Linux
Analysis Report
.i.elf
Overview
General Information
Detection
Score: | 76 |
Range: | 0 - 100 |
Signatures
Classification
Joe Sandbox version: | 42.0.0 Malachite |
Analysis ID: | 1669005 |
Start date and time: | 2025-04-19 04:09:24 +02:00 |
Joe Sandbox product: | CloudBasic |
Overall analysis duration: | 0h 5m 13s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | defaultlinuxfilecookbook.jbs |
Analysis system description: | Ubuntu Linux 20.04 x64 (Kernel 5.4.0-72, Firefox 91.0, Evince Document Viewer 3.36.10, LibreOffice 6.4.7.2, OpenJDK 11.0.11) |
Analysis Mode: | default |
Sample name: | .i.elf |
Detection: | MAL |
Classification: | mal76.spre.troj.evad.linELF@0/1@4/0 |
- Excluded IPs from analysis (whitelisted): 209.51.161.238, 23.141.40.123, 23.168.136.132, 129.146.193.200
- Excluded domains from analysis (whitelisted): pool.ntp.org
Command: | /tmp/.i.elf |
PID: | 5414 |
Exit Code: | 0 |
Exit Code Info: | |
Killed: | False |
Standard Output: | |
Standard Error: | iptables v1.8.4 (legacy): Couldn't load target `CWMP_CR':No such file or directory Try `iptables -h' or 'iptables --help' for more information. iptables: No chain/target/match by that name. |
- system is lnxubuntu20
- .i.elf New Fork (PID: 5416, Parent: 5414)
- .i.elf New Fork (PID: 5418, Parent: 5416)
- sh New Fork (PID: 5424, Parent: 5418)
- .i.elf New Fork (PID: 5430, Parent: 5416)
- sh New Fork (PID: 5435, Parent: 5430)
- .i.elf New Fork (PID: 5436, Parent: 5416)
- sh New Fork (PID: 5441, Parent: 5436)
- .i.elf New Fork (PID: 5442, Parent: 5416)
- sh New Fork (PID: 5447, Parent: 5442)
- .i.elf New Fork (PID: 5450, Parent: 5416)
- sh New Fork (PID: 5455, Parent: 5450)
- .i.elf New Fork (PID: 5456, Parent: 5416)
- sh New Fork (PID: 5461, Parent: 5456)
- .i.elf New Fork (PID: 5462, Parent: 5416)
- sh New Fork (PID: 5467, Parent: 5462)
- cleanup
Name | Description | Attribution | Blogpost URLs | Link |
---|---|---|---|---|
Mirai | Mirai is one of the first significant botnets targeting exposed networking devices running Linux. Found in August 2016 by MalwareMustDie, its name means "future" in Japanese. Nowadays it targets a wide range of networked embedded devices such as IP cameras, home routers (many vendors involved), and other IoT devices. Since the source code was published on "Hack Forums" many variants of the Mirai family appeared, infecting mostly home networks all around the world. | No Attribution |
Source | Rule | Description | Author | Strings |
---|---|---|---|---|
JoeSecurity_Mirai_9 | Yara detected Mirai | Joe Security |
- • AV Detection
- • Spreading
- • Networking
- • System Summary
- • Persistence and Installation Behavior
- • Hooking and other Techniques for Hiding and Protection
- • Malware Analysis System Evasion
- • Stealing of Sensitive Information
- • Remote Access Functionality
Click to jump to signature section
AV Detection |
---|
Source: | Avira: |
Source: | Virustotal: | Perma Link | ||
Source: | ReversingLabs: |
Spreading |
---|
Source: | Opens: | Jump to behavior |
Networking |
---|
Source: | Iptables executable using switch for changing the iptables rules: | Jump to behavior | ||
Source: | Iptables executable using switch for changing the iptables rules: | Jump to behavior | ||
Source: | Iptables executable using switch for changing the iptables rules: | Jump to behavior | ||
Source: | Iptables executable using switch for changing the iptables rules: | Jump to behavior | ||
Source: | Iptables executable using switch for changing the iptables rules: | Jump to behavior | ||
Source: | Iptables executable using switch for changing the iptables rules: | Jump to behavior | ||
Source: | Iptables executable using switch for changing the iptables rules: | Jump to behavior |
Source: | UDP traffic: | ||
Source: | UDP traffic: | ||
Source: | UDP traffic: | ||
Source: | UDP traffic: | ||
Source: | UDP traffic: | ||
Source: | UDP traffic: | ||
Source: | UDP traffic: | ||
Source: | UDP traffic: | ||
Source: | UDP traffic: | ||
Source: | UDP traffic: | ||
Source: | UDP traffic: | ||
Source: | UDP traffic: | ||
Source: | UDP traffic: | ||
Source: | UDP traffic: | ||
Source: | UDP traffic: | ||
Source: | UDP traffic: | ||
Source: | UDP traffic: | ||
Source: | UDP traffic: | ||
Source: | UDP traffic: | ||
Source: | UDP traffic: | ||
Source: | UDP traffic: | ||
Source: | UDP traffic: | ||
Source: | UDP traffic: | ||
Source: | UDP traffic: | ||
Source: | UDP traffic: | ||
Source: | UDP traffic: | ||
Source: | UDP traffic: | ||
Source: | UDP traffic: | ||
Source: | UDP traffic: | ||
Source: | UDP traffic: | ||
Source: | UDP traffic: | ||
Source: | UDP traffic: | ||
Source: | UDP traffic: | ||
Source: | UDP traffic: | ||
Source: | UDP traffic: | ||
Source: | UDP traffic: | ||
Source: | UDP traffic: | ||
Source: | UDP traffic: | ||
Source: | UDP traffic: | ||
Source: | UDP traffic: | ||
Source: | UDP traffic: | ||
Source: | UDP traffic: | ||
Source: | UDP traffic: | ||
Source: | UDP traffic: | ||
Source: | UDP traffic: | ||
Source: | UDP traffic: | ||
Source: | UDP traffic: | ||
Source: | UDP traffic: | ||
Source: | UDP traffic: | ||
Source: | UDP traffic: | ||
Source: | UDP traffic: | ||
Source: | UDP traffic: | ||
Source: | UDP traffic: | ||
Source: | UDP traffic: | ||
Source: | UDP traffic: | ||
Source: | UDP traffic: | ||
Source: | UDP traffic: | ||
Source: | UDP traffic: | ||
Source: | UDP traffic: | ||
Source: | UDP traffic: | ||
Source: | UDP traffic: | ||
Source: | UDP traffic: | ||
Source: | UDP traffic: | ||
Source: | UDP traffic: | ||
Source: | UDP traffic: | ||
Source: | UDP traffic: | ||
Source: | UDP traffic: | ||
Source: | UDP traffic: | ||
Source: | UDP traffic: | ||
Source: | UDP traffic: | ||
Source: | UDP traffic: | ||
Source: | UDP traffic: | ||
Source: | UDP traffic: |
Source: | Iptables executable: | Jump to behavior | ||
Source: | Iptables executable: | Jump to behavior | ||
Source: | Iptables executable: | Jump to behavior | ||
Source: | Iptables executable: | Jump to behavior | ||
Source: | Iptables executable: | Jump to behavior | ||
Source: | Iptables executable: | Jump to behavior | ||
Source: | Iptables executable: | Jump to behavior |
Source: | Reads hosts file: | Jump to behavior |
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: |
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: |
Source: | Program segment: |
Source: | Classification label: |
Persistence and Installation Behavior |
---|
Source: | Iptables executable using switch for changing the iptables rules: | Jump to behavior | ||
Source: | Iptables executable using switch for changing the iptables rules: | Jump to behavior | ||
Source: | Iptables executable using switch for changing the iptables rules: | Jump to behavior | ||
Source: | Iptables executable using switch for changing the iptables rules: | Jump to behavior | ||
Source: | Iptables executable using switch for changing the iptables rules: | Jump to behavior | ||
Source: | Iptables executable using switch for changing the iptables rules: | Jump to behavior | ||
Source: | Iptables executable using switch for changing the iptables rules: | Jump to behavior |
Source: | Directory: | Jump to behavior |
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior |
Source: | Shell command executed: | Jump to behavior | ||
Source: | Shell command executed: | Jump to behavior | ||
Source: | Shell command executed: | Jump to behavior | ||
Source: | Shell command executed: | Jump to behavior | ||
Source: | Shell command executed: | Jump to behavior | ||
Source: | Shell command executed: | Jump to behavior | ||
Source: | Shell command executed: | Jump to behavior |
Source: | Iptables executable: | Jump to behavior | ||
Source: | Iptables executable: | Jump to behavior | ||
Source: | Iptables executable: | Jump to behavior | ||
Source: | Iptables executable: | Jump to behavior | ||
Source: | Iptables executable: | Jump to behavior | ||
Source: | Iptables executable: | Jump to behavior | ||
Source: | Iptables executable: | Jump to behavior |
Source: | Stderr: iptables v1.8.4 (legacy): Couldn't load target `CWMP_CR':No such file or directoryTry `iptables -h' or 'iptables --help' for more information.iptables: No chain/target/match by that name.: |
Hooking and other Techniques for Hiding and Protection |
---|
Source: | File: | Jump to behavior |
Source: | Submission file: |
Source: | Queries kernel information via 'uname': | Jump to behavior |
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: |
Stealing of Sensitive Information |
---|
Source: | File source: |
Remote Access Functionality |
---|
Source: | File source: |
Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Gather Victim Identity Information | 1 Scripting | Valid Accounts | Windows Management Instrumentation | 1 Scripting | Path Interception | 1 Hidden Files and Directories | 1 OS Credential Dumping | 11 Security Software Discovery | Remote Services | Data from Local System | 1 Non-Standard Port | Exfiltration Over Other Network Medium | Abuse Accessibility Features |
Credentials | Domains | Default Accounts | Scheduled Task/Job | Boot or Logon Initialization Scripts | Boot or Logon Initialization Scripts | 1 Obfuscated Files or Information | LSASS Memory | 1 File and Directory Discovery | Remote Desktop Protocol | Data from Removable Media | 1 Non-Application Layer Protocol | Exfiltration Over Bluetooth | Network Denial of Service |
Email Addresses | DNS Server | Domain Accounts | At | Logon Script (Windows) | Logon Script (Windows) | 1 File Deletion | Security Account Manager | 1 Remote System Discovery | SMB/Windows Admin Shares | Data from Network Shared Drive | 1 Application Layer Protocol | Automated Exfiltration | Data Encrypted for Impact |
Employee Names | Virtual Private Server | Local Accounts | Cron | Login Hook | Login Hook | Binary Padding | NTDS | 1 System Network Configuration Discovery | Distributed Component Object Model | Input Capture | Protocol Impersonation | Traffic Duplication | Data Destruction |
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
54% | Virustotal | Browse | ||
50% | ReversingLabs | Linux.Trojan.Hajime | ||
100% | Avira | LINUX/Hajime.woltx |
Name | IP | Active | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|---|
daisy.ubuntu.com | 162.213.35.24 | true | false | high | |
router.bittorrent.com | 67.215.246.10 | true | false | high | |
router.utorrent.com | 82.221.103.244 | true | false | high |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
119.34.160.228 | unknown | China | 17622 | CNCGROUP-GZChinaUnicomGuangzhounetworkCN | false | |
189.129.211.64 | unknown | Mexico | 8151 | UninetSAdeCVMX | false | |
189.139.172.241 | unknown | Mexico | 8151 | UninetSAdeCVMX | false | |
181.42.46.105 | unknown | Chile | 27651 | ENTELCHILESACL | false | |
195.98.68.52 | unknown | Russian Federation | 6856 | IC-VORONEZH-ASInformsvyaz-ChernozemyeRU | false | |
31.60.104.7 | unknown | Poland | 5617 | TPNETPL | false | |
99.240.197.244 | unknown | Canada | 812 | ROGERS-COMMUNICATIONSCA | false | |
78.85.4.135 | unknown | Russian Federation | 12389 | ROSTELECOM-ASRU | false | |
14.192.214.208 | unknown | Malaysia | 9534 | MAXIS-AS1-APBinariangBerhadMY | false | |
80.11.235.118 | unknown | France | 3215 | FranceTelecom-OrangeFR | false | |
187.190.166.141 | unknown | Mexico | 17072 | TOTALPLAYTELECOMUNICACIONESSADECVMX | false | |
177.52.82.94 | unknown | Brazil | 262439 | JARDNETINFORMATICALTDA-EPPBR | false | |
79.190.191.74 | unknown | Poland | 5617 | TPNETPL | false | |
77.172.35.225 | unknown | Netherlands | 1136 | KPNKPNNationalEU | false | |
190.56.32.232 | unknown | Guatemala | 14754 | TelguaGT | false | |
199.45.219.152 | unknown | United States | 2379 | CENTURYLINK-LEGACY-EMBARQ-WNPKUS | false | |
58.241.139.153 | unknown | China | 4837 | CHINA169-BACKBONECHINAUNICOMChina169BackboneCN | false | |
190.101.84.250 | unknown | Chile | 22047 | VTRBANDAANCHASACL | false | |
41.193.87.152 | unknown | South Africa | 11845 | Vox-TelecomZA | false | |
5.3.252.254 | unknown | Russian Federation | 50543 | SARATOV-ASRU | false | |
79.177.128.82 | unknown | Israel | 8551 | BEZEQ-INTERNATIONAL-ASBezeqintInternetBackboneIL | false | |
222.187.254.73 | unknown | China | 4134 | CHINANET-BACKBONENo31Jin-rongStreetCN | false | |
81.101.129.89 | unknown | United Kingdom | 5089 | NTLGB | false | |
113.148.125.188 | unknown | Japan | 2516 | KDDIKDDICORPORATIONJP | false | |
144.217.181.115 | unknown | Canada | 16276 | OVHFR | false | |
109.94.85.146 | unknown | Russian Federation | 50060 | ANNETRU | false | |
190.240.69.24 | unknown | Colombia | 13489 | EPMTelecomunicacionesSAESPCO | false | |
190.193.152.141 | unknown | Argentina | 10481 | TelecomArgentinaSAAR | false | |
117.24.165.173 | unknown | China | 133776 | CHINATELECOM-FUJIAN-QUANZHOU-IDC1QuanzhouCN | false | |
179.96.135.23 | unknown | Brazil | 28634 | LifeTecnologiaLtdaBR | false | |
82.221.103.244 | router.utorrent.com | Iceland | 50613 | THORDC-ASIS | false | |
113.89.244.83 | unknown | China | 4134 | CHINANET-BACKBONENo31Jin-rongStreetCN | false | |
188.2.115.47 | unknown | Serbia | 31042 | SERBIA-BROADBAND-ASSerbiaBroadBand-SrpskeKablovskemreze | false | |
148.71.121.183 | unknown | Portugal | 12353 | VODAFONE-PTVodafonePortugalPT | false | |
54.70.174.84 | unknown | United States | 16509 | AMAZON-02US | false | |
198.162.193.189 | unknown | United States | 46231 | WATCHCOMM-INUS | false | |
79.185.46.91 | unknown | Poland | 5617 | TPNETPL | false | |
176.226.202.11 | unknown | Russian Federation | 8369 | INTERSVYAZ-AS38-BKomsomolskyprospektRU | false | |
92.16.182.203 | unknown | United Kingdom | 13285 | OPALTELECOM-ASTalkTalkCommunicationsLimitedGB | false | |
117.24.165.65 | unknown | China | 133776 | CHINATELECOM-FUJIAN-QUANZHOU-IDC1QuanzhouCN | false | |
177.52.48.235 | unknown | Brazil | 28198 | IsimplesTelecomeHardwareLtdaBR | false | |
91.192.20.140 | unknown | Russian Federation | 42291 | ISTRANET-ASIstranetLLCASRU | false | |
91.121.7.132 | unknown | France | 16276 | OVHFR | false | |
2.103.108.201 | unknown | United Kingdom | 13285 | OPALTELECOM-ASTalkTalkCommunicationsLimitedGB | false | |
45.238.183.98 | unknown | Colombia | 266860 | CONEXIONDIGITALEXPRESSSASCO | false | |
82.39.237.234 | unknown | United Kingdom | 5089 | NTLGB | false | |
68.226.67.22 | unknown | United States | 22773 | ASN-CXA-ALL-CCI-22773-RDCUS | false | |
213.94.41.136 | unknown | Spain | 3313 | INET-ASIT | false | |
189.196.45.102 | unknown | Mexico | 13999 | MegaCableSAdeCVMX | false | |
175.204.168.7 | unknown | Korea Republic of | 4766 | KIXS-AS-KRKoreaTelecomKR | false | |
54.77.218.23 | unknown | United States | 16509 | AMAZON-02US | false | |
144.76.166.157 | unknown | Germany | 24940 | HETZNER-ASDE | false | |
113.26.87.94 | unknown | China | 4134 | CHINANET-BACKBONENo31Jin-rongStreetCN | false | |
79.140.117.203 | unknown | Germany | 15366 | DNSNETGermanInternetServiceProvidersDE | false | |
201.188.189.46 | unknown | Chile | 7418 | TELEFONICACHILESACL | false | |
213.80.212.27 | unknown | Russian Federation | 15974 | VTT-ASISPSaratovRussiaRU | false | |
124.91.148.108 | unknown | China | 4837 | CHINA169-BACKBONECHINAUNICOMChina169BackboneCN | false | |
211.48.88.198 | unknown | Korea Republic of | 4766 | KIXS-AS-KRKoreaTelecomKR | false | |
67.215.246.10 | router.bittorrent.com | United States | 8100 | ASN-QUADRANET-GLOBALUS | false | |
83.222.166.141 | unknown | Bulgaria | 12615 | GCN-ASGCNAD-SofiaBulgariaBG | false | |
91.175.39.237 | unknown | France | 12322 | PROXADFR | false | |
103.199.205.126 | unknown | India | 9829 | BSNL-NIBNationalInternetBackboneIN | false | |
106.14.195.230 | unknown | China | 37963 | CNNIC-ALIBABA-CN-NET-APHangzhouAlibabaAdvertisingCoLtd | false | |
112.118.83.13 | unknown | Hong Kong | 4760 | HKTIMS-APHKTLimitedHK | false | |
91.239.227.43 | unknown | unknown | 14576 | HOSTING-SOLUTIONSUS | false | |
178.247.145.191 | unknown | Turkey | 16135 | TURKCELL-ASTurkcellASTR | false | |
98.209.107.208 | unknown | United States | 7922 | COMCAST-7922US | false | |
82.50.89.36 | unknown | Italy | 3269 | ASN-IBSNAZIT | false | |
94.68.18.162 | unknown | Greece | 6799 | OTENET-GRAthens-GreeceGR | false | |
2.183.108.235 | unknown | Iran (ISLAMIC Republic Of) | 58224 | TCIIR | false | |
90.201.53.148 | unknown | United Kingdom | 5607 | BSKYB-BROADBAND-ASGB | false | |
188.65.232.39 | unknown | Russian Federation | 38984 | M9COM-ASRU | false | |
188.255.55.114 | unknown | Russian Federation | 42610 | NCNET-ASRU | false |
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
82.221.103.244 | Get hash | malicious | Mirai | Browse | ||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Mirai | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
190.193.152.141 | Get hash | malicious | Unknown | Browse |
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
router.bittorrent.com | Get hash | malicious | Mirai | Browse |
| |
Get hash | malicious | HTMLPhisher, Mirai | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
router.utorrent.com | Get hash | malicious | Mirai | Browse |
| |
Get hash | malicious | HTMLPhisher, Mirai | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
daisy.ubuntu.com | Get hash | malicious | Unknown | Browse |
| |
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
|
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
CNCGROUP-GZChinaUnicomGuangzhounetworkCN | Get hash | malicious | Mirai | Browse |
| |
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
UninetSAdeCVMX | Get hash | malicious | Mirai | Browse |
| |
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
UninetSAdeCVMX | Get hash | malicious | Mirai | Browse |
| |
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
ENTELCHILESACL | Get hash | malicious | Mirai | Browse |
| |
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
|
Process: | /tmp/.i.elf |
File Type: | |
Category: | dropped |
Size (bytes): | 12 |
Entropy (8bit): | 3.2516291673878226 |
Encrypted: | false |
SSDEEP: | 3:TgLxl:TgLj |
MD5: | E4B87097E4B36E14500B9CE57C45EA25 |
SHA1: | DE3D58C12CA45D58E41455D0B693AF835D7F7361 |
SHA-256: | 7AD8A46FA4EADA251D0628721EEA0DE6EA917EC6B820146172179FFA68FC44A8 |
SHA-512: | 53CD8469E5F84281D446318E05BBA7B4A0D93FBF7567B663E875E9BBE95453E83E1C233140DBEBFC50C64F981CF1C007A1A573C508AE676BBE78F07C38DA4D43 |
Malicious: | false |
Reputation: | moderate, very likely benign file |
Preview: |
File type: | |
Entropy (8bit): | 7.981094611090621 |
TrID: |
|
File name: | .i.elf |
File size: | 84'960 bytes |
MD5: | 4e6cf38ca04c64bbbc0de39518340fa3 |
SHA1: | b43aa81c8fe3f4b520a1c53557c8e477100530e1 |
SHA256: | a625601d8fe1f59102fcec617bbf4afa1f81ee305d5e8b93822541a65f7ea498 |
SHA512: | aae55dffe4e5a803d0b392202581f6ffa6c78dc84afcd092b847cf218020c6146959bc522485a2ee2d3dc031bd1b63fac801fc89b6b3efbd357eb2b4a261d27d |
SSDEEP: | 1536:m3LqE6rUQWzVQR7iAGEcUT5PIi7pLqBNs4LOjcwf4nB6XuzGNy+iSc7tNUZN:mOE6PWo1T5bz4LVMXuzVNScWN |
TLSH: | 438312CFA4598B66EC79CDF809DB59004D46621E738B75EF630C959C6038B862C8E92F |
File Content Preview: | .ELF.................... /..4...........4. ...(......................A...A....................G...G...................}l........................_..........?.E.h;....#....3.FR..gcpC....2.*..]8v. .....'..pw...rW.U.S.....(.|W.H..?#.$0......m.r...U....:...&.. |
ELF header | |
---|---|
Class: | |
Data: | |
Version: | |
Machine: | |
Version Number: | |
Type: | |
OS/ABI: | |
ABI Version: | 0 |
Entry Point Address: | |
Flags: | |
ELF Header Size: | 52 |
Program Header Offset: | 52 |
Program Header Size: | 32 |
Number of Program Headers: | 2 |
Section Header Offset: | 0 |
Section Header Size: | 40 |
Number of Section Headers: | 0 |
Header String Table Index: | 0 |
Type | Offset | Virtual Address | Physical Address | File Size | Memory Size | Entropy | Flags | Flags Description | Align | Prog Interpreter | Section Mappings |
---|---|---|---|---|---|---|---|---|---|---|---|
LOAD | 0x0 | 0x100000 | 0x100000 | 0x14195 | 0x14195 | 7.9807 | 0x5 | R E | 0x10000 | ||
LOAD | 0xa5a0 | 0x47a5a0 | 0x47a5a0 | 0x0 | 0x0 | 0.0000 | 0x6 | RW | 0x10000 |
Download Network PCAP: filtered – full
- Total Packets: 128
- 52 Ports have been hidden.
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Apr 19, 2025 04:10:15.952626944 CEST | 33246 | 53 | 192.168.2.13 | 1.1.1.1 |
Apr 19, 2025 04:10:16.056447029 CEST | 53 | 33246 | 1.1.1.1 | 192.168.2.13 |
Apr 19, 2025 04:10:16.057236910 CEST | 11002 | 6881 | 192.168.2.13 | 82.221.103.244 |
Apr 19, 2025 04:10:16.060806036 CEST | 45541 | 53 | 192.168.2.13 | 1.1.1.1 |
Apr 19, 2025 04:10:16.165128946 CEST | 53 | 45541 | 1.1.1.1 | 192.168.2.13 |
Apr 19, 2025 04:10:16.165416956 CEST | 11002 | 6881 | 192.168.2.13 | 67.215.246.10 |
Apr 19, 2025 04:10:16.316452980 CEST | 6881 | 11002 | 67.215.246.10 | 192.168.2.13 |
Apr 19, 2025 04:10:28.821393013 CEST | 11002 | 6881 | 192.168.2.13 | 67.215.246.10 |
Apr 19, 2025 04:10:28.972541094 CEST | 6881 | 11002 | 67.215.246.10 | 192.168.2.13 |
Apr 19, 2025 04:10:28.973229885 CEST | 11002 | 4093 | 192.168.2.13 | 79.140.117.203 |
Apr 19, 2025 04:10:28.973470926 CEST | 11002 | 26761 | 192.168.2.13 | 5.3.252.254 |
Apr 19, 2025 04:10:36.817925930 CEST | 11002 | 27542 | 192.168.2.13 | 77.172.35.225 |
Apr 19, 2025 04:10:56.836416960 CEST | 11002 | 12423 | 192.168.2.13 | 14.192.214.208 |
Apr 19, 2025 04:11:06.829751968 CEST | 11002 | 27542 | 192.168.2.13 | 77.172.35.225 |
Apr 19, 2025 04:11:11.824273109 CEST | 11002 | 6881 | 192.168.2.13 | 82.221.103.244 |
Apr 19, 2025 04:11:11.827050924 CEST | 11002 | 6881 | 192.168.2.13 | 67.215.246.10 |
Apr 19, 2025 04:11:11.978363037 CEST | 6881 | 11002 | 67.215.246.10 | 192.168.2.13 |
Apr 19, 2025 04:11:13.837199926 CEST | 11002 | 6881 | 192.168.2.13 | 80.11.235.118 |
Apr 19, 2025 04:11:13.837557077 CEST | 11002 | 37746 | 192.168.2.13 | 181.42.46.105 |
Apr 19, 2025 04:11:13.837620020 CEST | 11002 | 45956 | 192.168.2.13 | 190.193.152.141 |
Apr 19, 2025 04:11:14.102586031 CEST | 45956 | 11002 | 190.193.152.141 | 192.168.2.13 |
Apr 19, 2025 04:11:14.103755951 CEST | 11002 | 26761 | 192.168.2.13 | 5.3.252.254 |
Apr 19, 2025 04:11:14.103993893 CEST | 11002 | 55604 | 192.168.2.13 | 190.240.69.24 |
Apr 19, 2025 04:11:14.104041100 CEST | 11002 | 37982 | 192.168.2.13 | 189.139.172.241 |
Apr 19, 2025 04:11:14.104155064 CEST | 11002 | 53324 | 192.168.2.13 | 103.199.205.126 |
Apr 19, 2025 04:11:14.104362965 CEST | 11002 | 55604 | 192.168.2.13 | 190.240.69.24 |
Apr 19, 2025 04:11:14.269282103 CEST | 37746 | 11002 | 181.42.46.105 | 192.168.2.13 |
Apr 19, 2025 04:11:14.269747019 CEST | 11002 | 12999 | 192.168.2.13 | 177.52.82.94 |
Apr 19, 2025 04:11:14.353575945 CEST | 37982 | 11002 | 189.139.172.241 | 192.168.2.13 |
Apr 19, 2025 04:11:22.807239056 CEST | 55604 | 11002 | 190.240.69.24 | 192.168.2.13 |
Apr 19, 2025 04:11:22.811876059 CEST | 55604 | 11002 | 190.240.69.24 | 192.168.2.13 |
Apr 19, 2025 04:11:22.812293053 CEST | 11002 | 25324 | 192.168.2.13 | 117.24.165.173 |
Apr 19, 2025 04:11:23.177470922 CEST | 25324 | 11002 | 117.24.165.173 | 192.168.2.13 |
Apr 19, 2025 04:11:23.177874088 CEST | 11002 | 36141 | 192.168.2.13 | 117.24.165.65 |
Apr 19, 2025 04:11:23.541089058 CEST | 36141 | 11002 | 117.24.165.65 | 192.168.2.13 |
Apr 19, 2025 04:11:23.541846037 CEST | 11002 | 33676 | 192.168.2.13 | 124.91.148.108 |
Apr 19, 2025 04:11:23.858941078 CEST | 33676 | 11002 | 124.91.148.108 | 192.168.2.13 |
Apr 19, 2025 04:11:23.859200954 CEST | 11002 | 12298 | 192.168.2.13 | 119.34.160.228 |
Apr 19, 2025 04:11:24.225239992 CEST | 12298 | 11002 | 119.34.160.228 | 192.168.2.13 |
Apr 19, 2025 04:11:24.225754976 CEST | 11002 | 6887 | 192.168.2.13 | 58.241.139.153 |
Apr 19, 2025 04:11:24.561433077 CEST | 6887 | 11002 | 58.241.139.153 | 192.168.2.13 |
Apr 19, 2025 04:11:24.561995983 CEST | 11002 | 55642 | 192.168.2.13 | 2.103.108.201 |
Apr 19, 2025 04:11:24.779799938 CEST | 55642 | 11002 | 2.103.108.201 | 192.168.2.13 |
Apr 19, 2025 04:11:24.780297995 CEST | 11002 | 27596 | 192.168.2.13 | 81.101.129.89 |
Apr 19, 2025 04:11:24.999911070 CEST | 27596 | 11002 | 81.101.129.89 | 192.168.2.13 |
Apr 19, 2025 04:11:25.000396967 CEST | 11002 | 11018 | 192.168.2.13 | 112.118.83.13 |
Apr 19, 2025 04:11:25.291387081 CEST | 11018 | 11002 | 112.118.83.13 | 192.168.2.13 |
Apr 19, 2025 04:11:25.291934967 CEST | 11002 | 6881 | 192.168.2.13 | 148.71.121.183 |
Apr 19, 2025 04:11:25.513098001 CEST | 6881 | 11002 | 148.71.121.183 | 192.168.2.13 |
Apr 19, 2025 04:11:25.513509035 CEST | 11002 | 23759 | 192.168.2.13 | 178.247.145.191 |
Apr 19, 2025 04:11:25.895029068 CEST | 23759 | 11002 | 178.247.145.191 | 192.168.2.13 |
Apr 19, 2025 04:11:25.895442963 CEST | 11002 | 6881 | 192.168.2.13 | 188.255.55.114 |
Apr 19, 2025 04:11:26.117170095 CEST | 6881 | 11002 | 188.255.55.114 | 192.168.2.13 |
Apr 19, 2025 04:11:26.118089914 CEST | 11002 | 62788 | 192.168.2.13 | 109.94.85.146 |
Apr 19, 2025 04:11:26.366674900 CEST | 62788 | 11002 | 109.94.85.146 | 192.168.2.13 |
Apr 19, 2025 04:11:26.367181063 CEST | 11002 | 5889 | 192.168.2.13 | 91.192.20.140 |
Apr 19, 2025 04:11:26.610910892 CEST | 5889 | 11002 | 91.192.20.140 | 192.168.2.13 |
Apr 19, 2025 04:11:26.611325979 CEST | 11002 | 33231 | 192.168.2.13 | 211.48.88.198 |
Apr 19, 2025 04:11:26.891079903 CEST | 33231 | 11002 | 211.48.88.198 | 192.168.2.13 |
Apr 19, 2025 04:11:26.891633034 CEST | 11002 | 4609 | 192.168.2.13 | 78.85.4.135 |
Apr 19, 2025 04:11:27.150685072 CEST | 4609 | 11002 | 78.85.4.135 | 192.168.2.13 |
Apr 19, 2025 04:11:27.151371956 CEST | 11002 | 22535 | 192.168.2.13 | 213.94.41.136 |
Apr 19, 2025 04:11:27.387276888 CEST | 22535 | 11002 | 213.94.41.136 | 192.168.2.13 |
Apr 19, 2025 04:11:27.387873888 CEST | 11002 | 26584 | 192.168.2.13 | 41.193.87.152 |
Apr 19, 2025 04:11:27.704854965 CEST | 26584 | 11002 | 41.193.87.152 | 192.168.2.13 |
Apr 19, 2025 04:11:27.705176115 CEST | 11002 | 51145 | 192.168.2.13 | 201.188.189.46 |
Apr 19, 2025 04:11:27.828964949 CEST | 11002 | 1313 | 192.168.2.13 | 195.98.68.52 |
Apr 19, 2025 04:11:27.994362116 CEST | 51145 | 11002 | 201.188.189.46 | 192.168.2.13 |
Apr 19, 2025 04:11:27.994707108 CEST | 11002 | 6881 | 192.168.2.13 | 80.11.235.118 |
Apr 19, 2025 04:11:27.994816065 CEST | 11002 | 25921 | 192.168.2.13 | 91.175.39.237 |
Apr 19, 2025 04:11:28.206842899 CEST | 25921 | 11002 | 91.175.39.237 | 192.168.2.13 |
Apr 19, 2025 04:11:28.207190990 CEST | 11002 | 1797 | 192.168.2.13 | 91.239.227.43 |
Apr 19, 2025 04:11:28.496103048 CEST | 1797 | 11002 | 91.239.227.43 | 192.168.2.13 |
Apr 19, 2025 04:11:28.496565104 CEST | 11002 | 61706 | 192.168.2.13 | 99.240.197.244 |
Apr 19, 2025 04:11:28.653723001 CEST | 61706 | 11002 | 99.240.197.244 | 192.168.2.13 |
Apr 19, 2025 04:11:28.654252052 CEST | 11002 | 8983 | 192.168.2.13 | 45.238.183.98 |
Apr 19, 2025 04:11:28.855885983 CEST | 8983 | 11002 | 45.238.183.98 | 192.168.2.13 |
Apr 19, 2025 04:11:28.856153965 CEST | 11002 | 1793 | 192.168.2.13 | 79.177.128.82 |
Apr 19, 2025 04:11:29.821762085 CEST | 11002 | 54102 | 192.168.2.13 | 68.226.67.22 |
Apr 19, 2025 04:11:29.997320890 CEST | 54102 | 11002 | 68.226.67.22 | 192.168.2.13 |
Apr 19, 2025 04:11:29.997514963 CEST | 11002 | 50639 | 192.168.2.13 | 190.56.32.232 |
Apr 19, 2025 04:11:29.997525930 CEST | 11002 | 27542 | 192.168.2.13 | 77.172.35.225 |
Apr 19, 2025 04:11:29.997555971 CEST | 11002 | 47204 | 192.168.2.13 | 98.209.107.208 |
Apr 19, 2025 04:11:29.997566938 CEST | 11002 | 12423 | 192.168.2.13 | 14.192.214.208 |
Apr 19, 2025 04:11:29.997575998 CEST | 11002 | 56521 | 192.168.2.13 | 90.201.53.148 |
Apr 19, 2025 04:11:29.997658014 CEST | 11002 | 6881 | 192.168.2.13 | 82.39.237.234 |
Apr 19, 2025 04:11:29.997658014 CEST | 11002 | 4093 | 192.168.2.13 | 79.140.117.203 |
Apr 19, 2025 04:11:30.222234964 CEST | 6881 | 11002 | 82.39.237.234 | 192.168.2.13 |
Apr 19, 2025 04:11:30.263525963 CEST | 47204 | 11002 | 98.209.107.208 | 192.168.2.13 |
Apr 19, 2025 04:11:30.330301046 CEST | 56521 | 11002 | 90.201.53.148 | 192.168.2.13 |
Apr 19, 2025 04:11:30.835170984 CEST | 11002 | 1313 | 192.168.2.13 | 195.98.68.52 |
Apr 19, 2025 04:11:30.879590988 CEST | 55604 | 11002 | 190.240.69.24 | 192.168.2.13 |
Apr 19, 2025 04:11:30.883054018 CEST | 11002 | 55604 | 192.168.2.13 | 190.240.69.24 |
Apr 19, 2025 04:11:31.828768969 CEST | 11002 | 20550 | 192.168.2.13 | 83.222.166.141 |
Apr 19, 2025 04:11:31.828769922 CEST | 11002 | 6881 | 192.168.2.13 | 213.80.212.27 |
Apr 19, 2025 04:11:31.828768969 CEST | 11002 | 6881 | 192.168.2.13 | 54.70.174.84 |
Apr 19, 2025 04:11:33.303220987 CEST | 6881 | 11002 | 54.70.174.84 | 192.168.2.13 |
Apr 19, 2025 04:11:33.303652048 CEST | 11002 | 26761 | 192.168.2.13 | 5.3.252.254 |
Apr 19, 2025 04:11:33.303708076 CEST | 11002 | 16495 | 192.168.2.13 | 199.45.219.152 |
Apr 19, 2025 04:11:33.420347929 CEST | 16495 | 11002 | 199.45.219.152 | 192.168.2.13 |
Apr 19, 2025 04:11:33.420659065 CEST | 11002 | 53324 | 192.168.2.13 | 103.199.205.126 |
Apr 19, 2025 04:11:33.420892000 CEST | 11002 | 23860 | 192.168.2.13 | 179.96.135.23 |
Apr 19, 2025 04:11:33.829616070 CEST | 53324 | 11002 | 103.199.205.126 | 192.168.2.13 |
Apr 19, 2025 04:11:34.966257095 CEST | 37982 | 11002 | 189.139.172.241 | 192.168.2.13 |
Apr 19, 2025 04:11:34.966557980 CEST | 11002 | 37982 | 192.168.2.13 | 189.139.172.241 |
Apr 19, 2025 04:11:39.823450089 CEST | 11002 | 36939 | 192.168.2.13 | 92.16.182.203 |
Apr 19, 2025 04:11:42.826087952 CEST | 11002 | 36939 | 192.168.2.13 | 92.16.182.203 |
Apr 19, 2025 04:11:47.825993061 CEST | 11002 | 56521 | 192.168.2.13 | 90.201.53.148 |
Apr 19, 2025 04:11:48.148854971 CEST | 56521 | 11002 | 90.201.53.148 | 192.168.2.13 |
Apr 19, 2025 04:11:48.149305105 CEST | 11002 | 50000 | 192.168.2.13 | 144.76.166.157 |
Apr 19, 2025 04:11:48.149307013 CEST | 11002 | 50639 | 192.168.2.13 | 190.56.32.232 |
Apr 19, 2025 04:11:48.149347067 CEST | 11002 | 12423 | 192.168.2.13 | 14.192.214.208 |
Apr 19, 2025 04:11:48.149348021 CEST | 11002 | 4093 | 192.168.2.13 | 79.140.117.203 |
Apr 19, 2025 04:11:48.357132912 CEST | 50000 | 11002 | 144.76.166.157 | 192.168.2.13 |
Apr 19, 2025 04:11:50.836604118 CEST | 11002 | 6881 | 192.168.2.13 | 213.80.212.27 |
Apr 19, 2025 04:11:50.836613894 CEST | 11002 | 47778 | 192.168.2.13 | 189.129.211.64 |
Apr 19, 2025 04:11:50.836621046 CEST | 11002 | 1642 | 192.168.2.13 | 187.190.166.141 |
Apr 19, 2025 04:11:51.824296951 CEST | 11002 | 63259 | 192.168.2.13 | 198.162.193.189 |
Apr 19, 2025 04:11:54.842845917 CEST | 11002 | 63259 | 192.168.2.13 | 198.162.193.189 |
Apr 19, 2025 04:11:55.828182936 CEST | 11002 | 50000 | 192.168.2.13 | 144.76.166.157 |
Apr 19, 2025 04:11:56.036103010 CEST | 50000 | 11002 | 144.76.166.157 | 192.168.2.13 |
Apr 19, 2025 04:12:03.828242064 CEST | 11002 | 3476 | 192.168.2.13 | 177.52.48.235 |
Apr 19, 2025 04:12:06.832129955 CEST | 11002 | 3476 | 192.168.2.13 | 177.52.48.235 |
Apr 19, 2025 04:12:07.818834066 CEST | 11002 | 47778 | 192.168.2.13 | 189.129.211.64 |
Apr 19, 2025 04:12:07.818833113 CEST | 11002 | 1642 | 192.168.2.13 | 187.190.166.141 |
Apr 19, 2025 04:12:07.818840027 CEST | 11002 | 6881 | 192.168.2.13 | 213.80.212.27 |
Apr 19, 2025 04:12:07.818881035 CEST | 11002 | 12423 | 192.168.2.13 | 14.192.214.208 |
Apr 19, 2025 04:12:07.818963051 CEST | 11002 | 6881 | 192.168.2.13 | 82.50.89.36 |
Apr 19, 2025 04:12:13.833345890 CEST | 11002 | 4093 | 192.168.2.13 | 79.140.117.203 |
Apr 19, 2025 04:12:15.825669050 CEST | 11002 | 35216 | 192.168.2.13 | 188.2.115.47 |
Apr 19, 2025 04:12:18.827795982 CEST | 11002 | 35216 | 192.168.2.13 | 188.2.115.47 |
Apr 19, 2025 04:12:24.830338955 CEST | 11002 | 47778 | 192.168.2.13 | 189.129.211.64 |
Apr 19, 2025 04:12:24.830424070 CEST | 11002 | 1642 | 192.168.2.13 | 187.190.166.141 |
Apr 19, 2025 04:12:24.830449104 CEST | 11002 | 6881 | 192.168.2.13 | 54.70.174.84 |
Apr 19, 2025 04:12:25.011116028 CEST | 6881 | 11002 | 54.70.174.84 | 192.168.2.13 |
Apr 19, 2025 04:12:25.011698008 CEST | 11002 | 23860 | 192.168.2.13 | 179.96.135.23 |
Apr 19, 2025 04:12:27.831864119 CEST | 11002 | 50118 | 192.168.2.13 | 188.65.232.39 |
Apr 19, 2025 04:12:30.850469112 CEST | 11002 | 50118 | 192.168.2.13 | 188.65.232.39 |
Apr 19, 2025 04:12:35.827383041 CEST | 11002 | 4093 | 192.168.2.13 | 79.140.117.203 |
Apr 19, 2025 04:12:39.834692001 CEST | 11002 | 42399 | 192.168.2.13 | 2.183.108.235 |
Apr 19, 2025 04:12:42.836419106 CEST | 11002 | 42399 | 192.168.2.13 | 2.183.108.235 |
Apr 19, 2025 04:12:46.824215889 CEST | 11002 | 6881 | 192.168.2.13 | 54.70.174.84 |
Apr 19, 2025 04:12:46.824273109 CEST | 11002 | 20550 | 192.168.2.13 | 83.222.166.141 |
Apr 19, 2025 04:12:46.824321985 CEST | 11002 | 6881 | 192.168.2.13 | 190.101.84.250 |
Apr 19, 2025 04:12:47.010868073 CEST | 6881 | 11002 | 54.70.174.84 | 192.168.2.13 |
Apr 19, 2025 04:12:47.011132002 CEST | 11002 | 23860 | 192.168.2.13 | 179.96.135.23 |
Apr 19, 2025 04:12:51.827801943 CEST | 11002 | 26359 | 192.168.2.13 | 176.226.202.11 |
Apr 19, 2025 04:12:53.822525978 CEST | 11002 | 50000 | 192.168.2.13 | 144.76.166.157 |
Apr 19, 2025 04:12:54.030244112 CEST | 50000 | 11002 | 144.76.166.157 | 192.168.2.13 |
Apr 19, 2025 04:12:54.030464888 CEST | 11002 | 50639 | 192.168.2.13 | 190.56.32.232 |
Apr 19, 2025 04:12:54.030491114 CEST | 11002 | 7777 | 192.168.2.13 | 113.148.125.188 |
Apr 19, 2025 04:12:54.030530930 CEST | 11002 | 51413 | 192.168.2.13 | 91.121.7.132 |
Apr 19, 2025 04:12:54.228950977 CEST | 51413 | 11002 | 91.121.7.132 | 192.168.2.13 |
Apr 19, 2025 04:12:54.287508965 CEST | 7777 | 11002 | 113.148.125.188 | 192.168.2.13 |
Apr 19, 2025 04:12:54.831908941 CEST | 11002 | 26359 | 192.168.2.13 | 176.226.202.11 |
Apr 19, 2025 04:12:57.534353971 CEST | 54539 | 53 | 192.168.2.13 | 1.1.1.1 |
Apr 19, 2025 04:12:57.534353971 CEST | 51935 | 53 | 192.168.2.13 | 1.1.1.1 |
Apr 19, 2025 04:12:57.639065981 CEST | 53 | 54539 | 1.1.1.1 | 192.168.2.13 |
Apr 19, 2025 04:12:57.665714025 CEST | 53 | 51935 | 1.1.1.1 | 192.168.2.13 |
Apr 19, 2025 04:13:03.817977905 CEST | 11002 | 38004 | 192.168.2.13 | 79.190.191.74 |
Apr 19, 2025 04:13:03.817981005 CEST | 11002 | 54102 | 192.168.2.13 | 68.226.67.22 |
Apr 19, 2025 04:13:03.978985071 CEST | 54102 | 11002 | 68.226.67.22 | 192.168.2.13 |
Apr 19, 2025 04:13:04.822791100 CEST | 11002 | 53262 | 192.168.2.13 | 94.68.18.162 |
Apr 19, 2025 04:13:04.822792053 CEST | 11002 | 20550 | 192.168.2.13 | 83.222.166.141 |
Apr 19, 2025 04:13:04.822793007 CEST | 11002 | 6881 | 192.168.2.13 | 190.101.84.250 |
Apr 19, 2025 04:13:06.830307007 CEST | 11002 | 38004 | 192.168.2.13 | 79.190.191.74 |
Apr 19, 2025 04:13:15.834472895 CEST | 11002 | 4124 | 192.168.2.13 | 189.196.45.102 |
Apr 19, 2025 04:13:18.836452007 CEST | 11002 | 4124 | 192.168.2.13 | 189.196.45.102 |
Apr 19, 2025 04:13:20.835269928 CEST | 11002 | 6881 | 192.168.2.13 | 190.101.84.250 |
Apr 19, 2025 04:13:20.835319996 CEST | 11002 | 53262 | 192.168.2.13 | 94.68.18.162 |
Apr 19, 2025 04:13:20.835371017 CEST | 11002 | 6026 | 192.168.2.13 | 31.60.104.7 |
Apr 19, 2025 04:13:27.836966991 CEST | 11002 | 7777 | 192.168.2.13 | 113.148.125.188 |
Apr 19, 2025 04:13:27.837249994 CEST | 11002 | 35380 | 192.168.2.13 | 113.26.87.94 |
Apr 19, 2025 04:13:28.094536066 CEST | 7777 | 11002 | 113.148.125.188 | 192.168.2.13 |
Apr 19, 2025 04:13:28.094922066 CEST | 11002 | 6881 | 192.168.2.13 | 113.89.244.83 |
Apr 19, 2025 04:13:30.849471092 CEST | 11002 | 35380 | 192.168.2.13 | 113.26.87.94 |
Apr 19, 2025 04:13:39.829931021 CEST | 11002 | 46886 | 192.168.2.13 | 79.185.46.91 |
Apr 19, 2025 04:13:41.821784019 CEST | 11002 | 53262 | 192.168.2.13 | 94.68.18.162 |
Apr 19, 2025 04:13:41.821801901 CEST | 11002 | 6026 | 192.168.2.13 | 31.60.104.7 |
Apr 19, 2025 04:13:41.821810961 CEST | 11002 | 40736 | 192.168.2.13 | 175.204.168.7 |
Apr 19, 2025 04:13:42.100171089 CEST | 40736 | 11002 | 175.204.168.7 | 192.168.2.13 |
Apr 19, 2025 04:13:42.100569963 CEST | 11002 | 6881 | 192.168.2.13 | 80.11.235.118 |
Apr 19, 2025 04:13:42.101239920 CEST | 11002 | 63949 | 192.168.2.13 | 144.217.181.115 |
Apr 19, 2025 04:13:42.282850027 CEST | 63949 | 11002 | 144.217.181.115 | 192.168.2.13 |
Apr 19, 2025 04:13:42.283056021 CEST | 11002 | 17207 | 192.168.2.13 | 222.187.254.73 |
Apr 19, 2025 04:13:42.667357922 CEST | 17207 | 11002 | 222.187.254.73 | 192.168.2.13 |
Apr 19, 2025 04:13:42.667530060 CEST | 11002 | 6992 | 192.168.2.13 | 54.77.218.23 |
Apr 19, 2025 04:13:42.848156929 CEST | 11002 | 46886 | 192.168.2.13 | 79.185.46.91 |
Apr 19, 2025 04:13:42.885468960 CEST | 6992 | 11002 | 54.77.218.23 | 192.168.2.13 |
Apr 19, 2025 04:13:42.885575056 CEST | 11002 | 11159 | 192.168.2.13 | 106.14.195.230 |
Timestamp | Source IP | Dest IP | Checksum | Code | Type |
---|---|---|---|---|---|
Apr 19, 2025 04:10:37.021043062 CEST | 77.172.35.225 | 192.168.2.13 | cd88 | (Unknown) | Destination Unreachable |
Apr 19, 2025 04:11:07.033250093 CEST | 77.172.35.225 | 192.168.2.13 | 2f89 | (Unknown) | Destination Unreachable |
Apr 19, 2025 04:11:28.076100111 CEST | 195.98.68.52 | 192.168.2.13 | c780 | (Port unreachable) | Destination Unreachable |
Apr 19, 2025 04:11:30.199826956 CEST | 77.172.35.225 | 192.168.2.13 | 5252 | (Unknown) | Destination Unreachable |
Apr 19, 2025 04:11:31.082314968 CEST | 195.98.68.52 | 192.168.2.13 | c780 | (Port unreachable) | Destination Unreachable |
Apr 19, 2025 04:11:51.981739998 CEST | 198.162.193.189 | 192.168.2.13 | 484a | (Port unreachable) | Destination Unreachable |
Apr 19, 2025 04:11:54.983516932 CEST | 198.162.193.189 | 192.168.2.13 | 484a | (Port unreachable) | Destination Unreachable |
Apr 19, 2025 04:12:04.063796043 CEST | 177.52.48.235 | 192.168.2.13 | a209 | (Port unreachable) | Destination Unreachable |
Apr 19, 2025 04:12:07.068116903 CEST | 177.52.48.235 | 192.168.2.13 | a209 | (Port unreachable) | Destination Unreachable |
Apr 19, 2025 04:12:40.139062881 CEST | 2.183.108.235 | 192.168.2.13 | 2f8c | (Port unreachable) | Destination Unreachable |
Apr 19, 2025 04:12:43.138067007 CEST | 2.183.108.235 | 192.168.2.13 | 2f8c | (Port unreachable) | Destination Unreachable |
Apr 19, 2025 04:13:04.071635008 CEST | 79.190.191.74 | 192.168.2.13 | cef2 | (Port unreachable) | Destination Unreachable |
Apr 19, 2025 04:13:07.084460020 CEST | 79.190.191.74 | 192.168.2.13 | cef2 | (Port unreachable) | Destination Unreachable |
Apr 19, 2025 04:13:15.994328022 CEST | 189.196.45.102 | 192.168.2.13 | ab14 | (Port unreachable) | Destination Unreachable |
Apr 19, 2025 04:13:18.996287107 CEST | 189.196.45.102 | 192.168.2.13 | ab14 | (Port unreachable) | Destination Unreachable |
Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|
Apr 19, 2025 04:10:15.952626944 CEST | 192.168.2.13 | 1.1.1.1 | 0x6737 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Apr 19, 2025 04:10:16.060806036 CEST | 192.168.2.13 | 1.1.1.1 | 0x3d33 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Apr 19, 2025 04:12:57.534353971 CEST | 192.168.2.13 | 1.1.1.1 | 0xe0c0 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Apr 19, 2025 04:12:57.534353971 CEST | 192.168.2.13 | 1.1.1.1 | 0x9712 | Standard query (0) | 28 | IN (0x0001) | false |
Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|---|---|
Apr 19, 2025 04:10:16.056447029 CEST | 1.1.1.1 | 192.168.2.13 | 0x6737 | No error (0) | 82.221.103.244 | A (IP address) | IN (0x0001) | false | ||
Apr 19, 2025 04:10:16.165128946 CEST | 1.1.1.1 | 192.168.2.13 | 0x3d33 | No error (0) | 67.215.246.10 | A (IP address) | IN (0x0001) | false | ||
Apr 19, 2025 04:12:57.639065981 CEST | 1.1.1.1 | 192.168.2.13 | 0xe0c0 | No error (0) | 162.213.35.24 | A (IP address) | IN (0x0001) | false | ||
Apr 19, 2025 04:12:57.639065981 CEST | 1.1.1.1 | 192.168.2.13 | 0xe0c0 | No error (0) | 162.213.35.25 | A (IP address) | IN (0x0001) | false |
System Behavior
Start time (UTC): | 02:10:10 |
Start date (UTC): | 19/04/2025 |
Path: | /tmp/.i.elf |
Arguments: | /tmp/.i.elf |
File size: | 5773336 bytes |
MD5 hash: | 0d6f61f82cf2f781c6eb0661071d42d9 |
Start time (UTC): | 02:10:10 |
Start date (UTC): | 19/04/2025 |
Path: | /tmp/.i.elf |
Arguments: | - |
File size: | 5773336 bytes |
MD5 hash: | 0d6f61f82cf2f781c6eb0661071d42d9 |
Start time (UTC): | 02:10:14 |
Start date (UTC): | 19/04/2025 |
Path: | /tmp/.i.elf |
Arguments: | - |
File size: | 5773336 bytes |
MD5 hash: | 0d6f61f82cf2f781c6eb0661071d42d9 |
Start time (UTC): | 02:10:14 |
Start date (UTC): | 19/04/2025 |
Path: | /bin/sh |
Arguments: | sh -c "iptables -A INPUT -p tcp --destination-port 23 -j DROP" |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
Start time (UTC): | 02:10:14 |
Start date (UTC): | 19/04/2025 |
Path: | /bin/sh |
Arguments: | - |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
Start time (UTC): | 02:10:14 |
Start date (UTC): | 19/04/2025 |
Path: | /usr/sbin/iptables |
Arguments: | iptables -A INPUT -p tcp --destination-port 23 -j DROP |
File size: | 99296 bytes |
MD5 hash: | 1ab05fef765b6342cdfadaa5275b33af |
Start time (UTC): | 02:10:14 |
Start date (UTC): | 19/04/2025 |
Path: | /tmp/.i.elf |
Arguments: | - |
File size: | 5773336 bytes |
MD5 hash: | 0d6f61f82cf2f781c6eb0661071d42d9 |
Start time (UTC): | 02:10:14 |
Start date (UTC): | 19/04/2025 |
Path: | /bin/sh |
Arguments: | sh -c "iptables -A INPUT -p tcp --destination-port 7547 -j DROP" |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
Start time (UTC): | 02:10:14 |
Start date (UTC): | 19/04/2025 |
Path: | /bin/sh |
Arguments: | - |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
Start time (UTC): | 02:10:14 |
Start date (UTC): | 19/04/2025 |
Path: | /usr/sbin/iptables |
Arguments: | iptables -A INPUT -p tcp --destination-port 7547 -j DROP |
File size: | 99296 bytes |
MD5 hash: | 1ab05fef765b6342cdfadaa5275b33af |
Start time (UTC): | 02:10:14 |
Start date (UTC): | 19/04/2025 |
Path: | /tmp/.i.elf |
Arguments: | - |
File size: | 5773336 bytes |
MD5 hash: | 0d6f61f82cf2f781c6eb0661071d42d9 |
Start time (UTC): | 02:10:14 |
Start date (UTC): | 19/04/2025 |
Path: | /bin/sh |
Arguments: | sh -c "iptables -A INPUT -p tcp --destination-port 5555 -j DROP" |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
Start time (UTC): | 02:10:14 |
Start date (UTC): | 19/04/2025 |
Path: | /bin/sh |
Arguments: | - |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
Start time (UTC): | 02:10:14 |
Start date (UTC): | 19/04/2025 |
Path: | /usr/sbin/iptables |
Arguments: | iptables -A INPUT -p tcp --destination-port 5555 -j DROP |
File size: | 99296 bytes |
MD5 hash: | 1ab05fef765b6342cdfadaa5275b33af |
Start time (UTC): | 02:10:14 |
Start date (UTC): | 19/04/2025 |
Path: | /tmp/.i.elf |
Arguments: | - |
File size: | 5773336 bytes |
MD5 hash: | 0d6f61f82cf2f781c6eb0661071d42d9 |
Start time (UTC): | 02:10:14 |
Start date (UTC): | 19/04/2025 |
Path: | /bin/sh |
Arguments: | sh -c "iptables -A INPUT -p tcp --destination-port 5358 -j DROP" |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
Start time (UTC): | 02:10:14 |
Start date (UTC): | 19/04/2025 |
Path: | /bin/sh |
Arguments: | - |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
Start time (UTC): | 02:10:14 |
Start date (UTC): | 19/04/2025 |
Path: | /usr/sbin/iptables |
Arguments: | iptables -A INPUT -p tcp --destination-port 5358 -j DROP |
File size: | 99296 bytes |
MD5 hash: | 1ab05fef765b6342cdfadaa5275b33af |
Start time (UTC): | 02:10:14 |
Start date (UTC): | 19/04/2025 |
Path: | /tmp/.i.elf |
Arguments: | - |
File size: | 5773336 bytes |
MD5 hash: | 0d6f61f82cf2f781c6eb0661071d42d9 |
Start time (UTC): | 02:10:14 |
Start date (UTC): | 19/04/2025 |
Path: | /bin/sh |
Arguments: | sh -c "iptables -D INPUT -j CWMP_CR" |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
Start time (UTC): | 02:10:14 |
Start date (UTC): | 19/04/2025 |
Path: | /bin/sh |
Arguments: | - |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
Start time (UTC): | 02:10:14 |
Start date (UTC): | 19/04/2025 |
Path: | /usr/sbin/iptables |
Arguments: | iptables -D INPUT -j CWMP_CR |
File size: | 99296 bytes |
MD5 hash: | 1ab05fef765b6342cdfadaa5275b33af |
Start time (UTC): | 02:10:14 |
Start date (UTC): | 19/04/2025 |
Path: | /tmp/.i.elf |
Arguments: | - |
File size: | 5773336 bytes |
MD5 hash: | 0d6f61f82cf2f781c6eb0661071d42d9 |
Start time (UTC): | 02:10:14 |
Start date (UTC): | 19/04/2025 |
Path: | /bin/sh |
Arguments: | sh -c "iptables -X CWMP_CR" |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
Start time (UTC): | 02:10:14 |
Start date (UTC): | 19/04/2025 |
Path: | /bin/sh |
Arguments: | - |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
Start time (UTC): | 02:10:14 |
Start date (UTC): | 19/04/2025 |
Path: | /usr/sbin/iptables |
Arguments: | iptables -X CWMP_CR |
File size: | 99296 bytes |
MD5 hash: | 1ab05fef765b6342cdfadaa5275b33af |
Start time (UTC): | 02:10:14 |
Start date (UTC): | 19/04/2025 |
Path: | /tmp/.i.elf |
Arguments: | - |
File size: | 5773336 bytes |
MD5 hash: | 0d6f61f82cf2f781c6eb0661071d42d9 |
Start time (UTC): | 02:10:14 |
Start date (UTC): | 19/04/2025 |
Path: | /bin/sh |
Arguments: | sh -c "iptables -I INPUT -p udp --dport 11002 -j ACCEPT" |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
Start time (UTC): | 02:10:15 |
Start date (UTC): | 19/04/2025 |
Path: | /bin/sh |
Arguments: | - |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
Start time (UTC): | 02:10:15 |
Start date (UTC): | 19/04/2025 |
Path: | /usr/sbin/iptables |
Arguments: | iptables -I INPUT -p udp --dport 11002 -j ACCEPT |
File size: | 99296 bytes |
MD5 hash: | 1ab05fef765b6342cdfadaa5275b33af |