Malware Analysis Report

2024-12-07 13:16

Sample ID 241106-w1gb6swbmn
Target selfrep.i686.elf
SHA256 52b569ac51612f6be2d60c2658bf59c4789d654bf98d72c88ea4184df67ec9d1
Tags
upx discovery rootkit
score
7/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
7/10

SHA256

52b569ac51612f6be2d60c2658bf59c4789d654bf98d72c88ea4184df67ec9d1

Threat Level: Shows suspicious behavior

The file selfrep.i686.elf was found to be: Shows suspicious behavior.

Malicious Activity Summary

upx discovery rootkit

Loads a kernel module

Enumerates running processes

UPX packed file

Reads CPU attributes

Enumerates kernel/hardware configuration

Reads runtime system information

System Network Configuration Discovery

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-11-06 18:23

Signatures

UPX packed file

upx
Description Indicator Process Target
N/A N/A N/A N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-11-06 18:23

Reported

2024-11-06 18:25

Platform

ubuntu2404-amd64-20240523-en

Max time kernel

149s

Max time network

148s

Command Line

[/tmp/selfrep.i686.elf]

Signatures

Loads a kernel module

rootkit
Description Indicator Process Target
N/A N/A /tmp/selfrep.i686.elf N/A
N/A N/A /tmp/selfrep.i686.elf N/A
N/A N/A /tmp/selfrep.i686.elf N/A
N/A N/A /tmp/selfrep.i686.elf N/A
N/A N/A /tmp/selfrep.i686.elf N/A
N/A N/A /tmp/selfrep.i686.elf N/A
N/A N/A /tmp/selfrep.i686.elf N/A
N/A N/A /tmp/selfrep.i686.elf N/A
N/A N/A /tmp/selfrep.i686.elf N/A
N/A N/A /tmp/selfrep.i686.elf N/A
N/A N/A /tmp/selfrep.i686.elf N/A
N/A N/A /tmp/selfrep.i686.elf N/A
N/A N/A /tmp/selfrep.i686.elf N/A
N/A N/A /tmp/selfrep.i686.elf N/A
N/A N/A /tmp/selfrep.i686.elf N/A
N/A N/A /tmp/selfrep.i686.elf N/A
N/A N/A /tmp/selfrep.i686.elf N/A
N/A N/A /tmp/selfrep.i686.elf N/A
N/A N/A /tmp/selfrep.i686.elf N/A
N/A N/A /tmp/selfrep.i686.elf N/A
N/A N/A /tmp/selfrep.i686.elf N/A
N/A N/A /tmp/selfrep.i686.elf N/A
N/A N/A /tmp/selfrep.i686.elf N/A
N/A N/A /tmp/selfrep.i686.elf N/A
N/A N/A /tmp/selfrep.i686.elf N/A
N/A N/A /tmp/selfrep.i686.elf N/A
N/A N/A /tmp/selfrep.i686.elf N/A
N/A N/A /tmp/selfrep.i686.elf N/A
N/A N/A /tmp/selfrep.i686.elf N/A
N/A N/A /tmp/selfrep.i686.elf N/A
N/A N/A /tmp/selfrep.i686.elf N/A
N/A N/A /tmp/selfrep.i686.elf N/A
N/A N/A /tmp/selfrep.i686.elf N/A
N/A N/A /tmp/selfrep.i686.elf N/A
N/A N/A /tmp/selfrep.i686.elf N/A
N/A N/A /tmp/selfrep.i686.elf N/A
N/A N/A /tmp/selfrep.i686.elf N/A
N/A N/A /tmp/selfrep.i686.elf N/A
N/A N/A /tmp/selfrep.i686.elf N/A
N/A N/A /tmp/selfrep.i686.elf N/A
N/A N/A /tmp/selfrep.i686.elf N/A
N/A N/A /tmp/selfrep.i686.elf N/A
N/A N/A /tmp/selfrep.i686.elf N/A
N/A N/A /tmp/selfrep.i686.elf N/A
N/A N/A /tmp/selfrep.i686.elf N/A
N/A N/A /tmp/selfrep.i686.elf N/A
N/A N/A /tmp/selfrep.i686.elf N/A
N/A N/A /tmp/selfrep.i686.elf N/A
N/A N/A /tmp/selfrep.i686.elf N/A
N/A N/A /tmp/selfrep.i686.elf N/A
N/A N/A /tmp/selfrep.i686.elf N/A
N/A N/A /tmp/selfrep.i686.elf N/A
N/A N/A /tmp/selfrep.i686.elf N/A
N/A N/A /tmp/selfrep.i686.elf N/A
N/A N/A /tmp/selfrep.i686.elf N/A
N/A N/A /tmp/selfrep.i686.elf N/A
N/A N/A /tmp/selfrep.i686.elf N/A
N/A N/A /tmp/selfrep.i686.elf N/A
N/A N/A /tmp/selfrep.i686.elf N/A
N/A N/A /tmp/selfrep.i686.elf N/A
N/A N/A /tmp/selfrep.i686.elf N/A
N/A N/A /tmp/selfrep.i686.elf N/A
N/A N/A /tmp/selfrep.i686.elf N/A
N/A N/A /tmp/selfrep.i686.elf N/A

Enumerates running processes

Reads CPU attributes

discovery
Description Indicator Process Target
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A

Enumerates kernel/hardware configuration

discovery
Description Indicator Process Target
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A

Reads runtime system information

discovery
Description Indicator Process Target
File opened for reading /proc/723/ctty /usr/bin/pkill N/A
File opened for reading /proc/1699/status /usr/bin/pkill N/A
File opened for reading /proc/389/cmdline /usr/bin/pkill N/A
File opened for reading /proc/1390/stat /usr/bin/pkill N/A
File opened for reading /proc/2192/status /usr/bin/pkill N/A
File opened for reading /proc/2209/status /usr/bin/pkill N/A
File opened for reading /proc/56/cgroup /usr/bin/pkill N/A
File opened for reading /proc/1696/cgroup /usr/bin/pkill N/A
File opened for reading /proc/1975/cmdline /usr/bin/pkill N/A
File opened for reading /proc/1870/status /usr/bin/pkill N/A
File opened for reading /proc/1391/ctty /usr/bin/pkill N/A
File opened for reading /proc/384/cmdline /usr/bin/pkill N/A
File opened for reading /proc/17/stat /usr/bin/pkill N/A
File opened for reading /proc/31/ctty /usr/bin/pkill N/A
File opened for reading /proc/1870/cmdline /usr/bin/pkill N/A
File opened for reading /proc/1941/cgroup /usr/bin/pkill N/A
File opened for reading /proc/63/cgroup /usr/bin/pkill N/A
File opened for reading /proc/198/stat /usr/bin/pkill N/A
File opened for reading /proc/33/cgroup /usr/bin/pkill N/A
File opened for reading /proc/2481/ctty /usr/bin/pkill N/A
File opened for reading /proc/2302/cmdline /usr/bin/pkill N/A
File opened for reading /proc/772/cgroup /usr/bin/pkill N/A
File opened for reading /proc/1041/ctty /usr/bin/pkill N/A
File opened for reading /proc/45/cgroup /usr/bin/pkill N/A
File opened for reading /proc/1119/ctty /usr/bin/pkill N/A
File opened for reading /proc/41/status /usr/bin/pkill N/A
File opened for reading /proc/2155/cmdline /usr/bin/pkill N/A
File opened for reading /proc/1391/ctty /usr/bin/pkill N/A
File opened for reading /proc/202/stat /usr/bin/pkill N/A
File opened for reading /proc/1965/cgroup /usr/bin/pkill N/A
File opened for reading /proc/1978/status /usr/bin/pkill N/A
File opened for reading /proc/2140/stat /usr/bin/pkill N/A
File opened for reading /proc/40/status /usr/bin/pkill N/A
File opened for reading /proc/2261/cgroup /usr/bin/pkill N/A
File opened for reading /proc/2482/cgroup /usr/bin/pkill N/A
File opened for reading /proc/457/cgroup /usr/bin/pkill N/A
File opened for reading /proc/1941/cmdline /usr/bin/pkill N/A
File opened for reading /proc/235/cgroup /usr/bin/pkill N/A
File opened for reading /proc/16/status /usr/bin/pkill N/A
File opened for reading /proc/1783/stat /usr/bin/pkill N/A
File opened for reading /proc/181/cmdline /usr/bin/pkill N/A
File opened for reading /proc/720/ctty /usr/bin/pkill N/A
File opened for reading /proc/2302/cgroup /usr/bin/pkill N/A
File opened for reading /proc/55/status /usr/bin/pkill N/A
File opened for reading /proc/439/status /usr/bin/pkill N/A
File opened for reading /proc/26/cgroup /usr/bin/pkill N/A
File opened for reading /proc/31/cmdline /usr/bin/pkill N/A
File opened for reading /proc/199/cmdline /usr/bin/pkill N/A
File opened for reading /proc/39/cgroup /usr/bin/pkill N/A
File opened for reading /proc/2306/cgroup /usr/bin/pkill N/A
File opened for reading /proc/191/status /usr/bin/pkill N/A
File opened for reading /proc/2481/ctty /usr/bin/pkill N/A
File opened for reading /proc/1390/stat /usr/bin/pkill N/A
File opened for reading /proc/1052/status /usr/bin/pkill N/A
File opened for reading /proc/20/cmdline /usr/bin/pkill N/A
File opened for reading /proc/7/stat /usr/bin/pkill N/A
File opened for reading /proc/1052/stat /usr/bin/pkill N/A
File opened for reading /proc/181/cgroup /usr/bin/pkill N/A
File opened for reading /proc/787/cgroup /usr/bin/pkill N/A
File opened for reading /proc/2500/stat /usr/bin/pkill N/A
File opened for reading /proc/1701/ctty /usr/bin/pkill N/A
File opened for reading /proc/1966/cmdline /usr/bin/pkill N/A
File opened for reading /proc/4/cmdline /usr/bin/pkill N/A
File opened for reading /proc/35/status /usr/bin/pkill N/A

System Network Configuration Discovery

discovery
Description Indicator Process Target
N/A N/A /usr/bin/pkill N/A

Processes

/tmp/selfrep.i686.elf

[/tmp/selfrep.i686.elf]

/usr/bin/pkill

[pkill -9 902i13]

/usr/bin/pkill

[pkill -9 BzSxLxBxeY]

/usr/bin/pkill

[pkill -9 HOHO-LUGO7]

/usr/bin/pkill

[pkill -9 HOHO-U79OL]

/usr/bin/pkill

[pkill -9 JuYfouyf87]

/usr/bin/pkill

[pkill -9 NiGGeR69xd]

/usr/bin/pkill

[pkill -9 SO190Ij1X]

/usr/bin/pkill

[pkill -9 LOLKIKEEEDDE]

/usr/bin/pkill

[pkill -9 ekjheory98e]

/usr/bin/pkill

[pkill -9 scansh4]

/usr/bin/pkill

[pkill -9 MDMA]

/usr/bin/pkill

[pkill -9 fdevalvex]

/usr/bin/pkill

[pkill -9 scanspc]

/usr/bin/pkill

[pkill -9 MELTEDNINJAREALZ]

/usr/bin/pkill

[pkill -9 flexsonskids]

/usr/bin/pkill

[pkill -9 scanx86]

/usr/bin/pkill

[pkill -9 MISAKI-U79OL]

/usr/bin/pkill

[pkill -9 foAxi102kxe]

/usr/bin/pkill

[pkill -9 swodjwodjwoj]

/usr/bin/pkill

[pkill -9 MmKiy7f87l]

/usr/bin/pkill

[pkill -9 freecookiex86]

/usr/bin/pkill

[pkill -9 sysgpu]

/usr/bin/pkill

[pkill -9 NiGGeR69xd]

/usr/bin/pkill

[pkill -9 frgege]

/usr/bin/pkill

[pkill -9 sysupdater]

/usr/bin/pkill

[pkill -9 0DnAzepd]

/usr/bin/pkill

[pkill -9 NiGGeRD0nks69]

/usr/bin/pkill

[pkill -9 frgreu]

/usr/bin/pkill

[pkill -9 telnetd]

/usr/bin/pkill

[pkill -9 0x766f6964]

/usr/bin/pkill

[pkill -9 NiGGeRd0nks1337]

/usr/bin/pkill

[pkill -9 gaft]

/usr/bin/pkill

[pkill -9 urasgbsigboa]

/usr/bin/pkill

[pkill -9 120i3UI49]

/usr/bin/pkill

[pkill -9 OaF3]

/usr/bin/pkill

[pkill -9 geae]

/usr/bin/pkill

[pkill -9 vaiolmao]

/usr/bin/pkill

[pkill -9 123123a]

/usr/bin/pkill

[pkill -9 Ofurain0n4H34D]

/usr/bin/pkill

[pkill -9 ggTrex]

/usr/bin/pkill

[pkill -9 wasads]

/usr/bin/pkill

[pkill -9 1293194hjXD]

/usr/bin/pkill

[pkill -9 OthLaLosn]

/usr/bin/pkill

[pkill -9 ggt]

/usr/bin/pkill

[pkill -9 wget-log]

/usr/bin/pkill

[pkill -9 1337SoraLOADER]

/usr/bin/pkill

[pkill -9 SAIAKINA]

/usr/bin/pkill

[pkill -9 ggtq]

/usr/bin/pkill

[pkill -9 1378bfp919GRB1Q2]

/usr/bin/pkill

[pkill -9 SAIAKUSO]

/usr/bin/pkill

[pkill -9 ggtr]

/usr/bin/pkill

[pkill -9 14Fa]

/usr/bin/pkill

[pkill -9 SEXSLAVE1337]

/usr/bin/pkill

[pkill -9 ggtt]

/usr/bin/pkill

[pkill -9 1902a3u912u3u4]

/usr/bin/pkill

[pkill -9 SO190Ij1X]

/usr/bin/pkill

[pkill -9 haetrghbr]

/usr/bin/pkill

[pkill -9 19ju3d]

/usr/bin/pkill

[pkill -9 SORAojkf120]

/usr/bin/pkill

[pkill -9 hehahejeje92]

/usr/bin/pkill

[pkill -9 2U2JDJA901F91]

/usr/bin/pkill

[pkill -9 SlaVLav12]

/usr/bin/pkill

[pkill -9 helpmedaddthhhhh]

/usr/bin/pkill

[pkill -9 2wgg9qphbq]

/usr/bin/pkill

[pkill -9 Slav3Th3seD3vices]

/usr/bin/pkill

[pkill -9 hzSmYZjYMQ]

/usr/bin/pkill

[pkill -9 5Gbf]

/usr/bin/pkill

[pkill -9 SoRAxD123LOL]

/usr/bin/pkill

[pkill -9 iaGv]

/usr/bin/pkill

[pkill -9 5aA3]

/usr/bin/pkill

[pkill -9 SoRAxD420LOL]

/usr/bin/pkill

[pkill -9 insomni]

/usr/bin/pkill

[pkill -9 640277]

/usr/bin/pkill

[pkill -9 SoraBeReppin1337]

/usr/bin/pkill

[pkill -9 ipcamCache]

/usr/bin/pkill

[pkill -9 66tlGg9Q]

/usr/bin/pkill

[pkill -9 T]

/usr/bin/pkill

[pkill -9 jUYfouyf87]

/usr/bin/pkill

[pkill -9 6ke3]

/usr/bin/pkill

[pkill -9 TOKYO3]

/usr/bin/pkill

[pkill -9 lyEeaXul2dULCVxh]

/usr/bin/pkill

[pkill -9 93OfjHZ2z]

/usr/bin/pkill

[pkill -9 TY2gD6MZvKc7KU6r]

/usr/bin/pkill

[pkill -9 mMkiy6f87l]

/usr/bin/pkill

[pkill -9 A023UU4U24UIU]

/usr/bin/pkill

[pkill -9 TheWeeknd]

/usr/bin/pkill

[pkill -9 mioribitches]

/usr/bin/pkill

[pkill -9 A5p9]

/usr/bin/pkill

[pkill -9 TheWeeknds]

/usr/bin/pkill

[pkill -9 mnblkjpoi]

/usr/bin/pkill

[pkill -9 AbAd]

/usr/bin/pkill

[pkill -9 Tokyos]

/usr/bin/pkill

[pkill -9 neb]

/usr/bin/pkill

[pkill -9 Akiru]

/usr/bin/pkill

[pkill -9 U8inTz]

/usr/bin/pkill

[pkill -9 netstats]

/usr/bin/pkill

[pkill -9 Alex]

/usr/bin/pkill

[pkill -9 W9RCAKM20T]

/usr/bin/pkill

[pkill -9 newnetword]

/usr/bin/pkill

[pkill -9 Ayo215]

/usr/bin/pkill

[pkill -9 Word]

/usr/bin/pkill

[pkill -9 nloads]

/usr/bin/pkill

[pkill -9 BAdAsV]

/usr/bin/pkill

[pkill -9 Wordmane]

/usr/bin/pkill

[pkill -9 notyakuzaa]

/usr/bin/pkill

[pkill -9 Belch]

/usr/bin/pkill

[pkill -9 Wordnets]

/usr/bin/pkill

[pkill -9 obp]

/usr/bin/pkill

[pkill -9 BigN0gg0r420]

/usr/bin/pkill

[pkill -9 X0102I34f]

/usr/bin/pkill

[pkill -9 ofhasfhiafhoi]

/usr/bin/pkill

[pkill -9 BzSxLxBxeY]

/usr/bin/pkill

[pkill -9 X19I239124UIU]

/usr/bin/pkill

[pkill -9 oism]

/usr/bin/pkill

[pkill -9 Deported]

/usr/bin/pkill

[pkill -9 XSHJEHHEIIHWO]

/usr/bin/pkill

[pkill -9 olsVNwo12]

/usr/bin/pkill

[pkill -9 DeportedDeported]

/usr/bin/pkill

[pkill -9 XkTer0GbA1]

/usr/bin/pkill

[pkill -9 onry0v03]

/usr/bin/pkill

[pkill -9 FortniteDownLOLZ]

/usr/bin/pkill

[pkill -9 Y0urM0mGay]

/usr/bin/pkill

[pkill -9 pussyfartlmaojk]

/usr/bin/pkill

[pkill -9 GrAcEnIgGeRaNn]

/usr/bin/pkill

[pkill -9 YvdGkqndCO]

/usr/bin/pkill

[pkill -9 qGeoRBe6BE]

/usr/bin/pkill

[pkill -9 GuiltyCrown]

/usr/bin/pkill

[pkill -9 ZEuS69]

/usr/bin/pkill

[pkill -9 s4beBsEQhd]

/usr/bin/pkill

[pkill -9 HOHO-KSNDO]

/usr/bin/pkill

[pkill -9 ZEuz69]

/usr/bin/pkill

[pkill -9 sat1234]

/usr/bin/pkill

[pkill -9 HOHO-LUGO7]

/usr/bin/pkill

[pkill -9 aj93hJ23]

/usr/bin/pkill

[pkill -9 scanHA]

/usr/bin/pkill

[pkill -9 HOHO-U79OL]

/usr/bin/pkill

[pkill -9 alie293z0k2L]

/usr/bin/pkill

[pkill -9 scanJoshoARM]

/usr/bin/pkill

[pkill -9 HellInSide]

/usr/bin/pkill

[pkill -9 ayyyGangShit]

/usr/bin/pkill

[pkill -9 scanJoshoARM5]

/usr/bin/pkill

[pkill -9 HighFry]

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
MD 45.86.86.60:5060 tcp
MD 45.86.86.60:5060 tcp
MD 45.86.86.60:5060 tcp
MD 45.86.86.60:5060 tcp
MD 45.86.86.60:5060 tcp
MD 45.86.86.60:5060 tcp
MD 45.86.86.60:5060 tcp
MD 45.86.86.60:5060 tcp
MD 45.86.86.60:5060 tcp
MD 45.86.86.60:5060 tcp
MD 45.86.86.60:5060 tcp
MD 45.86.86.60:5060 tcp
MD 45.86.86.60:5060 tcp
MD 45.86.86.60:5060 tcp
MD 45.86.86.60:5060 tcp

Files

N/A