last_modified = 2021-09-16
      Source: 6217.1.00007fcd00017000.00007fcd00039000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_d2953f92 severity = 100, os = linux, arch_context = x86, creation_date = 2021-06-28, scan_context = file, memory, reference = 14cc92b99daa0c91aa09d9a7996ee5549a5cacd7be733960b2cf3681a7c2b628, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 276c6d62a8a335d0e2421b6b5b90c2c0eb69eec294bc9fcdeb7743abbf08d8bc, id = d2953f92-62ee-428d-88c5-723914c88c6e, last_modified = 2021-09-16
      Source: 6217.1.00007fcd00017000.00007fcd00039000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Tsunami_8a11f9be reference_sample = 1f773d0e00d40eecde9e3ab80438698923a2620036c2fc33315ef95229e98571, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Tsunami, fingerprint = 91e2572a3bb8583e20042578e95e1746501c6a71ef7635af2c982a05b18d7c6d, id = 8a11f9be-dc85-4695-9f38-80ca0304780e, last_modified = 2021-09-16
      Source: 6213.1.00007ffce1214000.00007ffce1235000.rw-.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_d2953f92 severity = 100, os = linux, arch_context = x86, creation_date = 2021-06-28, scan_context = file, memory, reference = 14cc92b99daa0c91aa09d9a7996ee5549a5cacd7be733960b2cf3681a7c2b628, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 276c6d62a8a335d0e2421b6b5b90c2c0eb69eec294bc9fcdeb7743abbf08d8bc, id = d2953f92-62ee-428d-88c5-723914c88c6e, last_modified = 2021-09-16
      Source: 6219.1.00007fcd00017000.00007fcd00039000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_6a510422 severity = 100, os = linux, arch_context = x86, creation_date = 2021-06-28, scan_context = file, memory, reference = 14cc92b99daa0c91aa09d9a7996ee5549a5cacd7be733960b2cf3681a7c2b628, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 8ee116ff41236771cdc8dc4b796c3b211502413ae631d5b5aedbbaa2eccc3b75, id = 6a510422-3662-4fdb-9c03-0101f16e87cd, last_modified = 2021-09-16
      Source: 6219.1.00007fcd00017000.00007fcd00039000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_d2953f92 severity = 100, os = linux, arch_context = x86, creation_date = 2021-06-28, scan_context = file, memory, reference = 14cc92b99daa0c91aa09d9a7996ee5549a5cacd7be733960b2cf3681a7c2b628, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 276c6d62a8a335d0e2421b6b5b90c2c0eb69eec294bc9fcdeb7743abbf08d8bc, id = d2953f92-62ee-428d-88c5-723914c88c6e, last_modified = 2021-09-16
      Source: 6219.1.00007fcd00017000.00007fcd00039000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Tsunami_8a11f9be reference_sample = 1f773d0e00d40eecde9e3ab80438698923a2620036c2fc33315ef95229e98571, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Tsunami, fingerprint = 91e2572a3bb8583e20042578e95e1746501c6a71ef7635af2c982a05b18d7c6d, id = 8a11f9be-dc85-4695-9f38-80ca0304780e, last_modified = 2021-09-16
      Source: 6217.1.00007ffce1214000.00007ffce1235000.rw-.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_d2953f92 severity = 100, os = linux, arch_context = x86, creation_date = 2021-06-28, scan_context = file, memory, reference = 14cc92b99daa0c91aa09d9a7996ee5549a5cacd7be733960b2cf3681a7c2b628, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 276c6d62a8a335d0e2421b6b5b90c2c0eb69eec294bc9fcdeb7743abbf08d8bc, id = d2953f92-62ee-428d-88c5-723914c88c6e, last_modified = 2021-09-16
      Source: 6213.1.00007fcd00017000.00007fcd00039000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_6a510422 severity = 100, os = linux, arch_context = x86, creation_date = 2021-06-28, scan_context = file, memory, reference = 14cc92b99daa0c91aa09d9a7996ee5549a5cacd7be733960b2cf3681a7c2b628, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 8ee116ff41236771cdc8dc4b796c3b211502413ae631d5b5aedbbaa2eccc3b75, id = 6a510422-3662-4fdb-9c03-0101f16e87cd, last_modified = 2021-09-16
      Source: 6213.1.00007fcd00017000.00007fcd00039000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_d2953f92 severity = 100, os = linux, arch_context = x86, creation_date = 2021-06-28, scan_context = file, memory, reference = 14cc92b99daa0c91aa09d9a7996ee5549a5cacd7be733960b2cf3681a7c2b628, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 276c6d62a8a335d0e2421b6b5b90c2c0eb69eec294bc9fcdeb7743abbf08d8bc, id = d2953f92-62ee-428d-88c5-723914c88c6e, last_modified = 2021-09-16
      Source: 6213.1.00007fcd00017000.00007fcd00039000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Tsunami_8a11f9be reference_sample = 1f773d0e00d40eecde9e3ab80438698923a2620036c2fc33315ef95229e98571, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Tsunami, fingerprint = 91e2572a3bb8583e20042578e95e1746501c6a71ef7635af2c982a05b18d7c6d, id = 8a11f9be-dc85-4695-9f38-80ca0304780e, last_modified = 2021-09-16
      Source: Process Memory Space: yakuza.arm7.elf PID: 6213, type: MEMORYSTRMatched rule: Linux_Trojan_Tsunami_8a11f9be reference_sample = 1f773d0e00d40eecde9e3ab80438698923a2620036c2fc33315ef95229e98571, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Tsunami, fingerprint = 91e2572a3bb8583e20042578e95e1746501c6a71ef7635af2c982a05b18d7c6d, id = 8a11f9be-dc85-4695-9f38-80ca0304780e, last_modified = 2021-09-16
      Source: Process Memory Space: yakuza.arm7.elf PID: 6217, type: MEMORYSTRMatched rule: Linux_Trojan_Tsunami_8a11f9be reference_sample = 1f773d0e00d40eecde9e3ab80438698923a2620036c2fc33315ef95229e98571, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Tsunami, fingerprint = 91e2572a3bb8583e20042578e95e1746501c6a71ef7635af2c982a05b18d7c6d, id = 8a11f9be-dc85-4695-9f38-80ca0304780e, last_modified = 2021-09-16
      Source: Process Memory Space: yakuza.arm7.elf PID: 6219, type: MEMORYSTRMatched rule: Linux_Trojan_Tsunami_8a11f9be reference_sample = 1f773d0e00d40eecde9e3ab80438698923a2620036c2fc33315ef95229e98571, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Tsunami, fingerprint = 91e2572a3bb8583e20042578e95e1746501c6a71ef7635af2c982a05b18d7c6d, id = 8a11f9be-dc85-4695-9f38-80ca0304780e, last_modified = 2021-09-16
      Source: classification engineClassification label: mal64.troj.linELF@0/0@1/0
      Source: /usr/bin/pkill (PID: 6351)File opened: /proc/6351/statusJump to behavior
      Source: /usr/bin/pkill (PID: 6351)File opened: /proc/6351/cmdlineJump to behavior
      Source: /usr/bin/pkill (PID: 6351)File opened: /proc/1582/statusJump to behavior
      Source: /usr/bin/pkill (PID: 6351)File opened: /proc/1582/cmdlineJump to behavior
      Source: /usr/bin/pkill (PID: 6351)File opened: /proc/3088/statusJump to behavior
      Source: /usr/bin/pkill (PID: 6351)File opened: /proc/3088/cmdlineJump to behavior
      Source: /usr/bin/pkill (PID: 6351)File opened: /proc/230/statusJump to behavior
      Source: /usr/bin/pkill (PID: 6351)File opened: /proc/230/cmdlineJump to behavior
      Source: /usr/bin/pkill (PID: 6351)File opened: /proc/110/statusJump to behavior
      Source: /usr/bin/pkill (PID: 6351)File opened: /proc/110/cmdlineJump to behavior
      Source: /usr/bin/pkill (PID: 6351)File opened: /proc/231/statusJump to behavior
      Source: /usr/bin/pkill (PID: 6351)File opened: /proc/231/cmdlineJump to behavior
      Source: /usr/bin/pkill (PID: 6351)File opened: /proc/111/statusJump to behavior
      Source: /usr/bin/pkill (PID: 6351)File opened: /proc/111/cmdlineJump to behavior
      Source: /usr/bin/pkill (PID: 6351)File opened: /proc/232/statusJump to behavior
      Source: /usr/bin/pkill (PID: 6351)File opened: /proc/232/cmdlineJump to behavior
      Source: /usr/bin/pkill (PID: 6351)File opened: /proc/1579/statusJump to behavior
      Source: /usr/bin/pkill (PID: 6351)File opened: /proc/1579/cmdlineJump to behavior
      Source: /usr/bin/pkill (PID: 6351)File opened: /proc/112/statusJump to behavior
      Source: /usr/bin/pkill (PID: 6351)File opened: /proc/112/cmdlineJump to behavior
      Source: /usr/bin/pkill (PID: 6351)File opened: /proc/233/statusJump to behavior
      Source: /usr/bin/pkill (PID: 6351)File opened: /proc/233/cmdlineJump to behavior
      Source: /usr/bin/pkill (PID: 6351)File opened: /proc/1699/statusJump to behavior
      Source: /usr/bin/pkill (PID: 6351)File opened: /proc/1699/cmdlineJump to behavior
      Source: /usr/bin/pkill (PID: 6351)File opened: /proc/113/statusJump to behavior
      Source: /usr/bin/pkill (PID: 6351)File opened: /proc/113/cmdlineJump to behavior
      Source: /usr/bin/pkill (PID: 6351)File opened: /proc/234/statusJump to behavior
      Source: /usr/bin/pkill (PID: 6351)File opened: /proc/234/cmdlineJump to behavior
      Source: /usr/bin/pkill (PID: 6351)File opened: /proc/1335/statusJump to behavior
      Source: /usr/bin/pkill (PID: 6351)File opened: /proc/1335/cmdlineJump to behavior
      Source: /usr/bin/pkill (PID: 6351)File opened: /proc/1698/statusJump to behavior
      Source: /usr/bin/pkill (PID: 6351)File opened: /proc/1698/cmdlineJump to behavior
      Source: /usr/bin/pkill (PID: 6351)File opened: /proc/114/statusJump to behavior
      Source: /usr/bin/pkill (PID: 6351)File opened: /proc/114/cmdlineJump to behavior
      Source: /usr/bin/pkill (PID: 6351)File opened: /proc/235/statusJump to behavior
      Source: /usr/bin/pkill (PID: 6351)File opened: /proc/235/cmdlineJump to behavior
      Source: /usr/bin/pkill (PID: 6351)File opened: /proc/1334/statusJump to behavior
      Source: /usr/bin/pkill (PID: 6351)File opened: /proc/1334/cmdlineJump to behavior
      Source: /usr/bin/pkill (PID: 6351)File opened: /proc/1576/statusJump to behavior
      Source: /usr/bin/pkill (PID: 6351)File opened: /proc/1576/cmdlineJump to behavior
      Source: /usr/bin/pkill (PID: 6351)File opened: /proc/2302/statusJump to behavior
      Source: /usr/bin/pkill (PID: 6351)File opened: /proc/2302/cmdlineJump to behavior
      Source: /usr/bin/pkill (PID: 6351)File opened: /proc/115/statusJump to behavior
      Source: /usr/bin/pkill (PID: 6351)File opened: /proc/115/cmdlineJump to behavior
      Source: /usr/bin/pkill (PID: 6351)File opened: /proc/236/statusJump to behavior
      Source: /usr/bin/pkill (PID: 6351)File opened: /proc/236/cmdlineJump to behavior
      Source: /usr/bin/pkill (PID: 6351)File opened: /proc/116/statusJump to behavior
      Source: /usr/bin/pkill (PID: 6351)File opened: /proc/116/cmdlineJump to behavior
      Source: /usr/bin/pkill (PID: 6351)File opened: /proc/237/statusJump to behavior
      Source: /usr/bin/pkill (PID: 6351)File opened: /proc/237/cmdlineJump to behavior
      Source: /usr/bin/pkill (PID: 6351)File opened: /proc/117/statusJump to behavior
      Source: /usr/bin/pkill (PID: 6351)File opened: /proc/117/cmdlineJump to behavior
      Source: /usr/bin/pkill (PID: 6351)File opened: /proc/118/statusJump to behavior
      Source: /usr/bin/pkill (PID: 6351)File opened: /proc/118/cmdlineJump to behavior
      Source: /usr/bin/pkill (PID: 6351)File opened: /proc/910/statusJump to behavior
      Source: /usr/bin/pkill (PID: 6351)File opened: /proc/910/cmdlineJump to behavior
      Source: /usr/bin/pkill (PID: 6351)File opened: /proc/6227/statusJump to behavior
      Source: /usr/bin/pkill (PID: 6351)File opened: /proc/6227/cmdlineJump to behavior
      Source: /usr/bin/pkill (PID: 6351)File opened: /proc/119/statusJump to behavior
      Source: /usr/bin/pkill (PID: 6351)File opened: /proc/119/cmdlineJump to behavior
      Source: /usr/bin/pkill (PID: 6351)File opened: /proc/912/statusJump to behavior
      Source: /usr/bin/pkill (PID: 6351)File opened: /proc/912/cmdlineJump to behavior
      Source: /usr/bin/pkill (PID: 6351)File opened: /proc/10/statusJump to behavior
      Source: /usr/bin/pkill (PID: 6351)File opened: /proc/10/cmdlineJump to behavior
      Source: /usr/bin/pkill (PID: 6351)File opened: /proc/2307/statusJump to behavior
      Source: /usr/bin/pkill (PID: 6351)File opened: /proc/2307/cmdlineJump to behavior
      Source: /usr/bin/pkill (PID: 6351)File opened: /proc/11/statusJump to behavior
      Source: /usr/bin/pkill (PID: 6351)File opened: /proc/11/cmdlineJump to behavior
      Source: /usr/bin/pkill (PID: 6351)File opened: /proc/918/statusJump to behavior
      Source: /usr/bin/pkill (PID: 6351)File opened: /proc/918/cmdlineJump to behavior
      Source: /usr/bin/pkill (PID: 6351)File opened: /proc/12/statusJump to behavior
      Source: /usr/bin/pkill (PID: 6351)File opened: /proc/12/cmdlineJump to behavior
      Source: /usr/bin/pkill (PID: 6351)File opened: /proc/13/statusJump to behavior
      Source: /usr/bin/pkill (PID: 6351)File opened: /proc/13/cmdlineJump to behavior
      Source: /usr/bin/pkill (PID: 6351)File opened: /proc/14/statusJump to behavior
      Source: /usr/bin/pkill (PID: 6351)File opened: /proc/14/cmdlineJump to behavior
      Source: /usr/bin/pkill (PID: 6351)File opened: /proc/15/statusJump to behavior
      Source: /usr/bin/pkill (PID: 6351)File opened: /proc/15/cmdlineJump to behavior
      Source: /usr/bin/pkill (PID: 6351)File opened: /proc/16/statusJump to behavior
      Source: /usr/bin/pkill (PID: 6351)File opened: /proc/16/cmdlineJump to behavior
      Source: /usr/bin/pkill (PID: 6351)File opened: /proc/17/statusJump to behavior
      Source: /usr/bin/pkill (PID: 6351)File opened: /proc/17/cmdlineJump to behavior
      Source: /usr/bin/pkill (PID: 6351)File opened: /proc/18/statusJump to behavior
      Source: /usr/bin/pkill (PID: 6351)File opened: /proc/18/cmdlineJump to behavior
      Source: /usr/bin/pkill (PID: 6351)File opened: /proc/1594/statusJump to behavior
      Source: /usr/bin/pkill (PID: 6351)File opened: /proc/1594/cmdlineJump to behavior
      Source: /usr/bin/pkill (PID: 6351)File opened: /proc/120/statusJump to behavior
      Source: /usr/bin/pkill (PID: 6351)File opened: /proc/120/cmdlineJump to behavior
      Source: /usr/bin/pkill (PID: 6351)File opened: /proc/121/statusJump to behavior
      Source: /usr/bin/pkill (PID: 6351)File opened: /proc/121/cmdlineJump to behavior
      Source: /usr/bin/pkill (PID: 6351)File opened: /proc/1349/statusJump to behavior
      Source: /usr/bin/pkill (PID: 6351)File opened: /proc/1349/cmdlineJump to behavior
      Source: /usr/bin/pkill (PID: 6351)File opened: /proc/1/statusJump to behavior
      Source: /usr/bin/pkill (PID: 6351)File opened: /proc/1/cmdlineJump to behavior
      Source: /usr/bin/pkill (PID: 6351)File opened: /proc/122/statusJump to behavior
      Source: /usr/bin/pkill (PID: 6351)File opened: /proc/122/cmdlineJump to behavior
      Source: /usr/bin/pkill (PID: 6351)File opened: /proc/243/statusJump to behavior
      Source: /usr/bin/pkill (PID: 6351)File opened: /proc/243/cmdlineJump to behavior
      Source: /usr/bin/pkill (PID: 6351)File opened: /proc/123/statusJump to behavior
      Source: /usr/bin/pkill (PID: 6351)File opened: /proc/123/cmdlineJump to behavior
      Source: /usr/bin/pkill (PID: 6351)File opened: /proc/2/statusJump to behavior
      Source: /usr/bin/pkill (PID: 6351)File opened: /proc/2/cmdlineJump to behavior
      Source: /usr/bin/pkill (PID: 6351)File opened: /proc/124/statusJump to behavior
      Source: /usr/bin/pkill (PID: 6351)File opened: /proc/124/cmdlineJump to behavior
      Source: /usr/bin/pkill (PID: 6351)File opened: /proc/3/statusJump to behavior
      Source: /usr/bin/pkill (PID: 6351)File opened: /proc/3/cmdlineJump to behavior
      Source: /tmp/yakuza.arm7.elf (PID: 6220)Shell command executed: /bin/sh -c "pkill -9 902i13 || busybox pkill -9 902i13"Jump to behavior
      Source: /tmp/yakuza.arm7.elf (PID: 6250)Shell command executed: /bin/sh -c "pkill -9 BzSxLxBxeY || busybox pkill -9 BzSxLxBxeY"Jump to behavior
      Source: /tmp/yakuza.arm7.elf (PID: 6258)Shell command executed: /bin/sh -c "pkill -9 HOHO-LUGO7 || busybox pkill -9 HOHO-LUGO7"Jump to behavior
      Source: /tmp/yakuza.arm7.elf (PID: 6265)Shell command executed: /bin/sh -c "pkill -9 HOHO-U79OL || busybox pkill -9 HOHO-U79OL"Jump to behavior
      Source: /tmp/yakuza.arm7.elf (PID: 6274)Shell command executed: /bin/sh -c "pkill -9 JuYfouyf87 || busybox pkill -9 JuYfouyf87"Jump to behavior
      Source: /tmp/yakuza.arm7.elf (PID: 6278)Shell command executed: /bin/sh -c "pkill -9 NiGGeR69xd || busybox pkill -9 NiGGeR69xd"Jump to behavior
      Source: /tmp/yakuza.arm7.elf (PID: 6284)Shell command executed: /bin/sh -c "pkill -9 SO190Ij1X || busybox pkill -9 SO190Ij1X"Jump to behavior
      Source: /tmp/yakuza.arm7.elf (PID: 6289)Shell command executed: /bin/sh -c "pkill -9 LOLKIKEEEDDE || busybox pkill -9 LOLKIKEEEDDE"Jump to behavior
      Source: /tmp/yakuza.arm7.elf (PID: 6299)Shell command executed: /bin/sh -c "pkill -9 ekjheory98e || busybox pkill -9 ekjheory98e"Jump to behavior
      Source: /tmp/yakuza.arm7.elf (PID: 6323)Shell command executed: /bin/sh -c "pkill -9 scansh4 || busybox pkill -9 scansh4"Jump to behavior
      Source: /tmp/yakuza.arm7.elf (PID: 6330)Shell command executed: /bin/sh -c "pkill -9 MDMA || busybox pkill -9 MDMA"Jump to behavior
      Source: /tmp/yakuza.arm7.elf (PID: 6339)Shell command executed: /bin/sh -c "pkill -9 fdevalvex || busybox pkill -9 fdevalvex"Jump to behavior
      Source: /tmp/yakuza.arm7.elf (PID: 6346)Shell command executed: /bin/sh -c "pkill -9 scanspc || busybox pkill -9 scanspc"Jump to behavior
      Source: /tmp/yakuza.arm7.elf (PID: 6355)Shell command executed: /bin/sh -c "pkill -9 MELTEDNINJAREALZ || busybox pkill -9 MELTEDNINJAREALZ"Jump to behavior
      Source: /tmp/yakuza.arm7.elf (PID: 6362)Shell command executed: /bin/sh -c "pkill -9 flexsonskids || busybox pkill -9 flexsonskids"Jump to behavior
      Source: /tmp/yakuza.arm7.elf (PID: 6369)Shell command executed: /bin/sh -c "pkill -9 scanx86 || busybox pkill -9 scanx86"Jump to behavior
      Source: /tmp/yakuza.arm7.elf (PID: 6379)Shell command executed: /bin/sh -c "pkill -9 MISAKI-U79OL || busybox pkill -9 MISAKI-U79OL"
      Source: /tmp/yakuza.arm7.elf (PID: 6386)Shell command executed: /bin/sh -c "pkill -9 foAxi102kxe || busybox pkill -9 foAxi102kxe"
      Source: /tmp/yakuza.arm7.elf (PID: 6392)Shell command executed: /bin/sh -c "pkill -9 swodjwodjwoj || busybox pkill -9 swodjwodjwoj"
      Source: /tmp/yakuza.arm7.elf (PID: 6399)Shell command executed: /bin/sh -c "pkill -9 MmKiy7f87l || busybox pkill -9 MmKiy7f87l"
      Source: /tmp/yakuza.arm7.elf (PID: 6406)Shell command executed: /bin/sh -c "pkill -9 freecookiex86 || busybox pkill -9 freecookiex86"
      Source: /tmp/yakuza.arm7.elf (PID: 6415)Shell command executed: /bin/sh -c "pkill -9 sysgpu || busybox pkill -9 sysgpu"
      Source: /tmp/yakuza.arm7.elf (PID: 6423)Shell command executed: /bin/sh -c "pkill -9 NiGGeR69xd || busybox pkill -9 NiGGeR69xd"
      Source: /tmp/yakuza.arm7.elf (PID: 6433)Shell command executed: /bin/sh -c "pkill -9 frgege || busybox pkill -9 frgege"
      Source: /tmp/yakuza.arm7.elf (PID: 6442)Shell command executed: /bin/sh -c "pkill -9 sysupdater || busybox pkill -9 sysupdater"
      Source: /tmp/yakuza.arm7.elf (PID: 6449)Shell command executed: /bin/sh -c "pkill -9 0DnAzepd || busybox pkill -9 0DnAzepd"
      Source: /tmp/yakuza.arm7.elf (PID: 6458)Shell command executed: /bin/sh -c "pkill -9 NiGGeRD0nks69 || busybox pkill -9 NiGGeRD0nks69"
      Source: /tmp/yakuza.arm7.elf (PID: 6465)Shell command executed: /bin/sh -c "pkill -9 frgreu || busybox pkill -9 frgreu"
      Source: /tmp/yakuza.arm7.elf (PID: 6471)Shell command executed: /bin/sh -c "pkill -9 telnetd || busybox pkill -9 telnetd"
      Source: /tmp/yakuza.arm7.elf (PID: 6478)Shell command executed: /bin/sh -c "pkill -9 0x766f6964 || busybox pkill -9 0x766f6964"
      Source: /tmp/yakuza.arm7.elf (PID: 6484)Shell command executed: /bin/sh -c "pkill -9 NiGGeRd0nks1337 || busybox pkill -9 NiGGeRd0nks1337"
      Source: /tmp/yakuza.arm7.elf (PID: 6492)Shell command executed: /bin/sh -c "pkill -9 gaft || busybox pkill -9 gaft"
      Source: /tmp/yakuza.arm7.elf (PID: 6499)Shell command executed: /bin/sh -c "pkill -9 urasgbsigboa || busybox pkill -9 urasgbsigboa"
      Source: /tmp/yakuza.arm7.elf (PID: 6508)Shell command executed: /bin/sh -c "pkill -9 120i3UI49 || busybox pkill -9 120i3UI49"
      Source: /tmp/yakuza.arm7.elf (PID: 6515)Shell command executed: /bin/sh -c "pkill -9 OaF3 || busybox pkill -9 OaF3"
      Source: /tmp/yakuza.arm7.elf (PID: 6524)Shell command executed: /bin/sh -c "pkill -9 geae || busybox pkill -9 geae"
      Source: /tmp/yakuza.arm7.elf (PID: 6532)Shell command executed: /bin/sh -c "pkill -9 vaiolmao || busybox pkill -9 vaiolmao"
      Source: /tmp/yakuza.arm7.elf (PID: 6542)Shell command executed: /bin/sh -c "pkill -9 123123a || busybox pkill -9 123123a"
      Source: /tmp/yakuza.arm7.elf (PID: 6549)Shell command executed: /bin/sh -c "pkill -9 Ofurain0n4H34D || busybox pkill -9 Ofurain0n4H34D"
      Source: /tmp/yakuza.arm7.elf (PID: 6553)Shell command executed: /bin/sh -c "pkill -9 ggTrex || busybox pkill -9 ggTrex"
      Source: /tmp/yakuza.arm7.elf (PID: 6562)Shell command executed: /bin/sh -c "pkill -9 wasads || busybox pkill -9 wasads"
      Source: /tmp/yakuza.arm7.elf (PID: 6569)Shell command executed: /bin/sh -c "pkill -9 1293194hjXD || busybox pkill -9 1293194hjXD"
      Source: /tmp/yakuza.arm7.elf (PID: 6578)Shell command executed: /bin/sh -c "pkill -9 OthLaLosn || busybox pkill -9 OthLaLosn"
      Source: /tmp/yakuza.arm7.elf (PID: 6585)Shell command executed: /bin/sh -c "pkill -9 ggt || busybox pkill -9 ggt"
      Source: /tmp/yakuza.arm7.elf (PID: 6593)Shell command executed: /bin/sh -c "pkill -9 wget-log || busybox pkill -9 wget-log"
      Source: /tmp/yakuza.arm7.elf (PID: 6602)Shell command executed: /bin/sh -c "pkill -9 1337SoraLOADER || busybox pkill -9 1337SoraLOADER"
      Source: /tmp/yakuza.arm7.elf (PID: 6609)Shell command executed: /bin/sh -c "pkill -9 SAIAKINA || busybox pkill -9 SAIAKINA"
      Source: /tmp/yakuza.arm7.elf (PID: 6619)Shell command executed: /bin/sh -c "pkill -9 ggtq || busybox pkill -9 ggtq"
      Source: /tmp/yakuza.arm7.elf (PID: 6626)Shell command executed: /bin/sh -c "pkill -9 1378bfp919GRB1Q2 || busybox pkill -9 1378bfp919GRB1Q2"
      Source: /tmp/yakuza.arm7.elf (PID: 6633)Shell command executed: /bin/sh -c "pkill -9 SAIAKUSO || busybox pkill -9 SAIAKUSO"
      Source: /tmp/yakuza.arm7.elf (PID: 6642)Shell command executed: /bin/sh -c "pkill -9 ggtr || busybox pkill -9 ggtr"
      Source: /tmp/yakuza.arm7.elf (PID: 6650)Shell command executed: /bin/sh -c "pkill -9 14Fa || busybox pkill -9 14Fa"
      Source: /tmp/yakuza.arm7.elf (PID: 6660)Shell command executed: /bin/sh -c "pkill -9 SEXSLAVE1337 || busybox pkill -9 SEXSLAVE1337"
      Source: /tmp/yakuza.arm7.elf (PID: 6669)Shell command executed: /bin/sh -c "pkill -9 ggtt || busybox pkill -9 ggtt"
      Source: /tmp/yakuza.arm7.elf (PID: 6676)Shell command executed: /bin/sh -c "pkill -9 1902a3u912u3u4 || busybox pkill -9 1902a3u912u3u4"
      Source: /tmp/yakuza.arm7.elf (PID: 6685)Shell command executed: /bin/sh -c "pkill -9 SO190Ij1X || busybox pkill -9 SO190Ij1X"
      Source: /tmp/yakuza.arm7.elf (PID: 6692)Shell command executed: /bin/sh -c "pkill -9 haetrghbr || busybox pkill -9 haetrghbr"
      Source: /tmp/yakuza.arm7.elf (PID: 6701)Shell command executed: /bin/sh -c "pkill -9 19ju3d || busybox pkill -9 19ju3d"
      Source: /tmp/yakuza.arm7.elf (PID: 6708)Shell command executed: /bin/sh -c "pkill -9 SORAojkf120 || busybox pkill -9 SORAojkf120"
      Source: /tmp/yakuza.arm7.elf (PID: 6716)Shell command executed: /bin/sh -c "pkill -9 hehahejeje92 || busybox pkill -9 hehahejeje92"
      Source: /tmp/yakuza.arm7.elf (PID: 6725)Shell command executed: /bin/sh -c "pkill -9 2U2JDJA901F91 || busybox pkill -9 2U2JDJA901F91"
      Source: /bin/sh (PID: 6228)Pkill executable: /usr/bin/pkill -> pkill -9 902i13Jump to behavior
      Source: /bin/sh (PID: 6256)Pkill executable: /usr/bin/pkill -> pkill -9 BzSxLxBxeYJump to behavior
      Source: /bin/sh (PID: 6263)Pkill executable: /usr/bin/pkill -> pkill -9 HOHO-LUGO7Jump to behavior
      Source: /bin/sh (PID: 6270)Pkill executable: /usr/bin/pkill -> pkill -9 HOHO-U79OLJump to behavior
      Source: /bin/sh (PID: 6276)Pkill executable: /usr/bin/pkill -> pkill -9 JuYfouyf87Jump to behavior
      Source: /bin/sh (PID: 6280)Pkill executable: /usr/bin/pkill -> pkill -9 NiGGeR69xdJump to behavior
      Source: /bin/sh (PID: 6286)Pkill executable: /usr/bin/pkill -> pkill -9 SO190Ij1XJump to behavior
      Source: /bin/sh (PID: 6295)Pkill executable: /usr/bin/pkill -> pkill -9 LOLKIKEEEDDEJump to behavior
      Source: /bin/sh (PID: 6304)Pkill executable: /usr/bin/pkill -> pkill -9 ekjheory98eJump to behavior
      Source: /bin/sh (PID: 6328)Pkill executable: /usr/bin/pkill -> pkill -9 scansh4Jump to behavior
      Source: /bin/sh (PID: 6335)Pkill executable: /usr/bin/pkill -> pkill -9 MDMAJump to behavior
      Source: /bin/sh (PID: 6344)Pkill executable: /usr/bin/pkill -> pkill -9 fdevalvexJump to behavior
      Source: /bin/sh (PID: 6351)Pkill executable: /usr/bin/pkill -> pkill -9 scanspcJump to behavior
      Source: /bin/sh (PID: 6360)Pkill executable: /usr/bin/pkill -> pkill -9 MELTEDNINJAREALZJump to behavior
      Source: /bin/sh (PID: 6367)Pkill executable: /usr/bin/pkill -> pkill -9 flexsonskidsJump to behavior
      Source: /bin/sh (PID: 6375)Pkill executable: /usr/bin/pkill -> pkill -9 scanx86Jump to behavior
      Source: /bin/sh (PID: 6384)Pkill executable: /usr/bin/pkill -> pkill -9 MISAKI-U79OL
      Source: /bin/sh (PID: 6388)Pkill executable: /usr/bin/pkill -> pkill -9 foAxi102kxe
      Source: /bin/sh (PID: 6397)Pkill executable: /usr/bin/pkill -> pkill -9 swodjwodjwoj
      Source: /bin/sh (PID: 6404)Pkill executable: /usr/bin/pkill -> pkill -9 MmKiy7f87l
      Source: /bin/sh (PID: 6411)Pkill executable: /usr/bin/pkill -> pkill -9 freecookiex86
      Source: /bin/sh (PID: 6420)Pkill executable: /usr/bin/pkill -> pkill -9 sysgpu
      Source: /bin/sh (PID: 6429)Pkill executable: /usr/bin/pkill -> pkill -9 NiGGeR69xd
      Source: /bin/sh (PID: 6438)Pkill executable: /usr/bin/pkill -> pkill -9 frgege
      Source: /bin/sh (PID: 6447)Pkill executable: /usr/bin/pkill -> pkill -9 sysupdater
      Source: /bin/sh (PID: 6454)Pkill executable: /usr/bin/pkill -> pkill -9 0DnAzepd
      Source: /bin/sh (PID: 6463)Pkill executable: /usr/bin/pkill -> pkill -9 NiGGeRD0nks69
      Source: /bin/sh (PID: 6467)Pkill executable: /usr/bin/pkill -> pkill -9 frgreu
      Source: /bin/sh (PID: 6476)Pkill executable: /usr/bin/pkill -> pkill -9 telnetd
      Source: /bin/sh (PID: 6480)Pkill executable: /usr/bin/pkill -> pkill -9 0x766f6964
      Source: /bin/sh (PID: 6490)Pkill executable: /usr/bin/pkill -> pkill -9 NiGGeRd0nks1337
      Source: /bin/sh (PID: 6497)Pkill executable: /usr/bin/pkill -> pkill -9 gaft
      Source: /bin/sh (PID: 6504)Pkill executable: /usr/bin/pkill -> pkill -9 urasgbsigboa
      Source: /bin/sh (PID: 6513)Pkill executable: /usr/bin/pkill -> pkill -9 120i3UI49
      Source: /bin/sh (PID: 6520)Pkill executable: /usr/bin/pkill -> pkill -9 OaF3
      Source: /bin/sh (PID: 6529)Pkill executable: /usr/bin/pkill -> pkill -9 geae
      Source: /bin/sh (PID: 6538)Pkill executable: /usr/bin/pkill -> pkill -9 vaiolmao
      Source: /bin/sh (PID: 6547)Pkill executable: /usr/bin/pkill -> pkill -9 123123a
      Source: /bin/sh (PID: 6551)Pkill executable: /usr/bin/pkill -> pkill -9 Ofurain0n4H34D
      Source: /bin/sh (PID: 6558)Pkill executable: /usr/bin/pkill -> pkill -9 ggTrex
      Source: /bin/sh (PID: 6566)Pkill executable: /usr/bin/pkill -> pkill -9 wasads
      Source: /bin/sh (PID: 6574)Pkill executable: /usr/bin/pkill -> pkill -9 1293194hjXD
      Source: /bin/sh (PID: 6583)Pkill executable: /usr/bin/pkill -> pkill -9 OthLaLosn
      Source: /bin/sh (PID: 6591)Pkill executable: /usr/bin/pkill -> pkill -9 ggt
      Source: /bin/sh (PID: 6598)Pkill executable: /usr/bin/pkill -> pkill -9 wget-log
      Source: /bin/sh (PID: 6607)Pkill executable: /usr/bin/pkill -> pkill -9 1337SoraLOADER
      Source: /bin/sh (PID: 6614)Pkill executable: /usr/bin/pkill -> pkill -9 SAIAKINA
      Source: /bin/sh (PID: 6624)Pkill executable: /usr/bin/pkill -> pkill -9 ggtq
      Source: /bin/sh (PID: 6631)Pkill executable: /usr/bin/pkill -> pkill -9 1378bfp919GRB1Q2
      Source: /bin/sh (PID: 6638)Pkill executable: /usr/bin/pkill -> pkill -9 SAIAKUSO
      Source: /bin/sh (PID: 6647)Pkill executable: /usr/bin/pkill -> pkill -9 ggtr
      Source: /bin/sh (PID: 6656)Pkill executable: /usr/bin/pkill -> pkill -9 14Fa
      Source: /bin/sh (PID: 6664)Pkill executable: /usr/bin/pkill -> pkill -9 SEXSLAVE1337
      Source: /bin/sh (PID: 6674)Pkill executable: /usr/bin/pkill -> pkill -9 ggtt
      Source: /bin/sh (PID: 6681)Pkill executable: /usr/bin/pkill -> pkill -9 1902a3u912u3u4
      Source: /bin/sh (PID: 6690)Pkill executable: /usr/bin/pkill -> pkill -9 SO190Ij1X
      Source: /bin/sh (PID: 6697)Pkill executable: /usr/bin/pkill -> pkill -9 haetrghbr
      Source: /bin/sh (PID: 6706)Pkill executable: /usr/bin/pkill -> pkill -9 19ju3d
      Source: /bin/sh (PID: 6714)Pkill executable: /usr/bin/pkill -> pkill -9 SORAojkf120
      Source: /bin/sh (PID: 6721)Pkill executable: /usr/bin/pkill -> pkill -9 hehahejeje92
      Source: /bin/sh (PID: 6729)Pkill executable: /usr/bin/pkill -> pkill -9 2U2JDJA901F91
      Source: /usr/bin/pkill (PID: 6228)Reads CPU info from /sys: /sys/devices/system/cpu/onlineJump to behavior
      Source: /usr/bin/pkill (PID: 6256)Reads CPU info from /sys: /sys/devices/system/cpu/onlineJump to behavior
      Source: /usr/bin/pkill (PID: 6263)Reads CPU info from /sys: /sys/devices/system/cpu/onlineJump to behavior
      Source: /usr/bin/pkill (PID: 6270)Reads CPU info from /sys: /sys/devices/system/cpu/onlineJump to behavior
      Source: /usr/bin/pkill (PID: 6276)Reads CPU info from /sys: /sys/devices/system/cpu/onlineJump to behavior
      Source: /usr/bin/pkill (PID: 6280)Reads CPU info from /sys: /sys/devices/system/cpu/onlineJump to behavior
      Source: /usr/bin/pkill (PID: 6286)Reads CPU info from /sys: /sys/devices/system/cpu/onlineJump to behavior
      Source: /usr/bin/pkill (PID: 6295)Reads CPU info from /sys: /sys/devices/system/cpu/onlineJump to behavior
      Source: /usr/bin/pkill (PID: 6304)Reads CPU info from /sys: /sys/devices/system/cpu/onlineJump to behavior
      Source: /usr/bin/pkill (PID: 6328)Reads CPU info from /sys: /sys/devices/system/cpu/onlineJump to behavior
      Source: /usr/bin/pkill (PID: 6335)Reads CPU info from /sys: /sys/devices/system/cpu/onlineJump to behavior
      Source: /usr/bin/pkill (PID: 6344)Reads CPU info from /sys: /sys/devices/system/cpu/onlineJump to behavior
      Source: /usr/bin/pkill (PID: 6351)Reads CPU info from /sys: /sys/devices/system/cpu/onlineJump to behavior
      Source: /usr/bin/pkill (PID: 6360)Reads CPU info from /sys: /sys/devices/system/cpu/onlineJump to behavior
      Source: /usr/bin/pkill (PID: 6367)Reads CPU info from /sys: /sys/devices/system/cpu/onlineJump to behavior
      Source: /usr/bin/pkill (PID: 6375)Reads CPU info from /sys: /sys/devices/system/cpu/online
      Source: /usr/bin/pkill (PID: 6384)Reads CPU info from /sys: /sys/devices/system/cpu/online
      Source: /usr/bin/pkill (PID: 6388)Reads CPU info from /sys: /sys/devices/system/cpu/online
      Source: /usr/bin/pkill (PID: 6397)Reads CPU info from /sys: /sys/devices/system/cpu/online
      Source: /usr/bin/pkill (PID: 6404)Reads CPU info from /sys: /sys/devices/system/cpu/online
      Source: /usr/bin/pkill (PID: 6411)Reads CPU info from /sys: /sys/devices/system/cpu/online
      Source: /usr/bin/pkill (PID: 6420)Reads CPU info from /sys: /sys/devices/system/cpu/online
      Source: /usr/bin/pkill (PID: 6429)Reads CPU info from /sys: /sys/devices/system/cpu/online
      Source: /usr/bin/pkill (PID: 6438)Reads CPU info from /sys: /sys/devices/system/cpu/online
      Source: /usr/bin/pkill (PID: 6447)Reads CPU info from /sys: /sys/devices/system/cpu/online
      Source: /usr/bin/pkill (PID: 6454)Reads CPU info from /sys: /sys/devices/system/cpu/online
      Source: /usr/bin/pkill (PID: 6463)Reads CPU info from /sys: /sys/devices/system/cpu/online
      Source: /usr/bin/pkill (PID: 6467)Reads CPU info from /sys: /sys/devices/system/cpu/online
      Source: /usr/bin/pkill (PID: 6476)Reads CPU info from /sys: /sys/devices/system/cpu/online
      Source: /usr/bin/pkill (PID: 6480)Reads CPU info from /sys: /sys/devices/system/cpu/online
      Source: /usr/bin/pkill (PID: 6490)Reads CPU info from /sys: /sys/devices/system/cpu/online
      Source: /usr/bin/pkill (PID: 6497)Reads CPU info from /sys: /sys/devices/system/cpu/online
      Source: /usr/bin/pkill (PID: 6504)Reads CPU info from /sys: /sys/devices/system/cpu/online
      Source: /usr/bin/pkill (PID: 6513)Reads CPU info from /sys: /sys/devices/system/cpu/online
      Source: /usr/bin/pkill (PID: 6520)Reads CPU info from /sys: /sys/devices/system/cpu/online
      Source: /usr/bin/pkill (PID: 6529)Reads CPU info from /sys: /sys/devices/system/cpu/online
      Source: /usr/bin/pkill (PID: 6538)Reads CPU info from /sys: /sys/devices/system/cpu/online
      Source: /usr/bin/pkill (PID: 6547)Reads CPU info from /sys: /sys/devices/system/cpu/online
      Source: /usr/bin/pkill (PID: 6551)Reads CPU info from /sys: /sys/devices/system/cpu/online
      Source: /usr/bin/pkill (PID: 6558)Reads CPU info from /sys: /sys/devices/system/cpu/online
      Source: /usr/bin/pkill (PID: 6566)Reads CPU info from /sys: /sys/devices/system/cpu/online
      Source: /usr/bin/pkill (PID: 6574)Reads CPU info from /sys: /sys/devices/system/cpu/online
      Source: /usr/bin/pkill (PID: 6583)Reads CPU info from /sys: /sys/devices/system/cpu/online
      Source: /usr/bin/pkill (PID: 6591)Reads CPU info from /sys: /sys/devices/system/cpu/online
      Source: /usr/bin/pkill (PID: 6598)Reads CPU info from /sys: /sys/devices/system/cpu/online
      Source: /usr/bin/pkill (PID: 6607)Reads CPU info from /sys: /sys/devices/system/cpu/online
      Source: /usr/bin/pkill (PID: 6614)Reads CPU info from /sys: /sys/devices/system/cpu/online
      Source: /usr/bin/pkill (PID: 6624)Reads CPU info from /sys: /sys/devices/system/cpu/online
      Source: /usr/bin/pkill (PID: 6631)Reads CPU info from /sys: /sys/devices/system/cpu/online
      Source: /usr/bin/pkill (PID: 6638)Reads CPU info from /sys: /sys/devices/system/cpu/online
      Source: /usr/bin/pkill (PID: 6647)Reads CPU info from /sys: /sys/devices/system/cpu/online
      Source: /usr/bin/pkill (PID: 6656)Reads CPU info from /sys: /sys/devices/system/cpu/online
      Source: /usr/bin/pkill (PID: 6664)Reads CPU info from /sys: /sys/devices/system/cpu/online
      Source: /usr/bin/pkill (PID: 6674)Reads CPU info from /sys: /sys/devices/system/cpu/online
      Source: /usr/bin/pkill (PID: 6681)Reads CPU info from /sys: /sys/devices/system/cpu/online
      Source: /usr/bin/pkill (PID: 6690)Reads CPU info from /sys: /sys/devices/system/cpu/online
      Source: /usr/bin/pkill (PID: 6697)Reads CPU info from /sys: /sys/devices/system/cpu/online
      Source: /usr/bin/pkill (PID: 6706)Reads CPU info from /sys: /sys/devices/system/cpu/online
      Source: /usr/bin/pkill (PID: 6714)Reads CPU info from /sys: /sys/devices/system/cpu/online
      Source: /usr/bin/pkill (PID: 6721)Reads CPU info from /sys: /sys/devices/system/cpu/online
      Source: /usr/bin/pkill (PID: 6729)Reads CPU info from /sys: /sys/devices/system/cpu/online
      Source: /tmp/yakuza.arm7.elf (PID: 6213)Queries kernel information via 'uname': Jump to behavior
      Source: /tmp/yakuza.arm7.elf (PID: 6219)Queries kernel information via 'uname': Jump to behavior
      Source: /usr/bin/busybox (PID: 6241)Queries kernel information via 'uname': Jump to behavior
      Source: /usr/bin/busybox (PID: 6257)Queries kernel information via 'uname': Jump to behavior
      Source: /usr/bin/busybox (PID: 6264)Queries kernel information via 'uname': Jump to behavior
      Source: /usr/bin/busybox (PID: 6273)Queries kernel information via 'uname': Jump to behavior
      Source: /usr/bin/busybox (PID: 6277)Queries kernel information via 'uname': Jump to behavior
      Source: /usr/bin/busybox (PID: 6283)Queries kernel information via 'uname': Jump to behavior
      Source: /usr/bin/busybox (PID: 6287)Queries kernel information via 'uname': Jump to behavior
      Source: /usr/bin/busybox (PID: 6296)Queries kernel information via 'uname': Jump to behavior
      Source: /usr/bin/busybox (PID: 6305)Queries kernel information via 'uname': Jump to behavior
      Source: /usr/bin/busybox (PID: 6329)Queries kernel information via 'uname': Jump to behavior
      Source: /usr/bin/busybox (PID: 6338)Queries kernel information via 'uname': Jump to behavior
      Source: /usr/bin/busybox (PID: 6345)Queries kernel information via 'uname': Jump to behavior
      Source: /usr/bin/busybox (PID: 6352)Queries kernel information via 'uname': Jump to behavior
      Source: /usr/bin/busybox (PID: 6361)Queries kernel information via 'uname': Jump to behavior
      Source: /usr/bin/busybox (PID: 6368)Queries kernel information via 'uname': Jump to behavior
      Source: /usr/bin/busybox (PID: 6378)Queries kernel information via 'uname':
      Source: /usr/bin/busybox (PID: 6385)Queries kernel information via 'uname':
      Source: /usr/bin/busybox (PID: 6389)Queries kernel information via 'uname':
      Source: /usr/bin/busybox (PID: 6398)Queries kernel information via 'uname':
      Source: /usr/bin/busybox (PID: 6405)Queries kernel information via 'uname':
      Source: /usr/bin/busybox (PID: 6414)Queries kernel information via 'uname':
      Source: /usr/bin/busybox (PID: 6422)Queries kernel information via 'uname':
      Source: /usr/bin/busybox (PID: 6430)Queries kernel information via 'uname':
      Source: /usr/bin/busybox (PID: 6439)Queries kernel information via 'uname':
      Source: /usr/bin/busybox (PID: 6448)Queries kernel information via 'uname':
      Source: /usr/bin/busybox (PID: 6457)Queries kernel information via 'uname':
      Source: /usr/bin/busybox (PID: 6464)Queries kernel information via 'uname':
      Source: /usr/bin/busybox (PID: 6470)Queries kernel information via 'uname':
      Source: /usr/bin/busybox (PID: 6477)Queries kernel information via 'uname':
      Source: /usr/bin/busybox (PID: 6481)Queries kernel information via 'uname':
      Source: /usr/bin/busybox (PID: 6491)Queries kernel information via 'uname':
      Source: /usr/bin/busybox (PID: 6498)Queries kernel information via 'uname':
      Source: /usr/bin/busybox (PID: 6507)Queries kernel information via 'uname':
      Source: /usr/bin/busybox (PID: 6514)Queries kernel information via 'uname':
      Source: /usr/bin/busybox (PID: 6521)Queries kernel information via 'uname':
      Source: /usr/bin/busybox (PID: 6530)Queries kernel information via 'uname':
      Source: /usr/bin/busybox (PID: 6539)Queries kernel information via 'uname':
      Source: /usr/bin/busybox (PID: 6548)Queries kernel information via 'uname':
      Source: /usr/bin/busybox (PID: 6552)Queries kernel information via 'uname':
      Source: /usr/bin/busybox (PID: 6561)Queries kernel information via 'uname':
      Source: /usr/bin/busybox (PID: 6568)Queries kernel information via 'uname':
      Source: /usr/bin/busybox (PID: 6575)Queries kernel information via 'uname':
      Source: /usr/bin/busybox (PID: 6584)Queries kernel information via 'uname':
      Source: /usr/bin/busybox (PID: 6592)Queries kernel information via 'uname':
      Source: /usr/bin/busybox (PID: 6601)Queries kernel information via 'uname':
      Source: /usr/bin/busybox (PID: 6608)Queries kernel information via 'uname':
      Source: /usr/bin/busybox (PID: 6616)Queries kernel information via 'uname':
      Source: /usr/bin/busybox (PID: 6625)Queries kernel information via 'uname':
      Source: /usr/bin/busybox (PID: 6632)Queries kernel information via 'uname':
      Source: /usr/bin/busybox (PID: 6641)Queries kernel information via 'uname':
      Source: /usr/bin/busybox (PID: 6649)Queries kernel information via 'uname':
      Source: /usr/bin/busybox (PID: 6657)Queries kernel information via 'uname':
      Source: /usr/bin/busybox (PID: 6666)Queries kernel information via 'uname':
      Source: /usr/bin/busybox (PID: 6675)Queries kernel information via 'uname':
      Source: /usr/bin/busybox (PID: 6684)Queries kernel information via 'uname':
      Source: /usr/bin/busybox (PID: 6691)Queries kernel information via 'uname':
      Source: /usr/bin/busybox (PID: 6698)Queries kernel information via 'uname':
      Source: /usr/bin/busybox (PID: 6707)Queries kernel information via 'uname':
      Source: /usr/bin/busybox (PID: 6715)Queries kernel information via 'uname':
      Source: /usr/bin/busybox (PID: 6724)Queries kernel information via 'uname':
      Source: /usr/bin/busybox (PID: 6731)Queries kernel information via 'uname':
      Source: yakuza.arm7.elf, 6213.1.00007ffce1214000.00007ffce1235000.rw-.sdmp, yakuza.arm7.elf, 6217.1.00007ffce1214000.00007ffce1235000.rw-.sdmp, yakuza.arm7.elf, 6219.1.00007ffce1214000.00007ffce1235000.rw-.sdmpBinary or memory string: x86_64/usr/bin/qemu-arm/tmp/yakuza.arm7.elfSUDO_USER=saturninoPATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/binDISPLAY=:1.0XAUTHORITY=/run/user/1000/gdm/XauthoritySUDO_UID=1000TERM=xterm-256colorCOLORTERM=truecolorLOGNAME=rootUSER=rootLANG=en_US.UTF-8SUDO_COMMAND=/bin/bashHOME=/rootMAIL=/var/mail/rootSUDO_GID=1000SHELL=/bin/bash/tmp/yakuza.arm7.elf
      Source: yakuza.arm7.elf, 6213.1.000056495a0cc000.000056495a1fa000.rw-.sdmp, yakuza.arm7.elf, 6217.1.000056495a0cc000.000056495a1fa000.rw-.sdmp, yakuza.arm7.elf, 6219.1.000056495a0cc000.000056495a1fa000.rw-.sdmpBinary or memory string: ZIV!/etc/qemu-binfmt/arm
      Source: yakuza.arm7.elf, 6213.1.000056495a0cc000.000056495a1fa000.rw-.sdmp, yakuza.arm7.elf, 6217.1.000056495a0cc000.000056495a1fa000.rw-.sdmp, yakuza.arm7.elf, 6219.1.000056495a0cc000.000056495a1fa000.rw-.sdmpBinary or memory string: /etc/qemu-binfmt/arm
      Source: yakuza.arm7.elf, 6213.1.00007ffce1214000.00007ffce1235000.rw-.sdmp, yakuza.arm7.elf, 6217.1.00007ffce1214000.00007ffce1235000.rw-.sdmp, yakuza.arm7.elf, 6219.1.00007ffce1214000.00007ffce1235000.rw-.sdmpBinary or memory string: /usr/bin/qemu-arm
      Source: yakuza.arm7.elf, 6217.1.00007ffce1214000.00007ffce1235000.rw-.sdmp, yakuza.arm7.elf, 6219.1.00007ffce1214000.00007ffce1235000.rw-.sdmpBinary or memory string: qemu: uncaught target signal 11 (Segmentation fault) - core dumped

      Stealing of Sensitive Information

      barindex
      Yara detected Mirai
      Source: Yara matchFile source: yakuza.arm7.elf, type: SAMPLE
      Source: Yara matchFile source: 6217.1.00007fcd00017000.00007fcd00039000.r-x.sdmp, type: MEMORY
      Source: Yara matchFile source: 6219.1.00007fcd00017000.00007fcd00039000.r-x.sdmp, type: MEMORY
      Source: Yara matchFile source: 6213.1.00007fcd00017000.00007fcd00039000.r-x.sdmp, type: MEMORY
      Source: Initial sampleUser agent string found: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:48.0) Gecko/20100101 Firefox/48.0
      Source: Initial sampleUser agent string found: Mozilla/5.0 (Macintosh; U; Intel Mac OS X; en; rv:1.8.1.11) Gecko/20071128 Camino/1.5.4
      Source: Initial sampleUser agent string found: Mozilla/5.0 (Windows; U; Windows NT 6.1; rv:2.2) Gecko/20110201
      Source: Initial sampleUser agent string found: Mozilla/5.0 (Windows; U; Windows NT 6.1; cs; rv:1.9.2.6) Gecko/20100628 myibrow/4alpha2
      Source: Initial sampleUser agent string found: Mozilla/5.0 (Windows; U; Win 9x 4.90; SG; rv:1.9.2.4) Gecko/20101104 Netscape/9.1.0285
      Source: Initial sampleUser agent string found: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.2.0 Lightning/4.0.2
      Source: Initial sampleUser agent string found: Opera/9.80 (X11; Linux i686; Ubuntu/14.10) Presto/2.12.388 Version/12.16
      Source: Initial sampleUser agent string found: Opera/9.80 (Windows NT 5.1; U;) Presto/2.7.62 Version/11.01
      Source: Initial sampleUser agent string found: Mozilla/5.0 (X11; Linux x86_64; U; de; rv:1.9.1.6) Gecko/20091201 Firefox/3.5.6 Opera 10.62
      Source: Initial sampleUser agent string found: Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2228.0 Safari/537.36
      Source: Initial sampleUser agent string found: Mozilla/5.0 (Linux; Android 4.4.3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/50.0.2661.89 Mobile Safari/537.36
      Source: Initial sampleUser agent string found: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:5.0) Gecko/20110517 Firefox/5.0 Fennec/5.0
      Source: Initial sampleUser agent string found: Mozilla/5.0 (Android; Linux armv7l; rv:9.0) Gecko/20111216 Firefox/9.0 Fennec/9.0
      Source: Initial sampleUser agent string found: Mozilla/5.0 (compatible; Teleca Q7; Brew 3.1.5; U; en) 480X800 LGE VX11000

      Remote Access Functionality

      barindex
      Yara detected Mirai
      Source: Yara matchFile source: yakuza.arm7.elf, type: SAMPLE
      Source: Yara matchFile source: 6217.1.00007fcd00017000.00007fcd00039000.r-x.sdmp, type: MEMORY
      Source: Yara matchFile source: 6219.1.00007fcd00017000.00007fcd00039000.r-x.sdmp, type: MEMORY
      Source: Yara matchFile source: 6213.1.00007fcd00017000.00007fcd00039000.r-x.sdmp, type: MEMORY

      Mitre Att&ck Matrix

      ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
      Gather Victim Identity Information1
      Scripting      		Valid AccountsWindows Management Instrumentation1
      Scripting      		Path Interception1
      Masquerading      		1
      OS Credential Dumping      		11
      Security Software Discovery      		Remote ServicesData from Local System1
      Data Obfuscation      		Exfiltration Over Other Network MediumAbuse Accessibility Features
      CredentialsDomainsDefault AccountsScheduled Task/JobBoot or Logon Initialization ScriptsBoot or Logon Initialization Scripts1
      Disable or Modify Tools      		1
      Brute Force      		1
      File and Directory Discovery      		Remote Desktop ProtocolData from Removable Media1
      Encrypted Channel      		Exfiltration Over BluetoothNetwork Denial of Service
      Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)Logon Script (Windows)Obfuscated Files or InformationSecurity Account Manager1
      System Information Discovery      		SMB/Windows Admin SharesData from Network Shared Drive1
      Non-Application Layer Protocol      		Automated ExfiltrationData Encrypted for Impact
      Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin HookBinary PaddingNTDSSystem Network Configuration DiscoveryDistributed Component Object ModelInput Capture2
      Application Layer Protocol      		Traffic DuplicationData Destruction

      Malware Configuration

      No configs have been found

      Behavior Graph

      Hide Legend

      Legend:

      • Process
      • Signature
      • Created File
      • DNS/IP Info
      • Is Dropped
      • Number of created Files
      • Is malicious
      • Internet
      behaviorgraph top1 dnsIp2 2 Behavior Graph ID: 1581657 Sample: yakuza.arm7.elf Startdate: 28/12/2024 Architecture: LINUX Score: 64 39 109.202.202.202, 80 INIT7CH Switzerland 2->39 41 91.189.91.42, 443 CANONICAL-ASGB United Kingdom 2->41 43 2 other IPs or domains 2->43 45 Malicious sample detected (through community Yara rule) 2->45 47 Multi AV Scanner detection for submitted file 2->47 49 Yara detected Mirai 2->49 9 yakuza.arm7.elf 2->9         started        signatures3 process4 process5 11 yakuza.arm7.elf 9->11         started        process6 13 yakuza.arm7.elf sh 11->13         started        15 yakuza.arm7.elf sh 11->15         started        17 yakuza.arm7.elf sh 11->17         started        19 60 other processes 11->19 process7 21 sh pkill 13->21         started        23 sh busybox 13->23         started        25 sh pkill 15->25         started        27 sh busybox 15->27         started        29 sh pkill 17->29         started        31 sh busybox 17->31         started        33 sh pkill 19->33         started        35 sh busybox 19->35         started        37 114 other processes 19->37

      Antivirus, Machine Learning and Genetic Malware Detection

      Initial Sample

      SourceDetectionScannerLabelLink
      yakuza.arm7.elf45%ReversingLabsLinux.Backdoor.Tsunami

      Dropped Files

      No Antivirus matches

      Domains

      No Antivirus matches

      URLs

      No Antivirus matches

      Domains and IPs

      Contacted Domains

      NameIPActiveMaliciousAntivirus DetectionReputation
      pirati.privatedns.org
      		212.171.15.94
      		truefalse
        		unknown

        URLs from Memory and Binaries

        NameSourceMaliciousAntivirus DetectionReputation
        https://youtu.be/dQw4w9WgXcQyakuza.arm7.elffalse
          		high
          http://linux-it.abuser.eu/yak.sh;yakuza.arm7.elffalse
            		high
            https://youtu.be/dQw4w9WgXcQNeveryakuza.arm7.elffalse
              		high

              World Map of Contacted IPs

              • No. of IPs < 25%
              • 25% < No. of IPs < 50%
              • 50% < No. of IPs < 75%
              • 75% < No. of IPs

              Public IPs

              IPDomainCountryFlagASNASN NameMalicious
              109.202.202.202
              		unknownSwitzerland
              		13030INIT7CHfalse
              91.189.91.43
              		unknownUnited Kingdom
              		41231CANONICAL-ASGBfalse
              91.189.91.42
              		unknownUnited Kingdom
              		41231CANONICAL-ASGBfalse

              Joe Sandbox View / Context

              IPs

              MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
              109.202.202.202kpLwzBouH4.elfGet hashmaliciousUnknownBrowse
              • ch.archive.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_92.0%2bbuild3-0ubuntu0.20.04.1_amd64.deb
              91.189.91.43yakuza.ppc.elfGet hashmaliciousMiraiBrowse
                most-mips.elfGet hashmaliciousMiraiBrowse
                  most-mpsl.elfGet hashmaliciousMiraiBrowse
                    arm4.elfGet hashmaliciousGafgytBrowse
                      mpsl.elfGet hashmaliciousGafgytBrowse
                        boatnet.x86.elfGet hashmaliciousMiraiBrowse
                          CONSTANT_STRATEGY.elfGet hashmaliciousUnknownBrowse
                            boatnet.m68k.elfGet hashmaliciousMiraiBrowse
                              boatnet.spc.elfGet hashmaliciousMiraiBrowse
                                win.elfGet hashmaliciousUnknownBrowse
                                  91.189.91.42yakuza.ppc.elfGet hashmaliciousMiraiBrowse
                                    most-mips.elfGet hashmaliciousMiraiBrowse
                                      most-mpsl.elfGet hashmaliciousMiraiBrowse
                                        arm4.elfGet hashmaliciousGafgytBrowse
                                          mpsl.elfGet hashmaliciousGafgytBrowse
                                            boatnet.x86.elfGet hashmaliciousMiraiBrowse
                                              CONSTANT_STRATEGY.elfGet hashmaliciousUnknownBrowse
                                                boatnet.m68k.elfGet hashmaliciousMiraiBrowse
                                                  boatnet.spc.elfGet hashmaliciousMiraiBrowse
                                                    win.elfGet hashmaliciousUnknownBrowse

                                                      Domains

                                                      MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                      pirati.privatedns.orgyakuza.ppc.elfGet hashmaliciousMiraiBrowse
                                                      • 212.171.15.94

                                                      ASNs

                                                      MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                      CANONICAL-ASGByakuza.ppc.elfGet hashmaliciousMiraiBrowse
                                                      • 91.189.91.42
                                                      most-mips.elfGet hashmaliciousMiraiBrowse
                                                      • 91.189.91.42
                                                      most-mpsl.elfGet hashmaliciousMiraiBrowse
                                                      • 91.189.91.42
                                                      arm4.elfGet hashmaliciousGafgytBrowse
                                                      • 91.189.91.42
                                                      x86_64.elfGet hashmaliciousGafgytBrowse
                                                      • 185.125.190.26
                                                      mpsl.elfGet hashmaliciousGafgytBrowse
                                                      • 91.189.91.42
                                                      boatnet.x86.elfGet hashmaliciousMiraiBrowse
                                                      • 91.189.91.42
                                                      CONSTANT_STRATEGY.elfGet hashmaliciousUnknownBrowse
                                                      • 91.189.91.42
                                                      boatnet.m68k.elfGet hashmaliciousMiraiBrowse
                                                      • 91.189.91.42
                                                      boatnet.spc.elfGet hashmaliciousMiraiBrowse
                                                      • 91.189.91.42
                                                      CANONICAL-ASGByakuza.ppc.elfGet hashmaliciousMiraiBrowse
                                                      • 91.189.91.42
                                                      most-mips.elfGet hashmaliciousMiraiBrowse
                                                      • 91.189.91.42
                                                      most-mpsl.elfGet hashmaliciousMiraiBrowse
                                                      • 91.189.91.42
                                                      arm4.elfGet hashmaliciousGafgytBrowse
                                                      • 91.189.91.42
                                                      x86_64.elfGet hashmaliciousGafgytBrowse
                                                      • 185.125.190.26
                                                      mpsl.elfGet hashmaliciousGafgytBrowse
                                                      • 91.189.91.42
                                                      boatnet.x86.elfGet hashmaliciousMiraiBrowse
                                                      • 91.189.91.42
                                                      CONSTANT_STRATEGY.elfGet hashmaliciousUnknownBrowse
                                                      • 91.189.91.42
                                                      boatnet.m68k.elfGet hashmaliciousMiraiBrowse
                                                      • 91.189.91.42
                                                      boatnet.spc.elfGet hashmaliciousMiraiBrowse
                                                      • 91.189.91.42
                                                      INIT7CHyakuza.ppc.elfGet hashmaliciousMiraiBrowse
                                                      • 109.202.202.202
                                                      most-mips.elfGet hashmaliciousMiraiBrowse
                                                      • 109.202.202.202
                                                      most-mpsl.elfGet hashmaliciousMiraiBrowse
                                                      • 109.202.202.202
                                                      arm4.elfGet hashmaliciousGafgytBrowse
                                                      • 109.202.202.202
                                                      mpsl.elfGet hashmaliciousGafgytBrowse
                                                      • 109.202.202.202
                                                      boatnet.x86.elfGet hashmaliciousMiraiBrowse
                                                      • 109.202.202.202
                                                      CONSTANT_STRATEGY.elfGet hashmaliciousUnknownBrowse
                                                      • 109.202.202.202
                                                      boatnet.m68k.elfGet hashmaliciousMiraiBrowse
                                                      • 109.202.202.202
                                                      boatnet.spc.elfGet hashmaliciousMiraiBrowse
                                                      • 109.202.202.202
                                                      win.elfGet hashmaliciousUnknownBrowse
                                                      • 109.202.202.202

                                                      JA3 Fingerprints

                                                      No context

                                                      Dropped Files

                                                      No context

                                                      Created / dropped Files

                                                      No created / dropped files found

                                                      Static File Info

                                                      General

                                                      File type:ELF 32-bit LSB executable, ARM, EABI4 version 1 (SYSV), statically linked, with debug_info, not stripped
                                                      Entropy (8bit):6.043047624064081
                                                      TrID:
                                                      • ELF Executable and Linkable format (generic) (4004/1) 100.00%
                                                      File name:yakuza.arm7.elf
                                                      File size:211'921 bytes
                                                      MD5:f52c46728980b545ba0d77ab4f760ec5
                                                      SHA1:5a9d5d78fb73d7b3e44519eeae184ef70a1c9f8a
                                                      SHA256:8548da81d8ab3ba337cd246c5642dcbbf05aa606d75d5a520b2a0bca4922a1c1
                                                      SHA512:ed88c712361d009f36dbb6cf36db334459f2da0ff57a136ccc3a3fb28d91282518106026980e904204f5e2e30a893f3a9eea02871f66e5b5110752496d95d6ad
                                                      SSDEEP:6144:rwoECa4BB/YYUwMJjYMr7rSiADt+M/9/mr2nBPNg2:rzECa4nYYUwMJU07eisP/lmr2nBPNg2
                                                      TLSH:56243B09EA509767C1E32BFBF79B828A33234754A7D7331949285BF43BC2B9D4E26105
                                                      File Content Preview:.ELF..............(.........4...........4. ...(........p............ ... ...........................................................................................................Q.td..................................-...L..................G.F.G.F.G.F.G.

                                                      Static ELF Info

                                                      ELF header

                                                      Class:ELF32
                                                      Data:2's complement, little endian
                                                      Version:1 (current)
                                                      Machine:ARM
                                                      Version Number:0x1
                                                      Type:EXEC (Executable file)
                                                      OS/ABI:UNIX - System V
                                                      ABI Version:0
                                                      Entry Point Address:0x81d0
                                                      Flags:0x4000002
                                                      ELF Header Size:52
                                                      Program Header Offset:52
                                                      Program Header Size:32
                                                      Number of Program Headers:5
                                                      Section Header Offset:168652
                                                      Section Header Size:40
                                                      Number of Section Headers:30
                                                      Header String Table Index:27

                                                      Sections

                                                      NameTypeAddressOffsetSizeEntSizeFlagsFlags DescriptionLinkInfoAlign
                                                      NULL0x00x00x00x00x0000
                                                      .initPROGBITS0x80d40xd40x100x00x6AX004
                                                      .textPROGBITS0x80f00xf00x1c2b40x00x6AX0016
                                                      .finiPROGBITS0x243a40x1c3a40x100x00x6AX004
                                                      .rodataPROGBITS0x243b80x1c3b80x560c0x00x2A008
                                                      .ARM.extabPROGBITS0x299c40x219c40x180x00x2A004
                                                      .ARM.exidxARM_EXIDX0x299dc0x219dc0x1200x00x82AL204
                                                      .eh_framePROGBITS0x31afc0x21afc0x40x00x3WA004
                                                      .tbssNOBITS0x31b000x21b000x80x00x403WAT004
                                                      .init_arrayINIT_ARRAY0x31b000x21b000x40x00x3WA004
                                                      .fini_arrayFINI_ARRAY0x31b040x21b040x40x00x3WA004
                                                      .jcrPROGBITS0x31b080x21b080x40x00x3WA004
                                                      .data.rel.roPROGBITS0x31b0c0x21b0c0x180x00x3WA004
                                                      .gotPROGBITS0x31b240x21b240xb80x40x3WA004
                                                      .dataPROGBITS0x31bdc0x21bdc0xc240x00x3WA004
                                                      .bssNOBITS0x328000x228000x85f40x00x3WA004
                                                      .commentPROGBITS0x00x228000xe380x00x0001
                                                      .debug_arangesPROGBITS0x00x236380x1400x00x0008
                                                      .debug_pubnamesPROGBITS0x00x237780x2130x00x0001
                                                      .debug_infoPROGBITS0x00x2398b0x20430x00x0001
                                                      .debug_abbrevPROGBITS0x00x259ce0x6e20x00x0001
                                                      .debug_linePROGBITS0x00x260b00xe760x00x0001
                                                      .debug_framePROGBITS0x00x26f280x2b80x00x0004
                                                      .debug_strPROGBITS0x00x271e00x8ca0x10x30MS001
                                                      .debug_locPROGBITS0x00x27aaa0x118f0x00x0001
                                                      .debug_rangesPROGBITS0x00x28c390x5580x00x0001
                                                      .ARM.attributesARM_ATTRIBUTES0x00x291910x160x00x0001
                                                      .shstrtabSTRTAB0x00x291a70x1240x00x0001
                                                      .symtabSYMTAB0x00x2977c0x6e400x100x0299864
                                                      .strtabSTRTAB0x00x305bc0x36150x00x0001

                                                      Program Segments

                                                      TypeOffsetVirtual AddressPhysical AddressFile SizeMemory SizeEntropyFlagsFlags DescriptionAlignProg InterpreterSection Mappings
                                                      EXIDX0x219dc0x299dc0x299dc0x1200x1204.51310x4R 0x4.ARM.exidx
                                                      LOAD0x00x80000x80000x21afc0x21afc6.19790x5R E0x8000.init .text .fini .rodata .ARM.extab .ARM.exidx
                                                      LOAD0x21afc0x31afc0x31afc0xd040x92f84.55560x6RW 0x8000.eh_frame .tbss .init_array .fini_array .jcr .data.rel.ro .got .data .bss
                                                      TLS0x21b000x31b000x31b000x00x80.00000x4R 0x4.tbss
                                                      GNU_STACK0x00x00x00x00x00.00000x7RWE0x4

                                                      Symbols

                                                      NameVersion Info NameVersion Info File NameSection NameValueSizeSymbol TypeSymbol BindSymbol VisibilityNdx
                                                      .symtab0x00NOTYPE<unknown>DEFAULTSHN_UNDEF
                                                      .symtab0x80d40SECTION<unknown>DEFAULT1
                                                      .symtab0x80f00SECTION<unknown>DEFAULT2
                                                      .symtab0x243a40SECTION<unknown>DEFAULT3
                                                      .symtab0x243b80SECTION<unknown>DEFAULT4
                                                      .symtab0x299c40SECTION<unknown>DEFAULT5
                                                      .symtab0x299dc0SECTION<unknown>DEFAULT6
                                                      .symtab0x31afc0SECTION<unknown>DEFAULT7
                                                      .symtab0x31b000SECTION<unknown>DEFAULT8
                                                      .symtab0x31b000SECTION<unknown>DEFAULT9
                                                      .symtab0x31b040SECTION<unknown>DEFAULT10
                                                      .symtab0x31b080SECTION<unknown>DEFAULT11
                                                      .symtab0x31b0c0SECTION<unknown>DEFAULT12
                                                      .symtab0x31b240SECTION<unknown>DEFAULT13
                                                      .symtab0x31bdc0SECTION<unknown>DEFAULT14
                                                      .symtab0x328000SECTION<unknown>DEFAULT15
                                                      .symtab0x00SECTION<unknown>DEFAULT16
                                                      .symtab0x00SECTION<unknown>DEFAULT17
                                                      .symtab0x00SECTION<unknown>DEFAULT18
                                                      .symtab0x00SECTION<unknown>DEFAULT19
                                                      .symtab0x00SECTION<unknown>DEFAULT20
                                                      .symtab0x00SECTION<unknown>DEFAULT21
                                                      .symtab0x00SECTION<unknown>DEFAULT22
                                                      .symtab0x00SECTION<unknown>DEFAULT23
                                                      .symtab0x00SECTION<unknown>DEFAULT24
                                                      .symtab0x00SECTION<unknown>DEFAULT25
                                                      .symtab0x00SECTION<unknown>DEFAULT26
                                                      $a.symtab0x80d40NOTYPE<unknown>DEFAULT1
                                                      $a.symtab0x243a40NOTYPE<unknown>DEFAULT3
                                                      $a.symtab0x80e00NOTYPE<unknown>DEFAULT1
                                                      $a.symtab0x243b00NOTYPE<unknown>DEFAULT3
                                                      $a.symtab0x812c0NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x81700NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x81d00NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x820c0NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x82300NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x85340NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x86a40NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x88400NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x8c100NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x8e680NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x945c0NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x95980NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x95d80NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x96980NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x97980NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x98d80NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x99f80NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x9abc0NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x9b940NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x9cd80NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x9fa40NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0xa0700NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0xa3c80NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0xa4f40NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0xa8740NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0xaba80NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0xacf80NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0xb3200NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0xb9b40NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0xbaf00NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0xc3740NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0xc6840NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0xce5c0NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0xd3bc0NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0xd6600NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0xd6980NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0xd8e00NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0xdca00NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0xf39c0NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0xf49c0NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0xf64c0NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0xf6ec0NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0xf7280NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0xf7bc0NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0xfb4c0NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0xfc840NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0xfd180NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0xfd680NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0xfe2c0NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0xfe700NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0xff840NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x101540NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x10df00NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x10e980NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x10ed40NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x10f5c0NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x1106c0NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x113c00NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x114940NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x120040NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x121180NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x1225c0NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x122700NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x123080NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x123fc0NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x124340NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x125340NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x125600NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x125880NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x1259c0NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x125d40NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x126b40NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x126ec0NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x1272c0NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x127a00NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x127e40NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x128680NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x128a80NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x128d80NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x129200NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x1299c0NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x129cc0NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x129ec0NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x12d1c0NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x12d3c0NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x12db00NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x12f040NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x12f280NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x12f580NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x12f880NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x12fbc0NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x130440NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x131140NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x132640NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x135340NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x139940NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x13a140NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x13b780NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x13ba80NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x13cec0NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x144b80NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x145580NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x1459c0NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x1474c0NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x147a00NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x14d100NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x14e140NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x14f300NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x150840NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x151a00NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x154500NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x157fc0NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x1589c0NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x159a40NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x159dc0NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x15aa00NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x15ab00NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x15ac00NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x15b600NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x15b800NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x15be00NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x15c040NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x15d140NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x15dd00NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x15e9c0NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x15eb40NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x15fc00NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x1602c0NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x160b00NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x160e40NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x161140NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x161380NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x161b40NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x162140NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x16e800NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x171ac0NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x174a40NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x175f40NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x178900NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x179380NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x179600NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x17c4c0NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x17f200NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x17f640NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x17fd80NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x1801c0NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x180600NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x180d40NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x1811c0NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x1815c0NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x181a00NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x182100NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x182540NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x182c40NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x183100NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x183980NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x183e00NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x184240NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x18dd40NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x191940NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x196340NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x196740NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x1979c0NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x197b40NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x198580NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x199100NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x199d00NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x19a740NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x19b040NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x19bdc0NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x19cd40NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x19dc00NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x19de00NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x19dfc0NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x19e180NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x19ff00NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x1a0b40NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x1a1600NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x1a2ac0NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x1a8d00NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x1a9200NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x1a9900NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x1ad5c0NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x1adf40NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x1ae580NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x1afe00NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x1b0280NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x1b1180NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x1b2540NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x1b2ac0NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x1b2b40NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x1b2e40NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x1b33c0NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x1b3440NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x1b3740NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x1b3cc0NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x1b3d40NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x1b4000NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x1b4880NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x1b5640NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x1b6240NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x1b6780NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x1b6d00NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x1babc0NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x1bc100NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x1c15c0NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x1c1e00NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x1c25c0NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x1c2880NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x1c3100NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x1c3180NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x1c3240NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x1c3300NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x1c3400NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x1c3800NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x1c3e80NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x1c4280NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x1c4680NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x1c47c0NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x1c4900NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x1c4a40NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x1c4e40NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x1c4f80NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x1c53c0NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x1c57c0NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x1c5bc0NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x1c61c0NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x1c65c0NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x1c6c80NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x1c7540NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x1c78c0NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x1c89c0NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x1c96c0NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x1ca300NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x1cae00NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x1cbcc0NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x1cf700NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x1cfc40NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x1cfe80NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x1d0a40NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x1d0e00NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x1d1bc0NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x1d2fc0NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x1d3d80NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x1d44c0NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x1d4780NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x1d5d40NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x1ddc80NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x1df0c0NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x1e0400NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x1e4d00NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x1e5c00NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x1e5e40NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x1e6c40NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x1e7b40NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x1e8a00NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x1e8e40NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x1e9340NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x1e9800NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x1e9f80NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x1ea380NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x1ea840NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x1eb400NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x1ec0c0NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x1ed900NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x1eea40NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x1ef080NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x1f0500NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x1f0b40NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x1f1000NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x1f1ac0NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x1f2240NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x1f4bc0NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x1f5040NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x1f6980NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x1f9fc0NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x1faf40NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x1fbec0NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x203fc0NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x204500NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x204a80NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x209040NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x2099c0NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x20a340NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x20a800NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x20dc40NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x20e080NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x20e4c0NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x20ec00NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x20ef80NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x210380NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x210b00NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x211180NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x2136c0NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x213780NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x213b00NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x214080NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x214600NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x2146c0NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x214d00NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x215540NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x215b80NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x215f80NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x217700NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x218b80NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x218dc0NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x21a9c0NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x21af40NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x21bbc0NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x21bec0NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x21c900NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x21cd00NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x21ce00NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x21d900NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x21dd00NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x21ebc0NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x21f700NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x21fd00NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x220000NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x222180NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x222640NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x222bc0NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x222c40NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x222f00NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x223600NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x2240c0NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x228280NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x22cc40NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x22e040NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x22e580NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x22ea40NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x22ef00NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x22ef80NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x22efc0NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x22f280NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x22f340NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x22f400NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x231600NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x232b00NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x232cc0NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x2332c0NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x233980NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x234500NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x234700NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x235b40NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x23afc0NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x23b040NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x23b0c0NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x23b140NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x23bd00NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x23c140NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x243280NOTYPE<unknown>DEFAULT2
                                                      $a.symtab0x243700NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x81640NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x31b040NOTYPE<unknown>DEFAULT10
                                                      $d.symtab0x81bc0NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x31b000NOTYPE<unknown>DEFAULT9
                                                      $d.symtab0x31be00NOTYPE<unknown>DEFAULT14
                                                      $d.symtab0x82000NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x31be40NOTYPE<unknown>DEFAULT14
                                                      $d.symtab0x822c0NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x85300NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x86900NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x883c0NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x8c080NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x8e640NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x944c0NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x95840NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x95d40NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x96880NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x978c0NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x98b40NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x99d40NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x9ab00NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x9b8c0NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x9ccc0NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x262850NOTYPE<unknown>DEFAULT4
                                                      $d.symtab0x9f900NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0xa06c0NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0xa3b80NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0xa4ec0NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0xa8600NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0xab940NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0xacf00NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0xb3180NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0xb9ac0NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0xbaec0NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0xc35c0NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0xc6780NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0xce580NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0xd3b40NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0xd65c0NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0xd6940NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0xd8dc0NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0xdc800NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0xf3540NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0xf4980NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0xf61c0NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0xf6e40NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0xf71c0NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0xf7b00NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0xfad40NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0xfc780NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0xfd0c0NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0xfd640NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0xfe280NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0xfe6c0NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0xff7c0NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x101380NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x10d900NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x10e7c0NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x10ed00NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x10f580NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x110680NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x113ac0NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x114900NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x11f940NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x00NOTYPE<unknown>DEFAULT22
                                                      $d.symtab0x200NOTYPE<unknown>DEFAULT22
                                                      $d.symtab0x260NOTYPE<unknown>DEFAULT22
                                                      $d.symtab0x2c0NOTYPE<unknown>DEFAULT22
                                                      $d.symtab0x4c0NOTYPE<unknown>DEFAULT22
                                                      $d.symtab0x530NOTYPE<unknown>DEFAULT22
                                                      $d.symtab0x123000NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x123ec0NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x124300NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x1252c0NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x125800NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x125d00NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x126a40NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x126e80NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x127280NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x127980NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x127e00NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x128600NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x128a40NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x1291c0NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x129940NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x129c40NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x325d80NOTYPE<unknown>DEFAULT14
                                                      $d.symtab0x282240NOTYPE<unknown>DEFAULT4
                                                      $d.symtab0x129e80NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x12d0c0NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x12da00NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x12efc0NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x1310c0NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x132400NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x135080NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x139600NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x13a040NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x13b5c0NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x325e40NOTYPE<unknown>DEFAULT14
                                                      $d.symtab0x325e00NOTYPE<unknown>DEFAULT14
                                                      $d.symtab0x144940NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x285980NOTYPE<unknown>DEFAULT4
                                                      $d.symtab0x147480NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x147940NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x14ce00NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x326c80NOTYPE<unknown>DEFAULT14
                                                      $d.symtab0x285a00NOTYPE<unknown>DEFAULT4
                                                      $d.symtab0x154340NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x157e40NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x15a940NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x15e940NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x15fb00NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x286240NOTYPE<unknown>DEFAULT4
                                                      $d.symtab0x160240NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x160a80NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x1610c0NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x161b00NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x16e4c0NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x171980NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x31b0c0NOTYPE<unknown>DEFAULT12
                                                      $d.symtab0x291900NOTYPE<unknown>DEFAULT4
                                                      $d.symtab0x174940NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x175f00NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x1787c0NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x291dc0NOTYPE<unknown>DEFAULT4
                                                      $d.symtab0x179300NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x17c3c0NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x17f0c0NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x17f5c0NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x17fd00NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x180140NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x180580NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x180cc0NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x181140NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x181580NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x181980NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x182080NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x1824c0NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x182bc0NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x183080NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x183900NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x183d80NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x1841c0NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x18db00NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x326cc0NOTYPE<unknown>DEFAULT14
                                                      $d.symtab0x191740NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x196180NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x1966c0NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x197880NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x326e40NOTYPE<unknown>DEFAULT14
                                                      $d.symtab0x1983c0NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x198f40NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x199b40NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x19a580NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x326fc0NOTYPE<unknown>DEFAULT14
                                                      $d.symtab0x327940NOTYPE<unknown>DEFAULT14
                                                      $d.symtab0x19b000NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x19bd00NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x19cc40NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x19db40NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x2921c0NOTYPE<unknown>DEFAULT4
                                                      $d.symtab0x19fe00NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x1a0940NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x327a80NOTYPE<unknown>DEFAULT14
                                                      $d.symtab0x1a1580NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x1a2880NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x1a8a40NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x1a91c0NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x1ad340NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x1ae500NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x1afd00NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x1b10c0NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x1b2380NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x1b2500NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x1b2e00NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x1b3700NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x1b55c0NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x1b6100NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x1b6700NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x1b6c40NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x1ba700NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x327c00NOTYPE<unknown>DEFAULT14
                                                      $d.symtab0x1bbf80NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x1c1180NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x1c1d40NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x1c2540NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x1c2840NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x1c3040NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x1c37c0NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x1c3e00NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x1c4240NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x1c4640NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x1c4e00NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x1c5380NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x1c5780NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x1c5b80NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x1c6140NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x1c6580NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x1c6c00NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x1c7500NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x1c7880NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x327cc0NOTYPE<unknown>DEFAULT14
                                                      $d.symtab0x292b80NOTYPE<unknown>DEFAULT4
                                                      $d.symtab0x327d40NOTYPE<unknown>DEFAULT14
                                                      $d.symtab0x295b80NOTYPE<unknown>DEFAULT4
                                                      $d.symtab0x1c8800NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x1c9640NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x1ca240NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x1cad80NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x298b80NOTYPE<unknown>DEFAULT4
                                                      $d.symtab0x1cbb80NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x1cf680NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x1d0a00NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x1d1b80NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x1d3d40NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x1dda80NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x298e80NOTYPE<unknown>DEFAULT4
                                                      $d.symtab0x1e0300NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x1e5b80NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x1e6bc0NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x1e7ac0NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x1e8980NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x1ea7c0NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x1eb200NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x1ebe80NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x1ed640NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x1ee880NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x1eefc0NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x1f0340NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x1f0a80NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x1f0f40NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x327dc0NOTYPE<unknown>DEFAULT14
                                                      $d.symtab0x1f1a00NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x1f2200NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x1f4b80NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x1f4fc0NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x1f6900NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x1f9e40NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x327f40NOTYPE<unknown>DEFAULT14
                                                      $d.symtab0x1faec0NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x203b40NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x327f80NOTYPE<unknown>DEFAULT14
                                                      $d.symtab0x204480NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x204a00NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x208bc0NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x327fa0NOTYPE<unknown>DEFAULT14
                                                      $d.symtab0x299940NOTYPE<unknown>DEFAULT4
                                                      $d.symtab0x209840NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x20dac0NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x20e000NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x20e440NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x20eb80NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x2101c0NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x210980NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x211080NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x213440NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x213a40NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x327fc0NOTYPE<unknown>DEFAULT14
                                                      $d.symtab0x214540NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x214cc0NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x215500NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x215b40NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x215f40NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x218b00NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x21a980NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x21bb80NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x21c8c0NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x21d880NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x21ff80NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x222080NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x222600NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x2235c0NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x231440NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x23aec0NOTYPE<unknown>DEFAULT2
                                                      $d.symtab0x580NOTYPE<unknown>DEFAULT22
                                                      $d.symtab0x00NOTYPE<unknown>DEFAULT24
                                                      $d.symtab0x23c0NOTYPE<unknown>DEFAULT22
                                                      $d.symtab0xe390NOTYPE<unknown>DEFAULT24
                                                      $t.symtab0x80f00NOTYPE<unknown>DEFAULT2
                                                      C.11.5548.symtab0x2928c12OBJECT<unknown>DEFAULT4
                                                      C.5.5083.symtab0x298b824OBJECT<unknown>DEFAULT4
                                                      C.7.5370.symtab0x2929812OBJECT<unknown>DEFAULT4
                                                      C.7.6078.symtab0x2853012OBJECT<unknown>DEFAULT4
                                                      C.7.6109.symtab0x2857012OBJECT<unknown>DEFAULT4
                                                      C.7.6182.symtab0x2854c12OBJECT<unknown>DEFAULT4
                                                      C.72.5941.symtab0x2628536OBJECT<unknown>DEFAULT4
                                                      C.8.6110.symtab0x2856412OBJECT<unknown>DEFAULT4
                                                      C.9.6119.symtab0x2855812OBJECT<unknown>DEFAULT4
                                                      C.90.6159.symtab0x26900312OBJECT<unknown>DEFAULT4
                                                      C.96.6253.symtab0x26aac12OBJECT<unknown>DEFAULT4
                                                      ClearHistory.symtab0xf6ec60FUNC<unknown>DEFAULT2
                                                      HTTP.symtab0xaba8336FUNC<unknown>DEFAULT2
                                                      Laligned.symtab0x15ba80NOTYPE<unknown>DEFAULT2
                                                      Llastword.symtab0x15bc40NOTYPE<unknown>DEFAULT2
                                                      Q.symtab0x32c3816384OBJECT<unknown>DEFAULT15
                                                      Send.symtab0x84cc104FUNC<unknown>DEFAULT2
                                                      UserAgents.symtab0x31f0c144OBJECT<unknown>DEFAULT14
                                                      _352.symtab0x10ed440FUNC<unknown>DEFAULT2
                                                      _376.symtab0x10df0168FUNC<unknown>DEFAULT2
                                                      _433.symtab0x10efc96FUNC<unknown>DEFAULT2
                                                      _Exit.symtab0x1c380104FUNC<unknown>DEFAULT2
                                                      _GLOBAL_OFFSET_TABLE_.symtab0x31b240OBJECT<unknown>HIDDEN13
                                                      _Jv_RegisterClasses.symtab0x00NOTYPE<unknown>DEFAULTSHN_UNDEF
                                                      _NICK.symtab0x10f5c272FUNC<unknown>DEFAULT2
                                                      _PING.symtab0x10e9860FUNC<unknown>DEFAULT2
                                                      _PRIVMSG.symtab0x101543228FUNC<unknown>DEFAULT2
                                                      _READ.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                                                      _Unwind_Complete.symtab0x22ef84FUNC<unknown>HIDDEN2
                                                      _Unwind_DeleteException.symtab0x22efc44FUNC<unknown>HIDDEN2
                                                      _Unwind_ForcedUnwind.symtab0x23bac36FUNC<unknown>HIDDEN2
                                                      _Unwind_GetCFA.symtab0x22ef08FUNC<unknown>HIDDEN2
                                                      _Unwind_GetDataRelBase.symtab0x22f3412FUNC<unknown>HIDDEN2
                                                      _Unwind_GetLanguageSpecificData.symtab0x23bd068FUNC<unknown>HIDDEN2
                                                      _Unwind_GetRegionStart.symtab0x2437052FUNC<unknown>HIDDEN2
                                                      _Unwind_GetTextRelBase.symtab0x22f2812FUNC<unknown>HIDDEN2
                                                      _Unwind_RaiseException.symtab0x23b4036FUNC<unknown>HIDDEN2
                                                      _Unwind_Resume.symtab0x23b6436FUNC<unknown>HIDDEN2
                                                      _Unwind_Resume_or_Rethrow.symtab0x23b8836FUNC<unknown>HIDDEN2
                                                      _Unwind_VRS_Get.symtab0x22e5876FUNC<unknown>HIDDEN2
                                                      _Unwind_VRS_Pop.symtab0x23470324FUNC<unknown>HIDDEN2
                                                      _Unwind_VRS_Set.symtab0x22ea476FUNC<unknown>HIDDEN2
                                                      _WRITE.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                                                      __C_ctype_b.symtab0x327cc4OBJECT<unknown>DEFAULT14
                                                      __C_ctype_b.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                                                      __C_ctype_b_data.symtab0x292b8768OBJECT<unknown>DEFAULT4
                                                      __C_ctype_tolower.symtab0x327d44OBJECT<unknown>DEFAULT14
                                                      __C_ctype_tolower.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                                                      __C_ctype_tolower_data.symtab0x295b8768OBJECT<unknown>DEFAULT4
                                                      __C_ctype_toupper.symtab0x325d84OBJECT<unknown>DEFAULT14
                                                      __C_ctype_toupper.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                                                      __C_ctype_toupper_data.symtab0x28224768OBJECT<unknown>DEFAULT4
                                                      __EH_FRAME_BEGIN__.symtab0x31afc0OBJECT<unknown>DEFAULT7
                                                      __FRAME_END__.symtab0x31afc0OBJECT<unknown>DEFAULT7
                                                      __GI___C_ctype_b.symtab0x327cc4OBJECT<unknown>HIDDEN14
                                                      __GI___C_ctype_tolower.symtab0x327d44OBJECT<unknown>HIDDEN14
                                                      __GI___C_ctype_toupper.symtab0x325d84OBJECT<unknown>HIDDEN14
                                                      __GI___close.symtab0x1b270100FUNC<unknown>HIDDEN2
                                                      __GI___close_nocancel.symtab0x1b25424FUNC<unknown>HIDDEN2
                                                      __GI___ctype_b.symtab0x327d04OBJECT<unknown>HIDDEN14
                                                      __GI___ctype_tolower.symtab0x327d84OBJECT<unknown>HIDDEN14
                                                      __GI___ctype_toupper.symtab0x325dc4OBJECT<unknown>HIDDEN14
                                                      __GI___errno_location.symtab0x129cc32FUNC<unknown>HIDDEN2
                                                      __GI___fcntl_nocancel.symtab0x12270152FUNC<unknown>HIDDEN2
                                                      __GI___fgetc_unlocked.symtab0x1df0c300FUNC<unknown>HIDDEN2
                                                      __GI___fputc_unlocked.symtab0x1589c264FUNC<unknown>HIDDEN2
                                                      __GI___glibc_strerror_r.symtab0x15e9c24FUNC<unknown>HIDDEN2
                                                      __GI___libc_close.symtab0x1b270100FUNC<unknown>HIDDEN2
                                                      __GI___libc_fcntl.symtab0x12308244FUNC<unknown>HIDDEN2
                                                      __GI___libc_open.symtab0x1b300100FUNC<unknown>HIDDEN2
                                                      __GI___libc_read.symtab0x22280100FUNC<unknown>HIDDEN2
                                                      __GI___libc_write.symtab0x1b390100FUNC<unknown>HIDDEN2
                                                      __GI___open.symtab0x1b300100FUNC<unknown>HIDDEN2
                                                      __GI___open_nocancel.symtab0x1b2e424FUNC<unknown>HIDDEN2
                                                      __GI___read.symtab0x22280100FUNC<unknown>HIDDEN2
                                                      __GI___read_nocancel.symtab0x2226424FUNC<unknown>HIDDEN2
                                                      __GI___register_atfork.symtab0x1ae58392FUNC<unknown>HIDDEN2
                                                      __GI___uClibc_fini.symtab0x1b5a8124FUNC<unknown>HIDDEN2
                                                      __GI___uClibc_init.symtab0x1b67888FUNC<unknown>HIDDEN2
                                                      __GI___write.symtab0x1b390100FUNC<unknown>HIDDEN2
                                                      __GI___write_nocancel.symtab0x1b37424FUNC<unknown>HIDDEN2
                                                      __GI___xpg_strerror_r.symtab0x15eb4268FUNC<unknown>HIDDEN2
                                                      __GI__exit.symtab0x1c380104FUNC<unknown>HIDDEN2
                                                      __GI_abort.symtab0x19674296FUNC<unknown>HIDDEN2
                                                      __GI_accept.symtab0x17f64116FUNC<unknown>HIDDEN2
                                                      __GI_asprintf.symtab0x12f5848FUNC<unknown>HIDDEN2
                                                      __GI_atoi.symtab0x19dc032FUNC<unknown>HIDDEN2
                                                      __GI_bind.symtab0x17fd868FUNC<unknown>HIDDEN2
                                                      __GI_brk.symtab0x2140888FUNC<unknown>HIDDEN2
                                                      __GI_chdir.symtab0x123fc56FUNC<unknown>HIDDEN2
                                                      __GI_close.symtab0x1b270100FUNC<unknown>HIDDEN2
                                                      __GI_closedir.symtab0x1c78c272FUNC<unknown>HIDDEN2
                                                      __GI_config_close.symtab0x1cef452FUNC<unknown>HIDDEN2
                                                      __GI_config_open.symtab0x1cf2872FUNC<unknown>HIDDEN2
                                                      __GI_config_read.symtab0x1cbcc808FUNC<unknown>HIDDEN2
                                                      __GI_connect.symtab0x18060116FUNC<unknown>HIDDEN2
                                                      __GI_dup2.symtab0x1c3e864FUNC<unknown>HIDDEN2
                                                      __GI_endservent.symtab0x1ea84188FUNC<unknown>HIDDEN2
                                                      __GI_execl.symtab0x1a0b4172FUNC<unknown>HIDDEN2
                                                      __GI_execve.symtab0x1c42864FUNC<unknown>HIDDEN2
                                                      __GI_exit.symtab0x19ff0196FUNC<unknown>HIDDEN2
                                                      __GI_fclose.symtab0x129ec816FUNC<unknown>HIDDEN2
                                                      __GI_fcntl.symtab0x12308244FUNC<unknown>HIDDEN2
                                                      __GI_fdopen.symtab0x1d0a460FUNC<unknown>HIDDEN2
                                                      __GI_fflush_unlocked.symtab0x15450940FUNC<unknown>HIDDEN2
                                                      __GI_fgetc.symtab0x1ddc8324FUNC<unknown>HIDDEN2
                                                      __GI_fgetc_unlocked.symtab0x1df0c300FUNC<unknown>HIDDEN2
                                                      __GI_fgets.symtab0x14e14284FUNC<unknown>HIDDEN2
                                                      __GI_fgets_unlocked.symtab0x157fc160FUNC<unknown>HIDDEN2
                                                      __GI_fopen.symtab0x12d1c32FUNC<unknown>HIDDEN2
                                                      __GI_fork.symtab0x1a990972FUNC<unknown>HIDDEN2
                                                      __GI_fprintf.symtab0x12f2848FUNC<unknown>HIDDEN2
                                                      __GI_fputc.symtab0x14f30340FUNC<unknown>HIDDEN2
                                                      __GI_fputc_unlocked.symtab0x1589c264FUNC<unknown>HIDDEN2
                                                      __GI_fputs.symtab0x15084284FUNC<unknown>HIDDEN2
                                                      __GI_fputs_unlocked.symtab0x159a456FUNC<unknown>HIDDEN2
                                                      __GI_freeaddrinfo.symtab0x16e8036FUNC<unknown>HIDDEN2
                                                      __GI_fseek.symtab0x218b836FUNC<unknown>HIDDEN2
                                                      __GI_fseeko64.symtab0x218dc448FUNC<unknown>HIDDEN2
                                                      __GI_fstat.symtab0x2146c100FUNC<unknown>HIDDEN2
                                                      __GI_fwrite_unlocked.symtab0x159dc188FUNC<unknown>HIDDEN2
                                                      __GI_getaddrinfo.symtab0x16ea4776FUNC<unknown>HIDDEN2
                                                      __GI_getc_unlocked.symtab0x1df0c300FUNC<unknown>HIDDEN2
                                                      __GI_getcwd.symtab0x12434256FUNC<unknown>HIDDEN2
                                                      __GI_getdtablesize.symtab0x1253444FUNC<unknown>HIDDEN2
                                                      __GI_getegid.symtab0x1c46820FUNC<unknown>HIDDEN2
                                                      __GI_geteuid.symtab0x1c47c20FUNC<unknown>HIDDEN2
                                                      __GI_getgid.symtab0x1c49020FUNC<unknown>HIDDEN2
                                                      __GI_gethostbyaddr_r.symtab0x17960748FUNC<unknown>HIDDEN2
                                                      __GI_gethostbyname2_r.symtab0x17c4c724FUNC<unknown>HIDDEN2
                                                      __GI_gethostbyname_r.symtab0x20a80836FUNC<unknown>HIDDEN2
                                                      __GI_gethostname.symtab0x214d0132FUNC<unknown>HIDDEN2
                                                      __GI_getpagesize.symtab0x1256040FUNC<unknown>HIDDEN2
                                                      __GI_getpid.symtab0x1afe072FUNC<unknown>HIDDEN2
                                                      __GI_getrlimit.symtab0x1259c56FUNC<unknown>HIDDEN2
                                                      __GI_getservbyname_r.symtab0x1ef08328FUNC<unknown>HIDDEN2
                                                      __GI_getservbyport.symtab0x1eea4100FUNC<unknown>HIDDEN2
                                                      __GI_getservbyport_r.symtab0x1ed90276FUNC<unknown>HIDDEN2
                                                      __GI_getservent_r.symtab0x1ec0c388FUNC<unknown>HIDDEN2
                                                      __GI_getsockname.symtab0x20dc468FUNC<unknown>HIDDEN2
                                                      __GI_gettimeofday.symtab0x1c4a464FUNC<unknown>HIDDEN2
                                                      __GI_getuid.symtab0x1c4e420FUNC<unknown>HIDDEN2
                                                      __GI_htonl.symtab0x161c432FUNC<unknown>HIDDEN2
                                                      __GI_htons.symtab0x161b416FUNC<unknown>HIDDEN2
                                                      __GI_if_freenameindex.symtab0x1f22472FUNC<unknown>HIDDEN2
                                                      __GI_if_nameindex.symtab0x1f26c592FUNC<unknown>HIDDEN2
                                                      __GI_if_nametoindex.symtab0x1f1ac120FUNC<unknown>HIDDEN2
                                                      __GI_in6addr_loopback.symtab0x291dc16OBJECT<unknown>HIDDEN4
                                                      __GI_inet_addr.symtab0x1793840FUNC<unknown>HIDDEN2
                                                      __GI_inet_aton.symtab0x1f9fc248FUNC<unknown>HIDDEN2
                                                      __GI_inet_ntoa.symtab0x1791c28FUNC<unknown>HIDDEN2
                                                      __GI_inet_ntoa_r.symtab0x17890140FUNC<unknown>HIDDEN2
                                                      __GI_inet_ntop.symtab0x175f4668FUNC<unknown>HIDDEN2
                                                      __GI_inet_pton.symtab0x1727c552FUNC<unknown>HIDDEN2
                                                      __GI_initstate_r.symtab0x19bdc248FUNC<unknown>HIDDEN2
                                                      __GI_ioctl.symtab0x125d4224FUNC<unknown>HIDDEN2
                                                      __GI_isatty.symtab0x1611436FUNC<unknown>HIDDEN2
                                                      __GI_kill.symtab0x126b456FUNC<unknown>HIDDEN2
                                                      __GI_listen.symtab0x1811c64FUNC<unknown>HIDDEN2
                                                      __GI_lseek64.symtab0x222f0112FUNC<unknown>HIDDEN2
                                                      __GI_memchr.symtab0x1e4d0240FUNC<unknown>HIDDEN2
                                                      __GI_memcpy.symtab0x15ab04FUNC<unknown>HIDDEN2
                                                      __GI_memmove.symtab0x21cd04FUNC<unknown>HIDDEN2
                                                      __GI_mempcpy.symtab0x1e5c036FUNC<unknown>HIDDEN2
                                                      __GI_memrchr.symtab0x1e5e4224FUNC<unknown>HIDDEN2
                                                      __GI_memset.symtab0x15ac0156FUNC<unknown>HIDDEN2
                                                      __GI_mmap.symtab0x1c1e0124FUNC<unknown>HIDDEN2
                                                      __GI_mremap.symtab0x1c4f868FUNC<unknown>HIDDEN2
                                                      __GI_munmap.symtab0x1c53c64FUNC<unknown>HIDDEN2
                                                      __GI_nanosleep.symtab0x1c5bc96FUNC<unknown>HIDDEN2
                                                      __GI_ntohl.symtab0x161f432FUNC<unknown>HIDDEN2
                                                      __GI_ntohs.symtab0x161e416FUNC<unknown>HIDDEN2
                                                      __GI_open.symtab0x1b300100FUNC<unknown>HIDDEN2
                                                      __GI_opendir.symtab0x1c96c196FUNC<unknown>HIDDEN2
                                                      __GI_perror.symtab0x12d3c116FUNC<unknown>HIDDEN2
                                                      __GI_pipe.symtab0x1c61c64FUNC<unknown>HIDDEN2
                                                      __GI_poll.symtab0x1272c116FUNC<unknown>HIDDEN2
                                                      __GI_putc.symtab0x14f30340FUNC<unknown>HIDDEN2
                                                      __GI_putc_unlocked.symtab0x1589c264FUNC<unknown>HIDDEN2
                                                      __GI_raise.symtab0x1b028240FUNC<unknown>HIDDEN2
                                                      __GI_random.symtab0x197b4164FUNC<unknown>HIDDEN2
                                                      __GI_random_r.symtab0x19a74144FUNC<unknown>HIDDEN2
                                                      __GI_rawmemchr.symtab0x21ce0176FUNC<unknown>HIDDEN2
                                                      __GI_read.symtab0x22280100FUNC<unknown>HIDDEN2
                                                      __GI_readdir64.symtab0x1cae0236FUNC<unknown>HIDDEN2
                                                      __GI_recv.symtab0x181a0112FUNC<unknown>HIDDEN2
                                                      __GI_recvmsg.symtab0x20e4c116FUNC<unknown>HIDDEN2
                                                      __GI_sbrk.symtab0x1c65c108FUNC<unknown>HIDDEN2
                                                      __GI_select.symtab0x127e4132FUNC<unknown>HIDDEN2
                                                      __GI_send.symtab0x18254112FUNC<unknown>HIDDEN2
                                                      __GI_sendto.symtab0x18310136FUNC<unknown>HIDDEN2
                                                      __GI_setservent.symtab0x1eb40204FUNC<unknown>HIDDEN2
                                                      __GI_setsid.symtab0x1286864FUNC<unknown>HIDDEN2
                                                      __GI_setsockopt.symtab0x1839872FUNC<unknown>HIDDEN2
                                                      __GI_setstate_r.symtab0x19cd4236FUNC<unknown>HIDDEN2
                                                      __GI_sigaction.symtab0x1c288136FUNC<unknown>HIDDEN2
                                                      __GI_sigprocmask.symtab0x1c6c8140FUNC<unknown>HIDDEN2
                                                      __GI_sleep.symtab0x1b118300FUNC<unknown>HIDDEN2
                                                      __GI_socket.symtab0x183e068FUNC<unknown>HIDDEN2
                                                      __GI_sprintf.symtab0x12f8852FUNC<unknown>HIDDEN2
                                                      __GI_srandom_r.symtab0x19b04216FUNC<unknown>HIDDEN2
                                                      __GI_stat.symtab0x21554100FUNC<unknown>HIDDEN2
                                                      __GI_strcasecmp.symtab0x15fc0108FUNC<unknown>HIDDEN2
                                                      __GI_strcasestr.symtab0x1602c132FUNC<unknown>HIDDEN2
                                                      __GI_strchr.symtab0x1e6c4240FUNC<unknown>HIDDEN2
                                                      __GI_strchrnul.symtab0x1e7b4236FUNC<unknown>HIDDEN2
                                                      __GI_strcmp.symtab0x15b6028FUNC<unknown>HIDDEN2
                                                      __GI_strcoll.symtab0x15b6028FUNC<unknown>HIDDEN2
                                                      __GI_strcpy.symtab0x15be036FUNC<unknown>HIDDEN2
                                                      __GI_strcspn.symtab0x1e8a068FUNC<unknown>HIDDEN2
                                                      __GI_strdup.symtab0x160b052FUNC<unknown>HIDDEN2
                                                      __GI_strlen.symtab0x15b8096FUNC<unknown>HIDDEN2
                                                      __GI_strncmp.symtab0x15c04272FUNC<unknown>HIDDEN2
                                                      __GI_strncpy.symtab0x15d14188FUNC<unknown>HIDDEN2
                                                      __GI_strndup.symtab0x21d9064FUNC<unknown>HIDDEN2
                                                      __GI_strnlen.symtab0x15dd0204FUNC<unknown>HIDDEN2
                                                      __GI_strpbrk.symtab0x1e9f864FUNC<unknown>HIDDEN2
                                                      __GI_strrchr.symtab0x1e8e480FUNC<unknown>HIDDEN2
                                                      __GI_strspn.symtab0x1e93476FUNC<unknown>HIDDEN2
                                                      __GI_strtok.symtab0x160e448FUNC<unknown>HIDDEN2
                                                      __GI_strtok_r.symtab0x1e980120FUNC<unknown>HIDDEN2
                                                      __GI_strtol.symtab0x19de028FUNC<unknown>HIDDEN2
                                                      __GI_strtoul.symtab0x19dfc28FUNC<unknown>HIDDEN2
                                                      __GI_sysconf.symtab0x1a2ac1572FUNC<unknown>HIDDEN2
                                                      __GI_tcgetattr.symtab0x16138124FUNC<unknown>HIDDEN2
                                                      __GI_time.symtab0x128a848FUNC<unknown>HIDDEN2
                                                      __GI_toupper.symtab0x1299c48FUNC<unknown>HIDDEN2
                                                      __GI_uname.symtab0x215b864FUNC<unknown>HIDDEN2
                                                      __GI_vasprintf.symtab0x12fbc136FUNC<unknown>HIDDEN2
                                                      __GI_vfork.symtab0x1a920112FUNC<unknown>HIDDEN2
                                                      __GI_vfprintf.symtab0x13ba8324FUNC<unknown>HIDDEN2
                                                      __GI_vsnprintf.symtab0x13044208FUNC<unknown>HIDDEN2
                                                      __GI_wait4.symtab0x1c75456FUNC<unknown>HIDDEN2
                                                      __GI_waitpid.symtab0x12920124FUNC<unknown>HIDDEN2
                                                      __GI_wcrtomb.symtab0x1cf7084FUNC<unknown>HIDDEN2
                                                      __GI_wcsnrtombs.symtab0x1cfe8188FUNC<unknown>HIDDEN2
                                                      __GI_wcsrtombs.symtab0x1cfc436FUNC<unknown>HIDDEN2
                                                      __GI_write.symtab0x1b390100FUNC<unknown>HIDDEN2
                                                      __JCR_END__.symtab0x31b080OBJECT<unknown>DEFAULT11
                                                      __JCR_LIST__.symtab0x31b080OBJECT<unknown>DEFAULT11
                                                      ___Unwind_ForcedUnwind.symtab0x23bac36FUNC<unknown>HIDDEN2
                                                      ___Unwind_RaiseException.symtab0x23b4036FUNC<unknown>HIDDEN2
                                                      ___Unwind_Resume.symtab0x23b6436FUNC<unknown>HIDDEN2
                                                      ___Unwind_Resume_or_Rethrow.symtab0x23b8836FUNC<unknown>HIDDEN2
                                                      __adddf3.symtab0x22418784FUNC<unknown>HIDDEN2
                                                      __aeabi_cdcmpeq.symtab0x22d7424FUNC<unknown>HIDDEN2
                                                      __aeabi_cdcmple.symtab0x22d7424FUNC<unknown>HIDDEN2
                                                      __aeabi_cdrcmple.symtab0x22d5852FUNC<unknown>HIDDEN2
                                                      __aeabi_d2uiz.symtab0x22e0484FUNC<unknown>HIDDEN2
                                                      __aeabi_dadd.symtab0x22418784FUNC<unknown>HIDDEN2
                                                      __aeabi_dcmpeq.symtab0x22d8c24FUNC<unknown>HIDDEN2
                                                      __aeabi_dcmpge.symtab0x22dd424FUNC<unknown>HIDDEN2
                                                      __aeabi_dcmpgt.symtab0x22dec24FUNC<unknown>HIDDEN2
                                                      __aeabi_dcmple.symtab0x22dbc24FUNC<unknown>HIDDEN2
                                                      __aeabi_dcmplt.symtab0x22da424FUNC<unknown>HIDDEN2
                                                      __aeabi_ddiv.symtab0x22ab8524FUNC<unknown>HIDDEN2
                                                      __aeabi_dmul.symtab0x22828656FUNC<unknown>HIDDEN2
                                                      __aeabi_drsub.symtab0x2240c0FUNC<unknown>HIDDEN2
                                                      __aeabi_dsub.symtab0x22414788FUNC<unknown>HIDDEN2
                                                      __aeabi_f2d.symtab0x2277464FUNC<unknown>HIDDEN2
                                                      __aeabi_i2d.symtab0x2274c40FUNC<unknown>HIDDEN2
                                                      __aeabi_idiv.symtab0x121180FUNC<unknown>HIDDEN2
                                                      __aeabi_idivmod.symtab0x1224424FUNC<unknown>HIDDEN2
                                                      __aeabi_l2d.symtab0x227c896FUNC<unknown>HIDDEN2
                                                      __aeabi_read_tp.symtab0x1c3308FUNC<unknown>DEFAULT2
                                                      __aeabi_ui2d.symtab0x2272836FUNC<unknown>HIDDEN2
                                                      __aeabi_uidiv.symtab0x120040FUNC<unknown>HIDDEN2
                                                      __aeabi_uidivmod.symtab0x1210024FUNC<unknown>HIDDEN2
                                                      __aeabi_ul2d.symtab0x227b4116FUNC<unknown>HIDDEN2
                                                      __aeabi_unwind_cpp_pr0.symtab0x23b0c8FUNC<unknown>HIDDEN2
                                                      __aeabi_unwind_cpp_pr1.symtab0x23b048FUNC<unknown>HIDDEN2
                                                      __aeabi_unwind_cpp_pr2.symtab0x23afc8FUNC<unknown>HIDDEN2
                                                      __app_fini.symtab0x391f04OBJECT<unknown>HIDDEN15
                                                      __atexit_lock.symtab0x327a824OBJECT<unknown>DEFAULT14
                                                      __bss_end__.symtab0x3adf40NOTYPE<unknown>DEFAULTSHN_ABS
                                                      __bss_start.symtab0x328000NOTYPE<unknown>DEFAULTSHN_ABS
                                                      __bss_start__.symtab0x328000NOTYPE<unknown>DEFAULTSHN_ABS
                                                      __check_one_fd.symtab0x1b62484FUNC<unknown>DEFAULT2
                                                      __close.symtab0x1b270100FUNC<unknown>DEFAULT2
                                                      __close_nameservers.symtab0x20904152FUNC<unknown>HIDDEN2
                                                      __close_nocancel.symtab0x1b25424FUNC<unknown>DEFAULT2
                                                      __cmpdf2.symtab0x22cd4132FUNC<unknown>HIDDEN2
                                                      __ctype_b.symtab0x327d04OBJECT<unknown>DEFAULT14
                                                      __ctype_tolower.symtab0x327d84OBJECT<unknown>DEFAULT14
                                                      __ctype_toupper.symtab0x325dc4OBJECT<unknown>DEFAULT14
                                                      __curbrk.symtab0x397a04OBJECT<unknown>HIDDEN15
                                                      __cxa_begin_cleanup.symtab0x00NOTYPE<unknown>DEFAULTSHN_UNDEF
                                                      __cxa_call_unexpected.symtab0x00NOTYPE<unknown>DEFAULTSHN_UNDEF
                                                      __cxa_type_match.symtab0x00NOTYPE<unknown>DEFAULTSHN_UNDEF
                                                      __data_start.symtab0x31bdc0NOTYPE<unknown>DEFAULT14
                                                      __decode_dotted.symtab0x1faf4248FUNC<unknown>HIDDEN2
                                                      __decode_header.symtab0x21ebc180FUNC<unknown>HIDDEN2
                                                      __default_rt_sa_restorer.symtab0x1c3280FUNC<unknown>DEFAULT2
                                                      __default_sa_restorer.symtab0x1c31c0FUNC<unknown>DEFAULT2
                                                      __deregister_frame_info.symtab0x00NOTYPE<unknown>DEFAULTSHN_UNDEF
                                                      __div0.symtab0x1225c20FUNC<unknown>HIDDEN2
                                                      __divdf3.symtab0x22ab8524FUNC<unknown>HIDDEN2
                                                      __divsi3.symtab0x12118300FUNC<unknown>HIDDEN2
                                                      __dns_lookup.symtab0x1fbec2064FUNC<unknown>HIDDEN2
                                                      __do_global_dtors_aux.symtab0x812c0FUNC<unknown>DEFAULT2
                                                      __do_global_dtors_aux_fini_array_entry.symtab0x31b040OBJECT<unknown>DEFAULT10
                                                      __dso_handle.symtab0x31bdc0OBJECT<unknown>HIDDEN14
                                                      __encode_dotted.symtab0x22360172FUNC<unknown>HIDDEN2
                                                      __encode_header.symtab0x21dd0236FUNC<unknown>HIDDEN2
                                                      __encode_question.symtab0x21f7096FUNC<unknown>HIDDEN2
                                                      __end__.symtab0x3adf40NOTYPE<unknown>DEFAULTSHN_ABS
                                                      __environ.symtab0x391e84OBJECT<unknown>DEFAULT15
                                                      __eqdf2.symtab0x22cd4132FUNC<unknown>HIDDEN2
                                                      __errno_location.symtab0x129cc32FUNC<unknown>DEFAULT2
                                                      __errno_location.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                                                      __error.symtab0x1a98c0NOTYPE<unknown>DEFAULT2
                                                      __exidx_end.symtab0x29afc0NOTYPE<unknown>DEFAULTSHN_ABS
                                                      __exidx_start.symtab0x299dc0NOTYPE<unknown>DEFAULTSHN_ABS
                                                      __exit_cleanup.symtab0x38c984OBJECT<unknown>HIDDEN15
                                                      __extendsfdf2.symtab0x2277464FUNC<unknown>HIDDEN2
                                                      __fcntl_nocancel.symtab0x12270152FUNC<unknown>DEFAULT2
                                                      __fgetc_unlocked.symtab0x1df0c300FUNC<unknown>DEFAULT2
                                                      __fini_array_end.symtab0x31b080NOTYPE<unknown>HIDDEN10
                                                      __fini_array_start.symtab0x31b040NOTYPE<unknown>HIDDEN10
                                                      __fixunsdfsi.symtab0x22e0484FUNC<unknown>HIDDEN2
                                                      __floatdidf.symtab0x227c896FUNC<unknown>HIDDEN2
                                                      __floatsidf.symtab0x2274c40FUNC<unknown>HIDDEN2
                                                      __floatundidf.symtab0x227b4116FUNC<unknown>HIDDEN2
                                                      __floatunsidf.symtab0x2272836FUNC<unknown>HIDDEN2
                                                      __fork.symtab0x1a990972FUNC<unknown>DEFAULT2
                                                      __fork_generation_pointer.symtab0x3adac4OBJECT<unknown>HIDDEN15
                                                      __fork_handlers.symtab0x3adb04OBJECT<unknown>HIDDEN15
                                                      __fork_lock.symtab0x38c9c4OBJECT<unknown>HIDDEN15
                                                      __fputc_unlocked.symtab0x1589c264FUNC<unknown>DEFAULT2
                                                      __frame_dummy_init_array_entry.symtab0x31b000OBJECT<unknown>DEFAULT9
                                                      __gedf2.symtab0x22cc4148FUNC<unknown>HIDDEN2
                                                      __get_hosts_byaddr_r.symtab0x2099c152FUNC<unknown>HIDDEN2
                                                      __get_hosts_byname_r.symtab0x20a3476FUNC<unknown>HIDDEN2
                                                      __getdents64.symtab0x21770328FUNC<unknown>HIDDEN2
                                                      __getpagesize.symtab0x1256040FUNC<unknown>DEFAULT2
                                                      __getpid.symtab0x1afe072FUNC<unknown>DEFAULT2
                                                      __glibc_strerror_r.symtab0x15e9c24FUNC<unknown>DEFAULT2
                                                      __glibc_strerror_r.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                                                      __gnu_Unwind_Find_exidx.symtab0x00NOTYPE<unknown>DEFAULTSHN_UNDEF
                                                      __gnu_Unwind_ForcedUnwind.symtab0x232b028FUNC<unknown>HIDDEN2
                                                      __gnu_Unwind_RaiseException.symtab0x23398184FUNC<unknown>HIDDEN2
                                                      __gnu_Unwind_Restore_VFP.symtab0x23b300FUNC<unknown>HIDDEN2
                                                      __gnu_Unwind_Resume.symtab0x2332c108FUNC<unknown>HIDDEN2
                                                      __gnu_Unwind_Resume_or_Rethrow.symtab0x2345032FUNC<unknown>HIDDEN2
                                                      __gnu_Unwind_Save_VFP.symtab0x23b380FUNC<unknown>HIDDEN2
                                                      __gnu_unwind_execute.symtab0x23c141812FUNC<unknown>HIDDEN2
                                                      __gnu_unwind_frame.symtab0x2432872FUNC<unknown>HIDDEN2
                                                      __gnu_unwind_pr_common.symtab0x235b41352FUNC<unknown>DEFAULT2
                                                      __gtdf2.symtab0x22cc4148FUNC<unknown>HIDDEN2
                                                      __h_errno_location.symtab0x00NOTYPE<unknown>DEFAULTSHN_UNDEF
                                                      __init_array_end.symtab0x31b040NOTYPE<unknown>HIDDEN9
                                                      __init_array_start.symtab0x31b000NOTYPE<unknown>HIDDEN9
                                                      __initbuf.symtab0x1ea3876FUNC<unknown>DEFAULT2
                                                      __ledf2.symtab0x22ccc140FUNC<unknown>HIDDEN2
                                                      __libc_accept.symtab0x17f64116FUNC<unknown>DEFAULT2
                                                      __libc_close.symtab0x1b270100FUNC<unknown>DEFAULT2
                                                      __libc_connect.symtab0x18060116FUNC<unknown>DEFAULT2
                                                      __libc_disable_asynccancel.symtab0x1b400136FUNC<unknown>HIDDEN2
                                                      __libc_enable_asynccancel.symtab0x1b488220FUNC<unknown>HIDDEN2
                                                      __libc_errno.symtab0x04TLS<unknown>HIDDEN8
                                                      __libc_fcntl.symtab0x12308244FUNC<unknown>DEFAULT2

                                                      Network Behavior

                                                      Network Port Distribution

                                                      TCP Packets

                                                      TimestampSource PortDest PortSource IPDest IP
                                                      Dec 28, 2024 12:46:48.727813005 CET43928443192.168.2.2391.189.91.42
                                                      Dec 28, 2024 12:46:54.359128952 CET42836443192.168.2.2391.189.91.43
                                                      Dec 28, 2024 12:46:55.894821882 CET4251680192.168.2.23109.202.202.202
                                                      Dec 28, 2024 12:47:08.949126959 CET43928443192.168.2.2391.189.91.42
                                                      Dec 28, 2024 12:47:21.235300064 CET42836443192.168.2.2391.189.91.43
                                                      Dec 28, 2024 12:47:25.330888987 CET4251680192.168.2.23109.202.202.202
                                                      Dec 28, 2024 12:47:49.903409004 CET43928443192.168.2.2391.189.91.42

                                                      UDP Packets

                                                      TimestampSource PortDest PortSource IPDest IP
                                                      Dec 28, 2024 12:46:47.276474953 CET4819453192.168.2.231.1.1.1
                                                      Dec 28, 2024 12:46:48.352983952 CET53481941.1.1.1192.168.2.23

                                                      DNS Queries

                                                      TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                                                      Dec 28, 2024 12:46:47.276474953 CET192.168.2.231.1.1.10xe7c4Standard query (0)pirati.privatedns.orgA (IP address)IN (0x0001)false

                                                      DNS Answers

                                                      TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                                                      Dec 28, 2024 12:46:48.352983952 CET1.1.1.1192.168.2.230xe7c4No error (0)pirati.privatedns.org212.171.15.94A (IP address)IN (0x0001)false

                                                      System Behavior

                                                      General

                                                      Start time (UTC):11:46:46
                                                      Start date (UTC):28/12/2024
                                                      Path:/tmp/yakuza.arm7.elf
                                                      Arguments:/tmp/yakuza.arm7.elf
                                                      File size:4956856 bytes
                                                      MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                                                      Chronological Activities


                                                      General

                                                      Start time (UTC):11:46:46
                                                      Start date (UTC):28/12/2024
                                                      Path:/tmp/yakuza.arm7.elf
                                                      Arguments:-
                                                      File size:4956856 bytes
                                                      MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                                                      Chronological Activities


                                                      General

                                                      Start time (UTC):11:46:46
                                                      Start date (UTC):28/12/2024
                                                      Path:/tmp/yakuza.arm7.elf
                                                      Arguments:-
                                                      File size:4956856 bytes
                                                      MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                                                      Chronological Activities


                                                      General

                                                      Start time (UTC):11:46:46
                                                      Start date (UTC):28/12/2024
                                                      Path:/tmp/yakuza.arm7.elf
                                                      Arguments:-
                                                      File size:4956856 bytes
                                                      MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                                                      Chronological Activities


                                                      General

                                                      Start time (UTC):11:46:46
                                                      Start date (UTC):28/12/2024
                                                      Path:/tmp/yakuza.arm7.elf
                                                      Arguments:-
                                                      File size:4956856 bytes
                                                      MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                                                      Chronological Activities


                                                      General

                                                      Start time (UTC):11:46:46
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:/bin/sh -c "pkill -9 902i13 || busybox pkill -9 902i13"
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      Chronological Activities


                                                      General

                                                      Start time (UTC):11:46:46
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:-
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      Chronological Activities


                                                      General

                                                      Start time (UTC):11:46:46
                                                      Start date (UTC):28/12/2024
                                                      Path:/usr/bin/pkill
                                                      Arguments:pkill -9 902i13
                                                      File size:30968 bytes
                                                      MD5 hash:fa96a75a08109d8842e4865b2907d51f

                                                      Chronological Activities


                                                      General

                                                      Start time (UTC):11:46:49
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:-
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      Chronological Activities


                                                      General

                                                      Start time (UTC):11:46:49
                                                      Start date (UTC):28/12/2024
                                                      Path:/usr/bin/busybox
                                                      Arguments:busybox pkill -9 902i13
                                                      File size:2172376 bytes
                                                      MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                                                      Chronological Activities


                                                      General

                                                      Start time (UTC):11:46:50
                                                      Start date (UTC):28/12/2024
                                                      Path:/tmp/yakuza.arm7.elf
                                                      Arguments:-
                                                      File size:4956856 bytes
                                                      MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                                                      Chronological Activities


                                                      General

                                                      Start time (UTC):11:46:50
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:/bin/sh -c "pkill -9 BzSxLxBxeY || busybox pkill -9 BzSxLxBxeY"
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      Chronological Activities


                                                      General

                                                      Start time (UTC):11:46:50
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:-
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      Chronological Activities


                                                      General

                                                      Start time (UTC):11:46:50
                                                      Start date (UTC):28/12/2024
                                                      Path:/usr/bin/pkill
                                                      Arguments:pkill -9 BzSxLxBxeY
                                                      File size:30968 bytes
                                                      MD5 hash:fa96a75a08109d8842e4865b2907d51f

                                                      Chronological Activities


                                                      General

                                                      Start time (UTC):11:46:51
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:-
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      Chronological Activities


                                                      General

                                                      Start time (UTC):11:46:51
                                                      Start date (UTC):28/12/2024
                                                      Path:/usr/bin/busybox
                                                      Arguments:busybox pkill -9 BzSxLxBxeY
                                                      File size:2172376 bytes
                                                      MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                                                      Chronological Activities


                                                      General

                                                      Start time (UTC):11:46:52
                                                      Start date (UTC):28/12/2024
                                                      Path:/tmp/yakuza.arm7.elf
                                                      Arguments:-
                                                      File size:4956856 bytes
                                                      MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                                                      Chronological Activities


                                                      General

                                                      Start time (UTC):11:46:52
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:/bin/sh -c "pkill -9 HOHO-LUGO7 || busybox pkill -9 HOHO-LUGO7"
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      Chronological Activities


                                                      General

                                                      Start time (UTC):11:46:52
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:-
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      Chronological Activities


                                                      General

                                                      Start time (UTC):11:46:52
                                                      Start date (UTC):28/12/2024
                                                      Path:/usr/bin/pkill
                                                      Arguments:pkill -9 HOHO-LUGO7
                                                      File size:30968 bytes
                                                      MD5 hash:fa96a75a08109d8842e4865b2907d51f

                                                      Chronological Activities


                                                      General

                                                      Start time (UTC):11:46:53
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:-
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      Chronological Activities


                                                      General

                                                      Start time (UTC):11:46:53
                                                      Start date (UTC):28/12/2024
                                                      Path:/usr/bin/busybox
                                                      Arguments:busybox pkill -9 HOHO-LUGO7
                                                      File size:2172376 bytes
                                                      MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                                                      Chronological Activities


                                                      General

                                                      Start time (UTC):11:46:54
                                                      Start date (UTC):28/12/2024
                                                      Path:/tmp/yakuza.arm7.elf
                                                      Arguments:-
                                                      File size:4956856 bytes
                                                      MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                                                      Chronological Activities


                                                      General

                                                      Start time (UTC):11:46:54
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:/bin/sh -c "pkill -9 HOHO-U79OL || busybox pkill -9 HOHO-U79OL"
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      Chronological Activities


                                                      General

                                                      Start time (UTC):11:46:54
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:-
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      Chronological Activities


                                                      General

                                                      Start time (UTC):11:46:54
                                                      Start date (UTC):28/12/2024
                                                      Path:/usr/bin/pkill
                                                      Arguments:pkill -9 HOHO-U79OL
                                                      File size:30968 bytes
                                                      MD5 hash:fa96a75a08109d8842e4865b2907d51f

                                                      Chronological Activities


                                                      General

                                                      Start time (UTC):11:46:55
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:-
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      Chronological Activities


                                                      General

                                                      Start time (UTC):11:46:55
                                                      Start date (UTC):28/12/2024
                                                      Path:/usr/bin/busybox
                                                      Arguments:busybox pkill -9 HOHO-U79OL
                                                      File size:2172376 bytes
                                                      MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                                                      Chronological Activities


                                                      General

                                                      Start time (UTC):11:46:56
                                                      Start date (UTC):28/12/2024
                                                      Path:/tmp/yakuza.arm7.elf
                                                      Arguments:-
                                                      File size:4956856 bytes
                                                      MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                                                      Chronological Activities


                                                      General

                                                      Start time (UTC):11:46:56
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:/bin/sh -c "pkill -9 JuYfouyf87 || busybox pkill -9 JuYfouyf87"
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      Chronological Activities


                                                      General

                                                      Start time (UTC):11:46:56
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:-
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      Chronological Activities


                                                      General

                                                      Start time (UTC):11:46:56
                                                      Start date (UTC):28/12/2024
                                                      Path:/usr/bin/pkill
                                                      Arguments:pkill -9 JuYfouyf87
                                                      File size:30968 bytes
                                                      MD5 hash:fa96a75a08109d8842e4865b2907d51f

                                                      Chronological Activities


                                                      General

                                                      Start time (UTC):11:46:57
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:-
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      Chronological Activities


                                                      General

                                                      Start time (UTC):11:46:57
                                                      Start date (UTC):28/12/2024
                                                      Path:/usr/bin/busybox
                                                      Arguments:busybox pkill -9 JuYfouyf87
                                                      File size:2172376 bytes
                                                      MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                                                      Chronological Activities


                                                      General

                                                      Start time (UTC):11:46:58
                                                      Start date (UTC):28/12/2024
                                                      Path:/tmp/yakuza.arm7.elf
                                                      Arguments:-
                                                      File size:4956856 bytes
                                                      MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                                                      Chronological Activities


                                                      General

                                                      Start time (UTC):11:46:58
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:/bin/sh -c "pkill -9 NiGGeR69xd || busybox pkill -9 NiGGeR69xd"
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      Chronological Activities


                                                      General

                                                      Start time (UTC):11:46:58
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:-
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      Chronological Activities


                                                      General

                                                      Start time (UTC):11:46:58
                                                      Start date (UTC):28/12/2024
                                                      Path:/usr/bin/pkill
                                                      Arguments:pkill -9 NiGGeR69xd
                                                      File size:30968 bytes
                                                      MD5 hash:fa96a75a08109d8842e4865b2907d51f

                                                      Chronological Activities


                                                      General

                                                      Start time (UTC):11:46:59
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:-
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      Chronological Activities


                                                      General

                                                      Start time (UTC):11:46:59
                                                      Start date (UTC):28/12/2024
                                                      Path:/usr/bin/busybox
                                                      Arguments:busybox pkill -9 NiGGeR69xd
                                                      File size:2172376 bytes
                                                      MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                                                      Chronological Activities


                                                      General

                                                      Start time (UTC):11:47:00
                                                      Start date (UTC):28/12/2024
                                                      Path:/tmp/yakuza.arm7.elf
                                                      Arguments:-
                                                      File size:4956856 bytes
                                                      MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                                                      Chronological Activities


                                                      General

                                                      Start time (UTC):11:47:00
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:/bin/sh -c "pkill -9 SO190Ij1X || busybox pkill -9 SO190Ij1X"
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      Chronological Activities


                                                      General

                                                      Start time (UTC):11:47:00
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:-
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      Chronological Activities


                                                      General

                                                      Start time (UTC):11:47:00
                                                      Start date (UTC):28/12/2024
                                                      Path:/usr/bin/pkill
                                                      Arguments:pkill -9 SO190Ij1X
                                                      File size:30968 bytes
                                                      MD5 hash:fa96a75a08109d8842e4865b2907d51f

                                                      Chronological Activities


                                                      General

                                                      Start time (UTC):11:47:01
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:-
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      Chronological Activities


                                                      General

                                                      Start time (UTC):11:47:01
                                                      Start date (UTC):28/12/2024
                                                      Path:/usr/bin/busybox
                                                      Arguments:busybox pkill -9 SO190Ij1X
                                                      File size:2172376 bytes
                                                      MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                                                      Chronological Activities


                                                      General

                                                      Start time (UTC):11:47:02
                                                      Start date (UTC):28/12/2024
                                                      Path:/tmp/yakuza.arm7.elf
                                                      Arguments:-
                                                      File size:4956856 bytes
                                                      MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                                                      Chronological Activities


                                                      General

                                                      Start time (UTC):11:47:02
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:/bin/sh -c "pkill -9 LOLKIKEEEDDE || busybox pkill -9 LOLKIKEEEDDE"
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      Chronological Activities


                                                      General

                                                      Start time (UTC):11:47:02
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:-
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      Chronological Activities


                                                      General

                                                      Start time (UTC):11:47:02
                                                      Start date (UTC):28/12/2024
                                                      Path:/usr/bin/pkill
                                                      Arguments:pkill -9 LOLKIKEEEDDE
                                                      File size:30968 bytes
                                                      MD5 hash:fa96a75a08109d8842e4865b2907d51f

                                                      Chronological Activities


                                                      General

                                                      Start time (UTC):11:47:04
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:-
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      Chronological Activities


                                                      General

                                                      Start time (UTC):11:47:04
                                                      Start date (UTC):28/12/2024
                                                      Path:/usr/bin/busybox
                                                      Arguments:busybox pkill -9 LOLKIKEEEDDE
                                                      File size:2172376 bytes
                                                      MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                                                      Chronological Activities


                                                      General

                                                      Start time (UTC):11:47:05
                                                      Start date (UTC):28/12/2024
                                                      Path:/tmp/yakuza.arm7.elf
                                                      Arguments:-
                                                      File size:4956856 bytes
                                                      MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                                                      Chronological Activities


                                                      General

                                                      Start time (UTC):11:47:05
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:/bin/sh -c "pkill -9 ekjheory98e || busybox pkill -9 ekjheory98e"
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      Chronological Activities


                                                      General

                                                      Start time (UTC):11:47:05
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:-
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      Chronological Activities


                                                      General

                                                      Start time (UTC):11:47:05
                                                      Start date (UTC):28/12/2024
                                                      Path:/usr/bin/pkill
                                                      Arguments:pkill -9 ekjheory98e
                                                      File size:30968 bytes
                                                      MD5 hash:fa96a75a08109d8842e4865b2907d51f

                                                      Chronological Activities


                                                      General

                                                      Start time (UTC):11:47:06
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:-
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      Chronological Activities


                                                      General

                                                      Start time (UTC):11:47:06
                                                      Start date (UTC):28/12/2024
                                                      Path:/usr/bin/busybox
                                                      Arguments:busybox pkill -9 ekjheory98e
                                                      File size:2172376 bytes
                                                      MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                                                      Chronological Activities


                                                      General

                                                      Start time (UTC):11:47:07
                                                      Start date (UTC):28/12/2024
                                                      Path:/tmp/yakuza.arm7.elf
                                                      Arguments:-
                                                      File size:4956856 bytes
                                                      MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                                                      Chronological Activities


                                                      General

                                                      Start time (UTC):11:47:07
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:/bin/sh -c "pkill -9 scansh4 || busybox pkill -9 scansh4"
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      Chronological Activities


                                                      General

                                                      Start time (UTC):11:47:07
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:-
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      Chronological Activities


                                                      General

                                                      Start time (UTC):11:47:07
                                                      Start date (UTC):28/12/2024
                                                      Path:/usr/bin/pkill
                                                      Arguments:pkill -9 scansh4
                                                      File size:30968 bytes
                                                      MD5 hash:fa96a75a08109d8842e4865b2907d51f

                                                      Chronological Activities


                                                      General

                                                      Start time (UTC):11:47:08
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:-
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      Chronological Activities


                                                      General

                                                      Start time (UTC):11:47:08
                                                      Start date (UTC):28/12/2024
                                                      Path:/usr/bin/busybox
                                                      Arguments:busybox pkill -9 scansh4
                                                      File size:2172376 bytes
                                                      MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                                                      Chronological Activities


                                                      General

                                                      Start time (UTC):11:47:09
                                                      Start date (UTC):28/12/2024
                                                      Path:/tmp/yakuza.arm7.elf
                                                      Arguments:-
                                                      File size:4956856 bytes
                                                      MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                                                      Chronological Activities


                                                      General

                                                      Start time (UTC):11:47:09
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:/bin/sh -c "pkill -9 MDMA || busybox pkill -9 MDMA"
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      Chronological Activities


                                                      General

                                                      Start time (UTC):11:47:09
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:-
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      Chronological Activities


                                                      General

                                                      Start time (UTC):11:47:09
                                                      Start date (UTC):28/12/2024
                                                      Path:/usr/bin/pkill
                                                      Arguments:pkill -9 MDMA
                                                      File size:30968 bytes
                                                      MD5 hash:fa96a75a08109d8842e4865b2907d51f

                                                      Chronological Activities


                                                      General

                                                      Start time (UTC):11:47:10
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:-
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      Chronological Activities


                                                      General

                                                      Start time (UTC):11:47:10
                                                      Start date (UTC):28/12/2024
                                                      Path:/usr/bin/busybox
                                                      Arguments:busybox pkill -9 MDMA
                                                      File size:2172376 bytes
                                                      MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                                                      Chronological Activities


                                                      General

                                                      Start time (UTC):11:47:11
                                                      Start date (UTC):28/12/2024
                                                      Path:/tmp/yakuza.arm7.elf
                                                      Arguments:-
                                                      File size:4956856 bytes
                                                      MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                                                      Chronological Activities


                                                      General

                                                      Start time (UTC):11:47:11
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:/bin/sh -c "pkill -9 fdevalvex || busybox pkill -9 fdevalvex"
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      Chronological Activities


                                                      General

                                                      Start time (UTC):11:47:11
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:-
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      Chronological Activities


                                                      General

                                                      Start time (UTC):11:47:11
                                                      Start date (UTC):28/12/2024
                                                      Path:/usr/bin/pkill
                                                      Arguments:pkill -9 fdevalvex
                                                      File size:30968 bytes
                                                      MD5 hash:fa96a75a08109d8842e4865b2907d51f

                                                      Chronological Activities


                                                      General

                                                      Start time (UTC):11:47:12
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:-
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      Chronological Activities


                                                      General

                                                      Start time (UTC):11:47:12
                                                      Start date (UTC):28/12/2024
                                                      Path:/usr/bin/busybox
                                                      Arguments:busybox pkill -9 fdevalvex
                                                      File size:2172376 bytes
                                                      MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                                                      Chronological Activities


                                                      General

                                                      Start time (UTC):11:47:13
                                                      Start date (UTC):28/12/2024
                                                      Path:/tmp/yakuza.arm7.elf
                                                      Arguments:-
                                                      File size:4956856 bytes
                                                      MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                                                      Chronological Activities


                                                      General

                                                      Start time (UTC):11:47:13
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:/bin/sh -c "pkill -9 scanspc || busybox pkill -9 scanspc"
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      Chronological Activities


                                                      General

                                                      Start time (UTC):11:47:13
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:-
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      Chronological Activities


                                                      General

                                                      Start time (UTC):11:47:13
                                                      Start date (UTC):28/12/2024
                                                      Path:/usr/bin/pkill
                                                      Arguments:pkill -9 scanspc
                                                      File size:30968 bytes
                                                      MD5 hash:fa96a75a08109d8842e4865b2907d51f

                                                      Chronological Activities


                                                      General

                                                      Start time (UTC):11:47:14
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:-
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      Chronological Activities


                                                      General

                                                      Start time (UTC):11:47:14
                                                      Start date (UTC):28/12/2024
                                                      Path:/usr/bin/busybox
                                                      Arguments:busybox pkill -9 scanspc
                                                      File size:2172376 bytes
                                                      MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                                                      Chronological Activities


                                                      General

                                                      Start time (UTC):11:47:15
                                                      Start date (UTC):28/12/2024
                                                      Path:/tmp/yakuza.arm7.elf
                                                      Arguments:-
                                                      File size:4956856 bytes
                                                      MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                                                      Chronological Activities


                                                      General

                                                      Start time (UTC):11:47:15
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:/bin/sh -c "pkill -9 MELTEDNINJAREALZ || busybox pkill -9 MELTEDNINJAREALZ"
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      Chronological Activities


                                                      General

                                                      Start time (UTC):11:47:15
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:-
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      Chronological Activities


                                                      General

                                                      Start time (UTC):11:47:15
                                                      Start date (UTC):28/12/2024
                                                      Path:/usr/bin/pkill
                                                      Arguments:pkill -9 MELTEDNINJAREALZ
                                                      File size:30968 bytes
                                                      MD5 hash:fa96a75a08109d8842e4865b2907d51f

                                                      Chronological Activities


                                                      General

                                                      Start time (UTC):11:47:16
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:-
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      Chronological Activities


                                                      General

                                                      Start time (UTC):11:47:16
                                                      Start date (UTC):28/12/2024
                                                      Path:/usr/bin/busybox
                                                      Arguments:busybox pkill -9 MELTEDNINJAREALZ
                                                      File size:2172376 bytes
                                                      MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                                                      Chronological Activities


                                                      General

                                                      Start time (UTC):11:47:17
                                                      Start date (UTC):28/12/2024
                                                      Path:/tmp/yakuza.arm7.elf
                                                      Arguments:-
                                                      File size:4956856 bytes
                                                      MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                                                      Chronological Activities


                                                      General

                                                      Start time (UTC):11:47:17
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:/bin/sh -c "pkill -9 flexsonskids || busybox pkill -9 flexsonskids"
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      Chronological Activities


                                                      General

                                                      Start time (UTC):11:47:17
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:-
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      Chronological Activities


                                                      General

                                                      Start time (UTC):11:47:17
                                                      Start date (UTC):28/12/2024
                                                      Path:/usr/bin/pkill
                                                      Arguments:pkill -9 flexsonskids
                                                      File size:30968 bytes
                                                      MD5 hash:fa96a75a08109d8842e4865b2907d51f

                                                      Chronological Activities


                                                      General

                                                      Start time (UTC):11:47:18
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:-
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      Chronological Activities


                                                      General

                                                      Start time (UTC):11:47:18
                                                      Start date (UTC):28/12/2024
                                                      Path:/usr/bin/busybox
                                                      Arguments:busybox pkill -9 flexsonskids
                                                      File size:2172376 bytes
                                                      MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                                                      Chronological Activities


                                                      General

                                                      Start time (UTC):11:47:19
                                                      Start date (UTC):28/12/2024
                                                      Path:/tmp/yakuza.arm7.elf
                                                      Arguments:-
                                                      File size:4956856 bytes
                                                      MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                                                      Chronological Activities


                                                      General

                                                      Start time (UTC):11:47:19
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:/bin/sh -c "pkill -9 scanx86 || busybox pkill -9 scanx86"
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      Chronological Activities


                                                      General

                                                      Start time (UTC):11:47:19
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:-
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      Chronological Activities


                                                      General

                                                      Start time (UTC):11:47:19
                                                      Start date (UTC):28/12/2024
                                                      Path:/usr/bin/pkill
                                                      Arguments:pkill -9 scanx86
                                                      File size:30968 bytes
                                                      MD5 hash:fa96a75a08109d8842e4865b2907d51f

                                                      Chronological Activities


                                                      General

                                                      Start time (UTC):11:47:20
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:-
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      General

                                                      Start time (UTC):11:47:20
                                                      Start date (UTC):28/12/2024
                                                      Path:/usr/bin/busybox
                                                      Arguments:busybox pkill -9 scanx86
                                                      File size:2172376 bytes
                                                      MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                                                      General

                                                      Start time (UTC):11:47:21
                                                      Start date (UTC):28/12/2024
                                                      Path:/tmp/yakuza.arm7.elf
                                                      Arguments:-
                                                      File size:4956856 bytes
                                                      MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                                                      General

                                                      Start time (UTC):11:47:21
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:/bin/sh -c "pkill -9 MISAKI-U79OL || busybox pkill -9 MISAKI-U79OL"
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      General

                                                      Start time (UTC):11:47:21
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:-
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      General

                                                      Start time (UTC):11:47:21
                                                      Start date (UTC):28/12/2024
                                                      Path:/usr/bin/pkill
                                                      Arguments:pkill -9 MISAKI-U79OL
                                                      File size:30968 bytes
                                                      MD5 hash:fa96a75a08109d8842e4865b2907d51f

                                                      General

                                                      Start time (UTC):11:47:22
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:-
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      General

                                                      Start time (UTC):11:47:22
                                                      Start date (UTC):28/12/2024
                                                      Path:/usr/bin/busybox
                                                      Arguments:busybox pkill -9 MISAKI-U79OL
                                                      File size:2172376 bytes
                                                      MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                                                      General

                                                      Start time (UTC):11:47:23
                                                      Start date (UTC):28/12/2024
                                                      Path:/tmp/yakuza.arm7.elf
                                                      Arguments:-
                                                      File size:4956856 bytes
                                                      MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                                                      General

                                                      Start time (UTC):11:47:23
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:/bin/sh -c "pkill -9 foAxi102kxe || busybox pkill -9 foAxi102kxe"
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      General

                                                      Start time (UTC):11:47:23
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:-
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      General

                                                      Start time (UTC):11:47:23
                                                      Start date (UTC):28/12/2024
                                                      Path:/usr/bin/pkill
                                                      Arguments:pkill -9 foAxi102kxe
                                                      File size:30968 bytes
                                                      MD5 hash:fa96a75a08109d8842e4865b2907d51f

                                                      General

                                                      Start time (UTC):11:47:24
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:-
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      General

                                                      Start time (UTC):11:47:24
                                                      Start date (UTC):28/12/2024
                                                      Path:/usr/bin/busybox
                                                      Arguments:busybox pkill -9 foAxi102kxe
                                                      File size:2172376 bytes
                                                      MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                                                      General

                                                      Start time (UTC):11:47:25
                                                      Start date (UTC):28/12/2024
                                                      Path:/tmp/yakuza.arm7.elf
                                                      Arguments:-
                                                      File size:4956856 bytes
                                                      MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                                                      General

                                                      Start time (UTC):11:47:25
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:/bin/sh -c "pkill -9 swodjwodjwoj || busybox pkill -9 swodjwodjwoj"
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      General

                                                      Start time (UTC):11:47:25
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:-
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      General

                                                      Start time (UTC):11:47:25
                                                      Start date (UTC):28/12/2024
                                                      Path:/usr/bin/pkill
                                                      Arguments:pkill -9 swodjwodjwoj
                                                      File size:30968 bytes
                                                      MD5 hash:fa96a75a08109d8842e4865b2907d51f

                                                      General

                                                      Start time (UTC):11:47:26
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:-
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      General

                                                      Start time (UTC):11:47:26
                                                      Start date (UTC):28/12/2024
                                                      Path:/usr/bin/busybox
                                                      Arguments:busybox pkill -9 swodjwodjwoj
                                                      File size:2172376 bytes
                                                      MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                                                      General

                                                      Start time (UTC):11:47:27
                                                      Start date (UTC):28/12/2024
                                                      Path:/tmp/yakuza.arm7.elf
                                                      Arguments:-
                                                      File size:4956856 bytes
                                                      MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                                                      General

                                                      Start time (UTC):11:47:27
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:/bin/sh -c "pkill -9 MmKiy7f87l || busybox pkill -9 MmKiy7f87l"
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      General

                                                      Start time (UTC):11:47:27
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:-
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      General

                                                      Start time (UTC):11:47:27
                                                      Start date (UTC):28/12/2024
                                                      Path:/usr/bin/pkill
                                                      Arguments:pkill -9 MmKiy7f87l
                                                      File size:30968 bytes
                                                      MD5 hash:fa96a75a08109d8842e4865b2907d51f

                                                      General

                                                      Start time (UTC):11:47:28
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:-
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      General

                                                      Start time (UTC):11:47:28
                                                      Start date (UTC):28/12/2024
                                                      Path:/usr/bin/busybox
                                                      Arguments:busybox pkill -9 MmKiy7f87l
                                                      File size:2172376 bytes
                                                      MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                                                      General

                                                      Start time (UTC):11:47:29
                                                      Start date (UTC):28/12/2024
                                                      Path:/tmp/yakuza.arm7.elf
                                                      Arguments:-
                                                      File size:4956856 bytes
                                                      MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                                                      General

                                                      Start time (UTC):11:47:29
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:/bin/sh -c "pkill -9 freecookiex86 || busybox pkill -9 freecookiex86"
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      General

                                                      Start time (UTC):11:47:29
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:-
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      General

                                                      Start time (UTC):11:47:29
                                                      Start date (UTC):28/12/2024
                                                      Path:/usr/bin/pkill
                                                      Arguments:pkill -9 freecookiex86
                                                      File size:30968 bytes
                                                      MD5 hash:fa96a75a08109d8842e4865b2907d51f

                                                      General

                                                      Start time (UTC):11:47:30
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:-
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      General

                                                      Start time (UTC):11:47:30
                                                      Start date (UTC):28/12/2024
                                                      Path:/usr/bin/busybox
                                                      Arguments:busybox pkill -9 freecookiex86
                                                      File size:2172376 bytes
                                                      MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                                                      General

                                                      Start time (UTC):11:47:31
                                                      Start date (UTC):28/12/2024
                                                      Path:/tmp/yakuza.arm7.elf
                                                      Arguments:-
                                                      File size:4956856 bytes
                                                      MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                                                      General

                                                      Start time (UTC):11:47:31
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:/bin/sh -c "pkill -9 sysgpu || busybox pkill -9 sysgpu"
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      General

                                                      Start time (UTC):11:47:31
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:-
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      General

                                                      Start time (UTC):11:47:31
                                                      Start date (UTC):28/12/2024
                                                      Path:/usr/bin/pkill
                                                      Arguments:pkill -9 sysgpu
                                                      File size:30968 bytes
                                                      MD5 hash:fa96a75a08109d8842e4865b2907d51f

                                                      General

                                                      Start time (UTC):11:47:32
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:-
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      General

                                                      Start time (UTC):11:47:32
                                                      Start date (UTC):28/12/2024
                                                      Path:/usr/bin/busybox
                                                      Arguments:busybox pkill -9 sysgpu
                                                      File size:2172376 bytes
                                                      MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                                                      General

                                                      Start time (UTC):11:47:33
                                                      Start date (UTC):28/12/2024
                                                      Path:/tmp/yakuza.arm7.elf
                                                      Arguments:-
                                                      File size:4956856 bytes
                                                      MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                                                      General

                                                      Start time (UTC):11:47:33
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:/bin/sh -c "pkill -9 NiGGeR69xd || busybox pkill -9 NiGGeR69xd"
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      General

                                                      Start time (UTC):11:47:33
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:-
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      General

                                                      Start time (UTC):11:47:33
                                                      Start date (UTC):28/12/2024
                                                      Path:/usr/bin/pkill
                                                      Arguments:pkill -9 NiGGeR69xd
                                                      File size:30968 bytes
                                                      MD5 hash:fa96a75a08109d8842e4865b2907d51f

                                                      General

                                                      Start time (UTC):11:47:34
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:-
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      General

                                                      Start time (UTC):11:47:34
                                                      Start date (UTC):28/12/2024
                                                      Path:/usr/bin/busybox
                                                      Arguments:busybox pkill -9 NiGGeR69xd
                                                      File size:2172376 bytes
                                                      MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                                                      General

                                                      Start time (UTC):11:47:35
                                                      Start date (UTC):28/12/2024
                                                      Path:/tmp/yakuza.arm7.elf
                                                      Arguments:-
                                                      File size:4956856 bytes
                                                      MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                                                      General

                                                      Start time (UTC):11:47:35
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:/bin/sh -c "pkill -9 frgege || busybox pkill -9 frgege"
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      General

                                                      Start time (UTC):11:47:35
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:-
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      General

                                                      Start time (UTC):11:47:35
                                                      Start date (UTC):28/12/2024
                                                      Path:/usr/bin/pkill
                                                      Arguments:pkill -9 frgege
                                                      File size:30968 bytes
                                                      MD5 hash:fa96a75a08109d8842e4865b2907d51f

                                                      General

                                                      Start time (UTC):11:47:36
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:-
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      General

                                                      Start time (UTC):11:47:36
                                                      Start date (UTC):28/12/2024
                                                      Path:/usr/bin/busybox
                                                      Arguments:busybox pkill -9 frgege
                                                      File size:2172376 bytes
                                                      MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                                                      General

                                                      Start time (UTC):11:47:37
                                                      Start date (UTC):28/12/2024
                                                      Path:/tmp/yakuza.arm7.elf
                                                      Arguments:-
                                                      File size:4956856 bytes
                                                      MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                                                      General

                                                      Start time (UTC):11:47:37
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:/bin/sh -c "pkill -9 sysupdater || busybox pkill -9 sysupdater"
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      General

                                                      Start time (UTC):11:47:37
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:-
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      General

                                                      Start time (UTC):11:47:37
                                                      Start date (UTC):28/12/2024
                                                      Path:/usr/bin/pkill
                                                      Arguments:pkill -9 sysupdater
                                                      File size:30968 bytes
                                                      MD5 hash:fa96a75a08109d8842e4865b2907d51f

                                                      General

                                                      Start time (UTC):11:47:38
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:-
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      General

                                                      Start time (UTC):11:47:38
                                                      Start date (UTC):28/12/2024
                                                      Path:/usr/bin/busybox
                                                      Arguments:busybox pkill -9 sysupdater
                                                      File size:2172376 bytes
                                                      MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                                                      General

                                                      Start time (UTC):11:47:39
                                                      Start date (UTC):28/12/2024
                                                      Path:/tmp/yakuza.arm7.elf
                                                      Arguments:-
                                                      File size:4956856 bytes
                                                      MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                                                      General

                                                      Start time (UTC):11:47:39
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:/bin/sh -c "pkill -9 0DnAzepd || busybox pkill -9 0DnAzepd"
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      General

                                                      Start time (UTC):11:47:39
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:-
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      General

                                                      Start time (UTC):11:47:39
                                                      Start date (UTC):28/12/2024
                                                      Path:/usr/bin/pkill
                                                      Arguments:pkill -9 0DnAzepd
                                                      File size:30968 bytes
                                                      MD5 hash:fa96a75a08109d8842e4865b2907d51f

                                                      General

                                                      Start time (UTC):11:47:40
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:-
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      General

                                                      Start time (UTC):11:47:40
                                                      Start date (UTC):28/12/2024
                                                      Path:/usr/bin/busybox
                                                      Arguments:busybox pkill -9 0DnAzepd
                                                      File size:2172376 bytes
                                                      MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                                                      General

                                                      Start time (UTC):11:47:41
                                                      Start date (UTC):28/12/2024
                                                      Path:/tmp/yakuza.arm7.elf
                                                      Arguments:-
                                                      File size:4956856 bytes
                                                      MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                                                      General

                                                      Start time (UTC):11:47:41
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:/bin/sh -c "pkill -9 NiGGeRD0nks69 || busybox pkill -9 NiGGeRD0nks69"
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      General

                                                      Start time (UTC):11:47:41
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:-
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      General

                                                      Start time (UTC):11:47:41
                                                      Start date (UTC):28/12/2024
                                                      Path:/usr/bin/pkill
                                                      Arguments:pkill -9 NiGGeRD0nks69
                                                      File size:30968 bytes
                                                      MD5 hash:fa96a75a08109d8842e4865b2907d51f

                                                      General

                                                      Start time (UTC):11:47:42
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:-
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      General

                                                      Start time (UTC):11:47:42
                                                      Start date (UTC):28/12/2024
                                                      Path:/usr/bin/busybox
                                                      Arguments:busybox pkill -9 NiGGeRD0nks69
                                                      File size:2172376 bytes
                                                      MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                                                      General

                                                      Start time (UTC):11:47:43
                                                      Start date (UTC):28/12/2024
                                                      Path:/tmp/yakuza.arm7.elf
                                                      Arguments:-
                                                      File size:4956856 bytes
                                                      MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                                                      General

                                                      Start time (UTC):11:47:43
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:/bin/sh -c "pkill -9 frgreu || busybox pkill -9 frgreu"
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      General

                                                      Start time (UTC):11:47:43
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:-
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      General

                                                      Start time (UTC):11:47:43
                                                      Start date (UTC):28/12/2024
                                                      Path:/usr/bin/pkill
                                                      Arguments:pkill -9 frgreu
                                                      File size:30968 bytes
                                                      MD5 hash:fa96a75a08109d8842e4865b2907d51f

                                                      General

                                                      Start time (UTC):11:47:44
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:-
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      General

                                                      Start time (UTC):11:47:44
                                                      Start date (UTC):28/12/2024
                                                      Path:/usr/bin/busybox
                                                      Arguments:busybox pkill -9 frgreu
                                                      File size:2172376 bytes
                                                      MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                                                      General

                                                      Start time (UTC):11:47:45
                                                      Start date (UTC):28/12/2024
                                                      Path:/tmp/yakuza.arm7.elf
                                                      Arguments:-
                                                      File size:4956856 bytes
                                                      MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                                                      General

                                                      Start time (UTC):11:47:45
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:/bin/sh -c "pkill -9 telnetd || busybox pkill -9 telnetd"
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      General

                                                      Start time (UTC):11:47:45
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:-
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      General

                                                      Start time (UTC):11:47:45
                                                      Start date (UTC):28/12/2024
                                                      Path:/usr/bin/pkill
                                                      Arguments:pkill -9 telnetd
                                                      File size:30968 bytes
                                                      MD5 hash:fa96a75a08109d8842e4865b2907d51f

                                                      General

                                                      Start time (UTC):11:47:46
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:-
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      General

                                                      Start time (UTC):11:47:46
                                                      Start date (UTC):28/12/2024
                                                      Path:/usr/bin/busybox
                                                      Arguments:busybox pkill -9 telnetd
                                                      File size:2172376 bytes
                                                      MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                                                      General

                                                      Start time (UTC):11:47:47
                                                      Start date (UTC):28/12/2024
                                                      Path:/tmp/yakuza.arm7.elf
                                                      Arguments:-
                                                      File size:4956856 bytes
                                                      MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                                                      General

                                                      Start time (UTC):11:47:47
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:/bin/sh -c "pkill -9 0x766f6964 || busybox pkill -9 0x766f6964"
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      General

                                                      Start time (UTC):11:47:48
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:-
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      General

                                                      Start time (UTC):11:47:48
                                                      Start date (UTC):28/12/2024
                                                      Path:/usr/bin/pkill
                                                      Arguments:pkill -9 0x766f6964
                                                      File size:30968 bytes
                                                      MD5 hash:fa96a75a08109d8842e4865b2907d51f

                                                      General

                                                      Start time (UTC):11:47:49
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:-
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      General

                                                      Start time (UTC):11:47:49
                                                      Start date (UTC):28/12/2024
                                                      Path:/usr/bin/busybox
                                                      Arguments:busybox pkill -9 0x766f6964
                                                      File size:2172376 bytes
                                                      MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                                                      General

                                                      Start time (UTC):11:47:50
                                                      Start date (UTC):28/12/2024
                                                      Path:/tmp/yakuza.arm7.elf
                                                      Arguments:-
                                                      File size:4956856 bytes
                                                      MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                                                      General

                                                      Start time (UTC):11:47:50
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:/bin/sh -c "pkill -9 NiGGeRd0nks1337 || busybox pkill -9 NiGGeRd0nks1337"
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      General

                                                      Start time (UTC):11:47:50
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:-
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      General

                                                      Start time (UTC):11:47:50
                                                      Start date (UTC):28/12/2024
                                                      Path:/usr/bin/pkill
                                                      Arguments:pkill -9 NiGGeRd0nks1337
                                                      File size:30968 bytes
                                                      MD5 hash:fa96a75a08109d8842e4865b2907d51f

                                                      General

                                                      Start time (UTC):11:47:51
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:-
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      General

                                                      Start time (UTC):11:47:51
                                                      Start date (UTC):28/12/2024
                                                      Path:/usr/bin/busybox
                                                      Arguments:busybox pkill -9 NiGGeRd0nks1337
                                                      File size:2172376 bytes
                                                      MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                                                      General

                                                      Start time (UTC):11:47:52
                                                      Start date (UTC):28/12/2024
                                                      Path:/tmp/yakuza.arm7.elf
                                                      Arguments:-
                                                      File size:4956856 bytes
                                                      MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                                                      General

                                                      Start time (UTC):11:47:52
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:/bin/sh -c "pkill -9 gaft || busybox pkill -9 gaft"
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      General

                                                      Start time (UTC):11:47:52
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:-
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      General

                                                      Start time (UTC):11:47:52
                                                      Start date (UTC):28/12/2024
                                                      Path:/usr/bin/pkill
                                                      Arguments:pkill -9 gaft
                                                      File size:30968 bytes
                                                      MD5 hash:fa96a75a08109d8842e4865b2907d51f

                                                      General

                                                      Start time (UTC):11:47:53
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:-
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      General

                                                      Start time (UTC):11:47:53
                                                      Start date (UTC):28/12/2024
                                                      Path:/usr/bin/busybox
                                                      Arguments:busybox pkill -9 gaft
                                                      File size:2172376 bytes
                                                      MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                                                      General

                                                      Start time (UTC):11:47:54
                                                      Start date (UTC):28/12/2024
                                                      Path:/tmp/yakuza.arm7.elf
                                                      Arguments:-
                                                      File size:4956856 bytes
                                                      MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                                                      General

                                                      Start time (UTC):11:47:54
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:/bin/sh -c "pkill -9 urasgbsigboa || busybox pkill -9 urasgbsigboa"
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      General

                                                      Start time (UTC):11:47:54
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:-
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      General

                                                      Start time (UTC):11:47:54
                                                      Start date (UTC):28/12/2024
                                                      Path:/usr/bin/pkill
                                                      Arguments:pkill -9 urasgbsigboa
                                                      File size:30968 bytes
                                                      MD5 hash:fa96a75a08109d8842e4865b2907d51f

                                                      General

                                                      Start time (UTC):11:47:55
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:-
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      General

                                                      Start time (UTC):11:47:55
                                                      Start date (UTC):28/12/2024
                                                      Path:/usr/bin/busybox
                                                      Arguments:busybox pkill -9 urasgbsigboa
                                                      File size:2172376 bytes
                                                      MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                                                      General

                                                      Start time (UTC):11:47:56
                                                      Start date (UTC):28/12/2024
                                                      Path:/tmp/yakuza.arm7.elf
                                                      Arguments:-
                                                      File size:4956856 bytes
                                                      MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                                                      General

                                                      Start time (UTC):11:47:56
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:/bin/sh -c "pkill -9 120i3UI49 || busybox pkill -9 120i3UI49"
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      General

                                                      Start time (UTC):11:47:56
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:-
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      General

                                                      Start time (UTC):11:47:56
                                                      Start date (UTC):28/12/2024
                                                      Path:/usr/bin/pkill
                                                      Arguments:pkill -9 120i3UI49
                                                      File size:30968 bytes
                                                      MD5 hash:fa96a75a08109d8842e4865b2907d51f

                                                      General

                                                      Start time (UTC):11:47:57
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:-
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      General

                                                      Start time (UTC):11:47:57
                                                      Start date (UTC):28/12/2024
                                                      Path:/usr/bin/busybox
                                                      Arguments:busybox pkill -9 120i3UI49
                                                      File size:2172376 bytes
                                                      MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                                                      General

                                                      Start time (UTC):11:47:58
                                                      Start date (UTC):28/12/2024
                                                      Path:/tmp/yakuza.arm7.elf
                                                      Arguments:-
                                                      File size:4956856 bytes
                                                      MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                                                      General

                                                      Start time (UTC):11:47:58
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:/bin/sh -c "pkill -9 OaF3 || busybox pkill -9 OaF3"
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      General

                                                      Start time (UTC):11:47:58
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:-
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      General

                                                      Start time (UTC):11:47:58
                                                      Start date (UTC):28/12/2024
                                                      Path:/usr/bin/pkill
                                                      Arguments:pkill -9 OaF3
                                                      File size:30968 bytes
                                                      MD5 hash:fa96a75a08109d8842e4865b2907d51f

                                                      General

                                                      Start time (UTC):11:47:59
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:-
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      General

                                                      Start time (UTC):11:47:59
                                                      Start date (UTC):28/12/2024
                                                      Path:/usr/bin/busybox
                                                      Arguments:busybox pkill -9 OaF3
                                                      File size:2172376 bytes
                                                      MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                                                      General

                                                      Start time (UTC):11:48:00
                                                      Start date (UTC):28/12/2024
                                                      Path:/tmp/yakuza.arm7.elf
                                                      Arguments:-
                                                      File size:4956856 bytes
                                                      MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                                                      General

                                                      Start time (UTC):11:48:00
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:/bin/sh -c "pkill -9 geae || busybox pkill -9 geae"
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      General

                                                      Start time (UTC):11:48:00
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:-
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      General

                                                      Start time (UTC):11:48:00
                                                      Start date (UTC):28/12/2024
                                                      Path:/usr/bin/pkill
                                                      Arguments:pkill -9 geae
                                                      File size:30968 bytes
                                                      MD5 hash:fa96a75a08109d8842e4865b2907d51f

                                                      General

                                                      Start time (UTC):11:48:01
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:-
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      General

                                                      Start time (UTC):11:48:01
                                                      Start date (UTC):28/12/2024
                                                      Path:/usr/bin/busybox
                                                      Arguments:busybox pkill -9 geae
                                                      File size:2172376 bytes
                                                      MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                                                      General

                                                      Start time (UTC):11:48:02
                                                      Start date (UTC):28/12/2024
                                                      Path:/tmp/yakuza.arm7.elf
                                                      Arguments:-
                                                      File size:4956856 bytes
                                                      MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                                                      General

                                                      Start time (UTC):11:48:02
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:/bin/sh -c "pkill -9 vaiolmao || busybox pkill -9 vaiolmao"
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      General

                                                      Start time (UTC):11:48:02
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:-
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      General

                                                      Start time (UTC):11:48:02
                                                      Start date (UTC):28/12/2024
                                                      Path:/usr/bin/pkill
                                                      Arguments:pkill -9 vaiolmao
                                                      File size:30968 bytes
                                                      MD5 hash:fa96a75a08109d8842e4865b2907d51f

                                                      General

                                                      Start time (UTC):11:48:03
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:-
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      General

                                                      Start time (UTC):11:48:03
                                                      Start date (UTC):28/12/2024
                                                      Path:/usr/bin/busybox
                                                      Arguments:busybox pkill -9 vaiolmao
                                                      File size:2172376 bytes
                                                      MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                                                      General

                                                      Start time (UTC):11:48:04
                                                      Start date (UTC):28/12/2024
                                                      Path:/tmp/yakuza.arm7.elf
                                                      Arguments:-
                                                      File size:4956856 bytes
                                                      MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                                                      General

                                                      Start time (UTC):11:48:04
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:/bin/sh -c "pkill -9 123123a || busybox pkill -9 123123a"
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      General

                                                      Start time (UTC):11:48:04
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:-
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      General

                                                      Start time (UTC):11:48:04
                                                      Start date (UTC):28/12/2024
                                                      Path:/usr/bin/pkill
                                                      Arguments:pkill -9 123123a
                                                      File size:30968 bytes
                                                      MD5 hash:fa96a75a08109d8842e4865b2907d51f

                                                      General

                                                      Start time (UTC):11:48:06
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:-
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      General

                                                      Start time (UTC):11:48:06
                                                      Start date (UTC):28/12/2024
                                                      Path:/usr/bin/busybox
                                                      Arguments:busybox pkill -9 123123a
                                                      File size:2172376 bytes
                                                      MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                                                      General

                                                      Start time (UTC):11:48:07
                                                      Start date (UTC):28/12/2024
                                                      Path:/tmp/yakuza.arm7.elf
                                                      Arguments:-
                                                      File size:4956856 bytes
                                                      MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                                                      General

                                                      Start time (UTC):11:48:07
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:/bin/sh -c "pkill -9 Ofurain0n4H34D || busybox pkill -9 Ofurain0n4H34D"
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      General

                                                      Start time (UTC):11:48:07
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:-
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      General

                                                      Start time (UTC):11:48:07
                                                      Start date (UTC):28/12/2024
                                                      Path:/usr/bin/pkill
                                                      Arguments:pkill -9 Ofurain0n4H34D
                                                      File size:30968 bytes
                                                      MD5 hash:fa96a75a08109d8842e4865b2907d51f

                                                      General

                                                      Start time (UTC):11:48:08
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:-
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      General

                                                      Start time (UTC):11:48:08
                                                      Start date (UTC):28/12/2024
                                                      Path:/usr/bin/busybox
                                                      Arguments:busybox pkill -9 Ofurain0n4H34D
                                                      File size:2172376 bytes
                                                      MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                                                      General

                                                      Start time (UTC):11:48:09
                                                      Start date (UTC):28/12/2024
                                                      Path:/tmp/yakuza.arm7.elf
                                                      Arguments:-
                                                      File size:4956856 bytes
                                                      MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                                                      General

                                                      Start time (UTC):11:48:09
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:/bin/sh -c "pkill -9 ggTrex || busybox pkill -9 ggTrex"
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      General

                                                      Start time (UTC):11:48:09
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:-
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      General

                                                      Start time (UTC):11:48:09
                                                      Start date (UTC):28/12/2024
                                                      Path:/usr/bin/pkill
                                                      Arguments:pkill -9 ggTrex
                                                      File size:30968 bytes
                                                      MD5 hash:fa96a75a08109d8842e4865b2907d51f

                                                      General

                                                      Start time (UTC):11:48:10
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:-
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      General

                                                      Start time (UTC):11:48:10
                                                      Start date (UTC):28/12/2024
                                                      Path:/usr/bin/busybox
                                                      Arguments:busybox pkill -9 ggTrex
                                                      File size:2172376 bytes
                                                      MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                                                      General

                                                      Start time (UTC):11:48:11
                                                      Start date (UTC):28/12/2024
                                                      Path:/tmp/yakuza.arm7.elf
                                                      Arguments:-
                                                      File size:4956856 bytes
                                                      MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                                                      General

                                                      Start time (UTC):11:48:11
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:/bin/sh -c "pkill -9 wasads || busybox pkill -9 wasads"
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      General

                                                      Start time (UTC):11:48:11
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:-
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      General

                                                      Start time (UTC):11:48:11
                                                      Start date (UTC):28/12/2024
                                                      Path:/usr/bin/pkill
                                                      Arguments:pkill -9 wasads
                                                      File size:30968 bytes
                                                      MD5 hash:fa96a75a08109d8842e4865b2907d51f

                                                      General

                                                      Start time (UTC):11:48:12
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:-
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      General

                                                      Start time (UTC):11:48:12
                                                      Start date (UTC):28/12/2024
                                                      Path:/usr/bin/busybox
                                                      Arguments:busybox pkill -9 wasads
                                                      File size:2172376 bytes
                                                      MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                                                      General

                                                      Start time (UTC):11:48:13
                                                      Start date (UTC):28/12/2024
                                                      Path:/tmp/yakuza.arm7.elf
                                                      Arguments:-
                                                      File size:4956856 bytes
                                                      MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                                                      General

                                                      Start time (UTC):11:48:13
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:/bin/sh -c "pkill -9 1293194hjXD || busybox pkill -9 1293194hjXD"
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      General

                                                      Start time (UTC):11:48:13
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:-
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      General

                                                      Start time (UTC):11:48:13
                                                      Start date (UTC):28/12/2024
                                                      Path:/usr/bin/pkill
                                                      Arguments:pkill -9 1293194hjXD
                                                      File size:30968 bytes
                                                      MD5 hash:fa96a75a08109d8842e4865b2907d51f

                                                      General

                                                      Start time (UTC):11:48:14
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:-
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      General

                                                      Start time (UTC):11:48:14
                                                      Start date (UTC):28/12/2024
                                                      Path:/usr/bin/busybox
                                                      Arguments:busybox pkill -9 1293194hjXD
                                                      File size:2172376 bytes
                                                      MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                                                      General

                                                      Start time (UTC):11:48:15
                                                      Start date (UTC):28/12/2024
                                                      Path:/tmp/yakuza.arm7.elf
                                                      Arguments:-
                                                      File size:4956856 bytes
                                                      MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                                                      General

                                                      Start time (UTC):11:48:15
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:/bin/sh -c "pkill -9 OthLaLosn || busybox pkill -9 OthLaLosn"
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      General

                                                      Start time (UTC):11:48:15
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:-
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      General

                                                      Start time (UTC):11:48:15
                                                      Start date (UTC):28/12/2024
                                                      Path:/usr/bin/pkill
                                                      Arguments:pkill -9 OthLaLosn
                                                      File size:30968 bytes
                                                      MD5 hash:fa96a75a08109d8842e4865b2907d51f

                                                      General

                                                      Start time (UTC):11:48:16
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:-
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      General

                                                      Start time (UTC):11:48:16
                                                      Start date (UTC):28/12/2024
                                                      Path:/usr/bin/busybox
                                                      Arguments:busybox pkill -9 OthLaLosn
                                                      File size:2172376 bytes
                                                      MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                                                      General

                                                      Start time (UTC):11:48:17
                                                      Start date (UTC):28/12/2024
                                                      Path:/tmp/yakuza.arm7.elf
                                                      Arguments:-
                                                      File size:4956856 bytes
                                                      MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                                                      General

                                                      Start time (UTC):11:48:17
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:/bin/sh -c "pkill -9 ggt || busybox pkill -9 ggt"
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      General

                                                      Start time (UTC):11:48:17
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:-
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      General

                                                      Start time (UTC):11:48:17
                                                      Start date (UTC):28/12/2024
                                                      Path:/usr/bin/pkill
                                                      Arguments:pkill -9 ggt
                                                      File size:30968 bytes
                                                      MD5 hash:fa96a75a08109d8842e4865b2907d51f

                                                      General

                                                      Start time (UTC):11:48:18
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:-
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      General

                                                      Start time (UTC):11:48:18
                                                      Start date (UTC):28/12/2024
                                                      Path:/usr/bin/busybox
                                                      Arguments:busybox pkill -9 ggt
                                                      File size:2172376 bytes
                                                      MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                                                      General

                                                      Start time (UTC):11:48:19
                                                      Start date (UTC):28/12/2024
                                                      Path:/tmp/yakuza.arm7.elf
                                                      Arguments:-
                                                      File size:4956856 bytes
                                                      MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                                                      General

                                                      Start time (UTC):11:48:19
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:/bin/sh -c "pkill -9 wget-log || busybox pkill -9 wget-log"
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      General

                                                      Start time (UTC):11:48:19
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:-
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      General

                                                      Start time (UTC):11:48:19
                                                      Start date (UTC):28/12/2024
                                                      Path:/usr/bin/pkill
                                                      Arguments:pkill -9 wget-log
                                                      File size:30968 bytes
                                                      MD5 hash:fa96a75a08109d8842e4865b2907d51f

                                                      General

                                                      Start time (UTC):11:48:20
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:-
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      General

                                                      Start time (UTC):11:48:20
                                                      Start date (UTC):28/12/2024
                                                      Path:/usr/bin/busybox
                                                      Arguments:busybox pkill -9 wget-log
                                                      File size:2172376 bytes
                                                      MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                                                      General

                                                      Start time (UTC):11:48:21
                                                      Start date (UTC):28/12/2024
                                                      Path:/tmp/yakuza.arm7.elf
                                                      Arguments:-
                                                      File size:4956856 bytes
                                                      MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                                                      General

                                                      Start time (UTC):11:48:21
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:/bin/sh -c "pkill -9 1337SoraLOADER || busybox pkill -9 1337SoraLOADER"
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      General

                                                      Start time (UTC):11:48:21
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:-
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      General

                                                      Start time (UTC):11:48:21
                                                      Start date (UTC):28/12/2024
                                                      Path:/usr/bin/pkill
                                                      Arguments:pkill -9 1337SoraLOADER
                                                      File size:30968 bytes
                                                      MD5 hash:fa96a75a08109d8842e4865b2907d51f

                                                      General

                                                      Start time (UTC):11:48:22
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:-
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      General

                                                      Start time (UTC):11:48:22
                                                      Start date (UTC):28/12/2024
                                                      Path:/usr/bin/busybox
                                                      Arguments:busybox pkill -9 1337SoraLOADER
                                                      File size:2172376 bytes
                                                      MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                                                      General

                                                      Start time (UTC):11:48:23
                                                      Start date (UTC):28/12/2024
                                                      Path:/tmp/yakuza.arm7.elf
                                                      Arguments:-
                                                      File size:4956856 bytes
                                                      MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                                                      General

                                                      Start time (UTC):11:48:23
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:/bin/sh -c "pkill -9 SAIAKINA || busybox pkill -9 SAIAKINA"
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      General

                                                      Start time (UTC):11:48:23
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:-
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      General

                                                      Start time (UTC):11:48:23
                                                      Start date (UTC):28/12/2024
                                                      Path:/usr/bin/pkill
                                                      Arguments:pkill -9 SAIAKINA
                                                      File size:30968 bytes
                                                      MD5 hash:fa96a75a08109d8842e4865b2907d51f

                                                      General

                                                      Start time (UTC):11:48:24
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:-
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      General

                                                      Start time (UTC):11:48:24
                                                      Start date (UTC):28/12/2024
                                                      Path:/usr/bin/busybox
                                                      Arguments:busybox pkill -9 SAIAKINA
                                                      File size:2172376 bytes
                                                      MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                                                      General

                                                      Start time (UTC):11:48:25
                                                      Start date (UTC):28/12/2024
                                                      Path:/tmp/yakuza.arm7.elf
                                                      Arguments:-
                                                      File size:4956856 bytes
                                                      MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                                                      General

                                                      Start time (UTC):11:48:25
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:/bin/sh -c "pkill -9 ggtq || busybox pkill -9 ggtq"
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      General

                                                      Start time (UTC):11:48:25
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:-
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      General

                                                      Start time (UTC):11:48:25
                                                      Start date (UTC):28/12/2024
                                                      Path:/usr/bin/pkill
                                                      Arguments:pkill -9 ggtq
                                                      File size:30968 bytes
                                                      MD5 hash:fa96a75a08109d8842e4865b2907d51f

                                                      General

                                                      Start time (UTC):11:48:26
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:-
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      General

                                                      Start time (UTC):11:48:26
                                                      Start date (UTC):28/12/2024
                                                      Path:/usr/bin/busybox
                                                      Arguments:busybox pkill -9 ggtq
                                                      File size:2172376 bytes
                                                      MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                                                      General

                                                      Start time (UTC):11:48:27
                                                      Start date (UTC):28/12/2024
                                                      Path:/tmp/yakuza.arm7.elf
                                                      Arguments:-
                                                      File size:4956856 bytes
                                                      MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                                                      General

                                                      Start time (UTC):11:48:27
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:/bin/sh -c "pkill -9 1378bfp919GRB1Q2 || busybox pkill -9 1378bfp919GRB1Q2"
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      General

                                                      Start time (UTC):11:48:27
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:-
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      General

                                                      Start time (UTC):11:48:27
                                                      Start date (UTC):28/12/2024
                                                      Path:/usr/bin/pkill
                                                      Arguments:pkill -9 1378bfp919GRB1Q2
                                                      File size:30968 bytes
                                                      MD5 hash:fa96a75a08109d8842e4865b2907d51f

                                                      General

                                                      Start time (UTC):11:48:28
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:-
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      General

                                                      Start time (UTC):11:48:28
                                                      Start date (UTC):28/12/2024
                                                      Path:/usr/bin/busybox
                                                      Arguments:busybox pkill -9 1378bfp919GRB1Q2
                                                      File size:2172376 bytes
                                                      MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                                                      General

                                                      Start time (UTC):11:48:29
                                                      Start date (UTC):28/12/2024
                                                      Path:/tmp/yakuza.arm7.elf
                                                      Arguments:-
                                                      File size:4956856 bytes
                                                      MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                                                      General

                                                      Start time (UTC):11:48:29
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:/bin/sh -c "pkill -9 SAIAKUSO || busybox pkill -9 SAIAKUSO"
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      General

                                                      Start time (UTC):11:48:29
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:-
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      General

                                                      Start time (UTC):11:48:29
                                                      Start date (UTC):28/12/2024
                                                      Path:/usr/bin/pkill
                                                      Arguments:pkill -9 SAIAKUSO
                                                      File size:30968 bytes
                                                      MD5 hash:fa96a75a08109d8842e4865b2907d51f

                                                      General

                                                      Start time (UTC):11:48:30
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:-
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      General

                                                      Start time (UTC):11:48:30
                                                      Start date (UTC):28/12/2024
                                                      Path:/usr/bin/busybox
                                                      Arguments:busybox pkill -9 SAIAKUSO
                                                      File size:2172376 bytes
                                                      MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                                                      General

                                                      Start time (UTC):11:48:31
                                                      Start date (UTC):28/12/2024
                                                      Path:/tmp/yakuza.arm7.elf
                                                      Arguments:-
                                                      File size:4956856 bytes
                                                      MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                                                      General

                                                      Start time (UTC):11:48:31
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:/bin/sh -c "pkill -9 ggtr || busybox pkill -9 ggtr"
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      General

                                                      Start time (UTC):11:48:31
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:-
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      General

                                                      Start time (UTC):11:48:31
                                                      Start date (UTC):28/12/2024
                                                      Path:/usr/bin/pkill
                                                      Arguments:pkill -9 ggtr
                                                      File size:30968 bytes
                                                      MD5 hash:fa96a75a08109d8842e4865b2907d51f

                                                      General

                                                      Start time (UTC):11:48:32
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:-
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      General

                                                      Start time (UTC):11:48:32
                                                      Start date (UTC):28/12/2024
                                                      Path:/usr/bin/busybox
                                                      Arguments:busybox pkill -9 ggtr
                                                      File size:2172376 bytes
                                                      MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                                                      General

                                                      Start time (UTC):11:48:33
                                                      Start date (UTC):28/12/2024
                                                      Path:/tmp/yakuza.arm7.elf
                                                      Arguments:-
                                                      File size:4956856 bytes
                                                      MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                                                      General

                                                      Start time (UTC):11:48:33
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:/bin/sh -c "pkill -9 14Fa || busybox pkill -9 14Fa"
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      General

                                                      Start time (UTC):11:48:33
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:-
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      General

                                                      Start time (UTC):11:48:33
                                                      Start date (UTC):28/12/2024
                                                      Path:/usr/bin/pkill
                                                      Arguments:pkill -9 14Fa
                                                      File size:30968 bytes
                                                      MD5 hash:fa96a75a08109d8842e4865b2907d51f

                                                      General

                                                      Start time (UTC):11:48:34
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:-
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      General

                                                      Start time (UTC):11:48:34
                                                      Start date (UTC):28/12/2024
                                                      Path:/usr/bin/busybox
                                                      Arguments:busybox pkill -9 14Fa
                                                      File size:2172376 bytes
                                                      MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                                                      General

                                                      Start time (UTC):11:48:35
                                                      Start date (UTC):28/12/2024
                                                      Path:/tmp/yakuza.arm7.elf
                                                      Arguments:-
                                                      File size:4956856 bytes
                                                      MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                                                      General

                                                      Start time (UTC):11:48:35
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:/bin/sh -c "pkill -9 SEXSLAVE1337 || busybox pkill -9 SEXSLAVE1337"
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      General

                                                      Start time (UTC):11:48:35
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:-
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      General

                                                      Start time (UTC):11:48:35
                                                      Start date (UTC):28/12/2024
                                                      Path:/usr/bin/pkill
                                                      Arguments:pkill -9 SEXSLAVE1337
                                                      File size:30968 bytes
                                                      MD5 hash:fa96a75a08109d8842e4865b2907d51f

                                                      General

                                                      Start time (UTC):11:48:36
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:-
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      General

                                                      Start time (UTC):11:48:36
                                                      Start date (UTC):28/12/2024
                                                      Path:/usr/bin/busybox
                                                      Arguments:busybox pkill -9 SEXSLAVE1337
                                                      File size:2172376 bytes
                                                      MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                                                      General

                                                      Start time (UTC):11:48:37
                                                      Start date (UTC):28/12/2024
                                                      Path:/tmp/yakuza.arm7.elf
                                                      Arguments:-
                                                      File size:4956856 bytes
                                                      MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                                                      General

                                                      Start time (UTC):11:48:37
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:/bin/sh -c "pkill -9 ggtt || busybox pkill -9 ggtt"
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      General

                                                      Start time (UTC):11:48:37
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:-
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      General

                                                      Start time (UTC):11:48:37
                                                      Start date (UTC):28/12/2024
                                                      Path:/usr/bin/pkill
                                                      Arguments:pkill -9 ggtt
                                                      File size:30968 bytes
                                                      MD5 hash:fa96a75a08109d8842e4865b2907d51f

                                                      General

                                                      Start time (UTC):11:48:38
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:-
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      General

                                                      Start time (UTC):11:48:38
                                                      Start date (UTC):28/12/2024
                                                      Path:/usr/bin/busybox
                                                      Arguments:busybox pkill -9 ggtt
                                                      File size:2172376 bytes
                                                      MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                                                      General

                                                      Start time (UTC):11:48:39
                                                      Start date (UTC):28/12/2024
                                                      Path:/tmp/yakuza.arm7.elf
                                                      Arguments:-
                                                      File size:4956856 bytes
                                                      MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                                                      General

                                                      Start time (UTC):11:48:39
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:/bin/sh -c "pkill -9 1902a3u912u3u4 || busybox pkill -9 1902a3u912u3u4"
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      General

                                                      Start time (UTC):11:48:39
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:-
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      General

                                                      Start time (UTC):11:48:39
                                                      Start date (UTC):28/12/2024
                                                      Path:/usr/bin/pkill
                                                      Arguments:pkill -9 1902a3u912u3u4
                                                      File size:30968 bytes
                                                      MD5 hash:fa96a75a08109d8842e4865b2907d51f

                                                      General

                                                      Start time (UTC):11:48:40
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:-
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      General

                                                      Start time (UTC):11:48:40
                                                      Start date (UTC):28/12/2024
                                                      Path:/usr/bin/busybox
                                                      Arguments:busybox pkill -9 1902a3u912u3u4
                                                      File size:2172376 bytes
                                                      MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                                                      General

                                                      Start time (UTC):11:48:41
                                                      Start date (UTC):28/12/2024
                                                      Path:/tmp/yakuza.arm7.elf
                                                      Arguments:-
                                                      File size:4956856 bytes
                                                      MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                                                      General

                                                      Start time (UTC):11:48:41
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:/bin/sh -c "pkill -9 SO190Ij1X || busybox pkill -9 SO190Ij1X"
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      General

                                                      Start time (UTC):11:48:41
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:-
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      General

                                                      Start time (UTC):11:48:41
                                                      Start date (UTC):28/12/2024
                                                      Path:/usr/bin/pkill
                                                      Arguments:pkill -9 SO190Ij1X
                                                      File size:30968 bytes
                                                      MD5 hash:fa96a75a08109d8842e4865b2907d51f

                                                      General

                                                      Start time (UTC):11:48:42
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:-
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      General

                                                      Start time (UTC):11:48:42
                                                      Start date (UTC):28/12/2024
                                                      Path:/usr/bin/busybox
                                                      Arguments:busybox pkill -9 SO190Ij1X
                                                      File size:2172376 bytes
                                                      MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                                                      General

                                                      Start time (UTC):11:48:43
                                                      Start date (UTC):28/12/2024
                                                      Path:/tmp/yakuza.arm7.elf
                                                      Arguments:-
                                                      File size:4956856 bytes
                                                      MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                                                      General

                                                      Start time (UTC):11:48:43
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:/bin/sh -c "pkill -9 haetrghbr || busybox pkill -9 haetrghbr"
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      General

                                                      Start time (UTC):11:48:43
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:-
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      General

                                                      Start time (UTC):11:48:43
                                                      Start date (UTC):28/12/2024
                                                      Path:/usr/bin/pkill
                                                      Arguments:pkill -9 haetrghbr
                                                      File size:30968 bytes
                                                      MD5 hash:fa96a75a08109d8842e4865b2907d51f

                                                      General

                                                      Start time (UTC):11:48:44
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:-
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      General

                                                      Start time (UTC):11:48:44
                                                      Start date (UTC):28/12/2024
                                                      Path:/usr/bin/busybox
                                                      Arguments:busybox pkill -9 haetrghbr
                                                      File size:2172376 bytes
                                                      MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                                                      General

                                                      Start time (UTC):11:48:45
                                                      Start date (UTC):28/12/2024
                                                      Path:/tmp/yakuza.arm7.elf
                                                      Arguments:-
                                                      File size:4956856 bytes
                                                      MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                                                      General

                                                      Start time (UTC):11:48:45
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:/bin/sh -c "pkill -9 19ju3d || busybox pkill -9 19ju3d"
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      General

                                                      Start time (UTC):11:48:45
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:-
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      General

                                                      Start time (UTC):11:48:45
                                                      Start date (UTC):28/12/2024
                                                      Path:/usr/bin/pkill
                                                      Arguments:pkill -9 19ju3d
                                                      File size:30968 bytes
                                                      MD5 hash:fa96a75a08109d8842e4865b2907d51f

                                                      General

                                                      Start time (UTC):11:48:46
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:-
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      General

                                                      Start time (UTC):11:48:46
                                                      Start date (UTC):28/12/2024
                                                      Path:/usr/bin/busybox
                                                      Arguments:busybox pkill -9 19ju3d
                                                      File size:2172376 bytes
                                                      MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                                                      General

                                                      Start time (UTC):11:48:47
                                                      Start date (UTC):28/12/2024
                                                      Path:/tmp/yakuza.arm7.elf
                                                      Arguments:-
                                                      File size:4956856 bytes
                                                      MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                                                      General

                                                      Start time (UTC):11:48:47
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:/bin/sh -c "pkill -9 SORAojkf120 || busybox pkill -9 SORAojkf120"
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      General

                                                      Start time (UTC):11:48:47
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:-
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      General

                                                      Start time (UTC):11:48:47
                                                      Start date (UTC):28/12/2024
                                                      Path:/usr/bin/pkill
                                                      Arguments:pkill -9 SORAojkf120
                                                      File size:30968 bytes
                                                      MD5 hash:fa96a75a08109d8842e4865b2907d51f

                                                      General

                                                      Start time (UTC):11:48:48
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:-
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      General

                                                      Start time (UTC):11:48:48
                                                      Start date (UTC):28/12/2024
                                                      Path:/usr/bin/busybox
                                                      Arguments:busybox pkill -9 SORAojkf120
                                                      File size:2172376 bytes
                                                      MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                                                      General

                                                      Start time (UTC):11:48:49
                                                      Start date (UTC):28/12/2024
                                                      Path:/tmp/yakuza.arm7.elf
                                                      Arguments:-
                                                      File size:4956856 bytes
                                                      MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                                                      General

                                                      Start time (UTC):11:48:49
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:/bin/sh -c "pkill -9 hehahejeje92 || busybox pkill -9 hehahejeje92"
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      General

                                                      Start time (UTC):11:48:49
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:-
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      General

                                                      Start time (UTC):11:48:49
                                                      Start date (UTC):28/12/2024
                                                      Path:/usr/bin/pkill
                                                      Arguments:pkill -9 hehahejeje92
                                                      File size:30968 bytes
                                                      MD5 hash:fa96a75a08109d8842e4865b2907d51f

                                                      General

                                                      Start time (UTC):11:48:50
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:-
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      General

                                                      Start time (UTC):11:48:50
                                                      Start date (UTC):28/12/2024
                                                      Path:/usr/bin/busybox
                                                      Arguments:busybox pkill -9 hehahejeje92
                                                      File size:2172376 bytes
                                                      MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc

                                                      General

                                                      Start time (UTC):11:48:51
                                                      Start date (UTC):28/12/2024
                                                      Path:/tmp/yakuza.arm7.elf
                                                      Arguments:-
                                                      File size:4956856 bytes
                                                      MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                                                      General

                                                      Start time (UTC):11:48:51
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:/bin/sh -c "pkill -9 2U2JDJA901F91 || busybox pkill -9 2U2JDJA901F91"
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      General

                                                      Start time (UTC):11:48:51
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:-
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      General

                                                      Start time (UTC):11:48:51
                                                      Start date (UTC):28/12/2024
                                                      Path:/usr/bin/pkill
                                                      Arguments:pkill -9 2U2JDJA901F91
                                                      File size:30968 bytes
                                                      MD5 hash:fa96a75a08109d8842e4865b2907d51f

                                                      General

                                                      Start time (UTC):11:48:52
                                                      Start date (UTC):28/12/2024
                                                      Path:/bin/sh
                                                      Arguments:-
                                                      File size:129816 bytes
                                                      MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                      General

                                                      Start time (UTC):11:48:52
                                                      Start date (UTC):28/12/2024
                                                      Path:/usr/bin/busybox
                                                      Arguments:busybox pkill -9 2U2JDJA901F91
                                                      File size:2172376 bytes
                                                      MD5 hash:70584dffe9cb0309eb22ba78aa54bcdc