Malware Analysis Report

2024-11-15 09:32

Sample ID 220724-3l8w7sdfam
Target a4ea4942fe451a7d550c9d38362687f6a26fba6e8b7ddef1141cda029b8e4186
SHA256 a4ea4942fe451a7d550c9d38362687f6a26fba6e8b7ddef1141cda029b8e4186
Tags
mirai mirai_x86corona
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V6

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

SHA256

a4ea4942fe451a7d550c9d38362687f6a26fba6e8b7ddef1141cda029b8e4186

Threat Level: Known bad

The file a4ea4942fe451a7d550c9d38362687f6a26fba6e8b7ddef1141cda029b8e4186 was found to be: Known bad.

Malicious Activity Summary

mirai mirai_x86corona

Detect Mirai payload

Detected x86corona Mirai variant

Mirai family

Mirai_x86corona family

Reads CPU attributes

Reads runtime system information

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2022-07-24 23:37

Signatures

Detect Mirai payload

Description Indicator Process Target
N/A N/A N/A N/A

Detected x86corona Mirai variant

Description Indicator Process Target
N/A N/A N/A N/A

Mirai family

mirai

Mirai_x86corona family

mirai_x86corona

Analysis: behavioral1

Detonation Overview

Submitted

2022-07-24 23:37

Reported

2022-07-24 23:46

Platform

ubuntu1804-amd64-en-20211208

Max time kernel

19724s

Max time network

155s

Command Line

[/tmp/a4ea4942fe451a7d550c9d38362687f6a26fba6e8b7ddef1141cda029b8e4186]

Signatures

Reads CPU attributes

Description Indicator Process Target
/sys/devices/system/cpu/online /sys/devices/system/cpu/online /usr/bin/pkill N/A
/sys/devices/system/cpu/online /sys/devices/system/cpu/online /usr/bin/pkill N/A
/sys/devices/system/cpu/online /sys/devices/system/cpu/online /usr/bin/pkill N/A
/sys/devices/system/cpu/online /sys/devices/system/cpu/online /usr/bin/pkill N/A
/sys/devices/system/cpu/online /sys/devices/system/cpu/online /usr/bin/pkill N/A
/sys/devices/system/cpu/online /sys/devices/system/cpu/online /usr/bin/pkill N/A
/sys/devices/system/cpu/online /sys/devices/system/cpu/online /usr/bin/pkill N/A
/sys/devices/system/cpu/online /sys/devices/system/cpu/online /usr/bin/pkill N/A
/sys/devices/system/cpu/online /sys/devices/system/cpu/online /usr/bin/pkill N/A
/sys/devices/system/cpu/online /sys/devices/system/cpu/online /usr/bin/pkill N/A
/sys/devices/system/cpu/online /sys/devices/system/cpu/online /usr/bin/pkill N/A
/sys/devices/system/cpu/online /sys/devices/system/cpu/online /usr/bin/pkill N/A
/sys/devices/system/cpu/online /sys/devices/system/cpu/online /usr/bin/pkill N/A
/sys/devices/system/cpu/online /sys/devices/system/cpu/online /usr/bin/pkill N/A
/sys/devices/system/cpu/online /sys/devices/system/cpu/online /usr/bin/pkill N/A
/sys/devices/system/cpu/online /sys/devices/system/cpu/online /usr/bin/pkill N/A
/sys/devices/system/cpu/online /sys/devices/system/cpu/online /usr/bin/pkill N/A
/sys/devices/system/cpu/online /sys/devices/system/cpu/online /usr/bin/pkill N/A
/sys/devices/system/cpu/online /sys/devices/system/cpu/online /usr/bin/pkill N/A
/sys/devices/system/cpu/online /sys/devices/system/cpu/online /usr/bin/pkill N/A
/sys/devices/system/cpu/online /sys/devices/system/cpu/online /usr/bin/pkill N/A
/sys/devices/system/cpu/online /sys/devices/system/cpu/online /usr/bin/pkill N/A
/sys/devices/system/cpu/online /sys/devices/system/cpu/online /usr/bin/pkill N/A
/sys/devices/system/cpu/online /sys/devices/system/cpu/online /usr/bin/pkill N/A
/sys/devices/system/cpu/online /sys/devices/system/cpu/online /usr/bin/pkill N/A
/sys/devices/system/cpu/online /sys/devices/system/cpu/online /usr/bin/pkill N/A
/sys/devices/system/cpu/online /sys/devices/system/cpu/online /usr/bin/pkill N/A
/sys/devices/system/cpu/online /sys/devices/system/cpu/online /usr/bin/pkill N/A
/sys/devices/system/cpu/online /sys/devices/system/cpu/online /usr/bin/pkill N/A
/sys/devices/system/cpu/online /sys/devices/system/cpu/online /usr/bin/pkill N/A
/sys/devices/system/cpu/online /sys/devices/system/cpu/online /usr/bin/pkill N/A
/sys/devices/system/cpu/online /sys/devices/system/cpu/online /usr/bin/pkill N/A
/sys/devices/system/cpu/online /sys/devices/system/cpu/online /usr/bin/pkill N/A
/sys/devices/system/cpu/online /sys/devices/system/cpu/online /usr/bin/pkill N/A
/sys/devices/system/cpu/online /sys/devices/system/cpu/online /usr/bin/pkill N/A
/sys/devices/system/cpu/online /sys/devices/system/cpu/online /usr/bin/pkill N/A
/sys/devices/system/cpu/online /sys/devices/system/cpu/online /usr/bin/pkill N/A
/sys/devices/system/cpu/online /sys/devices/system/cpu/online /usr/bin/pkill N/A
/sys/devices/system/cpu/online /sys/devices/system/cpu/online /usr/bin/pkill N/A
/sys/devices/system/cpu/online /sys/devices/system/cpu/online /usr/bin/pkill N/A
/sys/devices/system/cpu/online /sys/devices/system/cpu/online /usr/bin/pkill N/A
/sys/devices/system/cpu/online /sys/devices/system/cpu/online /usr/bin/pkill N/A
/sys/devices/system/cpu/online /sys/devices/system/cpu/online /usr/bin/pkill N/A
/sys/devices/system/cpu/online /sys/devices/system/cpu/online /usr/bin/pkill N/A
/sys/devices/system/cpu/online /sys/devices/system/cpu/online /usr/bin/pkill N/A
/sys/devices/system/cpu/online /sys/devices/system/cpu/online /usr/bin/pkill N/A
/sys/devices/system/cpu/online /sys/devices/system/cpu/online /usr/bin/pkill N/A
/sys/devices/system/cpu/online /sys/devices/system/cpu/online /usr/bin/pkill N/A
/sys/devices/system/cpu/online /sys/devices/system/cpu/online /usr/bin/pkill N/A
/sys/devices/system/cpu/online /sys/devices/system/cpu/online /usr/bin/pkill N/A
/sys/devices/system/cpu/online /sys/devices/system/cpu/online /usr/bin/pkill N/A
/sys/devices/system/cpu/online /sys/devices/system/cpu/online /usr/bin/pkill N/A
/sys/devices/system/cpu/online /sys/devices/system/cpu/online /usr/bin/pkill N/A
/sys/devices/system/cpu/online /sys/devices/system/cpu/online /usr/bin/pkill N/A
/sys/devices/system/cpu/online /sys/devices/system/cpu/online /usr/bin/pkill N/A
/sys/devices/system/cpu/online /sys/devices/system/cpu/online /usr/bin/pkill N/A
/sys/devices/system/cpu/online /sys/devices/system/cpu/online /usr/bin/pkill N/A
/sys/devices/system/cpu/online /sys/devices/system/cpu/online /usr/bin/pkill N/A
/sys/devices/system/cpu/online /sys/devices/system/cpu/online /usr/bin/pkill N/A
/sys/devices/system/cpu/online /sys/devices/system/cpu/online /usr/bin/pkill N/A
/sys/devices/system/cpu/online /sys/devices/system/cpu/online /usr/bin/pkill N/A
/sys/devices/system/cpu/online /sys/devices/system/cpu/online /usr/bin/pkill N/A
/sys/devices/system/cpu/online /sys/devices/system/cpu/online /usr/bin/pkill N/A
/sys/devices/system/cpu/online /sys/devices/system/cpu/online /usr/bin/pkill N/A

Reads runtime system information

Description Indicator Process Target
/proc/3/cmdline /proc/3/cmdline /usr/bin/pkill N/A
/proc/31/cmdline /proc/31/cmdline /usr/bin/pkill N/A
/proc/357/cmdline /proc/357/cmdline /usr/bin/pkill N/A
/proc/262/cmdline /proc/262/cmdline /usr/bin/pkill N/A
/proc/600/cmdline /proc/600/cmdline /usr/bin/pkill N/A
/proc/30/cmdline /proc/30/cmdline /usr/bin/pkill N/A
/proc/4/cmdline /proc/4/cmdline /usr/bin/pkill N/A
/proc/409/cmdline /proc/409/cmdline /usr/bin/pkill N/A
/proc/166/cmdline /proc/166/cmdline /usr/bin/pkill N/A
/proc/24/cmdline /proc/24/cmdline /usr/bin/pkill N/A
/proc/389/cmdline /proc/389/cmdline /usr/bin/pkill N/A
/proc/16/cmdline /proc/16/cmdline /usr/bin/pkill N/A
/proc/250/status /proc/250/status /usr/bin/pkill N/A
/proc/355/status /proc/355/status /usr/bin/pkill N/A
/proc/20/cmdline /proc/20/cmdline /usr/bin/pkill N/A
/proc/331/status /proc/331/status /usr/bin/pkill N/A
/proc/171/cmdline /proc/171/cmdline /usr/bin/pkill N/A
/proc/787/status /proc/787/status /usr/bin/pkill N/A
/proc/36/status /proc/36/status /usr/bin/pkill N/A
/proc/36/cmdline /proc/36/cmdline /usr/bin/pkill N/A
/proc/78/cmdline /proc/78/cmdline /usr/bin/pkill N/A
/proc/170/status /proc/170/status /usr/bin/pkill N/A
/proc/34/cmdline /proc/34/cmdline /usr/bin/pkill N/A
/proc/21/status /proc/21/status /usr/bin/pkill N/A
/proc/3/status /proc/3/status /usr/bin/pkill N/A
/proc/98/cmdline /proc/98/cmdline /usr/bin/pkill N/A
/proc/13/status /proc/13/status /usr/bin/pkill N/A
/proc/600/cmdline /proc/600/cmdline /usr/bin/pkill N/A
/proc/20/status /proc/20/status /usr/bin/pkill N/A
/proc/79/status /proc/79/status /usr/bin/pkill N/A
/proc/331/cmdline /proc/331/cmdline /usr/bin/pkill N/A
/proc/331/cmdline /proc/331/cmdline /usr/bin/pkill N/A
/proc/sys/kernel/osrelease /proc/sys/kernel/osrelease /usr/bin/pkill N/A
/proc/13/status /proc/13/status /usr/bin/pkill N/A
/proc/167/status /proc/167/status /usr/bin/pkill N/A
/proc/171/cmdline /proc/171/cmdline /usr/bin/pkill N/A
/proc/389/cmdline /proc/389/cmdline /usr/bin/pkill N/A
/proc/366/status /proc/366/status /usr/bin/pkill N/A
/proc/422/status /proc/422/status /usr/bin/pkill N/A
/proc/15/status /proc/15/status /usr/bin/pkill N/A
/proc/26/cmdline /proc/26/cmdline /usr/bin/pkill N/A
/proc/89/status /proc/89/status /usr/bin/pkill N/A
/proc/164/cmdline /proc/164/cmdline /usr/bin/pkill N/A
/proc/126/status /proc/126/status /usr/bin/pkill N/A
/proc/23/cmdline /proc/23/cmdline /usr/bin/pkill N/A
/proc/8/status /proc/8/status /usr/bin/pkill N/A
/proc/28/cmdline /proc/28/cmdline /usr/bin/pkill N/A
/proc/7/status /proc/7/status /usr/bin/pkill N/A
/proc/82/status /proc/82/status /usr/bin/pkill N/A
/proc/163/status /proc/163/status /usr/bin/pkill N/A
/proc/19/status /proc/19/status /usr/bin/pkill N/A
/proc/163/cmdline /proc/163/cmdline /usr/bin/pkill N/A
/proc/1020/cmdline /proc/1020/cmdline /usr/bin/pkill N/A
/proc/178/status /proc/178/status /usr/bin/pkill N/A
/proc/382/status /proc/382/status /usr/bin/pkill N/A
/proc/85/status /proc/85/status /usr/bin/pkill N/A
/proc/2/cmdline /proc/2/cmdline /usr/bin/pkill N/A
/proc/358/cmdline /proc/358/cmdline /usr/bin/pkill N/A
/proc/262/status /proc/262/status /usr/bin/pkill N/A
/proc/82/status /proc/82/status /usr/bin/pkill N/A
/proc/78/cmdline /proc/78/cmdline /usr/bin/pkill N/A
/proc/17/cmdline /proc/17/cmdline /usr/bin/pkill N/A
/proc/352/status /proc/352/status /usr/bin/pkill N/A
/proc/170/cmdline /proc/170/cmdline /usr/bin/pkill N/A

Processes

/tmp/a4ea4942fe451a7d550c9d38362687f6a26fba6e8b7ddef1141cda029b8e4186

[/tmp/a4ea4942fe451a7d550c9d38362687f6a26fba6e8b7ddef1141cda029b8e4186]

/bin/sh

[sh -c pkill -9 902i13 || busybox pkill -9 902i13]

/usr/bin/pkill

[pkill -9 902i13]

/bin/busybox

[busybox pkill -9 902i13]

/bin/sh

[sh -c pkill -9 BzSxLxBxeY || busybox pkill -9 BzSxLxBxeY]

/usr/bin/pkill

[pkill -9 BzSxLxBxeY]

/bin/busybox

[busybox pkill -9 BzSxLxBxeY]

/bin/sh

[sh -c pkill -9 HOHO-LUGO7 || busybox pkill -9 HOHO-LUGO7]

/usr/bin/pkill

[pkill -9 HOHO-LUGO7]

/bin/busybox

[busybox pkill -9 HOHO-LUGO7]

/bin/sh

[sh -c pkill -9 HOHO-U79OL || busybox pkill -9 HOHO-U79OL]

/usr/bin/pkill

[pkill -9 HOHO-U79OL]

/bin/busybox

[busybox pkill -9 HOHO-U79OL]

/bin/sh

[sh -c pkill -9 JuYfouyf87 || busybox pkill -9 JuYfouyf87]

/usr/bin/pkill

[pkill -9 JuYfouyf87]

/bin/busybox

[busybox pkill -9 JuYfouyf87]

/bin/sh

[sh -c pkill -9 NiGGeR69xd || busybox pkill -9 NiGGeR69xd]

/usr/bin/pkill

[pkill -9 NiGGeR69xd]

/bin/busybox

[busybox pkill -9 NiGGeR69xd]

/bin/sh

[sh -c pkill -9 SO190Ij1X || busybox pkill -9 SO190Ij1X]

/usr/bin/pkill

[pkill -9 SO190Ij1X]

/bin/busybox

[busybox pkill -9 SO190Ij1X]

/bin/sh

[sh -c pkill -9 LOLKIKEEEDDE || busybox pkill -9 LOLKIKEEEDDE]

/usr/bin/pkill

[pkill -9 LOLKIKEEEDDE]

/bin/busybox

[busybox pkill -9 LOLKIKEEEDDE]

/bin/sh

[sh -c pkill -9 ekjheory98e || busybox pkill -9 ekjheory98e]

/usr/bin/pkill

[pkill -9 ekjheory98e]

/bin/busybox

[busybox pkill -9 ekjheory98e]

/bin/sh

[sh -c pkill -9 scansh4 || busybox pkill -9 scansh4]

/usr/bin/pkill

[pkill -9 scansh4]

/bin/busybox

[busybox pkill -9 scansh4]

/bin/sh

[sh -c pkill -9 MDMA || busybox pkill -9 MDMA]

/usr/bin/pkill

[pkill -9 MDMA]

/bin/busybox

[busybox pkill -9 MDMA]

/bin/sh

[sh -c pkill -9 fdevalvex || busybox pkill -9 fdevalvex]

/usr/bin/pkill

[pkill -9 fdevalvex]

/bin/busybox

[busybox pkill -9 fdevalvex]

/bin/sh

[sh -c pkill -9 scanspc || busybox pkill -9 scanspc]

/usr/bin/pkill

[pkill -9 scanspc]

/bin/busybox

[busybox pkill -9 scanspc]

/bin/sh

[sh -c pkill -9 MELTEDNINJAREALZ || busybox pkill -9 MELTEDNINJAREALZ]

/usr/bin/pkill

[pkill -9 MELTEDNINJAREALZ]

/bin/busybox

[busybox pkill -9 MELTEDNINJAREALZ]

/bin/sh

[sh -c pkill -9 flexsonskids || busybox pkill -9 flexsonskids]

/usr/bin/pkill

[pkill -9 flexsonskids]

/bin/busybox

[busybox pkill -9 flexsonskids]

/bin/sh

[sh -c pkill -9 scanx86 || busybox pkill -9 scanx86]

/usr/bin/pkill

[pkill -9 scanx86]

/bin/busybox

[busybox pkill -9 scanx86]

/bin/sh

[sh -c pkill -9 MISAKI-U79OL || busybox pkill -9 MISAKI-U79OL]

/usr/bin/pkill

[pkill -9 MISAKI-U79OL]

/bin/busybox

[busybox pkill -9 MISAKI-U79OL]

/bin/sh

[sh -c pkill -9 foAxi102kxe || busybox pkill -9 foAxi102kxe]

/usr/bin/pkill

[pkill -9 foAxi102kxe]

/bin/busybox

[busybox pkill -9 foAxi102kxe]

/bin/sh

[sh -c pkill -9 swodjwodjwoj || busybox pkill -9 swodjwodjwoj]

/usr/bin/pkill

[pkill -9 swodjwodjwoj]

/bin/busybox

[busybox pkill -9 swodjwodjwoj]

/bin/sh

[sh -c pkill -9 MmKiy7f87l || busybox pkill -9 MmKiy7f87l]

/usr/bin/pkill

[pkill -9 MmKiy7f87l]

/bin/busybox

[busybox pkill -9 MmKiy7f87l]

/bin/sh

[sh -c pkill -9 freecookiex86 || busybox pkill -9 freecookiex86]

/usr/bin/pkill

[pkill -9 freecookiex86]

/bin/busybox

[busybox pkill -9 freecookiex86]

/bin/sh

[sh -c pkill -9 sysgpu || busybox pkill -9 sysgpu]

/usr/bin/pkill

[pkill -9 sysgpu]

/bin/busybox

[busybox pkill -9 sysgpu]

/bin/sh

[sh -c pkill -9 NiGGeR69xd || busybox pkill -9 NiGGeR69xd]

/usr/bin/pkill

[pkill -9 NiGGeR69xd]

/bin/busybox

[busybox pkill -9 NiGGeR69xd]

/bin/sh

[sh -c pkill -9 frgege || busybox pkill -9 frgege]

/usr/bin/pkill

[pkill -9 frgege]

/bin/busybox

[busybox pkill -9 frgege]

/bin/sh

[sh -c pkill -9 sysupdater || busybox pkill -9 sysupdater]

/usr/bin/pkill

[pkill -9 sysupdater]

/bin/busybox

[busybox pkill -9 sysupdater]

/bin/sh

[sh -c pkill -9 0DnAzepd || busybox pkill -9 0DnAzepd]

/usr/bin/pkill

[pkill -9 0DnAzepd]

/bin/busybox

[busybox pkill -9 0DnAzepd]

/bin/sh

[sh -c pkill -9 NiGGeRD0nks69 || busybox pkill -9 NiGGeRD0nks69]

/usr/bin/pkill

[pkill -9 NiGGeRD0nks69]

/bin/busybox

[busybox pkill -9 NiGGeRD0nks69]

/bin/sh

[sh -c pkill -9 frgreu || busybox pkill -9 frgreu]

/usr/bin/pkill

[pkill -9 frgreu]

/bin/busybox

[busybox pkill -9 frgreu]

/bin/sh

[sh -c pkill -9 telnetd || busybox pkill -9 telnetd]

/usr/bin/pkill

[pkill -9 telnetd]

/bin/busybox

[busybox pkill -9 telnetd]

/bin/sh

[sh -c pkill -9 0x766f6964 || busybox pkill -9 0x766f6964]

/usr/bin/pkill

[pkill -9 0x766f6964]

/bin/busybox

[busybox pkill -9 0x766f6964]

/bin/sh

[sh -c pkill -9 NiGGeRd0nks1337 || busybox pkill -9 NiGGeRd0nks1337]

/usr/bin/pkill

[pkill -9 NiGGeRd0nks1337]

/bin/busybox

[busybox pkill -9 NiGGeRd0nks1337]

/bin/sh

[sh -c pkill -9 gaft || busybox pkill -9 gaft]

/usr/bin/pkill

[pkill -9 gaft]

/bin/busybox

[busybox pkill -9 gaft]

/bin/sh

[sh -c pkill -9 urasgbsigboa || busybox pkill -9 urasgbsigboa]

/usr/bin/pkill

[pkill -9 urasgbsigboa]

/bin/busybox

[busybox pkill -9 urasgbsigboa]

/bin/sh

[sh -c pkill -9 120i3UI49 || busybox pkill -9 120i3UI49]

/usr/bin/pkill

[pkill -9 120i3UI49]

/bin/busybox

[busybox pkill -9 120i3UI49]

/bin/sh

[sh -c pkill -9 OaF3 || busybox pkill -9 OaF3]

/usr/bin/pkill

[pkill -9 OaF3]

/bin/busybox

[busybox pkill -9 OaF3]

/bin/sh

[sh -c pkill -9 geae || busybox pkill -9 geae]

/usr/bin/pkill

[pkill -9 geae]

/bin/busybox

[busybox pkill -9 geae]

/bin/sh

[sh -c pkill -9 vaiolmao || busybox pkill -9 vaiolmao]

/usr/bin/pkill

[pkill -9 vaiolmao]

/bin/busybox

[busybox pkill -9 vaiolmao]

/bin/sh

[sh -c pkill -9 123123a || busybox pkill -9 123123a]

/usr/bin/pkill

[pkill -9 123123a]

/bin/busybox

[busybox pkill -9 123123a]

/bin/sh

[sh -c pkill -9 Ofurain0n4H34D || busybox pkill -9 Ofurain0n4H34D]

/usr/bin/pkill

[pkill -9 Ofurain0n4H34D]

/bin/busybox

[busybox pkill -9 Ofurain0n4H34D]

/bin/sh

[sh -c pkill -9 ggTrex || busybox pkill -9 ggTrex]

/usr/bin/pkill

[pkill -9 ggTrex]

/bin/busybox

[busybox pkill -9 ggTrex]

/bin/sh

[sh -c pkill -9 wasads || busybox pkill -9 wasads]

/usr/bin/pkill

[pkill -9 wasads]

/bin/busybox

[busybox pkill -9 wasads]

/bin/sh

[sh -c pkill -9 1293194hjXD || busybox pkill -9 1293194hjXD]

/usr/bin/pkill

[pkill -9 1293194hjXD]

/bin/busybox

[busybox pkill -9 1293194hjXD]

/bin/sh

[sh -c pkill -9 OthLaLosn || busybox pkill -9 OthLaLosn]

/usr/bin/pkill

[pkill -9 OthLaLosn]

/bin/busybox

[busybox pkill -9 OthLaLosn]

/bin/sh

[sh -c pkill -9 ggt || busybox pkill -9 ggt]

/usr/bin/pkill

[pkill -9 ggt]

/bin/busybox

[busybox pkill -9 ggt]

/bin/sh

[sh -c pkill -9 wget-log || busybox pkill -9 wget-log]

/usr/bin/pkill

[pkill -9 wget-log]

/bin/busybox

[busybox pkill -9 wget-log]

/bin/sh

[sh -c pkill -9 1337SoraLOADER || busybox pkill -9 1337SoraLOADER]

/usr/bin/pkill

[pkill -9 1337SoraLOADER]

/bin/busybox

[busybox pkill -9 1337SoraLOADER]

/bin/sh

[sh -c pkill -9 SAIAKINA || busybox pkill -9 SAIAKINA]

/usr/bin/pkill

[pkill -9 SAIAKINA]

/bin/busybox

[busybox pkill -9 SAIAKINA]

/bin/sh

[sh -c pkill -9 ggtq || busybox pkill -9 ggtq]

/usr/bin/pkill

[pkill -9 ggtq]

/bin/busybox

[busybox pkill -9 ggtq]

/bin/sh

[sh -c pkill -9 1378bfp919GRB1Q2 || busybox pkill -9 1378bfp919GRB1Q2]

/usr/bin/pkill

[pkill -9 1378bfp919GRB1Q2]

/bin/busybox

[busybox pkill -9 1378bfp919GRB1Q2]

/bin/sh

[sh -c pkill -9 SAIAKUSO || busybox pkill -9 SAIAKUSO]

/usr/bin/pkill

[pkill -9 SAIAKUSO]

/bin/busybox

[busybox pkill -9 SAIAKUSO]

/bin/sh

[sh -c pkill -9 ggtr || busybox pkill -9 ggtr]

/usr/bin/pkill

[pkill -9 ggtr]

/bin/busybox

[busybox pkill -9 ggtr]

/bin/sh

[sh -c pkill -9 14Fa || busybox pkill -9 14Fa]

/usr/bin/pkill

[pkill -9 14Fa]

/bin/busybox

[busybox pkill -9 14Fa]

/bin/sh

[sh -c pkill -9 SEXSLAVE1337 || busybox pkill -9 SEXSLAVE1337]

/usr/bin/pkill

[pkill -9 SEXSLAVE1337]

/bin/busybox

[busybox pkill -9 SEXSLAVE1337]

/bin/sh

[sh -c pkill -9 ggtt || busybox pkill -9 ggtt]

/usr/bin/pkill

[pkill -9 ggtt]

/bin/busybox

[busybox pkill -9 ggtt]

/bin/sh

[sh -c pkill -9 1902a3u912u3u4 || busybox pkill -9 1902a3u912u3u4]

/usr/bin/pkill

[pkill -9 1902a3u912u3u4]

/bin/busybox

[busybox pkill -9 1902a3u912u3u4]

/bin/sh

[sh -c pkill -9 SO190Ij1X || busybox pkill -9 SO190Ij1X]

/usr/bin/pkill

[pkill -9 SO190Ij1X]

/bin/busybox

[busybox pkill -9 SO190Ij1X]

/bin/sh

[sh -c pkill -9 haetrghbr || busybox pkill -9 haetrghbr]

/usr/bin/pkill

[pkill -9 haetrghbr]

/bin/busybox

[busybox pkill -9 haetrghbr]

/bin/sh

[sh -c pkill -9 19ju3d || busybox pkill -9 19ju3d]

/usr/bin/pkill

[pkill -9 19ju3d]

/bin/busybox

[busybox pkill -9 19ju3d]

/bin/sh

[sh -c pkill -9 SORAojkf120 || busybox pkill -9 SORAojkf120]

/usr/bin/pkill

[pkill -9 SORAojkf120]

/bin/busybox

[busybox pkill -9 SORAojkf120]

/bin/sh

[sh -c pkill -9 hehahejeje92 || busybox pkill -9 hehahejeje92]

/usr/bin/pkill

[pkill -9 hehahejeje92]

/bin/busybox

[busybox pkill -9 hehahejeje92]

/bin/sh

[sh -c pkill -9 2U2JDJA901F91 || busybox pkill -9 2U2JDJA901F91]

/usr/bin/pkill

[pkill -9 2U2JDJA901F91]

/bin/busybox

[busybox pkill -9 2U2JDJA901F91]

/bin/sh

[sh -c pkill -9 SlaVLav12 || busybox pkill -9 SlaVLav12]

/usr/bin/pkill

[pkill -9 SlaVLav12]

/bin/busybox

[busybox pkill -9 SlaVLav12]

/bin/sh

[sh -c pkill -9 helpmedaddthhhhh || busybox pkill -9 helpmedaddthhhhh]

/usr/bin/pkill

[pkill -9 helpmedaddthhhhh]

/bin/busybox

[busybox pkill -9 helpmedaddthhhhh]

/bin/sh

[sh -c pkill -9 2wgg9qphbq || busybox pkill -9 2wgg9qphbq]

/usr/bin/pkill

[pkill -9 2wgg9qphbq]

/bin/busybox

[busybox pkill -9 2wgg9qphbq]

/bin/sh

[sh -c pkill -9 Slav3Th3seD3vices || busybox pkill -9 Slav3Th3seD3vices]

/usr/bin/pkill

[pkill -9 Slav3Th3seD3vices]

/bin/busybox

[busybox pkill -9 Slav3Th3seD3vices]

/bin/sh

[sh -c pkill -9 hzSmYZjYMQ || busybox pkill -9 hzSmYZjYMQ]

/usr/bin/pkill

[pkill -9 hzSmYZjYMQ]

/bin/busybox

[busybox pkill -9 hzSmYZjYMQ]

/bin/sh

[sh -c pkill -9 5Gbf || busybox pkill -9 5Gbf]

/usr/bin/pkill

[pkill -9 5Gbf]

/bin/busybox

[busybox pkill -9 5Gbf]

/bin/sh

[sh -c pkill -9 SoRAxD123LOL || busybox pkill -9 SoRAxD123LOL]

/usr/bin/pkill

[pkill -9 SoRAxD123LOL]

/bin/busybox

[busybox pkill -9 SoRAxD123LOL]

/bin/sh

[sh -c pkill -9 iaGv || busybox pkill -9 iaGv]

/usr/bin/pkill

[pkill -9 iaGv]

/bin/busybox

[busybox pkill -9 iaGv]

/bin/sh

[sh -c pkill -9 5aA3 || busybox pkill -9 5aA3]

/usr/bin/pkill

[pkill -9 5aA3]

/bin/busybox

[busybox pkill -9 5aA3]

/bin/sh

[sh -c pkill -9 SoRAxD420LOL || busybox pkill -9 SoRAxD420LOL]

/usr/bin/pkill

[pkill -9 SoRAxD420LOL]

/bin/busybox

[busybox pkill -9 SoRAxD420LOL]

/bin/sh

[sh -c pkill -9 insomni || busybox pkill -9 insomni]

/usr/bin/pkill

[pkill -9 insomni]

/bin/busybox

[busybox pkill -9 insomni]

/bin/sh

[sh -c pkill -9 640277 || busybox pkill -9 640277]

/usr/bin/pkill

[pkill -9 640277]

/bin/busybox

[busybox pkill -9 640277]

/bin/sh

[sh -c pkill -9 SoraBeReppin1337 || busybox pkill -9 SoraBeReppin1337]

/usr/bin/pkill

[pkill -9 SoraBeReppin1337]

/bin/busybox

[busybox pkill -9 SoraBeReppin1337]

/bin/sh

[sh -c pkill -9 ipcamCache || busybox pkill -9 ipcamCache]

/usr/bin/pkill

[pkill -9 ipcamCache]

/bin/busybox

[busybox pkill -9 ipcamCache]

/bin/sh

[sh -c pkill -9 66tlGg9Q || busybox pkill -9 66tlGg9Q]

/usr/bin/pkill

[pkill -9 66tlGg9Q]

/bin/busybox

[busybox pkill -9 66tlGg9Q]

/bin/sh

[sh -c pkill -9 T || busybox pkill -9 T]

/usr/bin/pkill

[pkill -9 T]

/bin/busybox

[busybox pkill -9 T]

/bin/sh

[sh -c pkill -9 jUYfouyf87 || busybox pkill -9 jUYfouyf87]

/usr/bin/pkill

[pkill -9 jUYfouyf87]

/bin/busybox

[busybox pkill -9 jUYfouyf87]

/bin/sh

[sh -c pkill -9 6ke3 || busybox pkill -9 6ke3]

/usr/bin/pkill

[pkill -9 6ke3]

/bin/busybox

[busybox pkill -9 6ke3]

/bin/sh

[sh -c pkill -9 TOKYO3 || busybox pkill -9 TOKYO3]

/usr/bin/pkill

[pkill -9 TOKYO3]

/bin/busybox

[busybox pkill -9 TOKYO3]

/bin/sh

[sh -c pkill -9 lyEeaXul2dULCVxh || busybox pkill -9 lyEeaXul2dULCVxh]

/usr/bin/pkill

[pkill -9 lyEeaXul2dULCVxh]

/bin/busybox

[busybox pkill -9 lyEeaXul2dULCVxh]

/bin/sh

[sh -c pkill -9 93OfjHZ2z || busybox pkill -9 93OfjHZ2z]

/usr/bin/pkill

[pkill -9 93OfjHZ2z]

/bin/busybox

[busybox pkill -9 93OfjHZ2z]

/bin/sh

[sh -c pkill -9 TY2gD6MZvKc7KU6r || busybox pkill -9 TY2gD6MZvKc7KU6r]

/usr/bin/pkill

[pkill -9 TY2gD6MZvKc7KU6r]

/bin/busybox

[busybox pkill -9 TY2gD6MZvKc7KU6r]

/bin/sh

[sh -c pkill -9 mMkiy6f87l || busybox pkill -9 mMkiy6f87l]

/usr/bin/pkill

[pkill -9 mMkiy6f87l]

/bin/busybox

[busybox pkill -9 mMkiy6f87l]

/bin/sh

[sh -c pkill -9 A023UU4U24UIU || busybox pkill -9 A023UU4U24UIU]

/usr/bin/pkill

[pkill -9 A023UU4U24UIU]

/bin/busybox

[busybox pkill -9 A023UU4U24UIU]

/bin/sh

[sh -c pkill -9 TheWeeknd || busybox pkill -9 TheWeeknd]

/usr/bin/pkill

[pkill -9 TheWeeknd]

/bin/busybox

[busybox pkill -9 TheWeeknd]

/bin/sh

[sh -c pkill -9 mioribitches || busybox pkill -9 mioribitches]

/usr/bin/pkill

[pkill -9 mioribitches]

/bin/busybox

[busybox pkill -9 mioribitches]

/bin/sh

[sh -c pkill -9 A5p9 || busybox pkill -9 A5p9]

/usr/bin/pkill

[pkill -9 A5p9]

/bin/busybox

[busybox pkill -9 A5p9]

/bin/sh

[sh -c pkill -9 TheWeeknds || busybox pkill -9 TheWeeknds]

/usr/bin/pkill

[pkill -9 TheWeeknds]

/bin/busybox

[busybox pkill -9 TheWeeknds]

/bin/sh

[sh -c pkill -9 mnblkjpoi || busybox pkill -9 mnblkjpoi]

/usr/bin/pkill

[pkill -9 mnblkjpoi]

/bin/busybox

[busybox pkill -9 mnblkjpoi]

/bin/sh

[sh -c pkill -9 AbAd || busybox pkill -9 AbAd]

/usr/bin/pkill

[pkill -9 AbAd]

/bin/busybox

[busybox pkill -9 AbAd]

/bin/sh

[sh -c pkill -9 Tokyos || busybox pkill -9 Tokyos]

/usr/bin/pkill

[pkill -9 Tokyos]

/bin/busybox

[busybox pkill -9 Tokyos]

/bin/sh

[sh -c pkill -9 neb || busybox pkill -9 neb]

/usr/bin/pkill

[pkill -9 neb]

/bin/busybox

[busybox pkill -9 neb]

/bin/sh

[sh -c pkill -9 Akiru || busybox pkill -9 Akiru]

/usr/bin/pkill

[pkill -9 Akiru]

/bin/busybox

[busybox pkill -9 Akiru]

/bin/sh

[sh -c pkill -9 U8inTz || busybox pkill -9 U8inTz]

/usr/bin/pkill

[pkill -9 U8inTz]

/bin/busybox

[busybox pkill -9 U8inTz]

/bin/sh

[sh -c pkill -9 netstats || busybox pkill -9 netstats]

/usr/bin/pkill

[pkill -9 netstats]

/bin/busybox

[busybox pkill -9 netstats]

/bin/sh

[sh -c pkill -9 Alex || busybox pkill -9 Alex]

/usr/bin/pkill

[pkill -9 Alex]

/bin/busybox

[busybox pkill -9 Alex]

/bin/sh

[sh -c pkill -9 W9RCAKM20T || busybox pkill -9 W9RCAKM20T]

/usr/bin/pkill

[pkill -9 W9RCAKM20T]

/bin/busybox

[busybox pkill -9 W9RCAKM20T]

/bin/sh

[sh -c pkill -9 newnetword || busybox pkill -9 newnetword]

/usr/bin/pkill

[pkill -9 newnetword]

/bin/busybox

[busybox pkill -9 newnetword]

/bin/sh

[sh -c pkill -9 Ayo215 || busybox pkill -9 Ayo215]

/usr/bin/pkill

[pkill -9 Ayo215]

/bin/busybox

[busybox pkill -9 Ayo215]

/bin/sh

[sh -c pkill -9 Word || busybox pkill -9 Word]

/usr/bin/pkill

[pkill -9 Word]

/bin/busybox

[busybox pkill -9 Word]

/bin/sh

[sh -c pkill -9 nloads || busybox pkill -9 nloads]

/usr/bin/pkill

[pkill -9 nloads]

/bin/busybox

[busybox pkill -9 nloads]

/bin/sh

[sh -c pkill -9 BAdAsV || busybox pkill -9 BAdAsV]

/usr/bin/pkill

[pkill -9 BAdAsV]

/bin/busybox

[busybox pkill -9 BAdAsV]

/bin/sh

[sh -c pkill -9 Wordmane || busybox pkill -9 Wordmane]

/usr/bin/pkill

[pkill -9 Wordmane]

/bin/busybox

[busybox pkill -9 Wordmane]

/bin/sh

[sh -c pkill -9 notyakuzaa || busybox pkill -9 notyakuzaa]

/usr/bin/pkill

[pkill -9 notyakuzaa]

/bin/busybox

[busybox pkill -9 notyakuzaa]

/bin/sh

[sh -c pkill -9 Belch || busybox pkill -9 Belch]

/usr/bin/pkill

[pkill -9 Belch]

/bin/busybox

[busybox pkill -9 Belch]

/bin/sh

[sh -c pkill -9 Wordnets || busybox pkill -9 Wordnets]

/usr/bin/pkill

[pkill -9 Wordnets]

/bin/busybox

[busybox pkill -9 Wordnets]

/bin/sh

[sh -c pkill -9 obp || busybox pkill -9 obp]

/usr/bin/pkill

[pkill -9 obp]

/bin/busybox

[busybox pkill -9 obp]

/bin/sh

[sh -c pkill -9 BigN0gg0r420 || busybox pkill -9 BigN0gg0r420]

/usr/bin/pkill

[pkill -9 BigN0gg0r420]

Network

Country Destination Domain Proto
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp
RU 188.120.233.182:6667 tcp

Files

N/A