Linux
Analysis Report
boatnet.mips.elf
Overview
General Information
Detection
Score: | 80 |
Range: | 0 - 100 |
Whitelisted: | false |
Signatures
Classification
Joe Sandbox version: | 42.0.0 Malachite |
Analysis ID: | 1590307 |
Start date and time: | 2025-01-13 23:06:43 +01:00 |
Joe Sandbox product: | CloudBasic |
Overall analysis duration: | 0h 5m 22s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | defaultlinuxfilecookbook.jbs |
Analysis system description: | Ubuntu Linux 20.04 x64 (Kernel 5.4.0-72, Firefox 91.0, Evince Document Viewer 3.36.10, LibreOffice 6.4.7.2, OpenJDK 11.0.11) |
Analysis Mode: | default |
Sample name: | boatnet.mips.elf |
Detection: | MAL |
Classification: | mal80.spre.troj.evad.linELF@0/0@0/0 |
Command: | /tmp/boatnet.mips.elf |
PID: | 6282 |
Exit Code: | 0 |
Exit Code Info: | |
Killed: | False |
Standard Output: | lzrd cock fest"/proc/"/exe |
Standard Error: |
- system is lnxubuntu20
- dash New Fork (PID: 6241, Parent: 4331)
- dash New Fork (PID: 6242, Parent: 4331)
- dash New Fork (PID: 6243, Parent: 4331)
- dash New Fork (PID: 6244, Parent: 4331)
- dash New Fork (PID: 6245, Parent: 4331)
- dash New Fork (PID: 6246, Parent: 4331)
- dash New Fork (PID: 6247, Parent: 4331)
- dash New Fork (PID: 6248, Parent: 4331)
- dash New Fork (PID: 6249, Parent: 4331)
- dash New Fork (PID: 6250, Parent: 4331)
- boatnet.mips.elf New Fork (PID: 6284, Parent: 6282)
- boatnet.mips.elf New Fork (PID: 6285, Parent: 6282)
- boatnet.mips.elf New Fork (PID: 6286, Parent: 6282)
- xfce4-panel New Fork (PID: 6293, Parent: 2063)
- xfce4-panel New Fork (PID: 6294, Parent: 2063)
- xfce4-panel New Fork (PID: 6295, Parent: 2063)
- xfce4-panel New Fork (PID: 6296, Parent: 2063)
- xfce4-panel New Fork (PID: 6297, Parent: 2063)
- xfce4-panel New Fork (PID: 6298, Parent: 2063)
- dbus-daemon New Fork (PID: 6304, Parent: 6303)
- cleanup
Name | Description | Attribution | Blogpost URLs | Link |
---|---|---|---|---|
Mirai | Mirai is one of the first significant botnets targeting exposed networking devices running Linux. Found in August 2016 by MalwareMustDie, its name means "future" in Japanese. Nowadays it targets a wide range of networked embedded devices such as IP cameras, home routers (many vendors involved), and other IoT devices. Since the source code was published on "Hack Forums" many variants of the Mirai family appeared, infecting mostly home networks all around the world. | No Attribution |
Source | Rule | Description | Author | Strings |
---|---|---|---|---|
JoeSecurity_Mirai_5 | Yara detected Mirai | Joe Security | ||
JoeSecurity_Mirai_8 | Yara detected Mirai | Joe Security | ||
Linux_Trojan_Gafgyt_28a2fe0c | unknown | unknown |
| |
Linux_Trojan_Gafgyt_ea92cca8 | unknown | unknown |
| |
Mirai_Botnet_Malware | Detects Mirai Botnet Malware | Florian Roth |
| |
Click to see the 22 entries |
- • AV Detection
- • Networking
- • System Summary
- • Data Obfuscation
- • Persistence and Installation Behavior
- • Hooking and other Techniques for Hiding and Protection
- • Malware Analysis System Evasion
- • Stealing of Sensitive Information
- • Remote Access Functionality
Click to jump to signature section
AV Detection |
---|
Source: | Virustotal: | Perma Link | ||
Source: | ReversingLabs: |
Source: | TCP traffic: |
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: |
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: |
Source: | String found in binary or memory: |
Source: | Network traffic detected: | ||
Source: | Network traffic detected: |
System Summary |
---|
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: |
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior |
Source: | Program segment: |
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior |
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: |
Source: | Classification label: |
Data Obfuscation |
---|
Source: | String containing UPX found: | ||
Source: | String containing UPX found: | ||
Source: | String containing UPX found: |
Source: | Directory: | Jump to behavior | ||
Source: | Directory: | Jump to behavior | ||
Source: | Directory: | Jump to behavior | ||
Source: | Directory: | Jump to behavior | ||
Source: | Directory: | Jump to behavior | ||
Source: | Directory: | Jump to behavior | ||
Source: | Directory: | Jump to behavior | ||
Source: | Directory: | Jump to behavior | ||
Source: | Directory: | Jump to behavior | ||
Source: | Directory: | Jump to behavior | ||
Source: | Directory: | Jump to behavior | ||
Source: | Directory: | Jump to behavior | ||
Source: | Directory: | Jump to behavior | ||
Source: | Directory: | Jump to behavior | ||
Source: | Directory: | Jump to behavior | ||
Source: | Directory: | Jump to behavior | ||
Source: | Directory: | Jump to behavior | ||
Source: | Directory: | Jump to behavior | ||
Source: | Directory: | Jump to behavior | ||
Source: | Directory: | Jump to behavior | ||
Source: | Directory: | Jump to behavior | ||
Source: | Directory: | Jump to behavior | ||
Source: | Directory: | Jump to behavior | ||
Source: | Directory: | Jump to behavior | ||
Source: | Directory: | Jump to behavior | ||
Source: | Directory: | Jump to behavior | ||
Source: | Directory: | Jump to behavior | ||
Source: | Directory: | Jump to behavior | ||
Source: | Directory: | Jump to behavior | ||
Source: | Directory: | Jump to behavior | ||
Source: | Directory: | Jump to behavior | ||
Source: | Directory: | Jump to behavior | ||
Source: | Directory: | Jump to behavior | ||
Source: | Directory: | Jump to behavior | ||
Source: | Directory: | Jump to behavior | ||
Source: | Directory: | Jump to behavior | ||
Source: | Directory: | Jump to behavior | ||
Source: | Directory: | Jump to behavior | ||
Source: | Directory: | Jump to behavior | ||
Source: | Directory: | Jump to behavior | ||
Source: | Directory: | Jump to behavior | ||
Source: | Directory: | Jump to behavior | ||
Source: | Directory: | Jump to behavior | ||
Source: | Directory: | Jump to behavior | ||
Source: | Directory: | Jump to behavior | ||
Source: | Directory: | Jump to behavior | ||
Source: | Directory: | Jump to behavior | ||
Source: | Directory: | Jump to behavior | ||
Source: | Directory: | Jump to behavior | ||
Source: | Directory: | Jump to behavior | ||
Source: | Directory: | Jump to behavior | ||
Source: | Directory: | Jump to behavior | ||
Source: | Directory: | Jump to behavior | ||
Source: | Directory: | Jump to behavior | ||
Source: | Directory: | Jump to behavior | ||
Source: | Directory: | Jump to behavior | ||
Source: | Directory: | Jump to behavior | ||
Source: | Directory: | Jump to behavior | ||
Source: | Directory: | Jump to behavior | ||
Source: | Directory: | Jump to behavior | ||
Source: | Directory: | Jump to behavior | ||
Source: | Directory: | Jump to behavior | ||
Source: | Directory: | Jump to behavior | ||
Source: | Directory: | Jump to behavior | ||
Source: | Directory: | Jump to behavior | ||
Source: | Directory: | Jump to behavior | ||
Source: | Directory: | Jump to behavior | ||
Source: | Directory: | Jump to behavior | ||
Source: | Directory: | Jump to behavior | ||
Source: | Directory: | Jump to behavior | ||
Source: | Directory: | Jump to behavior | ||
Source: | Directory: | Jump to behavior | ||
Source: | Directory: | Jump to behavior | ||
Source: | Directory: | Jump to behavior | ||
Source: | Directory: | Jump to behavior | ||
Source: | Directory: | Jump to behavior | ||
Source: | Directory: | Jump to behavior | ||
Source: | Directory: | Jump to behavior |
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior |
Source: | Rm executable: | Jump to behavior | ||
Source: | Rm executable: | Jump to behavior |
Source: | Submission file: |
Source: | Queries kernel information via 'uname': | Jump to behavior | ||
Source: | Queries kernel information via 'uname': | Jump to behavior |
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: |
Stealing of Sensitive Information |
---|
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: |
Remote Access Functionality |
---|
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: |
Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Gather Victim Identity Information | Acquire Infrastructure | Valid Accounts | Windows Management Instrumentation | Path Interception | Path Interception | 1 Hidden Files and Directories | 1 OS Credential Dumping | 11 Security Software Discovery | Remote Services | Data from Local System | 1 Encrypted Channel | Exfiltration Over Other Network Medium | 1 Service Stop |
Credentials | Domains | Default Accounts | Scheduled Task/Job | Boot or Logon Initialization Scripts | Boot or Logon Initialization Scripts | 11 Obfuscated Files or Information | LSASS Memory | Application Window Discovery | Remote Desktop Protocol | Data from Removable Media | 1 Non-Standard Port | Exfiltration Over Bluetooth | Network Denial of Service |
Email Addresses | DNS Server | Domain Accounts | At | Logon Script (Windows) | Logon Script (Windows) | 1 File Deletion | Security Account Manager | Query Registry | SMB/Windows Admin Shares | Data from Network Shared Drive | 1 Application Layer Protocol | Automated Exfiltration | Data Encrypted for Impact |
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
38% | Virustotal | Browse | ||
58% | ReversingLabs | Linux.Trojan.Mirai |
Name | Source | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|
false | high |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
96.62.214.10 | unknown | United States | 35908 | VPLSNETUS | false | |
109.202.202.202 | unknown | Switzerland | 13030 | INIT7CH | false | |
91.189.91.43 | unknown | United Kingdom | 41231 | CANONICAL-ASGB | false | |
91.189.91.42 | unknown | United Kingdom | 41231 | CANONICAL-ASGB | false |
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
96.62.214.10 | Get hash | malicious | Mirai | Browse | ||
Get hash | malicious | Mirai | Browse | |||
Get hash | malicious | Mirai | Browse | |||
Get hash | malicious | Mirai | Browse | |||
Get hash | malicious | Mirai | Browse | |||
Get hash | malicious | Mirai | Browse | |||
109.202.202.202 | Get hash | malicious | Unknown | Browse |
| |
91.189.91.43 | Get hash | malicious | Mirai | Browse | ||
Get hash | malicious | Prometei | Browse | |||
Get hash | malicious | Prometei | Browse | |||
Get hash | malicious | Mirai | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Gafgyt, Mirai | Browse | |||
Get hash | malicious | Gafgyt, Mirai | Browse | |||
Get hash | malicious | Prometei | Browse | |||
Get hash | malicious | Prometei | Browse | |||
Get hash | malicious | Prometei | Browse | |||
91.189.91.42 | Get hash | malicious | Mirai | Browse | ||
Get hash | malicious | Prometei | Browse | |||
Get hash | malicious | Prometei | Browse | |||
Get hash | malicious | Mirai | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Gafgyt, Mirai | Browse | |||
Get hash | malicious | Gafgyt, Mirai | Browse | |||
Get hash | malicious | Prometei | Browse | |||
Get hash | malicious | Prometei | Browse | |||
Get hash | malicious | Prometei | Browse |
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
CANONICAL-ASGB | Get hash | malicious | Mirai | Browse |
| |
Get hash | malicious | Prometei | Browse |
| ||
Get hash | malicious | Prometei | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Gafgyt, Mirai | Browse |
| ||
Get hash | malicious | Gafgyt, Mirai | Browse |
| ||
Get hash | malicious | Gafgyt, Mirai | Browse |
| ||
Get hash | malicious | Prometei | Browse |
| ||
Get hash | malicious | Prometei | Browse |
| ||
CANONICAL-ASGB | Get hash | malicious | Mirai | Browse |
| |
Get hash | malicious | Prometei | Browse |
| ||
Get hash | malicious | Prometei | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Gafgyt, Mirai | Browse |
| ||
Get hash | malicious | Gafgyt, Mirai | Browse |
| ||
Get hash | malicious | Gafgyt, Mirai | Browse |
| ||
Get hash | malicious | Prometei | Browse |
| ||
Get hash | malicious | Prometei | Browse |
| ||
INIT7CH | Get hash | malicious | Mirai | Browse |
| |
Get hash | malicious | Prometei | Browse |
| ||
Get hash | malicious | Prometei | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Gafgyt, Mirai | Browse |
| ||
Get hash | malicious | Gafgyt, Mirai | Browse |
| ||
Get hash | malicious | Prometei | Browse |
| ||
Get hash | malicious | Prometei | Browse |
| ||
Get hash | malicious | Prometei | Browse |
| ||
VPLSNETUS | Get hash | malicious | Mirai | Browse |
| |
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | MassLogger RAT | Browse |
| ||
Get hash | malicious | MassLogger RAT | Browse |
| ||
Get hash | malicious | Phisher | Browse |
|
File type: | |
Entropy (8bit): | 7.907868296028971 |
TrID: |
|
File name: | boatnet.mips.elf |
File size: | 32'188 bytes |
MD5: | 2f594890add432e0ba6eceeb458301ed |
SHA1: | d8a528ba4a6e6f5fc2010c23cf8e75752c4cb91d |
SHA256: | ca2e75b60235e8677b53d2f2442a83eecfd3f6720ecdac14d0ef7626cde68b09 |
SHA512: | 841aac9a5d55dac8b7c9f91349320eb279e5086b34a179bf60c7c5c8460cc3acb4b28944e9f1e203dedf0cb0a410ae4999ff627272373758b4763d9046969409 |
SSDEEP: | 768:3BHAmM1r8iRvylPd2Ww+9r8qG5Wu92uVbaMPJhCBJgGlzDpbuR1J3D:3I3Kv2oD4Ww28a4hCTVJupD |
TLSH: | 93E2E21A1B011CD9F82AD2FB0BD50769691287B59497AC6F3BE0C1D78CAC45C78D37E4 |
File Content Preview: | .ELF......................iH...4.........4. ...(......................|...|..................E...E..................J...UPX!.h.....................U.......?.E.h4...@b..) ..]....E......;.\.Z=.k_2Xk8....U...S......~.1.a.*.C..v...z."g............eJ.......... |
ELF header | |
---|---|
Class: | |
Data: | |
Version: | |
Machine: | |
Version Number: | |
Type: | |
OS/ABI: | |
ABI Version: | 0 |
Entry Point Address: | |
Flags: | |
ELF Header Size: | 52 |
Program Header Offset: | 52 |
Program Header Size: | 32 |
Number of Program Headers: | 2 |
Section Header Offset: | 0 |
Section Header Size: | 40 |
Number of Section Headers: | 0 |
Header String Table Index: | 0 |
Type | Offset | Virtual Address | Physical Address | File Size | Memory Size | Entropy | Flags | Flags Description | Align | Prog Interpreter | Section Mappings |
---|---|---|---|---|---|---|---|---|---|---|---|
LOAD | 0x0 | 0x100000 | 0x100000 | 0x7c8c | 0x7c8c | 7.9108 | 0x5 | R E | 0x10000 | ||
LOAD | 0xaaf8 | 0x45aaf8 | 0x45aaf8 | 0x0 | 0x0 | 0.0000 | 0x6 | RW | 0x10000 |
Download Network PCAP: filtered – full
- Total Packets: 55
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Jan 13, 2025 23:07:41.721311092 CET | 57508 | 3778 | 192.168.2.23 | 96.62.214.10 |
Jan 13, 2025 23:07:41.726154089 CET | 3778 | 57508 | 96.62.214.10 | 192.168.2.23 |
Jan 13, 2025 23:07:41.726387978 CET | 57508 | 3778 | 192.168.2.23 | 96.62.214.10 |
Jan 13, 2025 23:07:41.750394106 CET | 57508 | 3778 | 192.168.2.23 | 96.62.214.10 |
Jan 13, 2025 23:07:41.755234003 CET | 3778 | 57508 | 96.62.214.10 | 192.168.2.23 |
Jan 13, 2025 23:07:41.755319118 CET | 57508 | 3778 | 192.168.2.23 | 96.62.214.10 |
Jan 13, 2025 23:07:41.760137081 CET | 3778 | 57508 | 96.62.214.10 | 192.168.2.23 |
Jan 13, 2025 23:07:42.529207945 CET | 3778 | 57508 | 96.62.214.10 | 192.168.2.23 |
Jan 13, 2025 23:07:42.529489994 CET | 57508 | 3778 | 192.168.2.23 | 96.62.214.10 |
Jan 13, 2025 23:07:42.529573917 CET | 57508 | 3778 | 192.168.2.23 | 96.62.214.10 |
Jan 13, 2025 23:07:42.530612946 CET | 57510 | 3778 | 192.168.2.23 | 96.62.214.10 |
Jan 13, 2025 23:07:42.538625002 CET | 3778 | 57510 | 96.62.214.10 | 192.168.2.23 |
Jan 13, 2025 23:07:42.538700104 CET | 57510 | 3778 | 192.168.2.23 | 96.62.214.10 |
Jan 13, 2025 23:07:42.540333033 CET | 57510 | 3778 | 192.168.2.23 | 96.62.214.10 |
Jan 13, 2025 23:07:42.546415091 CET | 3778 | 57510 | 96.62.214.10 | 192.168.2.23 |
Jan 13, 2025 23:07:42.546473980 CET | 57510 | 3778 | 192.168.2.23 | 96.62.214.10 |
Jan 13, 2025 23:07:42.553852081 CET | 3778 | 57510 | 96.62.214.10 | 192.168.2.23 |
Jan 13, 2025 23:07:43.329152107 CET | 3778 | 57510 | 96.62.214.10 | 192.168.2.23 |
Jan 13, 2025 23:07:43.329411983 CET | 57510 | 3778 | 192.168.2.23 | 96.62.214.10 |
Jan 13, 2025 23:07:43.329411983 CET | 57510 | 3778 | 192.168.2.23 | 96.62.214.10 |
Jan 13, 2025 23:07:43.330127001 CET | 57512 | 3778 | 192.168.2.23 | 96.62.214.10 |
Jan 13, 2025 23:07:43.334963083 CET | 3778 | 57512 | 96.62.214.10 | 192.168.2.23 |
Jan 13, 2025 23:07:43.335064888 CET | 57512 | 3778 | 192.168.2.23 | 96.62.214.10 |
Jan 13, 2025 23:07:43.337749958 CET | 57512 | 3778 | 192.168.2.23 | 96.62.214.10 |
Jan 13, 2025 23:07:43.342645884 CET | 3778 | 57512 | 96.62.214.10 | 192.168.2.23 |
Jan 13, 2025 23:07:43.342894077 CET | 57512 | 3778 | 192.168.2.23 | 96.62.214.10 |
Jan 13, 2025 23:07:43.347723961 CET | 3778 | 57512 | 96.62.214.10 | 192.168.2.23 |
Jan 13, 2025 23:07:44.064013958 CET | 42836 | 443 | 192.168.2.23 | 91.189.91.43 |
Jan 13, 2025 23:07:44.108659983 CET | 3778 | 57512 | 96.62.214.10 | 192.168.2.23 |
Jan 13, 2025 23:07:44.108990908 CET | 57512 | 3778 | 192.168.2.23 | 96.62.214.10 |
Jan 13, 2025 23:07:44.108990908 CET | 57512 | 3778 | 192.168.2.23 | 96.62.214.10 |
Jan 13, 2025 23:07:44.110397100 CET | 57514 | 3778 | 192.168.2.23 | 96.62.214.10 |
Jan 13, 2025 23:07:44.115169048 CET | 3778 | 57514 | 96.62.214.10 | 192.168.2.23 |
Jan 13, 2025 23:07:44.115344048 CET | 57514 | 3778 | 192.168.2.23 | 96.62.214.10 |
Jan 13, 2025 23:07:44.117516041 CET | 57514 | 3778 | 192.168.2.23 | 96.62.214.10 |
Jan 13, 2025 23:07:44.122404099 CET | 3778 | 57514 | 96.62.214.10 | 192.168.2.23 |
Jan 13, 2025 23:07:44.122543097 CET | 57514 | 3778 | 192.168.2.23 | 96.62.214.10 |
Jan 13, 2025 23:07:44.127374887 CET | 3778 | 57514 | 96.62.214.10 | 192.168.2.23 |
Jan 13, 2025 23:07:44.908515930 CET | 3778 | 57514 | 96.62.214.10 | 192.168.2.23 |
Jan 13, 2025 23:07:44.908621073 CET | 57514 | 3778 | 192.168.2.23 | 96.62.214.10 |
Jan 13, 2025 23:07:44.908657074 CET | 57514 | 3778 | 192.168.2.23 | 96.62.214.10 |
Jan 13, 2025 23:07:44.909229040 CET | 57516 | 3778 | 192.168.2.23 | 96.62.214.10 |
Jan 13, 2025 23:07:44.914100885 CET | 3778 | 57516 | 96.62.214.10 | 192.168.2.23 |
Jan 13, 2025 23:07:44.914169073 CET | 57516 | 3778 | 192.168.2.23 | 96.62.214.10 |
Jan 13, 2025 23:07:44.914827108 CET | 57516 | 3778 | 192.168.2.23 | 96.62.214.10 |
Jan 13, 2025 23:07:44.919666052 CET | 3778 | 57516 | 96.62.214.10 | 192.168.2.23 |
Jan 13, 2025 23:07:44.919717073 CET | 57516 | 3778 | 192.168.2.23 | 96.62.214.10 |
Jan 13, 2025 23:07:44.924566031 CET | 3778 | 57516 | 96.62.214.10 | 192.168.2.23 |
Jan 13, 2025 23:07:45.599550009 CET | 42516 | 80 | 192.168.2.23 | 109.202.202.202 |
Jan 13, 2025 23:07:45.687479019 CET | 3778 | 57516 | 96.62.214.10 | 192.168.2.23 |
Jan 13, 2025 23:07:45.687578917 CET | 57516 | 3778 | 192.168.2.23 | 96.62.214.10 |
Jan 13, 2025 23:07:45.687619925 CET | 57516 | 3778 | 192.168.2.23 | 96.62.214.10 |
Jan 13, 2025 23:07:45.688218117 CET | 57518 | 3778 | 192.168.2.23 | 96.62.214.10 |
Jan 13, 2025 23:07:45.693614960 CET | 3778 | 57518 | 96.62.214.10 | 192.168.2.23 |
Jan 13, 2025 23:07:45.693691969 CET | 57518 | 3778 | 192.168.2.23 | 96.62.214.10 |
Jan 13, 2025 23:07:45.694386005 CET | 57518 | 3778 | 192.168.2.23 | 96.62.214.10 |
Jan 13, 2025 23:07:45.699218988 CET | 3778 | 57518 | 96.62.214.10 | 192.168.2.23 |
Jan 13, 2025 23:07:45.699295044 CET | 57518 | 3778 | 192.168.2.23 | 96.62.214.10 |
Jan 13, 2025 23:07:45.704111099 CET | 3778 | 57518 | 96.62.214.10 | 192.168.2.23 |
Jan 13, 2025 23:07:46.485529900 CET | 3778 | 57518 | 96.62.214.10 | 192.168.2.23 |
Jan 13, 2025 23:07:46.485662937 CET | 57518 | 3778 | 192.168.2.23 | 96.62.214.10 |
Jan 13, 2025 23:07:46.485697985 CET | 57518 | 3778 | 192.168.2.23 | 96.62.214.10 |
Jan 13, 2025 23:07:46.486274958 CET | 57520 | 3778 | 192.168.2.23 | 96.62.214.10 |
Jan 13, 2025 23:07:46.491106987 CET | 3778 | 57520 | 96.62.214.10 | 192.168.2.23 |
Jan 13, 2025 23:07:46.491178036 CET | 57520 | 3778 | 192.168.2.23 | 96.62.214.10 |
Jan 13, 2025 23:07:46.491853952 CET | 57520 | 3778 | 192.168.2.23 | 96.62.214.10 |
Jan 13, 2025 23:07:46.496598005 CET | 3778 | 57520 | 96.62.214.10 | 192.168.2.23 |
Jan 13, 2025 23:07:46.496661901 CET | 57520 | 3778 | 192.168.2.23 | 96.62.214.10 |
Jan 13, 2025 23:07:46.501487017 CET | 3778 | 57520 | 96.62.214.10 | 192.168.2.23 |
Jan 13, 2025 23:07:47.272121906 CET | 3778 | 57520 | 96.62.214.10 | 192.168.2.23 |
Jan 13, 2025 23:07:47.272176981 CET | 57520 | 3778 | 192.168.2.23 | 96.62.214.10 |
Jan 13, 2025 23:07:47.272218943 CET | 57520 | 3778 | 192.168.2.23 | 96.62.214.10 |
Jan 13, 2025 23:07:47.274818897 CET | 57522 | 3778 | 192.168.2.23 | 96.62.214.10 |
Jan 13, 2025 23:07:47.279638052 CET | 3778 | 57522 | 96.62.214.10 | 192.168.2.23 |
Jan 13, 2025 23:07:47.279694080 CET | 57522 | 3778 | 192.168.2.23 | 96.62.214.10 |
Jan 13, 2025 23:07:47.285532951 CET | 57522 | 3778 | 192.168.2.23 | 96.62.214.10 |
Jan 13, 2025 23:07:47.290302992 CET | 3778 | 57522 | 96.62.214.10 | 192.168.2.23 |
Jan 13, 2025 23:07:47.290342093 CET | 57522 | 3778 | 192.168.2.23 | 96.62.214.10 |
Jan 13, 2025 23:07:47.295151949 CET | 3778 | 57522 | 96.62.214.10 | 192.168.2.23 |
Jan 13, 2025 23:07:47.572447062 CET | 57522 | 3778 | 192.168.2.23 | 96.62.214.10 |
Jan 13, 2025 23:07:47.623414040 CET | 3778 | 57522 | 96.62.214.10 | 192.168.2.23 |
Jan 13, 2025 23:07:47.801884890 CET | 3778 | 57522 | 96.62.214.10 | 192.168.2.23 |
Jan 13, 2025 23:07:47.801942110 CET | 57522 | 3778 | 192.168.2.23 | 96.62.214.10 |
Jan 13, 2025 23:07:59.933710098 CET | 43928 | 443 | 192.168.2.23 | 91.189.91.42 |
Jan 13, 2025 23:08:10.172235966 CET | 42836 | 443 | 192.168.2.23 | 91.189.91.43 |
Jan 13, 2025 23:08:16.315366030 CET | 42516 | 80 | 192.168.2.23 | 109.202.202.202 |
Jan 13, 2025 23:08:40.887995005 CET | 43928 | 443 | 192.168.2.23 | 91.189.91.42 |
Jan 13, 2025 23:09:01.365158081 CET | 42836 | 443 | 192.168.2.23 | 91.189.91.43 |
System Behavior
Start time (UTC): | 22:07:28 |
Start date (UTC): | 13/01/2025 |
Path: | /usr/bin/dash |
Arguments: | - |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
Start time (UTC): | 22:07:28 |
Start date (UTC): | 13/01/2025 |
Path: | /usr/bin/rm |
Arguments: | rm -f /tmp/tmp.OLepzq0YdZ /tmp/tmp.nOqHqckeSr /tmp/tmp.72c900y0Cb |
File size: | 72056 bytes |
MD5 hash: | aa2b5496fdbfd88e38791ab81f90b95b |
Start time (UTC): | 22:07:28 |
Start date (UTC): | 13/01/2025 |
Path: | /usr/bin/dash |
Arguments: | - |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
Start time (UTC): | 22:07:28 |
Start date (UTC): | 13/01/2025 |
Path: | /usr/bin/cat |
Arguments: | cat /tmp/tmp.OLepzq0YdZ |
File size: | 43416 bytes |
MD5 hash: | 7e9d213e404ad3bb82e4ebb2e1f2c1b3 |
Start time (UTC): | 22:07:28 |
Start date (UTC): | 13/01/2025 |
Path: | /usr/bin/dash |
Arguments: | - |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
Start time (UTC): | 22:07:28 |
Start date (UTC): | 13/01/2025 |
Path: | /usr/bin/head |
Arguments: | head -n 10 |
File size: | 47480 bytes |
MD5 hash: | fd96a67145172477dd57131396fc9608 |
Start time (UTC): | 22:07:28 |
Start date (UTC): | 13/01/2025 |
Path: | /usr/bin/dash |
Arguments: | - |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
Start time (UTC): | 22:07:28 |
Start date (UTC): | 13/01/2025 |
Path: | /usr/bin/tr |
Arguments: | tr -d \\000-\\011\\013\\014\\016-\\037 |
File size: | 51544 bytes |
MD5 hash: | fbd1402dd9f72d8ebfff00ce7c3a7bb5 |
Start time (UTC): | 22:07:28 |
Start date (UTC): | 13/01/2025 |
Path: | /usr/bin/dash |
Arguments: | - |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
Start time (UTC): | 22:07:28 |
Start date (UTC): | 13/01/2025 |
Path: | /usr/bin/cut |
Arguments: | cut -c -80 |
File size: | 47480 bytes |
MD5 hash: | d8ed0ea8f22c0de0f8692d4d9f1759d3 |
Start time (UTC): | 22:07:28 |
Start date (UTC): | 13/01/2025 |
Path: | /usr/bin/dash |
Arguments: | - |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
Start time (UTC): | 22:07:28 |
Start date (UTC): | 13/01/2025 |
Path: | /usr/bin/cat |
Arguments: | cat /tmp/tmp.OLepzq0YdZ |
File size: | 43416 bytes |
MD5 hash: | 7e9d213e404ad3bb82e4ebb2e1f2c1b3 |
Start time (UTC): | 22:07:28 |
Start date (UTC): | 13/01/2025 |
Path: | /usr/bin/dash |
Arguments: | - |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
Start time (UTC): | 22:07:28 |
Start date (UTC): | 13/01/2025 |
Path: | /usr/bin/head |
Arguments: | head -n 10 |
File size: | 47480 bytes |
MD5 hash: | fd96a67145172477dd57131396fc9608 |
Start time (UTC): | 22:07:28 |
Start date (UTC): | 13/01/2025 |
Path: | /usr/bin/dash |
Arguments: | - |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
Start time (UTC): | 22:07:28 |
Start date (UTC): | 13/01/2025 |
Path: | /usr/bin/tr |
Arguments: | tr -d \\000-\\011\\013\\014\\016-\\037 |
File size: | 51544 bytes |
MD5 hash: | fbd1402dd9f72d8ebfff00ce7c3a7bb5 |
Start time (UTC): | 22:07:28 |
Start date (UTC): | 13/01/2025 |
Path: | /usr/bin/dash |
Arguments: | - |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
Start time (UTC): | 22:07:28 |
Start date (UTC): | 13/01/2025 |
Path: | /usr/bin/cut |
Arguments: | cut -c -80 |
File size: | 47480 bytes |
MD5 hash: | d8ed0ea8f22c0de0f8692d4d9f1759d3 |
Start time (UTC): | 22:07:28 |
Start date (UTC): | 13/01/2025 |
Path: | /usr/bin/dash |
Arguments: | - |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
Start time (UTC): | 22:07:28 |
Start date (UTC): | 13/01/2025 |
Path: | /usr/bin/rm |
Arguments: | rm -f /tmp/tmp.OLepzq0YdZ /tmp/tmp.nOqHqckeSr /tmp/tmp.72c900y0Cb |
File size: | 72056 bytes |
MD5 hash: | aa2b5496fdbfd88e38791ab81f90b95b |
Start time (UTC): | 22:07:40 |
Start date (UTC): | 13/01/2025 |
Path: | /tmp/boatnet.mips.elf |
Arguments: | /tmp/boatnet.mips.elf |
File size: | 5777432 bytes |
MD5 hash: | 0083f1f0e77be34ad27f849842bbb00c |
Start time (UTC): | 22:07:40 |
Start date (UTC): | 13/01/2025 |
Path: | /tmp/boatnet.mips.elf |
Arguments: | - |
File size: | 5777432 bytes |
MD5 hash: | 0083f1f0e77be34ad27f849842bbb00c |
Start time (UTC): | 22:07:40 |
Start date (UTC): | 13/01/2025 |
Path: | /tmp/boatnet.mips.elf |
Arguments: | - |
File size: | 5777432 bytes |
MD5 hash: | 0083f1f0e77be34ad27f849842bbb00c |
Start time (UTC): | 22:07:40 |
Start date (UTC): | 13/01/2025 |
Path: | /tmp/boatnet.mips.elf |
Arguments: | - |
File size: | 5777432 bytes |
MD5 hash: | 0083f1f0e77be34ad27f849842bbb00c |
Start time (UTC): | 22:07:46 |
Start date (UTC): | 13/01/2025 |
Path: | /usr/bin/xfce4-panel |
Arguments: | - |
File size: | 375768 bytes |
MD5 hash: | a15b657c7d54ac1385f1f15004ea6784 |
Start time (UTC): | 22:07:46 |
Start date (UTC): | 13/01/2025 |
Path: | /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 |
Arguments: | /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 /usr/lib/x86_64-linux-gnu/xfce4/panel/plugins/libsystray.so 6 12582920 systray "Notification Area" "Area where notification icons appear" |
File size: | 35136 bytes |
MD5 hash: | ac0b8a906f359a8ae102244738682e76 |
Start time (UTC): | 22:07:46 |
Start date (UTC): | 13/01/2025 |
Path: | /usr/bin/xfce4-panel |
Arguments: | - |
File size: | 375768 bytes |
MD5 hash: | a15b657c7d54ac1385f1f15004ea6784 |
Start time (UTC): | 22:07:46 |
Start date (UTC): | 13/01/2025 |
Path: | /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 |
Arguments: | /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 /usr/lib/x86_64-linux-gnu/xfce4/panel/plugins/libstatusnotifier.so 7 12582921 statusnotifier "Status Notifier Plugin" "Provides a panel area for status notifier items (application indicators)" |
File size: | 35136 bytes |
MD5 hash: | ac0b8a906f359a8ae102244738682e76 |
Start time (UTC): | 22:07:46 |
Start date (UTC): | 13/01/2025 |
Path: | /usr/bin/xfce4-panel |
Arguments: | - |
File size: | 375768 bytes |
MD5 hash: | a15b657c7d54ac1385f1f15004ea6784 |
Start time (UTC): | 22:07:46 |
Start date (UTC): | 13/01/2025 |
Path: | /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 |
Arguments: | /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 /usr/lib/x86_64-linux-gnu/xfce4/panel/plugins/libpulseaudio-plugin.so 8 12582922 pulseaudio "PulseAudio Plugin" "Adjust the audio volume of the PulseAudio sound system" |
File size: | 35136 bytes |
MD5 hash: | ac0b8a906f359a8ae102244738682e76 |
Start time (UTC): | 22:07:46 |
Start date (UTC): | 13/01/2025 |
Path: | /usr/bin/xfce4-panel |
Arguments: | - |
File size: | 375768 bytes |
MD5 hash: | a15b657c7d54ac1385f1f15004ea6784 |
Start time (UTC): | 22:07:46 |
Start date (UTC): | 13/01/2025 |
Path: | /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 |
Arguments: | /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 /usr/lib/x86_64-linux-gnu/xfce4/panel/plugins/libxfce4powermanager.so 9 12582923 power-manager-plugin "Power Manager Plugin" "Display the battery levels of your devices and control the brightness of your display" |
File size: | 35136 bytes |
MD5 hash: | ac0b8a906f359a8ae102244738682e76 |
Start time (UTC): | 22:07:46 |
Start date (UTC): | 13/01/2025 |
Path: | /usr/bin/xfce4-panel |
Arguments: | - |
File size: | 375768 bytes |
MD5 hash: | a15b657c7d54ac1385f1f15004ea6784 |
Start time (UTC): | 22:07:46 |
Start date (UTC): | 13/01/2025 |
Path: | /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 |
Arguments: | /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 /usr/lib/x86_64-linux-gnu/xfce4/panel/plugins/libnotification-plugin.so 10 12582924 notification-plugin "Notification Plugin" "Notification plugin for the Xfce panel" |
File size: | 35136 bytes |
MD5 hash: | ac0b8a906f359a8ae102244738682e76 |
Start time (UTC): | 22:07:46 |
Start date (UTC): | 13/01/2025 |
Path: | /usr/bin/xfce4-panel |
Arguments: | - |
File size: | 375768 bytes |
MD5 hash: | a15b657c7d54ac1385f1f15004ea6784 |
Start time (UTC): | 22:07:46 |
Start date (UTC): | 13/01/2025 |
Path: | /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 |
Arguments: | /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 /usr/lib/x86_64-linux-gnu/xfce4/panel/plugins/libactions.so 14 12582925 actions "Action Buttons" "Log out, lock or other system actions" |
File size: | 35136 bytes |
MD5 hash: | ac0b8a906f359a8ae102244738682e76 |
Start time (UTC): | 22:07:48 |
Start date (UTC): | 13/01/2025 |
Path: | /usr/bin/dbus-daemon |
Arguments: | - |
File size: | 249032 bytes |
MD5 hash: | 3089d47e3f3ab84cd81c48fd406d7a8c |
Start time (UTC): | 22:07:48 |
Start date (UTC): | 13/01/2025 |
Path: | /usr/lib/x86_64-linux-gnu/xfce4/xfconf/xfconfd |
Arguments: | /usr/lib/x86_64-linux-gnu/xfce4/xfconf/xfconfd |
File size: | 112880 bytes |
MD5 hash: | 4c7a0d6d258bb970905b19b84abcd8e9 |