Linux Analysis Report
yakov.arm7.elf

Overview

General Information

Sample name: yakov.arm7.elf
Analysis ID: 1524327
MD5: 5b1f3db09b31b8ef14d8f8eb9ab0b9a3
SHA1: be7468e9560b82a81370fa14ae8b14d0e1df21a9
SHA256: f54e1156880d0f3e39fc0503230f94f0bbd5486ff8a15eae2a8d5f82b8663ff6
Tags: botnetelfMiraiyakovYakuzauser-NDA0E
Infos:

Detection

Mirai
Score: 68
Range: 0 - 100
Whitelisted: false

Signatures

Malicious sample detected (through community Yara rule)
Multi AV Scanner detection for submitted file
Yara detected Mirai
Sample is packed with UPX
Detected TCP or UDP traffic on non-standard ports
ELF contains segments with high entropy indicating compressed/encrypted content
Sample contains only a LOAD segment without any section mappings
Sample listens on a socket
Uses the "uname" system call to query kernel version information (possible evasion)
Yara signature match

Classification

Name Description Attribution Blogpost URLs Link
Mirai Mirai is one of the first significant botnets targeting exposed networking devices running Linux. Found in August 2016 by MalwareMustDie, its name means "future" in Japanese. Nowadays it targets a wide range of networked embedded devices such as IP cameras, home routers (many vendors involved), and other IoT devices. Since the source code was published on "Hack Forums" many variants of the Mirai family appeared, infecting mostly home networks all around the world. No Attribution https://malpedia.caad.fkie.fraunhofer.de/details/elf.mirai

AV Detection
barindex
Multi AV Scanner detection for submitted file
Source: yakov.arm7.elf ReversingLabs: Detection: 34%
Detected TCP or UDP traffic on non-standard ports
Source: global traffic TCP traffic: 192.168.2.13:43966 -> 87.120.114.147:3778
Sample listens on a socket
Source: /tmp/yakov.arm7.elf (PID: 5434) Socket: 127.0.0.1:40171 Jump to behavior
Source: unknown TCP traffic detected without corresponding DNS query: 87.120.114.147
Source: unknown TCP traffic detected without corresponding DNS query: 87.120.114.147
Source: unknown TCP traffic detected without corresponding DNS query: 87.120.114.147
Source: unknown TCP traffic detected without corresponding DNS query: 87.120.114.147
Source: unknown TCP traffic detected without corresponding DNS query: 1.163.2.196
Source: unknown TCP traffic detected without corresponding DNS query: 255.188.192.20
Source: unknown TCP traffic detected without corresponding DNS query: 136.36.208.140
Source: unknown TCP traffic detected without corresponding DNS query: 250.11.241.197
Source: unknown TCP traffic detected without corresponding DNS query: 83.95.75.166
Source: unknown TCP traffic detected without corresponding DNS query: 1.154.224.85
Source: unknown TCP traffic detected without corresponding DNS query: 201.31.163.172
Source: unknown TCP traffic detected without corresponding DNS query: 2.99.84.250
Source: unknown TCP traffic detected without corresponding DNS query: 138.209.173.35
Source: unknown TCP traffic detected without corresponding DNS query: 220.119.134.28
Source: unknown TCP traffic detected without corresponding DNS query: 84.3.37.236
Source: unknown TCP traffic detected without corresponding DNS query: 216.72.157.135
Source: unknown TCP traffic detected without corresponding DNS query: 68.157.9.3
Source: unknown TCP traffic detected without corresponding DNS query: 31.209.163.16
Source: unknown TCP traffic detected without corresponding DNS query: 14.192.248.195
Source: unknown TCP traffic detected without corresponding DNS query: 94.247.248.229
Source: unknown TCP traffic detected without corresponding DNS query: 86.43.251.139
Source: unknown TCP traffic detected without corresponding DNS query: 141.75.211.142
Source: unknown TCP traffic detected without corresponding DNS query: 146.178.24.147
Source: unknown TCP traffic detected without corresponding DNS query: 106.158.81.166
Source: unknown TCP traffic detected without corresponding DNS query: 190.185.15.13
Source: unknown TCP traffic detected without corresponding DNS query: 133.101.123.102
Source: unknown TCP traffic detected without corresponding DNS query: 156.47.175.90
Source: unknown TCP traffic detected without corresponding DNS query: 242.252.136.99
Source: unknown TCP traffic detected without corresponding DNS query: 197.34.79.173
Source: unknown TCP traffic detected without corresponding DNS query: 53.214.99.224
Source: unknown TCP traffic detected without corresponding DNS query: 78.180.16.126
Source: unknown TCP traffic detected without corresponding DNS query: 107.50.61.198
Source: unknown TCP traffic detected without corresponding DNS query: 136.109.221.242
Source: unknown TCP traffic detected without corresponding DNS query: 86.173.173.27
Source: unknown TCP traffic detected without corresponding DNS query: 144.71.168.197
Source: unknown TCP traffic detected without corresponding DNS query: 198.64.173.130
Source: unknown TCP traffic detected without corresponding DNS query: 65.134.100.163
Source: unknown TCP traffic detected without corresponding DNS query: 178.16.95.46
Source: unknown TCP traffic detected without corresponding DNS query: 241.67.119.214
Source: unknown TCP traffic detected without corresponding DNS query: 213.51.158.175
Source: unknown TCP traffic detected without corresponding DNS query: 14.54.193.140
Source: unknown TCP traffic detected without corresponding DNS query: 37.105.33.106
Source: unknown TCP traffic detected without corresponding DNS query: 253.207.132.152
Source: unknown TCP traffic detected without corresponding DNS query: 18.170.6.196
Source: unknown TCP traffic detected without corresponding DNS query: 151.189.60.140
Source: unknown TCP traffic detected without corresponding DNS query: 24.208.40.247
Source: unknown TCP traffic detected without corresponding DNS query: 217.7.74.195
Source: unknown TCP traffic detected without corresponding DNS query: 190.56.173.170
Source: unknown TCP traffic detected without corresponding DNS query: 99.75.117.118
Source: unknown TCP traffic detected without corresponding DNS query: 114.254.98.184
Source: yakov.arm7.elf String found in binary or memory: http://upx.sf.net

System Summary
barindex
Malicious sample detected (through community Yara rule)
Source: 5432.1.00007f3430017000.00007f343002b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
Source: 5432.1.00007f3430017000.00007f343002b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_ea92cca8 Author: unknown
Source: 5436.1.00007f3430017000.00007f343002b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
Source: 5436.1.00007f3430017000.00007f343002b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_ea92cca8 Author: unknown
Source: Process Memory Space: yakov.arm7.elf PID: 5432, type: MEMORYSTR Matched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
Source: Process Memory Space: yakov.arm7.elf PID: 5432, type: MEMORYSTR Matched rule: Linux_Trojan_Gafgyt_ea92cca8 Author: unknown
Source: Process Memory Space: yakov.arm7.elf PID: 5436, type: MEMORYSTR Matched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
Source: Process Memory Space: yakov.arm7.elf PID: 5436, type: MEMORYSTR Matched rule: Linux_Trojan_Gafgyt_ea92cca8 Author: unknown
Sample contains only a LOAD segment without any section mappings
Source: LOAD without section mappings Program segment: 0x8000
Yara signature match
Source: 5432.1.00007f3430017000.00007f343002b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
Source: 5432.1.00007f3430017000.00007f343002b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_ea92cca8 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = aa4aee9f3d6bedd8234eaf8778895a0f5d71c42b21f2a428f01f121e85704e8e, id = ea92cca8-bba7-4a1c-9b88-a2d051ad0021, last_modified = 2021-09-16
Source: 5436.1.00007f3430017000.00007f343002b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
Source: 5436.1.00007f3430017000.00007f343002b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_ea92cca8 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = aa4aee9f3d6bedd8234eaf8778895a0f5d71c42b21f2a428f01f121e85704e8e, id = ea92cca8-bba7-4a1c-9b88-a2d051ad0021, last_modified = 2021-09-16
Source: Process Memory Space: yakov.arm7.elf PID: 5432, type: MEMORYSTR Matched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
Source: Process Memory Space: yakov.arm7.elf PID: 5432, type: MEMORYSTR Matched rule: Linux_Trojan_Gafgyt_ea92cca8 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = aa4aee9f3d6bedd8234eaf8778895a0f5d71c42b21f2a428f01f121e85704e8e, id = ea92cca8-bba7-4a1c-9b88-a2d051ad0021, last_modified = 2021-09-16
Source: Process Memory Space: yakov.arm7.elf PID: 5436, type: MEMORYSTR Matched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
Source: Process Memory Space: yakov.arm7.elf PID: 5436, type: MEMORYSTR Matched rule: Linux_Trojan_Gafgyt_ea92cca8 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = aa4aee9f3d6bedd8234eaf8778895a0f5d71c42b21f2a428f01f121e85704e8e, id = ea92cca8-bba7-4a1c-9b88-a2d051ad0021, last_modified = 2021-09-16
Source: classification engine Classification label: mal68.troj.evad.linELF@0/0@0/0

Data Obfuscation
barindex
Sample is packed with UPX
Source: initial sample String containing UPX found: $Info: This file is packed with the UPX executable packer http://upx.sf.net $
Source: initial sample String containing UPX found: $Info: This file is packed with the UPX executable packer http://upx.sf.net $
Source: initial sample String containing UPX found: $Id: UPX 3.94 Copyright (C) 1996-2017 the UPX Team. All Rights Reserved. $
ELF contains segments with high entropy indicating compressed/encrypted content
Source: yakov.arm7.elf Submission file: segment LOAD with 7.9589 entropy (max. 8.0)
Uses the "uname" system call to query kernel version information (possible evasion)
Source: /tmp/yakov.arm7.elf (PID: 5432) Queries kernel information via 'uname': Jump to behavior
Source: yakov.arm7.elf, 5432.1.000055ed9079c000.000055ed9092c000.rw-.sdmp, yakov.arm7.elf, 5436.1.000055ed9079c000.000055ed9090a000.rw-.sdmp Binary or memory string: U!/etc/qemu-binfmt/arm
Source: yakov.arm7.elf, 5432.1.000055ed9079c000.000055ed9092c000.rw-.sdmp, yakov.arm7.elf, 5436.1.000055ed9079c000.000055ed9090a000.rw-.sdmp Binary or memory string: /etc/qemu-binfmt/arm
Source: yakov.arm7.elf, 5432.1.00007fff33aee000.00007fff33b0f000.rw-.sdmp, yakov.arm7.elf, 5436.1.00007fff33aee000.00007fff33b0f000.rw-.sdmp Binary or memory string: /usr/bin/qemu-arm
Source: yakov.arm7.elf, 5432.1.00007fff33aee000.00007fff33b0f000.rw-.sdmp, yakov.arm7.elf, 5436.1.00007fff33aee000.00007fff33b0f000.rw-.sdmp Binary or memory string: ,Tx86_64/usr/bin/qemu-arm/tmp/yakov.arm7.elfSUDO_USER=saturninoPATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/binDISPLAY=:1.0XAUTHORITY=/run/user/1000/gdm/XauthoritySUDO_UID=1000TERM=xterm-256colorCOLORTERM=truecolorLOGNAME=rootUSER=rootLANG=en_US.UTF-8SUDO_COMMAND=/bin/bashHOME=/rootMAIL=/var/mail/rootSUDO_GID=1000SHELL=/bin/bash/tmp/yakov.arm7.elf

Stealing of Sensitive Information
barindex
Yara detected Mirai
Source: Yara match File source: 5432.1.00007f3430017000.00007f343002b000.r-x.sdmp, type: MEMORY
Source: Yara match File source: 5436.1.00007f3430017000.00007f343002b000.r-x.sdmp, type: MEMORY
Source: Yara match File source: Process Memory Space: yakov.arm7.elf PID: 5432, type: MEMORYSTR
Source: Yara match File source: Process Memory Space: yakov.arm7.elf PID: 5436, type: MEMORYSTR

Remote Access Functionality
barindex
Yara detected Mirai
Source: Yara match File source: 5432.1.00007f3430017000.00007f343002b000.r-x.sdmp, type: MEMORY
Source: Yara match File source: 5436.1.00007f3430017000.00007f343002b000.r-x.sdmp, type: MEMORY
Source: Yara match File source: Process Memory Space: yakov.arm7.elf PID: 5432, type: MEMORYSTR
Source: Yara match File source: Process Memory Space: yakov.arm7.elf PID: 5436, type: MEMORYSTR

No Screenshots

  • No. of IPs < 25%
  • 25% < No. of IPs < 50%
  • 50% < No. of IPs < 75%
  • 75% < No. of IPs

Contacted Public IPs

IP Domain Country Flag ASN ASN Name Malicious
158.55.26.233
 unknown United States
11757 WHIRLPOOL-ASNUS false
145.76.244.74
 unknown Netherlands
1103 SURFNET-NLSURFnetTheNetherlandsNL false
14.179.255.52
 unknown Viet Nam
45899 VNPT-AS-VNVNPTCorpVN false
218.6.75.143
 unknown China
4134 CHINANET-BACKBONENo31Jin-rongStreetCN false
41.54.139.188
 unknown South Africa
37168 CELL-CZA false
57.203.72.83
 unknown Belgium
2686 ATGS-MMD-ASUS false
87.6.183.64
 unknown Italy
3269 ASN-IBSNAZIT false
93.135.222.60
 unknown Germany
6805 TDDE-ASN1DE false
61.255.202.0
 unknown Korea Republic of
9318 SKB-ASSKBroadbandCoLtdKR false
161.242.167.170
 unknown United States
15141 ASN-BAUSCH-LOMBUS false
195.76.73.127
 unknown Spain
3352 TELEFONICA_DE_ESPANAES false
185.201.33.153
 unknown United Kingdom
58273 B4RN-ASGB false
185.200.155.103
 unknown Russian Federation
199809 MAX-TELRU false
218.172.107.109
 unknown Taiwan; Republic of China (ROC)
3462 HINETDataCommunicationBusinessGroupTW false
37.46.86.199
 unknown Czech Republic
198171 HOSTING90UPSTREAMconnectivityCZ false
45.104.178.199
 unknown Egypt
37069 MOBINILEG false
100.50.152.220
 unknown United States
701 UUNETUS false
5.127.231.210
 unknown Iran (ISLAMIC Republic Of)
44244 IRANCELL-ASIR false
158.177.114.84
 unknown United States
36351 SOFTLAYERUS false
253.192.11.102
 unknown Reserved
unknown unknown false
207.26.25.194
 unknown United States
701 UUNETUS false
97.0.171.98
 unknown United States
22394 CELLCOUS false
87.20.82.84
 unknown Italy
3269 ASN-IBSNAZIT false
125.40.61.215
 unknown China
4837 CHINA169-BACKBONECHINAUNICOMChina169BackboneCN false
120.122.155.0
 unknown Taiwan; Republic of China (ROC)
17716 NTU-TWNationalTaiwanUniversityTW false
187.195.146.224
 unknown Mexico
8151 UninetSAdeCVMX false
126.122.176.108
 unknown Japan 17676 GIGAINFRASoftbankBBCorpJP false
114.19.184.250
 unknown Japan 2516 KDDIKDDICORPORATIONJP false
133.101.142.68
 unknown Japan 24254 KYOTO-SUKyotoSangyoUniversityJP false
113.201.215.177
 unknown China
4837 CHINA169-BACKBONECHINAUNICOMChina169BackboneCN false
100.33.181.116
 unknown United States
701 UUNETUS false
35.127.79.79
 unknown United States
237 MERIT-AS-14US false
213.125.205.131
 unknown Netherlands
33915 TNF-ASNL false
71.171.80.176
 unknown United States
701 UUNETUS false
110.154.179.44
 unknown China
4134 CHINANET-BACKBONENo31Jin-rongStreetCN false
118.188.206.233
 unknown China
137443 ANCHGLOBAL-AS-APAnchnetAsiaLimitedHK false
68.76.137.170
 unknown United States
7018 ATT-INTERNET4US false
19.226.51.157
 unknown United States
3 MIT-GATEWAYSUS false
77.33.197.172
 unknown Denmark
35612 NGI-ASIT false
245.54.248.146
 unknown Reserved
unknown unknown false
66.84.113.11
 unknown United States
27216 AIR-ADVANTAGE-ASNUS false
217.39.239.155
 unknown United Kingdom
2856 BT-UK-ASBTnetUKRegionalnetworkGB false
40.193.75.34
 unknown United States
4249 LILLY-ASUS false
143.21.186.254
 unknown United States
264008 LANCAMANTOANISERVICOSDEINFORMATICALTDA-MEBR false
193.214.45.7
 unknown Norway
2119 TELENOR-NEXTELTelenorNorgeASNO false
59.199.31.165
 unknown China
2516 KDDIKDDICORPORATIONJP false
220.236.182.141
 unknown Australia
4804 MPX-ASMicroplexPTYLTDAU false
208.85.174.50
 unknown United States
15189 VIMRO-AS15189US false
146.169.196.40
 unknown United Kingdom
786 JANETJiscServicesLimitedGB false
104.241.102.198
 unknown United States
36315 SERVPACUS false
222.118.200.80
 unknown Korea Republic of
4766 KIXS-AS-KRKoreaTelecomKR false
77.244.51.104
 unknown Switzerland
24951 EVERYWARE-NETCH false
51.9.86.193
 unknown United Kingdom
6871 PLUSNETUKInternetServiceProviderGB false
158.45.150.248
 unknown Australia
1221 ASN-TELSTRATelstraCorporationLtdAU false
189.155.237.125
 unknown Mexico
8151 UninetSAdeCVMX false
5.254.231.111
 unknown Russian Federation
12688 BAIKALTRANSTELECOMIrkutskRussiaRU false
178.45.229.114
 unknown Russian Federation
12389 ROSTELECOM-ASRU false
71.5.102.20
 unknown United States
2828 XO-AS15US false
190.193.239.205
 unknown Argentina
10481 TelecomArgentinaSAAR false
87.77.162.245
 unknown Germany
680 DFNVereinzurFoerderungeinesDeutschenForschungsnetzese false
118.34.246.117
 unknown Korea Republic of
4766 KIXS-AS-KRKoreaTelecomKR false
187.240.239.91
 unknown Mexico
13999 MegaCableSAdeCVMX false
166.70.47.167
 unknown United States
6315 XMISSIONUS false
122.209.120.109
 unknown Japan 17506 UCOMARTERIANetworksCorporationJP false
42.81.198.50
 unknown China
58542 CHINATELECOM-TIANJINTianjij300000CN false
18.214.158.31
 unknown United States
14618 AMAZON-AESUS false
142.92.88.141
 unknown Canada
818 DOC-ASCA false
153.243.230.123
 unknown Japan 4713 OCNNTTCommunicationsCorporationJP false
136.176.173.209
 unknown United States
26367 BRADLEY-UNIVERSITYUS false
73.163.171.77
 unknown United States
7922 COMCAST-7922US false
27.69.206.167
 unknown Viet Nam
7552 VIETEL-AS-APViettelGroupVN false
141.213.97.53
 unknown United States
36375 UMICH-AS-5US false
171.59.158.175
 unknown India
9874 STARHUB-MOBILEStarHubLtdSG false
141.49.34.72
 unknown Germany
60344 ASKLEPIOS-ASDE false
1.230.223.5
 unknown Korea Republic of
45980 CROSSONNET-AS-KRCrossOnNetIncKR false
211.134.31.250
 unknown Japan 2516 KDDIKDDICORPORATIONJP false
212.121.165.143
 unknown France
5436 BT-FRANCEBTFrance-TourArianeFR false
158.215.193.129
 unknown Japan 2907 SINET-ASResearchOrganizationofInformationandSystemsN false
42.248.36.194
 unknown China
4134 CHINANET-BACKBONENo31Jin-rongStreetCN false
1.215.101.206
 unknown Korea Republic of
3786 LGDACOMLGDACOMCorporationKR false
168.103.250.247
 unknown United States
209 CENTURYLINK-US-LEGACY-QWESTUS false
58.119.207.173
 unknown China
4847 CNIX-APChinaNetworksInter-ExchangeCN false
203.133.50.19
 unknown Taiwan; Republic of China (ROC)
9416 MULTIMEDIA-AS-APHoshinMultimediaCenterIncTW false
173.77.39.174
 unknown United States
701 UUNETUS false
101.52.224.166
 unknown China
45079 GDSNETGDSCHANGANSERVICESLtdCN false
176.80.177.19
 unknown Spain
3352 TELEFONICA_DE_ESPANAES false
104.230.204.69
 unknown United States
10796 TWC-10796-MIDWESTUS false
91.222.29.85
 unknown Russian Federation
196797 CITYTELENETRU false
121.152.216.226
 unknown Korea Republic of
4766 KIXS-AS-KRKoreaTelecomKR false
179.69.195.179
 unknown Brazil
7738 TelemarNorteLesteSABR false
180.255.128.57
 unknown Singapore
45143 SINGTELMOBILE-AS-APSINGTELMOBILEINTERNETSERVICEPROVIDER false
176.158.0.35
 unknown France
5410 BOUYGTEL-ISPFR false
108.128.211.34
 unknown United States
16509 AMAZON-02US false
47.251.246.193
 unknown United States
45102 CNNIC-ALIBABA-US-NET-APAlibabaUSTechnologyCoLtdC false
79.233.91.79
 unknown Germany
3320 DTAGInternetserviceprovideroperationsDE false
39.30.204.244
 unknown Korea Republic of
4766 KIXS-AS-KRKoreaTelecomKR false
66.92.157.133
 unknown United States
18566 MEGAPATH5-US false
151.248.25.46
 unknown Germany
197711 NYNEXDE false
117.246.29.26
 unknown India
9829 BSNL-NIBNationalInternetBackboneIN false
27.64.50.248
 unknown Viet Nam
7552 VIETEL-AS-APViettelGroupVN false