Linux Analysis Report
jew.m68k.elf

Overview

General Information

Sample name:	jew.m68k.elf
Analysis ID:	1544652
MD5:	de6651fd6c4ea2b8f9586fda641851b4
SHA1:	801a85622ee84e7d5d1438c6c0fb5f8d1c2c1a79
SHA256:	c33fce1fcbbd8caf101ca1fef46edfdc79cb8f028b2eb4a0eece67f3a0af7c38
Tags:	elfuser-abuse_ch
Infos:

Detection

Score:	56
Range:	0 - 100
Whitelisted:	false

Signatures

Antivirus / Scanner detection for submitted sample

Multi AV Scanner detection for submitted file

Detected TCP or UDP traffic on non-standard ports

Sample has stripped symbol table

Sample listens on a socket

Tries to connect to HTTP servers, but all servers are down (expired dropper behavior)

Uses the "uname" system call to query kernel version information (possible evasion)

Classification

Signatures

AV Detection

Antivirus / Scanner detection for submitted sample

Source: jew.m68k.elf

Avira: detected

Multi AV Scanner detection for submitted file

Source: jew.m68k.elf

ReversingLabs: Detection: 55%

Detected TCP or UDP traffic on non-standard ports

Source: global traffic	TCP traffic: 192.168.2.23:55336 -> 147.45.79.174:9931
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 201.198.85.114:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 77.60.29.255:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 83.56.175.192:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 2.61.106.226:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 129.217.222.2:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 222.189.78.234:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 47.251.138.2:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 167.85.212.5:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 8.183.144.151:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 102.16.209.118:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 47.245.251.144:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 203.126.211.42:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 204.81.100.127:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 115.108.116.164:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 196.94.22.204:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 149.245.65.93:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 197.86.140.73:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 20.71.101.73:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 53.203.119.219:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 25.63.134.29:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 71.34.204.100:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 18.230.160.161:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 91.55.111.182:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 209.85.130.180:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 94.83.45.237:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 140.130.230.163:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 115.189.27.130:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 148.6.71.248:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 41.148.45.1:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 98.89.141.242:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 20.217.143.30:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 222.105.116.18:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 136.78.178.215:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 115.178.37.247:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 114.167.219.134:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 57.141.115.84:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 101.1.192.122:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 154.240.124.65:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 86.61.187.72:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 180.180.35.31:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 37.208.81.123:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 42.1.43.201:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 138.197.29.7:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 186.94.213.152:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 80.58.71.62:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 52.145.124.169:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 8.115.95.169:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 152.229.235.137:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 82.32.146.49:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 61.56.149.90:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 138.225.214.157:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 93.47.35.26:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 143.115.211.160:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 124.121.58.83:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 83.50.127.125:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 218.146.112.27:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 4.167.142.230:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 200.202.96.89:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 217.185.186.89:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 12.227.224.255:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 187.47.248.235:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 64.10.23.207:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 151.72.164.117:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 202.201.245.215:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 66.140.223.108:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 63.31.142.134:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 219.249.79.249:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 222.30.69.94:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 13.14.210.250:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 159.193.182.131:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 150.102.102.57:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 141.109.7.99:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 70.216.96.105:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 223.130.15.117:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 123.219.255.8:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 75.26.228.135:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 216.63.20.94:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 81.172.32.122:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 88.128.18.112:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 59.89.241.162:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 118.161.185.10:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 182.21.90.225:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 46.174.153.133:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 211.60.128.163:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 110.215.115.36:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 155.214.213.9:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 184.220.39.121:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 37.65.213.32:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 102.144.15.65:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 108.197.85.61:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 68.130.63.155:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 151.175.87.247:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 140.113.49.58:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 24.164.34.194:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 186.53.224.87:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 126.44.30.212:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 190.139.33.202:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 45.255.81.21:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 216.69.219.130:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 208.169.253.71:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 210.72.70.222:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 220.45.38.59:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 78.114.112.166:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 143.211.153.247:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 82.238.118.105:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 58.164.99.155:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 159.9.231.240:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 167.132.242.198:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 66.219.222.46:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 110.190.249.45:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 96.101.237.130:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 102.94.57.217:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 36.38.187.252:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 104.193.16.0:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 176.191.209.20:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 162.191.125.240:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 97.78.100.179:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 105.81.227.69:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 59.117.241.60:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 117.254.74.135:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 109.226.224.92:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 162.151.186.170:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 208.188.120.33:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 50.69.107.102:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 5.0.132.150:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 24.139.138.178:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 95.146.81.9:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 222.3.84.145:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 36.63.179.201:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 152.156.12.135:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 73.14.86.94:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 79.53.195.132:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 105.31.101.198:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 61.71.167.181:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 79.215.170.168:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 204.2.36.82:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 112.159.1.126:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 198.217.120.236:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 100.184.238.124:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 32.160.52.116:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 39.233.174.9:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 58.205.21.234:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 206.61.93.192:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 94.117.198.151:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 142.73.224.147:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 200.80.160.82:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 181.67.36.236:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 42.63.183.177:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 110.125.224.215:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 146.49.117.180:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 8.174.177.188:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 149.8.177.81:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 120.243.125.63:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 135.175.64.170:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 66.129.229.253:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 73.162.98.81:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 39.177.85.11:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 193.240.101.199:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 138.223.246.196:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 59.253.4.181:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 31.243.6.193:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 147.102.215.235:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 166.95.215.33:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 71.13.53.223:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 99.155.21.44:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 80.130.144.130:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 199.163.8.44:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 206.63.95.117:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 5.152.12.240:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 73.190.207.51:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 132.240.107.133:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 5.138.97.118:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 112.227.170.216:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 73.37.4.60:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 151.176.247.100:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 72.237.7.80:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 31.67.34.0:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 213.134.135.37:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 93.36.150.32:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 134.189.208.47:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 199.142.47.230:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 91.90.90.150:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 13.161.211.180:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 73.33.250.4:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 171.59.87.152:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 36.224.166.16:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 188.59.8.196:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 20.23.198.68:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 106.246.97.182:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 183.123.168.86:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 118.79.196.192:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 135.121.87.41:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 36.107.152.25:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 50.154.26.26:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 37.109.131.1:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 82.4.179.61:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 208.247.191.82:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 149.242.103.7:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 5.70.184.20:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 51.85.140.49:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 9.72.192.10:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 206.156.113.75:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 187.108.240.80:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 137.224.163.98:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 147.240.188.208:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 5.227.44.5:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 143.168.58.101:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 111.39.253.245:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 81.35.84.47:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 145.39.168.5:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 204.15.237.195:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 111.82.182.229:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 93.187.6.248:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 177.131.63.57:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 171.107.20.207:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 134.233.107.13:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 153.32.188.221:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 89.136.166.228:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 110.50.211.253:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 31.47.62.63:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 222.146.229.225:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 167.65.172.175:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 51.18.9.57:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 47.230.241.23:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 141.155.11.91:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 12.214.195.43:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 154.130.14.15:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 103.172.253.153:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 182.136.67.194:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 212.19.190.28:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 137.100.27.225:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 148.226.125.42:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 169.191.55.208:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 123.154.223.147:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 35.73.34.216:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 43.161.197.4:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 54.225.117.199:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 39.33.195.110:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 135.179.243.169:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 57.17.252.5:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 5.119.180.177:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 142.76.227.7:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 189.125.91.100:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 49.6.169.147:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 194.79.170.216:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 116.223.180.50:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 221.100.55.0:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 35.70.112.197:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 27.55.131.87:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 120.216.109.192:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 63.63.175.99:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 93.214.54.179:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 165.242.28.79:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 76.136.199.195:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 43.252.95.97:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 198.163.203.93:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 108.53.117.204:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 145.110.246.80:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 176.127.15.233:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 107.206.126.239:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 145.181.247.71:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 72.45.73.52:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 210.103.242.81:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 218.124.48.195:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 65.124.43.243:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 187.50.94.85:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 146.235.64.68:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 156.226.25.172:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 126.67.14.48:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 163.128.121.105:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 92.38.150.141:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 140.119.139.158:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 31.167.164.14:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 171.179.237.180:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 144.222.112.170:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 58.131.105.183:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 143.41.15.76:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 115.236.195.45:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 82.238.223.104:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 111.35.11.163:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 19.235.85.150:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 18.189.29.157:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 87.123.171.254:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 205.166.9.107:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 159.141.223.88:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 102.168.3.189:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 90.137.208.195:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 73.52.13.31:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 223.134.221.223:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 155.134.239.87:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 31.146.183.151:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 75.112.175.248:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 155.116.119.50:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 171.248.174.99:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 132.11.190.224:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 107.221.200.11:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 17.171.40.112:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 110.94.105.77:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 14.227.184.175:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 61.195.250.90:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 37.219.136.109:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 144.1.17.224:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 118.172.151.31:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 76.120.99.97:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 62.99.104.90:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 110.34.35.126:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 87.156.40.249:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 203.244.209.98:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 107.10.113.231:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 103.33.66.73:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 108.21.63.140:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 25.168.65.46:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 133.60.33.86:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 96.23.57.129:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 57.238.226.211:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 13.84.55.138:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 40.49.123.29:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 195.4.61.159:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 92.143.54.4:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 180.101.53.131:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 113.46.93.22:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 146.77.132.160:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 202.187.187.250:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 120.1.209.244:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 102.148.46.120:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 174.8.237.136:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 146.39.152.218:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 90.205.13.146:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 179.194.49.191:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 86.44.53.167:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 41.63.198.242:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 207.221.128.206:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 59.100.118.122:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 95.144.178.179:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 31.99.239.48:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 126.118.233.252:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 183.211.45.2:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 101.107.184.51:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 159.53.99.10:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 47.62.10.103:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 188.251.238.181:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 38.130.160.45:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 210.213.59.18:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 44.212.174.207:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 92.169.90.162:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 221.26.85.165:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 142.85.29.48:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 89.56.104.38:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 146.224.18.27:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 44.251.248.211:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 27.121.154.67:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 65.242.79.250:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 43.80.131.25:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 137.157.82.9:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 97.94.223.125:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 178.34.90.163:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 63.100.150.83:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 121.216.72.179:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 68.208.190.105:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 25.173.60.24:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 35.89.223.41:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 84.230.185.42:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 184.208.181.103:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 84.213.187.18:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 75.93.211.157:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 190.146.76.66:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 76.28.197.234:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 34.189.197.206:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 91.102.154.46:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 62.16.191.219:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 156.97.123.247:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 48.97.160.201:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 132.248.178.144:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 103.19.250.20:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 167.233.58.194:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 165.163.65.85:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 147.94.124.181:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 77.191.184.26:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 95.196.123.0:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 74.228.179.229:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 126.236.244.90:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 112.124.96.169:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 130.93.32.201:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 78.94.109.178:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 220.223.119.218:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 220.165.0.219:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 103.178.111.22:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 147.210.83.171:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 171.107.45.0:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 17.214.122.57:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 166.220.207.91:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 84.208.24.199:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 180.245.53.89:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 211.73.156.76:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 44.132.18.214:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 63.233.152.101:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 106.76.196.141:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 60.245.63.161:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 146.225.40.98:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 85.45.44.251:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 157.162.197.31:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 65.12.98.183:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 143.132.1.77:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 184.184.251.58:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 202.146.201.193:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 157.135.199.235:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 95.116.187.180:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 151.159.99.144:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 50.224.1.31:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 157.51.212.29:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 176.225.225.88:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 194.159.61.33:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 185.114.233.26:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 40.126.23.148:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 49.16.14.5:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 41.223.28.138:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 144.135.109.215:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 193.239.200.125:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 88.96.204.250:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 66.166.185.21:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 145.108.32.62:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 174.125.119.46:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 168.198.167.159:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 208.104.184.188:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 116.62.131.81:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 189.66.238.235:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 178.176.105.134:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 164.140.235.126:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 51.70.149.16:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 112.182.120.30:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 23.77.186.193:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 111.29.124.116:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 85.55.110.64:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 98.31.155.128:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 88.91.250.53:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 129.102.121.100:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 12.46.98.147:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 131.247.8.236:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 183.167.182.154:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 160.230.4.160:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 163.186.23.120:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 184.102.184.231:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 189.24.157.141:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 5.3.161.151:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 2.121.117.184:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 152.225.58.14:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 216.255.158.82:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 105.151.172.57:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 119.160.192.38:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 124.104.12.183:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 167.51.166.134:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 216.67.30.157:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 128.156.124.132:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 152.209.106.35:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 179.175.143.22:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 80.113.67.234:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 152.186.167.173:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 99.4.128.103:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 137.243.154.200:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 196.27.209.136:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 185.54.143.81:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 129.81.195.28:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 131.244.170.232:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 50.177.8.180:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 1.36.123.159:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 50.153.149.104:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 210.125.232.137:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 72.192.182.77:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 105.212.91.113:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 159.235.132.156:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 164.11.138.234:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 124.134.52.246:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 114.253.104.102:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 201.146.18.206:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 44.72.223.64:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 38.199.182.33:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 19.149.35.31:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 82.254.148.107:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 72.179.75.106:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 104.71.121.95:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 209.178.127.56:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 80.22.0.167:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 181.104.227.21:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 113.134.113.196:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 205.7.198.192:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 184.203.252.80:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 96.98.18.135:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 202.213.137.151:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 124.110.213.129:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 84.123.79.97:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 19.16.151.179:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 66.196.12.103:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 104.136.174.0:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 126.5.201.180:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 5.239.153.232:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 128.252.43.77:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 191.123.171.2:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 168.180.193.227:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 164.122.203.149:2323

Sample listens on a socket

Source: /tmp/jew.m68k.elf (PID: 6236)

Socket: 127.0.0.1:1926

Jump to behavior

Tries to connect to HTTP servers, but all servers are down (expired dropper behavior)

Source: global traffic	TCP traffic: 192.168.2.23:43928 -> 91.189.91.42:443
Source: global traffic	TCP traffic: 192.168.2.23:42836 -> 91.189.91.43:443
Source: global traffic	TCP traffic: 192.168.2.23:42516 -> 109.202.202.202:80

Source: unknown	TCP traffic detected without corresponding DNS query: 91.189.91.42
Source: unknown	TCP traffic detected without corresponding DNS query: 147.45.79.174
Source: unknown	TCP traffic detected without corresponding DNS query: 147.45.79.174
Source: unknown	TCP traffic detected without corresponding DNS query: 201.198.85.114
Source: unknown	TCP traffic detected without corresponding DNS query: 183.165.177.179
Source: unknown	TCP traffic detected without corresponding DNS query: 80.86.76.125
Source: unknown	TCP traffic detected without corresponding DNS query: 129.63.213.94
Source: unknown	TCP traffic detected without corresponding DNS query: 107.174.58.114
Source: unknown	TCP traffic detected without corresponding DNS query: 181.123.42.166
Source: unknown	TCP traffic detected without corresponding DNS query: 27.2.207.140
Source: unknown	TCP traffic detected without corresponding DNS query: 166.67.119.183
Source: unknown	TCP traffic detected without corresponding DNS query: 53.46.154.27
Source: unknown	TCP traffic detected without corresponding DNS query: 77.60.29.255
Source: unknown	TCP traffic detected without corresponding DNS query: 130.29.52.189
Source: unknown	TCP traffic detected without corresponding DNS query: 183.206.4.106
Source: unknown	TCP traffic detected without corresponding DNS query: 182.255.178.208
Source: unknown	TCP traffic detected without corresponding DNS query: 138.26.85.166
Source: unknown	TCP traffic detected without corresponding DNS query: 108.220.194.129
Source: unknown	TCP traffic detected without corresponding DNS query: 212.43.144.201
Source: unknown	TCP traffic detected without corresponding DNS query: 13.27.7.245
Source: unknown	TCP traffic detected without corresponding DNS query: 83.56.175.192
Source: unknown	TCP traffic detected without corresponding DNS query: 98.217.137.102
Source: unknown	TCP traffic detected without corresponding DNS query: 61.133.115.226
Source: unknown	TCP traffic detected without corresponding DNS query: 195.16.153.234
Source: unknown	TCP traffic detected without corresponding DNS query: 47.0.87.186
Source: unknown	TCP traffic detected without corresponding DNS query: 5.236.113.255
Source: unknown	TCP traffic detected without corresponding DNS query: 113.6.232.235
Source: unknown	TCP traffic detected without corresponding DNS query: 120.161.79.95
Source: unknown	TCP traffic detected without corresponding DNS query: 98.196.126.184
Source: unknown	TCP traffic detected without corresponding DNS query: 2.61.106.226
Source: unknown	TCP traffic detected without corresponding DNS query: 46.213.220.33
Source: unknown	TCP traffic detected without corresponding DNS query: 191.131.42.109
Source: unknown	TCP traffic detected without corresponding DNS query: 106.153.125.53
Source: unknown	TCP traffic detected without corresponding DNS query: 157.76.254.160
Source: unknown	TCP traffic detected without corresponding DNS query: 213.160.106.179
Source: unknown	TCP traffic detected without corresponding DNS query: 164.85.132.203
Source: unknown	TCP traffic detected without corresponding DNS query: 220.136.30.216
Source: unknown	TCP traffic detected without corresponding DNS query: 58.124.223.126
Source: unknown	TCP traffic detected without corresponding DNS query: 59.1.69.160
Source: unknown	TCP traffic detected without corresponding DNS query: 131.146.249.114
Source: unknown	TCP traffic detected without corresponding DNS query: 129.217.222.2
Source: unknown	TCP traffic detected without corresponding DNS query: 68.23.141.91
Source: unknown	TCP traffic detected without corresponding DNS query: 206.234.251.122
Source: unknown	TCP traffic detected without corresponding DNS query: 74.80.55.83
Source: unknown	TCP traffic detected without corresponding DNS query: 112.150.239.214
Source: unknown	TCP traffic detected without corresponding DNS query: 220.59.174.7
Source: unknown	TCP traffic detected without corresponding DNS query: 94.162.95.20
Source: unknown	TCP traffic detected without corresponding DNS query: 219.232.73.227
Source: unknown	TCP traffic detected without corresponding DNS query: 164.58.101.158
Source: unknown	TCP traffic detected without corresponding DNS query: 140.85.237.68

Source: unknown	Network traffic detected: HTTP traffic on port 43928 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 42836 -> 443

Sample has stripped symbol table

Source: ELF static info symbol of initial sample

.symtab present: no

Source: classification engine

Classification label: mal56.linELF@0/0@0/0

Uses the "uname" system call to query kernel version information (possible evasion)

Source: /tmp/jew.m68k.elf (PID: 6236)

Queries kernel information via 'uname':

Jump to behavior

Source: jew.m68k.elf, 6236.1.00007ffd8c2ee000.00007ffd8c30f000.rw-.sdmp, jew.m68k.elf, 6238.1.00007ffd8c2ee000.00007ffd8c30f000.rw-.sdmp, jew.m68k.elf, 6241.1.00007ffd8c2ee000.00007ffd8c30f000.rw-.sdmp	Binary or memory string: F;Zx86_64/usr/bin/qemu-m68k/tmp/jew.m68k.elfSUDO_USER=saturninoPATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/binDISPLAY=:1.0XAUTHORITY=/run/user/1000/gdm/XauthoritySUDO_UID=1000TERM=xterm-256colorCOLORTERM=truecolorLOGNAME=rootUSER=rootLANG=en_US.UTF-8SUDO_COMMAND=/bin/bashHOME=/rootMAIL=/var/mail/rootSUDO_GID=1000SHELL=/bin/bash/tmp/jew.m68k.elf
Source: jew.m68k.elf, 6236.1.0000564b29b05000.0000564b29b8a000.rw-.sdmp, jew.m68k.elf, 6238.1.0000564b29b05000.0000564b29b8a000.rw-.sdmp, jew.m68k.elf, 6241.1.0000564b29b05000.0000564b29b8a000.rw-.sdmp	Binary or memory string: )KV!/etc/qemu-binfmt/m68k
Source: jew.m68k.elf, 6236.1.00007ffd8c2ee000.00007ffd8c30f000.rw-.sdmp, jew.m68k.elf, 6238.1.00007ffd8c2ee000.00007ffd8c30f000.rw-.sdmp, jew.m68k.elf, 6241.1.00007ffd8c2ee000.00007ffd8c30f000.rw-.sdmp	Binary or memory string: /usr/bin/qemu-m68k
Source: jew.m68k.elf, 6236.1.0000564b29b05000.0000564b29b8a000.rw-.sdmp, jew.m68k.elf, 6238.1.0000564b29b05000.0000564b29b8a000.rw-.sdmp, jew.m68k.elf, 6241.1.0000564b29b05000.0000564b29b8a000.rw-.sdmp	Binary or memory string: /etc/qemu-binfmt/m68k

Screenshots

No Screenshots

Network Map

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Contacted Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
92.120.202.82	unknown	Netherlands	60142	NXP-INTERNETNL	false
181.47.141.73	unknown	Argentina	27747	TelecentroSAAR	false
138.94.233.127	unknown	Brazil	262887	RAPIXINTERNETBR	false
196.211.163.153	unknown	South Africa	3741	ISZA	false
92.81.53.95	unknown	Romania	9050	RTDBucharestRomaniaRO	false
8.63.149.77	unknown	United States	3356	LEVEL3US	false
184.183.116.0	unknown	United States	22773	ASN-CXA-ALL-CCI-22773-RDCUS	false
199.57.247.183	unknown	United States	721	DNIC-ASBLK-00721-00726US	false
76.86.29.145	unknown	United States	20001	TWC-20001-PACWESTUS	false
119.80.69.209	unknown	China	17858	POWERVIS-AS-KRLGPOWERCOMMKR	false
179.1.131.235	unknown	Colombia	18678	INTERNEXASAESPCO	false
185.205.239.216	unknown	Russian Federation	205236	GIPERCOM-NETISPGipercomRU	false
111.77.231.73	unknown	China	4134	CHINANET-BACKBONENo31Jin-rongStreetCN	false
160.65.3.110	unknown	United States	715	WOODYNET-2US	false
46.184.62.38	unknown	Saudi Arabia	47794	ATHEEB-ASSA	false
154.130.248.177	unknown	Egypt	37069	MOBINILEG	false
98.245.199.192	unknown	United States	7922	COMCAST-7922US	false
166.78.21.75	unknown	United States	33070	RMH-14US	false
115.201.41.153	unknown	China	4134	CHINANET-BACKBONENo31Jin-rongStreetCN	false
60.240.68.178	unknown	Australia	7545	TPG-INTERNET-APTPGTelecomLimitedAU	false
147.155.164.62	unknown	United States	2640	AMESLAB-ASUS	false
222.40.190.165	unknown	China	63711	CTTNETChinaTieTongTelecommunicationsCorporationCN	false
186.248.253.4	unknown	Brazil	23106	AMERICANTOWERDOBRASIL-COMUNICACAOMULTIMIDIALTBR	false
144.10.129.183	unknown	United States	58541	CHINATELECOM-SHANDONG-QINGDAO-IDCQingdao266000CN	false
187.169.123.216	unknown	Mexico	8151	UninetSAdeCVMX	false
49.9.5.186	unknown	Korea Republic of	9858	KRNICNETKoreaInternetSecurityAgencyKR	false
211.81.58.228	unknown	China	4538	ERX-CERNET-BKBChinaEducationandResearchNetworkCenter	false
152.163.91.74	unknown	United States	12129	123NETUS	false
191.65.185.140	unknown	Colombia	26611	COMCELSACO	false
84.164.81.239	unknown	Germany	3320	DTAGInternetserviceprovideroperationsDE	false
201.135.206.204	unknown	Mexico	8151	UninetSAdeCVMX	false
2.120.110.86	unknown	United Kingdom	5607	BSKYB-BROADBAND-ASGB	false
37.8.194.41	unknown	Poland	29314	VECTRANET-ASAlZwyciestwa25381-525GdyniaPolandPL	false
45.106.6.100	unknown	Egypt	37069	MOBINILEG	false
121.94.250.120	unknown	Japan	2510	INFOWEBFUJITSULIMITEDJP	false
119.128.234.204	unknown	China	4134	CHINANET-BACKBONENo31Jin-rongStreetCN	false
115.156.229.40	unknown	China	4538	ERX-CERNET-BKBChinaEducationandResearchNetworkCenter	false
123.211.158.123	unknown	Australia	1221	ASN-TELSTRATelstraCorporationLtdAU	false
68.43.185.247	unknown	United States	7922	COMCAST-7922US	false
31.77.234.33	unknown	United Kingdom	12576	EELtdGB	false
119.189.161.218	unknown	China	4837	CHINA169-BACKBONECHINAUNICOMChina169BackboneCN	false
57.105.102.17	unknown	Belgium	51964	ORANGE-BUSINESS-SERVICES-IPSN-ASNFR	false
140.19.186.218	unknown	United States	27064	DNIC-ASBLK-27032-27159US	false
5.137.136.54	unknown	Russian Federation	12389	ROSTELECOM-ASRU	false
134.124.147.114	unknown	United States	46832	UNIVERSITY-OF-MISSOURI-SYSTEM-INTER-CAMPUS-NETWORKUS	false
14.188.62.1	unknown	Viet Nam	45899	VNPT-AS-VNVNPTCorpVN	false
213.199.213.214	unknown	Poland	25070	COMARCH-ASPL	false
159.145.222.140	unknown	United States	1226	CTA-42-AS1226US	false
140.168.85.20	unknown	Australia	45867	CBA-NON-AS-APCommonwealthBankofAustraliaAU	false
158.121.83.223	unknown	United States	1968	UMASSP-DOMUS	false
32.115.123.163	unknown	United States	2685	ATGS-MMD-ASUS	false
98.129.21.26	unknown	United States	33070	RMH-14US	false
138.30.225.128	unknown	Japan	600	OARNET-ASUS	false
8.138.48.191	unknown	Singapore	37963	CNNIC-ALIBABA-CN-NET-APHangzhouAlibabaAdvertisingCoLtd	false
12.127.242.196	unknown	United States	7018	ATT-INTERNET4US	false
189.95.122.232	unknown	Brazil	22085	ClaroSABR	false
71.60.183.162	unknown	United States	7922	COMCAST-7922US	false
38.72.55.208	unknown	United States	174	COGENT-174US	false
193.28.163.70	unknown	Germany	41086	N-ERGIE-IT-NBG-ASDE	false
1.31.208.160	unknown	China	139007	UNICOM-NM-WULANCHABU-IDCUNICOMInnerMongoliaprovincenetwo	false
204.91.250.130	unknown	United States	2828	XO-AS15US	false
36.175.118.22	unknown	China	9808	CMNET-GDGuangdongMobileCommunicationCoLtdCN	false
124.109.15.64	unknown	Micronesia Federated States of	38875	AS38875FSMTelecommunicationsCorporationFM	false
114.10.180.93	unknown	Indonesia	56046	CMNET-JIANGSU-APChinaMobilecommunicationscorporationCN	false
37.129.166.105	unknown	Iran (ISLAMIC Republic Of)	197207	MCCI-ASIR	false
41.198.255.199	unknown	South Africa	328306	Avanti-ASZA	false
112.149.0.189	unknown	Korea Republic of	17858	POWERVIS-AS-KRLGPOWERCOMMKR	false
32.177.40.123	unknown	United States	20057	ATT-MOBILITY-LLC-AS20057US	false
143.28.20.72	unknown	United States	264008	LANCAMANTOANISERVICOSDEINFORMATICALTDA-MEBR	false
63.112.167.81	unknown	United States	701	UUNETUS	false
70.178.160.119	unknown	United States	22773	ASN-CXA-ALL-CCI-22773-RDCUS	false
79.11.71.255	unknown	Italy	3269	ASN-IBSNAZIT	false
161.153.72.31	unknown	United States	9328	DATACOM-AUDATACOMSYSTEMSAUPTYLTDAU	false
75.212.253.196	unknown	United States	22394	CELLCOUS	false
69.236.77.43	unknown	United States	7018	ATT-INTERNET4US	false
94.159.171.176	unknown	Israel	12400	PARTNER-ASIL	false
209.231.125.134	unknown	United States	7029	WINDSTREAMUS	false
175.117.249.108	unknown	Korea Republic of	9318	SKB-ASSKBroadbandCoLtdKR	false
139.183.105.189	unknown	China	2152	CSUNET-NWUS	false
138.241.35.50	unknown	United States	12980	EMEAHostingAutonomousSystemEU	false
221.19.4.3	unknown	Japan	17676	GIGAINFRASoftbankBBCorpJP	false
25.145.112.14	unknown	United Kingdom	7922	COMCAST-7922US	false
220.58.151.79	unknown	Japan	17676	GIGAINFRASoftbankBBCorpJP	false
218.10.88.1	unknown	China	4837	CHINA169-BACKBONECHINAUNICOMChina169BackboneCN	false
31.205.83.219	unknown	United Kingdom	41230	ASK4GB	false
143.225.102.28	unknown	Italy	137	ASGARRConsortiumGARREU	false
154.122.32.115	unknown	Kenya	12455	JAMBONETKE	false
189.153.240.231	unknown	Mexico	8151	UninetSAdeCVMX	false
152.36.142.151	unknown	United States	81	NCRENUS	false
115.120.201.254	unknown	China	4847	CNIX-APChinaNetworksInter-ExchangeCN	false
166.126.15.112	unknown	United States	30488	SPRINGSUS	false
142.98.183.207	unknown	Canada	5769	VIDEOTRONCA	false
4.213.66.36	unknown	United States	3356	LEVEL3US	false
174.55.235.148	unknown	United States	7922	COMCAST-7922US	false
47.146.30.144	unknown	United States	5650	FRONTIER-FRTRUS	false
123.160.105.191	unknown	China	4134	CHINANET-BACKBONENo31Jin-rongStreetCN	false
43.65.121.164	unknown	Japan	4249	LILLY-ASUS	false
106.223.67.129	unknown	India	45609	BHARTI-MOBILITY-AS-APBhartiAirtelLtdASforGPRSService	false
134.52.135.47	unknown	United States	1736	MU-ASUS	false
82.67.203.151	unknown	France	12322	PROXADFR	false

AV Detection

Antivirus / Scanner detection for submitted sample

Source: jew.m68k.elf

Avira: detected

Multi AV Scanner detection for submitted file

Source: jew.m68k.elf

ReversingLabs: Detection: 55%

Detected TCP or UDP traffic on non-standard ports

Source: global traffic	TCP traffic: 192.168.2.23:55336 -> 147.45.79.174:9931
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 201.198.85.114:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 77.60.29.255:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 83.56.175.192:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 2.61.106.226:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 129.217.222.2:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 222.189.78.234:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 47.251.138.2:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 167.85.212.5:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 8.183.144.151:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 102.16.209.118:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 47.245.251.144:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 203.126.211.42:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 204.81.100.127:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 115.108.116.164:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 196.94.22.204:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 149.245.65.93:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 197.86.140.73:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 20.71.101.73:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 53.203.119.219:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 25.63.134.29:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 71.34.204.100:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 18.230.160.161:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 91.55.111.182:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 209.85.130.180:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 94.83.45.237:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 140.130.230.163:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 115.189.27.130:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 148.6.71.248:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 41.148.45.1:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 98.89.141.242:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 20.217.143.30:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 222.105.116.18:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 136.78.178.215:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 115.178.37.247:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 114.167.219.134:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 57.141.115.84:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 101.1.192.122:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 154.240.124.65:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 86.61.187.72:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 180.180.35.31:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 37.208.81.123:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 42.1.43.201:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 138.197.29.7:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 186.94.213.152:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 80.58.71.62:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 52.145.124.169:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 8.115.95.169:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 152.229.235.137:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 82.32.146.49:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 61.56.149.90:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 138.225.214.157:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 93.47.35.26:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 143.115.211.160:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 124.121.58.83:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 83.50.127.125:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 218.146.112.27:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 4.167.142.230:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 200.202.96.89:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 217.185.186.89:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 12.227.224.255:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 187.47.248.235:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 64.10.23.207:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 151.72.164.117:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 202.201.245.215:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 66.140.223.108:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 63.31.142.134:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 219.249.79.249:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 222.30.69.94:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 13.14.210.250:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 159.193.182.131:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 150.102.102.57:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 141.109.7.99:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 70.216.96.105:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 223.130.15.117:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 123.219.255.8:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 75.26.228.135:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 216.63.20.94:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 81.172.32.122:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 88.128.18.112:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 59.89.241.162:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 118.161.185.10:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 182.21.90.225:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 46.174.153.133:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 211.60.128.163:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 110.215.115.36:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 155.214.213.9:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 184.220.39.121:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 37.65.213.32:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 102.144.15.65:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 108.197.85.61:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 68.130.63.155:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 151.175.87.247:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 140.113.49.58:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 24.164.34.194:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 186.53.224.87:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 126.44.30.212:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 190.139.33.202:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 45.255.81.21:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 216.69.219.130:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 208.169.253.71:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 210.72.70.222:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 220.45.38.59:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 78.114.112.166:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 143.211.153.247:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 82.238.118.105:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 58.164.99.155:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 159.9.231.240:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 167.132.242.198:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 66.219.222.46:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 110.190.249.45:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 96.101.237.130:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 102.94.57.217:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 36.38.187.252:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 104.193.16.0:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 176.191.209.20:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 162.191.125.240:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 97.78.100.179:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 105.81.227.69:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 59.117.241.60:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 117.254.74.135:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 109.226.224.92:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 162.151.186.170:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 208.188.120.33:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 50.69.107.102:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 5.0.132.150:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 24.139.138.178:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 95.146.81.9:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 222.3.84.145:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 36.63.179.201:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 152.156.12.135:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 73.14.86.94:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 79.53.195.132:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 105.31.101.198:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 61.71.167.181:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 79.215.170.168:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 204.2.36.82:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 112.159.1.126:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 198.217.120.236:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 100.184.238.124:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 32.160.52.116:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 39.233.174.9:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 58.205.21.234:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 206.61.93.192:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 94.117.198.151:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 142.73.224.147:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 200.80.160.82:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 181.67.36.236:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 42.63.183.177:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 110.125.224.215:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 146.49.117.180:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 8.174.177.188:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 149.8.177.81:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 120.243.125.63:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 135.175.64.170:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 66.129.229.253:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 73.162.98.81:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 39.177.85.11:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 193.240.101.199:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 138.223.246.196:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 59.253.4.181:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 31.243.6.193:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 147.102.215.235:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 166.95.215.33:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 71.13.53.223:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 99.155.21.44:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 80.130.144.130:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 199.163.8.44:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 206.63.95.117:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 5.152.12.240:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 73.190.207.51:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 132.240.107.133:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 5.138.97.118:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 112.227.170.216:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 73.37.4.60:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 151.176.247.100:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 72.237.7.80:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 31.67.34.0:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 213.134.135.37:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 93.36.150.32:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 134.189.208.47:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 199.142.47.230:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 91.90.90.150:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 13.161.211.180:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 73.33.250.4:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 171.59.87.152:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 36.224.166.16:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 188.59.8.196:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 20.23.198.68:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 106.246.97.182:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 183.123.168.86:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 118.79.196.192:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 135.121.87.41:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 36.107.152.25:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 50.154.26.26:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 37.109.131.1:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 82.4.179.61:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 208.247.191.82:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 149.242.103.7:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 5.70.184.20:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 51.85.140.49:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 9.72.192.10:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 206.156.113.75:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 187.108.240.80:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 137.224.163.98:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 147.240.188.208:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 5.227.44.5:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 143.168.58.101:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 111.39.253.245:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 81.35.84.47:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 145.39.168.5:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 204.15.237.195:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 111.82.182.229:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 93.187.6.248:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 177.131.63.57:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 171.107.20.207:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 134.233.107.13:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 153.32.188.221:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 89.136.166.228:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 110.50.211.253:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 31.47.62.63:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 222.146.229.225:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 167.65.172.175:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 51.18.9.57:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 47.230.241.23:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 141.155.11.91:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 12.214.195.43:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 154.130.14.15:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 103.172.253.153:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 182.136.67.194:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 212.19.190.28:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 137.100.27.225:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 148.226.125.42:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 169.191.55.208:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 123.154.223.147:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 35.73.34.216:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 43.161.197.4:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 54.225.117.199:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 39.33.195.110:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 135.179.243.169:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 57.17.252.5:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 5.119.180.177:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 142.76.227.7:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 189.125.91.100:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 49.6.169.147:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 194.79.170.216:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 116.223.180.50:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 221.100.55.0:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 35.70.112.197:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 27.55.131.87:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 120.216.109.192:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 63.63.175.99:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 93.214.54.179:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 165.242.28.79:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 76.136.199.195:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 43.252.95.97:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 198.163.203.93:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 108.53.117.204:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 145.110.246.80:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 176.127.15.233:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 107.206.126.239:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 145.181.247.71:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 72.45.73.52:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 210.103.242.81:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 218.124.48.195:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 65.124.43.243:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 187.50.94.85:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 146.235.64.68:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 156.226.25.172:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 126.67.14.48:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 163.128.121.105:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 92.38.150.141:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 140.119.139.158:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 31.167.164.14:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 171.179.237.180:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 144.222.112.170:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 58.131.105.183:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 143.41.15.76:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 115.236.195.45:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 82.238.223.104:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 111.35.11.163:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 19.235.85.150:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 18.189.29.157:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 87.123.171.254:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 205.166.9.107:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 159.141.223.88:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 102.168.3.189:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 90.137.208.195:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 73.52.13.31:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 223.134.221.223:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 155.134.239.87:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 31.146.183.151:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 75.112.175.248:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 155.116.119.50:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 171.248.174.99:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 132.11.190.224:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 107.221.200.11:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 17.171.40.112:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 110.94.105.77:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 14.227.184.175:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 61.195.250.90:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 37.219.136.109:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 144.1.17.224:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 118.172.151.31:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 76.120.99.97:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 62.99.104.90:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 110.34.35.126:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 87.156.40.249:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 203.244.209.98:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 107.10.113.231:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 103.33.66.73:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 108.21.63.140:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 25.168.65.46:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 133.60.33.86:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 96.23.57.129:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 57.238.226.211:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 13.84.55.138:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 40.49.123.29:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 195.4.61.159:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 92.143.54.4:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 180.101.53.131:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 113.46.93.22:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 146.77.132.160:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 202.187.187.250:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 120.1.209.244:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 102.148.46.120:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 174.8.237.136:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 146.39.152.218:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 90.205.13.146:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 179.194.49.191:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 86.44.53.167:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 41.63.198.242:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 207.221.128.206:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 59.100.118.122:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 95.144.178.179:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 31.99.239.48:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 126.118.233.252:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 183.211.45.2:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 101.107.184.51:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 159.53.99.10:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 47.62.10.103:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 188.251.238.181:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 38.130.160.45:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 210.213.59.18:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 44.212.174.207:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 92.169.90.162:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 221.26.85.165:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 142.85.29.48:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 89.56.104.38:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 146.224.18.27:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 44.251.248.211:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 27.121.154.67:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 65.242.79.250:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 43.80.131.25:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 137.157.82.9:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 97.94.223.125:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 178.34.90.163:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 63.100.150.83:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 121.216.72.179:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 68.208.190.105:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 25.173.60.24:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 35.89.223.41:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 84.230.185.42:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 184.208.181.103:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 84.213.187.18:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 75.93.211.157:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 190.146.76.66:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 76.28.197.234:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 34.189.197.206:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 91.102.154.46:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 62.16.191.219:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 156.97.123.247:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 48.97.160.201:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 132.248.178.144:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 103.19.250.20:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 167.233.58.194:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 165.163.65.85:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 147.94.124.181:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 77.191.184.26:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 95.196.123.0:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 74.228.179.229:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 126.236.244.90:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 112.124.96.169:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 130.93.32.201:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 78.94.109.178:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 220.223.119.218:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 220.165.0.219:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 103.178.111.22:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 147.210.83.171:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 171.107.45.0:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 17.214.122.57:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 166.220.207.91:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 84.208.24.199:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 180.245.53.89:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 211.73.156.76:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 44.132.18.214:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 63.233.152.101:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 106.76.196.141:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 60.245.63.161:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 146.225.40.98:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 85.45.44.251:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 157.162.197.31:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 65.12.98.183:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 143.132.1.77:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 184.184.251.58:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 202.146.201.193:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 157.135.199.235:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 95.116.187.180:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 151.159.99.144:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 50.224.1.31:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 157.51.212.29:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 176.225.225.88:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 194.159.61.33:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 185.114.233.26:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 40.126.23.148:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 49.16.14.5:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 41.223.28.138:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 144.135.109.215:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 193.239.200.125:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 88.96.204.250:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 66.166.185.21:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 145.108.32.62:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 174.125.119.46:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 168.198.167.159:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 208.104.184.188:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 116.62.131.81:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 189.66.238.235:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 178.176.105.134:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 164.140.235.126:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 51.70.149.16:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 112.182.120.30:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 23.77.186.193:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 111.29.124.116:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 85.55.110.64:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 98.31.155.128:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 88.91.250.53:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 129.102.121.100:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 12.46.98.147:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 131.247.8.236:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 183.167.182.154:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 160.230.4.160:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 163.186.23.120:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 184.102.184.231:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 189.24.157.141:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 5.3.161.151:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 2.121.117.184:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 152.225.58.14:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 216.255.158.82:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 105.151.172.57:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 119.160.192.38:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 124.104.12.183:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 167.51.166.134:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 216.67.30.157:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 128.156.124.132:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 152.209.106.35:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 179.175.143.22:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 80.113.67.234:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 152.186.167.173:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 99.4.128.103:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 137.243.154.200:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 196.27.209.136:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 185.54.143.81:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 129.81.195.28:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 131.244.170.232:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 50.177.8.180:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 1.36.123.159:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 50.153.149.104:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 210.125.232.137:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 72.192.182.77:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 105.212.91.113:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 159.235.132.156:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 164.11.138.234:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 124.134.52.246:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 114.253.104.102:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 201.146.18.206:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 44.72.223.64:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 38.199.182.33:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 19.149.35.31:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 82.254.148.107:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 72.179.75.106:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 104.71.121.95:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 209.178.127.56:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 80.22.0.167:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 181.104.227.21:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 113.134.113.196:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 205.7.198.192:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 184.203.252.80:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 96.98.18.135:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 202.213.137.151:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 124.110.213.129:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 84.123.79.97:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 19.16.151.179:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 66.196.12.103:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 104.136.174.0:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 126.5.201.180:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 5.239.153.232:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 128.252.43.77:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 191.123.171.2:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 168.180.193.227:2323
Source: global traffic	TCP traffic: 192.168.2.23:18704 -> 164.122.203.149:2323

Sample listens on a socket

Source: /tmp/jew.m68k.elf (PID: 6236)

Socket: 127.0.0.1:1926

Jump to behavior

Tries to connect to HTTP servers, but all servers are down (expired dropper behavior)

Source: global traffic	TCP traffic: 192.168.2.23:43928 -> 91.189.91.42:443
Source: global traffic	TCP traffic: 192.168.2.23:42836 -> 91.189.91.43:443
Source: global traffic	TCP traffic: 192.168.2.23:42516 -> 109.202.202.202:80

Source: unknown	TCP traffic detected without corresponding DNS query: 91.189.91.42
Source: unknown	TCP traffic detected without corresponding DNS query: 147.45.79.174
Source: unknown	TCP traffic detected without corresponding DNS query: 147.45.79.174
Source: unknown	TCP traffic detected without corresponding DNS query: 201.198.85.114
Source: unknown	TCP traffic detected without corresponding DNS query: 183.165.177.179
Source: unknown	TCP traffic detected without corresponding DNS query: 80.86.76.125
Source: unknown	TCP traffic detected without corresponding DNS query: 129.63.213.94
Source: unknown	TCP traffic detected without corresponding DNS query: 107.174.58.114
Source: unknown	TCP traffic detected without corresponding DNS query: 181.123.42.166
Source: unknown	TCP traffic detected without corresponding DNS query: 27.2.207.140
Source: unknown	TCP traffic detected without corresponding DNS query: 166.67.119.183
Source: unknown	TCP traffic detected without corresponding DNS query: 53.46.154.27
Source: unknown	TCP traffic detected without corresponding DNS query: 77.60.29.255
Source: unknown	TCP traffic detected without corresponding DNS query: 130.29.52.189
Source: unknown	TCP traffic detected without corresponding DNS query: 183.206.4.106
Source: unknown	TCP traffic detected without corresponding DNS query: 182.255.178.208
Source: unknown	TCP traffic detected without corresponding DNS query: 138.26.85.166
Source: unknown	TCP traffic detected without corresponding DNS query: 108.220.194.129
Source: unknown	TCP traffic detected without corresponding DNS query: 212.43.144.201
Source: unknown	TCP traffic detected without corresponding DNS query: 13.27.7.245
Source: unknown	TCP traffic detected without corresponding DNS query: 83.56.175.192
Source: unknown	TCP traffic detected without corresponding DNS query: 98.217.137.102
Source: unknown	TCP traffic detected without corresponding DNS query: 61.133.115.226
Source: unknown	TCP traffic detected without corresponding DNS query: 195.16.153.234
Source: unknown	TCP traffic detected without corresponding DNS query: 47.0.87.186
Source: unknown	TCP traffic detected without corresponding DNS query: 5.236.113.255
Source: unknown	TCP traffic detected without corresponding DNS query: 113.6.232.235
Source: unknown	TCP traffic detected without corresponding DNS query: 120.161.79.95
Source: unknown	TCP traffic detected without corresponding DNS query: 98.196.126.184
Source: unknown	TCP traffic detected without corresponding DNS query: 2.61.106.226
Source: unknown	TCP traffic detected without corresponding DNS query: 46.213.220.33
Source: unknown	TCP traffic detected without corresponding DNS query: 191.131.42.109
Source: unknown	TCP traffic detected without corresponding DNS query: 106.153.125.53
Source: unknown	TCP traffic detected without corresponding DNS query: 157.76.254.160
Source: unknown	TCP traffic detected without corresponding DNS query: 213.160.106.179
Source: unknown	TCP traffic detected without corresponding DNS query: 164.85.132.203
Source: unknown	TCP traffic detected without corresponding DNS query: 220.136.30.216
Source: unknown	TCP traffic detected without corresponding DNS query: 58.124.223.126
Source: unknown	TCP traffic detected without corresponding DNS query: 59.1.69.160
Source: unknown	TCP traffic detected without corresponding DNS query: 131.146.249.114
Source: unknown	TCP traffic detected without corresponding DNS query: 129.217.222.2
Source: unknown	TCP traffic detected without corresponding DNS query: 68.23.141.91
Source: unknown	TCP traffic detected without corresponding DNS query: 206.234.251.122
Source: unknown	TCP traffic detected without corresponding DNS query: 74.80.55.83
Source: unknown	TCP traffic detected without corresponding DNS query: 112.150.239.214
Source: unknown	TCP traffic detected without corresponding DNS query: 220.59.174.7
Source: unknown	TCP traffic detected without corresponding DNS query: 94.162.95.20
Source: unknown	TCP traffic detected without corresponding DNS query: 219.232.73.227
Source: unknown	TCP traffic detected without corresponding DNS query: 164.58.101.158
Source: unknown	TCP traffic detected without corresponding DNS query: 140.85.237.68

Source: unknown	Network traffic detected: HTTP traffic on port 43928 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 42836 -> 443

Sample has stripped symbol table

Source: ELF static info symbol of initial sample

.symtab present: no

Source: classification engine

Classification label: mal56.linELF@0/0@0/0

Uses the "uname" system call to query kernel version information (possible evasion)

Source: /tmp/jew.m68k.elf (PID: 6236)

Queries kernel information via 'uname':

Jump to behavior

Source: jew.m68k.elf, 6236.1.00007ffd8c2ee000.00007ffd8c30f000.rw-.sdmp, jew.m68k.elf, 6238.1.00007ffd8c2ee000.00007ffd8c30f000.rw-.sdmp, jew.m68k.elf, 6241.1.00007ffd8c2ee000.00007ffd8c30f000.rw-.sdmp	Binary or memory string: F;Zx86_64/usr/bin/qemu-m68k/tmp/jew.m68k.elfSUDO_USER=saturninoPATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/binDISPLAY=:1.0XAUTHORITY=/run/user/1000/gdm/XauthoritySUDO_UID=1000TERM=xterm-256colorCOLORTERM=truecolorLOGNAME=rootUSER=rootLANG=en_US.UTF-8SUDO_COMMAND=/bin/bashHOME=/rootMAIL=/var/mail/rootSUDO_GID=1000SHELL=/bin/bash/tmp/jew.m68k.elf
Source: jew.m68k.elf, 6236.1.0000564b29b05000.0000564b29b8a000.rw-.sdmp, jew.m68k.elf, 6238.1.0000564b29b05000.0000564b29b8a000.rw-.sdmp, jew.m68k.elf, 6241.1.0000564b29b05000.0000564b29b8a000.rw-.sdmp	Binary or memory string: )KV!/etc/qemu-binfmt/m68k
Source: jew.m68k.elf, 6236.1.00007ffd8c2ee000.00007ffd8c30f000.rw-.sdmp, jew.m68k.elf, 6238.1.00007ffd8c2ee000.00007ffd8c30f000.rw-.sdmp, jew.m68k.elf, 6241.1.00007ffd8c2ee000.00007ffd8c30f000.rw-.sdmp	Binary or memory string: /usr/bin/qemu-m68k
Source: jew.m68k.elf, 6236.1.0000564b29b05000.0000564b29b8a000.rw-.sdmp, jew.m68k.elf, 6238.1.0000564b29b05000.0000564b29b8a000.rw-.sdmp, jew.m68k.elf, 6241.1.0000564b29b05000.0000564b29b8a000.rw-.sdmp	Binary or memory string: /etc/qemu-binfmt/m68k

ID:	1544652
Product:	CloudBasic
Start time:	17:05:42
Start date:	29.10.2024
Sample:	jew.m68k.elf
Cookbook:	defaultlinuxfilecookbook.jbs
System description:	Ubuntu Linux 20.04 x64 (Kernel 5.4.0-72, Firefox 91.0, Evince Document Viewer 3.36.10, LibreOffice 6.4.7.2, OpenJDK 11.0.11)
Architecture:	LINUX
MD5:	de6651fd6c4ea2b8f9586fda641851b4
SHA1:	801a85622ee84e7d5d1438c6c0fb5f8d1c2c1a79
SHA256:	c33fce1fcbbd8caf101ca1fef46edfdc79cb8f028b2eb4a0eece67f3a0af7c38
Filetype:	ELF Executable and Linkable format (generic) (4004/1) 100.00%

Linux Analysis Report
jew.m68k.elf

Overview

General Information

Detection

Signatures

Classification

Signatures

AV Detection

Networking

System Summary

Malware Analysis System Evasion

Screenshots

Network Map

Contacted Public IPs

Linux Analysis Report jew.m68k.elf

Overview

General Information

Detection

Signatures

Classification

Signatures

AV Detection

Networking

System Summary

Malware Analysis System Evasion

Screenshots

Network Map

Contacted Public IPs

Linux Analysis Report
jew.m68k.elf