Malware Analysis Report

2024-12-07 14:03

Sample ID 241117-k3bc6a1jfk
Target yakuza.i586.elf
SHA256 9a8f6d1fe9d4071bb4716d7f73eace28d30e9846354a8eaf6a9fadc29ec3e970
Tags
discovery rootkit
score
7/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
7/10

SHA256

9a8f6d1fe9d4071bb4716d7f73eace28d30e9846354a8eaf6a9fadc29ec3e970

Threat Level: Shows suspicious behavior

The file yakuza.i586.elf was found to be: Shows suspicious behavior.

Malicious Activity Summary

discovery rootkit

Loads a kernel module

Enumerates running processes

Reads CPU attributes

Enumerates kernel/hardware configuration

Reads runtime system information

System Network Configuration Discovery

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-11-17 09:07

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-11-17 09:07

Reported

2024-11-17 09:09

Platform

ubuntu2404-amd64-20240523-en

Max time kernel

149s

Max time network

149s

Command Line

[/tmp/yakuza.i586.elf]

Signatures

Loads a kernel module

rootkit
Description Indicator Process Target
N/A N/A /tmp/yakuza.i586.elf N/A
N/A N/A /tmp/yakuza.i586.elf N/A
N/A N/A /tmp/yakuza.i586.elf N/A
N/A N/A /tmp/yakuza.i586.elf N/A
N/A N/A /tmp/yakuza.i586.elf N/A
N/A N/A /tmp/yakuza.i586.elf N/A
N/A N/A /tmp/yakuza.i586.elf N/A
N/A N/A /tmp/yakuza.i586.elf N/A
N/A N/A /tmp/yakuza.i586.elf N/A
N/A N/A /tmp/yakuza.i586.elf N/A
N/A N/A /tmp/yakuza.i586.elf N/A
N/A N/A /tmp/yakuza.i586.elf N/A
N/A N/A /tmp/yakuza.i586.elf N/A
N/A N/A /tmp/yakuza.i586.elf N/A
N/A N/A /tmp/yakuza.i586.elf N/A
N/A N/A /tmp/yakuza.i586.elf N/A
N/A N/A /tmp/yakuza.i586.elf N/A
N/A N/A /tmp/yakuza.i586.elf N/A
N/A N/A /tmp/yakuza.i586.elf N/A
N/A N/A /tmp/yakuza.i586.elf N/A
N/A N/A /tmp/yakuza.i586.elf N/A
N/A N/A /tmp/yakuza.i586.elf N/A
N/A N/A /tmp/yakuza.i586.elf N/A
N/A N/A /tmp/yakuza.i586.elf N/A
N/A N/A /tmp/yakuza.i586.elf N/A
N/A N/A /tmp/yakuza.i586.elf N/A
N/A N/A /tmp/yakuza.i586.elf N/A
N/A N/A /tmp/yakuza.i586.elf N/A
N/A N/A /tmp/yakuza.i586.elf N/A
N/A N/A /tmp/yakuza.i586.elf N/A
N/A N/A /tmp/yakuza.i586.elf N/A
N/A N/A /tmp/yakuza.i586.elf N/A
N/A N/A /tmp/yakuza.i586.elf N/A
N/A N/A /tmp/yakuza.i586.elf N/A
N/A N/A /tmp/yakuza.i586.elf N/A
N/A N/A /tmp/yakuza.i586.elf N/A
N/A N/A /tmp/yakuza.i586.elf N/A
N/A N/A /tmp/yakuza.i586.elf N/A
N/A N/A /tmp/yakuza.i586.elf N/A
N/A N/A /tmp/yakuza.i586.elf N/A
N/A N/A /tmp/yakuza.i586.elf N/A
N/A N/A /tmp/yakuza.i586.elf N/A
N/A N/A /tmp/yakuza.i586.elf N/A
N/A N/A /tmp/yakuza.i586.elf N/A
N/A N/A /tmp/yakuza.i586.elf N/A
N/A N/A /tmp/yakuza.i586.elf N/A
N/A N/A /tmp/yakuza.i586.elf N/A
N/A N/A /tmp/yakuza.i586.elf N/A
N/A N/A /tmp/yakuza.i586.elf N/A
N/A N/A /tmp/yakuza.i586.elf N/A
N/A N/A /tmp/yakuza.i586.elf N/A
N/A N/A /tmp/yakuza.i586.elf N/A
N/A N/A /tmp/yakuza.i586.elf N/A
N/A N/A /tmp/yakuza.i586.elf N/A
N/A N/A /tmp/yakuza.i586.elf N/A
N/A N/A /tmp/yakuza.i586.elf N/A
N/A N/A /tmp/yakuza.i586.elf N/A
N/A N/A /tmp/yakuza.i586.elf N/A
N/A N/A /tmp/yakuza.i586.elf N/A
N/A N/A /tmp/yakuza.i586.elf N/A
N/A N/A /tmp/yakuza.i586.elf N/A
N/A N/A /tmp/yakuza.i586.elf N/A
N/A N/A /tmp/yakuza.i586.elf N/A
N/A N/A /tmp/yakuza.i586.elf N/A

Enumerates running processes

Reads CPU attributes

discovery
Description Indicator Process Target
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A

Enumerates kernel/hardware configuration

discovery
Description Indicator Process Target
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A

Reads runtime system information

discovery
Description Indicator Process Target
File opened for reading /proc/2706/stat /usr/bin/pkill N/A
File opened for reading /proc/2317/stat /usr/bin/pkill N/A
File opened for reading /proc/43/cmdline /usr/bin/pkill N/A
File opened for reading /proc/1695/ctty /usr/bin/pkill N/A
File opened for reading /proc/441/cmdline /usr/bin/pkill N/A
File opened for reading /proc/79/ctty /usr/bin/pkill N/A
File opened for reading /proc/1921/stat /usr/bin/pkill N/A
File opened for reading /proc/2143/status /usr/bin/pkill N/A
File opened for reading /proc/6/status /usr/bin/pkill N/A
File opened for reading /proc/1921/stat /usr/bin/pkill N/A
File opened for reading /proc/274/ctty /usr/bin/pkill N/A
File opened for reading /proc/1954/cmdline /usr/bin/pkill N/A
File opened for reading /proc/1117/cmdline /usr/bin/pkill N/A
File opened for reading /proc/54/cmdline /usr/bin/pkill N/A
File opened for reading /proc/2218/ctty /usr/bin/pkill N/A
File opened for reading /proc/22/stat /usr/bin/pkill N/A
File opened for reading /proc/788/stat /usr/bin/pkill N/A
File opened for reading /proc/2002/stat /usr/bin/pkill N/A
File opened for reading /proc/1053/ctty /usr/bin/pkill N/A
File opened for reading /proc/199/stat /usr/bin/pkill N/A
File opened for reading /proc/1/cgroup /usr/bin/pkill N/A
File opened for reading /proc/432/status /usr/bin/pkill N/A
File opened for reading /proc/194/cgroup /usr/bin/pkill N/A
File opened for reading /proc/2489/cmdline /usr/bin/pkill N/A
File opened for reading /proc/194/cmdline /usr/bin/pkill N/A
File opened for reading /proc/1705/cgroup /usr/bin/pkill N/A
File opened for reading /proc/1118/cgroup /usr/bin/pkill N/A
File opened for reading /proc/6/ctty /usr/bin/pkill N/A
File opened for reading /proc/56/ctty /usr/bin/pkill N/A
File opened for reading /proc/2507/stat /usr/bin/pkill N/A
File opened for reading /proc/46/status /usr/bin/pkill N/A
File opened for reading /proc/self/status /usr/bin/pkill N/A
File opened for reading /proc/2494/cgroup /usr/bin/pkill N/A
File opened for reading /proc/1921/stat /usr/bin/pkill N/A
File opened for reading /proc/2494/cgroup /usr/bin/pkill N/A
File opened for reading /proc/780/ctty /usr/bin/pkill N/A
File opened for reading /proc/1874/stat /usr/bin/pkill N/A
File opened for reading /proc/2111/stat /usr/bin/pkill N/A
File opened for reading /proc/1921/cmdline /usr/bin/pkill N/A
File opened for reading /proc/63/ctty /usr/bin/pkill N/A
File opened for reading /proc/198/stat /usr/bin/pkill N/A
File opened for reading /proc/1040/stat /usr/bin/pkill N/A
File opened for reading /proc/1984/cmdline /usr/bin/pkill N/A
File opened for reading /proc/2199/cmdline /usr/bin/pkill N/A
File opened for reading /proc/1970/cgroup /usr/bin/pkill N/A
File opened for reading /proc/194/stat /usr/bin/pkill N/A
File opened for reading /proc/1984/cgroup /usr/bin/pkill N/A
File opened for reading /proc/21/stat /usr/bin/pkill N/A
File opened for reading /proc/1989/stat /usr/bin/pkill N/A
File opened for reading /proc/2491/ctty /usr/bin/pkill N/A
File opened for reading /proc/190/cmdline /usr/bin/pkill N/A
File opened for reading /proc/33/stat /usr/bin/pkill N/A
File opened for reading /proc/3/stat /usr/bin/pkill N/A
File opened for reading /proc/46/ctty /usr/bin/pkill N/A
File opened for reading /proc/2490/ctty /usr/bin/pkill N/A
File opened for reading /proc/577/ctty /usr/bin/pkill N/A
File opened for reading /proc/41/ctty /usr/bin/pkill N/A
File opened for reading /proc/1787/ctty /usr/bin/pkill N/A
File opened for reading /proc/190/stat /usr/bin/pkill N/A
File opened for reading /proc/1078/ctty /usr/bin/pkill N/A
File opened for reading /proc/200/status /usr/bin/pkill N/A
File opened for reading /proc/53/status /usr/bin/pkill N/A
File opened for reading /proc/384/ctty /usr/bin/pkill N/A
File opened for reading /proc/2223/cgroup /usr/bin/pkill N/A

System Network Configuration Discovery

discovery
Description Indicator Process Target
N/A N/A /usr/bin/pkill N/A

Processes

/tmp/yakuza.i586.elf

[/tmp/yakuza.i586.elf]

/usr/bin/pkill

[pkill -9 902i13]

/usr/bin/pkill

[pkill -9 BzSxLxBxeY]

/usr/bin/pkill

[pkill -9 HOHO-LUGO7]

/usr/bin/pkill

[pkill -9 HOHO-U79OL]

/usr/bin/pkill

[pkill -9 JuYfouyf87]

/usr/bin/pkill

[pkill -9 NiGGeR69xd]

/usr/bin/pkill

[pkill -9 SO190Ij1X]

/usr/bin/pkill

[pkill -9 LOLKIKEEEDDE]

/usr/bin/pkill

[pkill -9 ekjheory98e]

/usr/bin/pkill

[pkill -9 scansh4]

/usr/bin/pkill

[pkill -9 MDMA]

/usr/bin/pkill

[pkill -9 fdevalvex]

/usr/bin/pkill

[pkill -9 scanspc]

/usr/bin/pkill

[pkill -9 MELTEDNINJAREALZ]

/usr/bin/pkill

[pkill -9 flexsonskids]

/usr/bin/pkill

[pkill -9 scanx86]

/usr/bin/pkill

[pkill -9 MISAKI-U79OL]

/usr/bin/pkill

[pkill -9 foAxi102kxe]

/usr/bin/pkill

[pkill -9 swodjwodjwoj]

/usr/bin/pkill

[pkill -9 MmKiy7f87l]

/usr/bin/pkill

[pkill -9 freecookiex86]

/usr/bin/pkill

[pkill -9 sysgpu]

/usr/bin/pkill

[pkill -9 NiGGeR69xd]

/usr/bin/pkill

[pkill -9 frgege]

/usr/bin/pkill

[pkill -9 sysupdater]

/usr/bin/pkill

[pkill -9 0DnAzepd]

/usr/bin/pkill

[pkill -9 NiGGeRD0nks69]

/usr/bin/pkill

[pkill -9 frgreu]

/usr/bin/pkill

[pkill -9 telnetd]

/usr/bin/pkill

[pkill -9 0x766f6964]

/usr/bin/pkill

[pkill -9 NiGGeRd0nks1337]

/usr/bin/pkill

[pkill -9 gaft]

/usr/bin/pkill

[pkill -9 urasgbsigboa]

/usr/bin/pkill

[pkill -9 120i3UI49]

/usr/bin/pkill

[pkill -9 OaF3]

/usr/bin/pkill

[pkill -9 geae]

/usr/bin/pkill

[pkill -9 vaiolmao]

/usr/bin/pkill

[pkill -9 123123a]

/usr/bin/pkill

[pkill -9 Ofurain0n4H34D]

/usr/bin/pkill

[pkill -9 ggTrex]

/usr/bin/pkill

[pkill -9 wasads]

/usr/bin/pkill

[pkill -9 1293194hjXD]

/usr/bin/pkill

[pkill -9 OthLaLosn]

/usr/bin/pkill

[pkill -9 ggt]

/usr/bin/pkill

[pkill -9 wget-log]

/usr/bin/pkill

[pkill -9 1337SoraLOADER]

/usr/bin/pkill

[pkill -9 SAIAKINA]

/usr/bin/pkill

[pkill -9 ggtq]

/usr/bin/pkill

[pkill -9 1378bfp919GRB1Q2]

/usr/bin/pkill

[pkill -9 SAIAKUSO]

/usr/bin/pkill

[pkill -9 ggtr]

/usr/bin/pkill

[pkill -9 14Fa]

/usr/bin/pkill

[pkill -9 SEXSLAVE1337]

/usr/bin/pkill

[pkill -9 ggtt]

/usr/bin/pkill

[pkill -9 1902a3u912u3u4]

/usr/bin/pkill

[pkill -9 SO190Ij1X]

/usr/bin/pkill

[pkill -9 haetrghbr]

/usr/bin/pkill

[pkill -9 19ju3d]

/usr/bin/pkill

[pkill -9 SORAojkf120]

/usr/bin/pkill

[pkill -9 hehahejeje92]

/usr/bin/pkill

[pkill -9 2U2JDJA901F91]

/usr/bin/pkill

[pkill -9 SlaVLav12]

/usr/bin/pkill

[pkill -9 helpmedaddthhhhh]

/usr/bin/pkill

[pkill -9 2wgg9qphbq]

/usr/bin/pkill

[pkill -9 Slav3Th3seD3vices]

/usr/bin/pkill

[pkill -9 hzSmYZjYMQ]

/usr/bin/pkill

[pkill -9 5Gbf]

/usr/bin/pkill

[pkill -9 SoRAxD123LOL]

/usr/bin/pkill

[pkill -9 iaGv]

/usr/bin/pkill

[pkill -9 5aA3]

/usr/bin/pkill

[pkill -9 SoRAxD420LOL]

/usr/bin/pkill

[pkill -9 insomni]

/usr/bin/pkill

[pkill -9 640277]

/usr/bin/pkill

[pkill -9 SoraBeReppin1337]

/usr/bin/pkill

[pkill -9 ipcamCache]

/usr/bin/pkill

[pkill -9 66tlGg9Q]

/usr/bin/pkill

[pkill -9 T]

/usr/bin/pkill

[pkill -9 jUYfouyf87]

/usr/bin/pkill

[pkill -9 6ke3]

/usr/bin/pkill

[pkill -9 TOKYO3]

/usr/bin/pkill

[pkill -9 lyEeaXul2dULCVxh]

/usr/bin/pkill

[pkill -9 93OfjHZ2z]

/usr/bin/pkill

[pkill -9 TY2gD6MZvKc7KU6r]

/usr/bin/pkill

[pkill -9 mMkiy6f87l]

/usr/bin/pkill

[pkill -9 A023UU4U24UIU]

/usr/bin/pkill

[pkill -9 TheWeeknd]

/usr/bin/pkill

[pkill -9 mioribitches]

/usr/bin/pkill

[pkill -9 A5p9]

/usr/bin/pkill

[pkill -9 TheWeeknds]

/usr/bin/pkill

[pkill -9 mnblkjpoi]

/usr/bin/pkill

[pkill -9 AbAd]

/usr/bin/pkill

[pkill -9 Tokyos]

/usr/bin/pkill

[pkill -9 neb]

/usr/bin/pkill

[pkill -9 Akiru]

/usr/bin/pkill

[pkill -9 U8inTz]

/usr/bin/pkill

[pkill -9 netstats]

/usr/bin/pkill

[pkill -9 Alex]

/usr/bin/pkill

[pkill -9 W9RCAKM20T]

/usr/bin/pkill

[pkill -9 newnetword]

/usr/bin/pkill

[pkill -9 Ayo215]

/usr/bin/pkill

[pkill -9 Word]

/usr/bin/pkill

[pkill -9 nloads]

/usr/bin/pkill

[pkill -9 BAdAsV]

/usr/bin/pkill

[pkill -9 Wordmane]

/usr/bin/pkill

[pkill -9 notyakuzaa]

/usr/bin/pkill

[pkill -9 Belch]

/usr/bin/pkill

[pkill -9 Wordnets]

/usr/bin/pkill

[pkill -9 obp]

/usr/bin/pkill

[pkill -9 BigN0gg0r420]

/usr/bin/pkill

[pkill -9 X0102I34f]

/usr/bin/pkill

[pkill -9 ofhasfhiafhoi]

/usr/bin/pkill

[pkill -9 BzSxLxBxeY]

/usr/bin/pkill

[pkill -9 X19I239124UIU]

/usr/bin/pkill

[pkill -9 oism]

/usr/bin/pkill

[pkill -9 Deported]

/usr/bin/pkill

[pkill -9 XSHJEHHEIIHWO]

/usr/bin/pkill

[pkill -9 olsVNwo12]

/usr/bin/pkill

[pkill -9 DeportedDeported]

/usr/bin/pkill

[pkill -9 XkTer0GbA1]

/usr/bin/pkill

[pkill -9 onry0v03]

/usr/bin/pkill

[pkill -9 FortniteDownLOLZ]

/usr/bin/pkill

[pkill -9 Y0urM0mGay]

/usr/bin/pkill

[pkill -9 pussyfartlmaojk]

/usr/bin/pkill

[pkill -9 GrAcEnIgGeRaNn]

/usr/bin/pkill

[pkill -9 YvdGkqndCO]

/usr/bin/pkill

[pkill -9 qGeoRBe6BE]

/usr/bin/pkill

[pkill -9 GuiltyCrown]

/usr/bin/pkill

[pkill -9 ZEuS69]

/usr/bin/pkill

[pkill -9 s4beBsEQhd]

/usr/bin/pkill

[pkill -9 HOHO-KSNDO]

/usr/bin/pkill

[pkill -9 ZEuz69]

/usr/bin/pkill

[pkill -9 sat1234]

/usr/bin/pkill

[pkill -9 HOHO-LUGO7]

/usr/bin/pkill

[pkill -9 aj93hJ23]

/usr/bin/pkill

[pkill -9 scanHA]

/usr/bin/pkill

[pkill -9 HOHO-U79OL]

/usr/bin/pkill

[pkill -9 alie293z0k2L]

/usr/bin/pkill

[pkill -9 scanJoshoARM]

/usr/bin/pkill

[pkill -9 HellInSide]

/usr/bin/pkill

[pkill -9 ayyyGangShit]

/usr/bin/pkill

[pkill -9 scanJoshoARM5]

/usr/bin/pkill

[pkill -9 HighFry]

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
MD 194.110.247.46:5060 tcp
MD 194.110.247.46:5060 tcp
MD 194.110.247.46:5060 tcp
MD 194.110.247.46:5060 tcp
MD 194.110.247.46:5060 tcp
MD 194.110.247.46:5060 tcp
MD 194.110.247.46:5060 tcp
MD 194.110.247.46:5060 tcp
MD 194.110.247.46:5060 tcp
MD 194.110.247.46:5060 tcp
MD 194.110.247.46:5060 tcp
MD 194.110.247.46:5060 tcp
MD 194.110.247.46:5060 tcp
MD 194.110.247.46:5060 tcp
MD 194.110.247.46:5060 tcp

Files

N/A