Analysis
-
max time kernel
0s -
platform
linux_amd64 -
resource
ubuntu1804-amd64-en-20211208 -
resource tags
-
submitted
22/12/2022, 00:19
General
-
Target
.rsync/a/init0
-
Size
9KB
-
MD5
019e23027bc3849142dd8625451ed5c0
-
SHA1
982c0318414c3fdf82e3726c4ef4e9021751bbd9
-
SHA256
0e8472f2005560c6f4db4e5aef39e5d35185b35c67f70a27c8b3dcb242eed25e
-
SHA512
89fd143e3060669df59feeb599cb5042bf8996983dd9073a53cf1d00d408ec9930e1ce29a1aa3aa1f1157a3a6dee1a0cc32f0791c92f75ed0f74c59f326cdc32
-
SSDEEP
96:97gXuXeR7P0YQH8h9GVQbxgeJwI222bznGWDKKFZ5W:97xeRb038hAGbxIz9/0
Score
9/10
Malware Config
Signatures
-
Writes file to system bin folder 1 TTPs 2 IoCs
-
Reads CPU attributes 1 TTPs 64 IoCs
-
Reads runtime system information 64 IoCs
Reads data from /proc virtual filesystem.
-
Writes file to tmp directory 41 IoCs
Malware often drops required files in the /tmp directory.
Processes
-
/tmp/.rsync/a/init0/tmp/.rsync/a/init01⤵
- Writes file to tmp directory
-
/bin/rmrm /tmp/.cron2⤵
- Writes file to tmp directory
-
-
/bin/rmrm "/tmp/Donald*"2⤵
- Writes file to tmp directory
-
-
/bin/rmrm "/tmp/Macron*"2⤵
- Writes file to tmp directory
-
-
/bin/rmrm /tmp/.main2⤵
- Writes file to tmp directory
-
-
/bin/rmrm "/tmp/.yam*" -rf2⤵
- Writes file to tmp directory
-
-
/bin/rmrm -f /tmp/irq2⤵
- Writes file to tmp directory
-
-
/bin/rmrm -f /tmp/irq.sh2⤵
- Writes file to tmp directory
-
-
/bin/rmrm -f /tmp/irqbalanc12⤵
- Writes file to tmp directory
-
-
/bin/rmrm -rf /boot/grub/deamon2⤵
-
-
/bin/rmrm -rf /boot/grub/disk_genius2⤵
-
-
/bin/rmrm -rf "/tmp/*httpd.conf"2⤵
- Writes file to tmp directory
-
-
/bin/rmrm -rf "/tmp/*httpd.conf*"2⤵
- Writes file to tmp directory
-
-
/bin/rmrm -rf "/tmp/*index_bak*"2⤵
- Writes file to tmp directory
-
-
/bin/rmrm -rf "/tmp/.systemd-private-*"2⤵
- Writes file to tmp directory
-
-
/bin/rmrm -rf "/tmp/.xm*"2⤵
- Writes file to tmp directory
-
-
/bin/rmrm -rf /tmp/a7b104c2702⤵
- Writes file to tmp directory
-
-
/bin/rmrm -rf /tmp/conn2⤵
- Writes file to tmp directory
-
-
/bin/rmrm -rf /tmp/conns2⤵
- Writes file to tmp directory
-
-
/bin/rmrm -rf /tmp/httpd.conf2⤵
- Writes file to tmp directory
-
-
/bin/rmrm -rf "/tmp/java*"2⤵
- Writes file to tmp directory
-
-
/bin/rmrm -rf /tmp/kworkerds /bin/kworkerds /bin/config.json /var/tmp/kworkerds /var/tmp/config.json /usr/local/lib/libjdk.so2⤵
- Writes file to system bin folder
- Writes file to tmp directory
-
-
/bin/rmrm -rf /tmp/qW3xT.2 /tmp/ddgs.3013 /tmp/ddgs.3012 /tmp/wnTKYg /tmp/2t3ik2⤵
- Writes file to tmp directory
-
-
/bin/rmrm -rf /tmp/root.sh /tmp/pools.txt /tmp/libapache /tmp/config.json /tmp/bashf /tmp/bashg /tmp/libapache2⤵
- Writes file to tmp directory
-
-
/bin/rmrm -rf "/tmp/xm*"2⤵
- Writes file to tmp directory
-
-
/bin/rmrm -rf "/var/tmp/java*"2⤵
-
-
/usr/bin/awkawk /34e2fg/2⤵
-
-
/usr/bin/awkawk "{print \$2}"2⤵
-
-
/bin/psps auxw2⤵
- Reads CPU attributes
- Reads runtime system information
-
-
/usr/bin/awkawk "!/awk/"2⤵
-
-
/usr/bin/xargsxargs kill -92⤵
-
/usr/local/sbin/killkill -93⤵
-
-
/usr/local/bin/killkill -93⤵
-
-
/usr/sbin/killkill -93⤵
-
-
/usr/bin/killkill -93⤵
-
-
/sbin/killkill -93⤵
-
-
/bin/killkill -93⤵
-
-
-
/usr/bin/killallkillall -9 chron-34e2fg2⤵
-
-
/bin/psps wx2⤵
- Reads CPU attributes
- Reads runtime system information
-
-
/usr/bin/awkawk "/34e|r\\/v3|moy5|defunct/"2⤵
-
-
/usr/bin/awkawk "{print \$1}"2⤵
-
-
/usr/bin/xargsxargs kill -92⤵
-
/usr/local/sbin/killkill -9 623 624 625 626 627 6313⤵
-
-
/usr/local/bin/killkill -9 623 624 625 626 627 6313⤵
-
-
/usr/sbin/killkill -9 623 624 625 626 627 6313⤵
-
-
/usr/bin/killkill -9 623 624 625 626 627 6313⤵
-
-
/sbin/killkill -9 623 624 625 626 627 6313⤵
-
-
/bin/killkill -9 623 624 625 626 627 6313⤵
-
-
-
/bin/psps axf -o "pid %cpu"2⤵
- Reads runtime system information
-
-
/usr/bin/awkawk "{if(\$2>=40.0) print \$1}"2⤵
-
-
/usr/bin/killallkillall .Historys2⤵
-
-
/usr/bin/killallkillall .sshd2⤵
-
-
/usr/bin/killallkillall neptune2⤵
-
-
/usr/bin/killallkillall xm642⤵
- Reads runtime system information
-
-
/usr/bin/killallkillall xm322⤵
- Reads runtime system information
-
-
/usr/bin/killallkillall ld-linux2⤵
-
-
/usr/bin/killallkillall xmrig2⤵
-
-
/usr/bin/killallkillall .xmrig2⤵
-
-
/usr/bin/killallkillall suppoieup2⤵
-
-
/usr/bin/killallkillall xrx2⤵
-
-
/usr/bin/pkillpkill -f sourplum2⤵
- Reads CPU attributes
- Reads runtime system information
-
-
/usr/bin/pkillpkill wnTKYg2⤵
- Reads CPU attributes
-
-
/bin/grepgrep -v grep2⤵
-
-
/bin/psps auxf2⤵
- Reads runtime system information
-
-
/bin/grepgrep mine.moneropool.com2⤵
-
-
/usr/bin/awkawk "{print \$2}"2⤵
-
-
/usr/bin/xargsxargs kill -92⤵
-
/usr/local/sbin/killkill -93⤵
-
-
/usr/local/bin/killkill -93⤵
-
-
/usr/sbin/killkill -93⤵
-
-
/usr/bin/killkill -93⤵
-
-
/sbin/killkill -93⤵
-
-
/bin/killkill -93⤵
-
-
-
/bin/grepgrep -v grep2⤵
-
-
/bin/psps auxf2⤵
-
-
/bin/grepgrep xmr.crypto-pool.fr:80802⤵
-
-
/usr/bin/awkawk "{print \$2}"2⤵
-
-
/usr/bin/xargsxargs kill -92⤵
-
/usr/local/sbin/killkill -93⤵
-
-
/usr/local/bin/killkill -93⤵
-
-
/usr/sbin/killkill -93⤵
-
-
/usr/bin/killkill -93⤵
-
-
/sbin/killkill -93⤵
-
-
/bin/killkill -93⤵
-
-
-
/bin/grepgrep -v grep2⤵
-
-
/bin/psps auxf2⤵
- Reads runtime system information
-
-
/bin/grepgrep xmr.crypto-pool.fr:80802⤵
-
-
/usr/bin/awkawk "{print \$2}"2⤵
-
-
/usr/bin/xargsxargs kill -92⤵
-
/usr/local/sbin/killkill -93⤵
-
-
/usr/local/bin/killkill -93⤵
-
-
/usr/sbin/killkill -93⤵
-
-
/usr/bin/killkill -93⤵
-
-
/sbin/killkill -93⤵
-
-
/bin/killkill -93⤵
-
-
-
/bin/grepgrep -v grep2⤵
-
-
/bin/psps auxf2⤵
- Reads CPU attributes
-
-
/usr/bin/awkawk "{print \$2}"2⤵
-
-
/bin/grepgrep 119.9.76.107:4432⤵
-
-
/usr/bin/xargsxargs kill -92⤵
-
/usr/local/sbin/killkill -93⤵
-
-
/usr/local/bin/killkill -93⤵
-
-
/usr/sbin/killkill -93⤵
-
-
/usr/bin/killkill -93⤵
-
-
/sbin/killkill -93⤵
-
-
/bin/killkill -93⤵
- Reads CPU attributes
-
-
-
/bin/psps auxf2⤵
-
-
/bin/grepgrep -v grep2⤵
-
-
/bin/grepgrep monerohash.com2⤵
-
-
/usr/bin/awkawk "{print \$2}"2⤵
-
-
/usr/bin/xargsxargs kill -92⤵
-
/usr/local/sbin/killkill -93⤵
-
-
/usr/local/bin/killkill -93⤵
-
-
/usr/sbin/killkill -93⤵
-
-
/usr/bin/killkill -93⤵
-
-
/sbin/killkill -93⤵
-
-
/bin/killkill -93⤵
-
-
-
/bin/grepgrep -v grep2⤵
-
-
/bin/psps auxf2⤵
- Reads CPU attributes
- Reads runtime system information
-
-
/bin/grepgrep /tmp/a7b104c2702⤵
-
-
/usr/bin/awkawk "{print \$2}"2⤵
-
-
/usr/bin/xargsxargs kill -92⤵
-
/usr/local/sbin/killkill -93⤵
-
-
/usr/local/bin/killkill -93⤵
-
-
/usr/sbin/killkill -93⤵
-
-
/usr/bin/killkill -93⤵
-
-
/sbin/killkill -93⤵
-
-
/bin/killkill -93⤵
-
-
-
/bin/grepgrep -v grep2⤵
-
-
/bin/psps auxf2⤵
-
-
/bin/grepgrep xmr.crypto-pool.fr:66662⤵
-
-
/usr/bin/awkawk "{print \$2}"2⤵
-
-
/usr/bin/xargsxargs kill -92⤵
-
/usr/local/sbin/killkill -93⤵
-
-
/usr/local/bin/killkill -93⤵
-
-
/usr/sbin/killkill -93⤵
-
-
/usr/bin/killkill -93⤵
-
-
/sbin/killkill -93⤵
-
-
/bin/killkill -93⤵
- Reads CPU attributes
-
-
-
/bin/psps auxf2⤵
- Reads runtime system information
-
-
/bin/grepgrep -v grep2⤵
-
-
/bin/grepgrep xmr.crypto-pool.fr:77772⤵
-
-
/usr/bin/awkawk "{print \$2}"2⤵
-
-
/usr/bin/xargsxargs kill -92⤵
-
/usr/local/sbin/killkill -93⤵
-
-
/usr/local/bin/killkill -93⤵
-
-
/usr/sbin/killkill -93⤵
-
-
/usr/bin/killkill -93⤵
-
-
/sbin/killkill -93⤵
-
-
/bin/killkill -93⤵
-
-
-
/bin/psps auxf2⤵
- Reads CPU attributes
-
-
/bin/grepgrep -v grep2⤵
-
-
/usr/bin/awkawk "{print \$2}"2⤵
-
-
/bin/grepgrep xmr.crypto-pool.fr:4432⤵
-
-
/usr/bin/xargsxargs kill -92⤵
-
/usr/local/sbin/killkill -93⤵
-
-
/usr/local/bin/killkill -93⤵
-
-
/usr/sbin/killkill -93⤵
-
-
/usr/bin/killkill -93⤵
-
-
/sbin/killkill -93⤵
-
-
/bin/killkill -93⤵
-
-
-
/bin/psps auxf2⤵
- Reads CPU attributes
-
-
/bin/grepgrep -v grep2⤵
-
-
/bin/grepgrep stratum.f2pool.com:88882⤵
-
-
/usr/bin/awkawk "{print \$2}"2⤵
-
-
/usr/bin/xargsxargs kill -92⤵
-
/usr/local/sbin/killkill -93⤵
-
-
/usr/local/bin/killkill -93⤵
-
-
/usr/sbin/killkill -93⤵
-
-
/usr/bin/killkill -93⤵
-
-
/sbin/killkill -93⤵
-
-
/bin/killkill -93⤵
- Reads CPU attributes
-
-
-
/bin/grepgrep -v grep2⤵
-
-
/bin/grepgrep xmrpool.eu2⤵
-
-
/bin/psps auxf2⤵
- Reads CPU attributes
-
-
/usr/bin/awkawk "{print \$2}"2⤵
-
-
/usr/bin/xargsxargs kill -92⤵
-
/usr/local/sbin/killkill -93⤵
-
-
/usr/local/bin/killkill -93⤵
-
-
/usr/sbin/killkill -93⤵
-
-
/usr/bin/killkill -93⤵
-
-
/sbin/killkill -93⤵
-
-
/bin/killkill -93⤵
-
-
-
/bin/grepgrep -v grep2⤵
-
-
/bin/psps auxf2⤵
- Reads CPU attributes
- Reads runtime system information
-
-
/usr/bin/awkawk "{print \$2}"2⤵
-
-
/bin/grepgrep xmrig2⤵
-
-
/usr/bin/xargsxargs kill -92⤵
-
/usr/local/sbin/killkill -93⤵
-
-
/usr/local/bin/killkill -93⤵
-
-
/usr/sbin/killkill -93⤵
-
-
/usr/bin/killkill -93⤵
-
-
/sbin/killkill -93⤵
-
-
/bin/killkill -93⤵
-
-
-
/bin/grepgrep -v grep2⤵
-
-
/bin/psps auxf2⤵
- Reads CPU attributes
- Reads runtime system information
-
-
/usr/bin/awkawk "{print \$2}"2⤵
-
-
/bin/grepgrep xmrigDaemon2⤵
-
-
/usr/bin/xargsxargs kill -92⤵
-
/usr/local/sbin/killkill -93⤵
-
-
/usr/local/bin/killkill -93⤵
-
-
/usr/sbin/killkill -93⤵
-
-
/usr/bin/killkill -93⤵
-
-
/sbin/killkill -93⤵
-
-
/bin/killkill -93⤵
-
-
-
/bin/grepgrep -v grep2⤵
-
-
/bin/psps auxf2⤵
-
-
/bin/grepgrep xmrigMiner2⤵
-
-
/usr/bin/awkawk "{print \$2}"2⤵
-
-
/usr/bin/xargsxargs kill -92⤵
-
/usr/local/sbin/killkill -93⤵
-
-
/usr/local/bin/killkill -93⤵
-
-
/usr/sbin/killkill -93⤵
-
-
/usr/bin/killkill -93⤵
-
-
/sbin/killkill -93⤵
-
-
/bin/killkill -93⤵
- Reads CPU attributes
-
-
-
/bin/grepgrep -v grep2⤵
-
-
/bin/psps auxf2⤵
- Reads CPU attributes
-
-
/bin/grepgrep /var/tmp/java2⤵
-
-
/usr/bin/awkawk "{print \$2}"2⤵
-
-
/usr/bin/xargsxargs kill -92⤵
-
/usr/local/sbin/killkill -93⤵
-
-
/usr/local/bin/killkill -93⤵
-
-
/usr/sbin/killkill -93⤵
-
-
/usr/bin/killkill -93⤵
-
-
/sbin/killkill -93⤵
-
-
/bin/killkill -93⤵
- Reads CPU attributes
-
-
-
/bin/psps auxf2⤵
- Reads CPU attributes
-
-
/bin/grepgrep -v grep2⤵
-
-
/bin/grepgrep ddgs2⤵
-
-
/usr/bin/awkawk "{print \$2}"2⤵
-
-
/usr/bin/xargsxargs kill -92⤵
-
/usr/local/sbin/killkill -93⤵
-
-
/usr/local/bin/killkill -93⤵
-
-
/usr/sbin/killkill -93⤵
-
-
/usr/bin/killkill -93⤵
-
-
/sbin/killkill -93⤵
-
-
/bin/killkill -93⤵
-
-
-
/bin/psps auxf2⤵
- Reads CPU attributes
- Reads runtime system information
-
-
/bin/grepgrep -v grep2⤵
-
-
/bin/grepgrep qW3xT2⤵
-
-
/usr/bin/xargsxargs kill -92⤵
-
/usr/local/sbin/killkill -93⤵
-
-
/usr/local/bin/killkill -93⤵
-
-
/usr/sbin/killkill -93⤵
-
-
/usr/bin/killkill -93⤵
-
-
/sbin/killkill -93⤵
-
-
/bin/killkill -93⤵
-
-
-
/usr/bin/awkawk "{print \$2}"2⤵
-
-
/bin/grepgrep -v grep2⤵
-
-
/bin/psps auxf2⤵
- Reads runtime system information
-
-
/bin/grepgrep t00ls.ru2⤵
-
-
/usr/bin/awkawk "{print \$2}"2⤵
-
-
/usr/bin/xargsxargs kill -92⤵
-
/usr/local/sbin/killkill -93⤵
-
-
/usr/local/bin/killkill -93⤵
-
-
/usr/sbin/killkill -93⤵
-
-
/usr/bin/killkill -93⤵
-
-
/sbin/killkill -93⤵
-
-
/bin/killkill -93⤵
- Reads CPU attributes
-
-
-
/bin/grepgrep -v grep2⤵
-
-
/bin/psps auxf2⤵
-
-
/bin/grepgrep /var/tmp/sustes2⤵
-
-
/usr/bin/awkawk "{print \$2}"2⤵
-
-
/usr/bin/xargsxargs kill -92⤵
-
/usr/local/sbin/killkill -93⤵
-
-
/usr/local/bin/killkill -93⤵
-
-
/usr/sbin/killkill -93⤵
-
-
/usr/bin/killkill -93⤵
-
-
/sbin/killkill -93⤵
-
-
/bin/killkill -93⤵
-
-
-
/bin/grepgrep -v grep2⤵
-
-
/bin/psps auxf2⤵
-
-
/usr/bin/awkawk "{print \$2}"2⤵
-
-
/bin/grepgrep ld-linux2⤵
-
-
/usr/bin/xargsxargs kill -92⤵
-
/usr/local/sbin/killkill -93⤵
-
-
/usr/local/bin/killkill -93⤵
-
-
/usr/sbin/killkill -93⤵
-
-
/usr/bin/killkill -93⤵
-
-
/sbin/killkill -93⤵
-
-
/bin/killkill -93⤵
-
-
-
/bin/psps auxf2⤵
- Reads runtime system information
-
-
/bin/grepgrep xiaoyao2⤵
-
-
/usr/bin/awkawk "{print \$2}"2⤵
-
-
/usr/bin/xargsxargs kill -92⤵
-
/usr/local/sbin/killkill -9 7733⤵
-
-
/usr/local/bin/killkill -9 7733⤵
-
-
/usr/sbin/killkill -9 7733⤵
-
-
/usr/bin/killkill -9 7733⤵
-
-
/sbin/killkill -9 7733⤵
-
-
/bin/killkill -9 7733⤵
- Reads CPU attributes
-
-
-
/bin/grepgrep Donald2⤵
-
-
/bin/psps auxf2⤵
- Reads runtime system information
-
-
/usr/bin/awkawk "{print \$2}"2⤵
-
-
/usr/bin/xargsxargs kill -92⤵
-
/usr/local/sbin/killkill -9 7783⤵
-
-
/usr/local/bin/killkill -9 7783⤵
-
-
/usr/sbin/killkill -9 7783⤵
-
-
/usr/bin/killkill -9 7783⤵
-
-
/sbin/killkill -9 7783⤵
-
-
/bin/killkill -9 7783⤵
- Reads CPU attributes
-
-
-
/bin/grepgrep Macron2⤵
-
-
/bin/psps auxf2⤵
- Reads runtime system information
-
-
/usr/bin/awkawk "{print \$2}"2⤵
-
-
/usr/bin/xargsxargs kill -92⤵
-
/usr/local/sbin/killkill -9 7833⤵
-
-
/usr/local/bin/killkill -9 7833⤵
-
-
/usr/sbin/killkill -9 7833⤵
-
-
/usr/bin/killkill -9 7833⤵
-
-
/sbin/killkill -9 7833⤵
-
-
/bin/killkill -9 7833⤵
- Reads CPU attributes
-
-
-
/bin/grepgrep ld-linux2⤵
-
-
/bin/psps auxf2⤵
- Reads CPU attributes
-
-
/usr/bin/awkawk "{print \$2}"2⤵
-
-
/usr/bin/xargsxargs kill -92⤵
-
/usr/local/sbin/killkill -9 7883⤵
-
-
/usr/local/bin/killkill -9 7883⤵
-
-
/usr/sbin/killkill -9 7883⤵
-
-
/usr/bin/killkill -9 7883⤵
-
-
/sbin/killkill -9 7883⤵
-
-
/bin/killkill -9 7883⤵
-
-
-
/bin/grepgrep named2⤵
-
-
/bin/psps auxf2⤵
- Reads CPU attributes
-
-
/usr/bin/awkawk "{print \$2}"2⤵
-
-
/usr/bin/xargsxargs kill -92⤵
-
/usr/local/sbin/killkill -9 7933⤵
-
-
/usr/local/bin/killkill -9 7933⤵
-
-
/usr/sbin/killkill -9 7933⤵
-
-
/usr/bin/killkill -9 7933⤵
-
-
/sbin/killkill -9 7933⤵
-
-
/bin/killkill -9 7933⤵
- Reads CPU attributes
-
-
-
/bin/grepgrep kernelcfg2⤵
-
-
/bin/psps auxf2⤵
- Reads CPU attributes
-
-
/usr/bin/awkawk "{print \$2}"2⤵
-
-
/usr/bin/xargsxargs kill -92⤵
-
/usr/local/sbin/killkill -9 7983⤵
-
-
/usr/local/bin/killkill -9 7983⤵
-
-
/usr/sbin/killkill -9 7983⤵
-
-
/usr/bin/killkill -9 7983⤵
-
-
/sbin/killkill -9 7983⤵
-
-
/bin/killkill -9 7983⤵
- Reads CPU attributes
-
-
-
/bin/grepgrep xiaoxue2⤵
-
-
/bin/psps auxf2⤵
- Reads CPU attributes
-
-
/usr/bin/xargsxargs kill -92⤵
-
/usr/local/sbin/killkill -9 8033⤵
-
-
/usr/local/bin/killkill -9 8033⤵
-
-
/usr/sbin/killkill -9 8033⤵
-
-
/usr/bin/killkill -9 8033⤵
-
-
/sbin/killkill -9 8033⤵
-
-
/bin/killkill -9 8033⤵
-
-
-
/usr/bin/awkawk "{print \$2}"2⤵
-
-
/bin/grepgrep kernelupgrade2⤵
-
-
/bin/psps auxf2⤵
- Reads CPU attributes
-
-
/usr/bin/awkawk "{print \$2}"2⤵
-
-
/usr/bin/xargsxargs kill -92⤵
-
/usr/local/sbin/killkill -9 8083⤵
-
-
/usr/local/bin/killkill -9 8083⤵
-
-
/usr/sbin/killkill -9 8083⤵
-
-
/usr/bin/killkill -9 8083⤵
-
-
/sbin/killkill -9 8083⤵
-
-
/bin/killkill -9 8083⤵
- Reads CPU attributes
-
-
-
/bin/grepgrep kernelorg2⤵
-
-
/bin/psps auxf2⤵
- Reads runtime system information
-
-
/usr/bin/awkawk "{print \$2}"2⤵
-
-
/usr/bin/xargsxargs kill -92⤵
-
/usr/local/sbin/killkill -9 8133⤵
-
-
/usr/local/bin/killkill -9 8133⤵
-
-
/usr/sbin/killkill -9 8133⤵
-
-
/usr/bin/killkill -9 8133⤵
-
-
/sbin/killkill -9 8133⤵
-
-
/bin/killkill -9 8133⤵
-
-
-
/bin/grepgrep kernelupdates2⤵
-
-
/bin/psps auxf2⤵
- Reads CPU attributes
-
-
/usr/bin/xargsxargs kill -92⤵
-
/usr/local/sbin/killkill -9 8183⤵
-
-
/usr/local/bin/killkill -9 8183⤵
-
-
/usr/sbin/killkill -9 8183⤵
-
-
/usr/bin/killkill -9 8183⤵
-
-
/sbin/killkill -9 8183⤵
-
-
/bin/killkill -9 8183⤵
-
-
-
/usr/bin/awkawk "{print \$2}"2⤵
-
-
/bin/grepgrep var2⤵
-
-
/bin/psps ax2⤵
-
-
/bin/grepgrep lib2⤵
-
-
/bin/grepgrep jenkins2⤵
-
-
/bin/grepgrep -v httpPort2⤵
-
-
/bin/grepgrep -v headless2⤵
-
-
/bin/grepgrep "\\-c"2⤵
-
-
/usr/bin/xargsxargs kill -92⤵
-
/usr/local/sbin/killkill -93⤵
-
-
/usr/local/bin/killkill -93⤵
-
-
/usr/sbin/killkill -93⤵
-
-
/usr/bin/killkill -93⤵
-
-
/sbin/killkill -93⤵
-
-
/bin/killkill -93⤵
- Reads CPU attributes
-
-
-
/bin/psps ax2⤵
- Reads CPU attributes
- Reads runtime system information
-
-
/bin/grepgrep -o "./[0-9]* -c"2⤵
-
-
/usr/bin/xargsxargs pkill -f2⤵
-
/usr/local/sbin/pkillpkill -f3⤵
-
-
/usr/local/bin/pkillpkill -f3⤵
-
-
/usr/sbin/pkillpkill -f3⤵
-
-
/usr/bin/pkillpkill -f3⤵
-
-
-
/usr/bin/pkillpkill -f /usr/bin/.sshd2⤵
- Reads CPU attributes
-
-
/usr/bin/pkillpkill -f acpid2⤵
-
-
/usr/bin/pkillpkill -f Donald2⤵
- Reads CPU attributes
- Reads runtime system information
-
-
/usr/bin/pkillpkill -f Macron2⤵
-
-
/usr/bin/pkillpkill -f AnXqV.yam2⤵
-
-
/usr/bin/pkillpkill -f apaceha2⤵
- Reads runtime system information
-
-
/usr/bin/pkillpkill -f askdljlqw2⤵
- Reads runtime system information
-
-
/usr/bin/pkillpkill -f bashe2⤵
-
-
/usr/bin/pkillpkill -f bashf2⤵
-
-
/usr/bin/pkillpkill -f bashg2⤵
-
-
/usr/bin/pkillpkill -f bashh2⤵
- Reads runtime system information
-
-
/usr/bin/pkillpkill -f bashx2⤵
-
-
/usr/bin/pkillpkill -f BI5zj2⤵
- Reads CPU attributes
- Reads runtime system information
-
-
/usr/bin/pkillpkill -f biosetjenkins2⤵
- Reads CPU attributes
-
-
/usr/bin/pkillpkill -f bonn.sh2⤵
- Reads runtime system information
-
-
/usr/bin/pkillpkill -f bonns2⤵
- Reads CPU attributes
-
-
/usr/bin/pkillpkill -f conn.sh2⤵
- Reads CPU attributes
- Reads runtime system information
-
-
/usr/bin/pkillpkill -f conns2⤵
- Reads CPU attributes
-
-
/usr/bin/pkillpkill -f cryptonight2⤵
- Reads CPU attributes
-
-
/usr/bin/pkillpkill -f crypto-pool2⤵
-
-
/usr/bin/pkillpkill -f ddg.20112⤵
- Reads CPU attributes
-
-
/usr/bin/pkillpkill -f deamon2⤵
-
-
/usr/bin/pkillpkill -f disk_genius2⤵
- Reads CPU attributes
-
-
/usr/bin/pkillpkill -f donns2⤵
- Reads CPU attributes
- Reads runtime system information
-
-
/usr/bin/pkillpkill -f Duck.sh2⤵
- Reads runtime system information
-
-
/usr/bin/pkillpkill -f gddr2⤵
-
-
/usr/bin/pkillpkill -f Guard.sh2⤵
-
-
/usr/bin/pkillpkill -f i5862⤵
- Reads CPU attributes
-
-
/usr/bin/pkillpkill -f icb5o2⤵
- Reads CPU attributes
-
-
/usr/bin/pkillpkill -f ir29xc12⤵
- Reads runtime system information
-
-
/usr/bin/pkillpkill -f irqba2anc12⤵
- Reads CPU attributes
- Reads runtime system information
-
-
/usr/bin/pkillpkill -f irqba5xnc12⤵
- Reads runtime system information
-
-
/usr/bin/pkillpkill -f irqbalanc12⤵
- Reads CPU attributes
- Reads runtime system information
-
-
/usr/bin/pkillpkill -f irqbalance2⤵
-
-
/usr/bin/pkillpkill -f irqbnc12⤵
- Reads runtime system information
-
-
/usr/bin/pkillpkill -f JnKihGjn2⤵
- Reads CPU attributes
-
-
/usr/bin/pkillpkill -f jweri2⤵
- Reads runtime system information
-
-
/usr/bin/pkillpkill -f kw.sh2⤵
- Reads CPU attributes
- Reads runtime system information
-
-
/usr/bin/pkillpkill -f kworker342⤵
- Reads CPU attributes
-
-
/usr/bin/pkillpkill -f kxjd2⤵
-
-
/usr/bin/pkillpkill -f libapache2⤵
-
-
/usr/bin/pkillpkill -f Loopback2⤵
-
-
/usr/bin/pkillpkill -f lx262⤵
- Reads runtime system information
-
-
/usr/bin/pkillpkill -f mgwsl2⤵
-
-
/usr/bin/pkillpkill -f minerd2⤵
- Reads runtime system information
-
-
/usr/bin/pkillpkill -f minergate2⤵
-
-
/usr/bin/pkillpkill -f minexmr2⤵
-
-
/usr/bin/pkillpkill -f mixnerdx2⤵
- Reads CPU attributes
-
-
/usr/bin/pkillpkill -f mstxmr2⤵
-
-
/usr/bin/pkillpkill -f nanoWatch2⤵
- Reads CPU attributes
- Reads runtime system information
-
-
/usr/bin/pkillpkill -f nopxi2⤵
-
-
/usr/bin/pkillpkill -f NXLAi2⤵
- Reads CPU attributes
-
-
/usr/bin/pkillpkill -f performedl2⤵
- Reads runtime system information
-
-
/usr/bin/pkillpkill -f polkitd2⤵
-
-
/usr/bin/pkillpkill -f pro.sh2⤵
- Reads runtime system information
-
-
/usr/bin/pkillpkill -f pythno2⤵
- Reads runtime system information
-
-
/usr/bin/pkillpkill -f qW3xT.22⤵
-
-
/usr/bin/pkillpkill -f sourplum2⤵
-
-
/usr/bin/pkillpkill -f stratum2⤵
- Reads CPU attributes
-
-
/usr/bin/pkillpkill -f sustes2⤵
- Reads runtime system information
-
-
/usr/bin/pkillpkill -f wnTKYg2⤵
- Reads CPU attributes
-
-
/usr/bin/pkillpkill -f XbashY2⤵
- Reads runtime system information
-
-
/usr/bin/pkillpkill -f XJnRj2⤵
- Reads CPU attributes
-
-
/usr/bin/pkillpkill -f xmrig2⤵
-
-
/usr/bin/pkillpkill -f xmrigDaemon2⤵
- Reads runtime system information
-
-
/usr/bin/pkillpkill -f xmrigMiner2⤵
- Reads CPU attributes
- Reads runtime system information
-
-
/usr/bin/pkillpkill -f ysaydh2⤵
- Reads runtime system information
-
-
/usr/bin/pkillpkill -f zigw2⤵
-
-
/usr/bin/pkillpkill -f ld-linux2⤵
-
-
/usr/bin/pkillpkill -f xrx2⤵
- Reads CPU attributes
- Reads runtime system information
-
-
/bin/grepgrep crond2⤵
-
-
/bin/psps ax2⤵
-
-
/bin/grepgrep -v grep2⤵
-
-
/usr/bin/awkawk "{print \$1}"2⤵
-
-
/bin/rmrm /tmp/crondpid -f2⤵
- Writes file to tmp directory
-
-
/bin/grepgrep sshd2⤵
-
-
/bin/psps ax2⤵
-
-
/usr/bin/awkawk "{print \$1}"2⤵
-
-
/bin/grepgrep -v grep2⤵
-
-
/bin/rmrm -f /tmp/ssdpid2⤵
- Writes file to tmp directory
-
-
/bin/grepgrep syslogs2⤵
-
-
/bin/psps ax2⤵
- Reads runtime system information
-
-
/bin/grepgrep -v grep2⤵
-
-
/usr/bin/awkawk "{print \$1}"2⤵
-
-
/bin/rmrm /tmp/syslogspid -f2⤵
- Writes file to tmp directory
-
-
/bin/psps x2⤵
- Reads CPU attributes
- Reads runtime system information
-
-
/bin/grepgrep "b 22"2⤵
-
-
/usr/bin/awkawk "{print \$1,\$5}"2⤵
-
-
/bin/catcat .procs2⤵
-
-
/usr/bin/chattrchattr -iaR /var/tmp/.xrx2⤵
-
-
/bin/rmrm -rf /var/tmp/.xrx2⤵
-
-
/bin/grepgrep "d 22"2⤵
-
-
/bin/psps x2⤵
- Reads CPU attributes
- Reads runtime system information
-
-
/usr/bin/awkawk "{print \$1,\$5}"2⤵
-
-
/bin/catcat .procs2⤵
-
-
/bin/grepgrep 69.28.55.86:4432⤵
-
-
/usr/bin/awkawk "-F[/]" "{print \$1}"2⤵
-
-
/usr/bin/awkawk "{print \$7}"2⤵
-
-
/usr/bin/xargsxargs kill -92⤵
-
/usr/local/sbin/killkill -93⤵
-
-
/usr/local/bin/killkill -93⤵
-
-
/usr/sbin/killkill -93⤵
-
-
/usr/bin/killkill -93⤵
-
-
/sbin/killkill -93⤵
-
-
/bin/killkill -93⤵
-
-
-
/bin/grepgrep 185.71.65.2382⤵
-
-
/usr/bin/awkawk "{print \$7}"2⤵
-
-
/usr/bin/awkawk "-F[/]" "{print \$1}"2⤵
-
-
/usr/bin/xargsxargs kill -92⤵
-
/usr/local/sbin/killkill -93⤵
-
-
/usr/local/bin/killkill -93⤵
-
-
/usr/sbin/killkill -93⤵
-
-
/usr/bin/killkill -93⤵
-
-
/sbin/killkill -93⤵
-
-
/bin/killkill -93⤵
- Reads CPU attributes
-
-
-
/bin/grepgrep 140.82.52.872⤵
-
-
/usr/bin/awkawk "{print \$7}"2⤵
-
-
/usr/bin/awkawk "-F[/]" "{print \$1}"2⤵
-
-
/usr/bin/xargsxargs kill -92⤵
-
/usr/local/sbin/killkill -93⤵
-
-
/usr/local/bin/killkill -93⤵
-
-
/usr/sbin/killkill -93⤵
-
-
/usr/bin/killkill -93⤵
-
-
/sbin/killkill -93⤵
-
-
/bin/killkill -93⤵
-
-
-
/bin/grepgrep 119.9.76.1072⤵
-
-
/usr/bin/awkawk "{print \$7}"2⤵
-
-
/usr/bin/awkawk "-F[/]" "{print \$1}"2⤵
-
-
/usr/bin/xargsxargs kill -92⤵
-
/usr/local/sbin/killkill -93⤵
-
-
/usr/local/bin/killkill -93⤵
-
-
/usr/sbin/killkill -93⤵
-
-
/usr/bin/killkill -93⤵
-
-
/sbin/killkill -93⤵
-
-
/bin/killkill -93⤵
-
-
-
/bin/grepgrep :1432⤵
-
-
/usr/bin/awkawk "{print \$7}"2⤵
-
-
/usr/bin/awkawk "-F[/]" "{print \$1}"2⤵
-
-
/usr/bin/xargsxargs kill -92⤵
-
/usr/local/sbin/killkill -93⤵
-
-
/usr/local/bin/killkill -93⤵
-
-
/usr/sbin/killkill -93⤵
-
-
/usr/bin/killkill -93⤵
-
-
/sbin/killkill -93⤵
-
-
/bin/killkill -93⤵
-
-
-
/bin/grepgrep :22222⤵
-
-
/usr/bin/awkawk "-F[/]" "{print \$1}"2⤵
-
-
/usr/bin/awkawk "{print \$7}"2⤵
-
-
/usr/bin/xargsxargs kill -92⤵
-
/usr/local/sbin/killkill -93⤵
-
-
/usr/local/bin/killkill -93⤵
-
-
/usr/sbin/killkill -93⤵
-
-
/usr/bin/killkill -93⤵
-
-
/sbin/killkill -93⤵
-
-
/bin/killkill -93⤵
-
-
-
/bin/grepgrep :33332⤵
-
-
/usr/bin/awkawk "{print \$7}"2⤵
-
-
/usr/bin/awkawk "-F[/]" "{print \$1}"2⤵
-
-
/usr/bin/xargsxargs kill -92⤵
-
/usr/local/sbin/killkill -93⤵
-
-
/usr/local/bin/killkill -93⤵
-
-
/usr/sbin/killkill -93⤵
-
-
/usr/bin/killkill -93⤵
-
-
/sbin/killkill -93⤵
-
-
/bin/killkill -93⤵
- Reads CPU attributes
-
-
-
/bin/grepgrep :33892⤵
-
-
/usr/bin/awkawk "-F[/]" "{print \$1}"2⤵
-
-
/usr/bin/awkawk "{print \$7}"2⤵
-
-
/usr/bin/xargsxargs kill -92⤵
-
/usr/local/sbin/killkill -93⤵
-
-
/usr/local/bin/killkill -93⤵
-
-
/usr/sbin/killkill -93⤵
-
-
/usr/bin/killkill -93⤵
-
-
/sbin/killkill -93⤵
-
-
/bin/killkill -93⤵
-
-
-
/bin/grepgrep :44442⤵
-
-
/usr/bin/awkawk "{print \$7}"2⤵
-
-
/usr/bin/awkawk "-F[/]" "{print \$1}"2⤵
-
-
/usr/bin/xargsxargs kill -92⤵
-
/usr/local/sbin/killkill -93⤵
-
-
/usr/local/bin/killkill -93⤵
-
-
/usr/sbin/killkill -93⤵
-
-
/usr/bin/killkill -93⤵
-
-
/sbin/killkill -93⤵
-
-
/bin/killkill -93⤵
-
-
-
/bin/grepgrep :55552⤵
-
-
/usr/bin/awkawk "-F[/]" "{print \$1}"2⤵
-
-
/usr/bin/awkawk "{print \$7}"2⤵
-
-
/usr/bin/xargsxargs kill -92⤵
-
/usr/local/sbin/killkill -93⤵
-
-
/usr/local/bin/killkill -93⤵
-
-
/usr/sbin/killkill -93⤵
-
-
/usr/bin/killkill -93⤵
-
-
/sbin/killkill -93⤵
-
-
/bin/killkill -93⤵
-
-
-
/bin/sedsed -e "s/\\.[0-9]*//g"1⤵
-
/bin/psps -p 382 -o "%cpu"1⤵
- Reads runtime system information
-
/bin/grepgrep -v "%CPU"1⤵
-
/usr/bin/awkawk "{print \$1;}"1⤵
-
/usr/bin/awkawk "{print \$2;}"1⤵
-
/usr/bin/wcwc -c1⤵
-
/usr/bin/awkawk "{print \$1;}"1⤵
-
/usr/bin/awkawk "{print \$2;}"1⤵
-
/usr/bin/wcwc -c1⤵