Malware Analysis Report

2024-12-01 00:06

Sample ID 220714-dab1nadbh3
Target 488446f7510d2914a58c62dc96263b40d42573718cfe07979c672e6a6517c620
SHA256 488446f7510d2914a58c62dc96263b40d42573718cfe07979c672e6a6517c620
Tags
mirai mirai_x86corona
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V6

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

SHA256

488446f7510d2914a58c62dc96263b40d42573718cfe07979c672e6a6517c620

Threat Level: Known bad

The file 488446f7510d2914a58c62dc96263b40d42573718cfe07979c672e6a6517c620 was found to be: Known bad.

Malicious Activity Summary

mirai mirai_x86corona

Detect Mirai payload

Detected x86corona Mirai variant

Mirai family

Mirai_x86corona family

Reads CPU attributes

Reads runtime system information

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2022-07-14 02:47

Signatures

Detect Mirai payload

Description Indicator Process Target
N/A N/A N/A N/A

Detected x86corona Mirai variant

Description Indicator Process Target
N/A N/A N/A N/A

Mirai family

mirai

Mirai_x86corona family

mirai_x86corona

Analysis: behavioral1

Detonation Overview

Submitted

2022-07-14 02:47

Reported

2022-07-14 04:28

Platform

ubuntu1804-amd64-en-20211208

Max time kernel

18791s

Max time network

155s

Command Line

[./488446f7510d2914a58c62dc96263b40d42573718cfe07979c672e6a6517c620]

Signatures

Reads CPU attributes

Description Indicator Process Target
/sys/devices/system/cpu/online /sys/devices/system/cpu/online /usr/bin/pkill N/A
/sys/devices/system/cpu/online /sys/devices/system/cpu/online /usr/bin/pkill N/A
/sys/devices/system/cpu/online /sys/devices/system/cpu/online /usr/bin/pkill N/A
/sys/devices/system/cpu/online /sys/devices/system/cpu/online /usr/bin/pkill N/A
/sys/devices/system/cpu/online /sys/devices/system/cpu/online /usr/bin/pkill N/A
/sys/devices/system/cpu/online /sys/devices/system/cpu/online /usr/bin/pkill N/A
/sys/devices/system/cpu/online /sys/devices/system/cpu/online /usr/bin/pkill N/A
/sys/devices/system/cpu/online /sys/devices/system/cpu/online /usr/bin/pkill N/A
/sys/devices/system/cpu/online /sys/devices/system/cpu/online /usr/bin/pkill N/A
/sys/devices/system/cpu/online /sys/devices/system/cpu/online /usr/bin/pkill N/A
/sys/devices/system/cpu/online /sys/devices/system/cpu/online /usr/bin/pkill N/A
/sys/devices/system/cpu/online /sys/devices/system/cpu/online /usr/bin/pkill N/A
/sys/devices/system/cpu/online /sys/devices/system/cpu/online /usr/bin/pkill N/A
/sys/devices/system/cpu/online /sys/devices/system/cpu/online /usr/bin/pkill N/A
/sys/devices/system/cpu/online /sys/devices/system/cpu/online /usr/bin/pkill N/A
/sys/devices/system/cpu/online /sys/devices/system/cpu/online /usr/bin/pkill N/A
/sys/devices/system/cpu/online /sys/devices/system/cpu/online /usr/bin/pkill N/A
/sys/devices/system/cpu/online /sys/devices/system/cpu/online /usr/bin/pkill N/A
/sys/devices/system/cpu/online /sys/devices/system/cpu/online /usr/bin/pkill N/A
/sys/devices/system/cpu/online /sys/devices/system/cpu/online /usr/bin/pkill N/A
/sys/devices/system/cpu/online /sys/devices/system/cpu/online /usr/bin/pkill N/A
/sys/devices/system/cpu/online /sys/devices/system/cpu/online /usr/bin/pkill N/A
/sys/devices/system/cpu/online /sys/devices/system/cpu/online /usr/bin/pkill N/A
/sys/devices/system/cpu/online /sys/devices/system/cpu/online /usr/bin/pkill N/A
/sys/devices/system/cpu/online /sys/devices/system/cpu/online /usr/bin/pkill N/A
/sys/devices/system/cpu/online /sys/devices/system/cpu/online /usr/bin/pkill N/A
/sys/devices/system/cpu/online /sys/devices/system/cpu/online /usr/bin/pkill N/A
/sys/devices/system/cpu/online /sys/devices/system/cpu/online /usr/bin/pkill N/A
/sys/devices/system/cpu/online /sys/devices/system/cpu/online /usr/bin/pkill N/A
/sys/devices/system/cpu/online /sys/devices/system/cpu/online /usr/bin/pkill N/A
/sys/devices/system/cpu/online /sys/devices/system/cpu/online /usr/bin/pkill N/A
/sys/devices/system/cpu/online /sys/devices/system/cpu/online /usr/bin/pkill N/A
/sys/devices/system/cpu/online /sys/devices/system/cpu/online /usr/bin/pkill N/A
/sys/devices/system/cpu/online /sys/devices/system/cpu/online /usr/bin/pkill N/A
/sys/devices/system/cpu/online /sys/devices/system/cpu/online /usr/bin/pkill N/A
/sys/devices/system/cpu/online /sys/devices/system/cpu/online /usr/bin/pkill N/A
/sys/devices/system/cpu/online /sys/devices/system/cpu/online /usr/bin/pkill N/A
/sys/devices/system/cpu/online /sys/devices/system/cpu/online /usr/bin/pkill N/A
/sys/devices/system/cpu/online /sys/devices/system/cpu/online /usr/bin/pkill N/A
/sys/devices/system/cpu/online /sys/devices/system/cpu/online /usr/bin/pkill N/A
/sys/devices/system/cpu/online /sys/devices/system/cpu/online /usr/bin/pkill N/A
/sys/devices/system/cpu/online /sys/devices/system/cpu/online /usr/bin/pkill N/A
/sys/devices/system/cpu/online /sys/devices/system/cpu/online /usr/bin/pkill N/A
/sys/devices/system/cpu/online /sys/devices/system/cpu/online /usr/bin/pkill N/A
/sys/devices/system/cpu/online /sys/devices/system/cpu/online /usr/bin/pkill N/A
/sys/devices/system/cpu/online /sys/devices/system/cpu/online /usr/bin/pkill N/A
/sys/devices/system/cpu/online /sys/devices/system/cpu/online /usr/bin/pkill N/A
/sys/devices/system/cpu/online /sys/devices/system/cpu/online /usr/bin/pkill N/A
/sys/devices/system/cpu/online /sys/devices/system/cpu/online /usr/bin/pkill N/A
/sys/devices/system/cpu/online /sys/devices/system/cpu/online /usr/bin/pkill N/A
/sys/devices/system/cpu/online /sys/devices/system/cpu/online /usr/bin/pkill N/A
/sys/devices/system/cpu/online /sys/devices/system/cpu/online /usr/bin/pkill N/A
/sys/devices/system/cpu/online /sys/devices/system/cpu/online /usr/bin/pkill N/A
/sys/devices/system/cpu/online /sys/devices/system/cpu/online /usr/bin/pkill N/A
/sys/devices/system/cpu/online /sys/devices/system/cpu/online /usr/bin/pkill N/A
/sys/devices/system/cpu/online /sys/devices/system/cpu/online /usr/bin/pkill N/A
/sys/devices/system/cpu/online /sys/devices/system/cpu/online /usr/bin/pkill N/A
/sys/devices/system/cpu/online /sys/devices/system/cpu/online /usr/bin/pkill N/A
/sys/devices/system/cpu/online /sys/devices/system/cpu/online /usr/bin/pkill N/A
/sys/devices/system/cpu/online /sys/devices/system/cpu/online /usr/bin/pkill N/A
/sys/devices/system/cpu/online /sys/devices/system/cpu/online /usr/bin/pkill N/A
/sys/devices/system/cpu/online /sys/devices/system/cpu/online /usr/bin/pkill N/A
/sys/devices/system/cpu/online /sys/devices/system/cpu/online /usr/bin/pkill N/A
/sys/devices/system/cpu/online /sys/devices/system/cpu/online /usr/bin/pkill N/A

Reads runtime system information

Description Indicator Process Target
/proc/625/cmdline /proc/625/cmdline /usr/bin/pkill N/A
/proc/154/cmdline /proc/154/cmdline /usr/bin/pkill N/A
/proc/21/status /proc/21/status /usr/bin/pkill N/A
/proc/4/status /proc/4/status /usr/bin/pkill N/A
/proc/115/status /proc/115/status /usr/bin/pkill N/A
/proc/82/cmdline /proc/82/cmdline /usr/bin/pkill N/A
/proc/25/status /proc/25/status /usr/bin/pkill N/A
/proc/458/cmdline /proc/458/cmdline /usr/bin/pkill N/A
/proc/89/cmdline /proc/89/cmdline /usr/bin/pkill N/A
/proc/223/status /proc/223/status /usr/bin/pkill N/A
/proc/84/cmdline /proc/84/cmdline /usr/bin/pkill N/A
/proc/732/cmdline /proc/732/cmdline /usr/bin/pkill N/A
/proc/5/status /proc/5/status /usr/bin/pkill N/A
/proc/83/status /proc/83/status /usr/bin/pkill N/A
/proc/332/cmdline /proc/332/cmdline /usr/bin/pkill N/A
/proc/98/status /proc/98/status /usr/bin/pkill N/A
/proc/89/status /proc/89/status /usr/bin/pkill N/A
/proc/332/status /proc/332/status /usr/bin/pkill N/A
/proc/26/cmdline /proc/26/cmdline /usr/bin/pkill N/A
/proc/580/cmdline /proc/580/cmdline /usr/bin/pkill N/A
/proc/356/cmdline /proc/356/cmdline /usr/bin/pkill N/A
/proc/3/cmdline /proc/3/cmdline /usr/bin/pkill N/A
/proc/16/cmdline /proc/16/cmdline /usr/bin/pkill N/A
/proc/458/status /proc/458/status /usr/bin/pkill N/A
/proc/447/cmdline /proc/447/cmdline /usr/bin/pkill N/A
/proc/25/cmdline /proc/25/cmdline /usr/bin/pkill N/A
/proc/165/status /proc/165/status /usr/bin/pkill N/A
/proc/159/cmdline /proc/159/cmdline /usr/bin/pkill N/A
/proc/20/status /proc/20/status /usr/bin/pkill N/A
/proc/156/status /proc/156/status /usr/bin/pkill N/A
/proc/154/cmdline /proc/154/cmdline /usr/bin/pkill N/A
/proc/251/status /proc/251/status /usr/bin/pkill N/A
/proc/18/status /proc/18/status /usr/bin/pkill N/A
/proc/13/status /proc/13/status /usr/bin/pkill N/A
/proc/6/status /proc/6/status /usr/bin/pkill N/A
/proc/163/cmdline /proc/163/cmdline /usr/bin/pkill N/A
/proc/347/status /proc/347/status /usr/bin/pkill N/A
/proc/12/cmdline /proc/12/cmdline /usr/bin/pkill N/A
/proc/420/cmdline /proc/420/cmdline /usr/bin/pkill N/A
/proc/80/cmdline /proc/80/cmdline /usr/bin/pkill N/A
/proc/27/status /proc/27/status /usr/bin/pkill N/A
/proc/27/status /proc/27/status /usr/bin/pkill N/A
/proc/16/cmdline /proc/16/cmdline /usr/bin/pkill N/A
/proc/352/status /proc/352/status /usr/bin/pkill N/A
/proc/162/cmdline /proc/162/cmdline /usr/bin/pkill N/A
/proc/153/cmdline /proc/153/cmdline /usr/bin/pkill N/A
/proc/14/status /proc/14/status /usr/bin/pkill N/A
/proc/19/cmdline /proc/19/cmdline /usr/bin/pkill N/A
/proc/25/cmdline /proc/25/cmdline /usr/bin/pkill N/A
/proc/1/cmdline /proc/1/cmdline /usr/bin/pkill N/A
/proc/15/status /proc/15/status /usr/bin/pkill N/A
/proc/356/status /proc/356/status /usr/bin/pkill N/A
/proc/339/cmdline /proc/339/cmdline /usr/bin/pkill N/A
/proc/332/cmdline /proc/332/cmdline /usr/bin/pkill N/A
/proc/26/cmdline /proc/26/cmdline /usr/bin/pkill N/A
/proc/sys/kernel/osrelease /proc/sys/kernel/osrelease /usr/bin/pkill N/A
/proc/7/cmdline /proc/7/cmdline /usr/bin/pkill N/A
/proc/25/status /proc/25/status /usr/bin/pkill N/A
/proc/81/cmdline /proc/81/cmdline /usr/bin/pkill N/A
/proc/30/cmdline /proc/30/cmdline /usr/bin/pkill N/A
/proc/418/status /proc/418/status /usr/bin/pkill N/A
/proc/29/cmdline /proc/29/cmdline /usr/bin/pkill N/A
/proc/164/cmdline /proc/164/cmdline /usr/bin/pkill N/A
/proc/363/status /proc/363/status /usr/bin/pkill N/A

Processes

./488446f7510d2914a58c62dc96263b40d42573718cfe07979c672e6a6517c620

[./488446f7510d2914a58c62dc96263b40d42573718cfe07979c672e6a6517c620]

/bin/sh

[sh -c pkill -9 902i13 || busybox pkill -9 902i13]

/usr/bin/pkill

[pkill -9 902i13]

/bin/busybox

[busybox pkill -9 902i13]

/bin/sh

[sh -c pkill -9 BzSxLxBxeY || busybox pkill -9 BzSxLxBxeY]

/usr/bin/pkill

[pkill -9 BzSxLxBxeY]

/bin/busybox

[busybox pkill -9 BzSxLxBxeY]

/bin/sh

[sh -c pkill -9 HOHO-LUGO7 || busybox pkill -9 HOHO-LUGO7]

/usr/bin/pkill

[pkill -9 HOHO-LUGO7]

/bin/busybox

[busybox pkill -9 HOHO-LUGO7]

/bin/sh

[sh -c pkill -9 HOHO-U79OL || busybox pkill -9 HOHO-U79OL]

/usr/bin/pkill

[pkill -9 HOHO-U79OL]

/bin/busybox

[busybox pkill -9 HOHO-U79OL]

/bin/sh

[sh -c pkill -9 JuYfouyf87 || busybox pkill -9 JuYfouyf87]

/usr/bin/pkill

[pkill -9 JuYfouyf87]

/bin/busybox

[busybox pkill -9 JuYfouyf87]

/bin/sh

[sh -c pkill -9 NiGGeR69xd || busybox pkill -9 NiGGeR69xd]

/usr/bin/pkill

[pkill -9 NiGGeR69xd]

/bin/busybox

[busybox pkill -9 NiGGeR69xd]

/bin/sh

[sh -c pkill -9 SO190Ij1X || busybox pkill -9 SO190Ij1X]

/usr/bin/pkill

[pkill -9 SO190Ij1X]

/bin/busybox

[busybox pkill -9 SO190Ij1X]

/bin/sh

[sh -c pkill -9 LOLKIKEEEDDE || busybox pkill -9 LOLKIKEEEDDE]

/usr/bin/pkill

[pkill -9 LOLKIKEEEDDE]

/bin/busybox

[busybox pkill -9 LOLKIKEEEDDE]

/bin/sh

[sh -c pkill -9 ekjheory98e || busybox pkill -9 ekjheory98e]

/usr/bin/pkill

[pkill -9 ekjheory98e]

/bin/busybox

[busybox pkill -9 ekjheory98e]

/bin/sh

[sh -c pkill -9 scansh4 || busybox pkill -9 scansh4]

/usr/bin/pkill

[pkill -9 scansh4]

/bin/busybox

[busybox pkill -9 scansh4]

/bin/sh

[sh -c pkill -9 MDMA || busybox pkill -9 MDMA]

/usr/bin/pkill

[pkill -9 MDMA]

/bin/busybox

[busybox pkill -9 MDMA]

/bin/sh

[sh -c pkill -9 fdevalvex || busybox pkill -9 fdevalvex]

/usr/bin/pkill

[pkill -9 fdevalvex]

/bin/busybox

[busybox pkill -9 fdevalvex]

/bin/sh

[sh -c pkill -9 scanspc || busybox pkill -9 scanspc]

/usr/bin/pkill

[pkill -9 scanspc]

/bin/busybox

[busybox pkill -9 scanspc]

/bin/sh

[sh -c pkill -9 MELTEDNINJAREALZ || busybox pkill -9 MELTEDNINJAREALZ]

/usr/bin/pkill

[pkill -9 MELTEDNINJAREALZ]

/bin/busybox

[busybox pkill -9 MELTEDNINJAREALZ]

/bin/sh

[sh -c pkill -9 flexsonskids || busybox pkill -9 flexsonskids]

/usr/bin/pkill

[pkill -9 flexsonskids]

/bin/busybox

[busybox pkill -9 flexsonskids]

/bin/sh

[sh -c pkill -9 scanx86 || busybox pkill -9 scanx86]

/usr/bin/pkill

[pkill -9 scanx86]

/bin/busybox

[busybox pkill -9 scanx86]

/bin/sh

[sh -c pkill -9 MISAKI-U79OL || busybox pkill -9 MISAKI-U79OL]

/usr/bin/pkill

[pkill -9 MISAKI-U79OL]

/bin/busybox

[busybox pkill -9 MISAKI-U79OL]

/bin/sh

[sh -c pkill -9 foAxi102kxe || busybox pkill -9 foAxi102kxe]

/usr/bin/pkill

[pkill -9 foAxi102kxe]

/bin/busybox

[busybox pkill -9 foAxi102kxe]

/bin/sh

[sh -c pkill -9 swodjwodjwoj || busybox pkill -9 swodjwodjwoj]

/usr/bin/pkill

[pkill -9 swodjwodjwoj]

/bin/busybox

[busybox pkill -9 swodjwodjwoj]

/bin/sh

[sh -c pkill -9 MmKiy7f87l || busybox pkill -9 MmKiy7f87l]

/usr/bin/pkill

[pkill -9 MmKiy7f87l]

/bin/busybox

[busybox pkill -9 MmKiy7f87l]

/bin/sh

[sh -c pkill -9 freecookiex86 || busybox pkill -9 freecookiex86]

/usr/bin/pkill

[pkill -9 freecookiex86]

/bin/busybox

[busybox pkill -9 freecookiex86]

/bin/sh

[sh -c pkill -9 sysgpu || busybox pkill -9 sysgpu]

/usr/bin/pkill

[pkill -9 sysgpu]

/bin/busybox

[busybox pkill -9 sysgpu]

/bin/sh

[sh -c pkill -9 NiGGeR69xd || busybox pkill -9 NiGGeR69xd]

/usr/bin/pkill

[pkill -9 NiGGeR69xd]

/bin/busybox

[busybox pkill -9 NiGGeR69xd]

/bin/sh

[sh -c pkill -9 frgege || busybox pkill -9 frgege]

/usr/bin/pkill

[pkill -9 frgege]

/bin/busybox

[busybox pkill -9 frgege]

/bin/sh

[sh -c pkill -9 sysupdater || busybox pkill -9 sysupdater]

/usr/bin/pkill

[pkill -9 sysupdater]

/bin/busybox

[busybox pkill -9 sysupdater]

/bin/sh

[sh -c pkill -9 0DnAzepd || busybox pkill -9 0DnAzepd]

/usr/bin/pkill

[pkill -9 0DnAzepd]

/bin/busybox

[busybox pkill -9 0DnAzepd]

/bin/sh

[sh -c pkill -9 NiGGeRD0nks69 || busybox pkill -9 NiGGeRD0nks69]

/usr/bin/pkill

[pkill -9 NiGGeRD0nks69]

/bin/busybox

[busybox pkill -9 NiGGeRD0nks69]

/bin/sh

[sh -c pkill -9 frgreu || busybox pkill -9 frgreu]

/usr/bin/pkill

[pkill -9 frgreu]

/bin/busybox

[busybox pkill -9 frgreu]

/bin/sh

[sh -c pkill -9 telnetd || busybox pkill -9 telnetd]

/usr/bin/pkill

[pkill -9 telnetd]

/bin/busybox

[busybox pkill -9 telnetd]

/bin/sh

[sh -c pkill -9 0x766f6964 || busybox pkill -9 0x766f6964]

/usr/bin/pkill

[pkill -9 0x766f6964]

/bin/busybox

[busybox pkill -9 0x766f6964]

/bin/sh

[sh -c pkill -9 NiGGeRd0nks1337 || busybox pkill -9 NiGGeRd0nks1337]

/usr/bin/pkill

[pkill -9 NiGGeRd0nks1337]

/bin/busybox

[busybox pkill -9 NiGGeRd0nks1337]

/bin/sh

[sh -c pkill -9 gaft || busybox pkill -9 gaft]

/usr/bin/pkill

[pkill -9 gaft]

/bin/busybox

[busybox pkill -9 gaft]

/bin/sh

[sh -c pkill -9 urasgbsigboa || busybox pkill -9 urasgbsigboa]

/usr/bin/pkill

[pkill -9 urasgbsigboa]

/bin/busybox

[busybox pkill -9 urasgbsigboa]

/bin/sh

[sh -c pkill -9 120i3UI49 || busybox pkill -9 120i3UI49]

/usr/bin/pkill

[pkill -9 120i3UI49]

/bin/busybox

[busybox pkill -9 120i3UI49]

/bin/sh

[sh -c pkill -9 OaF3 || busybox pkill -9 OaF3]

/usr/bin/pkill

[pkill -9 OaF3]

/bin/busybox

[busybox pkill -9 OaF3]

/bin/sh

[sh -c pkill -9 geae || busybox pkill -9 geae]

/usr/bin/pkill

[pkill -9 geae]

/bin/busybox

[busybox pkill -9 geae]

/bin/sh

[sh -c pkill -9 vaiolmao || busybox pkill -9 vaiolmao]

/usr/bin/pkill

[pkill -9 vaiolmao]

/bin/busybox

[busybox pkill -9 vaiolmao]

/bin/sh

[sh -c pkill -9 123123a || busybox pkill -9 123123a]

/usr/bin/pkill

[pkill -9 123123a]

/bin/busybox

[busybox pkill -9 123123a]

/bin/sh

[sh -c pkill -9 Ofurain0n4H34D || busybox pkill -9 Ofurain0n4H34D]

/usr/bin/pkill

[pkill -9 Ofurain0n4H34D]

/bin/busybox

[busybox pkill -9 Ofurain0n4H34D]

/bin/sh

[sh -c pkill -9 ggTrex || busybox pkill -9 ggTrex]

/usr/bin/pkill

[pkill -9 ggTrex]

/bin/busybox

[busybox pkill -9 ggTrex]

/bin/sh

[sh -c pkill -9 wasads || busybox pkill -9 wasads]

/usr/bin/pkill

[pkill -9 wasads]

/bin/busybox

[busybox pkill -9 wasads]

/bin/sh

[sh -c pkill -9 1293194hjXD || busybox pkill -9 1293194hjXD]

/usr/bin/pkill

[pkill -9 1293194hjXD]

/bin/busybox

[busybox pkill -9 1293194hjXD]

/bin/sh

[sh -c pkill -9 OthLaLosn || busybox pkill -9 OthLaLosn]

/usr/bin/pkill

[pkill -9 OthLaLosn]

/bin/busybox

[busybox pkill -9 OthLaLosn]

/bin/sh

[sh -c pkill -9 ggt || busybox pkill -9 ggt]

/usr/bin/pkill

[pkill -9 ggt]

/bin/busybox

[busybox pkill -9 ggt]

/bin/sh

[sh -c pkill -9 wget-log || busybox pkill -9 wget-log]

/usr/bin/pkill

[pkill -9 wget-log]

/bin/busybox

[busybox pkill -9 wget-log]

/bin/sh

[sh -c pkill -9 1337SoraLOADER || busybox pkill -9 1337SoraLOADER]

/usr/bin/pkill

[pkill -9 1337SoraLOADER]

/bin/busybox

[busybox pkill -9 1337SoraLOADER]

/bin/sh

[sh -c pkill -9 SAIAKINA || busybox pkill -9 SAIAKINA]

/usr/bin/pkill

[pkill -9 SAIAKINA]

/bin/busybox

[busybox pkill -9 SAIAKINA]

/bin/sh

[sh -c pkill -9 ggtq || busybox pkill -9 ggtq]

/usr/bin/pkill

[pkill -9 ggtq]

/bin/busybox

[busybox pkill -9 ggtq]

/bin/sh

[sh -c pkill -9 1378bfp919GRB1Q2 || busybox pkill -9 1378bfp919GRB1Q2]

/usr/bin/pkill

[pkill -9 1378bfp919GRB1Q2]

/bin/busybox

[busybox pkill -9 1378bfp919GRB1Q2]

/bin/sh

[sh -c pkill -9 SAIAKUSO || busybox pkill -9 SAIAKUSO]

/usr/bin/pkill

[pkill -9 SAIAKUSO]

/bin/busybox

[busybox pkill -9 SAIAKUSO]

/bin/sh

[sh -c pkill -9 ggtr || busybox pkill -9 ggtr]

/usr/bin/pkill

[pkill -9 ggtr]

/bin/busybox

[busybox pkill -9 ggtr]

/bin/sh

[sh -c pkill -9 14Fa || busybox pkill -9 14Fa]

/usr/bin/pkill

[pkill -9 14Fa]

/bin/busybox

[busybox pkill -9 14Fa]

/bin/sh

[sh -c pkill -9 SEXSLAVE1337 || busybox pkill -9 SEXSLAVE1337]

/usr/bin/pkill

[pkill -9 SEXSLAVE1337]

/bin/busybox

[busybox pkill -9 SEXSLAVE1337]

/bin/sh

[sh -c pkill -9 ggtt || busybox pkill -9 ggtt]

/usr/bin/pkill

[pkill -9 ggtt]

/bin/busybox

[busybox pkill -9 ggtt]

/bin/sh

[sh -c pkill -9 1902a3u912u3u4 || busybox pkill -9 1902a3u912u3u4]

/usr/bin/pkill

[pkill -9 1902a3u912u3u4]

/bin/busybox

[busybox pkill -9 1902a3u912u3u4]

/bin/sh

[sh -c pkill -9 SO190Ij1X || busybox pkill -9 SO190Ij1X]

/usr/bin/pkill

[pkill -9 SO190Ij1X]

/bin/busybox

[busybox pkill -9 SO190Ij1X]

/bin/sh

[sh -c pkill -9 haetrghbr || busybox pkill -9 haetrghbr]

/usr/bin/pkill

[pkill -9 haetrghbr]

/bin/busybox

[busybox pkill -9 haetrghbr]

/bin/sh

[sh -c pkill -9 19ju3d || busybox pkill -9 19ju3d]

/usr/bin/pkill

[pkill -9 19ju3d]

/bin/busybox

[busybox pkill -9 19ju3d]

/bin/sh

[sh -c pkill -9 SORAojkf120 || busybox pkill -9 SORAojkf120]

/usr/bin/pkill

[pkill -9 SORAojkf120]

/bin/busybox

[busybox pkill -9 SORAojkf120]

/bin/sh

[sh -c pkill -9 hehahejeje92 || busybox pkill -9 hehahejeje92]

/usr/bin/pkill

[pkill -9 hehahejeje92]

/bin/busybox

[busybox pkill -9 hehahejeje92]

/bin/sh

[sh -c pkill -9 2U2JDJA901F91 || busybox pkill -9 2U2JDJA901F91]

/usr/bin/pkill

[pkill -9 2U2JDJA901F91]

/bin/busybox

[busybox pkill -9 2U2JDJA901F91]

/bin/sh

[sh -c pkill -9 SlaVLav12 || busybox pkill -9 SlaVLav12]

/usr/bin/pkill

[pkill -9 SlaVLav12]

/bin/busybox

[busybox pkill -9 SlaVLav12]

/bin/sh

[sh -c pkill -9 helpmedaddthhhhh || busybox pkill -9 helpmedaddthhhhh]

/usr/bin/pkill

[pkill -9 helpmedaddthhhhh]

/bin/busybox

[busybox pkill -9 helpmedaddthhhhh]

/bin/sh

[sh -c pkill -9 2wgg9qphbq || busybox pkill -9 2wgg9qphbq]

/usr/bin/pkill

[pkill -9 2wgg9qphbq]

/bin/busybox

[busybox pkill -9 2wgg9qphbq]

/bin/sh

[sh -c pkill -9 Slav3Th3seD3vices || busybox pkill -9 Slav3Th3seD3vices]

/usr/bin/pkill

[pkill -9 Slav3Th3seD3vices]

/bin/busybox

[busybox pkill -9 Slav3Th3seD3vices]

/bin/sh

[sh -c pkill -9 hzSmYZjYMQ || busybox pkill -9 hzSmYZjYMQ]

/usr/bin/pkill

[pkill -9 hzSmYZjYMQ]

/bin/busybox

[busybox pkill -9 hzSmYZjYMQ]

/bin/sh

[sh -c pkill -9 5Gbf || busybox pkill -9 5Gbf]

/usr/bin/pkill

[pkill -9 5Gbf]

/bin/busybox

[busybox pkill -9 5Gbf]

/bin/sh

[sh -c pkill -9 SoRAxD123LOL || busybox pkill -9 SoRAxD123LOL]

/usr/bin/pkill

[pkill -9 SoRAxD123LOL]

/bin/busybox

[busybox pkill -9 SoRAxD123LOL]

/bin/sh

[sh -c pkill -9 iaGv || busybox pkill -9 iaGv]

/usr/bin/pkill

[pkill -9 iaGv]

/bin/busybox

[busybox pkill -9 iaGv]

/bin/sh

[sh -c pkill -9 5aA3 || busybox pkill -9 5aA3]

/usr/bin/pkill

[pkill -9 5aA3]

/bin/busybox

[busybox pkill -9 5aA3]

/bin/sh

[sh -c pkill -9 SoRAxD420LOL || busybox pkill -9 SoRAxD420LOL]

/usr/bin/pkill

[pkill -9 SoRAxD420LOL]

/bin/busybox

[busybox pkill -9 SoRAxD420LOL]

/bin/sh

[sh -c pkill -9 insomni || busybox pkill -9 insomni]

/usr/bin/pkill

[pkill -9 insomni]

/bin/busybox

[busybox pkill -9 insomni]

/bin/sh

[sh -c pkill -9 640277 || busybox pkill -9 640277]

/usr/bin/pkill

[pkill -9 640277]

/bin/busybox

[busybox pkill -9 640277]

/bin/sh

[sh -c pkill -9 SoraBeReppin1337 || busybox pkill -9 SoraBeReppin1337]

/usr/bin/pkill

[pkill -9 SoraBeReppin1337]

/bin/busybox

[busybox pkill -9 SoraBeReppin1337]

/bin/sh

[sh -c pkill -9 ipcamCache || busybox pkill -9 ipcamCache]

/usr/bin/pkill

[pkill -9 ipcamCache]

/bin/busybox

[busybox pkill -9 ipcamCache]

/bin/sh

[sh -c pkill -9 66tlGg9Q || busybox pkill -9 66tlGg9Q]

/usr/bin/pkill

[pkill -9 66tlGg9Q]

/bin/busybox

[busybox pkill -9 66tlGg9Q]

/bin/sh

[sh -c pkill -9 T || busybox pkill -9 T]

/usr/bin/pkill

[pkill -9 T]

/bin/busybox

[busybox pkill -9 T]

/bin/sh

[sh -c pkill -9 jUYfouyf87 || busybox pkill -9 jUYfouyf87]

/usr/bin/pkill

[pkill -9 jUYfouyf87]

/bin/busybox

[busybox pkill -9 jUYfouyf87]

/bin/sh

[sh -c pkill -9 6ke3 || busybox pkill -9 6ke3]

/usr/bin/pkill

[pkill -9 6ke3]

/bin/busybox

[busybox pkill -9 6ke3]

/bin/sh

[sh -c pkill -9 TOKYO3 || busybox pkill -9 TOKYO3]

/usr/bin/pkill

[pkill -9 TOKYO3]

/bin/busybox

[busybox pkill -9 TOKYO3]

/bin/sh

[sh -c pkill -9 lyEeaXul2dULCVxh || busybox pkill -9 lyEeaXul2dULCVxh]

/usr/bin/pkill

[pkill -9 lyEeaXul2dULCVxh]

/bin/busybox

[busybox pkill -9 lyEeaXul2dULCVxh]

/bin/sh

[sh -c pkill -9 93OfjHZ2z || busybox pkill -9 93OfjHZ2z]

/usr/bin/pkill

[pkill -9 93OfjHZ2z]

/bin/busybox

[busybox pkill -9 93OfjHZ2z]

/bin/sh

[sh -c pkill -9 TY2gD6MZvKc7KU6r || busybox pkill -9 TY2gD6MZvKc7KU6r]

/usr/bin/pkill

[pkill -9 TY2gD6MZvKc7KU6r]

/bin/busybox

[busybox pkill -9 TY2gD6MZvKc7KU6r]

/bin/sh

[sh -c pkill -9 mMkiy6f87l || busybox pkill -9 mMkiy6f87l]

/usr/bin/pkill

[pkill -9 mMkiy6f87l]

/bin/busybox

[busybox pkill -9 mMkiy6f87l]

/bin/sh

[sh -c pkill -9 A023UU4U24UIU || busybox pkill -9 A023UU4U24UIU]

/usr/bin/pkill

[pkill -9 A023UU4U24UIU]

/bin/busybox

[busybox pkill -9 A023UU4U24UIU]

/bin/sh

[sh -c pkill -9 TheWeeknd || busybox pkill -9 TheWeeknd]

/usr/bin/pkill

[pkill -9 TheWeeknd]

/bin/busybox

[busybox pkill -9 TheWeeknd]

/bin/sh

[sh -c pkill -9 mioribitches || busybox pkill -9 mioribitches]

/usr/bin/pkill

[pkill -9 mioribitches]

/bin/busybox

[busybox pkill -9 mioribitches]

/bin/sh

[sh -c pkill -9 A5p9 || busybox pkill -9 A5p9]

/usr/bin/pkill

[pkill -9 A5p9]

/bin/busybox

[busybox pkill -9 A5p9]

/bin/sh

[sh -c pkill -9 TheWeeknds || busybox pkill -9 TheWeeknds]

/usr/bin/pkill

[pkill -9 TheWeeknds]

/bin/busybox

[busybox pkill -9 TheWeeknds]

/bin/sh

[sh -c pkill -9 mnblkjpoi || busybox pkill -9 mnblkjpoi]

/usr/bin/pkill

[pkill -9 mnblkjpoi]

/bin/busybox

[busybox pkill -9 mnblkjpoi]

/bin/sh

[sh -c pkill -9 AbAd || busybox pkill -9 AbAd]

/usr/bin/pkill

[pkill -9 AbAd]

/bin/busybox

[busybox pkill -9 AbAd]

/bin/sh

[sh -c pkill -9 Tokyos || busybox pkill -9 Tokyos]

/usr/bin/pkill

[pkill -9 Tokyos]

/bin/busybox

[busybox pkill -9 Tokyos]

/bin/sh

[sh -c pkill -9 neb || busybox pkill -9 neb]

/usr/bin/pkill

[pkill -9 neb]

/bin/busybox

[busybox pkill -9 neb]

/bin/sh

[sh -c pkill -9 Akiru || busybox pkill -9 Akiru]

/usr/bin/pkill

[pkill -9 Akiru]

/bin/busybox

[busybox pkill -9 Akiru]

/bin/sh

[sh -c pkill -9 U8inTz || busybox pkill -9 U8inTz]

/usr/bin/pkill

[pkill -9 U8inTz]

/bin/busybox

[busybox pkill -9 U8inTz]

/bin/sh

[sh -c pkill -9 netstats || busybox pkill -9 netstats]

/usr/bin/pkill

[pkill -9 netstats]

/bin/busybox

[busybox pkill -9 netstats]

/bin/sh

[sh -c pkill -9 Alex || busybox pkill -9 Alex]

/usr/bin/pkill

[pkill -9 Alex]

/bin/busybox

[busybox pkill -9 Alex]

/bin/sh

[sh -c pkill -9 W9RCAKM20T || busybox pkill -9 W9RCAKM20T]

/usr/bin/pkill

[pkill -9 W9RCAKM20T]

/bin/busybox

[busybox pkill -9 W9RCAKM20T]

/bin/sh

[sh -c pkill -9 newnetword || busybox pkill -9 newnetword]

/usr/bin/pkill

[pkill -9 newnetword]

/bin/busybox

[busybox pkill -9 newnetword]

/bin/sh

[sh -c pkill -9 Ayo215 || busybox pkill -9 Ayo215]

/usr/bin/pkill

[pkill -9 Ayo215]

/bin/busybox

[busybox pkill -9 Ayo215]

/bin/sh

[sh -c pkill -9 Word || busybox pkill -9 Word]

/usr/bin/pkill

[pkill -9 Word]

/bin/busybox

[busybox pkill -9 Word]

/bin/sh

[sh -c pkill -9 nloads || busybox pkill -9 nloads]

/usr/bin/pkill

[pkill -9 nloads]

/bin/busybox

[busybox pkill -9 nloads]

/bin/sh

[sh -c pkill -9 BAdAsV || busybox pkill -9 BAdAsV]

/usr/bin/pkill

[pkill -9 BAdAsV]

/bin/busybox

[busybox pkill -9 BAdAsV]

/bin/sh

[sh -c pkill -9 Wordmane || busybox pkill -9 Wordmane]

/usr/bin/pkill

[pkill -9 Wordmane]

/bin/busybox

[busybox pkill -9 Wordmane]

/bin/sh

[sh -c pkill -9 notyakuzaa || busybox pkill -9 notyakuzaa]

/usr/bin/pkill

[pkill -9 notyakuzaa]

/bin/busybox

[busybox pkill -9 notyakuzaa]

/bin/sh

[sh -c pkill -9 Belch || busybox pkill -9 Belch]

/usr/bin/pkill

[pkill -9 Belch]

/bin/busybox

[busybox pkill -9 Belch]

/bin/sh

[sh -c pkill -9 Wordnets || busybox pkill -9 Wordnets]

/usr/bin/pkill

[pkill -9 Wordnets]

/bin/busybox

[busybox pkill -9 Wordnets]

/bin/sh

[sh -c pkill -9 obp || busybox pkill -9 obp]

/usr/bin/pkill

[pkill -9 obp]

/bin/busybox

[busybox pkill -9 obp]

/bin/sh

[sh -c pkill -9 BigN0gg0r420 || busybox pkill -9 BigN0gg0r420]

/usr/bin/pkill

[pkill -9 BigN0gg0r420]

Network

Country Destination Domain Proto
IT 95.244.74.107:5062 tcp
IT 95.244.74.107:5062 tcp
IT 95.244.74.107:5062 tcp
IT 95.244.74.107:5062 tcp
IT 95.244.74.107:5062 tcp
IT 95.244.74.107:5062 tcp
IT 95.244.74.107:5062 tcp
IT 95.244.74.107:5062 tcp
IT 95.244.74.107:5062 tcp
IT 95.244.74.107:5062 tcp
IT 95.244.74.107:5062 tcp
IT 95.244.74.107:5062 tcp
IT 95.244.74.107:5062 tcp
IT 95.244.74.107:5062 tcp
IT 95.244.74.107:5062 tcp
IT 95.244.74.107:5062 tcp

Files

N/A