Malware Analysis Report

2024-12-07 13:22

Sample ID 241106-wzw18svfle
Target selfrep.i586.elf
SHA256 7d17800118eb9c9d811ef9cc42985382581291eabc3d0a01ab56fb28bbb6dd81
Tags
upx discovery rootkit
score
7/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
7/10

SHA256

7d17800118eb9c9d811ef9cc42985382581291eabc3d0a01ab56fb28bbb6dd81

Threat Level: Shows suspicious behavior

The file selfrep.i586.elf was found to be: Shows suspicious behavior.

Malicious Activity Summary

upx discovery rootkit

Loads a kernel module

Enumerates running processes

UPX packed file

Reads CPU attributes

Enumerates kernel/hardware configuration

Reads runtime system information

System Network Configuration Discovery

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-11-06 18:22

Signatures

UPX packed file

upx
Description Indicator Process Target
N/A N/A N/A N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-11-06 18:22

Reported

2024-11-06 18:24

Platform

ubuntu2404-amd64-20240523-en

Max time kernel

149s

Max time network

149s

Command Line

[/tmp/selfrep.i586.elf]

Signatures

Loads a kernel module

rootkit
Description Indicator Process Target
N/A N/A /tmp/selfrep.i586.elf N/A
N/A N/A /tmp/selfrep.i586.elf N/A
N/A N/A /tmp/selfrep.i586.elf N/A
N/A N/A /tmp/selfrep.i586.elf N/A
N/A N/A /tmp/selfrep.i586.elf N/A
N/A N/A /tmp/selfrep.i586.elf N/A
N/A N/A /tmp/selfrep.i586.elf N/A
N/A N/A /tmp/selfrep.i586.elf N/A
N/A N/A /tmp/selfrep.i586.elf N/A
N/A N/A /tmp/selfrep.i586.elf N/A
N/A N/A /tmp/selfrep.i586.elf N/A
N/A N/A /tmp/selfrep.i586.elf N/A
N/A N/A /tmp/selfrep.i586.elf N/A
N/A N/A /tmp/selfrep.i586.elf N/A
N/A N/A /tmp/selfrep.i586.elf N/A
N/A N/A /tmp/selfrep.i586.elf N/A
N/A N/A /tmp/selfrep.i586.elf N/A
N/A N/A /tmp/selfrep.i586.elf N/A
N/A N/A /tmp/selfrep.i586.elf N/A
N/A N/A /tmp/selfrep.i586.elf N/A
N/A N/A /tmp/selfrep.i586.elf N/A
N/A N/A /tmp/selfrep.i586.elf N/A
N/A N/A /tmp/selfrep.i586.elf N/A
N/A N/A /tmp/selfrep.i586.elf N/A
N/A N/A /tmp/selfrep.i586.elf N/A
N/A N/A /tmp/selfrep.i586.elf N/A
N/A N/A /tmp/selfrep.i586.elf N/A
N/A N/A /tmp/selfrep.i586.elf N/A
N/A N/A /tmp/selfrep.i586.elf N/A
N/A N/A /tmp/selfrep.i586.elf N/A
N/A N/A /tmp/selfrep.i586.elf N/A
N/A N/A /tmp/selfrep.i586.elf N/A
N/A N/A /tmp/selfrep.i586.elf N/A
N/A N/A /tmp/selfrep.i586.elf N/A
N/A N/A /tmp/selfrep.i586.elf N/A
N/A N/A /tmp/selfrep.i586.elf N/A
N/A N/A /tmp/selfrep.i586.elf N/A
N/A N/A /tmp/selfrep.i586.elf N/A
N/A N/A /tmp/selfrep.i586.elf N/A
N/A N/A /tmp/selfrep.i586.elf N/A
N/A N/A /tmp/selfrep.i586.elf N/A
N/A N/A /tmp/selfrep.i586.elf N/A
N/A N/A /tmp/selfrep.i586.elf N/A
N/A N/A /tmp/selfrep.i586.elf N/A
N/A N/A /tmp/selfrep.i586.elf N/A
N/A N/A /tmp/selfrep.i586.elf N/A
N/A N/A /tmp/selfrep.i586.elf N/A
N/A N/A /tmp/selfrep.i586.elf N/A
N/A N/A /tmp/selfrep.i586.elf N/A
N/A N/A /tmp/selfrep.i586.elf N/A
N/A N/A /tmp/selfrep.i586.elf N/A
N/A N/A /tmp/selfrep.i586.elf N/A
N/A N/A /tmp/selfrep.i586.elf N/A
N/A N/A /tmp/selfrep.i586.elf N/A
N/A N/A /tmp/selfrep.i586.elf N/A
N/A N/A /tmp/selfrep.i586.elf N/A
N/A N/A /tmp/selfrep.i586.elf N/A
N/A N/A /tmp/selfrep.i586.elf N/A
N/A N/A /tmp/selfrep.i586.elf N/A
N/A N/A /tmp/selfrep.i586.elf N/A
N/A N/A /tmp/selfrep.i586.elf N/A
N/A N/A /tmp/selfrep.i586.elf N/A
N/A N/A /tmp/selfrep.i586.elf N/A
N/A N/A /tmp/selfrep.i586.elf N/A

Enumerates running processes

Reads CPU attributes

discovery
Description Indicator Process Target
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A

Enumerates kernel/hardware configuration

discovery
Description Indicator Process Target
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A

Reads runtime system information

discovery
Description Indicator Process Target
File opened for reading /proc/40/status /usr/bin/pkill N/A
File opened for reading /proc/1117/stat /usr/bin/pkill N/A
File opened for reading /proc/2142/cmdline /usr/bin/pkill N/A
File opened for reading /proc/self/status /usr/bin/pkill N/A
File opened for reading /proc/2743/cgroup /usr/bin/pkill N/A
File opened for reading /proc/1/cmdline /usr/bin/pkill N/A
File opened for reading /proc/25/ctty /usr/bin/pkill N/A
File opened for reading /proc/785/cmdline /usr/bin/pkill N/A
File opened for reading /proc/45/ctty /usr/bin/pkill N/A
File opened for reading /proc/2227/ctty /usr/bin/pkill N/A
File opened for reading /proc/32/cmdline /usr/bin/pkill N/A
File opened for reading /proc/198/cmdline /usr/bin/pkill N/A
File opened for reading /proc/2135/stat /usr/bin/pkill N/A
File opened for reading /proc/890/cgroup /usr/bin/pkill N/A
File opened for reading /proc/2191/stat /usr/bin/pkill N/A
File opened for reading /proc/2473/status /usr/bin/pkill N/A
File opened for reading /proc/25/cmdline /usr/bin/pkill N/A
File opened for reading /proc/2490/cgroup /usr/bin/pkill N/A
File opened for reading /proc/79/stat /usr/bin/pkill N/A
File opened for reading /proc/2632/cgroup /usr/bin/pkill N/A
File opened for reading /proc/2207/cgroup /usr/bin/pkill N/A
File opened for reading /proc/830/stat /usr/bin/pkill N/A
File opened for reading /proc/2227/cgroup /usr/bin/pkill N/A
File opened for reading /proc/1693/ctty /usr/bin/pkill N/A
File opened for reading /proc/2114/stat /usr/bin/pkill N/A
File opened for reading /proc/63/cmdline /usr/bin/pkill N/A
File opened for reading /proc/1044/stat /usr/bin/pkill N/A
File opened for reading /proc/1044/status /usr/bin/pkill N/A
File opened for reading /proc/1980/cgroup /usr/bin/pkill N/A
File opened for reading /proc/19/ctty /usr/bin/pkill N/A
File opened for reading /proc/1072/stat /usr/bin/pkill N/A
File opened for reading /proc/36/status /usr/bin/pkill N/A
File opened for reading /proc/202/ctty /usr/bin/pkill N/A
File opened for reading /proc/2061/cmdline /usr/bin/pkill N/A
File opened for reading /proc/127/stat /usr/bin/pkill N/A
File opened for reading /proc/34/status /usr/bin/pkill N/A
File opened for reading /proc/1076/stat /usr/bin/pkill N/A
File opened for reading /proc/79/status /usr/bin/pkill N/A
File opened for reading /proc/1690/stat /usr/bin/pkill N/A
File opened for reading /proc/1076/ctty /usr/bin/pkill N/A
File opened for reading /proc/123/cmdline /usr/bin/pkill N/A
File opened for reading /proc/1968/cgroup /usr/bin/pkill N/A
File opened for reading /proc/16/cmdline /usr/bin/pkill N/A
File opened for reading /proc/1695/cgroup /usr/bin/pkill N/A
File opened for reading /proc/1942/stat /usr/bin/pkill N/A
File opened for reading /proc/4/cgroup /usr/bin/pkill N/A
File opened for reading /proc/1049/cgroup /usr/bin/pkill N/A
File opened for reading /proc/2614/ctty /usr/bin/pkill N/A
File opened for reading /proc/2114/status /usr/bin/pkill N/A
File opened for reading /proc/725/cmdline /usr/bin/pkill N/A
File opened for reading /proc/1072/ctty /usr/bin/pkill N/A
File opened for reading /proc/1911/stat /usr/bin/pkill N/A
File opened for reading /proc/39/cgroup /usr/bin/pkill N/A
File opened for reading /proc/2126/cgroup /usr/bin/pkill N/A
File opened for reading /proc/1392/stat /usr/bin/pkill N/A
File opened for reading /proc/1082/ctty /usr/bin/pkill N/A
File opened for reading /proc/44/status /usr/bin/pkill N/A
File opened for reading /proc/195/cgroup /usr/bin/pkill N/A
File opened for reading /proc/1920/cmdline /usr/bin/pkill N/A
File opened for reading /proc/1072/cmdline /usr/bin/pkill N/A
File opened for reading /proc/1990/cmdline /usr/bin/pkill N/A
File opened for reading /proc/2141/stat /usr/bin/pkill N/A
File opened for reading /proc/26/status /usr/bin/pkill N/A
File opened for reading /proc/52/cmdline /usr/bin/pkill N/A

System Network Configuration Discovery

discovery
Description Indicator Process Target
N/A N/A /usr/bin/pkill N/A

Processes

/tmp/selfrep.i586.elf

[/tmp/selfrep.i586.elf]

/usr/bin/pkill

[pkill -9 902i13]

/usr/bin/pkill

[pkill -9 BzSxLxBxeY]

/usr/bin/pkill

[pkill -9 HOHO-LUGO7]

/usr/bin/pkill

[pkill -9 HOHO-U79OL]

/usr/bin/pkill

[pkill -9 JuYfouyf87]

/usr/bin/pkill

[pkill -9 NiGGeR69xd]

/usr/bin/pkill

[pkill -9 SO190Ij1X]

/usr/bin/pkill

[pkill -9 LOLKIKEEEDDE]

/usr/bin/pkill

[pkill -9 ekjheory98e]

/usr/bin/pkill

[pkill -9 scansh4]

/usr/bin/pkill

[pkill -9 MDMA]

/usr/bin/pkill

[pkill -9 fdevalvex]

/usr/bin/pkill

[pkill -9 scanspc]

/usr/bin/pkill

[pkill -9 MELTEDNINJAREALZ]

/usr/bin/pkill

[pkill -9 flexsonskids]

/usr/bin/pkill

[pkill -9 scanx86]

/usr/bin/pkill

[pkill -9 MISAKI-U79OL]

/usr/bin/pkill

[pkill -9 foAxi102kxe]

/usr/bin/pkill

[pkill -9 swodjwodjwoj]

/usr/bin/pkill

[pkill -9 MmKiy7f87l]

/usr/bin/pkill

[pkill -9 freecookiex86]

/usr/bin/pkill

[pkill -9 sysgpu]

/usr/bin/pkill

[pkill -9 NiGGeR69xd]

/usr/bin/pkill

[pkill -9 frgege]

/usr/bin/pkill

[pkill -9 sysupdater]

/usr/bin/pkill

[pkill -9 0DnAzepd]

/usr/bin/pkill

[pkill -9 NiGGeRD0nks69]

/usr/bin/pkill

[pkill -9 frgreu]

/usr/bin/pkill

[pkill -9 telnetd]

/usr/bin/pkill

[pkill -9 0x766f6964]

/usr/bin/pkill

[pkill -9 NiGGeRd0nks1337]

/usr/bin/pkill

[pkill -9 gaft]

/usr/bin/pkill

[pkill -9 urasgbsigboa]

/usr/bin/pkill

[pkill -9 120i3UI49]

/usr/bin/pkill

[pkill -9 OaF3]

/usr/bin/pkill

[pkill -9 geae]

/usr/bin/pkill

[pkill -9 vaiolmao]

/usr/bin/pkill

[pkill -9 123123a]

/usr/bin/pkill

[pkill -9 Ofurain0n4H34D]

/usr/bin/pkill

[pkill -9 ggTrex]

/usr/bin/pkill

[pkill -9 wasads]

/usr/bin/pkill

[pkill -9 1293194hjXD]

/usr/bin/pkill

[pkill -9 OthLaLosn]

/usr/bin/pkill

[pkill -9 ggt]

/usr/bin/pkill

[pkill -9 wget-log]

/usr/bin/pkill

[pkill -9 1337SoraLOADER]

/usr/bin/pkill

[pkill -9 SAIAKINA]

/usr/bin/pkill

[pkill -9 ggtq]

/usr/bin/pkill

[pkill -9 1378bfp919GRB1Q2]

/usr/bin/pkill

[pkill -9 SAIAKUSO]

/usr/bin/pkill

[pkill -9 ggtr]

/usr/bin/pkill

[pkill -9 14Fa]

/usr/bin/pkill

[pkill -9 SEXSLAVE1337]

/usr/bin/pkill

[pkill -9 ggtt]

/usr/bin/pkill

[pkill -9 1902a3u912u3u4]

/usr/bin/pkill

[pkill -9 SO190Ij1X]

/usr/bin/pkill

[pkill -9 haetrghbr]

/usr/bin/pkill

[pkill -9 19ju3d]

/usr/bin/pkill

[pkill -9 SORAojkf120]

/usr/bin/pkill

[pkill -9 hehahejeje92]

/usr/bin/pkill

[pkill -9 2U2JDJA901F91]

/usr/bin/pkill

[pkill -9 SlaVLav12]

/usr/bin/pkill

[pkill -9 helpmedaddthhhhh]

/usr/bin/pkill

[pkill -9 2wgg9qphbq]

/usr/bin/pkill

[pkill -9 Slav3Th3seD3vices]

/usr/bin/pkill

[pkill -9 hzSmYZjYMQ]

/usr/bin/pkill

[pkill -9 5Gbf]

/usr/bin/pkill

[pkill -9 SoRAxD123LOL]

/usr/bin/pkill

[pkill -9 iaGv]

/usr/bin/pkill

[pkill -9 5aA3]

/usr/bin/pkill

[pkill -9 SoRAxD420LOL]

/usr/bin/pkill

[pkill -9 insomni]

/usr/bin/pkill

[pkill -9 640277]

/usr/bin/pkill

[pkill -9 SoraBeReppin1337]

/usr/bin/pkill

[pkill -9 ipcamCache]

/usr/bin/pkill

[pkill -9 66tlGg9Q]

/usr/bin/pkill

[pkill -9 T]

/usr/bin/pkill

[pkill -9 jUYfouyf87]

/usr/bin/pkill

[pkill -9 6ke3]

/usr/bin/pkill

[pkill -9 TOKYO3]

/usr/bin/pkill

[pkill -9 lyEeaXul2dULCVxh]

/usr/bin/pkill

[pkill -9 93OfjHZ2z]

/usr/bin/pkill

[pkill -9 TY2gD6MZvKc7KU6r]

/usr/bin/pkill

[pkill -9 mMkiy6f87l]

/usr/bin/pkill

[pkill -9 A023UU4U24UIU]

/usr/bin/pkill

[pkill -9 TheWeeknd]

/usr/bin/pkill

[pkill -9 mioribitches]

/usr/bin/pkill

[pkill -9 A5p9]

/usr/bin/pkill

[pkill -9 TheWeeknds]

/usr/bin/pkill

[pkill -9 mnblkjpoi]

/usr/bin/pkill

[pkill -9 AbAd]

/usr/bin/pkill

[pkill -9 Tokyos]

/usr/bin/pkill

[pkill -9 neb]

/usr/bin/pkill

[pkill -9 Akiru]

/usr/bin/pkill

[pkill -9 U8inTz]

/usr/bin/pkill

[pkill -9 netstats]

/usr/bin/pkill

[pkill -9 Alex]

/usr/bin/pkill

[pkill -9 W9RCAKM20T]

/usr/bin/pkill

[pkill -9 newnetword]

/usr/bin/pkill

[pkill -9 Ayo215]

/usr/bin/pkill

[pkill -9 Word]

/usr/bin/pkill

[pkill -9 nloads]

/usr/bin/pkill

[pkill -9 BAdAsV]

/usr/bin/pkill

[pkill -9 Wordmane]

/usr/bin/pkill

[pkill -9 notyakuzaa]

/usr/bin/pkill

[pkill -9 Belch]

/usr/bin/pkill

[pkill -9 Wordnets]

/usr/bin/pkill

[pkill -9 obp]

/usr/bin/pkill

[pkill -9 BigN0gg0r420]

/usr/bin/pkill

[pkill -9 X0102I34f]

/usr/bin/pkill

[pkill -9 ofhasfhiafhoi]

/usr/bin/pkill

[pkill -9 BzSxLxBxeY]

/usr/bin/pkill

[pkill -9 X19I239124UIU]

/usr/bin/pkill

[pkill -9 oism]

/usr/bin/pkill

[pkill -9 Deported]

/usr/bin/pkill

[pkill -9 XSHJEHHEIIHWO]

/usr/bin/pkill

[pkill -9 olsVNwo12]

/usr/bin/pkill

[pkill -9 DeportedDeported]

/usr/bin/pkill

[pkill -9 XkTer0GbA1]

/usr/bin/pkill

[pkill -9 onry0v03]

/usr/bin/pkill

[pkill -9 FortniteDownLOLZ]

/usr/bin/pkill

[pkill -9 Y0urM0mGay]

/usr/bin/pkill

[pkill -9 pussyfartlmaojk]

/usr/bin/pkill

[pkill -9 GrAcEnIgGeRaNn]

/usr/bin/pkill

[pkill -9 YvdGkqndCO]

/usr/bin/pkill

[pkill -9 qGeoRBe6BE]

/usr/bin/pkill

[pkill -9 GuiltyCrown]

/usr/bin/pkill

[pkill -9 ZEuS69]

/usr/bin/pkill

[pkill -9 s4beBsEQhd]

/usr/bin/pkill

[pkill -9 HOHO-KSNDO]

/usr/bin/pkill

[pkill -9 ZEuz69]

/usr/bin/pkill

[pkill -9 sat1234]

/usr/bin/pkill

[pkill -9 HOHO-LUGO7]

/usr/bin/pkill

[pkill -9 aj93hJ23]

/usr/bin/pkill

[pkill -9 scanHA]

/usr/bin/pkill

[pkill -9 HOHO-U79OL]

/usr/bin/pkill

[pkill -9 alie293z0k2L]

/usr/bin/pkill

[pkill -9 scanJoshoARM]

/usr/bin/pkill

[pkill -9 HellInSide]

/usr/bin/pkill

[pkill -9 ayyyGangShit]

/usr/bin/pkill

[pkill -9 scanJoshoARM5]

/usr/bin/pkill

[pkill -9 HighFry]

/usr/bin/pkill

[pkill -9 b1gl]

/usr/bin/pkill

[pkill -9 scanJoshoARM6]

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
MD 45.86.86.60:5060 tcp
MD 45.86.86.60:5060 tcp
MD 45.86.86.60:5060 tcp
MD 45.86.86.60:5060 tcp
MD 45.86.86.60:5060 tcp
MD 45.86.86.60:5060 tcp
MD 45.86.86.60:5060 tcp
MD 45.86.86.60:5060 tcp
MD 45.86.86.60:5060 tcp
MD 45.86.86.60:5060 tcp
MD 45.86.86.60:5060 tcp
MD 45.86.86.60:5060 tcp
MD 45.86.86.60:5060 tcp
MD 45.86.86.60:5060 tcp
MD 45.86.86.60:5060 tcp
MD 45.86.86.60:5060 tcp
MD 45.86.86.60:5060 tcp
MD 45.86.86.60:5060 tcp
MD 45.86.86.60:5060 tcp
MD 45.86.86.60:5060 tcp
MD 45.86.86.60:5060 tcp
MD 45.86.86.60:5060 tcp
MD 45.86.86.60:5060 tcp
MD 45.86.86.60:5060 tcp
MD 45.86.86.60:5060 tcp
MD 45.86.86.60:5060 tcp
MD 45.86.86.60:5060 tcp
MD 45.86.86.60:5060 tcp
MD 45.86.86.60:5060 tcp
MD 45.86.86.60:5060 tcp
MD 45.86.86.60:5060 tcp
MD 45.86.86.60:5060 tcp
MD 45.86.86.60:5060 tcp
MD 45.86.86.60:5060 tcp
MD 45.86.86.60:5060 tcp
MD 45.86.86.60:5060 tcp
MD 45.86.86.60:5060 tcp
MD 45.86.86.60:5060 tcp
MD 45.86.86.60:5060 tcp
MD 45.86.86.60:5060 tcp
MD 45.86.86.60:5060 tcp
MD 45.86.86.60:5060 tcp
MD 45.86.86.60:5060 tcp
MD 45.86.86.60:5060 tcp
MD 45.86.86.60:5060 tcp
MD 45.86.86.60:5060 tcp
MD 45.86.86.60:5060 tcp
MD 45.86.86.60:5060 tcp
MD 45.86.86.60:5060 tcp
MD 45.86.86.60:5060 tcp
MD 45.86.86.60:5060 tcp
MD 45.86.86.60:5060 tcp
MD 45.86.86.60:5060 tcp
MD 45.86.86.60:5060 tcp
MD 45.86.86.60:5060 tcp
MD 45.86.86.60:5060 tcp
MD 45.86.86.60:5060 tcp
MD 45.86.86.60:5060 tcp
MD 45.86.86.60:5060 tcp
MD 45.86.86.60:5060 tcp
MD 45.86.86.60:5060 tcp
MD 45.86.86.60:5060 tcp
MD 45.86.86.60:5060 tcp
MD 45.86.86.60:5060 tcp
MD 45.86.86.60:5060 tcp
MD 45.86.86.60:5060 tcp
MD 45.86.86.60:5060 tcp
MD 45.86.86.60:5060 tcp
MD 45.86.86.60:5060 tcp
MD 45.86.86.60:5060 tcp
MD 45.86.86.60:5060 tcp
MD 45.86.86.60:5060 tcp
MD 45.86.86.60:5060 tcp
MD 45.86.86.60:5060 tcp
MD 45.86.86.60:5060 tcp
MD 45.86.86.60:5060 tcp
MD 45.86.86.60:5060 tcp
MD 45.86.86.60:5060 tcp
MD 45.86.86.60:5060 tcp
MD 45.86.86.60:5060 tcp
MD 45.86.86.60:5060 tcp
MD 45.86.86.60:5060 tcp
MD 45.86.86.60:5060 tcp
MD 45.86.86.60:5060 tcp
MD 45.86.86.60:5060 tcp

Files

N/A