Linux
Analysis Report
arm7.elf
Overview
General Information
Sample name: | arm7.elf |
Analysis ID: | 1639687 |
MD5: | 635b6388d86af61017e8f3e83431b6e7 |
SHA1: | 1822953a69b69730a75b3aaacb36f3c711c40b20 |
SHA256: | fccdde510e6dce01530d73df68fb3d976853905f5f1b5226d103b557ccebd089 |
Tags: | elfMiraiuser-abuse_ch |
Infos: |
Detection
Score: | 56 |
Range: | 0 - 100 |
Signatures
Multi AV Scanner detection for submitted file
Connects to many ports of the same IP (likely port scanning)
Uses STUN server to do NAT traversial
Detected TCP or UDP traffic on non-standard ports
Enumerates processes within the "proc" file system
Sample has stripped symbol table
Sample listens on a socket
Uses the "uname" system call to query kernel version information (possible evasion)
Classification
Joe Sandbox version: | 42.0.0 Malachite |
Analysis ID: | 1639687 |
Start date and time: | 2025-03-16 02:45:14 +01:00 |
Joe Sandbox product: | CloudBasic |
Overall analysis duration: | 0h 4m 37s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | defaultlinuxfilecookbook.jbs |
Analysis system description: | Ubuntu Linux 20.04 x64 (Kernel 5.4.0-72, Firefox 91.0, Evince Document Viewer 3.36.10, LibreOffice 6.4.7.2, OpenJDK 11.0.11) |
Analysis Mode: | default |
Sample name: | arm7.elf |
Detection: | MAL |
Classification: | mal56.troj.linELF@0/2@1/0 |
Command: | /tmp/arm7.elf |
PID: | 5561 |
Exit Code: | 0 |
Exit Code Info: | |
Killed: | False |
Standard Output: | For God so loved the world |
Standard Error: |
⊘No yara matches
⊘No Suricata rule has matched
- • AV Detection
- • Networking
- • System Summary
- • Persistence and Installation Behavior
- • Malware Analysis System Evasion
Click to jump to signature section
Show All Signature Results
AV Detection |
---|
Source: | Virustotal: | Perma Link |
Networking |
---|
Source: | TCP traffic: |
Source: | DNS query: |
Source: | TCP traffic: | ||
Source: | UDP traffic: |
Source: | Socket: | Jump to behavior |
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: |
Source: | DNS traffic detected: |
Source: | String found in binary or memory: |
Source: | .symtab present: |
Source: | Classification label: |
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior |
Source: | Queries kernel information via 'uname': | Jump to behavior |
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: |
Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Gather Victim Identity Information | Acquire Infrastructure | Valid Accounts | Windows Management Instrumentation | Path Interception | Path Interception | Direct Volume Access | 1 OS Credential Dumping | 11 Security Software Discovery | Remote Services | Data from Local System | 1 Non-Standard Port | Exfiltration Over Other Network Medium | Abuse Accessibility Features |
Credentials | Domains | Default Accounts | Scheduled Task/Job | Boot or Logon Initialization Scripts | Boot or Logon Initialization Scripts | Rootkit | LSASS Memory | Application Window Discovery | Remote Desktop Protocol | Data from Removable Media | 1 Non-Application Layer Protocol | Exfiltration Over Bluetooth | Network Denial of Service |
Email Addresses | DNS Server | Domain Accounts | At | Logon Script (Windows) | Logon Script (Windows) | Obfuscated Files or Information | Security Account Manager | Query Registry | SMB/Windows Admin Shares | Data from Network Shared Drive | 1 Application Layer Protocol | Automated Exfiltration | Data Encrypted for Impact |
⊘No configs have been found
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
14% | Virustotal | Browse | ||
11% | ReversingLabs | Linux.Trojan.Mirai |
⊘No Antivirus matches
⊘No Antivirus matches
⊘No Antivirus matches
Name | IP | Active | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|---|
stun.l.google.com | 74.125.250.129 | true | false | high |
Name | Source | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|
false | high |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
154.205.155.97 | unknown | Seychelles | 26484 | IKGUL-26484US | true | |
74.125.250.129 | stun.l.google.com | United States | 15169 | GOOGLEUS | false |
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
154.205.155.97 | Get hash | malicious | Unknown | Browse | ||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse |
⊘No context
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
IKGUL-26484US | Get hash | malicious | Unknown | Browse |
| |
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
|
⊘No context
⊘No context
Process: | /tmp/arm7.elf |
File Type: | |
Category: | dropped |
Size (bytes): | 14 |
Entropy (8bit): | 3.521640636343319 |
Encrypted: | false |
SSDEEP: | 3:TgiLG:TgiC |
MD5: | 451AC90F7FA61D0393D6A5A02158D369 |
SHA1: | 5A7D458802462B80F94A9CDA24E2C877437A8E34 |
SHA-256: | E2D543300D643CEF7698E750F74E8499993E346EF765FA2061EB5DFAF8D77E48 |
SHA-512: | EF1D000F5B8BB5AFD4F6CB347FBE0FA0E97608B8C3839B6B44CB9828E5522396B334AE37148FCD2064A423B3DDD0C8874EF7019023A84B36E3893E50353F06FE |
Malicious: | false |
Reputation: | moderate, very likely benign file |
Preview: |
Process: | /tmp/arm7.elf |
File Type: | |
Category: | dropped |
Size (bytes): | 14 |
Entropy (8bit): | 3.521640636343319 |
Encrypted: | false |
SSDEEP: | 3:TgiLG:TgiC |
MD5: | 451AC90F7FA61D0393D6A5A02158D369 |
SHA1: | 5A7D458802462B80F94A9CDA24E2C877437A8E34 |
SHA-256: | E2D543300D643CEF7698E750F74E8499993E346EF765FA2061EB5DFAF8D77E48 |
SHA-512: | EF1D000F5B8BB5AFD4F6CB347FBE0FA0E97608B8C3839B6B44CB9828E5522396B334AE37148FCD2064A423B3DDD0C8874EF7019023A84B36E3893E50353F06FE |
Malicious: | false |
Reputation: | moderate, very likely benign file |
Preview: |
File type: | |
Entropy (8bit): | 6.10373359894316 |
TrID: |
|
File name: | arm7.elf |
File size: | 95'976 bytes |
MD5: | 635b6388d86af61017e8f3e83431b6e7 |
SHA1: | 1822953a69b69730a75b3aaacb36f3c711c40b20 |
SHA256: | fccdde510e6dce01530d73df68fb3d976853905f5f1b5226d103b557ccebd089 |
SHA512: | 1c4cf3d61a1182f094dadbb120d19ed03919b7fa029f64d7830a3478a0f95a887dc41c539c0448793c50b4a120f38ee6df256aa2892a1b7cd0648d138a1fb1c2 |
SSDEEP: | 1536:XXnnb3iCvbY7t0XXs68ojlDzrF26SyyzYp2taPvcemTqDtU2ylIOiCayPv0/V5w:Hu4bY7t0nXzR4s2ta3cemTqLSayn0t5w |
TLSH: | 4F93184AF9819F15D4D512BAFE4E528A33632BACE3EE3202DD245B2137CE55B0E77412 |
File Content Preview: | .ELF..............(.........4....t......4. ...(........p.o...........................................p...p...............p...p...p..4....r...............p...p...p..................Q.td..................................-...L..................@-.,@...0....S |
ELF header | |
---|---|
Class: | |
Data: | |
Version: | |
Machine: | |
Version Number: | |
Type: | |
OS/ABI: | |
ABI Version: | 0 |
Entry Point Address: | |
Flags: | |
ELF Header Size: | 52 |
Program Header Offset: | 52 |
Program Header Size: | 32 |
Number of Program Headers: | 5 |
Section Header Offset: | 95376 |
Section Header Size: | 40 |
Number of Section Headers: | 15 |
Header String Table Index: | 14 |
Name | Type | Address | Offset | Size | EntSize | Flags | Flags Description | Link | Info | Align |
---|---|---|---|---|---|---|---|---|---|---|
NULL | 0x0 | 0x0 | 0x0 | 0x0 | 0x0 | 0 | 0 | 0 | ||
.init | PROGBITS | 0x80d4 | 0xd4 | 0x10 | 0x0 | 0x6 | AX | 0 | 0 | 4 |
.text | PROGBITS | 0x80f0 | 0xf0 | 0x15570 | 0x0 | 0x6 | AX | 0 | 0 | 16 |
.fini | PROGBITS | 0x1d660 | 0x15660 | 0x10 | 0x0 | 0x6 | AX | 0 | 0 | 4 |
.rodata | PROGBITS | 0x1d670 | 0x15670 | 0x1948 | 0x0 | 0x2 | A | 0 | 0 | 8 |
.ARM.extab | PROGBITS | 0x1efb8 | 0x16fb8 | 0x18 | 0x0 | 0x2 | A | 0 | 0 | 4 |
.ARM.exidx | ARM_EXIDX | 0x1efd0 | 0x16fd0 | 0x118 | 0x0 | 0x82 | AL | 2 | 0 | 4 |
.eh_frame | PROGBITS | 0x270e8 | 0x170e8 | 0x4 | 0x0 | 0x3 | WA | 0 | 0 | 4 |
.tbss | NOBITS | 0x270ec | 0x170ec | 0x8 | 0x0 | 0x403 | WAT | 0 | 0 | 4 |
.init_array | INIT_ARRAY | 0x270ec | 0x170ec | 0x4 | 0x0 | 0x3 | WA | 0 | 0 | 4 |
.fini_array | FINI_ARRAY | 0x270f0 | 0x170f0 | 0x4 | 0x0 | 0x3 | WA | 0 | 0 | 4 |
.got | PROGBITS | 0x270f8 | 0x170f8 | 0xa8 | 0x4 | 0x3 | WA | 0 | 0 | 4 |
.data | PROGBITS | 0x271a0 | 0x171a0 | 0x27c | 0x0 | 0x3 | WA | 0 | 0 | 4 |
.bss | NOBITS | 0x2741c | 0x1741c | 0x6f64 | 0x0 | 0x3 | WA | 0 | 0 | 4 |
.shstrtab | STRTAB | 0x0 | 0x1741c | 0x73 | 0x0 | 0x0 | 0 | 0 | 1 |
Type | Offset | Virtual Address | Physical Address | File Size | Memory Size | Entropy | Flags | Flags Description | Align | Prog Interpreter | Section Mappings |
---|---|---|---|---|---|---|---|---|---|---|---|
EXIDX | 0x16fd0 | 0x1efd0 | 0x1efd0 | 0x118 | 0x118 | 4.4442 | 0x4 | R | 0x4 | .ARM.exidx | |
LOAD | 0x0 | 0x8000 | 0x8000 | 0x170e8 | 0x170e8 | 6.1207 | 0x5 | R E | 0x8000 | .init .text .fini .rodata .ARM.extab .ARM.exidx | |
LOAD | 0x170e8 | 0x270e8 | 0x270e8 | 0x334 | 0x7298 | 4.1586 | 0x6 | RW | 0x8000 | .eh_frame .tbss .init_array .fini_array .got .data .bss | |
TLS | 0x170ec | 0x270ec | 0x270ec | 0x0 | 0x8 | 0.0000 | 0x4 | R | 0x4 | .tbss | |
GNU_STACK | 0x0 | 0x0 | 0x0 | 0x0 | 0x0 | 0.0000 | 0x7 | RWE | 0x4 |
Download Network PCAP: filtered – full
- Total Packets: 19
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Mar 16, 2025 02:46:11.199229956 CET | 48688 | 56190 | 192.168.2.15 | 154.205.155.97 |
Mar 16, 2025 02:46:11.204056025 CET | 56190 | 48688 | 154.205.155.97 | 192.168.2.15 |
Mar 16, 2025 02:46:11.204803944 CET | 48688 | 56190 | 192.168.2.15 | 154.205.155.97 |
Mar 16, 2025 02:46:11.868410110 CET | 56190 | 48688 | 154.205.155.97 | 192.168.2.15 |
Mar 16, 2025 02:46:11.868556023 CET | 48688 | 56190 | 192.168.2.15 | 154.205.155.97 |
Mar 16, 2025 02:46:11.986828089 CET | 56190 | 48688 | 154.205.155.97 | 192.168.2.15 |
Mar 16, 2025 02:46:11.993731022 CET | 48688 | 56190 | 192.168.2.15 | 154.205.155.97 |
Mar 16, 2025 02:46:15.796546936 CET | 48688 | 56190 | 192.168.2.15 | 154.205.155.97 |
Mar 16, 2025 02:46:15.801707983 CET | 56190 | 48688 | 154.205.155.97 | 192.168.2.15 |
Mar 16, 2025 02:46:29.402232885 CET | 56190 | 48688 | 154.205.155.97 | 192.168.2.15 |
Mar 16, 2025 02:46:29.402451038 CET | 48688 | 56190 | 192.168.2.15 | 154.205.155.97 |
Mar 16, 2025 02:46:44.418147087 CET | 48688 | 56190 | 192.168.2.15 | 154.205.155.97 |
Mar 16, 2025 02:46:44.422875881 CET | 56190 | 48688 | 154.205.155.97 | 192.168.2.15 |
Mar 16, 2025 02:46:44.422944069 CET | 48688 | 56190 | 192.168.2.15 | 154.205.155.97 |
Mar 16, 2025 02:46:44.427603960 CET | 56190 | 48688 | 154.205.155.97 | 192.168.2.15 |
Mar 16, 2025 02:47:04.435152054 CET | 48688 | 56190 | 192.168.2.15 | 154.205.155.97 |
Mar 16, 2025 02:47:04.439914942 CET | 56190 | 48688 | 154.205.155.97 | 192.168.2.15 |
Mar 16, 2025 02:47:04.439981937 CET | 48688 | 56190 | 192.168.2.15 | 154.205.155.97 |
Mar 16, 2025 02:47:04.444626093 CET | 56190 | 48688 | 154.205.155.97 | 192.168.2.15 |
Mar 16, 2025 02:47:24.364598989 CET | 48688 | 56190 | 192.168.2.15 | 154.205.155.97 |
Mar 16, 2025 02:47:24.369440079 CET | 56190 | 48688 | 154.205.155.97 | 192.168.2.15 |
Mar 16, 2025 02:47:24.369488955 CET | 48688 | 56190 | 192.168.2.15 | 154.205.155.97 |
Mar 16, 2025 02:47:24.374639034 CET | 56190 | 48688 | 154.205.155.97 | 192.168.2.15 |
Mar 16, 2025 02:47:44.366920948 CET | 48688 | 56190 | 192.168.2.15 | 154.205.155.97 |
Mar 16, 2025 02:47:44.371634007 CET | 56190 | 48688 | 154.205.155.97 | 192.168.2.15 |
Mar 16, 2025 02:47:44.371689081 CET | 48688 | 56190 | 192.168.2.15 | 154.205.155.97 |
Mar 16, 2025 02:47:44.376291990 CET | 56190 | 48688 | 154.205.155.97 | 192.168.2.15 |
Mar 16, 2025 02:47:58.483778000 CET | 56190 | 48688 | 154.205.155.97 | 192.168.2.15 |
Mar 16, 2025 02:47:58.484080076 CET | 48688 | 56190 | 192.168.2.15 | 154.205.155.97 |
Mar 16, 2025 02:48:13.494574070 CET | 48688 | 56190 | 192.168.2.15 | 154.205.155.97 |
Mar 16, 2025 02:48:13.499385118 CET | 56190 | 48688 | 154.205.155.97 | 192.168.2.15 |
Mar 16, 2025 02:48:13.499460936 CET | 48688 | 56190 | 192.168.2.15 | 154.205.155.97 |
Mar 16, 2025 02:48:13.504121065 CET | 56190 | 48688 | 154.205.155.97 | 192.168.2.15 |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Mar 16, 2025 02:46:12.208096981 CET | 38124 | 53 | 192.168.2.15 | 8.8.8.8 |
Mar 16, 2025 02:46:12.226238012 CET | 53 | 38124 | 8.8.8.8 | 192.168.2.15 |
Mar 16, 2025 02:46:12.226953983 CET | 55801 | 19302 | 192.168.2.15 | 74.125.250.129 |
Mar 16, 2025 02:46:12.850130081 CET | 19302 | 55801 | 74.125.250.129 | 192.168.2.15 |
Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|
Mar 16, 2025 02:46:12.208096981 CET | 192.168.2.15 | 8.8.8.8 | 0x2da2 | Standard query (0) | A (IP address) | IN (0x0001) | false |
Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|---|---|
Mar 16, 2025 02:46:12.226238012 CET | 8.8.8.8 | 192.168.2.15 | 0x2da2 | No error (0) | 74.125.250.129 | A (IP address) | IN (0x0001) | false |
System Behavior
Start time (UTC): | 01:46:09 |
Start date (UTC): | 16/03/2025 |
Path: | /tmp/arm7.elf |
Arguments: | /tmp/arm7.elf |
File size: | 4956856 bytes |
MD5 hash: | 5ebfcae4fe2471fcc5695c2394773ff1 |
Start time (UTC): | 01:46:10 |
Start date (UTC): | 16/03/2025 |
Path: | /tmp/arm7.elf |
Arguments: | - |
File size: | 4956856 bytes |
MD5 hash: | 5ebfcae4fe2471fcc5695c2394773ff1 |