Source: Network traffic |
Suricata IDS: 2030490 - Severity 1 - ET MALWARE ELF/MooBot Mirai DDoS Variant CnC Checkin M1 (Group String Len 1) : 192.168.2.15:44826 -> 185.7.78.88:43957 |
Source: Network traffic |
Suricata IDS: 2030490 - Severity 1 - ET MALWARE ELF/MooBot Mirai DDoS Variant CnC Checkin M1 (Group String Len 1) : 192.168.2.15:44798 -> 185.7.78.88:43957 |
Source: Network traffic |
Suricata IDS: 2030490 - Severity 1 - ET MALWARE ELF/MooBot Mirai DDoS Variant CnC Checkin M1 (Group String Len 1) : 192.168.2.15:44814 -> 185.7.78.88:43957 |
Source: Network traffic |
Suricata IDS: 2030490 - Severity 1 - ET MALWARE ELF/MooBot Mirai DDoS Variant CnC Checkin M1 (Group String Len 1) : 192.168.2.15:44824 -> 185.7.78.88:43957 |
Source: Network traffic |
Suricata IDS: 2030490 - Severity 1 - ET MALWARE ELF/MooBot Mirai DDoS Variant CnC Checkin M1 (Group String Len 1) : 192.168.2.15:44802 -> 185.7.78.88:43957 |
Source: Network traffic |
Suricata IDS: 2030490 - Severity 1 - ET MALWARE ELF/MooBot Mirai DDoS Variant CnC Checkin M1 (Group String Len 1) : 192.168.2.15:44828 -> 185.7.78.88:43957 |
Source: Network traffic |
Suricata IDS: 2030490 - Severity 1 - ET MALWARE ELF/MooBot Mirai DDoS Variant CnC Checkin M1 (Group String Len 1) : 192.168.2.15:44800 -> 185.7.78.88:43957 |
Source: Network traffic |
Suricata IDS: 2030490 - Severity 1 - ET MALWARE ELF/MooBot Mirai DDoS Variant CnC Checkin M1 (Group String Len 1) : 192.168.2.15:44808 -> 185.7.78.88:43957 |
Source: Network traffic |
Suricata IDS: 2030490 - Severity 1 - ET MALWARE ELF/MooBot Mirai DDoS Variant CnC Checkin M1 (Group String Len 1) : 192.168.2.15:44804 -> 185.7.78.88:43957 |
Source: Network traffic |
Suricata IDS: 2030490 - Severity 1 - ET MALWARE ELF/MooBot Mirai DDoS Variant CnC Checkin M1 (Group String Len 1) : 192.168.2.15:44818 -> 185.7.78.88:43957 |
Source: Network traffic |
Suricata IDS: 2030490 - Severity 1 - ET MALWARE ELF/MooBot Mirai DDoS Variant CnC Checkin M1 (Group String Len 1) : 192.168.2.15:44812 -> 185.7.78.88:43957 |
Source: Network traffic |
Suricata IDS: 2030490 - Severity 1 - ET MALWARE ELF/MooBot Mirai DDoS Variant CnC Checkin M1 (Group String Len 1) : 192.168.2.15:44816 -> 185.7.78.88:43957 |
Source: Network traffic |
Suricata IDS: 2030490 - Severity 1 - ET MALWARE ELF/MooBot Mirai DDoS Variant CnC Checkin M1 (Group String Len 1) : 192.168.2.15:44822 -> 185.7.78.88:43957 |
Source: Network traffic |
Suricata IDS: 2030490 - Severity 1 - ET MALWARE ELF/MooBot Mirai DDoS Variant CnC Checkin M1 (Group String Len 1) : 192.168.2.15:44820 -> 185.7.78.88:43957 |
Source: Network traffic |
Suricata IDS: 2030490 - Severity 1 - ET MALWARE ELF/MooBot Mirai DDoS Variant CnC Checkin M1 (Group String Len 1) : 192.168.2.15:44810 -> 185.7.78.88:43957 |
Source: Network traffic |
Suricata IDS: 2030490 - Severity 1 - ET MALWARE ELF/MooBot Mirai DDoS Variant CnC Checkin M1 (Group String Len 1) : 192.168.2.15:44806 -> 185.7.78.88:43957 |
Source: bot.x86.elf, type: SAMPLE |
Matched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown |
Source: bot.x86.elf, type: SAMPLE |
Matched rule: Linux_Trojan_Mirai_b14f4c5d Author: unknown |
Source: bot.x86.elf, type: SAMPLE |
Matched rule: Linux_Trojan_Mirai_5f7b67b8 Author: unknown |
Source: bot.x86.elf, type: SAMPLE |
Matched rule: Linux_Trojan_Mirai_88de437f Author: unknown |
Source: bot.x86.elf, type: SAMPLE |
Matched rule: Linux_Trojan_Mirai_389ee3e9 Author: unknown |
Source: bot.x86.elf, type: SAMPLE |
Matched rule: Linux_Trojan_Mirai_cc93863b Author: unknown |
Source: bot.x86.elf, type: SAMPLE |
Matched rule: Linux_Trojan_Mirai_8aa7b5d3 Author: unknown |
Source: 5527.1.0000000008048000.000000000805a000.r-x.sdmp, type: MEMORY |
Matched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown |
Source: 5527.1.0000000008048000.000000000805a000.r-x.sdmp, type: MEMORY |
Matched rule: Linux_Trojan_Mirai_b14f4c5d Author: unknown |
Source: 5527.1.0000000008048000.000000000805a000.r-x.sdmp, type: MEMORY |
Matched rule: Linux_Trojan_Mirai_5f7b67b8 Author: unknown |
Source: 5527.1.0000000008048000.000000000805a000.r-x.sdmp, type: MEMORY |
Matched rule: Linux_Trojan_Mirai_88de437f Author: unknown |
Source: 5527.1.0000000008048000.000000000805a000.r-x.sdmp, type: MEMORY |
Matched rule: Linux_Trojan_Mirai_389ee3e9 Author: unknown |
Source: 5527.1.0000000008048000.000000000805a000.r-x.sdmp, type: MEMORY |
Matched rule: Linux_Trojan_Mirai_cc93863b Author: unknown |
Source: 5527.1.0000000008048000.000000000805a000.r-x.sdmp, type: MEMORY |
Matched rule: Linux_Trojan_Mirai_8aa7b5d3 Author: unknown |
Source: Process Memory Space: bot.x86.elf PID: 5527, type: MEMORYSTR |
Matched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown |
Source: bot.x86.elf, type: SAMPLE |
Matched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16 |
Source: bot.x86.elf, type: SAMPLE |
Matched rule: Linux_Trojan_Mirai_b14f4c5d os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = a70d052918dd2fbc66db241da6438015130f0fb6929229bfe573546fe98da817, id = b14f4c5d-054f-46e6-9fa8-3588f1ef68b7, last_modified = 2021-09-16 |
Source: bot.x86.elf, type: SAMPLE |
Matched rule: Linux_Trojan_Mirai_5f7b67b8 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 6cb5fb0b7c132e9c11ac72da43278025b60810ea3733c9c6d6ca966163185940, id = 5f7b67b8-3d7b-48a4-8f03-b6f2c92be92e, last_modified = 2021-09-16 |
Source: bot.x86.elf, type: SAMPLE |
Matched rule: Linux_Trojan_Mirai_88de437f reference_sample = 8dc745a6de6f319cd6021c3e147597315cc1be02099d78fc8aae94de0e1e4bc6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = c19eb595c2b444a809bef8500c20342c9f46694d3018e268833f9b884133a1ea, id = 88de437f-9c98-4e1d-96c0-7b433c99886a, last_modified = 2021-09-16 |
Source: bot.x86.elf, type: SAMPLE |
Matched rule: Linux_Trojan_Mirai_389ee3e9 reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 59f2359dc1f41d385d639d157b4cd9fc73d76d8abb7cc09d47632bb4c9a39e6e, id = 389ee3e9-70c1-4c93-a999-292cf6ff1652, last_modified = 2022-01-26 |
Source: bot.x86.elf, type: SAMPLE |
Matched rule: Linux_Trojan_Mirai_cc93863b reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = f3ecd30f0b511a8e92cfa642409d559e7612c3f57a1659ca46c77aca809a00ac, id = cc93863b-1050-40ba-9d02-5ec9ce6a3a28, last_modified = 2022-01-26 |
Source: bot.x86.elf, type: SAMPLE |
Matched rule: Linux_Trojan_Mirai_8aa7b5d3 reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 02a2c18c362df4b1fceb33f3b605586514ba9a00c7afedf71c04fa54d8146444, id = 8aa7b5d3-e1eb-4b55-b36a-0d3a242c06e9, last_modified = 2022-01-26 |
Source: 5527.1.0000000008048000.000000000805a000.r-x.sdmp, type: MEMORY |
Matched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16 |
Source: 5527.1.0000000008048000.000000000805a000.r-x.sdmp, type: MEMORY |
Matched rule: Linux_Trojan_Mirai_b14f4c5d os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = a70d052918dd2fbc66db241da6438015130f0fb6929229bfe573546fe98da817, id = b14f4c5d-054f-46e6-9fa8-3588f1ef68b7, last_modified = 2021-09-16 |
Source: 5527.1.0000000008048000.000000000805a000.r-x.sdmp, type: MEMORY |
Matched rule: Linux_Trojan_Mirai_5f7b67b8 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 6cb5fb0b7c132e9c11ac72da43278025b60810ea3733c9c6d6ca966163185940, id = 5f7b67b8-3d7b-48a4-8f03-b6f2c92be92e, last_modified = 2021-09-16 |
Source: 5527.1.0000000008048000.000000000805a000.r-x.sdmp, type: MEMORY |
Matched rule: Linux_Trojan_Mirai_88de437f reference_sample = 8dc745a6de6f319cd6021c3e147597315cc1be02099d78fc8aae94de0e1e4bc6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = c19eb595c2b444a809bef8500c20342c9f46694d3018e268833f9b884133a1ea, id = 88de437f-9c98-4e1d-96c0-7b433c99886a, last_modified = 2021-09-16 |
Source: 5527.1.0000000008048000.000000000805a000.r-x.sdmp, type: MEMORY |
Matched rule: Linux_Trojan_Mirai_389ee3e9 reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 59f2359dc1f41d385d639d157b4cd9fc73d76d8abb7cc09d47632bb4c9a39e6e, id = 389ee3e9-70c1-4c93-a999-292cf6ff1652, last_modified = 2022-01-26 |
Source: 5527.1.0000000008048000.000000000805a000.r-x.sdmp, type: MEMORY |
Matched rule: Linux_Trojan_Mirai_cc93863b reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = f3ecd30f0b511a8e92cfa642409d559e7612c3f57a1659ca46c77aca809a00ac, id = cc93863b-1050-40ba-9d02-5ec9ce6a3a28, last_modified = 2022-01-26 |
Source: 5527.1.0000000008048000.000000000805a000.r-x.sdmp, type: MEMORY |
Matched rule: Linux_Trojan_Mirai_8aa7b5d3 reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 02a2c18c362df4b1fceb33f3b605586514ba9a00c7afedf71c04fa54d8146444, id = 8aa7b5d3-e1eb-4b55-b36a-0d3a242c06e9, last_modified = 2022-01-26 |
Source: Process Memory Space: bot.x86.elf PID: 5527, type: MEMORYSTR |
Matched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16 |
Source: /tmp/bot.x86.elf (PID: 5529) |
File opened: /proc/110/cmdline |
Jump to behavior |
Source: /tmp/bot.x86.elf (PID: 5529) |
File opened: /proc/231/cmdline |
Jump to behavior |
Source: /tmp/bot.x86.elf (PID: 5529) |
File opened: /proc/111/cmdline |
Jump to behavior |
Source: /tmp/bot.x86.elf (PID: 5529) |
File opened: /proc/112/cmdline |
Jump to behavior |
Source: /tmp/bot.x86.elf (PID: 5529) |
File opened: /proc/233/cmdline |
Jump to behavior |
Source: /tmp/bot.x86.elf (PID: 5529) |
File opened: /proc/113/cmdline |
Jump to behavior |
Source: /tmp/bot.x86.elf (PID: 5529) |
File opened: /proc/114/cmdline |
Jump to behavior |
Source: /tmp/bot.x86.elf (PID: 5529) |
File opened: /proc/235/cmdline |
Jump to behavior |
Source: /tmp/bot.x86.elf (PID: 5529) |
File opened: /proc/115/cmdline |
Jump to behavior |
Source: /tmp/bot.x86.elf (PID: 5529) |
File opened: /proc/1333/cmdline |
Jump to behavior |
Source: /tmp/bot.x86.elf (PID: 5529) |
File opened: /proc/116/cmdline |
Jump to behavior |
Source: /tmp/bot.x86.elf (PID: 5529) |
File opened: /proc/1695/cmdline |
Jump to behavior |
Source: /tmp/bot.x86.elf (PID: 5529) |
File opened: /proc/117/cmdline |
Jump to behavior |
Source: /tmp/bot.x86.elf (PID: 5529) |
File opened: /proc/118/cmdline |
Jump to behavior |
Source: /tmp/bot.x86.elf (PID: 5529) |
File opened: /proc/119/cmdline |
Jump to behavior |
Source: /tmp/bot.x86.elf (PID: 5529) |
File opened: /proc/911/cmdline |
Jump to behavior |
Source: /tmp/bot.x86.elf (PID: 5529) |
File opened: /proc/3875/cmdline |
Jump to behavior |
Source: /tmp/bot.x86.elf (PID: 5529) |
File opened: /proc/914/cmdline |
Jump to behavior |
Source: /tmp/bot.x86.elf (PID: 5529) |
File opened: /proc/10/cmdline |
Jump to behavior |
Source: /tmp/bot.x86.elf (PID: 5529) |
File opened: /proc/917/cmdline |
Jump to behavior |
Source: /tmp/bot.x86.elf (PID: 5529) |
File opened: /proc/11/cmdline |
Jump to behavior |
Source: /tmp/bot.x86.elf (PID: 5529) |
File opened: /proc/12/cmdline |
Jump to behavior |
Source: /tmp/bot.x86.elf (PID: 5529) |
File opened: /proc/13/cmdline |
Jump to behavior |
Source: /tmp/bot.x86.elf (PID: 5529) |
File opened: /proc/14/cmdline |
Jump to behavior |
Source: /tmp/bot.x86.elf (PID: 5529) |
File opened: /proc/15/cmdline |
Jump to behavior |
Source: /tmp/bot.x86.elf (PID: 5529) |
File opened: /proc/16/cmdline |
Jump to behavior |
Source: /tmp/bot.x86.elf (PID: 5529) |
File opened: /proc/17/cmdline |
Jump to behavior |
Source: /tmp/bot.x86.elf (PID: 5529) |
File opened: /proc/18/cmdline |
Jump to behavior |
Source: /tmp/bot.x86.elf (PID: 5529) |
File opened: /proc/19/cmdline |
Jump to behavior |
Source: /tmp/bot.x86.elf (PID: 5529) |
File opened: /proc/1591/cmdline |
Jump to behavior |
Source: /tmp/bot.x86.elf (PID: 5529) |
File opened: /proc/120/cmdline |
Jump to behavior |
Source: /tmp/bot.x86.elf (PID: 5529) |
File opened: /proc/121/cmdline |
Jump to behavior |
Source: /tmp/bot.x86.elf (PID: 5529) |
File opened: /proc/1/cmdline |
Jump to behavior |
Source: /tmp/bot.x86.elf (PID: 5529) |
File opened: /proc/122/cmdline |
Jump to behavior |
Source: /tmp/bot.x86.elf (PID: 5529) |
File opened: /proc/243/cmdline |
Jump to behavior |
Source: /tmp/bot.x86.elf (PID: 5529) |
File opened: /proc/2/cmdline |
Jump to behavior |
Source: /tmp/bot.x86.elf (PID: 5529) |
File opened: /proc/123/cmdline |
Jump to behavior |
Source: /tmp/bot.x86.elf (PID: 5529) |
File opened: /proc/3/cmdline |
Jump to behavior |
Source: /tmp/bot.x86.elf (PID: 5529) |
File opened: /proc/124/cmdline |
Jump to behavior |
Source: /tmp/bot.x86.elf (PID: 5529) |
File opened: /proc/1588/cmdline |
Jump to behavior |
Source: /tmp/bot.x86.elf (PID: 5529) |
File opened: /proc/125/cmdline |
Jump to behavior |
Source: /tmp/bot.x86.elf (PID: 5529) |
File opened: /proc/4/cmdline |
Jump to behavior |
Source: /tmp/bot.x86.elf (PID: 5529) |
File opened: /proc/246/cmdline |
Jump to behavior |
Source: /tmp/bot.x86.elf (PID: 5529) |
File opened: /proc/126/cmdline |
Jump to behavior |
Source: /tmp/bot.x86.elf (PID: 5529) |
File opened: /proc/5/cmdline |
Jump to behavior |
Source: /tmp/bot.x86.elf (PID: 5529) |
File opened: /proc/127/cmdline |
Jump to behavior |
Source: /tmp/bot.x86.elf (PID: 5529) |
File opened: /proc/6/cmdline |
Jump to behavior |
Source: /tmp/bot.x86.elf (PID: 5529) |
File opened: /proc/1585/cmdline |
Jump to behavior |
Source: /tmp/bot.x86.elf (PID: 5529) |
File opened: /proc/128/cmdline |
Jump to behavior |
Source: /tmp/bot.x86.elf (PID: 5529) |
File opened: /proc/7/cmdline |
Jump to behavior |
Source: /tmp/bot.x86.elf (PID: 5529) |
File opened: /proc/129/cmdline |
Jump to behavior |
Source: /tmp/bot.x86.elf (PID: 5529) |
File opened: /proc/8/cmdline |
Jump to behavior |
Source: /tmp/bot.x86.elf (PID: 5529) |
File opened: /proc/800/cmdline |
Jump to behavior |
Source: /tmp/bot.x86.elf (PID: 5529) |
File opened: /proc/9/cmdline |
Jump to behavior |
Source: /tmp/bot.x86.elf (PID: 5529) |
File opened: /proc/802/cmdline |
Jump to behavior |
Source: /tmp/bot.x86.elf (PID: 5529) |
File opened: /proc/803/cmdline |
Jump to behavior |
Source: /tmp/bot.x86.elf (PID: 5529) |
File opened: /proc/804/cmdline |
Jump to behavior |
Source: /tmp/bot.x86.elf (PID: 5529) |
File opened: /proc/20/cmdline |
Jump to behavior |
Source: /tmp/bot.x86.elf (PID: 5529) |
File opened: /proc/21/cmdline |
Jump to behavior |
Source: /tmp/bot.x86.elf (PID: 5529) |
File opened: /proc/3407/cmdline |
Jump to behavior |
Source: /tmp/bot.x86.elf (PID: 5529) |
File opened: /proc/22/cmdline |
Jump to behavior |
Source: /tmp/bot.x86.elf (PID: 5529) |
File opened: /proc/23/cmdline |
Jump to behavior |
Source: /tmp/bot.x86.elf (PID: 5529) |
File opened: /proc/24/cmdline |
Jump to behavior |
Source: /tmp/bot.x86.elf (PID: 5529) |
File opened: /proc/25/cmdline |
Jump to behavior |
Source: /tmp/bot.x86.elf (PID: 5529) |
File opened: /proc/26/cmdline |
Jump to behavior |
Source: /tmp/bot.x86.elf (PID: 5529) |
File opened: /proc/27/cmdline |
Jump to behavior |
Source: /tmp/bot.x86.elf (PID: 5529) |
File opened: /proc/28/cmdline |
Jump to behavior |
Source: /tmp/bot.x86.elf (PID: 5529) |
File opened: /proc/29/cmdline |
Jump to behavior |
Source: /tmp/bot.x86.elf (PID: 5529) |
File opened: /proc/1484/cmdline |
Jump to behavior |
Source: /tmp/bot.x86.elf (PID: 5529) |
File opened: /proc/490/cmdline |
Jump to behavior |
Source: /tmp/bot.x86.elf (PID: 5529) |
File opened: /proc/250/cmdline |
Jump to behavior |
Source: /tmp/bot.x86.elf (PID: 5529) |
File opened: /proc/130/cmdline |
Jump to behavior |
Source: /tmp/bot.x86.elf (PID: 5529) |
File opened: /proc/251/cmdline |
Jump to behavior |
Source: /tmp/bot.x86.elf (PID: 5529) |
File opened: /proc/131/cmdline |
Jump to behavior |
Source: /tmp/bot.x86.elf (PID: 5529) |
File opened: /proc/132/cmdline |
Jump to behavior |
Source: /tmp/bot.x86.elf (PID: 5529) |
File opened: /proc/133/cmdline |
Jump to behavior |
Source: /tmp/bot.x86.elf (PID: 5529) |
File opened: /proc/1479/cmdline |
Jump to behavior |
Source: /tmp/bot.x86.elf (PID: 5529) |
File opened: /proc/378/cmdline |
Jump to behavior |
Source: /tmp/bot.x86.elf (PID: 5529) |
File opened: /proc/258/cmdline |
Jump to behavior |
Source: /tmp/bot.x86.elf (PID: 5529) |
File opened: /proc/259/cmdline |
Jump to behavior |
Source: /tmp/bot.x86.elf (PID: 5529) |
File opened: /proc/931/cmdline |
Jump to behavior |
Source: /tmp/bot.x86.elf (PID: 5529) |
File opened: /proc/1595/cmdline |
Jump to behavior |
Source: /tmp/bot.x86.elf (PID: 5529) |
File opened: /proc/812/cmdline |
Jump to behavior |
Source: /tmp/bot.x86.elf (PID: 5529) |
File opened: /proc/933/cmdline |
Jump to behavior |
Source: /tmp/bot.x86.elf (PID: 5529) |
File opened: /proc/30/cmdline |
Jump to behavior |
Source: /tmp/bot.x86.elf (PID: 5529) |
File opened: /proc/3419/cmdline |
Jump to behavior |
Source: /tmp/bot.x86.elf (PID: 5529) |
File opened: /proc/35/cmdline |
Jump to behavior |
Source: /tmp/bot.x86.elf (PID: 5529) |
File opened: /proc/3310/cmdline |
Jump to behavior |
Source: /tmp/bot.x86.elf (PID: 5529) |
File opened: /proc/260/cmdline |
Jump to behavior |
Source: /tmp/bot.x86.elf (PID: 5529) |
File opened: /proc/261/cmdline |
Jump to behavior |
Source: /tmp/bot.x86.elf (PID: 5529) |
File opened: /proc/262/cmdline |
Jump to behavior |
Source: /tmp/bot.x86.elf (PID: 5529) |
File opened: /proc/142/cmdline |
Jump to behavior |
Source: /tmp/bot.x86.elf (PID: 5529) |
File opened: /proc/263/cmdline |
Jump to behavior |
Source: /tmp/bot.x86.elf (PID: 5529) |
File opened: /proc/264/cmdline |
Jump to behavior |
Source: /tmp/bot.x86.elf (PID: 5529) |
File opened: /proc/265/cmdline |
Jump to behavior |
Source: /tmp/bot.x86.elf (PID: 5529) |
File opened: /proc/145/cmdline |
Jump to behavior |
Source: /tmp/bot.x86.elf (PID: 5529) |
File opened: /proc/266/cmdline |
Jump to behavior |
Source: /tmp/bot.x86.elf (PID: 5529) |
File opened: /proc/267/cmdline |
Jump to behavior |
Source: /tmp/bot.x86.elf (PID: 5529) |
File opened: /proc/268/cmdline |
Jump to behavior |
Source: /tmp/bot.x86.elf (PID: 5529) |
File opened: /proc/3303/cmdline |
Jump to behavior |
Source: /tmp/bot.x86.elf (PID: 5529) |
File opened: /proc/269/cmdline |
Jump to behavior |
Source: /tmp/bot.x86.elf (PID: 5529) |
File opened: /proc/1486/cmdline |
Jump to behavior |
Source: /tmp/bot.x86.elf (PID: 5529) |
File opened: /proc/1806/cmdline |
Jump to behavior |
Source: /tmp/bot.x86.elf (PID: 5529) |
File opened: /proc/3684/cmdline |
Jump to behavior |
Source: /tmp/bot.x86.elf (PID: 5529) |
File opened: /proc/3440/cmdline |
Jump to behavior |
Source: Traffic |
Suricata IDS: ET MALWARE ELF/MooBot Mirai DDoS Variant CnC Checkin M1 (Group String Len 1) |
Source: Traffic |
Suricata IDS: ET MALWARE ELF/MooBot Mirai DDoS Variant CnC Checkin M1 (Group String Len 1) |
Source: Traffic |
Suricata IDS: ET MALWARE ELF/MooBot Mirai DDoS Variant CnC Checkin M1 (Group String Len 1) |
Source: Traffic |
Suricata IDS: ET MALWARE ELF/MooBot Mirai DDoS Variant CnC Checkin M1 (Group String Len 1) |
Source: Traffic |
Suricata IDS: ET MALWARE ELF/MooBot Mirai DDoS Variant CnC Checkin M1 (Group String Len 1) |
Source: Traffic |
Suricata IDS: ET MALWARE ELF/MooBot Mirai DDoS Variant CnC Checkin M1 (Group String Len 1) |
Source: Traffic |
Suricata IDS: ET MALWARE ELF/MooBot Mirai DDoS Variant CnC Checkin M1 (Group String Len 1) |
Source: Traffic |
Suricata IDS: ET MALWARE ELF/MooBot Mirai DDoS Variant CnC Checkin M1 (Group String Len 1) |
Source: Traffic |
Suricata IDS: ET MALWARE ELF/MooBot Mirai DDoS Variant CnC Checkin M1 (Group String Len 1) |
Source: Traffic |
Suricata IDS: ET MALWARE ELF/MooBot Mirai DDoS Variant CnC Checkin M1 (Group String Len 1) |
Source: Traffic |
Suricata IDS: ET MALWARE ELF/MooBot Mirai DDoS Variant CnC Checkin M1 (Group String Len 1) |
Source: Traffic |
Suricata IDS: ET MALWARE ELF/MooBot Mirai DDoS Variant CnC Checkin M1 (Group String Len 1) |
Source: Traffic |
Suricata IDS: ET MALWARE ELF/MooBot Mirai DDoS Variant CnC Checkin M1 (Group String Len 1) |
Source: Traffic |
Suricata IDS: ET MALWARE ELF/MooBot Mirai DDoS Variant CnC Checkin M1 (Group String Len 1) |
Source: Traffic |
Suricata IDS: ET MALWARE ELF/MooBot Mirai DDoS Variant CnC Checkin M1 (Group String Len 1) |
Source: Traffic |
Suricata IDS: ET MALWARE ELF/MooBot Mirai DDoS Variant CnC Checkin M1 (Group String Len 1) |