Linux
Analysis Report
193.124.44.77-x86-2025-02-05T21_50_26.elf
Overview
General Information
Sample name: | 193.124.44.77-x86-2025-02-05T21_50_26.elf |
Analysis ID: | 1610714 |
MD5: | 1f36f66b6964f5f125b356ea14527437 |
SHA1: | c77ecd12efb3fa2d01dd4794410114613494134b |
SHA256: | 5f8efb6e6e0b582872c9e124c22c9168b07ee9543215fd125352b63bd65a43a9 |
Tags: | elfuser-threatquery |
Infos: |
Detection
Score: | 60 |
Range: | 0 - 100 |
Signatures
Malicious sample detected (through community Yara rule)
Multi AV Scanner detection for submitted file
Machine Learning detection for sample
Detected TCP or UDP traffic on non-standard ports
Enumerates processes within the "proc" file system
Found strings indicative of a multi-platform dropper
Sample has stripped symbol table
Yara signature match
Classification
Joe Sandbox version: | 42.0.0 Malachite |
Analysis ID: | 1610714 |
Start date and time: | 2025-02-10 00:46:17 +01:00 |
Joe Sandbox product: | CloudBasic |
Overall analysis duration: | 0h 4m 18s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | defaultlinuxfilecookbook.jbs |
Analysis system description: | Ubuntu Linux 20.04 x64 (Kernel 5.4.0-72, Firefox 91.0, Evince Document Viewer 3.36.10, LibreOffice 6.4.7.2, OpenJDK 11.0.11) |
Analysis Mode: | default |
Sample name: | 193.124.44.77-x86-2025-02-05T21_50_26.elf |
Detection: | MAL |
Classification: | mal60.linELF@0/0@0/0 |
Command: | /tmp/193.124.44.77-x86-2025-02-05T21_50_26.elf |
PID: | 5488 |
Exit Code: | 0 |
Exit Code Info: | |
Killed: | False |
Standard Output: | a cat is fine too |
Standard Error: |
- system is lnxubuntu20
- 193.124.44.77-x86-2025-02-05T21_50_26.elf New Fork (PID: 5489, Parent: 5488)
- 193.124.44.77-x86-2025-02-05T21_50_26.elf New Fork (PID: 5490, Parent: 5489)
- cleanup
Source | Rule | Description | Author | Strings |
---|---|---|---|---|
Linux_Trojan_Mirai_b14f4c5d | unknown | unknown |
| |
Linux_Trojan_Mirai_88de437f | unknown | unknown |
| |
Linux_Trojan_Mirai_ae9d0fa6 | unknown | unknown |
| |
Linux_Trojan_Mirai_389ee3e9 | unknown | unknown |
| |
Linux_Trojan_Mirai_cc93863b | unknown | unknown |
| |
Click to see the 1 entries |
Source | Rule | Description | Author | Strings |
---|---|---|---|---|
Linux_Trojan_Mirai_b14f4c5d | unknown | unknown |
| |
Linux_Trojan_Mirai_88de437f | unknown | unknown |
| |
Linux_Trojan_Mirai_ae9d0fa6 | unknown | unknown |
| |
Linux_Trojan_Mirai_389ee3e9 | unknown | unknown |
| |
Linux_Trojan_Mirai_cc93863b | unknown | unknown |
| |
Click to see the 1 entries |
⊘No Suricata rule has matched
- • AV Detection
- • Spreading
- • Networking
- • System Summary
- • Persistence and Installation Behavior
Click to jump to signature section
Show All Signature Results
AV Detection |
---|
Source: | Virustotal: | Perma Link | ||
Source: | ReversingLabs: |
Source: | Joe Sandbox ML: |
Source: | String: |
Source: | TCP traffic: |
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: |
System Summary |
---|
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: |
Source: | .symtab present: |
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: |
Source: | Classification label: |
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior |
Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Gather Victim Identity Information | 1 Scripting | Valid Accounts | Windows Management Instrumentation | 1 Scripting | Path Interception | Direct Volume Access | 1 OS Credential Dumping | System Service Discovery | Remote Services | Data from Local System | 1 Non-Standard Port | Exfiltration Over Other Network Medium | Abuse Accessibility Features |
⊘No configs have been found
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
14% | Virustotal | Browse | ||
29% | ReversingLabs | Linux.Trojan.Mirai | ||
100% | Joe Sandbox ML |
⊘No Antivirus matches
⊘No Antivirus matches
⊘No Antivirus matches
⊘No contacted domains info
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
156.229.232.154 | unknown | Seychelles | 139086 | ONL-HKOCEANNETWORKLIMITEDHK | false |
⊘No context
⊘No context
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
ONL-HKOCEANNETWORKLIMITEDHK | Get hash | malicious | AsyncRAT, VenomRAT | Browse |
| |
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Mirai | Browse |
|
⊘No context
⊘No context
⊘No created / dropped files found
File type: | |
Entropy (8bit): | 6.483600949740501 |
TrID: |
|
File name: | 193.124.44.77-x86-2025-02-05T21_50_26.elf |
File size: | 46'320 bytes |
MD5: | 1f36f66b6964f5f125b356ea14527437 |
SHA1: | c77ecd12efb3fa2d01dd4794410114613494134b |
SHA256: | 5f8efb6e6e0b582872c9e124c22c9168b07ee9543215fd125352b63bd65a43a9 |
SHA512: | 1db4329f88f5053fe64c8fbff67f993ac53c5ec51e82d2906e63f6aeecadddcfb6cb04fad987a24d430be3bd049780de77cef476a1e03bdcd7dba6971105354d |
SSDEEP: | 768:m710UcwFh1MfYW4xsXq8PInYmR+stDsp31Yad4qXyZlT7vTuq/M8+akmIXg:I1dcwCfYWw/8wrksVSFLiZlX77/SakmU |
TLSH: | 7B236CC99A43E4F5EC1B05752177EB729632E5B90035EE83C368EA32ED53A10D72728C |
File Content Preview: | .ELF....................d...4...`.......4. ...(.....................<...<....................0...0.. ....h..........Q.td............................U..S.......w....h........[]...$.............U......= 3...t..5....$0.....$0......u........t....h</.......... |
ELF header | |
---|---|
Class: | |
Data: | |
Version: | |
Machine: | |
Version Number: | |
Type: | |
OS/ABI: | |
ABI Version: | 0 |
Entry Point Address: | |
Flags: | |
ELF Header Size: | 52 |
Program Header Offset: | 52 |
Program Header Size: | 32 |
Number of Program Headers: | 3 |
Section Header Offset: | 45920 |
Section Header Size: | 40 |
Number of Section Headers: | 10 |
Header String Table Index: | 9 |
Name | Type | Address | Offset | Size | EntSize | Flags | Flags Description | Link | Info | Align |
---|---|---|---|---|---|---|---|---|---|---|
NULL | 0x0 | 0x0 | 0x0 | 0x0 | 0x0 | 0 | 0 | 0 | ||
.init | PROGBITS | 0x8048094 | 0x94 | 0x1c | 0x0 | 0x6 | AX | 0 | 0 | 1 |
.text | PROGBITS | 0x80480b0 | 0xb0 | 0x9926 | 0x0 | 0x6 | AX | 0 | 0 | 16 |
.fini | PROGBITS | 0x80519d6 | 0x99d6 | 0x17 | 0x0 | 0x6 | AX | 0 | 0 | 1 |
.rodata | PROGBITS | 0x8051a00 | 0x9a00 | 0x153c | 0x0 | 0x2 | A | 0 | 0 | 32 |
.ctors | PROGBITS | 0x8053000 | 0xb000 | 0x8 | 0x0 | 0x3 | WA | 0 | 0 | 4 |
.dtors | PROGBITS | 0x8053008 | 0xb008 | 0x8 | 0x0 | 0x3 | WA | 0 | 0 | 4 |
.data | PROGBITS | 0x8053020 | 0xb020 | 0x300 | 0x0 | 0x3 | WA | 0 | 0 | 32 |
.bss | NOBITS | 0x8053320 | 0xb320 | 0x64e0 | 0x0 | 0x3 | WA | 0 | 0 | 32 |
.shstrtab | STRTAB | 0x0 | 0xb320 | 0x3e | 0x0 | 0x0 | 0 | 0 | 1 |
Type | Offset | Virtual Address | Physical Address | File Size | Memory Size | Entropy | Flags | Flags Description | Align | Prog Interpreter | Section Mappings |
---|---|---|---|---|---|---|---|---|---|---|---|
LOAD | 0x0 | 0x8048000 | 0x8048000 | 0xaf3c | 0xaf3c | 6.5396 | 0x5 | R E | 0x1000 | .init .text .fini .rodata | |
LOAD | 0xb000 | 0x8053000 | 0x8053000 | 0x320 | 0x6800 | 4.3906 | 0x6 | RW | 0x1000 | .ctors .dtors .data .bss | |
GNU_STACK | 0x0 | 0x0 | 0x0 | 0x0 | 0x0 | 0.0000 | 0x6 | RW | 0x4 |
Download Network PCAP: filtered – full
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Feb 10, 2025 00:47:04.481633902 CET | 35834 | 51325 | 192.168.2.14 | 156.229.232.154 |
Feb 10, 2025 00:47:04.486483097 CET | 51325 | 35834 | 156.229.232.154 | 192.168.2.14 |
Feb 10, 2025 00:47:04.486534119 CET | 35834 | 51325 | 192.168.2.14 | 156.229.232.154 |
Feb 10, 2025 00:47:04.486565113 CET | 35834 | 51325 | 192.168.2.14 | 156.229.232.154 |
Feb 10, 2025 00:47:04.491322994 CET | 51325 | 35834 | 156.229.232.154 | 192.168.2.14 |
Feb 10, 2025 00:47:04.491391897 CET | 35834 | 51325 | 192.168.2.14 | 156.229.232.154 |
Feb 10, 2025 00:47:04.496165991 CET | 51325 | 35834 | 156.229.232.154 | 192.168.2.14 |
Feb 10, 2025 00:47:05.151801109 CET | 51325 | 35834 | 156.229.232.154 | 192.168.2.14 |
Feb 10, 2025 00:47:05.151904106 CET | 35834 | 51325 | 192.168.2.14 | 156.229.232.154 |
Feb 10, 2025 00:47:05.158871889 CET | 51325 | 35834 | 156.229.232.154 | 192.168.2.14 |
Feb 10, 2025 00:47:06.152885914 CET | 35836 | 51325 | 192.168.2.14 | 156.229.232.154 |
Feb 10, 2025 00:47:06.157763958 CET | 51325 | 35836 | 156.229.232.154 | 192.168.2.14 |
Feb 10, 2025 00:47:06.157819986 CET | 35836 | 51325 | 192.168.2.14 | 156.229.232.154 |
Feb 10, 2025 00:47:06.157855034 CET | 35836 | 51325 | 192.168.2.14 | 156.229.232.154 |
Feb 10, 2025 00:47:06.162633896 CET | 51325 | 35836 | 156.229.232.154 | 192.168.2.14 |
Feb 10, 2025 00:47:06.162671089 CET | 35836 | 51325 | 192.168.2.14 | 156.229.232.154 |
Feb 10, 2025 00:47:06.167525053 CET | 51325 | 35836 | 156.229.232.154 | 192.168.2.14 |
Feb 10, 2025 00:47:06.801752090 CET | 51325 | 35836 | 156.229.232.154 | 192.168.2.14 |
Feb 10, 2025 00:47:06.801819086 CET | 35836 | 51325 | 192.168.2.14 | 156.229.232.154 |
Feb 10, 2025 00:47:06.809815884 CET | 51325 | 35836 | 156.229.232.154 | 192.168.2.14 |
Feb 10, 2025 00:47:07.802978992 CET | 35838 | 51325 | 192.168.2.14 | 156.229.232.154 |
Feb 10, 2025 00:47:07.807903051 CET | 51325 | 35838 | 156.229.232.154 | 192.168.2.14 |
Feb 10, 2025 00:47:07.807976961 CET | 35838 | 51325 | 192.168.2.14 | 156.229.232.154 |
Feb 10, 2025 00:47:07.808007956 CET | 35838 | 51325 | 192.168.2.14 | 156.229.232.154 |
Feb 10, 2025 00:47:07.812827110 CET | 51325 | 35838 | 156.229.232.154 | 192.168.2.14 |
Feb 10, 2025 00:47:07.812885046 CET | 35838 | 51325 | 192.168.2.14 | 156.229.232.154 |
Feb 10, 2025 00:47:07.817683935 CET | 51325 | 35838 | 156.229.232.154 | 192.168.2.14 |
Feb 10, 2025 00:47:08.444240093 CET | 51325 | 35838 | 156.229.232.154 | 192.168.2.14 |
Feb 10, 2025 00:47:08.444324017 CET | 35838 | 51325 | 192.168.2.14 | 156.229.232.154 |
Feb 10, 2025 00:47:08.449600935 CET | 51325 | 35838 | 156.229.232.154 | 192.168.2.14 |
Feb 10, 2025 00:47:09.447259903 CET | 35840 | 51325 | 192.168.2.14 | 156.229.232.154 |
Feb 10, 2025 00:47:09.454329967 CET | 51325 | 35840 | 156.229.232.154 | 192.168.2.14 |
Feb 10, 2025 00:47:09.454417944 CET | 35840 | 51325 | 192.168.2.14 | 156.229.232.154 |
Feb 10, 2025 00:47:09.454417944 CET | 35840 | 51325 | 192.168.2.14 | 156.229.232.154 |
Feb 10, 2025 00:47:09.459209919 CET | 51325 | 35840 | 156.229.232.154 | 192.168.2.14 |
Feb 10, 2025 00:47:09.459255934 CET | 35840 | 51325 | 192.168.2.14 | 156.229.232.154 |
Feb 10, 2025 00:47:09.464076042 CET | 51325 | 35840 | 156.229.232.154 | 192.168.2.14 |
Feb 10, 2025 00:47:10.098985910 CET | 51325 | 35840 | 156.229.232.154 | 192.168.2.14 |
Feb 10, 2025 00:47:10.099112034 CET | 35840 | 51325 | 192.168.2.14 | 156.229.232.154 |
Feb 10, 2025 00:47:10.104103088 CET | 51325 | 35840 | 156.229.232.154 | 192.168.2.14 |
Feb 10, 2025 00:47:11.100225925 CET | 35842 | 51325 | 192.168.2.14 | 156.229.232.154 |
Feb 10, 2025 00:47:11.105092049 CET | 51325 | 35842 | 156.229.232.154 | 192.168.2.14 |
Feb 10, 2025 00:47:11.105189085 CET | 35842 | 51325 | 192.168.2.14 | 156.229.232.154 |
Feb 10, 2025 00:47:11.105216980 CET | 35842 | 51325 | 192.168.2.14 | 156.229.232.154 |
Feb 10, 2025 00:47:11.109956026 CET | 51325 | 35842 | 156.229.232.154 | 192.168.2.14 |
Feb 10, 2025 00:47:11.110008001 CET | 35842 | 51325 | 192.168.2.14 | 156.229.232.154 |
Feb 10, 2025 00:47:11.114846945 CET | 51325 | 35842 | 156.229.232.154 | 192.168.2.14 |
Feb 10, 2025 00:47:11.750693083 CET | 51325 | 35842 | 156.229.232.154 | 192.168.2.14 |
Feb 10, 2025 00:47:11.750865936 CET | 35842 | 51325 | 192.168.2.14 | 156.229.232.154 |
Feb 10, 2025 00:47:11.755855083 CET | 51325 | 35842 | 156.229.232.154 | 192.168.2.14 |
Feb 10, 2025 00:47:12.751991034 CET | 35844 | 51325 | 192.168.2.14 | 156.229.232.154 |
Feb 10, 2025 00:47:12.756886959 CET | 51325 | 35844 | 156.229.232.154 | 192.168.2.14 |
Feb 10, 2025 00:47:12.756987095 CET | 35844 | 51325 | 192.168.2.14 | 156.229.232.154 |
Feb 10, 2025 00:47:12.757035971 CET | 35844 | 51325 | 192.168.2.14 | 156.229.232.154 |
Feb 10, 2025 00:47:12.761825085 CET | 51325 | 35844 | 156.229.232.154 | 192.168.2.14 |
Feb 10, 2025 00:47:12.761873007 CET | 35844 | 51325 | 192.168.2.14 | 156.229.232.154 |
Feb 10, 2025 00:47:12.766675949 CET | 51325 | 35844 | 156.229.232.154 | 192.168.2.14 |
Feb 10, 2025 00:47:13.389211893 CET | 51325 | 35844 | 156.229.232.154 | 192.168.2.14 |
Feb 10, 2025 00:47:13.389312029 CET | 35844 | 51325 | 192.168.2.14 | 156.229.232.154 |
Feb 10, 2025 00:47:13.394140959 CET | 51325 | 35844 | 156.229.232.154 | 192.168.2.14 |
Feb 10, 2025 00:47:14.389988899 CET | 35846 | 51325 | 192.168.2.14 | 156.229.232.154 |
Feb 10, 2025 00:47:14.394902945 CET | 51325 | 35846 | 156.229.232.154 | 192.168.2.14 |
Feb 10, 2025 00:47:14.394968987 CET | 35846 | 51325 | 192.168.2.14 | 156.229.232.154 |
Feb 10, 2025 00:47:14.394994020 CET | 35846 | 51325 | 192.168.2.14 | 156.229.232.154 |
Feb 10, 2025 00:47:14.399828911 CET | 51325 | 35846 | 156.229.232.154 | 192.168.2.14 |
Feb 10, 2025 00:47:14.399873972 CET | 35846 | 51325 | 192.168.2.14 | 156.229.232.154 |
Feb 10, 2025 00:47:14.404638052 CET | 51325 | 35846 | 156.229.232.154 | 192.168.2.14 |
Feb 10, 2025 00:47:15.022800922 CET | 51325 | 35846 | 156.229.232.154 | 192.168.2.14 |
Feb 10, 2025 00:47:15.022917032 CET | 35846 | 51325 | 192.168.2.14 | 156.229.232.154 |
Feb 10, 2025 00:47:15.028901100 CET | 51325 | 35846 | 156.229.232.154 | 192.168.2.14 |
Feb 10, 2025 00:47:16.023822069 CET | 35848 | 51325 | 192.168.2.14 | 156.229.232.154 |
Feb 10, 2025 00:47:16.028780937 CET | 51325 | 35848 | 156.229.232.154 | 192.168.2.14 |
Feb 10, 2025 00:47:16.028846979 CET | 35848 | 51325 | 192.168.2.14 | 156.229.232.154 |
Feb 10, 2025 00:47:16.028882027 CET | 35848 | 51325 | 192.168.2.14 | 156.229.232.154 |
Feb 10, 2025 00:47:16.033701897 CET | 51325 | 35848 | 156.229.232.154 | 192.168.2.14 |
Feb 10, 2025 00:47:16.033778906 CET | 35848 | 51325 | 192.168.2.14 | 156.229.232.154 |
Feb 10, 2025 00:47:16.038533926 CET | 51325 | 35848 | 156.229.232.154 | 192.168.2.14 |
Feb 10, 2025 00:47:16.652761936 CET | 51325 | 35848 | 156.229.232.154 | 192.168.2.14 |
Feb 10, 2025 00:47:16.652995110 CET | 35848 | 51325 | 192.168.2.14 | 156.229.232.154 |
Feb 10, 2025 00:47:16.657871008 CET | 51325 | 35848 | 156.229.232.154 | 192.168.2.14 |
Feb 10, 2025 00:47:17.654069901 CET | 35850 | 51325 | 192.168.2.14 | 156.229.232.154 |
Feb 10, 2025 00:47:17.659718037 CET | 51325 | 35850 | 156.229.232.154 | 192.168.2.14 |
Feb 10, 2025 00:47:17.659802914 CET | 35850 | 51325 | 192.168.2.14 | 156.229.232.154 |
Feb 10, 2025 00:47:17.659847021 CET | 35850 | 51325 | 192.168.2.14 | 156.229.232.154 |
Feb 10, 2025 00:47:17.665379047 CET | 51325 | 35850 | 156.229.232.154 | 192.168.2.14 |
Feb 10, 2025 00:47:17.665425062 CET | 35850 | 51325 | 192.168.2.14 | 156.229.232.154 |
Feb 10, 2025 00:47:17.670973063 CET | 51325 | 35850 | 156.229.232.154 | 192.168.2.14 |
Feb 10, 2025 00:47:18.293560028 CET | 51325 | 35850 | 156.229.232.154 | 192.168.2.14 |
Feb 10, 2025 00:47:18.293725967 CET | 35850 | 51325 | 192.168.2.14 | 156.229.232.154 |
Feb 10, 2025 00:47:18.298557997 CET | 51325 | 35850 | 156.229.232.154 | 192.168.2.14 |
Feb 10, 2025 00:47:19.294640064 CET | 35852 | 51325 | 192.168.2.14 | 156.229.232.154 |
Feb 10, 2025 00:47:19.300867081 CET | 51325 | 35852 | 156.229.232.154 | 192.168.2.14 |
Feb 10, 2025 00:47:19.300950050 CET | 35852 | 51325 | 192.168.2.14 | 156.229.232.154 |
Feb 10, 2025 00:47:19.301048040 CET | 35852 | 51325 | 192.168.2.14 | 156.229.232.154 |
Feb 10, 2025 00:47:19.306942940 CET | 51325 | 35852 | 156.229.232.154 | 192.168.2.14 |
Feb 10, 2025 00:47:19.307018995 CET | 35852 | 51325 | 192.168.2.14 | 156.229.232.154 |
Feb 10, 2025 00:47:19.312191963 CET | 51325 | 35852 | 156.229.232.154 | 192.168.2.14 |
Feb 10, 2025 00:47:20.008214951 CET | 51325 | 35852 | 156.229.232.154 | 192.168.2.14 |
Feb 10, 2025 00:47:20.008382082 CET | 35852 | 51325 | 192.168.2.14 | 156.229.232.154 |
Feb 10, 2025 00:47:20.013276100 CET | 51325 | 35852 | 156.229.232.154 | 192.168.2.14 |
Feb 10, 2025 00:47:21.009510994 CET | 35854 | 51325 | 192.168.2.14 | 156.229.232.154 |
Feb 10, 2025 00:47:21.017493010 CET | 51325 | 35854 | 156.229.232.154 | 192.168.2.14 |
Feb 10, 2025 00:47:21.017612934 CET | 35854 | 51325 | 192.168.2.14 | 156.229.232.154 |
Feb 10, 2025 00:47:21.017627954 CET | 35854 | 51325 | 192.168.2.14 | 156.229.232.154 |
Feb 10, 2025 00:47:21.025605917 CET | 51325 | 35854 | 156.229.232.154 | 192.168.2.14 |
Feb 10, 2025 00:47:21.025665045 CET | 35854 | 51325 | 192.168.2.14 | 156.229.232.154 |
Feb 10, 2025 00:47:21.033590078 CET | 51325 | 35854 | 156.229.232.154 | 192.168.2.14 |
Feb 10, 2025 00:47:21.651106119 CET | 51325 | 35854 | 156.229.232.154 | 192.168.2.14 |
Feb 10, 2025 00:47:21.651268005 CET | 35854 | 51325 | 192.168.2.14 | 156.229.232.154 |
Feb 10, 2025 00:47:21.656106949 CET | 51325 | 35854 | 156.229.232.154 | 192.168.2.14 |
Feb 10, 2025 00:47:22.652138948 CET | 35856 | 51325 | 192.168.2.14 | 156.229.232.154 |
Feb 10, 2025 00:47:22.659377098 CET | 51325 | 35856 | 156.229.232.154 | 192.168.2.14 |
Feb 10, 2025 00:47:22.659465075 CET | 35856 | 51325 | 192.168.2.14 | 156.229.232.154 |
Feb 10, 2025 00:47:22.659506083 CET | 35856 | 51325 | 192.168.2.14 | 156.229.232.154 |
Feb 10, 2025 00:47:22.666305065 CET | 51325 | 35856 | 156.229.232.154 | 192.168.2.14 |
Feb 10, 2025 00:47:22.666383982 CET | 35856 | 51325 | 192.168.2.14 | 156.229.232.154 |
Feb 10, 2025 00:47:22.672755957 CET | 51325 | 35856 | 156.229.232.154 | 192.168.2.14 |
Feb 10, 2025 00:47:23.305078983 CET | 51325 | 35856 | 156.229.232.154 | 192.168.2.14 |
Feb 10, 2025 00:47:23.305268049 CET | 35856 | 51325 | 192.168.2.14 | 156.229.232.154 |
Feb 10, 2025 00:47:23.312129021 CET | 51325 | 35856 | 156.229.232.154 | 192.168.2.14 |
Feb 10, 2025 00:47:24.306227922 CET | 35858 | 51325 | 192.168.2.14 | 156.229.232.154 |
Feb 10, 2025 00:47:24.314102888 CET | 51325 | 35858 | 156.229.232.154 | 192.168.2.14 |
Feb 10, 2025 00:47:24.314166069 CET | 35858 | 51325 | 192.168.2.14 | 156.229.232.154 |
Feb 10, 2025 00:47:24.314199924 CET | 35858 | 51325 | 192.168.2.14 | 156.229.232.154 |
Feb 10, 2025 00:47:24.319958925 CET | 51325 | 35858 | 156.229.232.154 | 192.168.2.14 |
Feb 10, 2025 00:47:24.320004940 CET | 35858 | 51325 | 192.168.2.14 | 156.229.232.154 |
Feb 10, 2025 00:47:24.328772068 CET | 51325 | 35858 | 156.229.232.154 | 192.168.2.14 |
Feb 10, 2025 00:47:24.951706886 CET | 51325 | 35858 | 156.229.232.154 | 192.168.2.14 |
Feb 10, 2025 00:47:24.951970100 CET | 35858 | 51325 | 192.168.2.14 | 156.229.232.154 |
Feb 10, 2025 00:47:24.957568884 CET | 51325 | 35858 | 156.229.232.154 | 192.168.2.14 |
Feb 10, 2025 00:47:25.952799082 CET | 35860 | 51325 | 192.168.2.14 | 156.229.232.154 |
Feb 10, 2025 00:47:25.957964897 CET | 51325 | 35860 | 156.229.232.154 | 192.168.2.14 |
Feb 10, 2025 00:47:25.958036900 CET | 35860 | 51325 | 192.168.2.14 | 156.229.232.154 |
Feb 10, 2025 00:47:25.958070993 CET | 35860 | 51325 | 192.168.2.14 | 156.229.232.154 |
Feb 10, 2025 00:47:25.962857962 CET | 51325 | 35860 | 156.229.232.154 | 192.168.2.14 |
Feb 10, 2025 00:47:25.962904930 CET | 35860 | 51325 | 192.168.2.14 | 156.229.232.154 |
Feb 10, 2025 00:47:25.968039036 CET | 51325 | 35860 | 156.229.232.154 | 192.168.2.14 |
Feb 10, 2025 00:47:26.583147049 CET | 51325 | 35860 | 156.229.232.154 | 192.168.2.14 |
Feb 10, 2025 00:47:26.583262920 CET | 35860 | 51325 | 192.168.2.14 | 156.229.232.154 |
Feb 10, 2025 00:47:26.589378119 CET | 51325 | 35860 | 156.229.232.154 | 192.168.2.14 |
Feb 10, 2025 00:47:27.584481955 CET | 35862 | 51325 | 192.168.2.14 | 156.229.232.154 |
Feb 10, 2025 00:47:27.590264082 CET | 51325 | 35862 | 156.229.232.154 | 192.168.2.14 |
Feb 10, 2025 00:47:27.590322971 CET | 35862 | 51325 | 192.168.2.14 | 156.229.232.154 |
Feb 10, 2025 00:47:27.590358973 CET | 35862 | 51325 | 192.168.2.14 | 156.229.232.154 |
Feb 10, 2025 00:47:27.596441984 CET | 51325 | 35862 | 156.229.232.154 | 192.168.2.14 |
Feb 10, 2025 00:47:27.596513033 CET | 35862 | 51325 | 192.168.2.14 | 156.229.232.154 |
Feb 10, 2025 00:47:27.601340055 CET | 51325 | 35862 | 156.229.232.154 | 192.168.2.14 |
Feb 10, 2025 00:47:28.215188980 CET | 51325 | 35862 | 156.229.232.154 | 192.168.2.14 |
Feb 10, 2025 00:47:28.215301037 CET | 35862 | 51325 | 192.168.2.14 | 156.229.232.154 |
Feb 10, 2025 00:47:28.220087051 CET | 51325 | 35862 | 156.229.232.154 | 192.168.2.14 |
Feb 10, 2025 00:47:29.216463089 CET | 35864 | 51325 | 192.168.2.14 | 156.229.232.154 |
Feb 10, 2025 00:47:29.221340895 CET | 51325 | 35864 | 156.229.232.154 | 192.168.2.14 |
Feb 10, 2025 00:47:29.221429110 CET | 35864 | 51325 | 192.168.2.14 | 156.229.232.154 |
Feb 10, 2025 00:47:29.221461058 CET | 35864 | 51325 | 192.168.2.14 | 156.229.232.154 |
Feb 10, 2025 00:47:29.226174116 CET | 51325 | 35864 | 156.229.232.154 | 192.168.2.14 |
Feb 10, 2025 00:47:29.226237059 CET | 35864 | 51325 | 192.168.2.14 | 156.229.232.154 |
Feb 10, 2025 00:47:29.231004953 CET | 51325 | 35864 | 156.229.232.154 | 192.168.2.14 |
Feb 10, 2025 00:47:29.866704941 CET | 51325 | 35864 | 156.229.232.154 | 192.168.2.14 |
Feb 10, 2025 00:47:29.866856098 CET | 35864 | 51325 | 192.168.2.14 | 156.229.232.154 |
Feb 10, 2025 00:47:29.871608973 CET | 51325 | 35864 | 156.229.232.154 | 192.168.2.14 |
Feb 10, 2025 00:47:30.868148088 CET | 35866 | 51325 | 192.168.2.14 | 156.229.232.154 |
Feb 10, 2025 00:47:30.874331951 CET | 51325 | 35866 | 156.229.232.154 | 192.168.2.14 |
Feb 10, 2025 00:47:30.874468088 CET | 35866 | 51325 | 192.168.2.14 | 156.229.232.154 |
Feb 10, 2025 00:47:30.874550104 CET | 35866 | 51325 | 192.168.2.14 | 156.229.232.154 |
Feb 10, 2025 00:47:30.881238937 CET | 51325 | 35866 | 156.229.232.154 | 192.168.2.14 |
Feb 10, 2025 00:47:30.881320953 CET | 35866 | 51325 | 192.168.2.14 | 156.229.232.154 |
Feb 10, 2025 00:47:30.887917042 CET | 51325 | 35866 | 156.229.232.154 | 192.168.2.14 |
Feb 10, 2025 00:47:33.013024092 CET | 51325 | 35866 | 156.229.232.154 | 192.168.2.14 |
Feb 10, 2025 00:47:33.013175011 CET | 35866 | 51325 | 192.168.2.14 | 156.229.232.154 |
Feb 10, 2025 00:47:33.017963886 CET | 51325 | 35866 | 156.229.232.154 | 192.168.2.14 |
Feb 10, 2025 00:47:34.014703989 CET | 35868 | 51325 | 192.168.2.14 | 156.229.232.154 |
Feb 10, 2025 00:47:34.019531965 CET | 51325 | 35868 | 156.229.232.154 | 192.168.2.14 |
Feb 10, 2025 00:47:34.019613981 CET | 35868 | 51325 | 192.168.2.14 | 156.229.232.154 |
Feb 10, 2025 00:47:34.019651890 CET | 35868 | 51325 | 192.168.2.14 | 156.229.232.154 |
Feb 10, 2025 00:47:34.024409056 CET | 51325 | 35868 | 156.229.232.154 | 192.168.2.14 |
Feb 10, 2025 00:47:34.024461985 CET | 35868 | 51325 | 192.168.2.14 | 156.229.232.154 |
Feb 10, 2025 00:47:34.029280901 CET | 51325 | 35868 | 156.229.232.154 | 192.168.2.14 |
Feb 10, 2025 00:47:34.642395020 CET | 51325 | 35868 | 156.229.232.154 | 192.168.2.14 |
Feb 10, 2025 00:47:34.642710924 CET | 35868 | 51325 | 192.168.2.14 | 156.229.232.154 |
Feb 10, 2025 00:47:34.647573948 CET | 51325 | 35868 | 156.229.232.154 | 192.168.2.14 |
Feb 10, 2025 00:47:35.643717051 CET | 35870 | 51325 | 192.168.2.14 | 156.229.232.154 |
Feb 10, 2025 00:47:35.648652077 CET | 51325 | 35870 | 156.229.232.154 | 192.168.2.14 |
Feb 10, 2025 00:47:35.648735046 CET | 35870 | 51325 | 192.168.2.14 | 156.229.232.154 |
Feb 10, 2025 00:47:35.648773909 CET | 35870 | 51325 | 192.168.2.14 | 156.229.232.154 |
Feb 10, 2025 00:47:35.653543949 CET | 51325 | 35870 | 156.229.232.154 | 192.168.2.14 |
Feb 10, 2025 00:47:35.653609991 CET | 35870 | 51325 | 192.168.2.14 | 156.229.232.154 |
Feb 10, 2025 00:47:35.658404112 CET | 51325 | 35870 | 156.229.232.154 | 192.168.2.14 |
Feb 10, 2025 00:47:45.651390076 CET | 35870 | 51325 | 192.168.2.14 | 156.229.232.154 |
Feb 10, 2025 00:47:45.659210920 CET | 51325 | 35870 | 156.229.232.154 | 192.168.2.14 |
Feb 10, 2025 00:47:45.848018885 CET | 51325 | 35870 | 156.229.232.154 | 192.168.2.14 |
Feb 10, 2025 00:47:45.848129988 CET | 35870 | 51325 | 192.168.2.14 | 156.229.232.154 |
Feb 10, 2025 00:48:45.892472982 CET | 35870 | 51325 | 192.168.2.14 | 156.229.232.154 |
Feb 10, 2025 00:48:45.898076057 CET | 51325 | 35870 | 156.229.232.154 | 192.168.2.14 |
Feb 10, 2025 00:48:46.082976103 CET | 51325 | 35870 | 156.229.232.154 | 192.168.2.14 |
Feb 10, 2025 00:48:46.083091021 CET | 35870 | 51325 | 192.168.2.14 | 156.229.232.154 |
System Behavior
Start time (UTC): | 23:47:03 |
Start date (UTC): | 09/02/2025 |
Path: | /tmp/193.124.44.77-x86-2025-02-05T21_50_26.elf |
Arguments: | /tmp/193.124.44.77-x86-2025-02-05T21_50_26.elf |
File size: | 46320 bytes |
MD5 hash: | 1f36f66b6964f5f125b356ea14527437 |
Start time (UTC): | 23:47:03 |
Start date (UTC): | 09/02/2025 |
Path: | /tmp/193.124.44.77-x86-2025-02-05T21_50_26.elf |
Arguments: | - |
File size: | 46320 bytes |
MD5 hash: | 1f36f66b6964f5f125b356ea14527437 |
Start time (UTC): | 23:47:03 |
Start date (UTC): | 09/02/2025 |
Path: | /tmp/193.124.44.77-x86-2025-02-05T21_50_26.elf |
Arguments: | - |
File size: | 46320 bytes |
MD5 hash: | 1f36f66b6964f5f125b356ea14527437 |