Linux
Analysis Report
Space.x86_64.elf
Overview
General Information
Detection
Score: | 60 |
Range: | 0 - 100 |
Signatures
Malicious sample detected (through community Yara rule)
Multi AV Scanner detection for submitted file
Sample is packed with UPX
Detected TCP or UDP traffic on non-standard ports
ELF contains segments with high entropy indicating compressed/encrypted content
Enumerates processes within the "proc" file system
Sample contains only a LOAD segment without any section mappings
Tries to connect to HTTP servers, but all servers are down (expired dropper behavior)
Yara signature match
Classification
Joe Sandbox version: | 42.0.0 Malachite |
Analysis ID: | 1644262 |
Start date and time: | 2025-03-20 13:54:57 +01:00 |
Joe Sandbox product: | CloudBasic |
Overall analysis duration: | 0h 4m 27s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | defaultlinuxfilecookbook.jbs |
Analysis system description: | Ubuntu Linux 20.04 x64 (Kernel 5.4.0-72, Firefox 91.0, Evince Document Viewer 3.36.10, LibreOffice 6.4.7.2, OpenJDK 11.0.11) |
Analysis Mode: | default |
Sample name: | Space.x86_64.elf |
Detection: | MAL |
Classification: | mal60.evad.linELF@0/0@0/0 |
Command: | /tmp/Space.x86_64.elf |
PID: | 5484 |
Exit Code: | 0 |
Exit Code Info: | |
Killed: | False |
Standard Output: | lzrd cock fest"/proc/"/exe |
Standard Error: |
- system is lnxubuntu20
- Space.x86_64.elf New Fork (PID: 5485, Parent: 5484)
- Space.x86_64.elf New Fork (PID: 5486, Parent: 5485)
- Space.x86_64.elf New Fork (PID: 5487, Parent: 5485)
- Space.x86_64.elf New Fork (PID: 5490, Parent: 5484)
- Space.x86_64.elf New Fork (PID: 5491, Parent: 5484)
- cleanup
Source | Rule | Description | Author | Strings |
---|---|---|---|---|
Linux_Trojan_Gafgyt_28a2fe0c | unknown | unknown |
| |
Linux_Trojan_Mirai_564b8eda | unknown | unknown |
| |
Linux_Trojan_Gafgyt_28a2fe0c | unknown | unknown |
| |
Linux_Trojan_Mirai_564b8eda | unknown | unknown |
| |
Linux_Trojan_Gafgyt_28a2fe0c | unknown | unknown |
| |
Click to see the 7 entries |
⊘No Suricata rule has matched
- • AV Detection
- • Networking
- • System Summary
- • Data Obfuscation
- • Persistence and Installation Behavior
- • Hooking and other Techniques for Hiding and Protection
Click to jump to signature section
Show All Signature Results
AV Detection |
---|
Source: | Virustotal: | Perma Link | ||
Source: | ReversingLabs: |
Source: | TCP traffic: |
Source: | TCP traffic: |
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: |
Source: | String found in binary or memory: |
Source: | Network traffic detected: |
System Summary |
---|
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: |
Source: | Program segment: |
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: |
Source: | Classification label: |
Data Obfuscation |
---|
Source: | String containing UPX found: | ||
Source: | String containing UPX found: | ||
Source: | String containing UPX found: |
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior |
Source: | Submission file: |
Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Gather Victim Identity Information | Acquire Infrastructure | Valid Accounts | Windows Management Instrumentation | Path Interception | Path Interception | 11 Obfuscated Files or Information | 1 OS Credential Dumping | System Service Discovery | Remote Services | Data from Local System | 1 Encrypted Channel | Exfiltration Over Other Network Medium | Abuse Accessibility Features |
Credentials | Domains | Default Accounts | Scheduled Task/Job | Boot or Logon Initialization Scripts | Boot or Logon Initialization Scripts | Rootkit | LSASS Memory | Application Window Discovery | Remote Desktop Protocol | Data from Removable Media | 1 Non-Standard Port | Exfiltration Over Bluetooth | Network Denial of Service |
Email Addresses | DNS Server | Domain Accounts | At | Logon Script (Windows) | Logon Script (Windows) | Obfuscated Files or Information | Security Account Manager | Query Registry | SMB/Windows Admin Shares | Data from Network Shared Drive | 1 Application Layer Protocol | Automated Exfiltration | Data Encrypted for Impact |
⊘No configs have been found
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
40% | Virustotal | Browse | ||
42% | ReversingLabs | Linux.Backdoor.Mirai |
⊘No Antivirus matches
⊘No Antivirus matches
⊘No Antivirus matches
⊘No contacted domains info
Name | Source | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|
false | high |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
185.125.190.26 | unknown | United Kingdom | 41231 | CANONICAL-ASGB | false | |
209.97.147.158 | unknown | United States | 14061 | DIGITALOCEAN-ASNUS | false |
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
185.125.190.26 | Get hash | malicious | Unknown | Browse | ||
Get hash | malicious | Gafgyt, Mirai, Moobot, Okiru | Browse | |||
Get hash | malicious | Gafgyt, Mirai | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Mirai | Browse | |||
Get hash | malicious | Mirai | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Mirai | Browse | |||
Get hash | malicious | Mirai | Browse | |||
209.97.147.158 | Get hash | malicious | Unknown | Browse | ||
Get hash | malicious | Mirai | Browse | |||
Get hash | malicious | Unknown | Browse |
⊘No context
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
CANONICAL-ASGB | Get hash | malicious | Unknown | Browse |
| |
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Gafgyt, Mirai, Moobot, Okiru | Browse |
| ||
Get hash | malicious | Gafgyt, Mirai | Browse |
| ||
Get hash | malicious | Gafgyt, Mirai | Browse |
| ||
Get hash | malicious | Gafgyt, Mirai | Browse |
| ||
DIGITALOCEAN-ASNUS | Get hash | malicious | Unknown | Browse |
| |
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Emotet | Browse |
| ||
Get hash | malicious | Emotet | Browse |
| ||
Get hash | malicious | Rusty Stealer | Browse |
| ||
Get hash | malicious | Rusty Stealer | Browse |
| ||
Get hash | malicious | Rusty Stealer | Browse |
|
⊘No context
⊘No context
⊘No created / dropped files found
File type: | |
Entropy (8bit): | 7.960371112175457 |
TrID: |
|
File name: | Space.x86_64.elf |
File size: | 37'540 bytes |
MD5: | 49303f53497fc1ff83a79131e081e29c |
SHA1: | fc6fdb218354523af716ef05c9acc70683ac5d17 |
SHA256: | ad93d00ea4138c10f9e0177b2aa75682e9b7d589f42f0ad87d033b840767f656 |
SHA512: | 5ed18b4d32a6434d609930f5337d2b49e22c8c9f7baa06cdadb37f1b46bf3723d39a955343bc6a9d23cd18c43e4eff652d2acbeef6550eec1a3d58029c15d217 |
SSDEEP: | 768:P+4qtvWUAASje6lhaVG5CHb4diYjLMWf5CcWHdbL5fPr8bpZ0JiWx0G:29tvWrASje4wVGigJmFL578bpWJhD |
TLSH: | C7F2E152D96AD93CDA332E7500826B68CF73D0B19442579F4BED629F1E7EE042D0A750 |
File Content Preview: | .ELF..............>.....`.@.....@...................@.8...@.......................@.......@....................... ......................Ka......Ka.............................Q.td.....................................................I..UPX!D.......8:..8:. |
ELF header | |
---|---|
Class: | |
Data: | |
Version: | |
Machine: | |
Version Number: | |
Type: | |
OS/ABI: | |
ABI Version: | 0 |
Entry Point Address: | |
Flags: | |
ELF Header Size: | 64 |
Program Header Offset: | 64 |
Program Header Size: | 56 |
Number of Program Headers: | 3 |
Section Header Offset: | 0 |
Section Header Size: | 64 |
Number of Section Headers: | 0 |
Header String Table Index: | 0 |
Type | Offset | Virtual Address | Physical Address | File Size | Memory Size | Entropy | Flags | Flags Description | Align | Prog Interpreter | Section Mappings |
---|---|---|---|---|---|---|---|---|---|---|---|
LOAD | 0x0 | 0x400000 | 0x400000 | 0x919c | 0x919c | 7.9624 | 0x5 | R E | 0x200000 | ||
LOAD | 0xb00 | 0x614b00 | 0x614b00 | 0x0 | 0x0 | 0.0000 | 0x6 | RW | 0x1000 | ||
GNU_STACK | 0x0 | 0x0 | 0x0 | 0x0 | 0x0 | 0.0000 | 0x6 | RW | 0x8 |
Download Network PCAP: filtered – full
- Total Packets: 97
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Mar 20, 2025 13:55:40.620904922 CET | 51296 | 3778 | 192.168.2.14 | 209.97.147.158 |
Mar 20, 2025 13:55:41.641042948 CET | 51296 | 3778 | 192.168.2.14 | 209.97.147.158 |
Mar 20, 2025 13:55:43.657020092 CET | 51296 | 3778 | 192.168.2.14 | 209.97.147.158 |
Mar 20, 2025 13:55:46.018702030 CET | 51298 | 3778 | 192.168.2.14 | 209.97.147.158 |
Mar 20, 2025 13:55:47.048840046 CET | 51298 | 3778 | 192.168.2.14 | 209.97.147.158 |
Mar 20, 2025 13:55:47.752856016 CET | 51296 | 3778 | 192.168.2.14 | 209.97.147.158 |
Mar 20, 2025 13:55:48.520759106 CET | 46540 | 443 | 192.168.2.14 | 185.125.190.26 |
Mar 20, 2025 13:55:49.064762115 CET | 51298 | 3778 | 192.168.2.14 | 209.97.147.158 |
Mar 20, 2025 13:55:51.637942076 CET | 51300 | 3778 | 192.168.2.14 | 209.97.147.158 |
Mar 20, 2025 13:55:52.648739100 CET | 51300 | 3778 | 192.168.2.14 | 209.97.147.158 |
Mar 20, 2025 13:55:53.128825903 CET | 51298 | 3778 | 192.168.2.14 | 209.97.147.158 |
Mar 20, 2025 13:55:54.664675951 CET | 51300 | 3778 | 192.168.2.14 | 209.97.147.158 |
Mar 20, 2025 13:55:57.034029961 CET | 51302 | 3778 | 192.168.2.14 | 209.97.147.158 |
Mar 20, 2025 13:55:58.056545019 CET | 51302 | 3778 | 192.168.2.14 | 209.97.147.158 |
Mar 20, 2025 13:55:58.760622978 CET | 51300 | 3778 | 192.168.2.14 | 209.97.147.158 |
Mar 20, 2025 13:56:00.072451115 CET | 51302 | 3778 | 192.168.2.14 | 209.97.147.158 |
Mar 20, 2025 13:56:02.651242018 CET | 51304 | 3778 | 192.168.2.14 | 209.97.147.158 |
Mar 20, 2025 13:56:03.656399012 CET | 51304 | 3778 | 192.168.2.14 | 209.97.147.158 |
Mar 20, 2025 13:56:04.136493921 CET | 51302 | 3778 | 192.168.2.14 | 209.97.147.158 |
Mar 20, 2025 13:56:05.672382116 CET | 51304 | 3778 | 192.168.2.14 | 209.97.147.158 |
Mar 20, 2025 13:56:08.045089006 CET | 51306 | 3778 | 192.168.2.14 | 209.97.147.158 |
Mar 20, 2025 13:56:09.064344883 CET | 51306 | 3778 | 192.168.2.14 | 209.97.147.158 |
Mar 20, 2025 13:56:09.768284082 CET | 51304 | 3778 | 192.168.2.14 | 209.97.147.158 |
Mar 20, 2025 13:56:11.080210924 CET | 51306 | 3778 | 192.168.2.14 | 209.97.147.158 |
Mar 20, 2025 13:56:13.664392948 CET | 51308 | 3778 | 192.168.2.14 | 209.97.147.158 |
Mar 20, 2025 13:56:14.696222067 CET | 51308 | 3778 | 192.168.2.14 | 209.97.147.158 |
Mar 20, 2025 13:56:15.144200087 CET | 51306 | 3778 | 192.168.2.14 | 209.97.147.158 |
Mar 20, 2025 13:56:16.712121964 CET | 51308 | 3778 | 192.168.2.14 | 209.97.147.158 |
Mar 20, 2025 13:56:18.728096962 CET | 46540 | 443 | 192.168.2.14 | 185.125.190.26 |
Mar 20, 2025 13:56:19.057868958 CET | 51310 | 3778 | 192.168.2.14 | 209.97.147.158 |
Mar 20, 2025 13:56:20.072180986 CET | 51310 | 3778 | 192.168.2.14 | 209.97.147.158 |
Mar 20, 2025 13:56:20.776092052 CET | 51308 | 3778 | 192.168.2.14 | 209.97.147.158 |
Mar 20, 2025 13:56:22.088218927 CET | 51310 | 3778 | 192.168.2.14 | 209.97.147.158 |
Mar 20, 2025 13:56:24.677519083 CET | 51312 | 3778 | 192.168.2.14 | 209.97.147.158 |
Mar 20, 2025 13:56:25.703946114 CET | 51312 | 3778 | 192.168.2.14 | 209.97.147.158 |
Mar 20, 2025 13:56:26.151966095 CET | 51310 | 3778 | 192.168.2.14 | 209.97.147.158 |
Mar 20, 2025 13:56:27.719942093 CET | 51312 | 3778 | 192.168.2.14 | 209.97.147.158 |
Mar 20, 2025 13:56:30.068861008 CET | 51314 | 3778 | 192.168.2.14 | 209.97.147.158 |
Mar 20, 2025 13:56:31.079811096 CET | 51314 | 3778 | 192.168.2.14 | 209.97.147.158 |
Mar 20, 2025 13:56:31.783830881 CET | 51312 | 3778 | 192.168.2.14 | 209.97.147.158 |
Mar 20, 2025 13:56:33.095701933 CET | 51314 | 3778 | 192.168.2.14 | 209.97.147.158 |
Mar 20, 2025 13:56:35.691745996 CET | 51316 | 3778 | 192.168.2.14 | 209.97.147.158 |
Mar 20, 2025 13:56:36.711632013 CET | 51316 | 3778 | 192.168.2.14 | 209.97.147.158 |
Mar 20, 2025 13:56:37.159640074 CET | 51314 | 3778 | 192.168.2.14 | 209.97.147.158 |
Mar 20, 2025 13:56:38.727710962 CET | 51316 | 3778 | 192.168.2.14 | 209.97.147.158 |
Mar 20, 2025 13:56:41.081511021 CET | 51318 | 3778 | 192.168.2.14 | 209.97.147.158 |
Mar 20, 2025 13:56:42.087606907 CET | 51318 | 3778 | 192.168.2.14 | 209.97.147.158 |
Mar 20, 2025 13:56:42.791455030 CET | 51316 | 3778 | 192.168.2.14 | 209.97.147.158 |
Mar 20, 2025 13:56:44.103410959 CET | 51318 | 3778 | 192.168.2.14 | 209.97.147.158 |
Mar 20, 2025 13:56:46.707722902 CET | 51320 | 3778 | 192.168.2.14 | 209.97.147.158 |
Mar 20, 2025 13:56:47.719403982 CET | 51320 | 3778 | 192.168.2.14 | 209.97.147.158 |
Mar 20, 2025 13:56:48.167318106 CET | 51318 | 3778 | 192.168.2.14 | 209.97.147.158 |
Mar 20, 2025 13:56:49.735415936 CET | 51320 | 3778 | 192.168.2.14 | 209.97.147.158 |
Mar 20, 2025 13:56:52.095649004 CET | 51322 | 3778 | 192.168.2.14 | 209.97.147.158 |
Mar 20, 2025 13:56:53.127340078 CET | 51322 | 3778 | 192.168.2.14 | 209.97.147.158 |
Mar 20, 2025 13:56:53.799479008 CET | 51320 | 3778 | 192.168.2.14 | 209.97.147.158 |
Mar 20, 2025 13:56:55.143194914 CET | 51322 | 3778 | 192.168.2.14 | 209.97.147.158 |
Mar 20, 2025 13:56:57.721978903 CET | 51324 | 3778 | 192.168.2.14 | 209.97.147.158 |
Mar 20, 2025 13:56:58.727327108 CET | 51324 | 3778 | 192.168.2.14 | 209.97.147.158 |
Mar 20, 2025 13:56:59.175173998 CET | 51322 | 3778 | 192.168.2.14 | 209.97.147.158 |
Mar 20, 2025 13:57:00.743227959 CET | 51324 | 3778 | 192.168.2.14 | 209.97.147.158 |
Mar 20, 2025 13:57:03.100220919 CET | 51326 | 3778 | 192.168.2.14 | 209.97.147.158 |
Mar 20, 2025 13:57:04.103028059 CET | 51326 | 3778 | 192.168.2.14 | 209.97.147.158 |
Mar 20, 2025 13:57:04.807157993 CET | 51324 | 3778 | 192.168.2.14 | 209.97.147.158 |
Mar 20, 2025 13:57:06.118921041 CET | 51326 | 3778 | 192.168.2.14 | 209.97.147.158 |
Mar 20, 2025 13:57:08.736192942 CET | 51328 | 3778 | 192.168.2.14 | 209.97.147.158 |
Mar 20, 2025 13:57:09.766916990 CET | 51328 | 3778 | 192.168.2.14 | 209.97.147.158 |
Mar 20, 2025 13:57:10.182929993 CET | 51326 | 3778 | 192.168.2.14 | 209.97.147.158 |
Mar 20, 2025 13:57:11.782793045 CET | 51328 | 3778 | 192.168.2.14 | 209.97.147.158 |
Mar 20, 2025 13:57:14.105156898 CET | 51330 | 3778 | 192.168.2.14 | 209.97.147.158 |
Mar 20, 2025 13:57:15.110794067 CET | 51330 | 3778 | 192.168.2.14 | 209.97.147.158 |
Mar 20, 2025 13:57:15.814714909 CET | 51328 | 3778 | 192.168.2.14 | 209.97.147.158 |
Mar 20, 2025 13:57:17.126714945 CET | 51330 | 3778 | 192.168.2.14 | 209.97.147.158 |
Mar 20, 2025 13:57:19.751471043 CET | 51332 | 3778 | 192.168.2.14 | 209.97.147.158 |
Mar 20, 2025 13:57:20.774799109 CET | 51332 | 3778 | 192.168.2.14 | 209.97.147.158 |
Mar 20, 2025 13:57:21.190711975 CET | 51330 | 3778 | 192.168.2.14 | 209.97.147.158 |
Mar 20, 2025 13:57:22.790731907 CET | 51332 | 3778 | 192.168.2.14 | 209.97.147.158 |
Mar 20, 2025 13:57:25.116856098 CET | 51334 | 3778 | 192.168.2.14 | 209.97.147.158 |
Mar 20, 2025 13:57:26.118590117 CET | 51334 | 3778 | 192.168.2.14 | 209.97.147.158 |
Mar 20, 2025 13:57:26.822443008 CET | 51332 | 3778 | 192.168.2.14 | 209.97.147.158 |
Mar 20, 2025 13:57:28.134356976 CET | 51334 | 3778 | 192.168.2.14 | 209.97.147.158 |
Mar 20, 2025 13:57:30.766516924 CET | 51336 | 3778 | 192.168.2.14 | 209.97.147.158 |
Mar 20, 2025 13:57:31.782500029 CET | 51336 | 3778 | 192.168.2.14 | 209.97.147.158 |
Mar 20, 2025 13:57:32.198407888 CET | 51334 | 3778 | 192.168.2.14 | 209.97.147.158 |
Mar 20, 2025 13:57:33.798492908 CET | 51336 | 3778 | 192.168.2.14 | 209.97.147.158 |
Mar 20, 2025 13:57:36.132632017 CET | 51338 | 3778 | 192.168.2.14 | 209.97.147.158 |
Mar 20, 2025 13:57:37.158308983 CET | 51338 | 3778 | 192.168.2.14 | 209.97.147.158 |
Mar 20, 2025 13:57:37.830305099 CET | 51336 | 3778 | 192.168.2.14 | 209.97.147.158 |
Mar 20, 2025 13:57:39.174247980 CET | 51338 | 3778 | 192.168.2.14 | 209.97.147.158 |
Mar 20, 2025 13:57:41.781203032 CET | 51340 | 3778 | 192.168.2.14 | 209.97.147.158 |
Mar 20, 2025 13:57:42.790061951 CET | 51340 | 3778 | 192.168.2.14 | 209.97.147.158 |
Mar 20, 2025 13:57:43.205986977 CET | 51338 | 3778 | 192.168.2.14 | 209.97.147.158 |
Mar 20, 2025 13:57:44.806093931 CET | 51340 | 3778 | 192.168.2.14 | 209.97.147.158 |
Mar 20, 2025 13:57:47.145252943 CET | 51342 | 3778 | 192.168.2.14 | 209.97.147.158 |
Mar 20, 2025 13:57:48.165980101 CET | 51342 | 3778 | 192.168.2.14 | 209.97.147.158 |
Mar 20, 2025 13:57:48.837901115 CET | 51340 | 3778 | 192.168.2.14 | 209.97.147.158 |
Mar 20, 2025 13:57:50.182008982 CET | 51342 | 3778 | 192.168.2.14 | 209.97.147.158 |
System Behavior
Start time (UTC): | 12:55:39 |
Start date (UTC): | 20/03/2025 |
Path: | /tmp/Space.x86_64.elf |
Arguments: | /tmp/Space.x86_64.elf |
File size: | 37540 bytes |
MD5 hash: | 49303f53497fc1ff83a79131e081e29c |
Start time (UTC): | 12:55:39 |
Start date (UTC): | 20/03/2025 |
Path: | /tmp/Space.x86_64.elf |
Arguments: | - |
File size: | 37540 bytes |
MD5 hash: | 49303f53497fc1ff83a79131e081e29c |
Start time (UTC): | 12:55:39 |
Start date (UTC): | 20/03/2025 |
Path: | /tmp/Space.x86_64.elf |
Arguments: | - |
File size: | 37540 bytes |
MD5 hash: | 49303f53497fc1ff83a79131e081e29c |
Start time (UTC): | 12:55:39 |
Start date (UTC): | 20/03/2025 |
Path: | /tmp/Space.x86_64.elf |
Arguments: | - |
File size: | 37540 bytes |
MD5 hash: | 49303f53497fc1ff83a79131e081e29c |
Start time (UTC): | 12:55:45 |
Start date (UTC): | 20/03/2025 |
Path: | /tmp/Space.x86_64.elf |
Arguments: | - |
File size: | 37540 bytes |
MD5 hash: | 49303f53497fc1ff83a79131e081e29c |
Start time (UTC): | 12:55:45 |
Start date (UTC): | 20/03/2025 |
Path: | /tmp/Space.x86_64.elf |
Arguments: | - |
File size: | 37540 bytes |
MD5 hash: | 49303f53497fc1ff83a79131e081e29c |