Source: Network traffic |
Suricata IDS: 2846526 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin : 192.168.2.13:39280 -> 57.129.51.86:4258 |
Source: Network traffic |
Suricata IDS: 2846526 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin : 192.168.2.13:39272 -> 57.129.51.86:4258 |
Source: Network traffic |
Suricata IDS: 2846526 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin : 192.168.2.13:39310 -> 57.129.51.86:4258 |
Source: Network traffic |
Suricata IDS: 2846526 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin : 192.168.2.13:39290 -> 57.129.51.86:4258 |
Source: Network traffic |
Suricata IDS: 2846526 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin : 192.168.2.13:39264 -> 57.129.51.86:4258 |
Source: Network traffic |
Suricata IDS: 2846526 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin : 192.168.2.13:39296 -> 57.129.51.86:4258 |
Source: Network traffic |
Suricata IDS: 2846526 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin : 192.168.2.13:39282 -> 57.129.51.86:4258 |
Source: Network traffic |
Suricata IDS: 2846526 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin : 192.168.2.13:39298 -> 57.129.51.86:4258 |
Source: Network traffic |
Suricata IDS: 2846526 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin : 192.168.2.13:39306 -> 57.129.51.86:4258 |
Source: Network traffic |
Suricata IDS: 2846526 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin : 192.168.2.13:39292 -> 57.129.51.86:4258 |
Source: Network traffic |
Suricata IDS: 2846526 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin : 192.168.2.13:39326 -> 57.129.51.86:4258 |
Source: Network traffic |
Suricata IDS: 2846526 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin : 192.168.2.13:39352 -> 57.129.51.86:4258 |
Source: Network traffic |
Suricata IDS: 2846526 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin : 192.168.2.13:39362 -> 57.129.51.86:4258 |
Source: Network traffic |
Suricata IDS: 2846526 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin : 192.168.2.13:39322 -> 57.129.51.86:4258 |
Source: Network traffic |
Suricata IDS: 2846526 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin : 192.168.2.13:39314 -> 57.129.51.86:4258 |
Source: Network traffic |
Suricata IDS: 2846526 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin : 192.168.2.13:39392 -> 57.129.51.86:4258 |
Source: Network traffic |
Suricata IDS: 2846526 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin : 192.168.2.13:39438 -> 57.129.51.86:4258 |
Source: Network traffic |
Suricata IDS: 2846526 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin : 192.168.2.13:39416 -> 57.129.51.86:4258 |
Source: Network traffic |
Suricata IDS: 2846526 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin : 192.168.2.13:39474 -> 57.129.51.86:4258 |
Source: Network traffic |
Suricata IDS: 2846526 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin : 192.168.2.13:39344 -> 57.129.51.86:4258 |
Source: Network traffic |
Suricata IDS: 2846526 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin : 192.168.2.13:39328 -> 57.129.51.86:4258 |
Source: Network traffic |
Suricata IDS: 2846526 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin : 192.168.2.13:39360 -> 57.129.51.86:4258 |
Source: Network traffic |
Suricata IDS: 2846526 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin : 192.168.2.13:39286 -> 57.129.51.86:4258 |
Source: Network traffic |
Suricata IDS: 2846526 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin : 192.168.2.13:39386 -> 57.129.51.86:4258 |
Source: Network traffic |
Suricata IDS: 2846526 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin : 192.168.2.13:39288 -> 57.129.51.86:4258 |
Source: Network traffic |
Suricata IDS: 2846526 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin : 192.168.2.13:39312 -> 57.129.51.86:4258 |
Source: Network traffic |
Suricata IDS: 2846526 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin : 192.168.2.13:39320 -> 57.129.51.86:4258 |
Source: Network traffic |
Suricata IDS: 2846526 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin : 192.168.2.13:39308 -> 57.129.51.86:4258 |
Source: Network traffic |
Suricata IDS: 2846526 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin : 192.168.2.13:39262 -> 57.129.51.86:4258 |
Source: Network traffic |
Suricata IDS: 2846526 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin : 192.168.2.13:39300 -> 57.129.51.86:4258 |
Source: Network traffic |
Suricata IDS: 2846526 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin : 192.168.2.13:39332 -> 57.129.51.86:4258 |
Source: Network traffic |
Suricata IDS: 2846526 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin : 192.168.2.13:39394 -> 57.129.51.86:4258 |
Source: Network traffic |
Suricata IDS: 2846526 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin : 192.168.2.13:39266 -> 57.129.51.86:4258 |
Source: Network traffic |
Suricata IDS: 2846526 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin : 192.168.2.13:39450 -> 57.129.51.86:4258 |
Source: Network traffic |
Suricata IDS: 2846526 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin : 192.168.2.13:39398 -> 57.129.51.86:4258 |
Source: Network traffic |
Suricata IDS: 2846526 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin : 192.168.2.13:39426 -> 57.129.51.86:4258 |
Source: Network traffic |
Suricata IDS: 2846526 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin : 192.168.2.13:39472 -> 57.129.51.86:4258 |
Source: Network traffic |
Suricata IDS: 2846526 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin : 192.168.2.13:39440 -> 57.129.51.86:4258 |
Source: Network traffic |
Suricata IDS: 2846526 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin : 192.168.2.13:39338 -> 57.129.51.86:4258 |
Source: Network traffic |
Suricata IDS: 2846526 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin : 192.168.2.13:39270 -> 57.129.51.86:4258 |
Source: Network traffic |
Suricata IDS: 2846526 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin : 192.168.2.13:39382 -> 57.129.51.86:4258 |
Source: Network traffic |
Suricata IDS: 2846526 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin : 192.168.2.13:39368 -> 57.129.51.86:4258 |
Source: Network traffic |
Suricata IDS: 2846526 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin : 192.168.2.13:39408 -> 57.129.51.86:4258 |
Source: Network traffic |
Suricata IDS: 2846526 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin : 192.168.2.13:39316 -> 57.129.51.86:4258 |
Source: Network traffic |
Suricata IDS: 2846526 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin : 192.168.2.13:39400 -> 57.129.51.86:4258 |
Source: Network traffic |
Suricata IDS: 2846526 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin : 192.168.2.13:39340 -> 57.129.51.86:4258 |
Source: Network traffic |
Suricata IDS: 2846526 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin : 192.168.2.13:39330 -> 57.129.51.86:4258 |
Source: Network traffic |
Suricata IDS: 2846526 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin : 192.168.2.13:39324 -> 57.129.51.86:4258 |
Source: Network traffic |
Suricata IDS: 2846526 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin : 192.168.2.13:39366 -> 57.129.51.86:4258 |
Source: Network traffic |
Suricata IDS: 2846526 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin : 192.168.2.13:39390 -> 57.129.51.86:4258 |
Source: Network traffic |
Suricata IDS: 2846526 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin : 192.168.2.13:39372 -> 57.129.51.86:4258 |
Source: Network traffic |
Suricata IDS: 2846526 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin : 192.168.2.13:39436 -> 57.129.51.86:4258 |
Source: Network traffic |
Suricata IDS: 2846526 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin : 192.168.2.13:39402 -> 57.129.51.86:4258 |
Source: Network traffic |
Suricata IDS: 2846526 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin : 192.168.2.13:39406 -> 57.129.51.86:4258 |
Source: Network traffic |
Suricata IDS: 2846526 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin : 192.168.2.13:39518 -> 57.129.51.86:4258 |
Source: Network traffic |
Suricata IDS: 2846526 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin : 192.168.2.13:39464 -> 57.129.51.86:4258 |
Source: Network traffic |
Suricata IDS: 2846526 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin : 192.168.2.13:39496 -> 57.129.51.86:4258 |
Source: Network traffic |
Suricata IDS: 2846526 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin : 192.168.2.13:39478 -> 57.129.51.86:4258 |
Source: Network traffic |
Suricata IDS: 2846526 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin : 192.168.2.13:39502 -> 57.129.51.86:4258 |
Source: Network traffic |
Suricata IDS: 2846526 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin : 192.168.2.13:39380 -> 57.129.51.86:4258 |
Source: Network traffic |
Suricata IDS: 2846526 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin : 192.168.2.13:39462 -> 57.129.51.86:4258 |
Source: Network traffic |
Suricata IDS: 2846526 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin : 192.168.2.13:39354 -> 57.129.51.86:4258 |
Source: Network traffic |
Suricata IDS: 2846526 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin : 192.168.2.13:39318 -> 57.129.51.86:4258 |
Source: Network traffic |
Suricata IDS: 2846526 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin : 192.168.2.13:39476 -> 57.129.51.86:4258 |
Source: Network traffic |
Suricata IDS: 2846526 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin : 192.168.2.13:39358 -> 57.129.51.86:4258 |
Source: Network traffic |
Suricata IDS: 2846526 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin : 192.168.2.13:39482 -> 57.129.51.86:4258 |
Source: Network traffic |
Suricata IDS: 2846526 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin : 192.168.2.13:39388 -> 57.129.51.86:4258 |
Source: Network traffic |
Suricata IDS: 2846526 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin : 192.168.2.13:39520 -> 57.129.51.86:4258 |
Source: Network traffic |
Suricata IDS: 2846526 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin : 192.168.2.13:39404 -> 57.129.51.86:4258 |
Source: Network traffic |
Suricata IDS: 2846526 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin : 192.168.2.13:39412 -> 57.129.51.86:4258 |
Source: Network traffic |
Suricata IDS: 2846526 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin : 192.168.2.13:39492 -> 57.129.51.86:4258 |
Source: Network traffic |
Suricata IDS: 2846526 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin : 192.168.2.13:39432 -> 57.129.51.86:4258 |
Source: Network traffic |
Suricata IDS: 2846526 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin : 192.168.2.13:39414 -> 57.129.51.86:4258 |
Source: Network traffic |
Suricata IDS: 2846526 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin : 192.168.2.13:39498 -> 57.129.51.86:4258 |
Source: Network traffic |
Suricata IDS: 2846526 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin : 192.168.2.13:39514 -> 57.129.51.86:4258 |
Source: Network traffic |
Suricata IDS: 2846526 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin : 192.168.2.13:39274 -> 57.129.51.86:4258 |
Source: Network traffic |
Suricata IDS: 2846526 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin : 192.168.2.13:39302 -> 57.129.51.86:4258 |
Source: Network traffic |
Suricata IDS: 2846526 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin : 192.168.2.13:39336 -> 57.129.51.86:4258 |
Source: Network traffic |
Suricata IDS: 2846526 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin : 192.168.2.13:39268 -> 57.129.51.86:4258 |
Source: Network traffic |
Suricata IDS: 2846526 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin : 192.168.2.13:39342 -> 57.129.51.86:4258 |
Source: Network traffic |
Suricata IDS: 2846526 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin : 192.168.2.13:39334 -> 57.129.51.86:4258 |
Source: Network traffic |
Suricata IDS: 2846526 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin : 192.168.2.13:39278 -> 57.129.51.86:4258 |
Source: Network traffic |
Suricata IDS: 2846526 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin : 192.168.2.13:39294 -> 57.129.51.86:4258 |
Source: Network traffic |
Suricata IDS: 2846526 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin : 192.168.2.13:39506 -> 57.129.51.86:4258 |
Source: Network traffic |
Suricata IDS: 2846526 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin : 192.168.2.13:39350 -> 57.129.51.86:4258 |
Source: Network traffic |
Suricata IDS: 2846526 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin : 192.168.2.13:39468 -> 57.129.51.86:4258 |
Source: Network traffic |
Suricata IDS: 2846526 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin : 192.168.2.13:39446 -> 57.129.51.86:4258 |
Source: Network traffic |
Suricata IDS: 2846526 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin : 192.168.2.13:39356 -> 57.129.51.86:4258 |
Source: Network traffic |
Suricata IDS: 2846526 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin : 192.168.2.13:39418 -> 57.129.51.86:4258 |
Source: Network traffic |
Suricata IDS: 2846526 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin : 192.168.2.13:39470 -> 57.129.51.86:4258 |
Source: Network traffic |
Suricata IDS: 2846526 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin : 192.168.2.13:39428 -> 57.129.51.86:4258 |
Source: Network traffic |
Suricata IDS: 2846526 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin : 192.168.2.13:39516 -> 57.129.51.86:4258 |
Source: Network traffic |
Suricata IDS: 2846526 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin : 192.168.2.13:39384 -> 57.129.51.86:4258 |
Source: Network traffic |
Suricata IDS: 2846526 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin : 192.168.2.13:39484 -> 57.129.51.86:4258 |
Source: Network traffic |
Suricata IDS: 2846526 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin : 192.168.2.13:39434 -> 57.129.51.86:4258 |
Source: Network traffic |
Suricata IDS: 2846526 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin : 192.168.2.13:39458 -> 57.129.51.86:4258 |
Source: Network traffic |
Suricata IDS: 2846526 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin : 192.168.2.13:39466 -> 57.129.51.86:4258 |
Source: Network traffic |
Suricata IDS: 2846526 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin : 192.168.2.13:39422 -> 57.129.51.86:4258 |
Source: Network traffic |
Suricata IDS: 2846526 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin : 192.168.2.13:39500 -> 57.129.51.86:4258 |
Source: Network traffic |
Suricata IDS: 2846526 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin : 192.168.2.13:39444 -> 57.129.51.86:4258 |
Source: Network traffic |
Suricata IDS: 2846526 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin : 192.168.2.13:39378 -> 57.129.51.86:4258 |
Source: Network traffic |
Suricata IDS: 2846526 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin : 192.168.2.13:39346 -> 57.129.51.86:4258 |
Source: Network traffic |
Suricata IDS: 2846526 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin : 192.168.2.13:39420 -> 57.129.51.86:4258 |
Source: Network traffic |
Suricata IDS: 2846526 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin : 192.168.2.13:39448 -> 57.129.51.86:4258 |
Source: Network traffic |
Suricata IDS: 2846526 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin : 192.168.2.13:39430 -> 57.129.51.86:4258 |
Source: Network traffic |
Suricata IDS: 2846526 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin : 192.168.2.13:39370 -> 57.129.51.86:4258 |
Source: Network traffic |
Suricata IDS: 2846526 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin : 192.168.2.13:39304 -> 57.129.51.86:4258 |
Source: Network traffic |
Suricata IDS: 2846526 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin : 192.168.2.13:39454 -> 57.129.51.86:4258 |
Source: Network traffic |
Suricata IDS: 2846526 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin : 192.168.2.13:39410 -> 57.129.51.86:4258 |
Source: Network traffic |
Suricata IDS: 2846526 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin : 192.168.2.13:39276 -> 57.129.51.86:4258 |
Source: Network traffic |
Suricata IDS: 2846526 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin : 192.168.2.13:39442 -> 57.129.51.86:4258 |
Source: Network traffic |
Suricata IDS: 2846526 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin : 192.168.2.13:39488 -> 57.129.51.86:4258 |
Source: Network traffic |
Suricata IDS: 2846526 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin : 192.168.2.13:39486 -> 57.129.51.86:4258 |
Source: Network traffic |
Suricata IDS: 2846526 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin : 192.168.2.13:39460 -> 57.129.51.86:4258 |
Source: Network traffic |
Suricata IDS: 2846526 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin : 192.168.2.13:39348 -> 57.129.51.86:4258 |
Source: Network traffic |
Suricata IDS: 2846526 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin : 192.168.2.13:39452 -> 57.129.51.86:4258 |
Source: Network traffic |
Suricata IDS: 2846526 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin : 192.168.2.13:39508 -> 57.129.51.86:4258 |
Source: Network traffic |
Suricata IDS: 2846526 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin : 192.168.2.13:39374 -> 57.129.51.86:4258 |
Source: Network traffic |
Suricata IDS: 2846526 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin : 192.168.2.13:39284 -> 57.129.51.86:4258 |
Source: Network traffic |
Suricata IDS: 2846526 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin : 192.168.2.13:39396 -> 57.129.51.86:4258 |
Source: Network traffic |
Suricata IDS: 2846526 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin : 192.168.2.13:39376 -> 57.129.51.86:4258 |
Source: Network traffic |
Suricata IDS: 2846526 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin : 192.168.2.13:39512 -> 57.129.51.86:4258 |
Source: Network traffic |
Suricata IDS: 2846526 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin : 192.168.2.13:39424 -> 57.129.51.86:4258 |
Source: Network traffic |
Suricata IDS: 2846526 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin : 192.168.2.13:39364 -> 57.129.51.86:4258 |
Source: Network traffic |
Suricata IDS: 2846526 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin : 192.168.2.13:39490 -> 57.129.51.86:4258 |
Source: Network traffic |
Suricata IDS: 2846526 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin : 192.168.2.13:39456 -> 57.129.51.86:4258 |
Source: Network traffic |
Suricata IDS: 2846526 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin : 192.168.2.13:39480 -> 57.129.51.86:4258 |
Source: Network traffic |
Suricata IDS: 2846526 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin : 192.168.2.13:39494 -> 57.129.51.86:4258 |
Source: Network traffic |
Suricata IDS: 2846526 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin : 192.168.2.13:39504 -> 57.129.51.86:4258 |
Source: Network traffic |
Suricata IDS: 2846526 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin : 192.168.2.13:39510 -> 57.129.51.86:4258 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 57.129.51.86 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 57.129.51.86 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 57.129.51.86 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 57.129.51.86 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 57.129.51.86 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 57.129.51.86 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 57.129.51.86 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 57.129.51.86 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 57.129.51.86 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 57.129.51.86 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 57.129.51.86 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 57.129.51.86 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 57.129.51.86 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 57.129.51.86 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 57.129.51.86 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 57.129.51.86 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 57.129.51.86 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 57.129.51.86 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 57.129.51.86 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 57.129.51.86 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 57.129.51.86 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 57.129.51.86 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 57.129.51.86 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 57.129.51.86 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 57.129.51.86 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 57.129.51.86 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 57.129.51.86 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 57.129.51.86 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 57.129.51.86 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 57.129.51.86 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 57.129.51.86 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 57.129.51.86 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 57.129.51.86 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 57.129.51.86 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 57.129.51.86 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 57.129.51.86 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 57.129.51.86 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 57.129.51.86 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 57.129.51.86 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 57.129.51.86 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 57.129.51.86 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 57.129.51.86 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 57.129.51.86 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 57.129.51.86 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 57.129.51.86 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 57.129.51.86 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 57.129.51.86 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 57.129.51.86 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 57.129.51.86 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 57.129.51.86 |
Source: na.elf, type: SAMPLE |
Matched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown |
Source: na.elf, type: SAMPLE |
Matched rule: Linux_Trojan_Gafgyt_c573932b Author: unknown |
Source: na.elf, type: SAMPLE |
Matched rule: Linux_Trojan_Gafgyt_5bf62ce4 Author: unknown |
Source: na.elf, type: SAMPLE |
Matched rule: Linux_Trojan_Gafgyt_6122acdf Author: unknown |
Source: na.elf, type: SAMPLE |
Matched rule: Linux_Trojan_Gafgyt_ea92cca8 Author: unknown |
Source: na.elf, type: SAMPLE |
Matched rule: Linux_Trojan_Gafgyt_7167d08f Author: unknown |
Source: na.elf, type: SAMPLE |
Matched rule: Linux_Trojan_Mirai_389ee3e9 Author: unknown |
Source: 5446.1.0000000008048000.0000000008060000.r-x.sdmp, type: MEMORY |
Matched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown |
Source: 5446.1.0000000008048000.0000000008060000.r-x.sdmp, type: MEMORY |
Matched rule: Linux_Trojan_Gafgyt_c573932b Author: unknown |
Source: 5446.1.0000000008048000.0000000008060000.r-x.sdmp, type: MEMORY |
Matched rule: Linux_Trojan_Gafgyt_5bf62ce4 Author: unknown |
Source: 5446.1.0000000008048000.0000000008060000.r-x.sdmp, type: MEMORY |
Matched rule: Linux_Trojan_Gafgyt_6122acdf Author: unknown |
Source: 5446.1.0000000008048000.0000000008060000.r-x.sdmp, type: MEMORY |
Matched rule: Linux_Trojan_Gafgyt_ea92cca8 Author: unknown |
Source: 5446.1.0000000008048000.0000000008060000.r-x.sdmp, type: MEMORY |
Matched rule: Linux_Trojan_Gafgyt_7167d08f Author: unknown |
Source: 5446.1.0000000008048000.0000000008060000.r-x.sdmp, type: MEMORY |
Matched rule: Linux_Trojan_Mirai_389ee3e9 Author: unknown |
Source: 5445.1.0000000008048000.0000000008060000.r-x.sdmp, type: MEMORY |
Matched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown |
Source: 5445.1.0000000008048000.0000000008060000.r-x.sdmp, type: MEMORY |
Matched rule: Linux_Trojan_Gafgyt_c573932b Author: unknown |
Source: 5445.1.0000000008048000.0000000008060000.r-x.sdmp, type: MEMORY |
Matched rule: Linux_Trojan_Gafgyt_5bf62ce4 Author: unknown |
Source: 5445.1.0000000008048000.0000000008060000.r-x.sdmp, type: MEMORY |
Matched rule: Linux_Trojan_Gafgyt_6122acdf Author: unknown |
Source: 5445.1.0000000008048000.0000000008060000.r-x.sdmp, type: MEMORY |
Matched rule: Linux_Trojan_Gafgyt_ea92cca8 Author: unknown |
Source: 5445.1.0000000008048000.0000000008060000.r-x.sdmp, type: MEMORY |
Matched rule: Linux_Trojan_Gafgyt_7167d08f Author: unknown |
Source: 5445.1.0000000008048000.0000000008060000.r-x.sdmp, type: MEMORY |
Matched rule: Linux_Trojan_Mirai_389ee3e9 Author: unknown |
Source: Process Memory Space: na.elf PID: 5445, type: MEMORYSTR |
Matched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown |
Source: Process Memory Space: na.elf PID: 5445, type: MEMORYSTR |
Matched rule: Linux_Trojan_Gafgyt_ea92cca8 Author: unknown |
Source: Process Memory Space: na.elf PID: 5446, type: MEMORYSTR |
Matched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown |
Source: Process Memory Space: na.elf PID: 5446, type: MEMORYSTR |
Matched rule: Linux_Trojan_Gafgyt_ea92cca8 Author: unknown |
Source: na.elf, type: SAMPLE |
Matched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16 |
Source: na.elf, type: SAMPLE |
Matched rule: Linux_Trojan_Gafgyt_c573932b reference_sample = 4c6aeaa6f6a0c40a3f4116a2e19e669188a8b1678a8930350889da1bab531c68, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 18a3025ebb8af46605970ee8d7d18214854b86200001d576553e102cb71df266, id = c573932b-9b3f-4ab7-a6b6-32dcc7473790, last_modified = 2021-09-16 |
Source: na.elf, type: SAMPLE |
Matched rule: Linux_Trojan_Gafgyt_5bf62ce4 reference_sample = 4c6aeaa6f6a0c40a3f4116a2e19e669188a8b1678a8930350889da1bab531c68, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 3ffc398303f7208e77c4fbdfb50ac896e531b7cee3be2fa820bc8d70cfb20af3, id = 5bf62ce4-619b-4d46-b221-c5bf552474bb, last_modified = 2021-09-16 |
Source: na.elf, type: SAMPLE |
Matched rule: Linux_Trojan_Gafgyt_6122acdf os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 283275705c729be23d7dc75056388ecae00390bd25ee7b66b0cfc9b85feee212, id = 6122acdf-1eef-45ea-83ea-699d21c2dc20, last_modified = 2021-09-16 |
Source: na.elf, type: SAMPLE |
Matched rule: Linux_Trojan_Gafgyt_ea92cca8 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = aa4aee9f3d6bedd8234eaf8778895a0f5d71c42b21f2a428f01f121e85704e8e, id = ea92cca8-bba7-4a1c-9b88-a2d051ad0021, last_modified = 2021-09-16 |
Source: na.elf, type: SAMPLE |
Matched rule: Linux_Trojan_Gafgyt_7167d08f reference_sample = 4c6aeaa6f6a0c40a3f4116a2e19e669188a8b1678a8930350889da1bab531c68, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = b9df4ab322a2a329168f684b07b7b05ee3d03165c5b9050a4710eae7aeca6cd9, id = 7167d08f-bfeb-4d78-9783-3a1df2ef0ed3, last_modified = 2021-09-16 |
Source: na.elf, type: SAMPLE |
Matched rule: Linux_Trojan_Mirai_389ee3e9 reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 59f2359dc1f41d385d639d157b4cd9fc73d76d8abb7cc09d47632bb4c9a39e6e, id = 389ee3e9-70c1-4c93-a999-292cf6ff1652, last_modified = 2022-01-26 |
Source: 5446.1.0000000008048000.0000000008060000.r-x.sdmp, type: MEMORY |
Matched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16 |
Source: 5446.1.0000000008048000.0000000008060000.r-x.sdmp, type: MEMORY |
Matched rule: Linux_Trojan_Gafgyt_c573932b reference_sample = 4c6aeaa6f6a0c40a3f4116a2e19e669188a8b1678a8930350889da1bab531c68, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 18a3025ebb8af46605970ee8d7d18214854b86200001d576553e102cb71df266, id = c573932b-9b3f-4ab7-a6b6-32dcc7473790, last_modified = 2021-09-16 |
Source: 5446.1.0000000008048000.0000000008060000.r-x.sdmp, type: MEMORY |
Matched rule: Linux_Trojan_Gafgyt_5bf62ce4 reference_sample = 4c6aeaa6f6a0c40a3f4116a2e19e669188a8b1678a8930350889da1bab531c68, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 3ffc398303f7208e77c4fbdfb50ac896e531b7cee3be2fa820bc8d70cfb20af3, id = 5bf62ce4-619b-4d46-b221-c5bf552474bb, last_modified = 2021-09-16 |
Source: 5446.1.0000000008048000.0000000008060000.r-x.sdmp, type: MEMORY |
Matched rule: Linux_Trojan_Gafgyt_6122acdf os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 283275705c729be23d7dc75056388ecae00390bd25ee7b66b0cfc9b85feee212, id = 6122acdf-1eef-45ea-83ea-699d21c2dc20, last_modified = 2021-09-16 |
Source: 5446.1.0000000008048000.0000000008060000.r-x.sdmp, type: MEMORY |
Matched rule: Linux_Trojan_Gafgyt_ea92cca8 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = aa4aee9f3d6bedd8234eaf8778895a0f5d71c42b21f2a428f01f121e85704e8e, id = ea92cca8-bba7-4a1c-9b88-a2d051ad0021, last_modified = 2021-09-16 |
Source: 5446.1.0000000008048000.0000000008060000.r-x.sdmp, type: MEMORY |
Matched rule: Linux_Trojan_Gafgyt_7167d08f reference_sample = 4c6aeaa6f6a0c40a3f4116a2e19e669188a8b1678a8930350889da1bab531c68, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = b9df4ab322a2a329168f684b07b7b05ee3d03165c5b9050a4710eae7aeca6cd9, id = 7167d08f-bfeb-4d78-9783-3a1df2ef0ed3, last_modified = 2021-09-16 |
Source: 5446.1.0000000008048000.0000000008060000.r-x.sdmp, type: MEMORY |
Matched rule: Linux_Trojan_Mirai_389ee3e9 reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 59f2359dc1f41d385d639d157b4cd9fc73d76d8abb7cc09d47632bb4c9a39e6e, id = 389ee3e9-70c1-4c93-a999-292cf6ff1652, last_modified = 2022-01-26 |
Source: 5445.1.0000000008048000.0000000008060000.r-x.sdmp, type: MEMORY |
Matched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16 |
Source: 5445.1.0000000008048000.0000000008060000.r-x.sdmp, type: MEMORY |
Matched rule: Linux_Trojan_Gafgyt_c573932b reference_sample = 4c6aeaa6f6a0c40a3f4116a2e19e669188a8b1678a8930350889da1bab531c68, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 18a3025ebb8af46605970ee8d7d18214854b86200001d576553e102cb71df266, id = c573932b-9b3f-4ab7-a6b6-32dcc7473790, last_modified = 2021-09-16 |
Source: 5445.1.0000000008048000.0000000008060000.r-x.sdmp, type: MEMORY |
Matched rule: Linux_Trojan_Gafgyt_5bf62ce4 reference_sample = 4c6aeaa6f6a0c40a3f4116a2e19e669188a8b1678a8930350889da1bab531c68, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 3ffc398303f7208e77c4fbdfb50ac896e531b7cee3be2fa820bc8d70cfb20af3, id = 5bf62ce4-619b-4d46-b221-c5bf552474bb, last_modified = 2021-09-16 |
Source: 5445.1.0000000008048000.0000000008060000.r-x.sdmp, type: MEMORY |
Matched rule: Linux_Trojan_Gafgyt_6122acdf os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 283275705c729be23d7dc75056388ecae00390bd25ee7b66b0cfc9b85feee212, id = 6122acdf-1eef-45ea-83ea-699d21c2dc20, last_modified = 2021-09-16 |
Source: 5445.1.0000000008048000.0000000008060000.r-x.sdmp, type: MEMORY |
Matched rule: Linux_Trojan_Gafgyt_ea92cca8 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = aa4aee9f3d6bedd8234eaf8778895a0f5d71c42b21f2a428f01f121e85704e8e, id = ea92cca8-bba7-4a1c-9b88-a2d051ad0021, last_modified = 2021-09-16 |
Source: 5445.1.0000000008048000.0000000008060000.r-x.sdmp, type: MEMORY |
Matched rule: Linux_Trojan_Gafgyt_7167d08f reference_sample = 4c6aeaa6f6a0c40a3f4116a2e19e669188a8b1678a8930350889da1bab531c68, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = b9df4ab322a2a329168f684b07b7b05ee3d03165c5b9050a4710eae7aeca6cd9, id = 7167d08f-bfeb-4d78-9783-3a1df2ef0ed3, last_modified = 2021-09-16 |
Source: 5445.1.0000000008048000.0000000008060000.r-x.sdmp, type: MEMORY |
Matched rule: Linux_Trojan_Mirai_389ee3e9 reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 59f2359dc1f41d385d639d157b4cd9fc73d76d8abb7cc09d47632bb4c9a39e6e, id = 389ee3e9-70c1-4c93-a999-292cf6ff1652, last_modified = 2022-01-26 |
Source: Process Memory Space: na.elf PID: 5445, type: MEMORYSTR |
Matched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16 |
Source: Process Memory Space: na.elf PID: 5445, type: MEMORYSTR |
Matched rule: Linux_Trojan_Gafgyt_ea92cca8 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = aa4aee9f3d6bedd8234eaf8778895a0f5d71c42b21f2a428f01f121e85704e8e, id = ea92cca8-bba7-4a1c-9b88-a2d051ad0021, last_modified = 2021-09-16 |
Source: Process Memory Space: na.elf PID: 5446, type: MEMORYSTR |
Matched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16 |
Source: Process Memory Space: na.elf PID: 5446, type: MEMORYSTR |
Matched rule: Linux_Trojan_Gafgyt_ea92cca8 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = aa4aee9f3d6bedd8234eaf8778895a0f5d71c42b21f2a428f01f121e85704e8e, id = ea92cca8-bba7-4a1c-9b88-a2d051ad0021, last_modified = 2021-09-16 |
Source: Initial sample |
User agent string found: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.181 Safari/537.36 |
Source: Initial sample |
User agent string found: Opera/9.80 (X11; Linux i686; Ubuntu/14.10) Presto/2.12.388 Version/12.16 |
Source: Initial sample |
User agent string found: Mozilla/5.0 (Windows; U; Windows NT 6.1; rv:2.2) Gecko/20110201 |
Source: Initial sample |
User agent string found: Opera/9.80 (Windows NT 5.2; U; ru) Presto/2.5.22 Version/10.51 |
Source: Initial sample |
User agent string found: Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2228.0 Safari/537.36 |
Source: Initial sample |
User agent string found: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; AS; rv:11.0) like Gecko |
Source: Initial sample |
User agent string found: Mozilla/5.0 (Android; Linux armv7l; rv:9.0) Gecko/20111216 Firefox/9.0 Fennec/9.0 |
Source: Initial sample |
User agent string found: Mozilla/5.0 (Windows NT 5.1) AppleWebKit/536.5 (KHTML, like Gecko) Chrome/19.0.1084.56 Safari/536.5 |
Source: Initial sample |
User agent string found: Opera/9.80 (Windows NT 5.1; U; en) Presto/2.10.229 Version/11.60 |
Source: Initial sample |
User agent string found: Mozilla/5.0 (iPad; U; CPU OS 5_1 like Mac OS X) AppleWebKit/531.21.10 (KHTML, like Gecko) Version/4.0.4 Mobile/7B367 Safari/531.21.10 UCBrowser/3.4.3.532 |
Source: Initial sample |
User agent string found: Mozilla/5.0 (Nintendo WiiU) AppleWebKit/536.30 (KHTML, like Gecko) NX/3.0.4.2.12 NintendoBrowser/4.3.1.11264.US |
Source: Initial sample |
User agent string found: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:25.0) Gecko/20100101 Firefox/25.0 |
Source: Initial sample |
User agent string found: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; pl) Opera 11.00 |
Source: Initial sample |
User agent string found: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0; en) Opera 11.00 |
Source: Initial sample |
User agent string found: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0; ja) Opera 11.00 |
Source: Initial sample |
User agent string found: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; cn) Opera 11.00 |
Source: Initial sample |
User agent string found: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; fr) Opera 11.00 |
Source: Initial sample |
User agent string found: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/50.0.2661.102 Safari/537.36 |
Source: Initial sample |
User agent string found: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:12.0) Gecko/20100101 Firefox/12.0 |
Source: Initial sample |
User agent string found: Mozilla/5.0 (X11; U; Linux x86_64; de; rv:1.9.2.8) Gecko/20100723 Ubuntu/10.04 (lucid) Firefox/3.6.8 |
Source: Initial sample |
User agent string found: Mozilla/5.0 (Windows NT 5.1; rv:13.0) Gecko/20100101 Firefox/13.0.1 |
Source: Initial sample |
User agent string found: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:11.0) Gecko/20100101 Firefox/11.0 |
Source: Initial sample |
User agent string found: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:13.0) Gecko/20100101 Firefox/13.0.1 |
Source: Initial sample |
User agent string found: Opera/9.80 (Windows NT 5.1; U; en) Presto/2.10.289 Version/12.01 |
Source: Initial sample |
User agent string found: Mozilla/5.0 (Windows NT 5.1; rv:5.0.1) Gecko/20100101 Firefox/5.0.1 |
Source: Initial sample |
User agent string found: Mozilla/5.0 (Windows NT 6.1; rv:5.0) Gecko/20100101 Firefox/5.02 |
Source: Initial sample |
User agent string found: Mozilla/5.0 (Windows NT 6.0) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.112 Safari/535.1 |
Source: Initial sample |
User agent string found: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/53.0.2785.116 Safari/537.36 |
Source: Initial sample |
User agent string found: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/53.0.2785.116 Safari/537.36 |
Source: Initial sample |
User agent string found: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/53.0.2785.116 Safari/537.36 |
Source: Initial sample |
User agent string found: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/53.0.2785.116 Safari/537.36 |
Source: Initial sample |
User agent string found: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/53.0.2785.143 Safari/537.36 |
Source: Initial sample |
User agent string found: Mozilla/5.0 (Macintosh; U; Intel Mac OS X; en; rv:1.8.1.11) Gecko/20071128 Camino/1.5.4 |
Source: Initial sample |
User agent string found: Mozilla/5.0 (Windows; U; Windows NT 6.1; cs; rv:1.9.2.6) Gecko/20100628 myibrow/4alpha2 |
Source: Initial sample |
User agent string found: Mozilla/5.0 (Windows; U; Win 9x 4.90; SG; rv:1.9.2.4) Gecko/20101104 Netscape/9.1.0285 |
Source: Initial sample |
User agent string found: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.2.0 Lightning/4.0.2 |
Source: Initial sample |
User agent string found: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10; rv:33.0) Gecko/20100101 Firefox/33.0 |