Analysis Overview
SHA256
668e2cdc076b620be68a4d5aa2ed14d2fa9b48b556f0e8f69548d8a972436155
Threat Level: Known bad
The file 668e2cdc076b620be68a4d5aa2ed14d2fa9b48b556f0e8f69548d8a972436155.elf was found to be: Known bad.
Malicious Activity Summary
Kaiji family
Kaiji
Modifies Watchdog functionality
Executes dropped EXE
Enumerates running processes
Creates/modifies Cron job
Creates/modifies environment variables
Modifies init.d
Write file to user bin folder
Modifies Bash startup script
Reads runtime system information
Enumerates kernel/hardware configuration
Command and Scripting Interpreter: Unix Shell
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-11-03 02:55
Signatures
Kaiji
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Kaiji family
Analysis: behavioral1
Detonation Overview
Submitted
2024-11-03 02:55
Reported
2024-11-03 02:58
Platform
debian9-armhf-20240729-en
Max time kernel
149s
Max time network
151s
Command Line
Signatures
Kaiji
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Kaiji family
Executes dropped EXE
| Description | Indicator | Process | Target |
| N/A | /etc/32676 | /etc/32676 | N/A |
| N/A | /etc/opt.services.cfg | /etc/opt.services.cfg | N/A |
| N/A | /etc/opt.services.cfg | /etc/opt.services.cfg | N/A |
| N/A | /etc/opt.services.cfg | /etc/opt.services.cfg | N/A |
| N/A | /etc/opt.services.cfg | /etc/opt.services.cfg | N/A |
Modifies Watchdog functionality
| Description | Indicator | Process | Target |
| File opened for modification | /dev/watchdog | /tmp/668e2cdc076b620be68a4d5aa2ed14d2fa9b48b556f0e8f69548d8a972436155.elf | N/A |
| File opened for modification | /dev/misc/watchdog | /tmp/668e2cdc076b620be68a4d5aa2ed14d2fa9b48b556f0e8f69548d8a972436155.elf | N/A |
Creates/modifies Cron job
| Description | Indicator | Process | Target |
| File opened for modification | /etc/crontab | /bin/sh | N/A |
Creates/modifies environment variables
| Description | Indicator | Process | Target |
| File opened for modification | /etc/profile.d/bash_cfg | /tmp/668e2cdc076b620be68a4d5aa2ed14d2fa9b48b556f0e8f69548d8a972436155.elf | N/A |
| File opened for modification | /etc/profile.d/bash_cfg.sh | /tmp/668e2cdc076b620be68a4d5aa2ed14d2fa9b48b556f0e8f69548d8a972436155.elf | N/A |
| File opened for modification | /etc/profile.d/gateway.sh | /tmp/668e2cdc076b620be68a4d5aa2ed14d2fa9b48b556f0e8f69548d8a972436155.elf | N/A |
Enumerates running processes
Modifies init.d
Write file to user bin folder
| Description | Indicator | Process | Target |
| File opened for modification | /usr/bin/include/find | /tmp/668e2cdc076b620be68a4d5aa2ed14d2fa9b48b556f0e8f69548d8a972436155.elf | N/A |
| File opened for modification | /usr/bin/find | /tmp/668e2cdc076b620be68a4d5aa2ed14d2fa9b48b556f0e8f69548d8a972436155.elf | N/A |
Modifies Bash startup script
| Description | Indicator | Process | Target |
| File opened for modification | /etc/profile.d/bash_cfg.sh | /tmp/668e2cdc076b620be68a4d5aa2ed14d2fa9b48b556f0e8f69548d8a972436155.elf | N/A |
| File opened for modification | /etc/profile.d/gateway.sh | /tmp/668e2cdc076b620be68a4d5aa2ed14d2fa9b48b556f0e8f69548d8a972436155.elf | N/A |
| File opened for modification | /etc/profile.d/bash_cfg | /tmp/668e2cdc076b620be68a4d5aa2ed14d2fa9b48b556f0e8f69548d8a972436155.elf | N/A |
Command and Scripting Interpreter: Unix Shell
| Description | Indicator | Process | Target |
| N/A | N/A | /bin/sh | N/A |
| N/A | N/A | /bin/sh | N/A |
Enumerates kernel/hardware configuration
| Description | Indicator | Process | Target |
| File opened for reading | /sys/fs/kdbus/0-system/bus | /bin/systemctl | N/A |
| File opened for reading | /sys/fs/kdbus/0-system/bus | /bin/systemctl | N/A |
| File opened for reading | /sys/fs/kdbus/0-system/bus | /bin/systemctl | N/A |
| File opened for reading | /sys/kernel/mm/transparent_hugepage/hpage_pmd_size | /tmp/668e2cdc076b620be68a4d5aa2ed14d2fa9b48b556f0e8f69548d8a972436155.elf | N/A |
| File opened for reading | /sys/kernel/mm/transparent_hugepage/hpage_pmd_size | /tmp/668e2cdc076b620be68a4d5aa2ed14d2fa9b48b556f0e8f69548d8a972436155.elf | N/A |
| File opened for reading | /sys/fs/kdbus/0-system/bus | /bin/systemctl | N/A |
| File opened for reading | /sys/fs/kdbus/0-system/bus | /bin/systemctl | N/A |
| File opened for reading | /sys/fs/kdbus/0-system/bus | /bin/systemctl | N/A |
| File opened for reading | /sys/fs/kdbus/0-system/bus | /bin/systemctl | N/A |
| File opened for reading | /sys/kernel/mm/transparent_hugepage/hpage_pmd_size | /etc/opt.services.cfg | N/A |
| File opened for reading | /sys/kernel/mm/transparent_hugepage/hpage_pmd_size | /etc/opt.services.cfg | N/A |
| File opened for reading | /sys/kernel/mm/transparent_hugepage/hpage_pmd_size | /etc/opt.services.cfg | N/A |
| File opened for reading | /sys/kernel/mm/transparent_hugepage/hpage_pmd_size | /etc/opt.services.cfg | N/A |
Reads runtime system information
Processes
/tmp/668e2cdc076b620be68a4d5aa2ed14d2fa9b48b556f0e8f69548d8a972436155.elf
[/tmp/668e2cdc076b620be68a4d5aa2ed14d2fa9b48b556f0e8f69548d8a972436155.elf]
/tmp/668e2cdc076b620be68a4d5aa2ed14d2fa9b48b556f0e8f69548d8a972436155.elf
[/tmp/668e2cdc076b620be68a4d5aa2ed14d2fa9b48b556f0e8f69548d8a972436155.elf ]
/bin/sh
[/bin/sh -c /etc/32676&]
/etc/32676
[/etc/32676]
/usr/sbin/service
[service crond start]
/usr/bin/basename
[basename /usr/sbin/service]
/bin/sleep
[sleep 60]
/usr/bin/basename
[basename /usr/sbin/service]
/bin/systemctl
[systemctl --quiet is-active multi-user.target]
/bin/systemctl
[systemctl list-unit-files --full --type=socket]
/bin/sed
[sed -ne s/\.socket\s*[a-z]*\s*$/.socket/p]
/usr/local/sbin/systemctl
[systemctl --job-mode=ignore-dependencies start crond.service]
/usr/local/bin/systemctl
[systemctl --job-mode=ignore-dependencies start crond.service]
/usr/sbin/systemctl
[systemctl --job-mode=ignore-dependencies start crond.service]
/usr/bin/systemctl
[systemctl --job-mode=ignore-dependencies start crond.service]
/sbin/systemctl
[systemctl --job-mode=ignore-dependencies start crond.service]
/bin/systemctl
[systemctl --job-mode=ignore-dependencies start crond.service]
/bin/sh
[/bin/sh -c echo "*/1 * * * * root /.mod " >> /etc/crontab]
/usr/bin/renice
[renice -20 649]
/bin/mount
[mount -o bind /tmp/ /proc/649]
/usr/sbin/service
[service cron start]
/usr/bin/basename
[basename /usr/sbin/service]
/usr/bin/basename
[basename /usr/sbin/service]
/bin/systemctl
[systemctl --quiet is-active multi-user.target]
/bin/sed
[sed -ne s/\.socket\s*[a-z]*\s*$/.socket/p]
/bin/systemctl
[systemctl list-unit-files --full --type=socket]
/usr/local/sbin/systemctl
[systemctl --job-mode=ignore-dependencies start cron.service]
/usr/local/bin/systemctl
[systemctl --job-mode=ignore-dependencies start cron.service]
/usr/sbin/systemctl
[systemctl --job-mode=ignore-dependencies start cron.service]
/usr/bin/systemctl
[systemctl --job-mode=ignore-dependencies start cron.service]
/sbin/systemctl
[systemctl --job-mode=ignore-dependencies start cron.service]
/bin/systemctl
[systemctl --job-mode=ignore-dependencies start cron.service]
/bin/systemctl
[systemctl start crond.service]
/etc/opt.services.cfg
[/etc/opt.services.cfg]
/etc/opt.services.cfg
[/etc/opt.services.cfg ]
/bin/sleep
[sleep 60]
/etc/opt.services.cfg
[/etc/opt.services.cfg]
/etc/opt.services.cfg
[/etc/opt.services.cfg ]
/bin/sleep
[sleep 60]
Network
| Country | Destination | Domain | Proto |
| US | 1.1.1.1:53 | www.google.com | udp |
| US | 1.1.1.1:53 | www.google.com | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
| US | 1.1.1.1:53 | ss.us-tv.top | udp |
Files
/etc/.walk
| MD5 | e53a145554ba759de7a70cae1eff17a4 |
| SHA1 | 19cfb111943c612e0368f16e77e40767d2fc4e23 |
| SHA256 | 6eacc74d627f755c441d78c516405f124e8c025e9e145ba5c00df3249153805b |
| SHA512 | 5d64da46fd8c6364164906840334dec95f867bafe54373bb29f821fdf7979510522d75a6086871206c2ae5afc380ccff7068fe2185ce1f32254ea2984e6daec5 |
/etc/.walk
| MD5 | 8eb99ad87bc72d7f86d7cc31369e06ac |
| SHA1 | 7a02c8fa1a938fa47fc4abb20c5bad7db8eb3d11 |
| SHA256 | 162d763122b4e5140cb3a1d1e79cfd6a20c15a7f0f01507804850fc15b8673de |
| SHA512 | 825cb841fc495f20db960f0e5f50b2a5e19c6f89dfa6b1aca4a892dd691848b4c41888937be73660b77a03a72043330d6ee145f5800cd23dac89415e4725f3ad |
/etc/opt.services.cfg
| MD5 | 639af202eb3c903183b8ae3d8ba4951e |
| SHA1 | 78ad606c247165cb75c4e349d9be702517203224 |
| SHA256 | 668e2cdc076b620be68a4d5aa2ed14d2fa9b48b556f0e8f69548d8a972436155 |
| SHA512 | 1eb84b880900795da9bb834e88422c8a81bd83f7fb0dcdf090f8b178b21e486e0010126bd249c84cf2b2f6dcad3fc0597acad073b299512fba8f9f02ef0c4767 |
/etc/32676
| MD5 | 47684525bfdf26f49fd1cf742b17c015 |
| SHA1 | c4ab14ba22420ff9acadfc698a38d0cd99e9fbfa |
| SHA256 | b7ce294613dd2c237a4a50548bfcd5c14d166107f2d2e965499bc78695300d5b |
| SHA512 | 948f9c519ae9afe1c821c5d58da2e584e50356dabef597ccd408853a9038560b9fb1c5894900e2725b48977ffd49d18a439436bb4946e2164ac9fcf2a8637621 |
/.mod
| MD5 | f5a3713282e43c200f30342f5ff5e2ea |
| SHA1 | 2b2ce1a207e2b691a074c6f78f71c4785aae426a |
| SHA256 | 6ab64e727571458d4884fb2fe82c27c467db0699cb8f648b3f0217c35d2b7511 |
| SHA512 | 5bcb8cd360409147a486755f90e0cdd97183af02ce8de5135b7c6a8a010deb9ef12dcd5ee9a2a8fd2e159347f68e72d6b7fd75e943b4fcd928d7a74b97476013 |
/usr/bin/include/find
| MD5 | 138a27d6fe52fa1132760a4fa48922e0 |
| SHA1 | e0250e4d7bf33a5a1064344224148b889cb15138 |
| SHA256 | 81a10dad907b23521461bd3fc83c2cedb2218933a328d9a05e3c9f6a9a1d42aa |
| SHA512 | ee0078afad63fc2aaffdebb7127d1c7d4459287fee75358f57c82d397c39b7bf64338fb6996dfb1747cd9a896d714b3c76f0948727be91550f1affa1c0298a9e |
/etc/profile.d/gateway.sh
| MD5 | 148912f86cf0801839ce4fb80a7da3cb |
| SHA1 | aa495d59ccc2ad297316a35f917156cb79d48c65 |
| SHA256 | 4b9112e2c69d9b1ab31aae2255a42cefd38a500ca42b3627ae2a9ffa733e0276 |
| SHA512 | 44e101ef4163a3e973f8c0bbcf4bb8744a64b791d6e4b71d208ab3294be4510dc8905692fbb460296d363bcc5786ccf390c859f8ab3e5b29d227fc41a42d4c45 |