Malware Analysis Report

2024-12-07 13:44

Sample ID 241117-kzew6svret
Target yakuza.i686.elf
SHA256 84ec85d15e5fdee3dd8e1d77094151393d92e5435d231402a113b7dd3ab7d5b4
Tags
discovery rootkit
score
7/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
7/10

SHA256

84ec85d15e5fdee3dd8e1d77094151393d92e5435d231402a113b7dd3ab7d5b4

Threat Level: Shows suspicious behavior

The file yakuza.i686.elf was found to be: Shows suspicious behavior.

Malicious Activity Summary

discovery rootkit

Loads a kernel module

Enumerates running processes

Reads CPU attributes

Enumerates kernel/hardware configuration

Reads runtime system information

System Network Configuration Discovery

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-11-17 09:02

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-11-17 09:02

Reported

2024-11-17 09:04

Platform

ubuntu2404-amd64-20240523-en

Max time kernel

149s

Max time network

151s

Command Line

[/tmp/yakuza.i686.elf]

Signatures

Loads a kernel module

rootkit
Description Indicator Process Target
N/A N/A /tmp/yakuza.i686.elf N/A
N/A N/A /tmp/yakuza.i686.elf N/A
N/A N/A /tmp/yakuza.i686.elf N/A
N/A N/A /tmp/yakuza.i686.elf N/A
N/A N/A /tmp/yakuza.i686.elf N/A
N/A N/A /tmp/yakuza.i686.elf N/A
N/A N/A /tmp/yakuza.i686.elf N/A
N/A N/A /tmp/yakuza.i686.elf N/A
N/A N/A /tmp/yakuza.i686.elf N/A
N/A N/A /tmp/yakuza.i686.elf N/A
N/A N/A /tmp/yakuza.i686.elf N/A
N/A N/A /tmp/yakuza.i686.elf N/A
N/A N/A /tmp/yakuza.i686.elf N/A
N/A N/A /tmp/yakuza.i686.elf N/A
N/A N/A /tmp/yakuza.i686.elf N/A
N/A N/A /tmp/yakuza.i686.elf N/A
N/A N/A /tmp/yakuza.i686.elf N/A
N/A N/A /tmp/yakuza.i686.elf N/A
N/A N/A /tmp/yakuza.i686.elf N/A
N/A N/A /tmp/yakuza.i686.elf N/A
N/A N/A /tmp/yakuza.i686.elf N/A
N/A N/A /tmp/yakuza.i686.elf N/A
N/A N/A /tmp/yakuza.i686.elf N/A
N/A N/A /tmp/yakuza.i686.elf N/A
N/A N/A /tmp/yakuza.i686.elf N/A
N/A N/A /tmp/yakuza.i686.elf N/A
N/A N/A /tmp/yakuza.i686.elf N/A
N/A N/A /tmp/yakuza.i686.elf N/A
N/A N/A /tmp/yakuza.i686.elf N/A
N/A N/A /tmp/yakuza.i686.elf N/A
N/A N/A /tmp/yakuza.i686.elf N/A
N/A N/A /tmp/yakuza.i686.elf N/A
N/A N/A /tmp/yakuza.i686.elf N/A
N/A N/A /tmp/yakuza.i686.elf N/A
N/A N/A /tmp/yakuza.i686.elf N/A
N/A N/A /tmp/yakuza.i686.elf N/A
N/A N/A /tmp/yakuza.i686.elf N/A
N/A N/A /tmp/yakuza.i686.elf N/A
N/A N/A /tmp/yakuza.i686.elf N/A
N/A N/A /tmp/yakuza.i686.elf N/A
N/A N/A /tmp/yakuza.i686.elf N/A
N/A N/A /tmp/yakuza.i686.elf N/A
N/A N/A /tmp/yakuza.i686.elf N/A
N/A N/A /tmp/yakuza.i686.elf N/A
N/A N/A /tmp/yakuza.i686.elf N/A
N/A N/A /tmp/yakuza.i686.elf N/A
N/A N/A /tmp/yakuza.i686.elf N/A
N/A N/A /tmp/yakuza.i686.elf N/A
N/A N/A /tmp/yakuza.i686.elf N/A
N/A N/A /tmp/yakuza.i686.elf N/A
N/A N/A /tmp/yakuza.i686.elf N/A
N/A N/A /tmp/yakuza.i686.elf N/A
N/A N/A /tmp/yakuza.i686.elf N/A
N/A N/A /tmp/yakuza.i686.elf N/A
N/A N/A /tmp/yakuza.i686.elf N/A
N/A N/A /tmp/yakuza.i686.elf N/A
N/A N/A /tmp/yakuza.i686.elf N/A
N/A N/A /tmp/yakuza.i686.elf N/A
N/A N/A /tmp/yakuza.i686.elf N/A
N/A N/A /tmp/yakuza.i686.elf N/A
N/A N/A /tmp/yakuza.i686.elf N/A
N/A N/A /tmp/yakuza.i686.elf N/A
N/A N/A /tmp/yakuza.i686.elf N/A
N/A N/A /tmp/yakuza.i686.elf N/A

Enumerates running processes

Reads CPU attributes

discovery
Description Indicator Process Target
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A
File opened for reading /sys/devices/system/cpu/possible /usr/bin/pkill N/A

Enumerates kernel/hardware configuration

discovery
Description Indicator Process Target
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A
File opened for reading /sys/devices/system/node /usr/bin/pkill N/A

Reads runtime system information

discovery
Description Indicator Process Target
File opened for reading /proc/2581/ctty /usr/bin/pkill N/A
File opened for reading /proc/39/stat /usr/bin/pkill N/A
File opened for reading /proc/37/cmdline /usr/bin/pkill N/A
File opened for reading /proc/8/cmdline /usr/bin/pkill N/A
File opened for reading /proc/43/status /usr/bin/pkill N/A
File opened for reading /proc/25/ctty /usr/bin/pkill N/A
File opened for reading /proc/21/ctty /usr/bin/pkill N/A
File opened for reading /proc/2573/ctty /usr/bin/pkill N/A
File opened for reading /proc/2868/stat /usr/bin/pkill N/A
File opened for reading /proc/820/cmdline /usr/bin/pkill N/A
File opened for reading /proc/46/ctty /usr/bin/pkill N/A
File opened for reading /proc/2484/cmdline /usr/bin/pkill N/A
File opened for reading /proc/2602/ctty /usr/bin/pkill N/A
File opened for reading /proc/27/status /usr/bin/pkill N/A
File opened for reading /proc/2031/ctty /usr/bin/pkill N/A
File opened for reading /proc/34/status /usr/bin/pkill N/A
File opened for reading /proc/2220/cmdline /usr/bin/pkill N/A
File opened for reading /proc/52/ctty /usr/bin/pkill N/A
File opened for reading /proc/34/cmdline /usr/bin/pkill N/A
File opened for reading /proc/11/status /usr/bin/pkill N/A
File opened for reading /proc/19/stat /usr/bin/pkill N/A
File opened for reading /proc/2308/status /usr/bin/pkill N/A
File opened for reading /proc/508/ctty /usr/bin/pkill N/A
File opened for reading /proc/10/ctty /usr/bin/pkill N/A
File opened for reading /proc/35/ctty /usr/bin/pkill N/A
File opened for reading /proc/2820/ctty /usr/bin/pkill N/A
File opened for reading /proc/34/stat /usr/bin/pkill N/A
File opened for reading /proc/592/stat /usr/bin/pkill N/A
File opened for reading /proc/2141/stat /usr/bin/pkill N/A
File opened for reading /proc/2480/cmdline /usr/bin/pkill N/A
File opened for reading /proc/25/status /usr/bin/pkill N/A
File opened for reading /proc/731/status /usr/bin/pkill N/A
File opened for reading /proc/509/ctty /usr/bin/pkill N/A
File opened for reading /proc/14/status /usr/bin/pkill N/A
File opened for reading /proc/2008/stat /usr/bin/pkill N/A
File opened for reading /proc/389/stat /usr/bin/pkill N/A
File opened for reading /proc/47/ctty /usr/bin/pkill N/A
File opened for reading /proc/2477/cgroup /usr/bin/pkill N/A
File opened for reading /proc/36/cmdline /usr/bin/pkill N/A
File opened for reading /proc/886/stat /usr/bin/pkill N/A
File opened for reading /proc/2557/cgroup /usr/bin/pkill N/A
File opened for reading /proc/2324/ctty /usr/bin/pkill N/A
File opened for reading /proc/586/status /usr/bin/pkill N/A
File opened for reading /proc/1406/cmdline /usr/bin/pkill N/A
File opened for reading /proc/2816/ctty /usr/bin/pkill N/A
File opened for reading /proc/2602/stat /usr/bin/pkill N/A
File opened for reading /proc/28/cmdline /usr/bin/pkill N/A
File opened for reading /proc/2329/cgroup /usr/bin/pkill N/A
File opened for reading /proc/17/cgroup /usr/bin/pkill N/A
File opened for reading /proc/822/cmdline /usr/bin/pkill N/A
File opened for reading /proc/2202/cgroup /usr/bin/pkill N/A
File opened for reading /proc/30/cmdline /usr/bin/pkill N/A
File opened for reading /proc/1114/stat /usr/bin/pkill N/A
File opened for reading /proc/2816/cmdline /usr/bin/pkill N/A
File opened for reading /proc/48/cgroup /usr/bin/pkill N/A
File opened for reading /proc/2263/cmdline /usr/bin/pkill N/A
File opened for reading /proc/508/ctty /usr/bin/pkill N/A
File opened for reading /proc/55/stat /usr/bin/pkill N/A
File opened for reading /proc/2544/cgroup /usr/bin/pkill N/A
File opened for reading /proc/194/stat /usr/bin/pkill N/A
File opened for reading /proc/831/cmdline /usr/bin/pkill N/A
File opened for reading /proc/2581/status /usr/bin/pkill N/A
File opened for reading /proc/2106/ctty /usr/bin/pkill N/A
File opened for reading /proc/2801/ctty /usr/bin/pkill N/A

System Network Configuration Discovery

discovery
Description Indicator Process Target
N/A N/A /usr/bin/pkill N/A

Processes

/tmp/yakuza.i686.elf

[/tmp/yakuza.i686.elf]

/usr/bin/pkill

[pkill -9 902i13]

/usr/bin/pkill

[pkill -9 BzSxLxBxeY]

/usr/bin/pkill

[pkill -9 HOHO-LUGO7]

/usr/bin/pkill

[pkill -9 HOHO-U79OL]

/usr/bin/pkill

[pkill -9 JuYfouyf87]

/usr/bin/pkill

[pkill -9 NiGGeR69xd]

/usr/bin/pkill

[pkill -9 SO190Ij1X]

/usr/bin/pkill

[pkill -9 LOLKIKEEEDDE]

/usr/bin/pkill

[pkill -9 ekjheory98e]

/usr/bin/pkill

[pkill -9 scansh4]

/usr/bin/pkill

[pkill -9 MDMA]

/usr/bin/pkill

[pkill -9 fdevalvex]

/usr/bin/pkill

[pkill -9 scanspc]

/usr/bin/pkill

[pkill -9 MELTEDNINJAREALZ]

/usr/bin/pkill

[pkill -9 flexsonskids]

/usr/bin/pkill

[pkill -9 scanx86]

/usr/bin/pkill

[pkill -9 MISAKI-U79OL]

/usr/bin/pkill

[pkill -9 foAxi102kxe]

/usr/bin/pkill

[pkill -9 swodjwodjwoj]

/usr/bin/pkill

[pkill -9 MmKiy7f87l]

/usr/bin/pkill

[pkill -9 freecookiex86]

/usr/bin/pkill

[pkill -9 sysgpu]

/usr/bin/pkill

[pkill -9 NiGGeR69xd]

/usr/bin/pkill

[pkill -9 frgege]

/usr/bin/pkill

[pkill -9 sysupdater]

/usr/bin/pkill

[pkill -9 0DnAzepd]

/usr/bin/pkill

[pkill -9 NiGGeRD0nks69]

/usr/bin/pkill

[pkill -9 frgreu]

/usr/bin/pkill

[pkill -9 telnetd]

/usr/bin/pkill

[pkill -9 0x766f6964]

/usr/bin/pkill

[pkill -9 NiGGeRd0nks1337]

/usr/bin/pkill

[pkill -9 gaft]

/usr/bin/pkill

[pkill -9 urasgbsigboa]

/usr/bin/pkill

[pkill -9 120i3UI49]

/usr/bin/pkill

[pkill -9 OaF3]

/usr/bin/pkill

[pkill -9 geae]

/usr/bin/pkill

[pkill -9 vaiolmao]

/usr/bin/pkill

[pkill -9 123123a]

/usr/bin/pkill

[pkill -9 Ofurain0n4H34D]

/usr/bin/pkill

[pkill -9 ggTrex]

/usr/bin/pkill

[pkill -9 wasads]

/usr/bin/pkill

[pkill -9 1293194hjXD]

/usr/bin/pkill

[pkill -9 OthLaLosn]

/usr/bin/pkill

[pkill -9 ggt]

/usr/bin/pkill

[pkill -9 wget-log]

/usr/bin/pkill

[pkill -9 1337SoraLOADER]

/usr/bin/pkill

[pkill -9 SAIAKINA]

/usr/bin/pkill

[pkill -9 ggtq]

/usr/bin/pkill

[pkill -9 1378bfp919GRB1Q2]

/usr/bin/pkill

[pkill -9 SAIAKUSO]

/usr/bin/pkill

[pkill -9 ggtr]

/usr/bin/pkill

[pkill -9 14Fa]

/usr/bin/pkill

[pkill -9 SEXSLAVE1337]

/usr/bin/pkill

[pkill -9 ggtt]

/usr/bin/pkill

[pkill -9 1902a3u912u3u4]

/usr/bin/pkill

[pkill -9 SO190Ij1X]

/usr/bin/pkill

[pkill -9 haetrghbr]

/usr/bin/pkill

[pkill -9 19ju3d]

/usr/bin/pkill

[pkill -9 SORAojkf120]

/usr/bin/pkill

[pkill -9 hehahejeje92]

/usr/bin/pkill

[pkill -9 2U2JDJA901F91]

/usr/bin/pkill

[pkill -9 SlaVLav12]

/usr/bin/pkill

[pkill -9 helpmedaddthhhhh]

/usr/bin/pkill

[pkill -9 2wgg9qphbq]

/usr/bin/pkill

[pkill -9 Slav3Th3seD3vices]

/usr/bin/pkill

[pkill -9 hzSmYZjYMQ]

/usr/bin/pkill

[pkill -9 5Gbf]

/usr/bin/pkill

[pkill -9 SoRAxD123LOL]

/usr/bin/pkill

[pkill -9 iaGv]

/usr/bin/pkill

[pkill -9 5aA3]

/usr/bin/pkill

[pkill -9 SoRAxD420LOL]

/usr/bin/pkill

[pkill -9 insomni]

/usr/bin/pkill

[pkill -9 640277]

/usr/bin/pkill

[pkill -9 SoraBeReppin1337]

/usr/bin/pkill

[pkill -9 ipcamCache]

/usr/bin/pkill

[pkill -9 66tlGg9Q]

/usr/bin/pkill

[pkill -9 T]

/usr/bin/pkill

[pkill -9 jUYfouyf87]

/usr/bin/pkill

[pkill -9 6ke3]

/usr/bin/pkill

[pkill -9 TOKYO3]

/usr/bin/pkill

[pkill -9 lyEeaXul2dULCVxh]

/usr/bin/pkill

[pkill -9 93OfjHZ2z]

/usr/bin/pkill

[pkill -9 TY2gD6MZvKc7KU6r]

/usr/bin/pkill

[pkill -9 mMkiy6f87l]

/usr/bin/pkill

[pkill -9 A023UU4U24UIU]

/usr/bin/pkill

[pkill -9 TheWeeknd]

/usr/bin/pkill

[pkill -9 mioribitches]

/usr/bin/pkill

[pkill -9 A5p9]

/usr/bin/pkill

[pkill -9 TheWeeknds]

/usr/bin/pkill

[pkill -9 mnblkjpoi]

/usr/bin/pkill

[pkill -9 AbAd]

/usr/bin/pkill

[pkill -9 Tokyos]

/usr/bin/pkill

[pkill -9 neb]

/usr/bin/pkill

[pkill -9 Akiru]

/usr/bin/pkill

[pkill -9 U8inTz]

/usr/bin/pkill

[pkill -9 netstats]

/usr/bin/pkill

[pkill -9 Alex]

/usr/bin/pkill

[pkill -9 W9RCAKM20T]

/usr/bin/pkill

[pkill -9 newnetword]

/usr/bin/pkill

[pkill -9 Ayo215]

/usr/bin/pkill

[pkill -9 Word]

/usr/bin/pkill

[pkill -9 nloads]

/usr/bin/pkill

[pkill -9 BAdAsV]

/usr/bin/pkill

[pkill -9 Wordmane]

/usr/bin/pkill

[pkill -9 notyakuzaa]

/usr/bin/pkill

[pkill -9 Belch]

/usr/bin/pkill

[pkill -9 Wordnets]

/usr/bin/pkill

[pkill -9 obp]

/usr/bin/pkill

[pkill -9 BigN0gg0r420]

/usr/bin/pkill

[pkill -9 X0102I34f]

/usr/bin/pkill

[pkill -9 ofhasfhiafhoi]

/usr/bin/pkill

[pkill -9 BzSxLxBxeY]

/usr/bin/pkill

[pkill -9 X19I239124UIU]

/usr/bin/pkill

[pkill -9 oism]

/usr/bin/pkill

[pkill -9 Deported]

/usr/bin/pkill

[pkill -9 XSHJEHHEIIHWO]

/usr/bin/pkill

[pkill -9 olsVNwo12]

/usr/bin/pkill

[pkill -9 DeportedDeported]

/usr/bin/pkill

[pkill -9 XkTer0GbA1]

/usr/bin/pkill

[pkill -9 onry0v03]

/usr/bin/pkill

[pkill -9 FortniteDownLOLZ]

/usr/bin/pkill

[pkill -9 Y0urM0mGay]

/usr/bin/pkill

[pkill -9 pussyfartlmaojk]

/usr/bin/pkill

[pkill -9 GrAcEnIgGeRaNn]

/usr/bin/pkill

[pkill -9 YvdGkqndCO]

/usr/bin/pkill

[pkill -9 qGeoRBe6BE]

/usr/bin/pkill

[pkill -9 GuiltyCrown]

/usr/bin/pkill

[pkill -9 ZEuS69]

/usr/bin/pkill

[pkill -9 s4beBsEQhd]

/usr/bin/pkill

[pkill -9 HOHO-KSNDO]

/usr/bin/pkill

[pkill -9 ZEuz69]

/usr/bin/pkill

[pkill -9 sat1234]

/usr/bin/pkill

[pkill -9 HOHO-LUGO7]

/usr/bin/pkill

[pkill -9 aj93hJ23]

/usr/bin/pkill

[pkill -9 scanHA]

/usr/bin/pkill

[pkill -9 HOHO-U79OL]

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
MD 194.110.247.46:5060 tcp
MD 194.110.247.46:5060 tcp
MD 194.110.247.46:5060 tcp
MD 194.110.247.46:5060 tcp
MD 194.110.247.46:5060 tcp
MD 194.110.247.46:5060 tcp
MD 194.110.247.46:5060 tcp
MD 194.110.247.46:5060 tcp
MD 194.110.247.46:5060 tcp
MD 194.110.247.46:5060 tcp
MD 194.110.247.46:5060 tcp
MD 194.110.247.46:5060 tcp
MD 194.110.247.46:5060 tcp
MD 194.110.247.46:5060 tcp
MD 194.110.247.46:5060 tcp

Files

N/A