Linux Analysis Report
na.elf

AV Detection

Source: na.elf

ReversingLabs: Detection: 42%

Networking

Source: unknown	Network traffic detected: HTTP traffic on port 56562 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56564 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56566 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56568 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56570 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56572 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56574 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56576 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56578 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56580 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56582 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56584 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56586 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56588 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56590 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56592 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56594 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56596 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56598 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56600 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56602 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56604 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56606 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56608 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56610 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56612 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56614 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56616 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56618 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56620 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56622 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56624 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56626 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56628 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56630 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56632 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56634 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56636 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56638 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56640 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56642 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56644 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56646 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56648 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56650 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56652 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56654 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56656 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56656 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56658 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56660 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56662 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56664 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56666 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56668 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56670 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56672 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56674 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56676 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56678 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56680 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56682 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56684 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56686 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56688 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56690 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56692 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56694 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56696 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56698 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56700 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56702 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56704 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56706 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56708 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56710 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56712 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56714 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56716 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56718 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56720 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56722 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56724 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56726 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56728 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56730 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56732 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56734 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56736 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56738 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56740 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56742 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56744 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56746 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56748 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56750 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56752 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56754 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56756 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56758 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56760 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56762 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56764 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56766 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56768 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56768 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56770 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56772 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56774 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56776 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56778 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56780 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56782 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56784 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56786 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56788 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56790 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56792 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56794 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56796 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56798 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56800 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56802 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56804 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56806 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56808 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56810 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56812 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56814 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56816 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56818 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56820 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56822 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56824 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56826 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56828 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56830 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56832 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56834 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56836 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56838 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56840 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56842 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56844 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56846 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56848 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56850 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56852 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56854 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56856 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56858 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56860 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56862 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56864 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56866 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56868 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56870 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56872 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56874 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56876 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56878 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56880 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56882 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56884 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56886 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56888 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56890 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56892 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56894 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56896 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56898 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56900 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56902 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56904 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56906 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56908 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56910 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56912 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56914 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56916 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56918 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56920 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56922 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56924 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56926 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56928 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56930 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56932 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56934 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56936 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56938 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56940 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56942 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56944 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56946 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56948 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56950 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56952 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56954 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56956 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56958 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56960 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56962 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56964 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56966 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56968 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56970 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56972 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56974 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56976 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56978 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56980 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56982 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56984 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56986 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56988 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56990 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56992 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56994 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56996 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56998 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57000 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57002 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57004 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57006 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57008 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57010 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57012 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57014 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57016 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57018 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57020 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57022 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57024 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57026 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57028 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57030 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57032 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57034 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57036 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57038 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57040 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57042 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57044 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57046 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57048 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57050 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57052 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57054 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57056 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57058 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57060 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57062 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57064 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57066 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57068 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57070 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57072 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57074 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57076 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57078 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57080 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57082 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57084 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57086 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57088 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57090 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57092 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57094 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57096 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57098 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57100 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57102 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57104 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57106 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57108 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57110 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57112 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57114 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57116 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57118 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57120 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57122 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57124 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57126 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57128 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57130 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57132 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57134 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57136 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57138 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57140 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57142 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57144 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57146 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57148 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57150 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57152 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57154 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57156 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57158 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57160 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57162 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57164 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57166 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57168 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57170 -> 999

Source: global traffic

TCP traffic: 192.168.2.14:56562 -> 129.152.30.246:999

Source: unknown	TCP traffic detected without corresponding DNS query: 129.152.30.246
Source: unknown	TCP traffic detected without corresponding DNS query: 129.152.30.246
Source: unknown	TCP traffic detected without corresponding DNS query: 129.152.30.246
Source: unknown	TCP traffic detected without corresponding DNS query: 129.152.30.246
Source: unknown	TCP traffic detected without corresponding DNS query: 129.152.30.246
Source: unknown	TCP traffic detected without corresponding DNS query: 129.152.30.246
Source: unknown	TCP traffic detected without corresponding DNS query: 129.152.30.246
Source: unknown	TCP traffic detected without corresponding DNS query: 129.152.30.246
Source: unknown	TCP traffic detected without corresponding DNS query: 129.152.30.246
Source: unknown	TCP traffic detected without corresponding DNS query: 129.152.30.246
Source: unknown	TCP traffic detected without corresponding DNS query: 129.152.30.246
Source: unknown	TCP traffic detected without corresponding DNS query: 129.152.30.246
Source: unknown	TCP traffic detected without corresponding DNS query: 129.152.30.246
Source: unknown	TCP traffic detected without corresponding DNS query: 129.152.30.246
Source: unknown	TCP traffic detected without corresponding DNS query: 129.152.30.246
Source: unknown	TCP traffic detected without corresponding DNS query: 129.152.30.246
Source: unknown	TCP traffic detected without corresponding DNS query: 129.152.30.246
Source: unknown	TCP traffic detected without corresponding DNS query: 129.152.30.246
Source: unknown	TCP traffic detected without corresponding DNS query: 129.152.30.246
Source: unknown	TCP traffic detected without corresponding DNS query: 129.152.30.246
Source: unknown	TCP traffic detected without corresponding DNS query: 129.152.30.246
Source: unknown	TCP traffic detected without corresponding DNS query: 129.152.30.246
Source: unknown	TCP traffic detected without corresponding DNS query: 129.152.30.246
Source: unknown	TCP traffic detected without corresponding DNS query: 129.152.30.246
Source: unknown	TCP traffic detected without corresponding DNS query: 129.152.30.246
Source: unknown	TCP traffic detected without corresponding DNS query: 129.152.30.246
Source: unknown	TCP traffic detected without corresponding DNS query: 129.152.30.246
Source: unknown	TCP traffic detected without corresponding DNS query: 129.152.30.246
Source: unknown	TCP traffic detected without corresponding DNS query: 129.152.30.246
Source: unknown	TCP traffic detected without corresponding DNS query: 129.152.30.246
Source: unknown	TCP traffic detected without corresponding DNS query: 129.152.30.246
Source: unknown	TCP traffic detected without corresponding DNS query: 129.152.30.246
Source: unknown	TCP traffic detected without corresponding DNS query: 129.152.30.246
Source: unknown	TCP traffic detected without corresponding DNS query: 129.152.30.246
Source: unknown	TCP traffic detected without corresponding DNS query: 129.152.30.246
Source: unknown	TCP traffic detected without corresponding DNS query: 129.152.30.246
Source: unknown	TCP traffic detected without corresponding DNS query: 129.152.30.246
Source: unknown	TCP traffic detected without corresponding DNS query: 129.152.30.246
Source: unknown	TCP traffic detected without corresponding DNS query: 129.152.30.246
Source: unknown	TCP traffic detected without corresponding DNS query: 129.152.30.246
Source: unknown	TCP traffic detected without corresponding DNS query: 129.152.30.246
Source: unknown	TCP traffic detected without corresponding DNS query: 129.152.30.246
Source: unknown	TCP traffic detected without corresponding DNS query: 129.152.30.246
Source: unknown	TCP traffic detected without corresponding DNS query: 129.152.30.246
Source: unknown	TCP traffic detected without corresponding DNS query: 129.152.30.246
Source: unknown	TCP traffic detected without corresponding DNS query: 129.152.30.246
Source: unknown	TCP traffic detected without corresponding DNS query: 129.152.30.246
Source: unknown	TCP traffic detected without corresponding DNS query: 129.152.30.246
Source: unknown	TCP traffic detected without corresponding DNS query: 129.152.30.246
Source: unknown	TCP traffic detected without corresponding DNS query: 129.152.30.246

Source: global traffic

DNS traffic detected: DNS query: daisy.ubuntu.com

System Summary

Source: ELF static info symbol of initial sample

.symtab present: no

Source: classification engine

Classification label: mal52.troj.linELF@0/0@2/0

Persistence and Installation Behavior

Source: /tmp/na.elf (PID: 5541)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5543)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5545)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5549)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5551)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5553)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5558)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5560)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5562)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5564)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5568)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5570)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5572)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5578)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5580)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5582)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5584)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5588)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5590)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5592)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5594)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5599)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5601)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5605)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5626)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5628)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5633)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5635)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5637)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5641)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5643)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5645)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5647)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5649)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5654)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5656)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5658)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5660)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5662)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5664)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5666)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5668)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5672)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5674)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5676)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5678)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5680)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5682)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5688)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5692)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5697)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5699)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5701)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5703)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5705)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5710)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5717)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5722)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5724)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5726)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5728)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5730)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5732)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5737)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5741)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5746)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5748)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5750)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5752)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5754)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5758)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5760)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5762)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5768)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5773)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5775)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5777)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5782)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5784)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5786)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5791)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5793)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5795)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5800)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5804)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5806)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5808)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5810)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5812)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5814)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5816)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5820)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5822)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5824)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5826)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5832)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5834)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5836)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5840)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5842)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5844)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5846)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5848)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5850)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5854)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5856)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5858)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5863)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5865)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5867)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5869)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5871)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5875)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5877)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5879)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5881)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5883)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5889)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5891)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5896)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5898)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5900)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5902)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5907)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5909)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5911)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5915)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5917)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5919)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5921)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5923)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5925)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5927)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5929)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5933)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5935)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5937)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5939)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5941)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5947)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5949)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5953)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5958)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5960)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5962)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5964)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5966)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5968)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5972)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5979)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5981)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5986)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5988)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5993)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5995)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 5997)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 6001)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 6003)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 6005)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 6007)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 6009)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 6011)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 6014)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 6018)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 6024)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 6026)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 6028)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 6030)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 6032)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 6034)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 6038)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 6040)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 6042)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 6044)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 6046)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 6048)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 6050)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 6054)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 6056)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 6058)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 6060)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 6062)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 6064)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 6066)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 6070)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 6072)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 6074)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 6076)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 6082)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 6084)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 6086)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 6093)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 6095)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 6097)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 6102)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 6104)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 6106)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 6112)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 6116)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 6118)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 6120)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 6122)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 6124)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 6129)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 6132)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 6136)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 6138)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 6140)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 6142)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 6144)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 6146)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 6148)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 6152)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 6154)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 6156)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 6158)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 6160)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 6162)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 6164)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 6168)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 6170)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 6172)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 6178)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 6180)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 6182)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 6184)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 6186)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 6191)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 6198)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 6203)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 6205)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 6207)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 6209)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 6213)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 6220)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 6222)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 6224)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 6229)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 6231)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 6233)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 6235)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 6239)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 6241)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 6243)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 6245)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 6251)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 6253)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 6259)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 6266)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior
Source: /tmp/na.elf (PID: 6268)	Shell command executed: sh -c "Another instance from this IP is already connected.\n"			Jump to behavior

Source: submitted sample

Stderr: sh: 1: Another: not foundsh: 1: Another: not foundsh: 1: Another: not foundsh: 1: Another: not foundsh: 1: Another: not foundsh: 1: Another: not foundsh: 1: Another: not foundsh: 1: Another: not foundsh: 1: Another: not foundsh: 1: Another: not foundsh: 1: Another: not foundsh: 1: Another: not foundsh: 1: Another: not foundsh: 1: Another: not foundsh: 1: Another: not foundsh: 1: Another: not foundsh: 1: Another: not foundsh: 1: Another: not foundsh: 1: Another: not foundsh: 1: Another: not foundsh: 1: Another: not foundsh: 1: Another: not foundsh: 1: Another: not foundsh: 1: Another: not foundsh: 1: Another: not foundsh: 1: Another: not foundsh: 1: Another: not foundsh: 1: Another: not foundsh: 1: Another: not foundsh: 1: Another: not foundsh: 1: Another: not foundsh: 1: Another: not foundsh: 1: Another: not foundsh: 1: Another: not foundsh: 1: Another: not foundsh: 1: Another: not foundsh: 1: Another: not foundsh: 1: Another: not foundsh: 1: Another: not foundsh: 1: Another: not foundsh: 1: Another: not foundsh: 1: Another: not foundsh: 1: Another: not foundsh: 1: Another: not foundsh: 1: Another: not foundsh: 1: Another: not foundsh: 1: Another: not foundsh: 1: Another: not foundsh: 1: Another: not foundsh: 1: Another: not foundsh: 1: Another: not foundsh: 1: Another: not foundsh: 1: Another: not foundsh: 1: Another: not foundsh: 1: Another: not foundsh: 1: Another: not foundsh: 1: Another: not foundsh: 1: Another: not foundsh: 1: Another: not foundsh: 1: Another: not foundsh: 1: Another: not foundsh: 1: Another: not foundsh: 1: Another: not foundsh: 1: Another: not foundsh: 1: Another: not foundsh: 1: Another: not foundsh: 1: Another: not foundsh: 1: Another: not foundsh: 1: Another: not foundsh: 1: Another: not foundsh: 1: Another: not foundsh: 1: Another: not foundsh: 1: Another: not foundsh: 1: Another: not foundsh: 1: Another: not foundsh: 1: Another: not foundsh: 1: Another: not foundsh: 1: Another: not foundsh: 1: Another: not foundsh: 1: Another: not foundsh: 1: Another: not foundsh: 1: Another: not foundsh: 1: Another: not foundsh: 1: Another: not foundsh: 1: Another: not foundsh: 1: Another: not foundsh: 1: Another: not foundsh: 1: Another: not foundsh: 1: Another: not foundsh: 1: Another: not foundsh: 1: Another: not foundsh: 1: Another: not foundsh: 1: Another: not foundsh: 1: Another: not foundsh: 1: Another: not foundsh: 1: Another: not foundsh: 1: Another: not foundsh: 1: Another: not foundsh: 1: Another: not foundsh: 1: Another: not foundsh: 1: Another: not foundsh: 1: Another: not foundsh: 1: Another: not foundsh: 1: Another: not foundsh: 1: Another: not foundsh: 1: Another: not foundsh: 1: Another: not foundsh: 1: Another: not foundsh: 1: Another: not foundsh: 1: Another: not foundsh: 1: Another: not foundsh: 1: Another: not foundsh: 1: Another: not foundsh: 1: Another: not foundsh: 1: Another: not foundsh: 1: Another: not foundsh: 1: Another: not foundsh: 1: Another: not foundsh: 1: Another: not foundsh: 1: Another: not foundsh: 1: Another: not found: exit code = 0

Hooking and other Techniques for Hiding and Protection

Source: unknown	Network traffic detected: HTTP traffic on port 56562 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56564 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56566 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56568 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56570 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56572 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56574 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56576 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56578 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56580 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56582 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56584 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56586 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56588 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56590 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56592 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56594 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56596 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56598 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56600 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56602 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56604 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56606 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56608 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56610 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56612 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56614 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56616 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56618 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56620 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56622 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56624 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56626 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56628 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56630 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56632 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56634 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56636 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56638 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56640 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56642 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56644 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56646 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56648 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56650 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56652 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56654 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56656 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56656 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56658 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56660 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56662 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56664 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56666 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56668 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56670 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56672 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56674 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56676 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56678 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56680 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56682 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56684 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56686 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56688 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56690 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56692 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56694 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56696 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56698 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56700 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56702 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56704 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56706 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56708 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56710 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56712 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56714 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56716 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56718 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56720 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56722 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56724 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56726 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56728 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56730 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56732 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56734 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56736 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56738 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56740 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56742 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56744 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56746 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56748 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56750 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56752 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56754 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56756 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56758 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56760 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56762 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56764 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56766 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56768 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56768 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56770 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56772 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56774 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56776 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56778 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56780 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56782 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56784 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56786 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56788 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56790 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56792 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56794 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56796 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56798 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56800 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56802 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56804 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56806 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56808 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56810 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56812 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56814 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56816 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56818 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56820 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56822 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56824 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56826 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56828 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56830 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56832 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56834 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56836 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56838 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56840 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56842 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56844 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56846 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56848 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56850 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56852 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56854 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56856 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56858 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56860 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56862 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56864 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56866 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56868 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56870 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56872 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56874 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56876 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56878 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56880 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56882 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56884 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56886 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56888 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56890 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56892 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56894 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56896 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56898 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56900 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56902 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56904 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56906 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56908 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56910 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56912 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56914 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56916 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56918 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56920 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56922 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56924 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56926 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56928 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56930 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56932 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56934 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56936 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56938 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56940 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56942 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56944 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56946 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56948 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56950 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56952 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56954 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56956 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56958 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56960 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56962 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56964 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56966 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56968 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56970 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56972 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56974 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56976 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56978 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56980 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56982 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56984 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56986 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56988 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56990 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56992 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56994 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56996 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 56998 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57000 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57002 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57004 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57006 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57008 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57010 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57012 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57014 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57016 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57018 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57020 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57022 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57024 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57026 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57028 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57030 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57032 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57034 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57036 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57038 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57040 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57042 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57044 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57046 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57048 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57050 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57052 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57054 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57056 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57058 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57060 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57062 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57064 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57066 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57068 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57070 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57072 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57074 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57076 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57078 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57080 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57082 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57084 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57086 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57088 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57090 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57092 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57094 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57096 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57098 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57100 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57102 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57104 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57106 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57108 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57110 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57112 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57114 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57116 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57118 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57120 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57122 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57124 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57126 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57128 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57130 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57132 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57134 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57136 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57138 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57140 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57142 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57144 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57146 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57148 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57150 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57152 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57154 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57156 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57158 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57160 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57162 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57164 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57166 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57168 -> 999
Source: unknown	Network traffic detected: HTTP traffic on port 57170 -> 999

Malware Analysis System Evasion

Source: /tmp/na.elf (PID: 5533)

Queries kernel information via 'uname':

Jump to behavior

Source: na.elf, 5533.1.00007ffe02d98000.00007ffe02db9000.rw-.sdmp	Binary or memory string: x86_64/usr/bin/qemu-arm/tmp/na.elfSUDO_USER=saturninoPATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/binDISPLAY=:1.0XAUTHORITY=/run/user/1000/gdm/XauthoritySUDO_UID=1000TERM=xterm-256colorCOLORTERM=truecolorLOGNAME=rootUSER=rootLANG=en_US.UTF-8SUDO_COMMAND=/bin/bashHOME=/rootMAIL=/var/mail/rootSUDO_GID=1000SHELL=/bin/bash/tmp/na.elf
Source: na.elf, 5533.1.0000564e272e7000.0000564e27415000.rw-.sdmp	Binary or memory string: /'NV!/etc/qemu-binfmt/arm
Source: na.elf, 5533.1.0000564e272e7000.0000564e27415000.rw-.sdmp	Binary or memory string: /etc/qemu-binfmt/arm
Source: na.elf, 5533.1.00007ffe02d98000.00007ffe02db9000.rw-.sdmp	Binary or memory string: /usr/bin/qemu-arm